Bug fixes and certificate and hostname verification for the Emacs GnuTLS support.

* lisp/net/gnutls.el (gnutls-negotiate): Add hostname, verify-flags, verify-error, and verify-hostname-error parameters. Check whether default trustfile exists before going to use it. Add missing argument to gnutls-message-maybe call. Return return value. Reported by Claudio Bley <claudio.bley@gmail.com>. (open-gnutls-stream): Add usage example. * lisp/net/network-stream.el (network-stream-open-starttls): Give host parameter to `gnutls-negotiate'. (gnutls-negotiate): Adjust `gnutls-negotiate' declaration.
2025-12-15 10:30:25 -08:00 · 2011-04-24 20:31:45 -05:00 · 2011-04-24 20:31:45 -05:00 · 8b492194a9
commit 8b492194a9
parent e061a11b5a
3 changed files with 84 additions and 11 deletions
--- a/lisp/net/network-stream.el
+++ b/lisp/net/network-stream.el
@ -46,7 +46,8 @@
 (require 'starttls)

 (declare-function gnutls-negotiate "gnutls"
-		  (proc type &optional priority-string trustfiles keyfiles))
+                  (proc type host &optional priority-string trustfiles keyfiles
+                        verify-flags verify-error verify-hostname-error))

 ;;;###autoload
 (defun open-network-stream (name buffer host service &rest parameters)
@ -197,7 +198,7 @@ values:
 			  (network-stream-command stream starttls-command eoc))
 	;; The server said it was OK to begin STARTTLS negotiations.
 	(if (fboundp 'open-gnutls-stream)
-	    (gnutls-negotiate stream nil)
+	    (gnutls-negotiate stream nil host)
 	  (unless (starttls-negotiate stream)
 	    (delete-process stream)))
 	(if (memq (process-status stream) '(open run))