;;; network-stream.el --- open network processes, possibly with encryption
-;; Copyright (C) 2010-2011 Free Software Foundation, Inc.
+;; Copyright (C) 2010-2013 Free Software Foundation, Inc.
;; Author: Lars Magne Ingebrigtsen <larsi@gnus.org>
;; Keywords: network
capability command, and should return the command to switch on
STARTTLS if the server supports STARTTLS, and nil otherwise.
-:always-query-capabilies says whether to query the server for
+:always-query-capabilities says whether to query the server for
capabilities, even if we're doing a `plain' network connection.
:client-certificate should either be a list where the first
certificate. This parameter will only be used when doing TLS
or STARTTLS connections.
-If :use-starttls-if-possible is non-nil, do opportunistic
-STARTTLS upgrades even if Emacs doesn't have built-in TLS
-functionality.
+:use-starttls-if-possible is a boolean that says to do opportunistic
+STARTTLS upgrades even if Emacs doesn't have built-in TLS functionality.
:nowait is a boolean that says the connection should be made
asynchronously, if possible."
(resulting-type 'plain)
(builtin-starttls (and (fboundp 'gnutls-available-p)
(gnutls-available-p)))
- starttls-command error)
+ starttls-available starttls-command error)
;; First check whether the server supports STARTTLS at all.
(when (and capabilities success-string starttls-function)
;; If we have built-in STARTTLS support, try to upgrade the
;; connection.
(when (and starttls-command
- (or builtin-starttls
- (and (or require-tls
- (plist-get parameters :use-starttls-if-possible))
- (starttls-available-p)))
+ (setq starttls-available
+ (or builtin-starttls
+ (and (or require-tls
+ (plist-get parameters :use-starttls-if-possible))
+ (starttls-available-p))))
(not (eq (plist-get parameters :type) 'plain)))
;; If using external STARTTLS, drop this connection and start
;; anew with `starttls-open-stream'.
;; EHLO for SMTP.
(when (plist-get parameters :always-query-capabilities)
(network-stream-command stream capability-command eo-capa)))
- (when (string-match success-string
- (network-stream-command stream starttls-command eoc))
+ (when (let ((response
+ (network-stream-command stream starttls-command eoc)))
+ (and response (string-match success-string response)))
;; The server said it was OK to begin STARTTLS negotiations.
(if builtin-starttls
(let ((cert (network-stream-certificate host service parameters)))
;; support, or no gnutls-cli installed.
(eq resulting-type 'plain))
(setq error
- (if require-tls
+ (if (or (null starttls-command)
+ starttls-available)
"Server does not support TLS"
- "Server supports STARTTLS, but Emacs does not have support for it"))
+ ;; See `starttls-available-p'. If this predicate
+ ;; changes to allow running under Windows, the error
+ ;; message below should be amended.
+ (if (memq system-type '(windows-nt ms-dos))
+ (concat "Emacs does not support TLS")
+ (concat "Emacs does not support TLS, and no external `"
+ (if starttls-use-gnutls
+ starttls-gnutls-program
+ starttls-program)
+ "' program was found"))))
(delete-process stream)
(setq stream nil))
;; Return value: