[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#33780: network-stream.el: network-stream-certificate always returns
|
From: |
Robert Pluim |
|
Subject: |
bug#33780: network-stream.el: network-stream-certificate always returns nil |
|
Date: |
Thu, 20 Dec 2018 19:45:25 +0100 |
Vinothan Shankar <darael@dracon.is> writes:
> OK, so a few minutes into the process of trying to do this, I came
> across a snag: the syntax for using certificates in authinfo files
> doesn't appear to be documented anywhere; I had to extract it from a
> stackexchange question. Docs bug, or lack of search-fu? Moving on...
Itʼs in the smptmail info manual, node 'Encryption'. It is linked from
the main Emacs manual, from the 'Mail Sending' node, but there appears
to be no description of the syntax in the auth-source manual. Patches
welcome :-)
> Results:
>
> Initial failure, but this is because I've been testing with ERC, which
> calls open-network-stream with ":nowait t". If I add the ":keylist
> (and cert (list cert))" stanza to the other branch of open-gnutls-
> stream as well, in the gnutls-boot-parameters call, it works perfectly:
> Freenode picks up my identity even when I supply a blank password.
Thanks for testing. Iʼll update my patch (and write a ChangeLog, and a
NEWS entry)
By my count there are at least 11 calls to open-network-stream in
Emacs' sources which would need updating with ':client-certificate t'
in order to trigger transparent use of user-specified certificates.
By analogy to e.g. smtpmail looking up usernames and passwords by
default using auth-source, I think Emacs should do the same for
client-certificates by default. People without entries specifying
certificates would be unaffected, and third-party packages would not
need to be updated to take advantage of this new feature. Comments
welcome.
Robert