2

我正在尝试使用 Emacs gnus 连接到我的 gmail 帐户。这是相关的配置代码,主要取自这里

(setq tls-program '("openssl s_client -CAfile C:/Users/GGustafson/gmail.crt -connect %h:%p -no_ssl2 -ign_eof"))

(setq gnus-select-method '(nnimap "gmail"
  (nnimap-address "imap.gmail.com")  
  (nnimap-server-port 993)
  (nnimap-stream ssl)
  (nnimap-authinfo-file "~/.authinfo")))

(setq message-send-mail-function 'smtpmail-send-it
 smtpmail-starttls-credentials '(("smtp.gmail.com" 587 nil nil))
  smtpmail-auth-credentials '(("smtp.gmail.com" 587 "gordon3.14@gmail.com" nil))
  smtpmail-default-smtp-server "smtp.gmail.com"
  smtpmail-smtp-server "smtp.gmail.com"
  smtpmail-smtp-service 587)

当我重新启动,启动 emacs 并执行M-x gnus时,我得到了这些*Messages*

Opening connection to imap.gmail.com via tls...
gnutls.c: [1] (Emacs) GnuTLS library not found
Opening TLS connection to `imap.gmail.com'...
Opening TLS connection with `openssl s_client -CAfile C:/Users/GGustafson/gmail.crt -connect imap.gmail.com:993 -no_ssl2 -ign_eof'...done
Opening TLS connection to `imap.gmail.com'...done
nnimap (gmail) open error: 'depth=3 C = US, O = Equifax, OU = Equifax Secure Certificate Authority^M
'.  Continue? (y or n)  y

这里到底发生了什么?以前我遇到了一些verify error:num=20:unable to get local issuer certificate错误,但我按照这些说明修复了这些错误,这让我添加了-CAfile带有相应证书副本的参数。

为了确认这一点,我可以这样做:

C:\Users\GGustafson>openssl s_client -CAfile C:/Users/GGustafson/gmail.crt -connect imap.gmail.com:993 -no_ssl2 -ign_eof
CONNECTED(00000003)
depth=3 C = US, O = Equifax, OU = Equifax Secure Certificate Authority verify return:1
depth=2 C = US, O = GeoTrust Inc., CN = GeoTrust Global CA verify return:1
depth=1 C = US, O = Google Inc, CN = Google Internet Authority G2 verify return:1
depth=0 C = US, ST = California, L = Mountain View, O = Google Inc, CN = imap.gmail.com verify return:1
---
Certificate chain
 0 s:/C=US/ST=California/L=Mountain View/O=Google Inc/CN=imap.gmail.com
   i:/C=US/O=Google Inc/CN=Google Internet Authority G2
 1 s:/C=US/O=Google Inc/CN=Google Internet Authority G2
   i:/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA
 2 s:/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA
   i:/C=US/O=Equifax/OU=Equifax Secure Certificate Authority
---
Server certificate
-----BEGIN CERTIFICATE-----
****SNIP****
    Start Time: 1387083719
    Timeout   : 300 (sec)
    Verify return code: 0 (ok)
---
* OK Gimap ready for requests from 128.84.124.191 el7if9939594qeb.109

能够用 gnus 阅读我的 Gmail,我错过了什么?我在使用 Cygwin openssl 的 Windows 7 上。

4

2 回答 2

3

我需要在 Windows 7 上从 gnus 连接到 gmail 的一件事是:

;; So gnutls can find trustfiles on windows
(eval-after-load "gnutls"
'(progn
  (setq gnutls-trustfiles '("c:/cygwin/usr/ssl/certs/ca-bundle.trust.crt" "c:/cygwin/usr/ssl/certs/ca-bundle.crt"))))

除此之外,其余设置类似:

(setq gnus-secondary-select-methods
      '(
    (nnimap "gmail"
           (nnimap-address "imap.gmail.com")
           (nnimap-server-port 993)
           (nnimap-stream ssl)
           (nnir-search-engine imap)
           (nnimap-authinfo-file "~/.authinfo")
           )
    (nntp "news.gmane.org")
    (nnfolder "archive"
      (nnfolder-directory   "~/Documents/Text/Gnus/Mail/archive")
      (nnfolder-active-file "~/Documents/Text/Gnus/Mail/archive/active")
      (nnfolder-get-new-mail nil)
      (nnfolder-inhibit-expiry t))))

能够很好地阅读来自 gmail 的邮件。

于 2013-12-17T19:08:25.857 回答
1

对我有用的是为 windows 使用 gnutls 端口而不是 openssl,并删除tls-program. 如果它们在您的路径上,Emacs 将自动使用来自 gnutls 的二进制文件,因为这gnutls-cli是第一个尝试使用tls-program.

我建议在尝试使用 openssl 之前使用 gnutls,它可能出于某种原因在默认设置中排在第一位。

于 2013-12-18T00:02:52.917 回答