;ELC
;;; Compiled by mockbuild@buildfarm06-new.corp.cloudlinux.com on Fri Oct 11 10:10:36 2024
;;; from file /builddir/build/BUILD/emacs-24.3/lisp/net/tls.el
;;; in Emacs version 24.3.1
;;; with all optimizations.

;;; This file uses dynamic docstrings, first added in Emacs 19.29.

;;; This file does not contain utf-8 non-ASCII characters,
;;; and so can be loaded in Emacs versions earlier than 23.

;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;


(byte-code "\300\301\302\"\210\300\303\302\"\210\304\305\306\307\310\311%\210\312\313\314\315\316\317\320\321\310\305&	\210\312\322\323\324\320\325\316\326\310\305&	\210\312\327\306\330\316\326\320\331\310\305&	\210\312\332\333\334\316\326\320\321\310\305&	\210\312\335\306\336\320\337\316\340\310\305&	\210\312\341\342\343\320\321\316\340\310\305&	\210\312\344\345\346\320\321\316\340\310\305&	\210\312\347\350\351\316\326\320\352\310\305&	\207" [autoload format-spec "format-spec" format-spec-make custom-declare-group tls nil "Transport Layer Security (TLS) parameters." :group comm custom-declare-variable tls-end-of-info (concat "\\(" "^    Verify return code: .+\n---\n\\|" "^- Simple Client Mode:\n" "\\(\n\\|" "^\\*\\*\\* Starting TLS handshake\n\\)*" "\\)") "Regexp matching end of TLS client informational messages.\nClient data stream begins after the last character matched by\nthis.  The default matches `openssl s_client' (version 0.9.8c)\nand `gnutls-cli' (version 2.0.1) output." :version "22.2" :type regexp tls-program '("gnutls-cli --insecure -p %p %h" "gnutls-cli --insecure -p %p %h --protocols ssl3" "openssl s_client -connect %h:%p -no_ssl2 -ign_eof") "List of strings containing commands to start TLS stream to a host.\nEach entry in the list is tried until a connection is successful.\n%h is replaced with server hostname, %p with port to connect to.\nThe program should read input on stdin and write output to\nstdout.\n\nSee `tls-checktrust' on how to check trusted root certs.\n\nAlso see `tls-success' for what the program should output after\nsuccessful negotiation." (choice (list :tag "Choose commands" :value ("gnutls-cli -p %p %h" "gnutls-cli -p %p %h --protocols ssl3" "openssl s_client -connect %h:%p -no_ssl2 -ign_eof") (set :inline t (const "gnutls-cli --x509cafile /etc/ssl/certs/ca-certificates.crt -p %p %h") (const "gnutls-cli --x509cafile /etc/ssl/certs/ca-certificates.crt -p %p %h --protocols ssl3") (const "openssl s_client -connect %h:%p -CAfile /etc/ssl/certs/ca-certificates.crt -no_ssl2 -ign_eof") (const "gnutls-cli -p %p %h") (const "gnutls-cli -p %p %h --protocols ssl3") (const "openssl s_client -connect %h:%p -no_ssl2 -ign_eof")) (repeat :inline t :tag "Other" (string))) (const :tag "Default list of commands" ("gnutls-cli -p %p %h" "gnutls-cli -p %p %h --protocols ssl3" "openssl s_client -connect %h:%p -no_ssl2 -ign_eof")) (list :tag "List of commands" (repeat :tag "Command" (string)))) "22.1" tls-process-connection-type "Value for `process-connection-type' to use when starting TLS process." boolean tls-success "- Handshake was completed\\|SSL handshake has read " "Regular expression indicating completed TLS handshakes.\nThe default is what GnuTLS's \"gnutls-cli\" or OpenSSL's\n\"openssl s_client\" outputs." tls-checktrust "Indicate if certificates should be checked against trusted root certs.\nIf this is `ask', the user can decide whether to accept an\nuntrusted certificate.  You may have to adapt `tls-program' in\norder to make this feature work properly, i.e., to ensure that\nthe external program knows about the root certificates you\nconsider trustworthy, e.g.:\n\n(setq tls-program\n      '(\"gnutls-cli --x509cafile /etc/ssl/certs/ca-certificates.crt -p %p %h\"\n	\"gnutls-cli --x509cafile /etc/ssl/certs/ca-certificates.crt -p %p %h --protocols ssl3\"\n	\"openssl s_client -connect %h:%p -CAfile /etc/ssl/certs/ca-certificates.crt -no_ssl2 -ign_eof\"))" (choice (const :tag "Always" t) (const :tag "Never" nil) (const :tag "Ask" ask)) "23.1" tls-untrusted "- Peer's certificate is NOT trusted\\|Verify return code: \\([^0] \\|.[^ ]\\)" "Regular expression indicating failure of TLS certificate verification.\nThe default is what GnuTLS's \"gnutls-cli\" or OpenSSL's\n\"openssl s_client\" return in the event of unsuccessful\nverification." tls-hostmismatch "# The hostname in the certificate does NOT match" "Regular expression indicating a host name mismatch in certificate.\nWhen the host name specified in the certificate doesn't match the\nname of the host you are connecting to, gnutls-cli issues a\nwarning to this effect.  There is no such feature in openssl.  Set\nthis to nil if you want to ignore host name mismatches." tls-certtool-program (executable-find "certtool") "Name of  GnuTLS certtool.\nUsed by `tls-certificate-information'." string] 10)
#@59 Parse X.509 certificate in DER format into an assoc list.
(defalias 'tls-certificate-information #[(der) "\304\305!\306Q\307r\310\311!q\210\312 \210\nc\210\313\314\315\217\211\307U\205=\313eb\210\316\317\313\320#\203:\321\322!\321\323!BB\202%\237)+\207" [der exit-code certificate vals "-----BEGIN CERTIFICATE-----\n" base64-encode-string "\n-----END CERTIFICATE-----\n" 0 get-buffer-create " *certtool*" erase-buffer nil (byte-code "\301ed\302p\303D\302\304&\207" [tls-certtool-program call-process-region t nil "--certificate-info"] 8) ((error -1)) re-search-forward "^\\([^:]+\\): \\(.*\\)" t match-string 1 2] 5 (#$ . 4891)])
#@683 Open a TLS connection for a port to a host.
Returns a subprocess-object to represent the connection.
Input and output work as for subprocesses; `delete-process' closes it.
Args are NAME BUFFER HOST PORT.
NAME is name for process.  It is modified if necessary to make it unique.
BUFFER is the buffer (or buffer name) to associate with the process.
 Process output goes at end of that buffer, unless you specify
 an output stream or filter function to handle the output.
 BUFFER may be also nil, meaning that this process is not associated
 with any buffer
Third arg is name of the host to connect to, or its IP address.
Fourth arg PORT is an integer specifying a port to connect to.
(defalias 'open-tls-stream #[(name buffer host port) "	?\306\211\211)
\203\307\310!\202)\311	!\203%\312\311	!!\204)\307	!\210r	q\210\313\314*\"\210\n\204\343)\211A)@\211\203\343+\315\316\317*\320,\250\203Y\321,!\202[,$\"-.\313\322-\"\210\323/	01-%\f\203\233\324\f!\325>\203\233eb\210\3262\306\327#\211\204\233\330\f\331\"\204s\332\331!\210\202s\313\333-\n\203\247\334\202\250\335#\210\n\204\265\336\f!\210\202\337\3063\212\3264\306\327#\205\304\337\225)\2113\204\323\330\f\331\"\210\202\2703\203\3343b\210)\f*\2023\n\2036
5\203
\212eb\210\3266\306\327#)\203
5\340=\204	
\313\341*\"\2040
\342\343\344*\"!\2030
7\2036
\212eb\210\3267\306\327#)\2036
\342\343\345*\"!\2046
\306\336\f!\210)\313\346*\n\203C
\334\202D
\335#\210
\203W
\n\203S
\347\f\306\"\210\350	!\210\n-\207" [tls-program buffer done cmd process use-temp-buffer nil generate-new-buffer " TLS" get-buffer buffer-name message "Opening TLS connection to `%s'..." format-spec format-spec-make 104 112 int-to-string "Opening TLS connection with `%s'..." start-process process-status (open run) re-search-forward t accept-process-output 1 sit-for "Opening TLS connection with `%s'...%s" "done" "failed" delete-process 0 ask "The certificate presented by `%s' is NOT trusted." yes-or-no-p format "The certificate presented by `%s' is NOT trusted. Accept anyway? " "Host name in certificate doesn't match `%s'. Connect anyway? " "Opening TLS connection to `%s'...%s" set-process-buffer kill-buffer cmds host tls-process-connection-type port formatted-cmd process-connection-type name shell-file-name shell-command-switch tls-success start-of-data tls-end-of-info tls-checktrust tls-untrusted tls-hostmismatch] 9 (#$ . 5541)])
(provide 'tls)