Use CL-style keyword arguments for `gnutls-negotiate' and allow :keylist and :crlfiles arguments.

* lisp/net/gnutls.el (gnutls-negotiate): Use CL-style keyword arguments instead of positional arguments. Allow :keylist and :crlfiles arguments. (open-gnutls-stream): Call it. * lisp/net/network-stream.el (network-stream-open-starttls): Adjust to call `gnutls-negotiate' with :process and :hostname arguments.
author: Ted Zlatanov <tzz@lifelogs.com> 2011-05-03 20:44:58 -0500
committer: Ted Zlatanov <tzz@lifelogs.com> 2011-05-03 20:44:58 -0500
commit: 48e79d6a80c1ef67fae3f8fd45d753be5cb58ea4 (patch)
tree: b5a2879697c54e52eed58e24fdac7e31b15766ad /lisp/net
parent: ef80fc093a3b13ee9c1575c54b7831bc9cf2ef8b (diff)
download: emacs-48e79d6a80c1ef67fae3f8fd45d753be5cb58ea4.tar.gz
2 files changed, 24 insertions, 16 deletions
diff --git a/lisp/net/gnutls.el b/lisp/net/gnutls.el
index 8b662795665..67d7b2d20d3 100644
--- a/lisp/net/gnutls.el
+++ b/lisp/net/gnutls.el
@@ -35,6 +35,8 @@
 
 ;;; Code:
 
+(eval-when-compile (require 'cl))
+
 (defgroup gnutls nil
   "Emacs interface to the GnuTLS library."
   :prefix "gnutls-"
@@ -72,9 +74,9 @@ This is a very simple wrapper around `gnutls-negotiate'.  See its
 documentation for the specific parameters you can use to open a
 GnuTLS connection, including specifying the credential type,
 trust and key files, and priority string."
-  (gnutls-negotiate (open-network-stream name buffer host service)
-                    'gnutls-x509pki
-                    host))
+  (gnutls-negotiate :process (open-network-stream name buffer host service)
+                    :type 'gnutls-x509pki
+                    :hostname host))
 
 (put 'gnutls-error
      'error-conditions
@@ -85,16 +87,23 @@ trust and key files, and priority string."
 (declare-function gnutls-boot "gnutls.c" (proc type proplist))
 (declare-function gnutls-errorp "gnutls.c" (error))
 
-(defun gnutls-negotiate (proc type hostname &optional priority-string
-                              trustfiles keyfiles verify-flags
-                              verify-error verify-hostname-error)
+(defun* gnutls-negotiate
+    (&rest spec
+           &key process type hostname priority-string
+           trustfiles crlfiles keylist verify-flags
+           verify-error verify-hostname-error
+           &allow-other-keys)
   "Negotiate a SSL/TLS connection.  Returns proc. Signals gnutls-error.
+
+Note arguments are passed CL style, :type TYPE instead of just TYPE.
+
 TYPE is `gnutls-x509pki' (default) or `gnutls-anon'.  Use nil for the default.
-PROC is a process returned by `open-network-stream'.
+PROCESS is a process returned by `open-network-stream'.
 HOSTNAME is the remote hostname.  It must be a valid string.
 PRIORITY-STRING is as per the GnuTLS docs, default is \"NORMAL\".
 TRUSTFILES is a list of CA bundles.
-KEYFILES is a list of client keys.
+CRLFILES is a list of CRL files.
+KEYLIST is an alist of (client key file, client cert file) pairs.
 
 When VERIFY-HOSTNAME-ERROR is not nil, an error will be raised
 when the hostname does not match the presented certificate's host
@@ -141,7 +150,8 @@ defaults to GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT."
                              :hostname ,hostname
                              :loglevel ,gnutls-log-level
                              :trustfiles ,trustfiles
-                             :keyfiles ,keyfiles
+                             :crlfiles ,crlfiles
+                             :keylist ,keylist
                              :verify-flags ,verify-flags
                              :verify-error ,verify-error
                              :verify-hostname-error ,verify-hostname-error
@@ -149,14 +159,14 @@ defaults to GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT."
          ret)
 
     (gnutls-message-maybe
-     (setq ret (gnutls-boot proc type params))
+     (setq ret (gnutls-boot process type params))
      "boot: %s" params)
 
     (when (gnutls-errorp ret)
       ;; This is a error from the underlying C code.
-      (signal 'gnutls-error (list proc ret)))
+      (signal 'gnutls-error (list process ret)))
 
-    proc))
+    process))
 
 (declare-function gnutls-error-string "gnutls.c" (error))
 
diff --git a/lisp/net/network-stream.el b/lisp/net/network-stream.el
index 2071f790656..f3cfd7d058f 100644
--- a/lisp/net/network-stream.el
+++ b/lisp/net/network-stream.el
@@ -45,9 +45,7 @@
 (require 'tls)
 (require 'starttls)
 
-(declare-function gnutls-negotiate "gnutls"
-                  (proc type host &optional priority-string trustfiles keyfiles
-                        verify-flags verify-error verify-hostname-error))
+(declare-function gnutls-negotiate "gnutls" (&rest spec))
 
 ;;;###autoload
 (defun open-network-stream (name buffer host service &rest parameters)
@@ -203,7 +201,7 @@ asynchronously, if possible."
 			  (network-stream-command stream starttls-command eoc))
 	;; The server said it was OK to begin STARTTLS negotiations.
 	(if (fboundp 'open-gnutls-stream)
-	    (gnutls-negotiate stream nil host)
+	    (gnutls-negotiate :process stream :hostname host)
 	  (unless (starttls-negotiate stream)
 	    (delete-process stream)))
 	(if (memq (process-status stream) '(open run))
author	Ted Zlatanov <tzz@lifelogs.com>	2011-05-03 20:44:58 -0500
committer	Ted Zlatanov <tzz@lifelogs.com>	2011-05-03 20:44:58 -0500
commit	48e79d6a80c1ef67fae3f8fd45d753be5cb58ea4 (patch)
tree	b5a2879697c54e52eed58e24fdac7e31b15766ad /lisp/net
parent	ef80fc093a3b13ee9c1575c54b7831bc9cf2ef8b (diff)
download	emacs-48e79d6a80c1ef67fae3f8fd45d753be5cb58ea4.tar.gz