On Sun, 20 Mar 2011 22:41:23 +0100 claudio.bley@gmail.com (Claudio Bley) wrote: 
CB> I made some minor changes and integrated your patch into my branch.

CB> Basically, the changes are in correspondence to what Eli requested.

Looks OK.  I adjusted the patch against the recent configure changes and
today's Emacs trunk, added ChangeLog entries for my changes, and fixed
the `gnutls-hostname' verification.  I added verify-hostname-error and
verify-error parameters to `gnutls-negotiate' in addition to
verify-flags and I added a usage example to `open-gnutls-stream'.

I tested it all.  Seems to work OK on Linux, can you take a look?
Especially on W32, which I couldn't test?

Also I'd like the patch to be reviewed by Stefan or Chong.  It's not
huge but it's not tiny anymore either.

CB> Additionally, I reverted the change to gnutls-negotiate where I signal
CB> an error now instead of returning an error value since I had realized
CB> that some more code depended upon returning the given process. As the
CB> GnuTLS functionality should be almost transparent to other libraries
CB> making network connections I think this is the better solution. What
CB> do you think about that?

Looks OK, except there's 5000+ messages about retrying now.  Is that
necessary?

CB> Otherwise, your patch looks good so far. Except that I always got
CB> hostname mismatches for www.google.no and www.google.com.

I think that's fixed.  The explicit call to Fsymbol_value is kind of
weird, I'm sure there's a better way.

CB> Btw, I could not reproduce the problem reported by Lars Magne
CB> Ingebrigsten, ie. this

CB> (progn
CB>   (require 'gnutls)
CB>   (url-retrieve "https://www.google.no" #'ignore)
CB>   (url-retrieve "https://www.google.no" #'ignore))

CB> works flawlessly and does not hang (tested on Windows and Linux).

Let's cross our fingers :)  Lars, can you check?

Ted