+2010-10-01 Lars Magne Ingebrigtsen <larsi@gnus.org>
+
+ * nnimap.el (nnimap-extend-tls-programs): Only extend those programs
+ for starttls that tls.el implements; i.e. openssl.
+
+ * tls.el (tls-starttls-switches): Give up on using starttls with
+ gnutls-cli.
+ (tls-program): Add --insecure to be consistent with the defaults from
+ openssl s_client. Now all three commands are insecure.
+
+ 2010-10-01 Katsumi Yamaoka <yamaoka@jpl.org>
+
+ * lpath.el: Fbing iswitchb-read-buffer for Emacs 22 and XEmacs; bind
+ completion-styles-alist and fbind ido-completing-read for XEmacs.
+
+ * gnus-util.el (gnus-completing-read-function): Exclude
+ gnus-icompleting-read and gnus-ido-completing-read from candidates for
+ XEmacs since iswitchb.el is very old and ido.el is unavailable in
+ XEmacs.
+ (iswitchb-mode, iswitchb-temp-buflist, iswitchb-read-buffer): Silence
+ the byte compiler.
+
+ * gravatar.el: Don't load image.el that XEmacs doesn't provide.
+ (gravatar-create-image): New function that's an alias to
+ gnus-xmas-create-image, gnus-create-image, or create-image.
+
2010-10-01 Katsumi Yamaoka <yamaoka@jpl.org>
* gravatar.el: Don't load image.el that XEmacs doesn't provide.
(unless (consp programs)
(setq programs (list programs)))
(dolist (program programs)
- (push (concat program " " "%s") result))
+ (when (assoc (car (split-string program)) tls-starttls-switches)
+ (push (if (not (string-match "%s" program))
+ (concat program " " "%s")
+ program)
+ result)))
(nreverse result)))
(defun nnimap-find-parameter (parameter elems)
:group 'tls)
(defvar tls-starttls-switches
- '(("gnutls-cli" "-s")
- ("openssl" "-starttls imap"))
+ '(("openssl" "-starttls imap"))
"Alist of programs and the switches necessary to get starttls behaviour.")
-(defcustom tls-program '("gnutls-cli %s -p %p %h"
- "gnutls-cli %s -p %p %h --protocols ssl3"
+(defcustom tls-program '("gnutls-cli --insecure -p %p %h"
+ "gnutls-cli --insecure -p %p %h --protocols ssl3"
"openssl s_client %s -connect %h:%p -no_ssl2 -ign_eof")
"List of strings containing commands to start TLS stream to a host.
Each entry in the list is tried until a connection is successful.