GNU bug report logs - #33780
network-stream.el: network-stream-certificate always returns nil

Previous Next

Package: emacs;

Reported by: Vinothan Shankar <darael <at> dracon.is>

Date: Mon, 17 Dec 2018 19:17:01 UTC

Severity: normal

Tags: fixed

Fixed in version 27.1

Done: Robert Pluim <rpluim <at> gmail.com>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Robert Pluim <rpluim <at> gmail.com>
To: Vinothan Shankar <darael <at> dracon.is>
Cc: 33780 <at> debbugs.gnu.org
Subject: bug#33780: network-stream.el: network-stream-certificate always returns nil
Date: Thu, 20 Dec 2018 19:45:25 +0100

Vinothan Shankar <darael <at> dracon.is> writes:

> OK, so a few minutes into the process of trying to do this, I came
> across a snag: the syntax for using certificates in authinfo files
> doesn't appear to be documented anywhere; I had to extract it from a
> stackexchange question.  Docs bug, or lack of search-fu?  Moving on...

Itʼs in the smptmail info manual, node 'Encryption'. It is linked from
the main Emacs manual, from the 'Mail Sending' node, but there appears
to be no description of the syntax in the auth-source manual. Patches
welcome :-)

> Results:
>
> Initial failure, but this is because I've been testing with ERC, which
> calls open-network-stream with ":nowait t".  If I add the ":keylist
> (and cert (list cert))" stanza to the other branch of open-gnutls-
> stream as well, in the gnutls-boot-parameters call, it works perfectly:
> Freenode picks up my identity even when I supply a blank password.

Thanks for testing. Iʼll update my patch (and write a ChangeLog, and a
NEWS entry)

By my count there are at least 11 calls to open-network-stream in
Emacs' sources which would need updating with ':client-certificate t'
in order to trigger transparent use of user-specified certificates.

By analogy to e.g. smtpmail looking up usernames and passwords by
default using auth-source, I think Emacs should do the same for
client-certificates by default. People without entries specifying
certificates would be unaffected, and third-party packages would not
need to be updated to take advantage of this new feature. Comments
welcome.

Robert
This bug report was last modified 6 years and 117 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.