Re: Updated GNU TLS bindings

[Eli Zaretskii]

> From: Simon Josefsson <address@hidden>
> Date: Fri, 25 Jan 2002 23:08:02 +0100
> 
> I have cleaned up my GNU TLS support for Emacs, and written some
> documentation as well (included below, it can use to help of someone
> who knows english).

Thanks.  A few comments about this:

  - the changes should include an addition to the help screen printed
    by the configure script, in the --with-PACKAGE area, which
    mention the --with-gnutls option;

  - likewise, INSTALL should mention that, and give a pointer to a
    place where one could find TLS;

  - there should be an entry in NEWS about this addition;

  - aren't there any user-visible aspects of TSL support?  If there
    are, they should be mentioned in the user manual.

> address@hidden gnutls-init proc connection_end
> address@hidden defun
> address@hidden gnutls-deinit proc
> address@hidden defun

These (and other function descriptions) should have descriptions which
at least explain the meaning of the arguments.

> +emacs_gnutls_write (fildes, state, buf, nbyte)
> +     int fildes;
> +     GNUTLS_STATE state;
> +     char *buf;
> +     unsigned int nbyte;
> +{
> +  register int rtnval, bytes_written;
> +
> +  puts("emacs_gnutls_write");

??? Is this `puts' a remnant of the debugging stage?  (There are
other similar puts and printf calls in the diffs.)

> +  alg = gnutls_mac_get_algo(state);
> +  XSETINT (ret, alg);
> +
> +  return ret;

I think make_number is a slightly better way of doing this:

   return make_number (gnutls_mac_get_algo(state));

> +Each authentication type may need additional information in order to
> +work.  For anonymous (`gnutls-anon'), see also
> +`gnutls-anon-set-client-cred'.  For SRP (`gnutls-srp'), see also

Shouldn't parentheses in a doc string be escaped with a backslash?

> Index: src/process.h
> ===================================================================
> RCS file: /cvsroot/emacs/emacs/src/process.h,v
> retrieving revision 1.18
> diff -u -r1.18 process.h
> --- src/process.h     14 Oct 2001 20:14:49 -0000      1.18
> +++ src/process.h     25 Jan 2002 21:58:46 -0000
> @@ -91,6 +91,13 @@
>      /* Flag to set coding-system of the process buffer from the
>         coding_system used to decode process output.  */
>      Lisp_Object inherit_coding_system_flag;
> +#ifdef HAVE_GNUTLS
> +    /* XXX Store GNU TLS state and auth mechanisms in Lisp_Objects. */
> +    Lisp_Object gnutls_state;
> +    Lisp_Object x509_cred, x509_callback;
> +    Lisp_Object anon_cred;
> +    Lisp_Object srp_cred;
> +#endif

I think these objects should exists in the struct even if Emacs was
compiled without TLS.  IMHO, it's a potential trouble to have binary
API incompatibilities that depend on the compilation switches.