* Re: [PATCH] POP3 Over SSL with openssl [not found] <87mypgi37v.fsf@gmail.com> @ 2008-03-04 22:37 ` Reiner Steib 2008-03-05 12:37 ` Elias Oltmanns 2008-04-13 20:58 ` Reiner Steib 0 siblings, 2 replies; 6+ messages in thread From: Reiner Steib @ 2008-03-04 22:37 UTC (permalink / raw) To: Naohiro Aota; +Cc: Elias Oltmanns, ding, emacs-devel On Mon, Mar 03 2008, Naohiro Aota wrote: > I tried to retrieve mails by POP3 Over SSL with openssl, but Gnus > stopped working displaing "Retrieving message 1 of 5 from myserver...". > Then I found that without -ign_eof and -quiet argument, openssl doesn't > send line begins with "R" or "Q" to server but renegotiate or quit its > connection. So sending "RETR" command made this problem. > > I suggest to call openssl commands with "-ign_eof" argument. Please find > the patch below. Does anyone see a problem with this? > 2008-03-03 Naohiro Aota <nao.aota@gmail.com> > > * tls.el (tls-program): Add -ign_eof argument to call the openssl > commands. > (tls-checktrust): Ditto. > > Index: lisp/tls.el > =================================================================== > RCS file: /usr/local/cvsroot/gnus/lisp/tls.el,v > retrieving revision 7.23 > diff -u -r7.23 tls.el > --- lisp/tls.el 1 Mar 2008 01:48:13 -0000 7.23 > +++ lisp/tls.el 3 Mar 2008 08:56:24 -0000 > @@ -80,7 +80,7 @@ > > (defcustom tls-program '("gnutls-cli -p %p %h" > "gnutls-cli -p %p %h --protocols ssl3" > - "openssl s_client -connect %h:%p -no_ssl2") > + "openssl s_client -connect %h:%p -no_ssl2 -ign_eof") > "List of strings containing commands to start TLS stream to a host. > Each entry in the list is tried until a connection is successful. > %h is replaced with server hostname, %p with port to connect to. > @@ -97,23 +97,23 @@ > :value > ("gnutls-cli -p %p %h" > "gnutls-cli -p %p %h --protocols ssl3" > - "openssl s_client -connect %h:%p -no_ssl2") > + "openssl s_client -connect %h:%p -no_ssl2 -ign_eof") > (set :inline t > ;; FIXME: add brief `:tag "..."' descriptions. > ;; (repeat :inline t :tag "Other" (string)) > ;; See `tls-checktrust': > (const "gnutls-cli --x509cafile /etc/ssl/certs/ca-certificates.crt -p %p %h") > (const "gnutls-cli --x509cafile /etc/ssl/certs/ca-certificates.crt -p %p %h --protocols ssl3") > - (const "openssl s_client -connect %h:%p -CAfile /etc/ssl/certs/ca-certificates.crt -no_ssl2") > + (const "openssl s_client -connect %h:%p -CAfile /etc/ssl/certs/ca-certificates.crt -no_ssl2 -ign_eof") > ;; No trust check: > (const "gnutls-cli -p %p %h") > (const "gnutls-cli -p %p %h --protocols ssl3") > - (const "openssl s_client -connect %h:%p -no_ssl2")) > + (const "openssl s_client -connect %h:%p -no_ssl2 -ign_eof")) > (repeat :inline t :tag "Other" (string))) > (const :tag "Default list of commands" > ("gnutls-cli -p %p %h" > "gnutls-cli -p %p %h --protocols ssl3" > - "openssl s_client -connect %h:%p -no_ssl2")) > + "openssl s_client -connect %h:%p -no_ssl2 -ign_eof")) > (list :tag "List of commands" > (repeat :tag "Command" (string)))) > :version "22.1" > @@ -144,7 +144,7 @@ > \(setq tls-program > '(\"gnutls-cli --x509cafile /etc/ssl/certs/ca-certificates.crt -p %p %h\" > \"gnutls-cli --x509cafile /etc/ssl/certs/ca-certificates.crt -p %p %h --protocols ssl3\" > - \"openssl s_client -connect %h:%p -CAfile /etc/ssl/certs/ca-certificates.crt -no_ssl2\"))" > + \"openssl s_client -connect %h:%p -CAfile /etc/ssl/certs/ca-certificates.crt -no_ssl2 -ign_eof\"))" > :type '(choice (const :tag "Always" t) > (const :tag "Never" nil) > (const :tag "Ask" ask)) Bye, Reiner. -- ,,, (o o) ---ooO-(_)-Ooo--- | PGP key available | http://rsteib.home.pages.de/ ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] POP3 Over SSL with openssl 2008-03-04 22:37 ` [PATCH] POP3 Over SSL with openssl Reiner Steib @ 2008-03-05 12:37 ` Elias Oltmanns 2008-03-05 19:53 ` Naohiro Aota 2008-04-13 20:58 ` Reiner Steib 1 sibling, 1 reply; 6+ messages in thread From: Elias Oltmanns @ 2008-03-05 12:37 UTC (permalink / raw) To: emacs-devel; +Cc: ding Reiner Steib <reinersteib+gmane@imap.cc> wrote: > On Mon, Mar 03 2008, Naohiro Aota wrote: > >> I tried to retrieve mails by POP3 Over SSL with openssl, but Gnus >> stopped working displaing "Retrieving message 1 of 5 from myserver...". >> Then I found that without -ign_eof and -quiet argument, openssl doesn't >> send line begins with "R" or "Q" to server but renegotiate or quit its >> connection. So sending "RETR" command made this problem. >> >> I suggest to call openssl commands with "-ign_eof" argument. Please find >> the patch below. > > Does anyone see a problem with this? Since I don't use POP3, I can't test that. However, it looks fine to me and it certainly doesn't break IMAP (checked that). Regards, Elias ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] POP3 Over SSL with openssl 2008-03-05 12:37 ` Elias Oltmanns @ 2008-03-05 19:53 ` Naohiro Aota 2008-03-06 10:14 ` Elias Oltmanns 0 siblings, 1 reply; 6+ messages in thread From: Naohiro Aota @ 2008-03-05 19:53 UTC (permalink / raw) To: Elias Oltmanns; +Cc: ding, emacs-devel Elias Oltmanns <eo@nebensachen.de> writes: > Reiner Steib <reinersteib+gmane@imap.cc> wrote: >> On Mon, Mar 03 2008, Naohiro Aota wrote: >> >>> I tried to retrieve mails by POP3 Over SSL with openssl, but Gnus >>> stopped working displaing "Retrieving message 1 of 5 from myserver...". >>> Then I found that without -ign_eof and -quiet argument, openssl doesn't >>> send line begins with "R" or "Q" to server but renegotiate or quit its >>> connection. So sending "RETR" command made this problem. >>> >>> I suggest to call openssl commands with "-ign_eof" argument. Please find >>> the patch below. >> >> Does anyone see a problem with this? > > Since I don't use POP3, I can't test that. However, it looks fine to me > and it certainly doesn't break IMAP (checked that). Aren't you using "ssl" as nnimap-stream? If so, please check `imap-ssl-program' to find out how openssl is called. By default, this variable is set as following. '("openssl s_client -quiet -ssl3 -connect %s:%p" "openssl s_client -quiet -ssl2 -connect %s:%p" "s_client -quiet -ssl3 -connect %s:%p" "s_client -quiet -ssl2 -connect %s:%p") In this case, openssl is called with "-quiet" argument, which also make openssl ignore eof, so that it works fine. Regards, Naohiro ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] POP3 Over SSL with openssl 2008-03-05 19:53 ` Naohiro Aota @ 2008-03-06 10:14 ` Elias Oltmanns 2008-03-08 10:04 ` Naohiro Aota 0 siblings, 1 reply; 6+ messages in thread From: Elias Oltmanns @ 2008-03-06 10:14 UTC (permalink / raw) To: emacs-devel; +Cc: ding Naohiro Aota <nao.aota@gmail.com> wrote: > Elias Oltmanns <eo@nebensachen.de> writes: > >> Reiner Steib <reinersteib+gmane@imap.cc> wrote: >>> On Mon, Mar 03 2008, Naohiro Aota wrote: >>> >>>> I tried to retrieve mails by POP3 Over SSL with openssl, but Gnus >>>> stopped working displaing "Retrieving message 1 of 5 from myserver...". >>>> Then I found that without -ign_eof and -quiet argument, openssl doesn't >>>> send line begins with "R" or "Q" to server but renegotiate or quit its >>>> connection. So sending "RETR" command made this problem. >>>> >>>> I suggest to call openssl commands with "-ign_eof" argument. Please find >>>> the patch below. >>> >>> Does anyone see a problem with this? >> >> Since I don't use POP3, I can't test that. However, it looks fine to me >> and it certainly doesn't break IMAP (checked that). > > Aren't you using "ssl" as nnimap-stream? No, I'm using tls. Sorry if you got the wrong impression, but my comment was meant as an acknowledgement to back your change. > If so, please check `imap-ssl-program' to find out how openssl is > called. By default, this variable is set as following. > > '("openssl s_client -quiet -ssl3 -connect %s:%p" > "openssl s_client -quiet -ssl2 -connect %s:%p" > "s_client -quiet -ssl3 -connect %s:%p" > "s_client -quiet -ssl2 -connect %s:%p") > > In this case, openssl is called with "-quiet" argument, which also make > openssl ignore eof, so that it works fine. Yes, I know. All I wanted to confirm was that it also works with tls since your change was concerned with tls-program rather than imap-ssl-program. Regards, Elias ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] POP3 Over SSL with openssl 2008-03-06 10:14 ` Elias Oltmanns @ 2008-03-08 10:04 ` Naohiro Aota 0 siblings, 0 replies; 6+ messages in thread From: Naohiro Aota @ 2008-03-08 10:04 UTC (permalink / raw) To: Elias Oltmanns; +Cc: emacs-devel, ding Elias Oltmanns <eo@nebensachen.de> writes: > Naohiro Aota <nao.aota@gmail.com> wrote: >> Elias Oltmanns <eo@nebensachen.de> writes: >> >>> Reiner Steib <reinersteib+gmane@imap.cc> wrote: >>>> On Mon, Mar 03 2008, Naohiro Aota wrote: >>>> >>>>> I tried to retrieve mails by POP3 Over SSL with openssl, but Gnus >>>>> stopped working displaing "Retrieving message 1 of 5 from myserver...". >>>>> Then I found that without -ign_eof and -quiet argument, openssl doesn't >>>>> send line begins with "R" or "Q" to server but renegotiate or quit its >>>>> connection. So sending "RETR" command made this problem. >>>>> >>>>> I suggest to call openssl commands with "-ign_eof" argument. Please find >>>>> the patch below. >>>> >>>> Does anyone see a problem with this? >>> >>> Since I don't use POP3, I can't test that. However, it looks fine to me >>> and it certainly doesn't break IMAP (checked that). >> >> Aren't you using "ssl" as nnimap-stream? > > No, I'm using tls. Sorry if you got the wrong impression, but my comment > was meant as an acknowledgement to back your change. > >> If so, please check `imap-ssl-program' to find out how openssl is >> called. By default, this variable is set as following. >> >> '("openssl s_client -quiet -ssl3 -connect %s:%p" >> "openssl s_client -quiet -ssl2 -connect %s:%p" >> "s_client -quiet -ssl3 -connect %s:%p" >> "s_client -quiet -ssl2 -connect %s:%p") >> >> In this case, openssl is called with "-quiet" argument, which also make >> openssl ignore eof, so that it works fine. > > Yes, I know. All I wanted to confirm was that it also works with tls > since your change was concerned with tls-program rather than > imap-ssl-program. Oups. I'm sorry for my misunderstanding. Thanks for your testing. Regards, Naohiro ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] POP3 Over SSL with openssl 2008-03-04 22:37 ` [PATCH] POP3 Over SSL with openssl Reiner Steib 2008-03-05 12:37 ` Elias Oltmanns @ 2008-04-13 20:58 ` Reiner Steib 1 sibling, 0 replies; 6+ messages in thread From: Reiner Steib @ 2008-04-13 20:58 UTC (permalink / raw) To: Naohiro Aota; +Cc: ding, emacs-devel, Elias Oltmanns On Tue, Mar 04 2008, Reiner Steib wrote: > On Mon, Mar 03 2008, Naohiro Aota wrote: > >> I tried to retrieve mails by POP3 Over SSL with openssl, but Gnus >> stopped working displaing "Retrieving message 1 of 5 from myserver...". >> Then I found that without -ign_eof and -quiet argument, openssl doesn't >> send line begins with "R" or "Q" to server but renegotiate or quit its >> connection. So sending "RETR" command made this problem. >> >> I suggest to call openssl commands with "-ign_eof" argument. Please find >> the patch below. > > Does anyone see a problem with this? Installed (in Gnus trunk). Thanks for your contribution. Bye, Reiner. -- ,,, (o o) ---ooO-(_)-Ooo--- | PGP key available | http://rsteib.home.pages.de/ ^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2008-04-13 20:58 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <87mypgi37v.fsf@gmail.com>
2008-03-04 22:37 ` [PATCH] POP3 Over SSL with openssl Reiner Steib
2008-03-05 12:37 ` Elias Oltmanns
2008-03-05 19:53 ` Naohiro Aota
2008-03-06 10:14 ` Elias Oltmanns
2008-03-08 10:04 ` Naohiro Aota
2008-04-13 20:58 ` Reiner Steib
Code repositories for project(s) associated with this external index https://git.savannah.gnu.org/cgit/emacs.git https://git.savannah.gnu.org/cgit/emacs/org-mode.git This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.