;;; tls.el --- TLS/SSL support via wrapper around GnuTLS
-;; Copyright (C) 1996, 1997, 1998, 1999, 2002, 2003, 2004,
-;; 2005, 2006, 2007, 2008 Free Software Foundation, Inc.
+;; Copyright (C) 1996, 1997, 1998, 1999, 2002, 2003, 2004, 2005, 2006,
+;; 2007, 2008, 2009, 2010 Free Software Foundation, Inc.
;; Author: Simon Josefsson <simon@josefsson.org>
;; Keywords: comm, tls, gnutls, ssl
;; This file is part of GNU Emacs.
-;; GNU Emacs is free software; you can redistribute it and/or modify
+;; GNU Emacs is free software: you can redistribute it and/or modify
;; it under the terms of the GNU General Public License as published by
-;; the Free Software Foundation; either version 3, or (at your option)
-;; any later version.
+;; the Free Software Foundation, either version 3 of the License, or
+;; (at your option) any later version.
;; GNU Emacs is distributed in the hope that it will be useful,
;; but WITHOUT ANY WARRANTY; without even the implied warranty of
-;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
;; GNU General Public License for more details.
;; You should have received a copy of the GNU General Public License
-;; along with GNU Emacs; see the file COPYING. If not, write to the
-;; Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
-;; Boston, MA 02110-1301, USA.
+;; along with GNU Emacs. If not, see <http://www.gnu.org/licenses/>.
;;; Commentary:
;;; Code:
-(eval-and-compile
- (autoload 'format-spec "format-spec")
- (autoload 'format-spec-make "format-spec"))
+(autoload 'format-spec "format-spec")
+(autoload 'format-spec-make "format-spec")
(defgroup tls nil
"Transport Layer Security (TLS) parameters."
:type 'regexp
:group 'tls)
-(defcustom tls-program '("gnutls-cli -p %p %h"
- "gnutls-cli -p %p %h --protocols ssl3"
- "openssl s_client -connect %h:%p -no_ssl2 -ign_eof")
+(defvar tls-starttls-switches
+ '(("openssl" "-starttls imap"))
+ "Alist of programs and the switches necessary to get starttls behaviour.")
+
+(defcustom tls-program '("gnutls-cli --insecure -p %p %h"
+ "gnutls-cli --insecure -p %p %h --protocols ssl3"
+ "openssl s_client %s -connect %h:%p -no_ssl2 -ign_eof")
"List of strings containing commands to start TLS stream to a host.
Each entry in the list is tried until a connection is successful.
%h is replaced with server hostname, %p with port to connect to.
(push (cons (match-string 1) (match-string 2)) vals))
(nreverse vals))))))
-(defun open-tls-stream (name buffer host port)
+(defun open-tls-stream (name buffer host port &optional starttlsp)
"Open a TLS connection for a port to a host.
Returns a subprocess-object to represent the connection.
Input and output work as for subprocesses; `delete-process' closes it.
(use-temp-buffer (null buffer))
process cmd done)
(if use-temp-buffer
- (setq buffer (generate-new-buffer " TLS")))
+ (setq buffer (generate-new-buffer " TLS"))
+ ;; BUFFER is a string but does not exist as a buffer object.
+ (unless (and (get-buffer buffer)
+ (buffer-name (get-buffer buffer)))
+ (generate-new-buffer buffer)))
(with-current-buffer buffer
(message "Opening TLS connection to `%s'..." host)
(while (and (not done) (setq cmd (pop cmds)))
- (message "Opening TLS connection with `%s'..." cmd)
(let ((process-connection-type tls-process-connection-type)
+ (formatted-cmd
+ (format-spec
+ cmd
+ (format-spec-make
+ ?s (if starttlsp
+ (tls-find-starttls-argument cmd)
+ "")
+ ?h host
+ ?p (if (integerp port)
+ (int-to-string port)
+ port))))
response)
+ (message "Opening TLS connection with `%s'..." formatted-cmd)
(setq process (start-process
name buffer shell-file-name shell-command-switch
- (format-spec
- cmd
- (format-spec-make
- ?h host
- ?p (if (integerp port)
- (int-to-string port)
- port)))))
+ formatted-cmd))
+ (funcall (if (fboundp 'set-process-query-on-exit-flag)
+ 'set-process-query-on-exit-flag
+ 'process-kill-without-query)
+ process nil)
(while (and process
(memq (process-status process) '(open run))
(progn
tls-success nil t)))))
(unless (accept-process-output process 1)
(sit-for 1)))
- (message "Opening TLS connection with `%s'...%s" cmd
+ (message "Opening TLS connection with `%s'...%s" formatted-cmd
(if done "done" "failed"))
(if (not done)
(delete-process process)
(kill-buffer buffer))
done))
+(defun tls-find-starttls-argument (command)
+ (let ((command (car (split-string command))))
+ (or (cadr (assoc command tls-starttls-switches))
+ "")))
+
(provide 'tls)
-;; arch-tag: 5596d1c4-facc-4bc4-94a9-9863b928d7ac
;;; tls.el ends here
projects / gnus / blobdiff