Manual}). The connection process is called @var{name} (made unique if
necessary). This function returns the connection process.
-If called with @var{nowait}, the process is returned immediately
-(before connecting to the server).
-
@lisp
;; open a HTTPS connection
(open-gnutls-stream "tls" "tls-buffer" "yourserver.com" "https")
@end defun
+@findex gnutls-asynchronous-parameters
+If called with @var{nowait}, the process is returned immediately
+(before connecting to the server). In that case, the process object
+is told what parameters to use when negotiating the connection
+by using the @code{gnutls-asynchronous-parameters} function.
+
The function @code{gnutls-negotiate} is not generally useful and it
may change as needed, so please see @file{gnutls.el} for the details.
:nowait nowait)))
(if nowait
(progn
- (gnutls-mark-process process t)
- (set-process-sentinel process 'gnutls-async-sentinel)
+ (gnutls-asynchronous-parameters
+ process
+ (gnutls-negotiate :type 'gnutls-x509pki
+ :return-keywords t
+ :hostname host))
process)
(gnutls-negotiate :process (open-network-stream name buffer host service)
:type 'gnutls-x509pki
&key process type hostname priority-string
trustfiles crlfiles keylist min-prime-bits
verify-flags verify-error verify-hostname-error
+ return-keywords
&allow-other-keys)
"Negotiate a SSL/TLS connection. Returns proc. Signals gnutls-error.
GNUTLS_VERIFY_DO_NOT_ALLOW_X509_V1_CA_CRT = 256
It must be omitted, a number, or nil; if omitted or nil it
-defaults to GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT."
+defaults to GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT.
+
+If RETURN-KEYWORDS, don't connect to anything, but just return
+the computed parameters that we otherwise would be calling
+gnutls-boot with. The return value will be a list where the
+first element is the TLS type, and the rest of the list consists
+of the keywords."
(let* ((type (or type 'gnutls-x509pki))
;; The gnutls library doesn't understand files delivered via
;; the special handlers, so ignore all files found via those.
:verify-error ,verify-error
:callbacks nil))
- (gnutls-message-maybe
- (setq ret (gnutls-boot process type params))
- "boot: %s" params)
+ (if return-keywords
+ (cons type params)
+ (gnutls-message-maybe
+ (setq ret (gnutls-boot process type params))
+ "boot: %s" params)
- (when (gnutls-errorp ret)
- ;; This is a error from the underlying C code.
- (signal 'gnutls-error (list process ret)))
+ (when (gnutls-errorp ret)
+ ;; This is a error from the underlying C code.
+ (signal 'gnutls-error (list process ret)))
- process))
+ process)))
(defun gnutls-trustfiles ()
"Return a list of usable trustfiles."
(pcase (process-status connection)
(`connect
;; Asynchronous connection
- (if (not (process-sentinel connection))
- (set-process-sentinel connection 'url-http-async-sentinel)
- ;; If we already have a sentinel on this process (for
- ;; instance on TLS connections), then chain them
- ;; together.
- (let ((old (process-sentinel connection)))
- (set-process-sentinel
- connection
- `(lambda (proc why)
- (funcall ',old proc why)
- (url-http-async-sentinel proc why))))))
+ (set-process-sentinel connection 'url-http-async-sentinel))
(`failed
;; Asynchronous connection failed
(error "Could not create connection to %s:%d" host port))
return Qt;
}
-DEFUN ("gnutls-mark-process", Fgnutls_mark_process, Sgnutls_mark_process, 2, 2, 0,
- doc: /* Mark this process as being a pre-init GnuTLS process. */)
- (Lisp_Object proc, Lisp_Object state)
+DEFUN ("gnutls-asynchronous-parameters", Fgnutls_asynchronous_parameters,
+ Sgnutls_asynchronous_parameters, 2, 2, 0,
+ doc: /* Mark this process as being a pre-init GnuTLS process.
+The second parameter is the list of parameters to feed to gnutls-boot
+to finish setting up the connection. */)
+ (Lisp_Object proc, Lisp_Object params)
{
CHECK_PROCESS (proc);
- XPROCESS (proc)->gnutls_wait_p = !NILP (state);
+ XPROCESS (proc)->gnutls_async_parameters = params;
return Qnil;
}
make_number (GNUTLS_E_APPLICATION_ERROR_MIN));
defsubr (&Sgnutls_get_initstage);
- defsubr (&Sgnutls_mark_process);
+ defsubr (&Sgnutls_asynchronous_parameters);
defsubr (&Sgnutls_errorp);
defsubr (&Sgnutls_error_fatalp);
defsubr (&Sgnutls_error_string);
#ifdef HAVE_GNUTLS
p->gnutls_initstage = GNUTLS_STAGE_EMPTY;
+ p->gnutls_async_parameters = Qnil;
#endif
/* If name is already in use, modify it until it is unused. */
max_process_desc = inch;
set_network_socket_coding_system (proc);
+
+#ifdef HAVE_GNUTLS
+ if (!NILP (p->gnutls_async_parameters) && p->is_non_blocking_client) {
+ Fgnutls_boot (proc, Fcar (p->gnutls_async_parameters),
+ Fcdr (p->gnutls_async_parameters));
+ p->gnutls_async_parameters = Qnil;
+ }
+#endif
}
error ("Output file descriptor of %s is closed", SDATA (p->name));
#ifdef HAVE_GNUTLS
- if (p->gnutls_wait_p)
+ /* The TLS connection hasn't been set up yet, so we can't write
+ anything on the socket. */
+ if (p->gnutls_async_parameters)
return;
#endif
unsigned int gnutls_extra_peer_verification;
int gnutls_log_level;
int gnutls_handshakes_tried;
+ Lisp_Object gnutls_async_parameters;
bool_bf gnutls_p : 1;
- bool_bf gnutls_wait_p : 1;
#endif
};
projects / emacs.git / commitdiff