* src/gnutls.c (gnutls_symmetric): Cache the results from
Fgnutls_ciphers, since that function isn't very fast (bug#42998).
(syms_of_gnutls): Initialize cache variable.
* nt/mingw-cfg.site (gl_cv_lib_assume_bcrypt): Set to "no" to
disable linking against bcrypt.dll. (Bug#42095)
* src/gnutls.c (gnutls_rnd) [WINDOWSNT]: Don't define a function
pointer, and don't load it from GnuTLS DLL.
(w32_gnutls_rnd) [WINDOWSNT]: Delete unused function.
* src/fns.c (gnutls_rnd) [WINDOWSNT]: Don't redirect to
w32_gnutls_rnd.
* src/gnutls.c (syms_of_gnutls) <libgnutls-version>: Define with
DEFVAR_LISP and add docstring, so that this variable will accessible by
help facilities.
* src/gnutls.c: Move the "#ifdef HAVE_GNUTLS" earlier, so
that "./configure --enable-gcc-warnings --without-gnutls"
does not complain about macros being defined but never used.
Indent "#" directives more consistently.
Problem reported by Robert Pluim in
https://lists.gnu.org/r/emacs-devel/2019-09/msg00127.html
* src/gnutls.c (Fgnutls_peer_status): Simplify test for
whether the :safe-renegotiation result is needed, so that it
works all the way back to GnuTLS 2.12.2.
* src/gnutls.c (init_gnutls_functions) [WINDOWSNT]: Define and
load gnutls_free by an explicit call to GetProcAddress.
(gnutls_free) [WINDOWSNT]: Define as a macro that dereferences
a function pointer. (Bug#31946)
(Fgnutls_format_certificate): Use make_string_from_bytes
instead of going through an intermediate malloc'ed buffer.
* src/gnutls.c (init_gnutls_functions) [WINDOWSNT]: Define and
load gnutls_free.
(Fgnutls_format_certificate): Use gnutls_free instead of
xfree. This prevents crashes on MS-Windows, since the memory
being released was allocated inside GnuTLS. (Bug#31946)
* src/gnutls.c (Fgnutls_peer_status): Report :compression and
:encrypt-then-mac only if the underlying GnuTLS library has
the corresponding features. This give the Elisp caller a bit
more information about the peer status.
* lisp/net/nsm.el (nsm-protocol-check--compression):
Don’t worry about compression in newer GnuTLS versions
that do not support compression.
The recent changes caused the build to fail on Fedora 30 when built
with --enable-gcc-warnings, among other things with diagnostics that
gnutls_compression_get and gnutls_compression_get_name are deprecated
(this started with GnuTLS 3.6). Fix this by refusing to call these
obsolescent and now-dummy functions in GnuTLS 3.6 and later. However,
this is just a temporary workaround to get the build working; a real
fix is needed, as network-stream-tests fail.
* src/gnutls.c (HAVE_GNUTLS_COMPRESSION_GET): New macro.
(gnutls_compression_get, gnutls_compression_get_name):
Define only if HAVE_GNUTLS_COMPRESSION_GET.
(init_gnutls_functions): Load the two functions only if
HAVE_GNUTLS_COMPRESSION_GET.
(emacs_gnutls_certificate_export_pem): Use alloca instead of xmalloc.
(Fgnutls_peer_status): Just return "NULL" if the functions
are deprecated.
(Fgnutls_format_certificate): Fix pointer signedness glitches.
* src/process.c: Fix spacing.
printmax_t etc. were needed only for platforms that lacked
support for printing intmax_t. These platforms are now so
obsolete that they are no longer practical porting targets.
* src/image.c (gs_load): Fix unlikely buffer overrun
discovered while making these changes. It was introduced in
2011-07-17T00:34:43!eggert@cs.ucla.edu.
* src/lisp.h (printmax_t, uprintmax_t, pMd, pMu, pMx):
Remove. All uses replaced by their standard counterparts
intmax_t, uintmax_t, PRIdMAX, PRIuMAX, PRIxMAX.
The main new thing here is that C code can now say
‘list (a, b, c, d, e, f)’ instead of
‘listn (CONSTYPE_HEAP, 6, a, b, c, d, e, f)’,
thus relieving callers of the responsibility of counting
arguments (plus, the code feels more like Lisp). The old
list1 ... list5 functions remain, as they’re probably a bit
faster for small lists.
* src/alloc.c (cons_listn, pure_listn): New functions.
(listn): Omit enum argument.
All callers changed to use either new ‘list’ or ‘pure_list’ macros.
* src/charset.c (Fdefine_charset_internal):
* src/coding.c (detect_coding_system)
(Fset_terminal_coding_system_internal):
* src/frame.c (frame_size_history_add, adjust_frame_size):
* src/gtkutil.c (xg_frame_set_char_size):
* src/keyboard.c (command_loop_1):
* src/nsfns.m (frame_geometry):
* src/widget.c (set_frame_size):
* src/xfaces.c (Fcolor_distance):
* src/xfns.c (frame_geometry):
* src/xterm.c (x_set_window_size_1):
* src/xwidget.c (Fxwidget_size_request):
Prefer list1i, list2i, etc. to open-coding them.
* src/charset.c (Fset_charset_priority):
* src/nsterm.m (append2):
* src/window.c (window_list):
* src/xfaces.c (Fx_list_fonts):
Use nconc2 instead of open-coding it.
* src/eval.c (eval_sub, backtrace_frame_apply):
* src/kqueue.c (kqueue_generate_event):
* src/nsterm.m (performDragOperation:):
* src/pdumper.c (Fpdumper_stats):
* src/w32.c (init_environment):
Prefer list1, list2, etc. to open-coding them.
* src/font.c (font_list_entities):
Parenthesize to avoid expanding new ‘list’ macro.
* src/gtkutil.c (GETSETUP): Rename from MAKE_FLOAT_PAGE_SETUP
to get lines to fit. Move outside the ‘list’ call, since it’s
now a macro.
* src/keymap.c (Fmake_keymap): Simplify.
* src/lisp.h (list, pure_list): New macros.
(list1i): New function.
Formerly they were fixnums, which led to problems when dealing
with values that might not fit on 32-bit platforms, such as
string-chars-consed or floats_consed. 64-bit counters should
be good enough for these (for a while, anyway...).
While we’re at it, fix some unlikely integer overflow bugs
that have been in the code for a while.
* lib-src/make-docfile.c (write_globals):
* src/data.c (do_symval_forwarding, store_symval_forwarding):
* src/eval.c (restore_stack_limits, call_debugger):
* src/frame.h (struct frame.cost_calculation_baud_rate):
* src/keyboard.c (last_auto_save, bind_polling_period, read_char):
* src/lisp.h (struct Lisp_Intfwd.intvar):
* src/lread.c (defvar_int):
* src/pdumper.c (dump_fwd_int):
* src/thread.h (struct thread_state.m_lisp_eval_depth):
* src/undo.c (truncate_undo_list):
* src/xselect.c (wait_for_property_change)
(x_get_foreign_selection):
* src/xterm.c (x_emacs_to_x_modifiers):
DEFVAR_INT variables now have the C type intmax_t, not EMACS_INT.
* src/data.c (store_symval_forwarding):
* src/gnutls.c (Fgnutls_boot):
* src/keyboard.c (bind_polling_period):
* src/macros.c (pop_kbd_macro, Fexecute_kbd_macro):
* src/undo.c (truncate_undo_list):
Allow any integer that fits into intmax_t, instead of
requiring it to be a Lisp fixnum.
* src/dispnew.c (update_window):
* src/frame.c (x_figure_window_size):
* src/gnutls.c (init_gnutls_functions)
(emacs_gnutls_handle_error):
* src/keyboard.c (make_lisp_event):
* src/nsterm.m (ns_dumpglyphs_image):
* src/profiler.c (make_log):
* src/scroll.c (calculate_scrolling)
(calculate_direct_scrolling):
* src/termcap.c (tputs):
* src/xterm.c (x_draw_image_relief):
Avoid implementation-defined behavior on conversion of
out-of-range integers.
* src/eval.c (when_entered_debugger): Now intmax_t.
(max_ensure_room): New function, that avoids signed integer overflow.
(call_debugger, signal_or_quit): Use it.
* src/fileio.c (Fdo_auto_save):
* src/keyboard.c (make_lisp_event):
* src/term.c (calculate_costs):
* src/xdisp.c (build_desired_tool_bar_string)
(hscroll_window_tree, try_scrolling, decode_mode_spec)
(x_produce_glyphs):
Avoid signed integer overflow.
* src/lisp.h (clip_to_bounds): Generalize to intmax_t.
* src/pdumper.c (dump_emacs_reloc_immediate_emacs_int): Remove, ...
(dump_emacs_reloc_immediate_intmax_t): ... replacing with this
function. All uses changed.
* src/profiler.c (make_log): Omit args. All callers changed.
* src/termcap.c: Include stdlib.h, for atoi.
Include intprops.h.
* src/window.c (sanitize_next_screen_context_lines): New function.
(window_scroll_pixel_based, window_scroll_line_based):
Use it to avoid signed integer overflow.
Retry some calls if interrupted at inopportune times.
These were found by code inspection.
* src/gnutls.c (gnutls_try_handshake): Simplify by using
new emacs_gnutls_handle_error API.
(emacs_gnutls_write): Remove GNUTLS_E_AGAIN hack since
emacs_gnutls_handle_error now does that.
Use emacs_gnutls_handle_error only on errors.
(emacs_gnutls_read): Retry if gnutls_record_recv returns
GNUTLS_E_INTERRUPTED, to be consistent with emacs_read.
(emacs_gnutls_handle_error): Return 0 on fatal errors,
-1 (setting errno) on ordinary errors, to simplify callers.
Assume that ERR is negative, since it always is now.
Map non-fatal GnuTLS errors to errno values as best we can.
* src/process.c (read_process_output) [DATAGRAM_SOCKETS]:
Retry recvfrom if it is interrupted, to be consistent with
how things are handled when not a datagram channel.
(send_process) [DATAGRAM_SOCEKTS]: If sendto is interrupted,
process pending signals and retry it, to be consistent with
how things are handled when not a datagram channel.
Add a new portable dumper as an alternative to unexec. Use it by default.
* src/dmpstruct.awk: New file.
* src/doc.c (get_doc_string): use will_dump_p().
* src/editfns.c (styled_format): silence compiler warning
with UNINIT.
* src/emacs-module.c (syms_of_module): staticpro ltv_mark.
* src/emacs.c (gflags): new variable.
(init_cmdargs): unwrap
(string_starts_with_p, find_argument, dump_error_to_string)
(load_pdump): new functions.
(main): detect pdumper and --temacs invocation; actually load
portable dump when detected; set gflags as appropriate; changes to
init functions throughout to avoid passing explicit
'initialized' argument.
* src/eval.c (inhibit_lisp_code): remove unused variable.
(init_eval_once_for_pdumper): new function.
(init_eval_once): call it.
* src/filelock.c: CANNOT_DUMP -> will_dump_p()
* src/fingerprint-dummy.c: new file
* src/fingerprint.h: new file
* src/fns.c: CANNOT_DUMP -> will_dump_p(), etc.
(weak_hash_tables): remove
(hashfn_equal, hashfn_eql): un-staticify
(make_hash_table): set new 'next_weak' hash table field; drop
global weak_hash_tables logic.
(copy_hash_table): drop global weak_hash_tables logic.
(hash_table_rehash): new function.
(hash_lookup, hash_put, hash_remove_from_table, hash_clear):
rehash if needed.
(sweep_weak_table): un-staticify; explain logic; bool-ify.
(sweep_weak_hash_tables): remove function.
* src/font.c (syms_of_font): remember pdumper stuff.
* src/fontset.c (syms_of_fontset): remember pdumper stuff.
* src/frame.c (make_initial_frame): don't reset Vframe_list.
(init_frame_once_for_pdumper, init_frame_once): new functions.
(syms_of_frame): remove redundant staticpro.
* src/fringe.c (init_fringe_once_for_pdumper): new functin.
(init_fringe_once): call it.
* src/ftcrfont.c (syms_of_ftcrfont_for_pdumper): new function.
(syms_of_ftcrfont): call it.
* src/ftfont.c (syms_of_ftfont_for_pdumper): new function.
(syms_of_ftfont): call it.
* src/ftxont.c (syms_of_ftxfont_for_pdumper): new function.
(syms_of_ftxfont): call it.
* src/gmalloc.c: adjust for pdumper througout
(DUMPED): remove weird custom dumped indicator.
* src/gnutls.c (syms_of_gnutls): pdumper note for
gnutls_global_initialized.
* src/image.c (syms_of_image): add pdumper comment,
initializer note.
* src/insdel.c (prepare_to_modify_buffer_1): account
for buffer contents possibly being in dump image.
* src/keyboard.c (syms_of_keyboard_for_pdumper): new function.
(syms_of_keyboard): staticpro more; call pdumper syms function.
* src/lisp.h: add comments throughout
(gflags): declare.
(will_dump_p, will_bootstrap_p, will_dump_with_pdumper_p)
(dumped_with_pdumper_p, will_dump_with_unexec_p)
(dumped_with_unexec_p, definitely_will_not_unexec_p): new
functions.
(POWER_OF_2, ROUNDUP): move macros.
(PSEUDOVECTOR_TYPE, PSEUDOVECTOR_TYPEP): take vectorlike header
pointer instead of vector; constify.
(Lisp_Hash_Table): add comment about need to rehash on access; add
comment for next_weak.
(HASH_KEY, HASH_VALUE, HASH_HASH, HASH_TABLE_SIZE): const-ify.
(hash_table_rehash): declare.
(hash_rehash_needed_p, hash_rehash_if_needed): new functions.
(finalizers, doomed_finalizers): declare extern.
(SUBR_SECTION_ATTRIBUTE): new macro.
(staticvec, staticidx): un-static-ify.
(sweep_weak_hash_tables): remove declaration.
(sweep_weak_table): declare.
(hashfn_eql, hashfn_equal): declare.
(number_finalizers_run): new variable.
(Vdead): externify when ENABLE_CHECKING.
(gc_root_type): new enumeration.
(gc_root_visitor): new struct.
(visit_static_gc_roots): declare.
(vectorlike_nbytes): declare.
(vector_nbytes): define as trivial inline function wrapper for
vectorlike_nbytes.
(init_obarray_once): change signature.
(primary_thread): extern-ify.
(init_buffer): change signature.
(init_frame_once): declare.
* src/lread.c (readevalloop): adjust for new dumped predicates.
(init_obarray_once): new function.
(ndefsubr): new variable.
(defsubr): increment it.
(load_path_check): adjust for pdumper.
(load_path_default): use pdumper functions; adjust for
dump search.
* src/macfont.m (macfont_init_font_change_handler): avoid
shadowing global.
(syms_of_macfont_for_pdumper): new function.
(syms_of_macfont): call it.
* src/menu.c (syms_of_menu): staticpro more stuff.
* src/minibuf.c (Ftry_completion): rehash if needed.
(init_minibuf_once_for_pdumper): new function.
(init_minibuf_once): call it.
* src/nsfont.m (syms_of_nsfns): staticpro more.
* src/nsfont.m (syms_of_nsfont_for_pdumper): new function.
(syms_of_nsfont): call it.
* src/nsterm.m (syms_of_nsfont): remember pdumper stuff.
* src/pdumper.c: new file.
* src/pdumper.h: new file.
* src/process.c (init_process_emacs): use new pdumper functions
instead of CANNOT_DUMP.
* src/profiler.c (syms_of_profiler_for_pdumper): new function.
(syms_of_profiler_for_pdumper): call it.
* src/search.c (syms_of_search_for_pdumper): new function.
(syms_of_search_for_pdumper): call it.
* src/sheap.c (bss_sbrk_did_unexec): remove.
* src/sheap.h (bss_sbrk_did_unexec): remove.
* src/syntax.c (syms_of_syntax): don't redundantly staticpro
re_match_object.
* src/sysdep.c: use will_dump_with_unexec_p() instead of bss
hack thing.
* src/syssignals.h (init_sigsegv): declare.
* src/systime.h (init_timefns): remove bool from signature.
* src/textprop.c (syms_of_textprop): move staticpro.
* src/thread.c (main_thread_p): constify.
* src/thread.h (main_thread_p): constify.
* src/timefns.c (init_timefns): remove bool from signature.
(syms_of_timefns_for_pdumper): new function.
(syms_of_timefns): call it.
* src/w32.c: rearrange code.
* src/w32.h (w32_relocate): declare.
* src/w32fns.c (syms_of_w32fns): add pdumper note.
* src/w32font.c (syms_of_w32font_for_pdumper): new function.
(syms_of_w32font): call it.
* src/w32heap.c (using_dynamic_heap): new variable.
(init_heap): use it.
* src/w32menu.c (syms_of_w32menu): add pdumper note.
* src/w32proc.c
(ctrl_c_handler, mainCRTStartup, _start, open_input_file)
(rva_to_section, close_file_data): move here.
* src/w32uniscribe.c (syms_of_w32uniscribe_for_pdumper):
new function.
(syms_of_w32uniscribe): call it.
* src/window.c (init_window_once_for_pdumper): new function.
(init_window_once): call it; staticpro more stuff.
* src/xfont.c (syms_of_xfont_for_pdumper): new function.
(syms_of_xfont): call it.
* src/xftfont.c (syms_of_xftfont_for_pdumper): new function.
(syms_of_xftfont): call it.
* src/xmenu.c (syms_of_xmenu_for_pdumper): new function.
(syms_of_xmenu): call it.
* src/xselect.c (syms_of_xselect_for_pdumper): new function.
(syms_of_xselect): call it.
* src/xsettings.c (syms_of_xsettings): add more pdumper notes.
* src/term.c (syms_of_xterm): add pdumper note.
* src/dispnew.c (init_faces_initial): new function.
(init_display_interactive): rename from init_display; use
will_dump_p instead of !initialized. Initialize faces early for
pdumper if needed.
(init_display): new function.
(syms_of_display_for_pdumper): new function.
(syms_of_display): call it.
* src/dbusbind.c (syms_of_dbusbind): Add TODO for bus reset
on pdumper load.
* src/data.c (Fdefalias): Use will_dump_p
instead of Vpurify_flag.
(Fmake_variable_buffer_local): silence compiler warning with -Og
by making valcontents UNINIT.
(arith_driver): silence compiler warning with UNINIT.
* src/conf_post.h (ATTRIBUTE_SECTION): new macro.
* src/composite.c (composition_gstring_put_cache): rehash hash
table if needed.
* src/coding.c (init_coding_once, syms_of_coding): remember
pdumper stuff.
* src/charset.h (charset_table_size, charset_table_user): declare.
* src/charset.c (charset_table_used, charset_table_size): un-static.
(init_charset_oncem, syms_of_charset): remember pdumper stuff.
* src/category.c (category_table_version): remove obsolete
variable.
* src/callint.c (syms_of_callint): staticpro 'preserved_fns'
(init_callproc): use will_dump_p instead of !CANNOT_DUMP.
* src/bytecode.c (exec_byte_code): rehash table tables if needed
* src/buffer.c (alloc_buffer_text, free_buffer_text): account for
pdumper
(init_buffer_once): add TODO; remember stuff for pdumper.
(init_buffer): don't take initialized argument; adjust
for pdumper.
* src/atimer.c (init_atimer): initialize subr only if
!initialized.
* src/alloc.c: (vector_marked_p, set_vector_marked)
(vectorlike_marked_p, set_vectorlike_marked, cons_marked_p)
(set_cons_marked, string_marked_p, set_string_marked)
(symbol_marked_p, set_symbol_marked, interval_marked_p)
(set_interval_marked): new accessor routines. Use them
instead of raw GC access throughout.
(Vdead): make non-static when ENABLE_CHECKING.
(vectorlike_nbytes): rename of 'vector_nbytes'; take a vectorlike
header as input instead of a vector.
(number_finalizers_run): new internal C variable.
(mark_maybe_object): check for pdumper objects.
(valid_pointer_p): don't be gratuitously inefficient under rr(1).
(make_pure_c_string): add support for size_byte = -2 mode
indicating that string data points into Emacs image rodata.
(visit_vectorlike_root): visits GC roots embedded in
vectorlike objects.
(visit_buffer_root): visits GC roots embedded in
our totally-not-a-buffer buffer global objects.
(visit_static_gc_roots): visit GC roots in the Emacs data section.
(mark_object_root_visitor): root callback used for conventional GC
marking
(weak_hash_tables): new internal variable for tracking found weak
hash tables during GC.
(mark_and_sweep_weak_table_contents): new weak hash table marking.
(garbage_collect_1): use new GC root visitor machinery.
(mark_vectorlike): accept a vectorlike_header instead of a
Lisp_Vector.
(mark_frame, mark_window, mark_hash_table): new functions.
(mark_object): initialize 'm'; check for pdumper objects and use
new mark-bit accessors throughout. Remove some object-specific
marking code and move to helper functions above.
(survives_gc_p): check for pdumper objects.
(gc-sweep): clear pdumper mark bits.
(init_alloc_once_for_pdumper): new helper function for early init
called both during normal init and pdumper load.
(init_alloc_once): pdumper integration.
* src/Makefile.in: Rewrite dumping for pdumper; add pdumper.o;
invoke temacs with --temacs command line option; build dmpstruct.h
from dmpstruct.awk; stop relying on CANNOT_DUMP; clean up pdumper
intermediate files during build.
* nextstep/Makefile.in: build emacs.pdmp into NS packages
* lisp/startup.el: account for new '--temacs' and '--dump-file'
command line option.
* lisp/loadup.el: rewrite early init to account for pdumper; use
injected 'dump-mode' variable (set via the new '--temacs' option)
instead of parsing command line.
* lisp/cus-start.el: Check 'dump-mode' instead of 'purify-flag',
since the new 'dump-mode'
* lib-src/make-fingerprint.c: new program
* lib-src/Makefile.in: built make-fingerprint utility program
* configure.ac: Add --with-pdumper toggle to control pdumper
support; add --with-unexec toggle to control unexec support.
Add --with-dumping option to control which dumping strategy we use
by default. Adjust for pdumper throughout. Check for
posix_madvise.
* Makefile.in: Add @DUMPING@ substitution; add pdumper mode.
* .gitignore: Add make-fingerprint, temacs.in, fingerprint.c,
dmpstruct.h, and pdumper dump files.
I ran into this problem on Ubuntu 18.04.1 LTS.
* src/gnutls.c (HAVE_GNUTLS_CIPHER_GET_IV_SIZE)
(HAVE_GNUTLS_CIPHER_GET_TAG_SIZE, HAVE_GNUTLS_DIGEST_LIST):
New macros. This uses the same style as the other
macros that depend on GnuTLS version, as opposed to trying
to do things a bit more cleverly.
(gnutls_cipher_get_iv_size, gnutls_cipher_get_tag_size)
(gnutls_digest_list, gnutls_digest_get_name):
Define these macros only if they will be used.
d28d54c (origin/emacs-26) More accurate docs for 'text-char-description'
b3baf99 Document synchronous behavior of eshell/make (Bug#32513)
98544ea Fix bs-show with wide characters (Bug#17822)
85af51b Improve Custom menu labels for 2 options
72a2a36 Improve wording of last change in dired-x.texi
d4fa83b Fix GnuTLS test suite with GnuTLS versions 3.4.x
b5bee6b Fix build with gnutls versions 3.0 to 3.2 (Bug#32446)
67eb80e ; * etc/enriched.txt (hanging-indents): Remove extra indent.
c71cfb7 Fix the Bubbles game on TTY frames
3bbf21b Add choice to reshow certificate information (Bug#31877)
6f2c471 * src/alloc.c (Fbool_vector, Flist, Fvector): Doc tweak.
39eecb3 * src/alloc.c (vector): Fix grammatical error in doc string: ...
* src/gnutls.c (gnutls_cipher_get_tag_size): Make it return
zero only for versions of GnuTLS < 3.2.2, where
gnutls_cipher_get_tag_size was introduced. This fixes the
GnuTLS test suite, which assumes that any cipher whose tag
size is non-zero is AEAD-capable, and doesn't test such ciphers
if AEAD is not available, i.e. for GnuTLS < 3.5.1. (Bug#32446)
We previously used functions available only in 3.2+ for all 3.x
versions.
* src/gnutls.c [GNUTLS_VERSION_NUMBER < 0x030501]: Replace calls to
gnutls_cipher_get_tag_size with 0.
[GNUTLS_VERSION_NUMBER < 0x030200]: Alias gnutls_cipher_get_iv_size
to gnutls_cipher_get_block_size, gnutls_digest_list to
gnutls_mac_list, and gnutls_digest_get_name to gnutls_mac_get_name.
[WINDOWSNT]: Adjust DLL function definitions and declarations
accordingly.
3e72298 Improve documentation of 'pcase-defmacro rx'
ba9b9bb Fix TTY colors breakage by 'clear-face-cache'
f56ad42 * admin/MAINTAINERS: Add files maintained by me (Michael Albi...
7a258fa Adapt shadowfile.el for Tramp (Bug#4526, Bug#4846)
cb50077 Fix auth-source-delete (Bug#26184)
a4767a6 Avoid assertion violations in gnutls.c
90110f8 Don't use a literal "C-u" in ispell.el help message text
f4e7f6d Improve documentation of 'seqp'
ed13639 Clarify usage and dependencies between several Flyspell features
Conflicts:
etc/NEWS
test/lisp/auth-source-tests.el
* src/gnutls.c (Fgnutls_hash_digest, gnutls_symmetric)
(Fgnutls_hash_mac): Check CONSP before invoking XCDR. (Bug#32187)
Report values of invalid arguments when signaling an error.
* lisp/net/nsm.el (nsm-check-tls-connection): Fix issue with plural
problems in message. Prefix every problem with a bullet.
(nsm-query-user): Add new view the full certificate chain by
pressing d.
(nsm-format-certificate): Improve basic certificate and session info
formatting.
* src/gnutls.c (emacs_gnutls_certificate_export_pem): New function.
(gnutls_certificate_details): Rename to
emacs_gnutls_certificate_details. Add :pem to result list.
(Fgnutls_format_certificate): New function for formatting a PEM to
human-readable text.
* lisp/net/nsm.el (network-security-level, nsm-level,
nsm-new-fingerprint-ok-p): Remove `paranoid' level and related code.
* lisp/net/nsm.el (nsm-tls-checks, nsm-tls-check-version,
nsm-tls-check-compression, nsm-tls-check-renegotiation-info-ext,
nsm-tls-check-verify-cert, nsm-tls-check-same-cert,
nsm-tls-check-null-suite, nsm-tls-check-export-kx,
nsm-tls-check-anon-kx, nsm-tls-check-md5-sig,
nsm-tls-check-rc4-cipher, nsm-tls-check-dhe-prime-kx,
nsm-tls-check-sha1-sig, nsm-tls-check-ecdsa-cbc-cipher
nsm-tls-check-dhe-kx, nsm-tls-check-rsa-kx,
nsm-tls-check-3des-cipher, nsm-tls-check-cbc-cipher,
nsm-save-fingerprint-maybe, nsm-tls-post-check-functions): New
options and functions for checking TLS handshake problems.
* lisp/net/nsm.el (nsm-check-certificate,
network-security-protocol-checks,
nsm-protocol-check--diffie-hellman-prime-bits,
nsm-protocol-check--3des, nsm-protocol-check--rc4,
nsm-protocol-check--signature-sha1,
nsm-protocol-check--intermediate-sha1, nsm-protocol-check--ssl,
nsm-check-protocol): Remove in favor of `nsm-tls-checks' and
`nsm-tls-check-*' functions.
* lisp/net/nsm.el (nsm-verify-connection): Ensure connection is
checked even when `network-security-level' is `low'.
* lisp/net/nsm.el (nsm-check-tls-connection): Batch all problems found
before querying the user.
* lisp/net/nsm.el (nsm--encryption): Renamed to `nsm-cipher-suite'.
* lisp/net/nsm.el (nsm-fingerprint-ok-p): No longer prompt when
certificate fingerprints mismatch. Returns a boolean instead when
the fingerprint of the certificate received matches the saved
fingerprints.
* lisp/net/nsm.el (nsm-query): Change signature. Accepts a list of
problems and a preformatted message instead of just a message format
and the arguments for the message.
* lisp/net/nsm.el (nsm-query-user): Change signature. Accepts a
preformatted message and the peer status of the handshake instead of
a message format, its arguments and the certificate for the host.
* lisp/net/nsm.el (nsm-save-host): Change signature. Accepts a list of
problems after the WHAT parameter. Saves multiple fingerprints for
the same host in case the host load balances a TLS server with more
than one certificates signed with different keys. Makes sure
conditions are not removed when updating a fingerprint.
* lisp/net/nsm.el (nsm-format-certificate): Display the TLS handshake's
renegotiation info extension, compression level, encrypt-then-MAC
extension, and key exchange prime bit length.
* src/gnutls.c (gnutls-peer-status-warning-describe,
gnutls-peer-status): Check for certificate verification problems
introduced since GnuTLS 3.1.
* src/gnutls.c (gnutls-peer-status): `:compression', `:encrypt-then-mac'
and `:safe-renegotiation' are now contained in the peer status
result return value.
* doc/emacs/misc.texi (Network Security): Improve wording and
markup of last change.
* src/gnutls.c (Fgnutls_peer_status): Doc fix.
* etc/NEWS: Improve wording of last change.
* src/gnutls.c (gnutls_deinit_certificates): New function.
(Fgnutls_peer_status): Return all certificates in the chain back
to Lisp land.
(gnutls_verify_boot): Compute all the x509 certificates in the
chain.
* src/process.h (struct Lisp_Process): Adjust gnutls fields so
that we can keep tracks of all certificates in the chain instead
of just the host certificate.
* src/gnutls.c: Introduce HAVE_GNUTLS_EXT_GET_NAME and use it.
(init_gnutls_functions): Use it.
(Fgnutls_available_p): Use it (Bug#25061). Fix Vlibrary_cache bug.
* lisp/net/gnutls.el (gnutls-boot-parameters): Use it to set %DUMBFW
only when it's supported as "ClientHello Padding" (Bug#25061).
* src/gnutls.c (Fgnutls_available_p): Get extension names and
put them in the GnuTLS capabilities, using a hard-coded limit
of 100 since GnuTLS MAX_EXT_TYPES is not exported.
* doc/misc/emacs-gnutls.texi (Help For Users): Update the
documentation of 'gnutls-available-p'.
* etc/NEWS (GnuTLS): Mention the change in the value returned by
'gnutls-available-p'.
* src/gnutls.c (Fgnutls_available_p): Return non-nil when GnuTLS
2.x is available. (Bug#29147)
* src/gnutls.c (HAVE_GNUTLS_MAC_GET_NONCE_SIZE)
[GNUTLS_VERSION_NUMBER >= 0x030300]: Define.
(gnutls_mac_get_nonce_size): Depend on
HAVE_GNUTLS_MAC_GET_NONCE_SIZE.
(Fgnutls_macs): Use 0 for :mac-algorithm-noncesize if
!HAVE_GNUTLS_MAC_GET_NONCE_SIZE.
