| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
Run "TZ=UTC0 admin/update-copyright $(git ls-files)".
|
|
|
|
|
|
|
| |
* lisp/net/gnutls.el (gnutls-trustfiles): Add cert bundle path for
OpenIndiana (bug#37960).
Copyright-paperwork-exempt: yes
|
|
|
|
| |
* lisp/net/gnutls.el (gnutls-min-prime-bits): Add version tag.
|
|\ |
|
| |
| |
| |
| |
| |
| | |
* lisp/net/gnutls.el (gnutls-min-prime-bits): Set standard value to
nil in order to let GnuTLS manage the minimum DH prime bits
accepted.
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* lisp/net/gnutls.el (gnutls-boot-parameters): Return
`gnutls-crlfiles' in `:crlfiles'.
(gnutls-crlfiles): New defcustom.
(gnutls--get-files): New defun.
(gnutls-trustfiles, gnutls-crlfiles): Delegate to
`gnutls--get-files' to return a list of filenames, accepts glob pattern.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This fixes Bug#33780, and extends the documentation to describe how to
enable use of client certificates.
* lisp/net/network-stream.el (network-stream-certificate): Correct
order of parameters to plist-get.
(network-stream-open-tls): Pass all received parameters to
open-gnutls-stream as plist, not just :nowait.
* lisp/net/gnutls.el (open-gnutls-stream): Change optional nowait arg
to be plist. Derive nowait and client certificate(s) and keys(s) from
plist (maybe via auth-source) and pass to gnutls-boot-parameters and
gnutls-negotiate.
(network-stream-certificate): Add declare-function form for it.
* doc/misc/auth.texi (Help for users): Describe format to use for
client key/cert specification.
* doc/misc/emacs-gnutls.texi (Help For Developers): Describe usage of
optional plist argument. Add crossreference to description of
.authinfo format for client key/cert specification.
* etc/NEWS: Describe new client certificate functionality for
'open-network-stream'.
* test/lisp/net/network-stream-tests.el: Add require of network-stream.
(connect-to-tls-ipv4-nowait): Bind network-security-level to 'low
in order to bypass nsm prompting.
(connect-to-tls-ipv6-nowait): Likewise.
(open-network-stream-tls-wait): New test.
(open-network-stream-tls-nowait): New test.
(open-network-stream-tls): New test.
(open-network-stream-tls-nocert): New test.
(open-gnutls-stream-new-api-default): New test.
(open-gnutls-stream-new-api-wait): New test.
(open-gnutls-stream-old-api-wait): New test.
(open-gnutls-stream-new-api-nowait): New test.
(open-gnutls-stream-old-api-nowait): New test.
(open-gnutls-stream-new-api-errors): New test.
The new tests exercise 'open-network-stream' and the old and new
api of 'open-gnutls-stream'.
|
|\ \
| |/
|/|
| |
| |
| | |
2fcf2df Fix copyright years by hand
26bed8b Update copyright year to 2019
2814292 Fix value of default frame height. (Bug#33921)
|
| |
| |
| |
| | |
Run 'TZ=UTC0 admin/update-copyright $(git ls-files)'.
|
|\ \
| |/
| |
| |
| |
| |
| |
| |
| | |
65889a6d12 Fix bootstrap infloop in GNU/Linux alpha
48efd1c98b Minor fix of a recent documentation change
3302b7cd7f Mention the NSM in the gnutls variable doc strings
40c2ce743b Remove test code from last commit
e02d8e29c6 Fix Bug#32084
da5d6dbe39 Fix (length NON-SEQUENCE) documentation
|
| |
| |
| |
| |
| | |
* lisp/net/gnutls.el (gnutls-algorithm-priority): Clarify the doc
string.
|
| |
| |
| |
| |
| |
| |
| |
| | |
* gnutls.el (gnutls-algorithm-priority): Mention the Network
Security Manager here since this variable is an obvious place
for people concerned about network security to look.
(gnutls-verify-error): Ditto.
(gnutls-min-prime-bits): Ditto.
|
| |
| |
| |
| | |
* lisp/net/gnutls.el (puny): Require punycode.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* lisp/net/gnutls.el (open-gnutls-stream): IDNA-encode hostnames
before passing them on to gnutls for verification.
* lisp/net/network-stream.el (network-stream-open-starttls): Ditto.
* lisp/url/url-http.el (url-http--get-referer): Be IDNA-aware.
(url-http-create-request): Don't de-Unicodify host names, because
they may be IDNA names (that are later encoded).
* lisp/url/url-util.el (url-domain): Be IDNA-aware when doing
domain name computations.
|
| |
| |
| |
| |
| | |
* lisp/net/gnutls.el (gnutls-verify-error): Mention that the
matching is first-match (bug#29977).
|
|/
|
|
|
|
| |
* lisp/net/gnutls.el (gnutls-boot-parameters): Convert to
first-match for gnutls-verify-error rather than any-match
(bug#29977).
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* doc/lispref/processes.texi (Asynchronous Processes): Explain what
the 'stopped' state means for a pipe process.
* src/process.c (Fmake_process, Fmake_pipe_process)
(Fmake_serial_process, Fmake_network_process):
* lisp/subr.el (start-process):
* lisp/net/tls.el (open-tls-stream):
* lisp/net/starttls.el (starttls-open-stream):
* lisp/net/gnutls.el (open-gnutls-stream): Remove meaningless phrase
"specify an output stream" phrase from docstring.
|
|
|
|
| |
Run admin/update-copyright.
|
|
|
|
|
|
|
|
|
| |
* lisp/net/gnutls.el (gnutls-boot-parameters): Use it to set %DUMBFW
only when it's supported as "ClientHello Padding" (Bug#25061).
* src/gnutls.c (Fgnutls_available_p): Get extension names and
put them in the GnuTLS capabilities, using a hard-coded limit
of 100 since GnuTLS MAX_EXT_TYPES is not exported.
|
|
|
|
|
|
|
|
|
|
| |
* lisp/net/gnutls.el (gnutls-boot-parameters): Add %DUMBFW to
the default priority strings (Bug#25061).
* etc/NEWS: Mention it.
* doc/misc/emacs-gnutls.texi (Help For Users): Point to the
GnuTLS priority string documentation URL.
|
|
|
|
|
| |
Problem reported by Mark Ferlatte (Bug#28603).
* lisp/net/gnutls.el (gnutls-trustfiles): Add /etc/ssl/cert.pem for macOS.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Most of this change is to boilerplate commentary such as license URLs.
This change was prompted by ftp://ftp.gnu.org's going-away party,
planned for November. Change these FTP URLs to https://ftp.gnu.org
instead. Make similar changes for URLs to other organizations moving
away from FTP. Also, change HTTP to HTTPS for URLs to gnu.org and
fsf.org when this works, as this will further help defend against
man-in-the-middle attacks (for this part I omitted the MS-DOS and
MS-Windows sources and the test tarballs to keep the workload down).
HTTPS is not fully working to lists.gnu.org so I left those URLs alone
for now.
|
|\
| |
| |
| |
| |
| | |
eaa00584ceb Improve documentation of 'gnutls-verify-error'
908498cc01b ; etc/PROBLEMS: Describe GTK-related crashes on elementar...
741daec617e ; Describe the problem with ksh when resizing shell window
|
| |
| |
| |
| |
| | |
* lisp/net/gnutls.el (gnutls-verify-error): Improve and expand
doc string. (Bug#26845)
|
|\ \
| |/
| |
| |
| | |
2e2a806 Fix copyright years by hand
5badc81 Update copyright year to 2017
|
| |
| |
| |
| | |
Run admin/update-copyright.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* lisp/net/gnutls.el (gnutls-negotiate): Make negotiation blocking.
* src/gnutls.c (Fgnutls_boot): Provide a new keyword,
:complete-negotiation, to specify that we want complete
negotiation even if the socket is non-blocking.
(gnutls_try_handshake): Complete negotiation if given that keyword.
* src/process.h (L): Added gnutls_complete_negotiation_p.
|
|\ \ |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* doc/lispref/processes.texi (Network Processes): Clarify the
meaning of :tls-parameters.
* lisp/net/gnutls.el (open-gnutls-stream): Clarify :nowait.
* lisp/net/gnutls.el (gnutls-boot-parameters): Factor out into
own function.
(gnutls-negotiate): Use it.
(open-gnutls-stream): Ditto.
* src/eval.c (vformat_string): Refactor out the printing bits
from verror.
(verror): Use it.
* src/gnutls.c (boot_error): Mark failed processes with the
real error message.
* src/lisp.h: Declare vformat_string.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* lisp/net/gnutls.el (open-gnutls-stream): Pass the TLS
keywords in directly so that they can be used when doing
synchronous DNS on non-synchronous connections.
* lisp/net/network-stream.el (open-network-stream): Allow
passing in the TLS parameters directly.
* src/process.c (conv_numerical_to_lisp): New function to convert
numerical addresses to Lisp.
(Fmake_network_process): Rework the non-HAVE_ADDRINFO code
paths so that they work again.
(syms_of_process): Build fix for non-glibc systems.
|
| | |
| | |
| | |
| | | |
* lisp/net/gnutls.el (gnutls-async-sentinel): Remove.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* lisp/net/gnutls.el (open-gnutls-stream): Compute the
gnutls-boot parameters and pass them to the process object.
(gnutls-negotiate): New parameter :return-keywords that won't
connect to anything, just compute the keywords.
* lisp/url/url-http.el (url-http): Revert async TLS sentinel
hack, which is no longer necessary.
* src/gnutls.c (Fgnutls_asynchronous_parameters): Rename from
gnutls-mark-process.
* src/process.c (connect_network_socket): If we're connecting to
an asynchronous TLS socket, complete the GnuTLS boot sequence here.
* src/process.h: New parameter gnutls_async_parameters.
|
| | | |
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* doc/misc/emacs-gnutls.texi (Help For Developers): Mention
the nowait parameter.
* lisp/net/gnutls.el (open-gnutls-stream): Allow asynchronous
connections with the new nowait parameter.
* lisp/net/network-stream.el (network-stream-open-tls): Pass
on :nowait to open-gnutls-stream.
* lisp/url/url-http.el (url-http): Don't overwrite the
sentinel created by open-gnutls-stream.
* src/gnutls.c (Fgnutls_mark_process): New function.
* src/process.c (send_process): Don't write to GnuTLS sockets that
haven't been initialised yed.
* src/process.h: New slot gnutls_wait_p.
|
|/
|
|
|
|
|
|
|
|
|
|
|
| |
* lisp/gnus/nnimap.el: Use open-network-stream instead of
open-protocol-stream.
* lisp/gnus/nntp.el: Ditto.
* lisp/gnus/pop3.el: Ditto.
* lisp/gnus/sieve-manage.el: Ditto.
* lisp/net/network-stream.el (open-protocol-stream): Make obsolete.
|
|
|
|
| |
Run admin/update-copyright.
|
|
|
|
| |
* lisp/net/gnutls.el (gnutls-trustfiles): Refactor out for reuse by tls.el.
|
|
|
|
|
|
|
|
|
|
|
| |
* doc/misc/emacs-gnutls.texi (Help For Users): Document
FreeBSD bundle.
* lisp/net/gnutls.el (gnutls-trustfiles): Add FreeBSD cert bundle.
Backport:
(cherry picked from commit 60c0f1a18ad88d6dc1a8f4ee5d9d18940eaeb6f7)
|
|
|
|
|
|
|
|
|
|
|
| |
This patch should not change behavior. It typically omits backslashes
where they are redundant (e.g., in the string literal "^\$").
In a few places, insert backslashes where they make regular
expressions clearer: e.g., replace "^\*" (equivalent to "^*") with
"^\\*", which has the same effect as a regular expression.
Also, use ‘\ %’ instead of ‘\%’ when avoiding confusion with SCCS IDs,
and similarly use ‘\ $’ instead of ‘\$’ when avoiding confusion with
RCS IDs, as that makes it clearer that the backslash is intended.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Instead of restyling curved quotes for every call to ‘format’,
create a new function ‘format-message’ that does the restyling,
and using the new function instead of ‘format’ only in contexts
where this seems appropriate.
Problem reported by Dmitry Gutov and Andreas Schwab in:
http://lists.gnu.org/archive/html/emacs-devel/2015-08/msg00826.html
http://lists.gnu.org/archive/html/emacs-devel/2015-08/msg00827.html
* doc/lispref/commands.texi (Using Interactive):
* doc/lispref/control.texi (Signaling Errors, Signaling Errors):
* doc/lispref/display.texi (Displaying Messages, Progress):
* doc/lispref/elisp.texi:
* doc/lispref/help.texi (Keys in Documentation):
* doc/lispref/minibuf.texi (Minibuffer Misc):
* doc/lispref/strings.texi (Formatting Strings):
* etc/NEWS:
Document the changes.
* lisp/abbrev.el (expand-region-abbrevs):
* lisp/apropos.el (apropos-library):
* lisp/calc/calc-ext.el (calc-record-message)
(calc-user-function-list):
* lisp/calc/calc-help.el (calc-describe-key, calc-full-help):
* lisp/calc/calc-lang.el (math-read-big-balance):
* lisp/calc/calc-store.el (calc-edit-variable):
* lisp/calc/calc-units.el (math-build-units-table-buffer):
* lisp/calc/calc-yank.el (calc-edit-mode):
* lisp/calendar/icalendar.el (icalendar-export-region)
(icalendar--add-diary-entry):
* lisp/cedet/mode-local.el (mode-local-print-binding)
(mode-local-describe-bindings-2):
* lisp/cedet/semantic/complete.el (semantic-completion-message):
* lisp/cedet/semantic/edit.el (semantic-parse-changes-failed):
* lisp/cedet/semantic/wisent/comp.el (wisent-log):
* lisp/cedet/srecode/insert.el (srecode-insert-show-error-report):
* lisp/descr-text.el (describe-text-properties-1, describe-char):
* lisp/dframe.el (dframe-message):
* lisp/dired-aux.el (dired-query):
* lisp/emacs-lisp/byte-opt.el (byte-compile-log-lap-1):
* lisp/emacs-lisp/bytecomp.el (byte-compile-log)
(byte-compile-log-file, byte-compile-warn, byte-compile-form):
* lisp/emacs-lisp/cconv.el (cconv-convert, cconv--analyze-use)
(cconv-analyze-form):
* lisp/emacs-lisp/check-declare.el (check-declare-warn):
* lisp/emacs-lisp/checkdoc.el (checkdoc-this-string-valid-engine):
* lisp/emacs-lisp/cl-macs.el (cl-symbol-macrolet):
* lisp/emacs-lisp/edebug.el (edebug-format):
* lisp/emacs-lisp/eieio-core.el (eieio-oref):
* lisp/emacs-lisp/eldoc.el (eldoc-minibuffer-message)
(eldoc-message):
* lisp/emacs-lisp/elint.el (elint-file, elint-log):
* lisp/emacs-lisp/find-func.el (find-function-library):
* lisp/emacs-lisp/macroexp.el (macroexp--obsolete-warning):
* lisp/emacs-lisp/map-ynp.el (map-y-or-n-p):
* lisp/emacs-lisp/nadvice.el (advice--make-docstring):
* lisp/emacs-lisp/package.el (package-compute-transaction)
(package-install-button-action, package-delete-button-action)
(package-menu--list-to-prompt):
* lisp/emacs-lisp/timer.el (timer-event-handler):
* lisp/emacs-lisp/warnings.el (lwarn, warn):
* lisp/emulation/viper-cmd.el:
(viper-toggle-parse-sexp-ignore-comments)
(viper-kill-buffer, viper-brac-function):
* lisp/emulation/viper-macs.el (viper-record-kbd-macro):
* lisp/facemenu.el (facemenu-add-new-face):
* lisp/faces.el (face-documentation, read-face-name)
(face-read-string, read-face-font, describe-face):
* lisp/files.el (find-alternate-file, hack-local-variables)
(hack-one-local-variable--obsolete, write-file)
(basic-save-buffer, delete-directory):
* lisp/format.el (format-write-file, format-find-file)
(format-insert-file):
* lisp/help-fns.el (help-fns--key-bindings)
(help-fns--compiler-macro, help-fns--obsolete)
(help-fns--interactive-only, describe-function-1)
(describe-variable):
* lisp/help.el (describe-mode):
* lisp/info-xref.el (info-xref-output):
* lisp/info.el (Info-virtual-index-find-node)
(Info-virtual-index, info-apropos):
* lisp/international/kkc.el (kkc-error):
* lisp/international/mule-cmds.el:
(select-safe-coding-system-interactively)
(select-safe-coding-system, describe-input-method):
* lisp/international/mule-conf.el (code-offset):
* lisp/international/mule-diag.el (describe-character-set)
(list-input-methods-1):
* lisp/international/quail.el (quail-error):
* lisp/minibuffer.el (minibuffer-message):
* lisp/mpc.el (mpc--debug):
* lisp/msb.el (msb--choose-menu):
* lisp/net/ange-ftp.el (ange-ftp-message):
* lisp/net/gnutls.el (gnutls-message-maybe):
* lisp/net/newst-backend.el (newsticker--sentinel-work):
* lisp/net/newst-treeview.el (newsticker--treeview-load):
* lisp/net/nsm.el (nsm-query-user):
* lisp/net/rlogin.el (rlogin):
* lisp/net/soap-client.el (soap-warning):
* lisp/net/tramp.el (tramp-debug-message):
* lisp/nxml/nxml-outln.el (nxml-report-outline-error):
* lisp/nxml/nxml-parse.el (nxml-parse-error):
* lisp/nxml/rng-cmpct.el (rng-c-error):
* lisp/nxml/rng-match.el (rng-compile-error):
* lisp/nxml/rng-uri.el (rng-uri-error):
* lisp/obsolete/iswitchb.el (iswitchb-possible-new-buffer):
* lisp/org/org-ctags.el:
(org-ctags-ask-rebuild-tags-file-then-find-tag):
* lisp/proced.el (proced-log):
* lisp/progmodes/ebnf2ps.el (ebnf-log):
* lisp/progmodes/flymake.el (flymake-log):
* lisp/progmodes/vhdl-mode.el (vhdl-warning-when-idle):
* lisp/replace.el (occur-1):
* lisp/simple.el (execute-extended-command)
(undo-outer-limit-truncate, define-alternatives):
* lisp/startup.el (command-line):
* lisp/subr.el (error, user-error, add-to-list):
* lisp/tutorial.el (tutorial--describe-nonstandard-key)
(tutorial--find-changed-keys):
* src/callint.c (Fcall_interactively):
* src/editfns.c (Fmessage, Fmessage_box):
Restyle the quotes of format strings intended for use as a
diagnostic, when restyling seems appropriate.
* lisp/subr.el (format-message): New function.
* src/doc.c (Finternal__text_restyle): New function.
(syms_of_doc): Define it.
|
|
|
|
| |
Run admin/update-copyright.
|
|
|
|
|
|
|
| |
Fixes: debbugs:15866
* lisp/net/gnutls.el (gnutls-negotiate): Ignore files found via
'file-name-handler-alist' since the gnutls library can't use those.
|
| |
|
|
|
|
|
|
| |
* net/gnutls.el (gnutls-negotiate): Don't use cl-mapcan; pass
correct data to `gnutls-boot'.
Reported by Toke Høiland-Jørgensen <toke@toke.dk>.
|
|
|
|
| |
customization option `gnutls-verify-error.
|
| |
|
|
|
|
| |
* net/gnutls.el (gnutls-verify-error): Add version tag.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(cua--deactivate-rectangle): Don't deactivate the mark.
(cua-set-rectangle-mark): Don't set mark-active since
cua--activate-rectangle already does it for us.
(cua--rectangle-highlight-for-redisplay): Unhighlight a previous
non-rectangular region.
* lisp/emulation/cua-base.el (cua-repeat-replace-region):
Use with-current-buffer.
* lisp/net/gnutls.el: Use cl-lib.
(gnutls-negotiate): `mapcan' -> cl-mapcan.
|
|
|
|
|
|
|
|
|
|
|
|
| |
* net/gnutls.el (gnutls-verify-error): New defcustom to control
the behavior when a certificate fails validation. Defaults to
old behavior: never abort, just warn.
(gnutls-negotiate): Use it.
* gnutls.c: Replace `:verify_hostname_error' with `:verify_error',
now a list of certificate validation checks that will abort a
connection with an error.
(Fgnutls_boot): Document it and use it.
|