Re: url issues

Re: url issues

[Richard Stallman]

    * url-ldap.el, url-gw.el, and url-https.el still reference the ssl
      library, which hasn't been imported from the w3 repository.  (There
      is a tls.el in Emacs now, but it doesn't have all the functions of
      ssl.el, and I don't know how compatible it is otherwise.)


Who would like to look at whether tls.el can do this job?

Re: url issues

[Simon Josefsson]

Richard Stallman <rms@gnu.org> writes:

>     * url-ldap.el, url-gw.el, and url-https.el still reference the ssl
>       library, which hasn't been imported from the w3 repository.  (There
>       is a tls.el in Emacs now, but it doesn't have all the functions of
>       ssl.el, and I don't know how compatible it is otherwise.)
>
>
> Who would like to look at whether tls.el can do this job?

I can do it, but I will be traveling soon, so it may take some while.
Everyone is encouraged to implement the extra ssl.el stuff in tls.el
meanwhile.

Re: url issues

[Francesco Potorti`]

Apparently the List-Id header of this list has been removed.

Is this intentional?

Re: url issues

[Andreas Schwab]

Francesco Potorti` <pot@gnu.org> writes:

> Apparently the List-Id header of this list has been removed.

Doesn't happen for me.

Andreas.

-- 
Andreas Schwab, SuSE Labs, schwab@suse.de
SuSE Linux AG, Maxfeldstraße 5, 90409 Nürnberg, Germany
Key fingerprint = 58CA 54C7 6D53 942B 1756  01D3 44D5 214B 8276 4ED5
"And now for something completely different."

Re: url issues

[Richard Stallman]

    > Who would like to look at whether tls.el can do this job?

    I can do it, but I will be traveling soon, so it may take some while.

Would that be weeks?  We can wait that long.

Re: url issues

[Simon Josefsson]

Richard Stallman <rms@gnu.org> writes:

>     > Who would like to look at whether tls.el can do this job?
>
>     I can do it, but I will be traveling soon, so it may take some while.
>
> Would that be weeks?  We can wait that long.

I looked briefly now, and it was easier than I first thought, because
ssl-accept-ca-certificate in ssl.el is not used by URL.  That function
will be more difficult to rewrite, if it is needed in the future.  I
have installed the patch below, together with a fix to tls.el with
some new functionality.

Could someone who use SSL/TLS in URL test if this work?  You will have
to install GnuTLS and set url-gateway-method to `tls' if you already
have OpenSSL and ssl.el installed.

Eventually the ssl.el support could be removed, but I think it is to
early to do so now.

2004-10-12  Simon Josefsson  <jas@extundo.com>

	* url-vars.el (url-gateway-method): Add new method `tls'.

	* url-news.el (url-snews): Use nntp-open-tls-stream if
	url-gateway-method is tls.

	* url-ldap.el (url-ldap-certificate-formatter): Use
	tls-certificate-information if ssl.el is not available.

	* url-https.el (url-https-create-secure-wrapper): Use tls if ssl
	is not available.

	* url-gw.el (url-open-stream): Support tls url-gateway-method.
	(url-open-stream): Likewise.

Index: url-gw.el
===================================================================
RCS file: /cvsroot/emacs/emacs/lisp/url/url-gw.el,v
retrieving revision 1.3
diff -u -p -r1.3 url-gw.el
--- url-gw.el	10 Apr 2004 05:55:48 -0000	1.3
+++ url-gw.el	12 Oct 2004 09:53:41 -0000
@@ -3,7 +3,7 @@
 ;; Keywords: comm, data, processes
 
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
-;;; Copyright (c) 1997, 1998 Free Software Foundation, Inc.
+;;; Copyright (c) 1997, 1998, 2004 Free Software Foundation, Inc.
 ;;;
 ;;; This file is part of GNU Emacs.
 ;;;
@@ -29,6 +29,7 @@
 
 (autoload 'socks-open-network-stream "socks")
 (autoload 'open-ssl-stream "ssl")
+(autoload 'open-tls-stream "tls")
 
 (defgroup url-gateway nil
   "URL gateway variables"
@@ -212,6 +213,7 @@ Args per `open-network-stream'.
 Will not make a connexion if `url-gateway-unplugged' is non-nil."
   (unless url-gateway-unplugged
     (let ((gw-method (if (and url-gateway-local-host-regexp
+			      (not (eq 'tls url-gateway-method))
 			      (not (eq 'ssl url-gateway-method))
 			      (string-match
 			       url-gateway-local-host-regexp
@@ -242,6 +244,8 @@ Will not make a connexion if `url-gatewa
 	  (let ((coding-system-for-read 'binary)
 		(coding-system-for-write 'binary))
 	    (setq conn (case gw-method
+			 (tls
+			  (open-tls-stream name buffer host service))
 			 (ssl
 			  (open-ssl-stream name buffer host service))
 			 ((native)
Index: url-https.el
===================================================================
RCS file: /cvsroot/emacs/emacs/lisp/url/url-https.el,v
retrieving revision 1.5
diff -u -p -r1.5 url-https.el
--- url-https.el	16 Apr 2004 22:02:46 -0000	1.5
+++ url-https.el	12 Oct 2004 09:53:41 -0000
@@ -1,4 +1,4 @@
-;;; url-https.el --- HTTP over SSL routines
+;;; url-https.el --- HTTP over SSL/TLS routines
 
 ;; Copyright (c) 1999, 2004 Free Software Foundation, Inc.
 
@@ -30,6 +30,7 @@
 (require 'url-parse)
 (require 'url-cookie)
 (require 'url-http)
+(require 'tls)
 
 (defconst url-https-default-port 443 "Default HTTPS port.")
 (defconst url-https-asynchronous-p t "HTTPS retrievals are asynchronous.")
@@ -38,12 +39,11 @@
 (defmacro url-https-create-secure-wrapper (method args)
   `(defun ,(intern (format (if method "url-https-%s" "url-https") method)) ,args
     ,(format "HTTPS wrapper around `%s' call." (or method "url-http"))
-    (condition-case ()
-	(require 'ssl)
-      (error
-       (error "HTTPS support could not find `ssl' library")))
-    (let ((url-gateway-method 'ssl))
-      ( ,(intern (format (if method "url-http-%s" "url-http") method)) ,@(remove '&rest (remove '&optional args))))))
+    (let ((url-gateway-method (condition-case ()
+				  (require 'ssl)
+				(error 'tls))))
+      (,(intern (format (if method "url-http-%s" "url-http") method))
+       ,@(remove '&rest (remove '&optional args))))))
 
 (url-https-create-secure-wrapper nil (url callback cbargs))
 (url-https-create-secure-wrapper file-exists-p (url))
Index: url-ldap.el
===================================================================
RCS file: /cvsroot/emacs/emacs/lisp/url/url-ldap.el,v
retrieving revision 1.4
diff -u -p -r1.4 url-ldap.el
--- url-ldap.el	12 Apr 2004 04:04:31 -0000	1.4
+++ url-ldap.el	12 Oct 2004 09:53:41 -0000
@@ -28,6 +28,7 @@
 (require 'url-parse)
 (require 'url-util)
 (require 'ldap)
+(autoload 'tls-certificate-information "tls")
 
 ;; This has been implemented from RFC2255 'The LDAP URL Format' (Dec 1997)
 ;;
@@ -96,7 +97,8 @@
       (require 'ssl)
     (error nil))
   (let ((vals (if (fboundp 'ssl-certificate-information)
-		  (ssl-certificate-information data))))
+		  (ssl-certificate-information data)
+		(tls-certificate-information data))))
     (if (not vals)
 	"<b>Unable to parse certificate</b>"
       (concat "<table border=0>\n"
Index: url-news.el
===================================================================
RCS file: /cvsroot/emacs/emacs/lisp/url/url-news.el,v
retrieving revision 1.5
diff -u -p -r1.5 url-news.el
--- url-news.el	10 Oct 2004 20:38:50 -0000	1.5
+++ url-news.el	12 Oct 2004 09:53:41 -0000
@@ -2,7 +2,7 @@
 ;; Keywords: comm, data, processes
 
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
-;;; Copyright (c) 1996 - 1999 Free Software Foundation, Inc.
+;;; Copyright (c) 1996 - 1999, 2004 Free Software Foundation, Inc.
 ;;;
 ;;; This file is part of GNU Emacs.
 ;;;
@@ -125,7 +125,9 @@
 
 ;;;###autoload
 (defun url-snews (url)
-  (let ((nntp-open-connection-function 'nntp-open-ssl-stream))
+  (let ((nntp-open-connection-function (if (eq 'tls url-gateway-method)
+					   nntp-open-tls-stream
+					 nntp-open-ssl-stream)))
     (url-news url)))
 
 (provide 'url-news)
Index: url-vars.el
===================================================================
RCS file: /cvsroot/emacs/emacs/lisp/url/url-vars.el,v
retrieving revision 1.5
diff -u -p -r1.5 url-vars.el
--- url-vars.el	10 Oct 2004 20:39:48 -0000	1.5
+++ url-vars.el	12 Oct 2004 09:53:41 -0000
@@ -2,7 +2,7 @@
 ;; Keywords: comm, data, processes, hypermedia
 
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
-;;; Copyright (c) 1996,1997,1998,1999,2001 Free Software Foundation, Inc.
+;;; Copyright (c) 1996,1997,1998,1999,2001,2004 Free Software Foundation, Inc.
 ;;;
 ;;; This file is part of GNU Emacs.
 ;;;
@@ -368,12 +368,14 @@ Currently supported methods:
 `telnet': Run telnet in a subprocess to connect;
 `rlogin': Rlogin to another machine to connect;
 `socks': Connect through a socks server;
-`ssl': Connect with SSL;
+`tls': Connect with TLS;
+`ssl': Connect with SSL (deprecated, use `tls' instead);
 `native': Connect directy."
   :type '(radio (const :tag "Telnet to gateway host" :value telnet)
 		(const :tag "Rlogin to gateway host" :value rlogin)
 		(const :tag "Use SOCKS proxy" :value socks)
-		(const :tag "Use SSL for all connections" :value ssl)
+		(const :tag "Use SSL/TLS for all connections" :value tls)
+		(const :tag "Use SSL for all connections (obsolete)" :value ssl)
 		(const :tag "Direct connection" :value native))
   :group 'url-hairy)