From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: "Riccardo Murri" Newsgroups: gmane.emacs.devel Subject: Re: url-retrieve-synchronously randomly fails on https URLs (patch included) Date: Tue, 30 Oct 2007 11:23:34 +0100 Message-ID: <1c34ba170710300323y52413e55p3a89930ca80681e6@mail.gmail.com> References: <20071027104716.E9BA773545@tanja.localdomain> <1c34ba170710280540g5b2a9983o33abfcba2843d95@mail.gmail.com> <1c34ba170710291348v36cb5b83ybbb4a7f988f486b1@mail.gmail.com> NNTP-Posting-Host: lo.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Trace: ger.gmane.org 1193739832 23090 80.91.229.12 (30 Oct 2007 10:23:52 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Tue, 30 Oct 2007 10:23:52 +0000 (UTC) Cc: emacs-devel@gnu.org To: rms@gnu.org Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Tue Oct 30 11:23:54 2007 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([199.232.76.165]) by lo.gmane.org with esmtp (Exim 4.50) id 1ImoGF-00027O-R2 for ged-emacs-devel@m.gmane.org; Tue, 30 Oct 2007 11:23:52 +0100 Original-Received: from localhost ([127.0.0.1] helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1ImoG6-0000xi-Cc for ged-emacs-devel@m.gmane.org; Tue, 30 Oct 2007 06:23:42 -0400 Original-Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1ImoG1-0000wI-8C for emacs-devel@gnu.org; Tue, 30 Oct 2007 06:23:37 -0400 Original-Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1ImoG0-0000v9-D2 for emacs-devel@gnu.org; Tue, 30 Oct 2007 06:23:36 -0400 Original-Received: from [199.232.76.173] (helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1ImoG0-0000us-40 for emacs-devel@gnu.org; Tue, 30 Oct 2007 06:23:36 -0400 Original-Received: from nz-out-0506.google.com ([64.233.162.230]) by monty-python.gnu.org with esmtp (Exim 4.60) (envelope-from ) id 1ImoG0-0002br-3Z for emacs-devel@gnu.org; Tue, 30 Oct 2007 06:23:36 -0400 Original-Received: by nz-out-0506.google.com with SMTP id f1so1352291nzc for ; Tue, 30 Oct 2007 03:23:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=McRTjlfetl8bIV6yaNZpR/P/xhz4a/BSizOi05yaO6A=; b=ZGOtmGBkKSEVGUjJI7AwF8vhft9H79UVupx9xOfcmllxXVtqZPgiMjhl2KbrcSK+c1/jkRNQVKRURuOPqlU8LSTSXNnWJd9ThTBPxuQhvheSCYYoP2tgkpqlBeUwr42wgjNH3a70Sy/SH2jRTzQh/2bK+V0BJUABrjiY+lOKSG4= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=e0u77BPMHdm1HB2IMh3OJdMGyBrddlTVRt564UDwl+L3qUYdFCI5wLkyMDzlCaH8HQ12O4NSgp8vsHUaT0nBkufTiD1Q0KpMJReNl4JI8ho8wu/epK51VxTGdA9DdZMrZZ3tNS6J/BXNW4r6M7MQ5mdMPhJHNhF+Y/hE343Pxuk= Original-Received: by 10.114.177.1 with SMTP id z1mr8059442wae.1193739814651; Tue, 30 Oct 2007 03:23:34 -0700 (PDT) Original-Received: by 10.114.75.13 with HTTP; Tue, 30 Oct 2007 03:23:34 -0700 (PDT) In-Reply-To: Content-Disposition: inline X-detected-kernel: by monty-python.gnu.org: Linux 2.6 (newer, 2) X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.devel:82133 On 10/30/07, Richard Stallman wrote: > Would you please post a change log for the patch? > Then it will be installed. > Draft changelog for the appended patch: * (tls-end-of-info): New customization option (regexp). * (open-tls-stream): Accept input until `tls-end-of-info' is matched. -- Riccardo Murri, via Galeazzo Alessi 61, 00176 Roma --- src/emacs22/lisp/net/tls.el 2007-08-05 21:06:12.000000000 +0200 +++ emacs/lisp/tls.el 2007-10-29 19:17:33.000000000 +0100 @@ -51,6 +51,9 @@ (autoload 'format-spec "format-spec") (autoload 'format-spec-make "format-spec")) +(eval-when-compile + (require 'rx)) ; for writing readable regexps + (defgroup tls nil "Transport Layer Security (TLS) parameters." :group 'comm) @@ -89,6 +92,40 @@ :type 'string :group 'tls) +(defcustom tls-end-of-info + (rx + (or + ;; `openssl s_client` regexp + (sequence + ;; see ssl/ssl_txt.c lines 219--220 + line-start + " Verify return code: " + (one-or-more not-newline) + "\n" + ;; according to apps/s_client.c line 1515 this is always the last + ;; line that is printed by s_client before the real data + "---\n") + + ;; `gnutls` regexp + (sequence + ;; see src/cli.c lines 721-- + (sequence line-start "- Simple Client Mode:\n") + (zero-or-more + (or + "\n" ; ignore blank lines + ;; XXX: we have no way of knowing if the STARTTLS handshake + ;; sequence has completed successfully, because `gnutls` will + ;; only report failure. + (sequence line-start "\*\*\* Starting TLS handshake\n")))))) + "Regexp matching end of TLS client informational messages. +Client data stream begins after the last character matched by this. + +The default matches `openssl s_client' (version 0.9.8c) and +`gnutls-cli' (version 2.0.1) output." + :version "22.1" + :type 'regexp + :group 'tls) + (defun tls-certificate-information (der) "Parse X.509 certificate in DER format into an assoc list." (let ((certificate (concat "-----BEGIN CERTIFICATE-----\n" @@ -130,6 +167,8 @@ process cmd done) (if use-temp-buffer (setq buffer (generate-new-buffer " TLS"))) + (save-excursion + (set-buffer buffer) (message "Opening TLS connection to `%s'..." host) (while (and (not done) (setq cmd (pop cmds))) (message "Opening TLS connection with `%s'..." cmd) @@ -146,19 +185,34 @@ port))))) (while (and process (memq (process-status process) '(open run)) - (save-excursion - (set-buffer buffer) ;; XXX "blue moon" nntp.el bug + (progn (goto-char (point-min)) (not (setq done (re-search-forward tls-success nil t))))) (unless (accept-process-output process 1) (sit-for 1))) (message "Opening TLS connection with `%s'...%s" cmd (if done "done" "failed")) - (if done - (setq done process) - (delete-process process)))) + (if (not done) + (delete-process process) + ;; advance point to after all informational messages that + ;; `openssl s_client' and `gnutls' print + (let ((start-of-data nil)) + (while + (not (setq start-of-data + ;; the string matching `tls-end-of-info' + ;; might come in separate chunks from + ;; `accept-process-output', so start the + ;; search where `tls-success' ended + (save-excursion + (if (re-search-forward tls-end-of-info nil t) + (match-end 0))))) + (accept-process-output process 1)) + (if start-of-data + ;; move point to start of client data + (goto-char start-of-data))) + (setq done process)))) (message "Opening TLS connection to `%s'...%s" - host (if done "done" "failed")) + host (if done "done" "failed"))) (when use-temp-buffer (if done (set-process-buffer process nil)) (kill-buffer buffer))