Also remove some redundant `:group` arguments.
* lisp/net/eudc-export.el: Use lexical-binding.
(eudc-create-bbdb-record): Use `cl-progv` and `apply` to avoid `eval`.
* lisp/net/eudc-hotlist.el: Use lexical-binding.
* lisp/net/eudc.el (eudc-print-attribute-value): Use `funcall` to avoid
`eval`.
* lisp/net/eudcb-bbdb.el: Use lexical-binding.
(eudc-bbdb-filter-non-matching-record): Use `funcall` to avoid `eval`.
Move `bbdb-val` binding to avoid `setq`.
Use `seq-some` instead of `eval+or`.
(eudc-bbdb-format-record-as-result): Use `dolist` and `pcase`.
Use `funcall` to avoid `eval`.
(eudc-bbdb-query-internal): Simplify a bit.
* lisp/net/eudcb-ldap.el: Use lexical-binding.
(eudc-ldap-get-host-parameter): Use `defalias` to avoid `eval-and-compile`.
* lisp/net/telnet.el: Use lexical-binding.
* lisp/net/quickurl.el: Use lexical-binding.
* lisp/net/newst-ticker.el: Use lexical-binding.
* lisp/net/newst-reader.el: Use lexical-binding.
* lisp/net/goto-addr.el: Use lexical-binding.
* lisp/net/gnutls.el: Use lexical-binding.
* lisp/net/eudcb-macos-contacts.el: Use lexical-binding.
* lisp/net/eudcb-mab.el: Use lexical-binding.
* lisp/net/net-utils.el: Use lexical-binding.
(finger): Remove unused var `found`.
* lisp/net/network-stream.el (open-protocol-stream): Remove redundant
`defalias`.
* lisp/net/newst-plainview.el: Use lexical-binding.
(newsticker-hide-entry, newsticker-show-entry): Remove unused var
`is-invisible`.
(w3m-fill-column, w3-maximum-line-length): Declare vars.
* lisp/net/tramp.el (tramp-compute-multi-hops):
* lisp/net/tramp-compat.el (tramp-compat-temporary-file-directory):
* lisp/net/tramp-cmds.el (tramp-default-rename-file):
* lisp/net/webjump.el (webjump): Don't forget lexical-binding for `eval`.
* doc/lispref/processes.texi (Network): Describe :coding keyword support.
* doc/misc/emacs-gnutls.texi (Help For Developers): Describe :coding
keyword support.
* etc/NEWS: Announce change to open-network-stream and
open-gnutls-stream.
* lisp/net/gnutls.el (open-gnutls-stream): Add support for :coding, pass it
down to open-network-stream.
* lisp/net/network-stream.el (open-network-stream)
(network-stream-open-plain, network-stream-open-starttls): Add
support for :coding, pass it down to make-network-process.
(network-stream-open-shell): Add support-for :coding, use
set-process-coding-system to set it after process creation.
This fixes Bug#33780, and extends the documentation to describe how to
enable use of client certificates.
* lisp/net/network-stream.el (network-stream-certificate): Correct
order of parameters to plist-get.
(network-stream-open-tls): Pass all received parameters to
open-gnutls-stream as plist, not just :nowait.
* lisp/net/gnutls.el (open-gnutls-stream): Change optional nowait arg
to be plist. Derive nowait and client certificate(s) and keys(s) from
plist (maybe via auth-source) and pass to gnutls-boot-parameters and
gnutls-negotiate.
(network-stream-certificate): Add declare-function form for it.
* doc/misc/auth.texi (Help for users): Describe format to use for
client key/cert specification.
* doc/misc/emacs-gnutls.texi (Help For Developers): Describe usage of
optional plist argument. Add crossreference to description of
.authinfo format for client key/cert specification.
* etc/NEWS: Describe new client certificate functionality for
'open-network-stream'.
* test/lisp/net/network-stream-tests.el: Add require of network-stream.
(connect-to-tls-ipv4-nowait): Bind network-security-level to 'low
in order to bypass nsm prompting.
(connect-to-tls-ipv6-nowait): Likewise.
(open-network-stream-tls-wait): New test.
(open-network-stream-tls-nowait): New test.
(open-network-stream-tls): New test.
(open-network-stream-tls-nocert): New test.
(open-gnutls-stream-new-api-default): New test.
(open-gnutls-stream-new-api-wait): New test.
(open-gnutls-stream-old-api-wait): New test.
(open-gnutls-stream-new-api-nowait): New test.
(open-gnutls-stream-old-api-nowait): New test.
(open-gnutls-stream-new-api-errors): New test.
The new tests exercise 'open-network-stream' and the old and new
api of 'open-gnutls-stream'.
* lisp/net/gnutls.el (gnutls-boot-parameters): Return
`gnutls-crlfiles' in `:crlfiles'.
(gnutls-crlfiles): New defcustom.
(gnutls--get-files): New defun.
(gnutls-trustfiles, gnutls-crlfiles): Delegate to
`gnutls--get-files' to return a list of filenames, accepts glob pattern.
65889a6d12 Fix bootstrap infloop in GNU/Linux alpha
48efd1c98b Minor fix of a recent documentation change
3302b7cd7f Mention the NSM in the gnutls variable doc strings
40c2ce743b Remove test code from last commit
e02d8e29c6 Fix Bug#32084
da5d6dbe39 Fix (length NON-SEQUENCE) documentation
* gnutls.el (gnutls-algorithm-priority): Mention the Network
Security Manager here since this variable is an obvious place
for people concerned about network security to look.
(gnutls-verify-error): Ditto.
(gnutls-min-prime-bits): Ditto.
* lisp/net/gnutls.el (open-gnutls-stream): IDNA-encode hostnames
before passing them on to gnutls for verification.
* lisp/net/network-stream.el (network-stream-open-starttls): Ditto.
* lisp/url/url-http.el (url-http--get-referer): Be IDNA-aware.
(url-http-create-request): Don't de-Unicodify host names, because
they may be IDNA names (that are later encoded).
* lisp/url/url-util.el (url-domain): Be IDNA-aware when doing
domain name computations.
* lisp/net/gnutls.el (gnutls-boot-parameters): Use it to set %DUMBFW
only when it's supported as "ClientHello Padding" (Bug#25061).
* src/gnutls.c (Fgnutls_available_p): Get extension names and
put them in the GnuTLS capabilities, using a hard-coded limit
of 100 since GnuTLS MAX_EXT_TYPES is not exported.
* lisp/net/gnutls.el (gnutls-boot-parameters): Add %DUMBFW to
the default priority strings (Bug#25061).
* etc/NEWS: Mention it.
* doc/misc/emacs-gnutls.texi (Help For Users): Point to the
GnuTLS priority string documentation URL.
Most of this change is to boilerplate commentary such as license URLs.
This change was prompted by ftp://ftp.gnu.org's going-away party,
planned for November. Change these FTP URLs to https://ftp.gnu.org
instead. Make similar changes for URLs to other organizations moving
away from FTP. Also, change HTTP to HTTPS for URLs to gnu.org and
fsf.org when this works, as this will further help defend against
man-in-the-middle attacks (for this part I omitted the MS-DOS and
MS-Windows sources and the test tarballs to keep the workload down).
HTTPS is not fully working to lists.gnu.org so I left those URLs alone
for now.
eaa00584ce Improve documentation of 'gnutls-verify-error'
908498cc01 ; etc/PROBLEMS: Describe GTK-related crashes on elementar...
741daec617 ; Describe the problem with ksh when resizing shell window
* lisp/net/gnutls.el (gnutls-negotiate): Make negotiation blocking.
* src/gnutls.c (Fgnutls_boot): Provide a new keyword,
:complete-negotiation, to specify that we want complete
negotiation even if the socket is non-blocking.
(gnutls_try_handshake): Complete negotiation if given that keyword.
* src/process.h (L): Added gnutls_complete_negotiation_p.
* doc/lispref/processes.texi (Network Processes): Clarify the
meaning of :tls-parameters.
* lisp/net/gnutls.el (open-gnutls-stream): Clarify :nowait.
* lisp/net/gnutls.el (gnutls-boot-parameters): Factor out into
own function.
(gnutls-negotiate): Use it.
(open-gnutls-stream): Ditto.
* src/eval.c (vformat_string): Refactor out the printing bits
from verror.
(verror): Use it.
* src/gnutls.c (boot_error): Mark failed processes with the
real error message.
* src/lisp.h: Declare vformat_string.
* lisp/net/gnutls.el (open-gnutls-stream): Pass the TLS
keywords in directly so that they can be used when doing
synchronous DNS on non-synchronous connections.
* lisp/net/network-stream.el (open-network-stream): Allow
passing in the TLS parameters directly.
* src/process.c (conv_numerical_to_lisp): New function to convert
numerical addresses to Lisp.
(Fmake_network_process): Rework the non-HAVE_ADDRINFO code
paths so that they work again.
(syms_of_process): Build fix for non-glibc systems.
* lisp/net/gnutls.el (open-gnutls-stream): Compute the
gnutls-boot parameters and pass them to the process object.
(gnutls-negotiate): New parameter :return-keywords that won't
connect to anything, just compute the keywords.
* lisp/url/url-http.el (url-http): Revert async TLS sentinel
hack, which is no longer necessary.
* src/gnutls.c (Fgnutls_asynchronous_parameters): Rename from
gnutls-mark-process.
* src/process.c (connect_network_socket): If we're connecting to
an asynchronous TLS socket, complete the GnuTLS boot sequence here.
* src/process.h: New parameter gnutls_async_parameters.
* doc/misc/emacs-gnutls.texi (Help For Developers): Mention
the nowait parameter.
* lisp/net/gnutls.el (open-gnutls-stream): Allow asynchronous
connections with the new nowait parameter.
* lisp/net/network-stream.el (network-stream-open-tls): Pass
on :nowait to open-gnutls-stream.
* lisp/url/url-http.el (url-http): Don't overwrite the
sentinel created by open-gnutls-stream.
* src/gnutls.c (Fgnutls_mark_process): New function.
* src/process.c (send_process): Don't write to GnuTLS sockets that
haven't been initialised yed.
* src/process.h: New slot gnutls_wait_p.
This patch should not change behavior. It typically omits backslashes
where they are redundant (e.g., in the string literal "^\$").
In a few places, insert backslashes where they make regular
expressions clearer: e.g., replace "^\*" (equivalent to "^*") with
"^\\*", which has the same effect as a regular expression.
Also, use ‘\ %’ instead of ‘\%’ when avoiding confusion with SCCS IDs,
and similarly use ‘\ $’ instead of ‘\$’ when avoiding confusion with
RCS IDs, as that makes it clearer that the backslash is intended.
