From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.io/gmane.emacs.gnus.general/66419 Path: news.gmane.org!not-for-mail From: Naohiro Aota Newsgroups: gmane.emacs.gnus.general Subject: [PATCH] POP3 Over SSL with openssl Date: Mon, 03 Mar 2008 18:09:08 +0900 Message-ID: <87mypgi37v.fsf@gmail.com> NNTP-Posting-Host: lo.gmane.org Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" X-Trace: ger.gmane.org 1204535438 1491 80.91.229.12 (3 Mar 2008 09:10:38 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Mon, 3 Mar 2008 09:10:38 +0000 (UTC) To: ding@gnus.org Original-X-From: ding-owner+M14910@lists.math.uh.edu Mon Mar 03 10:11:00 2008 Return-path: Envelope-to: ding-account@gmane.org Original-Received: from util0.math.uh.edu ([129.7.128.18]) by lo.gmane.org with esmtp (Exim 4.50) id 1JW6h9-0001Mu-VC for ding-account@gmane.org; Mon, 03 Mar 2008 10:10:52 +0100 Original-Received: from localhost ([127.0.0.1] helo=lists.math.uh.edu) by util0.math.uh.edu with smtp (Exim 4.63) (envelope-from ) id 1JW6fv-0001p8-KY; Mon, 03 Mar 2008 03:09:35 -0600 Original-Received: from mx1.math.uh.edu ([129.7.128.32]) by util0.math.uh.edu with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63) (envelope-from ) id 1JW6ft-0001oi-Dv for ding@lists.math.uh.edu; Mon, 03 Mar 2008 03:09:34 -0600 Original-Received: from quimby.gnus.org ([80.91.231.51]) by mx1.math.uh.edu with esmtp (Exim 4.67) (envelope-from ) id 1JW6fm-0007UE-KN for ding@lists.math.uh.edu; Mon, 03 Mar 2008 03:09:33 -0600 Original-Received: from wa-out-1112.google.com ([209.85.146.176]) by quimby.gnus.org with esmtp (Exim 3.35 #1 (Debian)) id 1JW6fs-00009w-00 for ; Mon, 03 Mar 2008 10:09:32 +0100 Original-Received: by wa-out-1112.google.com with SMTP id j4so7010459wah.1 for ; Mon, 03 Mar 2008 01:09:23 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:from:to:subject:date:message-id:user-agent:mime-version:content-type; bh=4P6c0hBT0A+LIgCOaIoYIpZGgJB6xkgVoputDCYL/AM=; b=BAsjYCG4HstiZrnN1bjMq/2mjIyM5U05+j3IHdb/6Qy5i8rrVzlk9LYnqBhkqmPr+RirNHtFw0Q1UZvGJvtJMxV2PP9wqlE89Rg9ZaUeEiYIHrQu0k9wWJ1fgMo8MM/9EEeDV6VJnmDdlpIZAct1vGLjfNcB3fsbxPo4D2zq5Vw= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=from:to:subject:date:message-id:user-agent:mime-version:content-type; b=SmhkXgcjIyB5j4orQOIm06aHKGsTU5bWBkR/6fV/BpfxiI81pLFCtTFCqxlV7/o/a/NRYW2JdEhWVAT0TLep0hSjDkwDKDwHaHvs5rqbTPMrU9FFBXc6XFOGO5M2o0RpIBB19ThJn1HmmbnGFvKfbwac9hx0dxvaAFpcjbpn++Y= Original-Received: by 10.114.175.16 with SMTP id x16mr15937542wae.12.1204535363063; Mon, 03 Mar 2008 01:09:23 -0800 (PST) Original-Received: from sayo ( [124.37.188.163]) by mx.google.com with ESMTPS id y11sm22423310pod.9.2008.03.03.01.09.21 (version=TLSv1/SSLv3 cipher=OTHER); Mon, 03 Mar 2008 01:09:22 -0800 (PST) User-Agent: Gnus/5.110007 (No Gnus v0.7) Emacs/23.0.60 (gnu/linux) X-Spam-Score: -2.6 (--) List-ID: Precedence: bulk Xref: news.gmane.org gmane.emacs.gnus.general:66419 Archived-At: --=-=-= Hello, I tried to retrieve mails by POP3 Over SSL with openssl, but Gnus stopped working displaing "Retrieving message 1 of 5 from myserver...". Then I found that without -ign_eof and -quiet argument, openssl doesn't send line begins with "R" or "Q" to server but renegotiate or quit its connection. So sending "RETR" command made this problem. I suggest to call openssl commands with "-ign_eof" argument. Please find the patch below. Regards, 2008-03-03 Naohiro Aota * tls.el (tls-program): Add -ign_eof argument to call the openssl commands. (tls-checktrust): Ditto. --=-=-= Content-Type: text/x-patch Content-Disposition: inline; filename=gnus-tls.el.diff Index: lisp/tls.el =================================================================== RCS file: /usr/local/cvsroot/gnus/lisp/tls.el,v retrieving revision 7.23 diff -u -r7.23 tls.el --- lisp/tls.el 1 Mar 2008 01:48:13 -0000 7.23 +++ lisp/tls.el 3 Mar 2008 08:56:24 -0000 @@ -80,7 +80,7 @@ (defcustom tls-program '("gnutls-cli -p %p %h" "gnutls-cli -p %p %h --protocols ssl3" - "openssl s_client -connect %h:%p -no_ssl2") + "openssl s_client -connect %h:%p -no_ssl2 -ign_eof") "List of strings containing commands to start TLS stream to a host. Each entry in the list is tried until a connection is successful. %h is replaced with server hostname, %p with port to connect to. @@ -97,23 +97,23 @@ :value ("gnutls-cli -p %p %h" "gnutls-cli -p %p %h --protocols ssl3" - "openssl s_client -connect %h:%p -no_ssl2") + "openssl s_client -connect %h:%p -no_ssl2 -ign_eof") (set :inline t ;; FIXME: add brief `:tag "..."' descriptions. ;; (repeat :inline t :tag "Other" (string)) ;; See `tls-checktrust': (const "gnutls-cli --x509cafile /etc/ssl/certs/ca-certificates.crt -p %p %h") (const "gnutls-cli --x509cafile /etc/ssl/certs/ca-certificates.crt -p %p %h --protocols ssl3") - (const "openssl s_client -connect %h:%p -CAfile /etc/ssl/certs/ca-certificates.crt -no_ssl2") + (const "openssl s_client -connect %h:%p -CAfile /etc/ssl/certs/ca-certificates.crt -no_ssl2 -ign_eof") ;; No trust check: (const "gnutls-cli -p %p %h") (const "gnutls-cli -p %p %h --protocols ssl3") - (const "openssl s_client -connect %h:%p -no_ssl2")) + (const "openssl s_client -connect %h:%p -no_ssl2 -ign_eof")) (repeat :inline t :tag "Other" (string))) (const :tag "Default list of commands" ("gnutls-cli -p %p %h" "gnutls-cli -p %p %h --protocols ssl3" - "openssl s_client -connect %h:%p -no_ssl2")) + "openssl s_client -connect %h:%p -no_ssl2 -ign_eof")) (list :tag "List of commands" (repeat :tag "Command" (string)))) :version "22.1" @@ -144,7 +144,7 @@ \(setq tls-program '(\"gnutls-cli --x509cafile /etc/ssl/certs/ca-certificates.crt -p %p %h\" \"gnutls-cli --x509cafile /etc/ssl/certs/ca-certificates.crt -p %p %h --protocols ssl3\" - \"openssl s_client -connect %h:%p -CAfile /etc/ssl/certs/ca-certificates.crt -no_ssl2\"))" + \"openssl s_client -connect %h:%p -CAfile /etc/ssl/certs/ca-certificates.crt -no_ssl2 -ign_eof\"))" :type '(choice (const :tag "Always" t) (const :tag "Never" nil) (const :tag "Ask" ask)) --=-=-=--