From: Glenn Morris Date: Sun, 4 Nov 2007 01:18:24 +0000 (+0000) Subject: Riccardo Murri X-Git-Tag: emacs-pretest-22.1.90~431 X-Git-Url: http://git.eshelyaron.com/gitweb/?a=commitdiff_plain;h=7c9008ce0cff13f6ad4aa1d97e68bc88ba70b3a2;p=emacs.git Riccardo Murri Require rx when compiling. (tls-end-of-info): New variable. (open-tls-stream): Keep reading input until `tls-end-of-info' is matched. --- diff --git a/lisp/ChangeLog b/lisp/ChangeLog index 7bc4e8b1e8b..6a448ccadfe 100644 --- a/lisp/ChangeLog +++ b/lisp/ChangeLog @@ -1,3 +1,10 @@ +2007-11-04 Riccardo Murri + + * net/tls.el: Require rx when compiling. + (tls-end-of-info): New variable. + (open-tls-stream): Keep reading input until `tls-end-of-info' is + matched. + 2007-11-03 Ulrich Mueller (tiny change) * simple.el (bad-packages-alist): Anchor semantic regexp. diff --git a/lisp/net/tls.el b/lisp/net/tls.el index 2e890a4a476..bdade42073f 100644 --- a/lisp/net/tls.el +++ b/lisp/net/tls.el @@ -51,10 +51,45 @@ (autoload 'format-spec "format-spec") (autoload 'format-spec-make "format-spec")) +(eval-when-compile + (require 'rx)) + (defgroup tls nil "Transport Layer Security (TLS) parameters." :group 'comm) +(defcustom tls-end-of-info + (rx + (or + ;; `openssl s_client` regexp + (sequence + ;; see ssl/ssl_txt.c lines 219--220 + line-start + " Verify return code: " + (one-or-more not-newline) + "\n" + ;; according to apps/s_client.c line 1515 this is always the last + ;; line that is printed by s_client before the real data + "---\n") + ;; `gnutls` regexp + (sequence + ;; see src/cli.c lines 721-- + (sequence line-start "- Simple Client Mode:\n") + (zero-or-more + (or + "\n" ; ignore blank lines + ;; XXX: we have no way of knowing if the STARTTLS handshake + ;; sequence has completed successfully, because `gnutls` will + ;; only report failure. + (sequence line-start "\*\*\* Starting TLS handshake\n")))))) + "Regexp matching end of TLS client informational messages. +Client data stream begins after the last character matched by +this. The default matches `openssl s_client' (version 0.9.8c) +and `gnutls-cli' (version 2.0.1) output." + :version "22.2" + :type 'regexp + :group 'tls) + (defcustom tls-program '("gnutls-cli -p %p %h" "gnutls-cli -p %p %h --protocols ssl3" "openssl s_client -connect %h:%p -no_ssl2") @@ -130,7 +165,9 @@ Fourth arg PORT is an integer specifying a port to connect to." process cmd done) (if use-temp-buffer (setq buffer (generate-new-buffer " TLS"))) - (message "Opening TLS connection to `%s'..." host) + (save-excursion + (set-buffer buffer) + (message "Opening TLS connection to `%s'..." host) (while (and (not done) (setq cmd (pop cmds))) (message "Opening TLS connection with `%s'..." cmd) (let ((process-connection-type tls-process-connection-type) @@ -146,19 +183,34 @@ Fourth arg PORT is an integer specifying a port to connect to." port))))) (while (and process (memq (process-status process) '(open run)) - (save-excursion - (set-buffer buffer) ;; XXX "blue moon" nntp.el bug + (progn (goto-char (point-min)) (not (setq done (re-search-forward tls-success nil t))))) (unless (accept-process-output process 1) - (sit-for 1))) + (sit-for 1))) (message "Opening TLS connection with `%s'...%s" cmd (if done "done" "failed")) - (if done - (setq done process) - (delete-process process)))) + (if (not done) + (delete-process process) + ;; advance point to after all informational messages that + ;; `openssl s_client' and `gnutls' print + (let ((start-of-data nil)) + (while + (not (setq start-of-data + ;; the string matching `tls-end-of-info' + ;; might come in separate chunks from + ;; `accept-process-output', so start the + ;; search where `tls-success' ended + (save-excursion + (if (re-search-forward tls-end-of-info nil t) + (match-end 0))))) + (accept-process-output process 1)) + (if start-of-data + ;; move point to start of client data + (goto-char start-of-data))) + (setq done process)))) (message "Opening TLS connection to `%s'...%s" - host (if done "done" "failed")) + host (if done "done" "failed"))) (when use-temp-buffer (if done (set-process-buffer process nil)) (kill-buffer buffer))