From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Ted Zlatanov Newsgroups: gmane.emacs.devel Subject: Re: url library and GnuTLS, and Emacs-issued certificates Date: Sat, 26 Mar 2011 07:07:02 -0500 Organization: =?utf-8?B?0KLQtdC+0LTQvtGAINCX0LvQsNGC0LDQvdC+0LI=?= @ Cienfuegos Message-ID: <87pqpegk61.fsf@lifelogs.com> References: <87mxkojpk4.fsf@lifelogs.com> <87hbawtbq7.fsf@stupidchicken.com> <878vw8hznm.fsf_-_@lifelogs.com> <87ei5xsvl6.fsf@lifelogs.com> <87hbatofix.fsf@stupidchicken.com> NNTP-Posting-Host: lo.gmane.org Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" X-Trace: dough.gmane.org 1301141252 22104 80.91.229.12 (26 Mar 2011 12:07:32 GMT) X-Complaints-To: usenet@dough.gmane.org NNTP-Posting-Date: Sat, 26 Mar 2011 12:07:32 +0000 (UTC) To: emacs-devel@gnu.org Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Sat Mar 26 13:07:26 2011 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([199.232.76.165]) by lo.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1Q3SH7-0000oU-6E for ged-emacs-devel@m.gmane.org; Sat, 26 Mar 2011 13:07:25 +0100 Original-Received: from localhost ([127.0.0.1]:55081 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1Q3SH6-0005YS-H3 for ged-emacs-devel@m.gmane.org; Sat, 26 Mar 2011 08:07:24 -0400 Original-Received: from [140.186.70.92] (port=49156 helo=eggs.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1Q3SH1-0005YN-LF for emacs-devel@gnu.org; Sat, 26 Mar 2011 08:07:20 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Q3SH0-0005xh-Ct for emacs-devel@gnu.org; Sat, 26 Mar 2011 08:07:19 -0400 Original-Received: from lo.gmane.org ([80.91.229.12]:46192) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Q3SH0-0005xc-0o for emacs-devel@gnu.org; Sat, 26 Mar 2011 08:07:18 -0400 Original-Received: from list by lo.gmane.org with local (Exim 4.69) (envelope-from ) id 1Q3SGy-0000ld-92 for emacs-devel@gnu.org; Sat, 26 Mar 2011 13:07:16 +0100 Original-Received: from c-67-186-102-106.hsd1.il.comcast.net ([67.186.102.106]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Sat, 26 Mar 2011 13:07:16 +0100 Original-Received: from tzz by c-67-186-102-106.hsd1.il.comcast.net with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Sat, 26 Mar 2011 13:07:16 +0100 X-Injected-Via-Gmane: http://gmane.org/ Original-Lines: 51 Original-X-Complaints-To: usenet@dough.gmane.org X-Gmane-NNTP-Posting-Host: c-67-186-102-106.hsd1.il.comcast.net X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6; d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT= D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx" User-Agent: Gnus/5.110016 (No Gnus v0.16) Emacs/24.0.50 (gnu/linux) Cancel-Lock: sha1:/6jS5nUWHylwHaHkmGSIeDFSZvg= X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 3) X-Received-From: 80.91.229.12 X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.devel:137711 Archived-At: --=-=-= Content-Type: text/plain On Wed, 23 Mar 2011 14:31:02 -0400 Chong Yidong wrote: CY> On reflection, the best solution is the one that needs the least work CY> from us. So it's probably best to ask the FSF sysadmins to request and CY> install a cert, as you originally suggested. Could you email them? To support HTTPS URLs, we'll at least need the appended patch (so https:// patterns are recognized). I also explicitly mention that file: URLs should be directory names even though it's implicit otherwise because I guarantee you, people will try it anyhow. See what you think. The certificate is installed and https://elpa.gnu.org/ should be up as soon as the firewall is opened for port 443. When the GnuTLS patch is in the trunk we can modify url-http.el as needed to use GnuTLS. Ted --=-=-= Content-Type: text/x-diff Content-Disposition: inline; filename=package-https.patch === modified file 'lisp/emacs-lisp/package.el' --- lisp/emacs-lisp/package.el 2011-03-19 18:27:55 +0000 +++ lisp/emacs-lisp/package.el 2011-03-26 11:36:47 +0000 @@ -224,8 +224,9 @@ Each element has the form (ID . LOCATION). ID is an archive name, as a string. LOCATION specifies the base location for the archive. - If it starts with \"http:\", it is treated as a HTTP URL; + If it starts with \"http:\" or \"https:\", it is treated as a HTTP URL; otherwise it should be an absolute directory name. + (file: URLs should simply be entered as directory names!) (Other types of URL are currently not supported.)" :type '(alist :key-type (string :tag "Archive name") :value-type (string :tag "URL or directory name")) @@ -652,7 +653,7 @@ This macro retrieves FILE from LOCATION into a temporary buffer, and evaluates BODY while that buffer is current. This work buffer is killed afterwards. Return the last value in BODY." - `(let* ((http (string-match "\\`http:" ,location)) + `(let* ((http (string-match "\\`\\(https\\|http\\):" ,location)) (buffer (if http (url-retrieve-synchronously (concat ,location ,file)) --=-=-=--