From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.io/gmane.emacs.gnus.general/66545 Path: news.gmane.org!not-for-mail From: Denys Duchier Newsgroups: gmane.emacs.gnus.general Subject: Re: smtpmail failure Date: Fri, 21 Mar 2008 10:47:40 +0100 Message-ID: <8763vgo1c2.fsf@univ-orleans.fr> References: <87odaicrnk.fsf@escher.local.home> <877ig3zs0c.fsf@univ-orleans.fr> NNTP-Posting-Host: lo.gmane.org Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" X-Trace: ger.gmane.org 1206092911 29765 80.91.229.12 (21 Mar 2008 09:48:31 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Fri, 21 Mar 2008 09:48:31 +0000 (UTC) Cc: Stephen Berman , Simon Josefsson To: ding@gnus.org Original-X-From: ding-owner+M15031=ding+2Daccount=gmane.org@lists.math.uh.edu Fri Mar 21 10:49:00 2008 Return-path: Envelope-to: ding-account@gmane.org Original-Received: from util0.math.uh.edu ([129.7.128.18]) by lo.gmane.org with esmtp (Exim 4.50) id 1Jcdru-0008DW-V7 for ding-account@gmane.org; Fri, 21 Mar 2008 10:48:59 +0100 Original-Received: from localhost ([127.0.0.1] helo=lists.math.uh.edu) by util0.math.uh.edu with smtp (Exim 4.63) (envelope-from ) id 1JcdrK-00052E-2j for ding-account@gmane.org; Fri, 21 Mar 2008 04:48:22 -0500 Original-Received: from mx2.math.uh.edu ([129.7.128.33]) by util0.math.uh.edu with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63) (envelope-from ) id 1JcdrJ-000525-0p for ding@lists.math.uh.edu; Fri, 21 Mar 2008 04:48:21 -0500 Original-Received: from quimby.gnus.org ([80.91.231.51]) by mx2.math.uh.edu with esmtp (Exim 4.67) (envelope-from ) id 1JcdrC-0000AM-Jf for ding@lists.math.uh.edu; Fri, 21 Mar 2008 04:48:20 -0500 Original-Received: from kabis.univ-orleans.fr ([193.49.83.15] helo=ka.univ-orleans.fr) by quimby.gnus.org with esmtp (Exim 3.35 #1 (Debian)) id 1JcdrK-0006a3-00 for ; Fri, 21 Mar 2008 10:48:22 +0100 Original-Received: from smtps.univ-orleans.fr (localhost [127.0.0.1]) by ka.univ-orleans.fr (Postfix) with ESMTP id 15BB012AD60; Fri, 21 Mar 2008 10:47:41 +0100 (CET) Original-Received: from localhost.localdomain.univ-orleans.fr (unknown [192.168.80.108]) by smtps.univ-orleans.fr (Postfix) with ESMTP id 875CC36E5B; Fri, 21 Mar 2008 10:47:42 +0100 (CET) In-Reply-To: <877ig3zs0c.fsf@univ-orleans.fr> (Denys Duchier's message of "Sat, 15 Mar 2008 20:50:11 +0100") User-Agent: Gnus/5.110007 (No Gnus v0.7) Emacs/22.1 (gnu/linux) X-Spam-Score: -2.6 (--) List-ID: Precedence: bulk Xref: news.gmane.org gmane.emacs.gnus.general:66545 Archived-At: --=-=-= I am beginning to understand the issues here and below I have attached a proposed fix: it adds support for legacy ssl-only smtp servers. I have based this patch on the version of smtpmail that can be found in gnus/contrib. The patch is mostly a conservative extension, except in one respect: previously, when credentials where found in smtpmail-starttls-credentials but gnutls-cli was not found, smtpmail-open-stream would open a non secured connection to the smtp server. I think that's a bug: if the user has explicitly added an entry in smtpmail-starttls-credentials, then clearly he expects a secured connection: a non-secured connection should not silently be used instead. --=-=-= Content-Type: text/x-patch Content-Disposition: attachment; filename=smtpmail.patch Content-Description: support ssl smtp connections Index: contrib/smtpmail.el =================================================================== RCS file: /usr/local/cvsroot/gnus/contrib/smtpmail.el,v retrieving revision 7.12 diff -u -r7.12 smtpmail.el --- contrib/smtpmail.el 20 Jan 2008 05:23:59 -0000 7.12 +++ contrib/smtpmail.el 21 Mar 2008 09:35:14 -0000 @@ -84,6 +84,7 @@ (autoload 'netrc-parse "netrc") (autoload 'netrc-machine "netrc") (autoload 'netrc-get "netrc") +(autoload 'open-tls-stream "tls") ;;; (defgroup smtpmail nil @@ -195,6 +196,15 @@ :version "21.1" :group 'smtpmail) +(defcustom smtpmail-ssl-servers '() + "servers requiring an SSL connection. +This is a list of 2-element lists with `servername' (a string) +and `port' (an integer)." + :type '(repeat (list (string :tag "Server") + (integer :tag "Port"))) + :version "22.1" + :group 'smtpmail) + (defcustom smtpmail-warn-about-unknown-extensions nil "*If set, print warnings about unknown SMTP extensions. This is mainly useful for development purposes, to learn about @@ -513,34 +523,38 @@ (defun smtpmail-open-stream (process-buffer host port) (let ((cred (smtpmail-find-credentials smtpmail-starttls-credentials host port))) - (if (null (and cred (condition-case () - (with-no-warnings - (require 'starttls) - (call-process (if starttls-use-gnutls - starttls-gnutls-program - starttls-program))) - (error nil)))) - ;; The normal case. - (open-network-stream "SMTP" process-buffer host port) + (if (null cred) + ;; we reuse smtpmail-find-credentials to search in + ;; smtpmail-ssl-servers because it does the right + ;; kind of lookup + (let ((entry (smtpmail-find-credentials + smtpmail-ssl-servers host port))) + (if (null entry) + ;; The normal case + (open-network-stream "SMTP" process-buffer host port) + ;; The SSL case + (prog1 (open-tls-stream "SMTP" process-buffer host port) + (with-current-buffer process-buffer + (delete-region (point-min) (point)) + (goto-char (point-min)))))) + ;; The TLS case (let* ((cred-key (smtpmail-cred-key cred)) (cred-cert (smtpmail-cred-cert cred)) + (cred-found + (and (stringp cred-key) (stringp cred-cert) + (file-regular-p + (setq cred-key (expand-file-name cred-key))) + (file-regular-p + (setq cred-cert (expand-file-name cred-cert))))) (starttls-extra-args (append starttls-extra-args - (when (and (stringp cred-key) (stringp cred-cert) - (file-regular-p - (setq cred-key (expand-file-name cred-key))) - (file-regular-p - (setq cred-cert (expand-file-name cred-cert)))) + (when cred-found (list "--key-file" cred-key "--cert-file" cred-cert)))) (starttls-extra-arguments (append starttls-extra-arguments - (when (and (stringp cred-key) (stringp cred-cert) - (file-regular-p - (setq cred-key (expand-file-name cred-key))) - (file-regular-p - (setq cred-cert (expand-file-name cred-cert)))) + (when cred-found (list "--x509keyfile" cred-key "--x509certfile" cred-cert))))) (starttls-open-stream "SMTP" process-buffer host port))))) --=-=-= Cheers, --Denys --=-=-=--