From ec5c990d86ba7c5ba5b9084719e3c97fcdf3c408 Mon Sep 17 00:00:00 2001
From: Chong Yidong <cyd@gnu.org>
Date: Sat, 15 Oct 2011 12:57:38 -0400
Subject: [PATCH] * net/network-stream.el (network-stream-open-starttls):
 Improve failure detection for lack of TLS capability.

---
 lisp/ChangeLog             |  3 +++
 lisp/net/network-stream.el | 19 ++++++++++++-------
 2 files changed, 15 insertions(+), 7 deletions(-)

diff --git a/lisp/ChangeLog b/lisp/ChangeLog
index 63f199304a6..006c82a3166 100644
--- a/lisp/ChangeLog
+++ b/lisp/ChangeLog
@@ -1,5 +1,8 @@
 2011-10-15  Chong Yidong  <cyd@stupidchicken.com>
 
+	* net/network-stream.el (network-stream-open-starttls): Improve
+	detection of failure due to lack of TLS support.
+
 	* mail/sendmail.el (sendmail-query-once): Tweak prompt message,
 	putting the input text in front and in bold.
 
diff --git a/lisp/net/network-stream.el b/lisp/net/network-stream.el
index 0c3d0285f91..e27b4541ab5 100644
--- a/lisp/net/network-stream.el
+++ b/lisp/net/network-stream.el
@@ -218,7 +218,7 @@ functionality.
 	 (resulting-type 'plain)
 	 (builtin-starttls (and (fboundp 'gnutls-available-p)
 				(gnutls-available-p)))
-	 starttls-command error)
+	 starttls-available starttls-command error)
 
     ;; First check whether the server supports STARTTLS at all.
     (when (and capabilities success-string starttls-function)
@@ -227,10 +227,11 @@ functionality.
     ;; If we have built-in STARTTLS support, try to upgrade the
     ;; connection.
     (when (and starttls-command
-	       (or builtin-starttls
-		   (and (or require-tls
-			    (plist-get parameters :use-starttls-if-possible))
-			(starttls-available-p)))
+	       (setq starttls-available
+		     (or builtin-starttls
+			 (and (or require-tls
+				  (plist-get parameters :use-starttls-if-possible))
+			      (starttls-available-p))))
 	       (not (eq (plist-get parameters :type) 'plain)))
       ;; If using external STARTTLS, drop this connection and start
       ;; anew with `starttls-open-stream'.
@@ -298,9 +299,13 @@ functionality.
 	       ;; support, or no gnutls-cli installed.
 	       (eq resulting-type 'plain))
       (setq error
-	    (if require-tls
+	    (if starttls-available
 		"Server does not support TLS"
-	      "Server supports STARTTLS, but Emacs does not have support for it"))
+	      (concat "Emacs does not support TLS, and no external `"
+		      (if starttls-use-gnutls
+			  starttls-gnutls-program
+			starttls-program)
+		      "' program was found")))
       (delete-process stream)
       (setq stream nil))
     ;; Return value:
-- 
2.39.2