From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Andreas Schwab Newsgroups: gmane.emacs.devel Subject: Re: Bug#766395: emacs/gnus: Uses s_client to for SSL. Date: Thu, 23 Oct 2014 18:49:17 +0200 Message-ID: <877fzq20ky.fsf@igel.home> References: <20141022193441.GA11872@roeckx.be> <87zjcnj2k6.fsf@trouble.defaultvalue.org> <87fvefstqr.fsf@igel.home> NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: text/plain X-Trace: ger.gmane.org 1414082996 24247 80.91.229.3 (23 Oct 2014 16:49:56 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Thu, 23 Oct 2014 16:49:56 +0000 (UTC) Cc: 766397@bugs.debian.org, 766397-forwarded@bugs.debian.org, Kurt Roeckx , emacs-devel@gnu.org To: Rob Browning Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Thu Oct 23 18:49:47 2014 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by plane.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1XhLa6-0002Pq-Up for ged-emacs-devel@m.gmane.org; Thu, 23 Oct 2014 18:49:47 +0200 Original-Received: from localhost ([::1]:42140 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XhLa6-0006tc-Kd for ged-emacs-devel@m.gmane.org; Thu, 23 Oct 2014 12:49:46 -0400 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:57693) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XhLZn-0006sZ-Nh for emacs-devel@gnu.org; Thu, 23 Oct 2014 12:49:33 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1XhLZh-0004e5-Dx for emacs-devel@gnu.org; Thu, 23 Oct 2014 12:49:27 -0400 Original-Received: from mail-out.m-online.net ([212.18.0.10]:47211) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XhLZh-0004dx-3t for emacs-devel@gnu.org; Thu, 23 Oct 2014 12:49:21 -0400 Original-Received: from frontend01.mail.m-online.net (unknown [192.168.8.182]) by mail-out.m-online.net (Postfix) with ESMTP id 3jNvg31z9Cz3hjNf; Thu, 23 Oct 2014 18:49:19 +0200 (CEST) Original-Received: from localhost (dynscan1.mnet-online.de [192.168.6.68]) by mail.m-online.net (Postfix) with ESMTP id 3jNvg30drlzvdWd; Thu, 23 Oct 2014 18:49:19 +0200 (CEST) X-Virus-Scanned: amavisd-new at mnet-online.de Original-Received: from mail.mnet-online.de ([192.168.8.182]) by localhost (dynscan1.mail.m-online.net [192.168.6.68]) (amavisd-new, port 10024) with ESMTP id 8MZJwUuY1OMa; Thu, 23 Oct 2014 18:49:17 +0200 (CEST) X-Auth-Info: VJEATL8kOwOVhRNLKpPicTrorm0BwaJp0sypPcx4HzmYXA/TvGsTglxSdu6rBVFo Original-Received: from igel.home (ppp-188-174-145-155.dynamic.mnet-online.de [188.174.145.155]) by mail.mnet-online.de (Postfix) with ESMTPA; Thu, 23 Oct 2014 18:49:17 +0200 (CEST) Original-Received: by igel.home (Postfix, from userid 1000) id 62B3D2C202B; Thu, 23 Oct 2014 18:49:17 +0200 (CEST) X-Yow: I like your SNOOPY POSTER!! In-Reply-To: <87fvefstqr.fsf@igel.home> (Andreas Schwab's message of "Wed, 22 Oct 2014 23:02:36 +0200") User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.4 (gnu/linux) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x X-Received-From: 212.18.0.10 X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.devel:175739 Archived-At: This (untested) patch will make :stream ssl equivalent to :stream tls. Andreas. diff --git a/lisp/net/imap.el b/lisp/net/imap.el index cf19e6c..9219b54 100644 --- a/lisp/net/imap.el +++ b/lisp/net/imap.el @@ -184,19 +184,6 @@ the list is tried until a successful connection is made." :group 'imap :type '(repeat string)) -(defcustom imap-ssl-program '("openssl s_client -quiet -ssl3 -connect %s:%p" - "openssl s_client -quiet -ssl2 -connect %s:%p" - "s_client -quiet -ssl3 -connect %s:%p" - "s_client -quiet -ssl2 -connect %s:%p") - "A string, or list of strings, containing commands for SSL connections. -Within a string, %s is replaced with the server address and %p with -port number on server. The program should accept IMAP commands on -stdin and return responses to stdout. Each entry in the list is tried -until a successful connection is made." - :group 'imap - :type '(choice string - (repeat string))) - (defcustom imap-shell-program '("ssh %s imapd" "rsh %s imapd" "ssh %g ssh %s imapd" @@ -286,14 +273,14 @@ Shorter values mean quicker response, but is more CPU intensive." (defvar imap-fetch-data-hook nil "Hooks called after receiving each FETCH response.") -(defvar imap-streams '(gssapi kerberos4 starttls tls ssl network shell) +(defvar imap-streams '(gssapi kerberos4 starttls tls network shell) "Priority of streams to consider when opening connection to server.") (defvar imap-stream-alist '((gssapi imap-gssapi-stream-p imap-gssapi-open) (kerberos4 imap-kerberos4-stream-p imap-kerberos4-open) (tls imap-tls-p imap-tls-open) - (ssl imap-ssl-p imap-ssl-open) + (ssl imap-tls-p imap-tls-open) (network imap-network-p imap-network-open) (shell imap-shell-p imap-shell-open) (starttls imap-starttls-p imap-starttls-open)) @@ -343,7 +330,6 @@ basis.") ;; Internal constants. Change these and die. (defconst imap-default-port 143) -(defconst imap-default-ssl-port 993) (defconst imap-default-tls-port 993) (defconst imap-default-stream 'network) (defconst imap-coding-system-for-read 'binary) @@ -661,56 +647,6 @@ sure of changing the value of `foo'." nil))))) done)) -(defun imap-ssl-p (_buffer) - nil) - -(defun imap-ssl-open (name buffer server port) - "Open an SSL connection to SERVER." - (let ((cmds (if (listp imap-ssl-program) imap-ssl-program - (list imap-ssl-program))) - cmd done) - (while (and (not done) (setq cmd (pop cmds))) - (message "imap: Opening SSL connection with `%s'..." cmd) - (erase-buffer) - (let* ((port (or port imap-default-ssl-port)) - (coding-system-for-read imap-coding-system-for-read) - (coding-system-for-write imap-coding-system-for-write) - (process-connection-type imap-process-connection-type) - (set-process-query-on-exit-flag - (if (fboundp 'set-process-query-on-exit-flag) - 'set-process-query-on-exit-flag - 'process-kill-without-query)) - process) - (when (progn - (setq process (start-process - name buffer shell-file-name - shell-command-switch - (format-spec cmd - (format-spec-make - ?s server - ?p (number-to-string port))))) - (funcall set-process-query-on-exit-flag process nil) - process) - (with-current-buffer buffer - (goto-char (point-min)) - (while (and (memq (process-status process) '(open run)) - (set-buffer buffer) ;; XXX "blue moon" nntp.el bug - (goto-char (point-max)) - (forward-line -1) - (not (imap-parse-greeting))) - (accept-process-output process 1) - (sit-for 1)) - (imap-log buffer) - (erase-buffer) - (when (memq (process-status process) '(open run)) - (setq done process)))))) - (if done - (progn - (message "imap: Opening SSL connection with `%s'...done" cmd) - done) - (message "imap: Opening SSL connection with `%s'...failed" cmd) - nil))) - (defun imap-tls-p (_buffer) nil) @@ -2965,8 +2901,6 @@ Return nil if no complete line has arrived." imap-error-text imap-kerberos4s-p imap-kerberos4-open - imap-ssl-p - imap-ssl-open imap-network-p imap-network-open imap-interactive-login -- Andreas Schwab, schwab@linux-m68k.org GPG Key fingerprint = 58CA 54C7 6D53 942B 1756 01D3 44D5 214B 8276 4ED5 "And now for something completely different."