diff options
| author | Lars Ingebrigtsen <larsi@gnus.org> | 2016-02-15 18:24:08 +1100 |
|---|---|---|
| committer | Lars Ingebrigtsen <larsi@gnus.org> | 2016-02-15 18:24:08 +1100 |
| commit | 9c74f2fea6bfa6bc38358835539944017cf35917 (patch) | |
| tree | 17463dee36e640d38c302b3ef2c169b4e536e33c /lisp/net/network-stream.el | |
| parent | 40155283c380a795c1a0036a31e1b41ed1df0f38 (diff) | |
| download | emacs-9c74f2fea6bfa6bc38358835539944017cf35917.tar.gz | |
Call the network security manager after doing TLS negotiation
* lisp/net/network-stream.el (network-stream-open-tls):
Postpone NSM verification when running async.
* src/process.c (Fset_process_filter): This function doesn't
need to wait.
(connect_network_socket): Set the process status to "run" only
after TLS negotiation.
(wait_for_socket_fds): Take a name parameter for more debugging.
(wait_reading_process_output): Don't change status to "run"
unless TLS negotiation has finished.
(send_process): Wait for the process here instead of
send_process_string.
(connect_network_socket): Call the network security manager.
Diffstat (limited to 'lisp/net/network-stream.el')
| -rw-r--r-- | lisp/net/network-stream.el | 44 |
1 files changed, 23 insertions, 21 deletions
diff --git a/lisp/net/network-stream.el b/lisp/net/network-stream.el index b0d479f948e..1bba35ac81d 100644 --- a/lisp/net/network-stream.el +++ b/lisp/net/network-stream.el @@ -372,27 +372,29 @@ gnutls-boot (as returned by `gnutls-boot-parameters')." (plist-get parameters :nowait)) (open-tls-stream name buffer host service))) (eoc (plist-get parameters :end-of-command))) - ;; Check certificate validity etc. - (when (and (gnutls-available-p) stream) - (setq stream (nsm-verify-connection stream host service))) - (if (null stream) - (list nil nil nil 'plain) - ;; If we're using tls.el, we have to delete the output from - ;; openssl/gnutls-cli. - (when (and (not (gnutls-available-p)) - eoc) - (network-stream-get-response stream start eoc) - (goto-char (point-min)) - (when (re-search-forward eoc nil t) - (goto-char (match-beginning 0)) - (delete-region (point-min) (line-beginning-position)))) - (let ((capability-command (plist-get parameters :capability-command)) - (eo-capa (or (plist-get parameters :end-of-capability) - eoc))) - (list stream - (network-stream-get-response stream start eoc) - (network-stream-command stream capability-command eo-capa) - 'tls)))))) + (if (plist-get parameters :nowait) + (list stream nil nil 'tls) + ;; Check certificate validity etc. + (when (and (gnutls-available-p) stream) + (setq stream (nsm-verify-connection stream host service))) + (if (null stream) + (list nil nil nil 'plain) + ;; If we're using tls.el, we have to delete the output from + ;; openssl/gnutls-cli. + (when (and (not (gnutls-available-p)) + eoc) + (network-stream-get-response stream start eoc) + (goto-char (point-min)) + (when (re-search-forward eoc nil t) + (goto-char (match-beginning 0)) + (delete-region (point-min) (line-beginning-position)))) + (let ((capability-command (plist-get parameters :capability-command)) + (eo-capa (or (plist-get parameters :end-of-capability) + eoc))) + (list stream + (network-stream-get-response stream start eoc) + (network-stream-command stream capability-command eo-capa) + 'tls))))))) (defun network-stream-open-shell (name buffer host service parameters) (require 'format-spec) |