Commit aecb42aa authored by Lars Magne Ingebrigtsen's avatar Lars Magne Ingebrigtsen Committed by Katsumi Yamaoka

Give up on using gnutls-cli for starttls.

parent 088dcc3e
2010-10-01 Lars Magne Ingebrigtsen <larsi@gnus.org>
* net/tls.el (tls-starttls-switches): Give up on using starttls with
gnutls-cli.
(tls-program): Add --insecure to be consistent with the defaults from
openssl s_client. Now all three commands are insecure.
2010-10-01 Eli Zaretskii <eliz@gnu.org> 2010-10-01 Eli Zaretskii <eliz@gnu.org>
* makefile.w32-in (DEST, TAGS, TAGS-LISP, TAGS-nmake) * makefile.w32-in (DEST, TAGS, TAGS-LISP, TAGS-nmake)
......
2010-10-01 Lars Magne Ingebrigtsen <larsi@gnus.org>
* nnimap.el (nnimap-extend-tls-programs): Only extend those programs
for starttls that tls.el implements; i.e. openssl.
2010-10-01 Katsumi Yamaoka <yamaoka@jpl.org> 2010-10-01 Katsumi Yamaoka <yamaoka@jpl.org>
* gravatar.el: Don't load image.el that XEmacs doesn't provide. * gravatar.el: Don't load image.el that XEmacs doesn't provide.
......
...@@ -404,7 +404,11 @@ textual parts.") ...@@ -404,7 +404,11 @@ textual parts.")
(unless (consp programs) (unless (consp programs)
(setq programs (list programs))) (setq programs (list programs)))
(dolist (program programs) (dolist (program programs)
(push (concat program " " "%s") result)) (when (assoc (car (split-string program)) tls-starttls-switches)
(push (if (not (string-match "%s" program))
(concat program " " "%s")
program)
result)))
(nreverse result))) (nreverse result)))
(defun nnimap-find-parameter (parameter elems) (defun nnimap-find-parameter (parameter elems)
......
...@@ -76,12 +76,11 @@ and `gnutls-cli' (version 2.0.1) output." ...@@ -76,12 +76,11 @@ and `gnutls-cli' (version 2.0.1) output."
:group 'tls) :group 'tls)
(defvar tls-starttls-switches (defvar tls-starttls-switches
'(("gnutls-cli" "-s") '(("openssl" "-starttls imap"))
("openssl" "-starttls imap"))
"Alist of programs and the switches necessary to get starttls behaviour.") "Alist of programs and the switches necessary to get starttls behaviour.")
(defcustom tls-program '("gnutls-cli %s -p %p %h" (defcustom tls-program '("gnutls-cli --insecure -p %p %h"
"gnutls-cli %s -p %p %h --protocols ssl3" "gnutls-cli --insecure -p %p %h --protocols ssl3"
"openssl s_client %s -connect %h:%p -no_ssl2 -ign_eof") "openssl s_client %s -connect %h:%p -no_ssl2 -ign_eof")
"List of strings containing commands to start TLS stream to a host. "List of strings containing commands to start TLS stream to a host.
Each entry in the list is tried until a connection is successful. Each entry in the list is tried until a connection is successful.
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment