* test/lisp/net/network-stream-tests.el
(make-ipv6-tcp-server-with-unspecified-port): Skip if IPv6 is not available.
(make-ipv6-tcp-server-with-specified-port): Likewise.
(echo-server-with-local-ipv6): Likewise.
This fixes Bug#34193
* src/process.c (Fmake_network_process): Explicitly use ::1 when
using IPv6 with 'local. Update docstring.
* test/lisp/net/network-stream-tests.el
(make-ipv6-tcp-server-with-unspecified-port):
(make-ipv6-tcp-server-with-specified-port): Test creating ipv6
local server.
(make-server): Add optional family argument, default ipv4
(echo-server-with-local-ipv4): Test connecting to 'local ipv4
(echo-server-with-local-ipv6): Test connecting to 'local ipv6
* doc/lispref/processes.texi (Network Processes): Describe
behavior when using 'local.
* etc/NEWS: Document new 'make-network-process' behavior when
connecting to 'local with ipv6.
This fixes Bug#33780, and extends the documentation to describe how to
enable use of client certificates.
* lisp/net/network-stream.el (network-stream-certificate): Correct
order of parameters to plist-get.
(network-stream-open-tls): Pass all received parameters to
open-gnutls-stream as plist, not just :nowait.
* lisp/net/gnutls.el (open-gnutls-stream): Change optional nowait arg
to be plist. Derive nowait and client certificate(s) and keys(s) from
plist (maybe via auth-source) and pass to gnutls-boot-parameters and
gnutls-negotiate.
(network-stream-certificate): Add declare-function form for it.
* doc/misc/auth.texi (Help for users): Describe format to use for
client key/cert specification.
* doc/misc/emacs-gnutls.texi (Help For Developers): Describe usage of
optional plist argument. Add crossreference to description of
.authinfo format for client key/cert specification.
* etc/NEWS: Describe new client certificate functionality for
'open-network-stream'.
* test/lisp/net/network-stream-tests.el: Add require of network-stream.
(connect-to-tls-ipv4-nowait): Bind network-security-level to 'low
in order to bypass nsm prompting.
(connect-to-tls-ipv6-nowait): Likewise.
(open-network-stream-tls-wait): New test.
(open-network-stream-tls-nowait): New test.
(open-network-stream-tls): New test.
(open-network-stream-tls-nocert): New test.
(open-gnutls-stream-new-api-default): New test.
(open-gnutls-stream-new-api-wait): New test.
(open-gnutls-stream-old-api-wait): New test.
(open-gnutls-stream-new-api-nowait): New test.
(open-gnutls-stream-old-api-nowait): New test.
(open-gnutls-stream-new-api-errors): New test.
The new tests exercise 'open-network-stream' and the old and new
api of 'open-gnutls-stream'.
Most of this change is to boilerplate commentary such as license URLs.
This change was prompted by ftp://ftp.gnu.org's going-away party,
planned for November. Change these FTP URLs to https://ftp.gnu.org
instead. Make similar changes for URLs to other organizations moving
away from FTP. Also, change HTTP to HTTPS for URLs to gnu.org and
fsf.org when this works, as this will further help defend against
man-in-the-middle attacks (for this part I omitted the MS-DOS and
MS-Windows sources and the test tarballs to keep the workload down).
HTTPS is not fully working to lists.gnu.org so I left those URLs alone
for now.
These tests intermittently fail on hydra.nixos.org for unclear
reasons related to starting the external process.
This isn't an Emacs issue, and the failures cause noise on
the emacs-buildstatus list. (Bug#24503)
* test/lisp/net/network-stream-tests.el (echo-server-nowait)
(connect-to-tls-ipv4-nowait): Skip rather than fail if the
external process fails to start properly.
* test/lisp/net/network-stream-tests.el (connect-to-tls-ipv4-wait)
(connect-to-tls-ipv4-nowait, connect-to-tls-ipv6-nowait):
Ensure gnutls-serv process gets killed.
(echo-server-nowait, connect-to-tls-ipv4-nowait):
Limit the amount of time we might wait.
