From: "Riccardo Murri" <riccardo.murri@gmail.com>
To: rms@gnu.org
Cc: emacs-devel@gnu.org
Subject: Re: url-retrieve-synchronously randomly fails on https URLs (patch included)
Date: Tue, 30 Oct 2007 11:23:34 +0100 [thread overview]
Message-ID: <1c34ba170710300323y52413e55p3a89930ca80681e6@mail.gmail.com> (raw)
In-Reply-To: <E1ImjaW-0001Hu-V5@fencepost.gnu.org>
On 10/30/07, Richard Stallman <rms@gnu.org> wrote:
> Would you please post a change log for the patch?
> Then it will be installed.
>
Draft changelog for the appended patch:
* (tls-end-of-info): New customization option (regexp).
* (open-tls-stream): Accept input until `tls-end-of-info' is matched.
--
Riccardo Murri, via Galeazzo Alessi 61, 00176 Roma
--- src/emacs22/lisp/net/tls.el 2007-08-05 21:06:12.000000000 +0200
+++ emacs/lisp/tls.el 2007-10-29 19:17:33.000000000 +0100
@@ -51,6 +51,9 @@
(autoload 'format-spec "format-spec")
(autoload 'format-spec-make "format-spec"))
+(eval-when-compile
+ (require 'rx)) ; for writing readable regexps
+
(defgroup tls nil
"Transport Layer Security (TLS) parameters."
:group 'comm)
@@ -89,6 +92,40 @@
:type 'string
:group 'tls)
+(defcustom tls-end-of-info
+ (rx
+ (or
+ ;; `openssl s_client` regexp
+ (sequence
+ ;; see ssl/ssl_txt.c lines 219--220
+ line-start
+ " Verify return code: "
+ (one-or-more not-newline)
+ "\n"
+ ;; according to apps/s_client.c line 1515 this is always the last
+ ;; line that is printed by s_client before the real data
+ "---\n")
+
+ ;; `gnutls` regexp
+ (sequence
+ ;; see src/cli.c lines 721--
+ (sequence line-start "- Simple Client Mode:\n")
+ (zero-or-more
+ (or
+ "\n" ; ignore blank lines
+ ;; XXX: we have no way of knowing if the STARTTLS handshake
+ ;; sequence has completed successfully, because `gnutls` will
+ ;; only report failure.
+ (sequence line-start "\*\*\* Starting TLS handshake\n"))))))
+ "Regexp matching end of TLS client informational messages.
+Client data stream begins after the last character matched by this.
+
+The default matches `openssl s_client' (version 0.9.8c) and
+`gnutls-cli' (version 2.0.1) output."
+ :version "22.1"
+ :type 'regexp
+ :group 'tls)
+
(defun tls-certificate-information (der)
"Parse X.509 certificate in DER format into an assoc list."
(let ((certificate (concat "-----BEGIN CERTIFICATE-----\n"
@@ -130,6 +167,8 @@
process cmd done)
(if use-temp-buffer
(setq buffer (generate-new-buffer " TLS")))
+ (save-excursion
+ (set-buffer buffer)
(message "Opening TLS connection to `%s'..." host)
(while (and (not done) (setq cmd (pop cmds)))
(message "Opening TLS connection with `%s'..." cmd)
@@ -146,19 +185,34 @@
port)))))
(while (and process
(memq (process-status process) '(open run))
- (save-excursion
- (set-buffer buffer) ;; XXX "blue moon" nntp.el bug
+ (progn
(goto-char (point-min))
(not (setq done (re-search-forward tls-success nil t)))))
(unless (accept-process-output process 1)
(sit-for 1)))
(message "Opening TLS connection with `%s'...%s" cmd
(if done "done" "failed"))
- (if done
- (setq done process)
- (delete-process process))))
+ (if (not done)
+ (delete-process process)
+ ;; advance point to after all informational messages that
+ ;; `openssl s_client' and `gnutls' print
+ (let ((start-of-data nil))
+ (while
+ (not (setq start-of-data
+ ;; the string matching `tls-end-of-info'
+ ;; might come in separate chunks from
+ ;; `accept-process-output', so start the
+ ;; search where `tls-success' ended
+ (save-excursion
+ (if (re-search-forward tls-end-of-info nil t)
+ (match-end 0)))))
+ (accept-process-output process 1))
+ (if start-of-data
+ ;; move point to start of client data
+ (goto-char start-of-data)))
+ (setq done process))))
(message "Opening TLS connection to `%s'...%s"
- host (if done "done" "failed"))
+ host (if done "done" "failed")))
(when use-temp-buffer
(if done (set-process-buffer process nil))
(kill-buffer buffer))
next prev parent reply other threads:[~2007-10-30 10:23 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-10-27 10:47 url-retrieve-synchronously randomly fails on https URLs (patch included) Riccardo Murri
2007-10-27 23:41 ` Richard Stallman
2007-10-28 12:40 ` Riccardo Murri
2007-10-29 9:22 ` Richard Stallman
2007-10-29 20:48 ` Riccardo Murri
2007-10-30 5:24 ` Richard Stallman
2007-10-30 10:23 ` Riccardo Murri [this message]
2007-11-02 15:02 ` Richard Stallman
2007-11-02 22:18 ` Reiner Steib
2007-11-02 22:37 ` Miles Bader
2007-11-02 22:50 ` Lennart Borgman (gmail)
2007-11-03 5:48 ` tomas
2007-11-03 9:35 ` Andreas Schwab
2007-11-04 1:26 ` Glenn Morris
2007-11-05 10:26 ` Simon Josefsson
2007-11-05 15:01 ` Stefan Monnier
2007-11-05 15:04 ` Simon Josefsson
[not found] ` <E1IpDzF-0003i4-EJ@fencepost.gnu.org>
2007-11-08 13:20 ` Simon Josefsson
2007-11-06 11:22 ` Riccardo Murri
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1c34ba170710300323y52413e55p3a89930ca80681e6@mail.gmail.com \
--to=riccardo.murri@gmail.com \
--cc=emacs-devel@gnu.org \
--cc=rms@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/emacs.git
https://git.savannah.gnu.org/cgit/emacs/org-mode.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.