Re: Emacs core TLS support

[Jason Earl]

On Wed, Sep 29 2010, Ted Zlatanov wrote:

> On Wed, 29 Sep 2010 12:36:59 -0600 Jason Earl <address@hidden> wrote: 
>
> JE> It works here as well, and it seems to be considerably faster to boot.
> JE> There is one thing that I did have to change from an older setup,
> JE> however.  I keep my authinfo file in ~/.emacs.d/authinfo so that I can
> JE> version it with the rest of my emacs stuff.  I used to set
> JE> nnimap-authinfo-file for imaps, but with the newest builds it appears
> JE> that auth-sources is the correct variable to set to customize this.
>
> JE> This is not a criticism, as I am excited to see these changes land.  It
> JE> is just a bit of advice for someone else who is interested in testing
> JE> this code.
>
> I think nnimap.el should maybe warn the user on get-new-news if it
> sees `nnimap-authinfo-file' to save them the frustration of figuring
> this out.

For the record, it wasn't frustrating to me at all.  I have been using
Emacs for quite some time, but I am just getting to the point where I
can use the Emacs source code to actually solve (some) problems.  It was
actually pretty exciting to be able to figure this out.

Which, of course, is why I am using the bzr version of Emacs.  I agree
that warning users of the switch would be a great idea.  While you are
at it you might want to consider doing something with
nntp-authinfo-file.  Perhaps it should use auth-sources as well?

> JE> You also might want to consider changing the (BROKEN) in
> JE> configure.in to (EXPERIMENTAL).
>
> I'll do it when I push the API changes I mentioned, thanks :)
>
> Ted

I did a bit more testing, and now I am not sure that I am using the
built-in gnutls stuff.  I looked in *Messages* and I saw lines with
gnutls-cli.  So I removed gnutls-cli and now apparently openssl is
involved.  This probably means that I am not actually testing the built
in gnutls connections.  Right?  Here's a bit from my current *Messages*

--8<---------------cut here---------------start------------->8---
Opening nnimap server on mail...
Opening TLS connection to `helpdesk.0catch.com'...
Opening TLS connection with `gnutls-cli -p 993 helpdesk.0catch.com'...failed
Opening TLS connection with `gnutls-cli -p 993 helpdesk.0catch.com --protocols 
ssl3'...failed
Opening TLS connection with `openssl s_client -connect helpdesk.0catch.com:993 
-no_ssl2 -ign_eof'...done
Opening TLS connection to `helpdesk.0catch.com'...done
--8<---------------cut here---------------end--------------->8---

So how do I test this?  I did:

./configure --with-gnutls

and I get

--8<---------------cut here---------------start------------->8---
  Does Emacs use -lgnutls (BROKEN)?                       yes
--8<---------------cut here---------------end--------------->8---

What else do I need to do?

Sorry for the confusion.

Jason