From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail
From: Arsen =?UTF-8?Q?Arsenovi=C4=87?= via "Bug reports for GNU Emacs,
 the Swiss army knife of text editors" <bug-gnu-emacs@gnu.org>
Newsgroups: gmane.emacs.bugs
Subject: bug#67937: 30.0.50; auth-source-pass relies on epa-file being enabled
Date: Sat, 23 Dec 2023 16:50:47 +0100
Message-ID: <86y1dksyia.fsf@aarsen.me>
References: <8734vwq06i.fsf@aarsen.me> <83frzwhgre.fsf@gnu.org>
 <87jzp8of97.fsf@aarsen.me> <83bkakhe8s.fsf@gnu.org>
 <87msu4myau.fsf@aarsen.me> <83y1dnga7u.fsf@gnu.org>
 <87sf3vlqj1.fsf@aarsen.me> <871qbf4ocp.fsf@neverwas.me>
 <871qbflg53.fsf@aarsen.me> <87h6kbxgzl.fsf@neverwas.me>
 <87jzp6is0s.fsf@aarsen.me> <87ttoas466.fsf@neverwas.me>
 <878r5mm3el.fsf@gmx.de>
Reply-To: Arsen =?UTF-8?Q?Arsenovi=C4=87?= <arsen@aarsen.me>
Mime-Version: 1.0
Content-Type: multipart/signed; boundary="==-=-=";
 micalg=pgp-sha512; protocol="application/pgp-signature"
Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214";
	logging-data="30610"; mail-complaints-to="usenet@ciao.gmane.io"
Cc: Damien Cassou <damien@cassou.me>, Eli Zaretskii <eliz@gnu.org>,
 67937@debbugs.gnu.org, "J.P." <jp@neverwas.me>
To: Michael Albinus <michael.albinus@gmx.de>
Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Sat Dec 23 16:58:28 2023
Return-path: <bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org>
Envelope-to: geb-bug-gnu-emacs@m.gmane-mx.org
Original-Received: from lists.gnu.org ([209.51.188.17])
	by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
	(Exim 4.92)
	(envelope-from <bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org>)
	id 1rH4OR-0007lr-LD
	for geb-bug-gnu-emacs@m.gmane-mx.org; Sat, 23 Dec 2023 16:58:28 +0100
Original-Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <bug-gnu-emacs-bounces@gnu.org>)
	id 1rH4OD-00015G-Q7; Sat, 23 Dec 2023 10:58:13 -0500
Original-Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1rH4OB-000150-U2
 for bug-gnu-emacs@gnu.org; Sat, 23 Dec 2023 10:58:11 -0500
Original-Received: from debbugs.gnu.org ([2001:470:142:5::43])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1rH4Nx-0008CA-5w
 for bug-gnu-emacs@gnu.org; Sat, 23 Dec 2023 10:58:11 -0500
Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1rH4O2-0003S7-7O
 for bug-gnu-emacs@gnu.org; Sat, 23 Dec 2023 10:58:02 -0500
X-Loop: help-debbugs@gnu.org
Resent-From: Arsen =?UTF-8?Q?Arsenovi=C4=87?= <arsen@aarsen.me>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-gnu-emacs@gnu.org
Resent-Date: Sat, 23 Dec 2023 15:58:02 +0000
Resent-Message-ID: <handler.67937.B67937.170334703813218@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 67937
X-GNU-PR-Package: emacs
Original-Received: via spool by 67937-submit@debbugs.gnu.org id=B67937.170334703813218
 (code B ref 67937); Sat, 23 Dec 2023 15:58:02 +0000
Original-Received: (at 67937) by debbugs.gnu.org; 23 Dec 2023 15:57:18 +0000
Original-Received: from localhost ([127.0.0.1]:51103 helo=debbugs.gnu.org)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
 id 1rH4NK-0003R8-5u
 for submit@debbugs.gnu.org; Sat, 23 Dec 2023 10:57:18 -0500
Original-Received: from mout-p-101.mailbox.org ([2001:67c:2050:0:465::101]:44626)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <arsen@aarsen.me>) id 1rH4NI-0003Qv-3w
 for 67937@debbugs.gnu.org; Sat, 23 Dec 2023 10:57:17 -0500
Original-Received: from smtp202.mailbox.org (smtp202.mailbox.org
 [IPv6:2001:67c:2050:b231:465::202])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (No client certificate requested)
 by mout-p-101.mailbox.org (Postfix) with ESMTPS id 4Sy81W4Qg6z9sqr;
 Sat, 23 Dec 2023 16:57:03 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=aarsen.me; s=MBO0001; 
 t=1703347023;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
 in-reply-to:in-reply-to:references:references;
 bh=MFP+r4/ulx+PhEz8K4N43ozkTpIouZ1mQzViH2Twjlc=;
 b=hgslKvj/54wxFl0raRLSMdQ8bxXcp4hwmaOqlwb6Y9Qr0mcv4xPU3b9uiBz+hS7XYs4pE2
 qYdVQPGUSh7oKLpjVxlS34K+pLEMZUFf5BuVzV2bXHqh5Uglzz3EOU54f/r8kh3k/GNFSs
 aL/FzGZsq8+bEbKL0zbPA7hQEt6JjrNbrafnHkJZpSk4EVNauXUK9Om13JSv0F1jM1x7C/
 cuslO3yUWsmfNLdDsx0bdzPWKuEFNUdFArs27vikVe7bmV/X9CGMIJkooN2zHpynQQdxEq
 mytj9wlLYKZrgtsl5EHq3iEPUgs/zeqp1PtJ3rbRhWwbNku70AzvYuLviPuuPg==
In-reply-to: <878r5mm3el.fsf@gmx.de>
X-Rspamd-Queue-Id: 4Sy81W4Qg6z9sqr
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
X-BeenThere: bug-gnu-emacs@gnu.org
List-Id: "Bug reports for GNU Emacs,
 the Swiss army knife of text editors" <bug-gnu-emacs.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/bug-gnu-emacs>,
 <mailto:bug-gnu-emacs-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/bug-gnu-emacs>
List-Post: <mailto:bug-gnu-emacs@gnu.org>
List-Help: <mailto:bug-gnu-emacs-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/bug-gnu-emacs>,
 <mailto:bug-gnu-emacs-request@gnu.org?subject=subscribe>
Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org
Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org
Xref: news.gmane.io gmane.emacs.bugs:276751
Archived-At: <http://permalink.gmane.org/gmane.emacs.bugs/276751>

--==-=-=
Content-Type: multipart/mixed; boundary="=-=-="

--=-=-=
Content-Type: text/plain

Hi Michael,

Michael Albinus <michael.albinus@gmx.de> writes:

> "J.P." <jp@neverwas.me> writes:
>
>> Hi Arsen,
>
> Hi,
>
>> Don't kill me, but I have another rather unlikely scenario perhaps
>> worthy of passing consideration (or dismissal):
>>
>>   (setopt auth-source-pass-filename "/ssh:desktop.local:.password-store")
>>
>> If those Tramp addresses don't continue to work after your suggested
>> changes, we should probably ask Michael Albinus whether their working
>> currently is just an accident or something intentional and supported.
>
> I don't remember any special effort making auth-source-pass Tramp-affin,
> but I might misremember. However, I wouldn't call it "accident", but
> "Emacs design".

A happy accident, if you will :-)

> If accessing auth-source-pass-filename uses the well known primitive
> functions (insert-file-contents, expand-file-name alike), there
> shouldn't be a problem of keeping this compatibility with Tramp.

Right.

This v2 patch restores TRAMP support.


--=-=-=
Content-Type: text/x-patch
Content-Disposition: inline;
 filename=v2-0001-auth-source-pass-don-t-rely-on-epa-file-bug-67937.patch
Content-Transfer-Encoding: quoted-printable
Content-Description: v2 patch

From=202097666b80c1b78462fbf454664b0017773c91d3 Mon Sep 17 00:00:00 2001
From: =3D?UTF-8?q?Arsen=3D20Arsenovi=3DC4=3D87?=3D <arsen@aarsen.me>
Date: Thu, 21 Dec 2023 12:29:55 +0100
Subject: [PATCH v2] auth-source-pass: don't rely on epa-file (bug#67937)

* lisp/auth-source-pass.el (epg): Require epg.
(auth-source-pass--read-entry): Use epg-decrypt-string and
insert-file-contents-literally instead of relying on epa-file
decrypting files read via insert-file-contents.  This avoids
interference from file-name-handler-alist, and avoids breaking
when epa-file-handler is not mong f-n-h-a.
=2D--
 lisp/auth-source-pass.el | 18 +++++++++++++-----
 1 file changed, 13 insertions(+), 5 deletions(-)

diff --git a/lisp/auth-source-pass.el b/lisp/auth-source-pass.el
index 0f51755a250..abfcf4b710c 100644
=2D-- a/lisp/auth-source-pass.el
+++ b/lisp/auth-source-pass.el
@@ -34,6 +34,7 @@
 (require 'cl-lib)
 (require 'auth-source)
 (require 'url-parse)
+(require 'epg)
 ;; Use `eval-when-compile' after the other `require's to avoid spurious
 ;; "might not be defined at runtime" warnings.
 (eval-when-compile (require 'subr-x))
@@ -194,11 +195,18 @@ auth-source-pass--get-attr
=20
 (defun auth-source-pass--read-entry (entry)
   "Return a string with the file content of ENTRY."
=2D  (with-temp-buffer
=2D    (insert-file-contents (expand-file-name
=2D                           (format "%s.gpg" entry)
=2D                           auth-source-pass-filename))
=2D    (buffer-substring-no-properties (point-min) (point-max))))
+  (let ((context (epg-make-context 'OpenPGP))
+	(file (expand-file-name
+	       (format "%s.gpg" entry)
+	       auth-source-pass-filename)))
+    (with-temp-buffer
+      ;; Avoid file-name-handler-alist interference.  We're reading
+      ;; and decrypting a binary file here.
+      (insert-file-contents-literally file)
+      (epg-decrypt-string
+       context
+       (buffer-substring-no-properties (point-min)
+                                       (point-max))))))
=20
 (defun auth-source-pass-parse-entry (entry)
   "Return an alist of the data associated with ENTRY.
=2D-=20
2.43.0


--=-=-=
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable


Have a lovely day.
=2D-
Arsen Arsenovi=C4=87

--=-=-=--

--==-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iOYEARYKAI4WIQT+4rPRE/wAoxYtYGFSwpQwHqLEkwUCZYcDTV8UgAAAAAAuAChp
c3N1ZXItZnByQG5vdGF0aW9ucy5vcGVucGdwLmZpZnRoaG9yc2VtYW4ubmV0RkVF
MkIzRDExM0ZDMDBBMzE2MkQ2MDYxNTJDMjk0MzAxRUEyQzQ5MxAcYXJzZW5AYWFy
c2VuLm1lAAoJEFLClDAeosSToQoA/jl9XxXZzGu2+btkM7Z9wgfa0vSbUYQKXc14
c0h5wFA0AQCBvo4a0P4OzgxlbHFOg+FyqlOIeSr4qaFdWQEkhvv3Dw==
=4Ba2
-----END PGP SIGNATURE-----
--==-=-=--