From: Reiner Steib <reinersteib+gmane@imap.cc>
To: Naohiro Aota <nao.aota@gmail.com>
Cc: Elias Oltmanns <eo@nebensachen.de>, ding@gnus.org, emacs-devel@gnu.org
Subject: Re: [PATCH] POP3 Over SSL with openssl
Date: Tue, 04 Mar 2008 23:37:07 +0100 [thread overview]
Message-ID: <v93ar6azfw.fsf@marauder.physik.uni-ulm.de> (raw)
In-Reply-To: <87mypgi37v.fsf@gmail.com> (Naohiro Aota's message of "Mon, 03 Mar 2008 18:09:08 +0900")
On Mon, Mar 03 2008, Naohiro Aota wrote:
> I tried to retrieve mails by POP3 Over SSL with openssl, but Gnus
> stopped working displaing "Retrieving message 1 of 5 from myserver...".
> Then I found that without -ign_eof and -quiet argument, openssl doesn't
> send line begins with "R" or "Q" to server but renegotiate or quit its
> connection. So sending "RETR" command made this problem.
>
> I suggest to call openssl commands with "-ign_eof" argument. Please find
> the patch below.
Does anyone see a problem with this?
> 2008-03-03 Naohiro Aota <nao.aota@gmail.com>
>
> * tls.el (tls-program): Add -ign_eof argument to call the openssl
> commands.
> (tls-checktrust): Ditto.
>
> Index: lisp/tls.el
> ===================================================================
> RCS file: /usr/local/cvsroot/gnus/lisp/tls.el,v
> retrieving revision 7.23
> diff -u -r7.23 tls.el
> --- lisp/tls.el 1 Mar 2008 01:48:13 -0000 7.23
> +++ lisp/tls.el 3 Mar 2008 08:56:24 -0000
> @@ -80,7 +80,7 @@
>
> (defcustom tls-program '("gnutls-cli -p %p %h"
> "gnutls-cli -p %p %h --protocols ssl3"
> - "openssl s_client -connect %h:%p -no_ssl2")
> + "openssl s_client -connect %h:%p -no_ssl2 -ign_eof")
> "List of strings containing commands to start TLS stream to a host.
> Each entry in the list is tried until a connection is successful.
> %h is replaced with server hostname, %p with port to connect to.
> @@ -97,23 +97,23 @@
> :value
> ("gnutls-cli -p %p %h"
> "gnutls-cli -p %p %h --protocols ssl3"
> - "openssl s_client -connect %h:%p -no_ssl2")
> + "openssl s_client -connect %h:%p -no_ssl2 -ign_eof")
> (set :inline t
> ;; FIXME: add brief `:tag "..."' descriptions.
> ;; (repeat :inline t :tag "Other" (string))
> ;; See `tls-checktrust':
> (const "gnutls-cli --x509cafile /etc/ssl/certs/ca-certificates.crt -p %p %h")
> (const "gnutls-cli --x509cafile /etc/ssl/certs/ca-certificates.crt -p %p %h --protocols ssl3")
> - (const "openssl s_client -connect %h:%p -CAfile /etc/ssl/certs/ca-certificates.crt -no_ssl2")
> + (const "openssl s_client -connect %h:%p -CAfile /etc/ssl/certs/ca-certificates.crt -no_ssl2 -ign_eof")
> ;; No trust check:
> (const "gnutls-cli -p %p %h")
> (const "gnutls-cli -p %p %h --protocols ssl3")
> - (const "openssl s_client -connect %h:%p -no_ssl2"))
> + (const "openssl s_client -connect %h:%p -no_ssl2 -ign_eof"))
> (repeat :inline t :tag "Other" (string)))
> (const :tag "Default list of commands"
> ("gnutls-cli -p %p %h"
> "gnutls-cli -p %p %h --protocols ssl3"
> - "openssl s_client -connect %h:%p -no_ssl2"))
> + "openssl s_client -connect %h:%p -no_ssl2 -ign_eof"))
> (list :tag "List of commands"
> (repeat :tag "Command" (string))))
> :version "22.1"
> @@ -144,7 +144,7 @@
> \(setq tls-program
> '(\"gnutls-cli --x509cafile /etc/ssl/certs/ca-certificates.crt -p %p %h\"
> \"gnutls-cli --x509cafile /etc/ssl/certs/ca-certificates.crt -p %p %h --protocols ssl3\"
> - \"openssl s_client -connect %h:%p -CAfile /etc/ssl/certs/ca-certificates.crt -no_ssl2\"))"
> + \"openssl s_client -connect %h:%p -CAfile /etc/ssl/certs/ca-certificates.crt -no_ssl2 -ign_eof\"))"
> :type '(choice (const :tag "Always" t)
> (const :tag "Never" nil)
> (const :tag "Ask" ask))
Bye, Reiner.
--
,,,
(o o)
---ooO-(_)-Ooo--- | PGP key available | http://rsteib.home.pages.de/
next parent reply other threads:[~2008-03-04 22:37 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <87mypgi37v.fsf@gmail.com>
2008-03-04 22:37 ` Reiner Steib [this message]
2008-03-05 12:37 ` [PATCH] POP3 Over SSL with openssl Elias Oltmanns
2008-03-05 19:53 ` Naohiro Aota
2008-03-06 10:14 ` Elias Oltmanns
2008-03-08 10:04 ` Naohiro Aota
2008-04-13 20:58 ` Reiner Steib
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.gnu.org/software/emacs/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=v93ar6azfw.fsf@marauder.physik.uni-ulm.de \
--to=reinersteib+gmane@imap.cc \
--cc=Reiner.Steib@gmx.de \
--cc=ding@gnus.org \
--cc=emacs-devel@gnu.org \
--cc=eo@nebensachen.de \
--cc=nao.aota@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).