emacs-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: gnus/starttls.el and net/tls.el

From: Simon Josefsson
Subject: Re: gnus/starttls.el and net/tls.el
Date: Thu, 29 Nov 2007 12:34:28 +0100
User-agent: Gnus/5.110007 (No Gnus v0.7) Emacs/22.1 (gnu/linux) 
Sascha Wilde <address@hidden> writes:

> Simon Josefsson <address@hidden> wrote:
>> The problem is the different set of external dependencies:
>>
>>  tls.el: use gnutls-cli (GnuTLS) or s_client (OpenSSL)
>>  starttls.el: use gnutls-cli (GnuTLS) or starttls
>>
>> As far as I can tell, OpenSSL does not support the general starttls
>> behaviour, so we cannot switch to that tls.el and starttls.el both
>> support gnutls+openssl.
>
> I'm not sure that I properly understood the problem (and I haven't read
> the whole thread), but OpenSSL supports StartTLS, like:
>
>   openssl s_client -starttls smtp -connect mail.example.com
>
> does this do what you need to support s_client in starttls.el?

Not entirely, OpenSSL only supports starttls for a few application
protocols:

 -starttls prot - use the STARTTLS command before starting TLS
                 for those protocols that support it, where
                 'prot' defines which one to assume.  Currently,
                 only "smtp", "pop3", "imap", and "ftp" are supported.

Right now, in Emacs, I think starttls support is used for IMAP, SMTP,
POP3 and ManageSieve.  There is no support for Managesieve in OpenSSL...

Further, the starttls elisp functions in Emacs are application protocol
agnostic, so we would have to add a parameter to indicate which
application protocol is used.  That seems like a API layer violation,
but if there were no other problem (like the managesieve issue), maybe
we could do that.

/Simon
reply via email to
[Prev in Thread] Current Thread [Next in Thread]