GNU bug report logs - #31457
27.0.50; Move starttls.el and tls.el to lisp/obsolete/

Previous Next

To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 31457 in the body.
You can then email your comments to 31457 AT debbugs.gnu.org in the normal way.

Toggle the display of automated, internal messages from the tracker.

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Noam Postavsky <npostavs <at> gmail.com>
To: bug-gnu-emacs <at> gnu.org
Subject: 27.0.50; Move starttls.el and tls.el to lisp/obsolete/
Date: Mon, 14 May 2018 20:03:12 -0400

[Message part 1 (text/plain, inline)]

Tags: patch
Severity: minor

Use of an external program such as gnutls-cli instead of the builtin
libgnutls based functions is already de-facto obsolete: see bugs 15905,
23759, 27658, and 31339.

[v1-0001-Move-tls.el-and-starttls.el-to-lisp-obsolete.patch (text/x-diff, inline)]

From e87446e3f1cdecbb270337fe158a702615b5ac54 Mon Sep 17 00:00:00 2001
From: Noam Postavsky <npostavs <at> gmail.com>
Date: Thu, 13 Jul 2017 08:52:39 -0400
Subject: [PATCH v1] Move tls.el and starttls.el to lisp/obsolete/

* lisp/obsolete/tls.el: Moved from lisp/net/tls.el.
* lisp/gnus/nnimap.el:
* lisp/url/url-http.el: Don't require tls, since it's obsolete.
* lisp/net/network-stream.el: Only require tls if we actually try to
use it (i.e., when (gnutls-available-p) returns nil).  Declare some
functions to fix compilation warnings.

* lisp/obsolete/starttls.el: Moved from lisp/net/starttls.el.
* lisp/net/sieve-manage.el:
* lisp/net/network-stream.el: Don't require `starttls' at the
top-level, declare the variables and functions used instead.
(network-stream-open-starttls): Only require `starttls' if
needed (i.e., gnutls-available-p fails).

* etc/NEWS: Announce obsoletion.
---
 etc/NEWS                           |  3 +++
 lisp/gnus/nnimap.el                |  1 -
 lisp/net/network-stream.el         | 22 ++++++++++++++++++----
 lisp/net/sieve-manage.el           |  1 -
 lisp/{net => obsolete}/starttls.el |  0
 lisp/{net => obsolete}/tls.el      |  0
 lisp/url/url-http.el               |  1 -
 7 files changed, 21 insertions(+), 7 deletions(-)
 rename lisp/{net => obsolete}/starttls.el (100%)
 rename lisp/{net => obsolete}/tls.el (100%)

diff --git a/etc/NEWS b/etc/NEWS
index 77ef3f3457..8193545d9f 100644
--- a/etc/NEWS
+++ b/etc/NEWS
@@ -419,6 +419,9 @@ or NextCloud hosted files and directories.
 ** The options.el library has been removed.
 It was obsolete since Emacs 22.1, replaced by customize.
 
+** The tls.el and starttls.el libraries are now marked obsolete.
+Use of builtin of function based on libgnutls is recommended instead.
+
 
 ** Message
 
diff --git a/lisp/gnus/nnimap.el b/lisp/gnus/nnimap.el
index dc51b5f0f0..3b39731927 100644
--- a/lisp/gnus/nnimap.el
+++ b/lisp/gnus/nnimap.el
@@ -36,7 +36,6 @@
 (require 'nnoo)
 (require 'netrc)
 (require 'utf7)
-(require 'tls)
 (require 'parse-time)
 (require 'nnmail)
 
diff --git a/lisp/net/network-stream.el b/lisp/net/network-stream.el
index 19e0c6421f..a0589e25a4 100644
--- a/lisp/net/network-stream.el
+++ b/lisp/net/network-stream.el
@@ -42,14 +42,20 @@
 
 ;;; Code:
 
-(require 'tls)
-(require 'starttls)
 (require 'auth-source)
 (require 'nsm)
 (require 'puny)
 
+(declare-function starttls-available-p "starttls" ())
+(declare-function starttls-negotiate "starttls" (process))
+
 (autoload 'gnutls-negotiate "gnutls")
 (autoload 'open-gnutls-stream "gnutls")
+(defvar starttls-extra-arguments)
+(defvar starttls-extra-args)
+(defvar starttls-use-gnutls)
+(defvar starttls-gnutls-program)
+(defvar starttls-program)
 
 ;;;###autoload
 (defun open-network-stream (name buffer host service &rest parameters)
@@ -255,7 +261,8 @@ network-stream-open-starttls
 		     (or (gnutls-available-p)
 			 (and (or require-tls
 				  (plist-get parameters :use-starttls-if-possible))
-			      (starttls-available-p))))
+			      (require 'starttls)
+                              (starttls-available-p))))
 	       (not (eq (plist-get parameters :type) 'plain)))
       ;; If using external STARTTLS, drop this connection and start
       ;; anew with `starttls-open-stream'.
@@ -336,7 +343,8 @@ network-stream-open-starttls
 	      ;; See `starttls-available-p'.  If this predicate
 	      ;; changes to allow running under Windows, the error
 	      ;; message below should be amended.
-	      (if (memq system-type '(windows-nt ms-dos))
+	      (if (or (memq system-type '(windows-nt ms-dos))
+                      (not (featurep 'starttls)))
 		  (concat "Emacs does not support TLS")
 		(concat "Emacs does not support TLS, and no external `"
 			(if starttls-use-gnutls
@@ -373,6 +381,8 @@ network-stream-get-response
 	(unless (= start (point))
 	  (buffer-substring start (point)))))))
 
+(declare-function open-tls-stream "tls" (name buffer host port))
+
 (defun network-stream-open-tls (name buffer host service parameters)
   (with-current-buffer buffer
     (let* ((start (point-max))
@@ -380,6 +390,7 @@ network-stream-open-tls
             (if (gnutls-available-p)
                 (open-gnutls-stream name buffer host service
                                     (plist-get parameters :nowait))
+              (require 'tls)
               (open-tls-stream name buffer host service)))
 	   (eoc (plist-get parameters :end-of-command)))
       (if (plist-get parameters :nowait)
@@ -406,6 +417,9 @@ network-stream-open-tls
                   (network-stream-command stream capability-command eo-capa)
                   'tls)))))))
 
+(declare-function format-spec "format-spec" (format spec))
+(declare-function format-spec-make "format-spec" (&rest pairs))
+
 (defun network-stream-open-shell (name buffer host service parameters)
   (require 'format-spec)
   (let* ((capability-command (plist-get parameters :capability-command))
diff --git a/lisp/net/sieve-manage.el b/lisp/net/sieve-manage.el
index cd40307238..8c70ae037a 100644
--- a/lisp/net/sieve-manage.el
+++ b/lisp/net/sieve-manage.el
@@ -77,7 +77,6 @@
 
 (eval-when-compile (require 'cl-lib))
 (require 'sasl)
-(require 'starttls)
 (autoload 'sasl-find-mechanism "sasl")
 (autoload 'auth-source-search "auth-source")
 
diff --git a/lisp/net/starttls.el b/lisp/obsolete/starttls.el
similarity index 100%
rename from lisp/net/starttls.el
rename to lisp/obsolete/starttls.el
diff --git a/lisp/net/tls.el b/lisp/obsolete/tls.el
similarity index 100%
rename from lisp/net/tls.el
rename to lisp/obsolete/tls.el
diff --git a/lisp/url/url-http.el b/lisp/url/url-http.el
index 0b95453b30..53798f77c3 100644
--- a/lisp/url/url-http.el
+++ b/lisp/url/url-http.el
@@ -1600,7 +1600,6 @@ url-http-options
 
 ;; HTTPS.  This used to be in url-https.el, but that file collides
 ;; with url-http.el on systems with 8-character file names.
-(require 'tls)
 
 (defconst url-https-asynchronous-p t "HTTPS retrievals are asynchronous.")
 
-- 
2.11.0

Message #8 received at 31457 <at> debbugs.gnu.org (full text, mbox):

From: Robert Pluim <rpluim <at> gmail.com>
To: Noam Postavsky <npostavs <at> gmail.com>
Cc: 31457 <at> debbugs.gnu.org
Subject: Re: bug#31457: 27.0.50; Move starttls.el and tls.el to lisp/obsolete/
Date: Tue, 15 May 2018 15:27:42 +0200

Noam Postavsky <npostavs <at> gmail.com> writes:

> Tags: patch
> Severity: minor
>
> Use of an external program such as gnutls-cli instead of the builtin
> libgnutls based functions is already de-facto obsolete: see bugs 15905,
> 23759, 27658, and 31339.

Cool. Do we want to remove sslv3 support from tls.el as well, or are
we not making any more changes to it now?

Robert

Message #11 received at 31457 <at> debbugs.gnu.org (full text, mbox):

From: "Basil L. Contovounesios" <contovob <at> tcd.ie>
To: Noam Postavsky <npostavs <at> gmail.com>
Cc: 31457 <at> debbugs.gnu.org
Subject: Re: bug#31457: 27.0.50; Move starttls.el and tls.el to lisp/obsolete/
Date: Tue, 15 May 2018 14:42:10 +0100

> From e87446e3f1cdecbb270337fe158a702615b5ac54 Mon Sep 17 00:00:00 2001
> From: Noam Postavsky <npostavs <at> gmail.com>
> Date: Thu, 13 Jul 2017 08:52:39 -0400
> Subject: [PATCH v1] Move tls.el and starttls.el to lisp/obsolete/
>
> diff --git a/etc/NEWS b/etc/NEWS
> index 77ef3f3457..8193545d9f 100644
> --- a/etc/NEWS
> +++ b/etc/NEWS
> @@ -419,6 +419,9 @@ or NextCloud hosted files and directories.
>  ** The options.el library has been removed.
>  It was obsolete since Emacs 22.1, replaced by customize.
>  
> +** The tls.el and starttls.el libraries are now marked obsolete.
> +Use of builtin of function based on libgnutls is recommended instead.
                 ^^^^

Typo?

-- 
Basil

Message #14 received at 31457 <at> debbugs.gnu.org (full text, mbox):

From: Eli Zaretskii <eliz <at> gnu.org>
To: Robert Pluim <rpluim <at> gmail.com>
Cc: 31457 <at> debbugs.gnu.org, npostavs <at> gmail.com
Subject: Re: bug#31457: 27.0.50; Move starttls.el and tls.el to lisp/obsolete/
Date: Tue, 15 May 2018 19:58:09 +0300

> From: Robert Pluim <rpluim <at> gmail.com>
> Date: Tue, 15 May 2018 15:27:42 +0200
> Cc: 31457 <at> debbugs.gnu.org
> 
> Cool. Do we want to remove sslv3 support from tls.el as well, or are
> we not making any more changes to it now?

I see no need to remove anything from a package that becomes obsolete.

Message #17 received at 31457 <at> debbugs.gnu.org (full text, mbox):

From: Eli Zaretskii <eliz <at> gnu.org>
To: Noam Postavsky <npostavs <at> gmail.com>
Cc: 31457 <at> debbugs.gnu.org
Subject: Re: bug#31457: 27.0.50; Move starttls.el and tls.el to lisp/obsolete/
Date: Tue, 15 May 2018 20:00:19 +0300

> From: Noam Postavsky <npostavs <at> gmail.com>
> Date: Mon, 14 May 2018 20:03:12 -0400
> 
> Use of an external program such as gnutls-cli instead of the builtin
> libgnutls based functions is already de-facto obsolete: see bugs 15905,
> 23759, 27658, and 31339.

Fine with me (modulo the typo in NEWS), but please wait for a week or
so to give people who want to object time to do so.

Thanks.

Message #20 received at 31457 <at> debbugs.gnu.org (full text, mbox):

From: Noam Postavsky <npostavs <at> gmail.com>
To: Eli Zaretskii <eliz <at> gnu.org>
Cc: Robert Pluim <rpluim <at> gmail.com>, 31457 <at> debbugs.gnu.org
Subject: Re: bug#31457: 27.0.50; Move starttls.el and tls.el to lisp/obsolete/
Date: Tue, 15 May 2018 20:51:51 -0400

Eli Zaretskii <eliz <at> gnu.org> writes:

>> From: Robert Pluim <rpluim <at> gmail.com>
>> Date: Tue, 15 May 2018 15:27:42 +0200
>> Cc: 31457 <at> debbugs.gnu.org
>> 
>> Cool. Do we want to remove sslv3 support from tls.el as well, or are
>> we not making any more changes to it now?
>
> I see no need to remove anything from a package that becomes obsolete.

The sslv3 "support" is just the "gnutls-cli --x509cafile %t -p %p %h
--protocols ssl3" entry in the default value for tls-program, right?  I
think removing it wouldn't really be removing the feature as such, just
making the default "safer".  People who know what they are doing can
still customize with the appropriate value to get sslv3 if they want.

Hmm, and it looks like my version of gnutls-cli (3.5.8) doesn't even
support the --protocols switch anyway.

"Basil L. Contovounesios" <contovob <at> tcd.ie> writes:
>>  
>> +** The tls.el and starttls.el libraries are now marked obsolete.
>> +Use of builtin of function based on libgnutls is recommended instead.
>                  ^^^^
>
> Typo?

Oops.  Not sure what I was actually aiming for there.  I rewrote like
this:

** The tls.el and starttls.el libraries are now marked obsolete.
Use of builtin libgnutls based functionality (described in the Emacs
GnuTLS manual) is recommended instead.

Message #23 received at 31457 <at> debbugs.gnu.org (full text, mbox):

From: Andreas Schwab <schwab <at> suse.de>
To: Noam Postavsky <npostavs <at> gmail.com>
Cc: Eli Zaretskii <eliz <at> gnu.org>, 31457 <at> debbugs.gnu.org,
 Robert Pluim <rpluim <at> gmail.com>
Subject: Re: bug#31457: 27.0.50; Move starttls.el and tls.el to lisp/obsolete/
Date: Wed, 16 May 2018 10:55:29 +0200

On Mai 15 2018, Noam Postavsky <npostavs <at> gmail.com> wrote:

> ** The tls.el and starttls.el libraries are now marked obsolete.
> Use of builtin libgnutls based functionality (described in the Emacs
> GnuTLS manual) is recommended instead.

I think it should be `built-in'.

Andreas.

-- 
Andreas Schwab, SUSE Labs, schwab <at> suse.de
GPG Key fingerprint = 0196 BAD8 1CE9 1970 F4BE  1748 E4D4 88E3 0EEA B9D7
"And now for something completely different."

Message #26 received at 31457 <at> debbugs.gnu.org (full text, mbox):

From: Noam Postavsky <npostavs <at> gmail.com>
To: Andreas Schwab <schwab <at> suse.de>
Cc: Eli Zaretskii <eliz <at> gnu.org>, 31457 <at> debbugs.gnu.org,
 Robert Pluim <rpluim <at> gmail.com>
Subject: Re: bug#31457: 27.0.50; Move starttls.el and tls.el to lisp/obsolete/
Date: Mon, 18 Jun 2018 20:12:07 -0400

tags 31457 fixed
close 31457 27.1
quit

Andreas Schwab <schwab <at> suse.de> writes:

> On Mai 15 2018, Noam Postavsky <npostavs <at> gmail.com> wrote:
>
>> ** The tls.el and starttls.el libraries are now marked obsolete.
>> Use of builtin libgnutls based functionality (described in the Emacs
>> GnuTLS manual) is recommended instead.
>
> I think it should be `built-in'.

Fixed and push to master.

[1: 97d5d1a1f4]: 2018-06-18 20:01:44 -0400
  Move tls.el and starttls.el to lisp/obsolete/ (Bug#31457)
  https://git.savannah.gnu.org/cgit/emacs.git/commit/?id=97d5d1a1f4790f959d1bee64e552b492103eddbe

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.