;;; tls.el --- TLS/SSL support via wrapper around GnuTLS
-;; Copyright (C) 1996, 1997, 1998, 1999, 2002, 2003, 2004, 2005, 2006,
-;; 2007, 2008, 2009, 2010 Free Software Foundation, Inc.
+;; Copyright (C) 1996-1999, 2002-2012 Free Software Foundation, Inc.
;; Author: Simon Josefsson <simon@josefsson.org>
;; Keywords: comm, tls, gnutls, ssl
:type 'regexp
:group 'tls)
-(defvar tls-starttls-switches
- '(("gnutls-cli" "-s")
- ("openssl" "-starttls imap"))
- "Alist of programs and the switches necessary to get starttls behaviour.")
-
-(defcustom tls-program '("gnutls-cli %s -p %p %h"
- "gnutls-cli %s -p %p %h --protocols ssl3"
- "openssl s_client %s -connect %h:%p -no_ssl2 -ign_eof")
+(defcustom tls-program '("gnutls-cli --insecure -p %p %h"
+ "gnutls-cli --insecure -p %p %h --protocols ssl3"
+ "openssl s_client -connect %h:%p -no_ssl2 -ign_eof")
"List of strings containing commands to start TLS stream to a host.
Each entry in the list is tried until a connection is successful.
%h is replaced with server hostname, %p with port to connect to.
(defcustom tls-success "- Handshake was completed\\|SSL handshake has read "
"Regular expression indicating completed TLS handshakes.
-The default is what GNUTLS's \"gnutls-cli\" or OpenSSL's
+The default is what GnuTLS's \"gnutls-cli\" or OpenSSL's
\"openssl s_client\" outputs."
:version "22.1"
:type 'regexp
(defcustom tls-untrusted
"- Peer's certificate is NOT trusted\\|Verify return code: \\([^0] \\|.[^ ]\\)"
"Regular expression indicating failure of TLS certificate verification.
-The default is what GNUTLS's \"gnutls-cli\" or OpenSSL's
+The default is what GnuTLS's \"gnutls-cli\" or OpenSSL's
\"openssl s_client\" return in the event of unsuccessful
verification."
:type 'regexp
(push (cons (match-string 1) (match-string 2)) vals))
(nreverse vals))))))
-(defun open-tls-stream (name buffer host port &optional starttlsp)
+(defun open-tls-stream (name buffer host port)
"Open a TLS connection for a port to a host.
Returns a subprocess-object to represent the connection.
Input and output work as for subprocesses; `delete-process' closes it.
(format-spec
cmd
(format-spec-make
- ?s (if starttlsp
- (tls-find-starttls-argument cmd)
- "")
?h host
?p (if (integerp port)
(int-to-string port)
(setq process (start-process
name buffer shell-file-name shell-command-switch
formatted-cmd))
- (funcall (if (fboundp 'set-process-query-on-exit-flag)
- 'set-process-query-on-exit-flag
- 'process-kill-without-query)
- process nil)
(while (and process
(memq (process-status process) '(open run))
(progn
(kill-buffer buffer))
done))
-(defun tls-find-starttls-argument (command)
- (let ((command (car (split-string command))))
- (or (cadr (assoc command tls-starttls-switches))
- "")))
-
(provide 'tls)
;;; tls.el ends here