;;; gnutls.el --- Support SSL/TLS connections through GnuTLS
-;; Copyright (C) 2010-2014 Free Software Foundation, Inc.
+;; Copyright (C) 2010-2015 Free Software Foundation, Inc.
;; Author: Ted Zlatanov <tzz@lifelogs.com>
;; Keywords: comm, tls, ssl, encryption
(defcustom gnutls-trustfiles
'(
- "/etc/ssl/certs/ca-certificates.crt" ; Debian, Ubuntu, Gentoo and Arch Linux
- "/etc/pki/tls/certs/ca-bundle.crt" ; Fedora and RHEL
- "/etc/ssl/ca-bundle.pem" ; Suse
- "/usr/ssl/certs/ca-bundle.crt" ; Cygwin
+ "/etc/ssl/certs/ca-certificates.crt" ; Debian, Ubuntu, Gentoo and Arch Linux
+ "/etc/pki/tls/certs/ca-bundle.crt" ; Fedora and RHEL
+ "/etc/ssl/ca-bundle.pem" ; Suse
+ "/usr/ssl/certs/ca-bundle.crt" ; Cygwin
+ "/usr/local/share/certs/ca-root-nss.crt" ; FreeBSD
)
"List of CA bundle location filenames or a function returning said list.
The files may be in PEM or DER format, as per the GnuTLS documentation.
Usage example:
- \(with-temp-buffer
- \(open-gnutls-stream \"tls\"
- \(current-buffer)
+ (with-temp-buffer
+ (open-gnutls-stream \"tls\"
+ (current-buffer)
\"your server goes here\"
\"imaps\"))
;; The gnutls library doesn't understand files delivered via
;; the special handlers, so ignore all files found via those.
(file-name-handler-alist nil)
- (trustfiles (or trustfiles
- (delq nil
- (mapcar (lambda (f) (and f (file-exists-p f) f))
- (if (functionp gnutls-trustfiles)
- (funcall gnutls-trustfiles)
- gnutls-trustfiles)))))
+ (trustfiles (or trustfiles (gnutls-trustfiles)))
(priority-string (or priority-string
(cond
((eq type 'gnutls-anon)
process))
+(defun gnutls-trustfiles ()
+ "Return a list of usable trustfiles."
+ (delq nil
+ (mapcar (lambda (f) (and f (file-exists-p f) f))
+ (if (functionp gnutls-trustfiles)
+ (funcall gnutls-trustfiles)
+ gnutls-trustfiles))))
+
(declare-function gnutls-error-string "gnutls.c" (error))
(defun gnutls-message-maybe (doit format &rest params)
(message "%s: (err=[%s] %s) %s"
"gnutls.el"
doit (gnutls-error-string doit)
- (apply 'format format (or params '(nil))))))
+ (apply #'format-message format (or params '(nil))))))
(provide 'gnutls)