Check for client certificates when using GnuTLS
This fixes Bug#33780, and extends the documentation to describe how to enable use of client certificates. * lisp/net/network-stream.el (network-stream-certificate): Correct order of parameters to plist-get. (network-stream-open-tls): Pass all received parameters to open-gnutls-stream as plist, not just :nowait. * lisp/net/gnutls.el (open-gnutls-stream): Change optional nowait arg to be plist. Derive nowait and client certificate(s) and keys(s) from plist (maybe via auth-source) and pass to gnutls-boot-parameters and gnutls-negotiate. (network-stream-certificate): Add declare-function form for it. * doc/misc/auth.texi (Help for users): Describe format to use for client key/cert specification. * doc/misc/emacs-gnutls.texi (Help For Developers): Describe usage of optional plist argument. Add crossreference to description of .authinfo format for client key/cert specification. * etc/NEWS: Describe new client certificate functionality for 'open-network-stream'. * test/lisp/net/network-stream-tests.el: Add require of network-stream. (connect-to-tls-ipv4-nowait): Bind network-security-level to 'low in order to bypass nsm prompting. (connect-to-tls-ipv6-nowait): Likewise. (open-network-stream-tls-wait): New test. (open-network-stream-tls-nowait): New test. (open-network-stream-tls): New test. (open-network-stream-tls-nocert): New test. (open-gnutls-stream-new-api-default): New test. (open-gnutls-stream-new-api-wait): New test. (open-gnutls-stream-old-api-wait): New test. (open-gnutls-stream-new-api-nowait): New test. (open-gnutls-stream-old-api-nowait): New test. (open-gnutls-stream-new-api-errors): New test. The new tests exercise 'open-network-stream' and the old and new api of 'open-gnutls-stream'.
Showing with 448 additions and 27 deletions