1. 14 Jul, 2018 1 commit
    • Jimmy Yuen Ho Wong's avatar
      Check TLS certs against CRL · a9f09f72
      Jimmy Yuen Ho Wong authored
      * lisp/net/gnutls.el (gnutls-boot-parameters): Return
        `gnutls-crlfiles' in `:crlfiles'.
        (gnutls-crlfiles): New defcustom.
        (gnutls--get-files): New defun.
        (gnutls-trustfiles, gnutls-crlfiles): Delegate to
        `gnutls--get-files' to return a list of filenames, accepts glob pattern.
      a9f09f72
  2. 08 Jul, 2018 2 commits
  3. 13 Apr, 2018 4 commits
  4. 16 Feb, 2018 1 commit
  5. 08 Feb, 2018 1 commit
    • Noam Postavsky's avatar
      Doc fixes for process functions (Bug#30349) · 04c5bd5b
      Noam Postavsky authored
      * doc/lispref/processes.texi (Asynchronous Processes): Explain what
      the 'stopped' state means for a pipe process.
      * src/process.c (Fmake_process, Fmake_pipe_process)
      (Fmake_serial_process, Fmake_network_process):
      * lisp/subr.el (start-process):
      * lisp/net/tls.el (open-tls-stream):
      * lisp/net/starttls.el (starttls-open-stream):
      * lisp/net/gnutls.el (open-gnutls-stream): Remove meaningless phrase
      "specify an output stream" phrase from docstring.
      04c5bd5b
  6. 01 Jan, 2018 1 commit
  7. 19 Dec, 2017 1 commit
    • Ted Zlatanov's avatar
      Collect GnuTLS extensions and use them to set %DUMBFW if supported · 21a212f9
      Ted Zlatanov authored
      * lisp/net/gnutls.el (gnutls-boot-parameters): Use it to set %DUMBFW
      only when it's supported as "ClientHello Padding" (Bug#25061).
      
      * src/gnutls.c (Fgnutls_available_p): Get extension names and
      put them in the GnuTLS capabilities, using a hard-coded limit
      of 100 since GnuTLS MAX_EXT_TYPES is not exported.
      21a212f9
  8. 15 Dec, 2017 1 commit
    • Ted Zlatanov's avatar
      Add %DUMBFW to the default GnuTLS priority strings · a21dac18
      Ted Zlatanov authored
      * lisp/net/gnutls.el (gnutls-boot-parameters): Add %DUMBFW to
      the default priority strings (Bug#25061).
      
      * etc/NEWS: Mention it.
      
      * doc/misc/emacs-gnutls.texi (Help For Users): Point to the
      GnuTLS priority string documentation URL.
      a21dac18
  9. 09 Dec, 2017 1 commit
  10. 13 Sep, 2017 1 commit
    • Paul Eggert's avatar
      Prefer HTTPS to FTP and HTTP in documentation · bc511a64
      Paul Eggert authored
      Most of this change is to boilerplate commentary such as license URLs.
      This change was prompted by ftp://ftp.gnu.org's going-away party,
      planned for November.  Change these FTP URLs to https://ftp.gnu.org
      instead.  Make similar changes for URLs to other organizations moving
      away from FTP.  Also, change HTTP to HTTPS for URLs to gnu.org and
      fsf.org when this works, as this will further help defend against
      man-in-the-middle attacks (for this part I omitted the MS-DOS and
      MS-Windows sources and the test tarballs to keep the workload down).
      HTTPS is not fully working to lists.gnu.org so I left those URLs alone
      for now.
      bc511a64
  11. 09 May, 2017 1 commit
  12. 01 Jan, 2017 1 commit
  13. 05 Mar, 2016 1 commit
    • Lars Magne Ingebrigtsen's avatar
      Allow making TLS negotiation blocking · 21b509d4
      Lars Magne Ingebrigtsen authored
      * lisp/net/gnutls.el (gnutls-negotiate): Make negotiation blocking.
      
      * src/gnutls.c (Fgnutls_boot): Provide a new keyword,
      :complete-negotiation, to specify that we want complete
      negotiation even if the socket is non-blocking.
      (gnutls_try_handshake): Complete negotiation if given that keyword.
      
      * src/process.h (L): Added gnutls_complete_negotiation_p.
      21b509d4
  14. 14 Feb, 2016 1 commit
  15. 03 Feb, 2016 1 commit
    • Lars Ingebrigtsen's avatar
      Doc fixes and refactorings based on comments from Eli Zaretskii · 894e21df
      Lars Ingebrigtsen authored
      * doc/lispref/processes.texi (Network Processes): Clarify the
      meaning of :tls-parameters.
      
      * lisp/net/gnutls.el (open-gnutls-stream): Clarify :nowait.
      
      * lisp/net/gnutls.el (gnutls-boot-parameters): Factor out into
      own function.
      (gnutls-negotiate): Use it.
      (open-gnutls-stream): Ditto.
      
      * src/eval.c (vformat_string): Refactor out the printing bits
      from verror.
      (verror): Use it.
      
      * src/gnutls.c (boot_error): Mark failed processes with the
      real error message.
      
      * src/lisp.h: Declare vformat_string.
      894e21df
  16. 01 Feb, 2016 1 commit
    • Lars Ingebrigtsen's avatar
      Make network connections work again on non-glibc systems · 0645c0f8
      Lars Ingebrigtsen authored
      * lisp/net/gnutls.el (open-gnutls-stream): Pass the TLS
      keywords in directly so that they can be used when doing
      synchronous DNS on non-synchronous connections.
      
      * lisp/net/network-stream.el (open-network-stream): Allow
      passing in the TLS parameters directly.
      
      * src/process.c (conv_numerical_to_lisp): New function to convert
      numerical addresses to Lisp.
      (Fmake_network_process): Rework the non-HAVE_ADDRINFO code
      paths so that they work again.
      (syms_of_process): Build fix for non-glibc systems.
      0645c0f8
  17. 31 Jan, 2016 4 commits
    • Lars Ingebrigtsen's avatar
      Clean up dead code · 99723293
      Lars Ingebrigtsen authored
      * lisp/net/gnutls.el (gnutls-async-sentinel): Remove.
      99723293
    • Lars Ingebrigtsen's avatar
      Rework the mechanisms for async GnuTLS connections · cecf6c9a
      Lars Ingebrigtsen authored
      * lisp/net/gnutls.el (open-gnutls-stream): Compute the
      gnutls-boot parameters and pass them to the process object.
      (gnutls-negotiate): New parameter :return-keywords that won't
      connect to anything, just compute the keywords.
      
      * lisp/url/url-http.el (url-http): Revert async TLS sentinel
      hack, which is no longer necessary.
      
      * src/gnutls.c (Fgnutls_asynchronous_parameters): Rename from
      gnutls-mark-process.
      
      * src/process.c (connect_network_socket): If we're connecting to
      an asynchronous TLS socket, complete the GnuTLS boot sequence here.
      
      * src/process.h: New parameter gnutls_async_parameters.
      cecf6c9a
    • Lars Ingebrigtsen's avatar
      Remove debugging · e2d0ccc9
      Lars Ingebrigtsen authored
      e2d0ccc9
    • Lars Ingebrigtsen's avatar
      Implement asynchronous GnuTLS connections · 0f47153b
      Lars Ingebrigtsen authored
      * doc/misc/emacs-gnutls.texi (Help For Developers): Mention
      the nowait parameter.
      
      * lisp/net/gnutls.el (open-gnutls-stream): Allow asynchronous
      connections with the new nowait parameter.
      
      * lisp/net/network-stream.el (network-stream-open-tls): Pass
      on :nowait to open-gnutls-stream.
      
      * lisp/url/url-http.el (url-http): Don't overwrite the
      sentinel created by open-gnutls-stream.
      
      * src/gnutls.c (Fgnutls_mark_process): New function.
      
      * src/process.c (send_process): Don't write to GnuTLS sockets that
      haven't been initialised yed.
      
      * src/process.h: New slot gnutls_wait_p.
      0f47153b
  18. 01 Jan, 2016 1 commit
  19. 29 Dec, 2015 1 commit
  20. 25 Dec, 2015 1 commit
    • Ashish SHUKLA's avatar
      Add FreeBSD cert bundle · 5bd3a0c9
      Ashish SHUKLA authored
      * doc/misc/emacs-gnutls.texi (Help For Users): Document
      FreeBSD bundle.
      
      * lisp/net/gnutls.el (gnutls-trustfiles): Add FreeBSD cert bundle.
      
      Backport:
      
      (cherry picked from commit 60c0f1a1)
      5bd3a0c9
  21. 24 Dec, 2015 1 commit
    • Ashish SHUKLA's avatar
      Add FreeBSD cert bundle · 60c0f1a1
      Ashish SHUKLA authored
      * doc/misc/emacs-gnutls.texi (Help For Users): Document
      FreeBSD bundle.
      
      * lisp/net/gnutls.el (gnutls-trustfiles): Add FreeBSD cert bundle.
      60c0f1a1
  22. 17 Sep, 2015 1 commit
    • Paul Eggert's avatar
      Backslash cleanup in Elisp source files · 284c470e
      Paul Eggert authored
      This patch should not change behavior.  It typically omits backslashes
      where they are redundant (e.g., in the string literal "^\$").
      In a few places, insert backslashes where they make regular
      expressions clearer: e.g., replace "^\*" (equivalent to "^*") with
      "^\\*", which has the same effect as a regular expression.
      Also, use ‘\ %’ instead of ‘\%’ when avoiding confusion with SCCS IDs,
      and similarly use ‘\ $’ instead of ‘\$’ when avoiding confusion with
      RCS IDs, as that makes it clearer that the backslash is intended.
      284c470e
  23. 24 Aug, 2015 1 commit
    • Paul Eggert's avatar
      More-conservative ‘format’ quote restyling · fbb5531f
      Paul Eggert authored
      Instead of restyling curved quotes for every call to ‘format’,
      create a new function ‘format-message’ that does the restyling,
      and using the new function instead of ‘format’ only in contexts
      where this seems appropriate.
      Problem reported by Dmitry Gutov and Andreas Schwab in:
      http://lists.gnu.org/archive/html/emacs-devel/2015-08/msg00826.html
      http://lists.gnu.org/archive/html/emacs-devel/2015-08/msg00827.html
      * doc/lispref/commands.texi (Using Interactive):
      * doc/lispref/control.texi (Signaling Errors, Signaling Errors):
      * doc/lispref/display.texi (Displaying Messages, Progress):
      * doc/lispref/elisp.texi:
      * doc/lispref/help.texi (Keys in Documentation):
      * doc/lispref/minibuf.texi (Minibuffer Misc):
      * doc/lispref/strings.texi (Formatting Strings):
      * etc/NEWS:
      Document the changes.
      * lisp/abbrev.el (expand-region-abbrevs):
      * lisp/apropos.el (apropos-library):
      * lisp/calc/calc-ext.el (calc-record-message)
      (calc-user-function-list):
      * lisp/calc/calc-help.el (calc-describe-key, calc-full-help):
      * lisp/calc/calc-lang.el (math-read-big-balance):
      * lisp/calc/calc-store.el (calc-edit-variable):
      * lisp/calc/calc-units.el (math-build-units-table-buffer):
      * lisp/calc/calc-yank.el (calc-edit-mode):
      * lisp/calendar/icalendar.el (icalendar-export-region)
      (icalendar--add-diary-entry):
      * lisp/cedet/mode-local.el (mode-local-print-binding)
      (mode-local-describe-bindings-2):
      * lisp/cedet/semantic/complete.el (semantic-completion-message):
      * lisp/cedet/semantic/edit.el (semantic-parse-changes-failed):
      * lisp/cedet/semantic/wisent/comp.el (wisent-log):
      * lisp/cedet/srecode/insert.el (srecode-insert-show-error-report):
      * lisp/descr-text.el (describe-text-properties-1, describe-char):
      * lisp/dframe.el (dframe-message):
      * lisp/dired-aux.el (dired-query):
      * lisp/emacs-lisp/byte-opt.el (byte-compile-log-lap-1):
      * lisp/emacs-lisp/bytecomp.el (byte-compile-log)
      (byte-compile-log-file, byte-compile-warn, byte-compile-form):
      * lisp/emacs-lisp/cconv.el (cconv-convert, cconv--analyze-use)
      (cconv-analyze-form):
      * lisp/emacs-lisp/check-declare.el (check-declare-warn):
      * lisp/emacs-lisp/checkdoc.el (checkdoc-this-string-valid-engine):
      * lisp/emacs-lisp/cl-macs.el (cl-symbol-macrolet):
      * lisp/emacs-lisp/edebug.el (edebug-format):
      * lisp/emacs-lisp/eieio-core.el (eieio-oref):
      * lisp/emacs-lisp/eldoc.el (eldoc-minibuffer-message)
      (eldoc-message):
      * lisp/emacs-lisp/elint.el (elint-file, elint-log):
      * lisp/emacs-lisp/find-func.el (find-function-library):
      * lisp/emacs-lisp/macroexp.el (macroexp--obsolete-warning):
      * lisp/emacs-lisp/map-ynp.el (map-y-or-n-p):
      * lisp/emacs-lisp/nadvice.el (advice--make-docstring):
      * lisp/emacs-lisp/package.el (package-compute-transaction)
      (package-install-button-action, package-delete-button-action)
      (package-menu--list-to-prompt):
      * lisp/emacs-lisp/timer.el (timer-event-handler):
      * lisp/emacs-lisp/warnings.el (lwarn, warn):
      * lisp/emulation/viper-cmd.el:
      (viper-toggle-parse-sexp-ignore-comments)
      (viper-kill-buffer, viper-brac-function):
      * lisp/emulation/viper-macs.el (viper-record-kbd-macro):
      * lisp/facemenu.el (facemenu-add-new-face):
      * lisp/faces.el (face-documentation, read-face-name)
      (face-read-string, read-face-font, describe-face):
      * lisp/files.el (find-alternate-file, hack-local-variables)
      (hack-one-local-variable--obsolete, write-file)
      (basic-save-buffer, delete-directory):
      * lisp/format.el (format-write-file, format-find-file)
      (format-insert-file):
      * lisp/help-fns.el (help-fns--key-bindings)
      (help-fns--compiler-macro, help-fns--obsolete)
      (help-fns--interactive-only, describe-function-1)
      (describe-variable):
      * lisp/help.el (describe-mode):
      * lisp/info-xref.el (info-xref-output):
      * lisp/info.el (Info-virtual-index-find-node)
      (Info-virtual-index, info-apropos):
      * lisp/international/kkc.el (kkc-error):
      * lisp/international/mule-cmds.el:
      (select-safe-coding-system-interactively)
      (select-safe-coding-system, describe-input-method):
      * lisp/international/mule-conf.el (code-offset):
      * lisp/international/mule-diag.el (describe-character-set)
      (list-input-methods-1):
      * lisp/international/quail.el (quail-error):
      * lisp/minibuffer.el (minibuffer-message):
      * lisp/mpc.el (mpc--debug):
      * lisp/msb.el (msb--choose-menu):
      * lisp/net/ange-ftp.el (ange-ftp-message):
      * lisp/net/gnutls.el (gnutls-message-maybe):
      * lisp/net/newst-backend.el (newsticker--sentinel-work):
      * lisp/net/newst-treeview.el (newsticker--treeview-load):
      * lisp/net/nsm.el (nsm-query-user):
      * lisp/net/rlogin.el (rlogin):
      * lisp/net/soap-client.el (soap-warning):
      * lisp/net/tramp.el (tramp-debug-message):
      * lisp/nxml/nxml-outln.el (nxml-report-outline-error):
      * lisp/nxml/nxml-parse.el (nxml-parse-error):
      * lisp/nxml/rng-cmpct.el (rng-c-error):
      * lisp/nxml/rng-match.el (rng-compile-error):
      * lisp/nxml/rng-uri.el (rng-uri-error):
      * lisp/obsolete/iswitchb.el (iswitchb-possible-new-buffer):
      * lisp/org/org-ctags.el:
      (org-ctags-ask-rebuild-tags-file-then-find-tag):
      * lisp/proced.el (proced-log):
      * lisp/progmodes/ebnf2ps.el (ebnf-log):
      * lisp/progmodes/flymake.el (flymake-log):
      * lisp/progmodes/vhdl-mode.el (vhdl-warning-when-idle):
      * lisp/replace.el (occur-1):
      * lisp/simple.el (execute-extended-command)
      (undo-outer-limit-truncate, define-alternatives):
      * lisp/startup.el (command-line):
      * lisp/subr.el (error, user-error, add-to-list):
      * lisp/tutorial.el (tutorial--describe-nonstandard-key)
      (tutorial--find-changed-keys):
      * src/callint.c (Fcall_interactively):
      * src/editfns.c (Fmessage, Fmessage_box):
      Restyle the quotes of format strings intended for use as a
      diagnostic, when restyling seems appropriate.
      * lisp/subr.el (format-message): New function.
      * src/doc.c (Finternal__text_restyle): New function.
      (syms_of_doc): Define it.
      fbb5531f
  24. 01 Jan, 2015 2 commits
  25. 08 Dec, 2014 1 commit
  26. 25 Nov, 2014 1 commit
  27. 18 Oct, 2014 1 commit
  28. 01 Jul, 2014 1 commit
  29. 01 Jan, 2014 1 commit
  30. 23 Dec, 2013 1 commit
  31. 16 Dec, 2013 1 commit
    • Stefan Monnier's avatar
      * lisp/emulation/cua-rect.el (cua-rectangle-mark-mode): New minor mode. · 2013a2f9
      Stefan Monnier authored
      (cua--deactivate-rectangle): Don't deactivate the mark.
      (cua-set-rectangle-mark): Don't set mark-active since
      cua--activate-rectangle already does it for us.
      (cua--rectangle-highlight-for-redisplay): Unhighlight a previous
      non-rectangular region.
      
      * lisp/emulation/cua-base.el (cua-repeat-replace-region):
      Use with-current-buffer.
      
      * lisp/net/gnutls.el: Use cl-lib.
      (gnutls-negotiate): `mapcan' -> cl-mapcan.
      2013a2f9
  32. 14 Dec, 2013 1 commit
    • Ted Zlatanov's avatar
      New verify-error GnuTLS interface for certificate validation · 31b4827e
      Ted Zlatanov authored
      * net/gnutls.el (gnutls-verify-error): New defcustom to control
      the behavior when a certificate fails validation.  Defaults to
      old behavior: never abort, just warn.
      (gnutls-negotiate): Use it.
      
      * gnutls.c: Replace `:verify_hostname_error' with `:verify_error',
      now a list of certificate validation checks that will abort a
      connection with an error.
      (Fgnutls_boot): Document it and use it.
      31b4827e