From: Michael Albinus <michael.albinus@gmx.de>
To: "J.P." <jp@neverwas.me>
Cc: Damien Cassou <damien@cassou.me>,
48598@debbugs.gnu.org, Ted Zlatanov <tzz@lifelogs.com>,
emacs-erc@gnu.org, Sam Steingold <sds@gnu.org>
Subject: bug#48598: 28.0.50; buffer-naming collisions involving bouncers in ERC
Date: Thu, 21 Apr 2022 09:08:58 +0200 [thread overview]
Message-ID: <87czha3oc5.fsf_-___47943.6160925374$1650528508$gmane$org@gmx.de> (raw)
In-Reply-To: <878rrz268v.fsf@neverwas.me> (J. P.'s message of "Wed, 20 Apr 2022 07:12:48 -0700")
"J.P." <jp@neverwas.me> writes:
> Hi all,
Hi,
A general remark: I haven't read the complete bug messages, so in case
I'm missing something pls point me to this. In fact, I'm focussing on
the auth-source releated problems; erc details are not important for me
just now.
Btw, I found it hard to scan a bug report with so many different
problems. Usually, it is more simple to discuss every problem in a
separate bug report, in order not to lose control. Except, all of them
are strongly dependent.
You have said somewhere there is an archive at
<https://jpneverwas.gitlab.io/erc-tools/archive/>. I cannot access this
URL. Is there another URL to be used?
> While it may be tempting to single out pass, this part from the doc
> string for `auth-source-search' says that ignoring :max and returning at
> most one result is totally acceptable:
>
> :max N means to try to return at most N items (defaults to 1).
> More than N items may be returned, depending on the search and
> the backend.
Indeed. In Tramp there are two calls of auth-source-search: One call in
order to retrieve the password, and there I use ':max 1' explicitly (see
`tramp-read-passwd'). And there is another function used for user/host
name completion, not looking for the password, and there I use ':max
most-positive-fixnum' (see `tramp-parse-auth-sources'). But the former
case could refrain from specifying :max.
> Now, I suppose it's safe to assume those back ends in auth-source.el
> already supporting :max will continue to do so forever and that the
> proposed kludges for pass [1] are likewise safe (as long as we only ever
> apply them to 27 and 28).
>
> What I'd like to know is actually something Damien had had the foresight
> to raise initially but that I was too dim to grasp fully in the moment:
>
>> if auth-source-pass doesn't implement auth-source protocol, shouldn't
>> we try to improve it instead of working around it in all users of the
>> library? Am I missing something?
>
> In truth, without such an addition (adding :max to auth-source-pass),
> I'm not sure it makes sense for ERC to shoot for pass support at all. So
> ERC aside, would such a change be worthwhile from the perspective of
> auth-source, seeing as pass is technically already fully compliant?
Making auth-source-pass conform to the auth-source API would always be a
good thing™. I don't know whether there exist already such a bug report,
otherwise I recommend you to write a new report.
> [2] A couple (non-pass specific) questions:
>
> - Is there anything obvious to watch out for in our integration
> tests to avoid contaminating existing ones for auth-source or
> secrets?
I don't believe. Just follow the usual recommendation for ERT tests:
make a temporary environment for the test (for example, create a
temporary auth-source-pass store), run your test, remove test data (for
example, remove the temporary auth-source-pass store). That's how the
tests in auth-source-tests.el and auth-source-pass-tests.el are
designed, IIRC.
Since you don't want to test auth-source-pass functionality explicitly,
you can of course use any other auth-source backend. The scenario is the
same, and you could even provide several test functions like
erc-tests--auth-source-netrc, erc-tests--auth-source-json, and alike.
> Right now, the only thing we attend to specifically is let-binding
> `auth-source-do-cache' around every test.
>
> - Are there any security-related gotchas to heed when retrieving a
> bunch of secrets in bulk and sifting through them?
>
> Currently, results are narrowed to the best candidate, and its
> secret is returned as a string for (relatively) immediate
> transmission. IOW, I don't think any obvious references to the
> discarded ones remain, if that matters.
That sounds OK. Even better would be to use functions for the :secret
token, instead of the secret strings themselves. And call that function
when you need it.
> Thanks everyone,
> J.P.
Best regards, Michael.
next prev parent reply other threads:[~2022-04-21 7:08 UTC|newest]
Thread overview: 51+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-05-23 1:22 28.0.50; buffer-naming collisions involving bouncers in ERC J.P.
2021-06-02 11:19 ` bug#48598: " J.P.
2021-06-09 14:36 ` Olivier Certner
2021-06-10 14:36 ` bug#48598: " J.P.
2021-06-19 3:04 ` J.P.
2021-06-25 13:18 ` J.P.
[not found] ` <87r1gqaxqf.fsf@neverwas.me>
2021-06-28 7:58 ` Olivier Certner
2021-10-16 21:15 ` Daniel Fleischer
2021-10-16 23:21 ` J.P.
[not found] ` <87o87ofte1.fsf@neverwas.me>
2021-11-11 5:24 ` Lars Ingebrigtsen
[not found] ` <8735o39sdg.fsf@gnus.org>
2021-11-11 10:27 ` J.P.
[not found] ` <87pmr77zsa.fsf@neverwas.me>
2021-11-11 12:08 ` Lars Ingebrigtsen
[not found] ` <87a6ia7v47.fsf@gnus.org>
2021-11-11 15:13 ` J.P.
2021-09-04 16:46 ` bug#48598: Strange ERC/ZNC Bug/Problem acdw
2021-09-07 21:38 ` J.P.
2021-09-10 12:43 ` bug#48598: Duplicate messages from bouncers on 27 and earlier J.P.
2021-11-11 15:15 ` bug#48598: 28.0.50; buffer-naming collisions involving bouncers in ERC J.P.
2022-03-14 13:08 ` J.P.
2022-04-09 21:14 ` bug#48598: Questions regarding layout and composition of tests (bug#48598) J.P.
2022-04-09 21:22 ` bug#48598: Questions regarding auth-source integration (bug#48598) J.P.
[not found] ` <87leweez89.fsf@neverwas.me>
2022-04-10 12:49 ` bug#48598: Questions regarding layout and composition of tests (bug#48598) Lars Ingebrigtsen
[not found] ` <87fsmlp0gy.fsf@gnus.org>
2022-04-11 7:59 ` bug#48598: 28.0.50; buffer-naming collisions involving bouncers in ERC Michael Albinus
[not found] ` <878rsc2gp5.fsf_-_@gmx.de>
2022-04-11 10:21 ` Lars Ingebrigtsen
[not found] ` <878rsbdipd.fsf@gnus.org>
2022-04-11 13:29 ` J.P.
2022-04-11 15:34 ` Lars Ingebrigtsen
2022-04-12 7:50 ` Michael Albinus
[not found] ` <87sfqi2119.fsf@gmx.de>
2022-04-15 13:02 ` J.P.
[not found] ` <87v8vah54l.fsf@neverwas.me>
2022-04-15 15:05 ` Michael Albinus
[not found] ` <87h76ucrq4.fsf@gmx.de>
2022-04-16 1:12 ` J.P.
[not found] ` <87h76tde5k.fsf@neverwas.me>
2022-04-17 8:25 ` Michael Albinus
[not found] ` <87czhgce1s.fsf@gmx.de>
2022-04-18 14:30 ` J.P.
[not found] ` <871qxucvls.fsf@neverwas.me>
2022-04-18 16:43 ` Michael Albinus
[not found] ` <87o80ybauv.fsf@gmx.de>
2022-04-21 13:28 ` J.P.
[not found] ` <87pmlao9ax.fsf@neverwas.me>
2022-04-22 8:54 ` Michael Albinus
[not found] ` <87bkxaeyuw.fsf@neverwas.me>
2022-04-18 13:26 ` bug#48598: Questions regarding auth-source integration (bug#48598) Damien Cassou
2022-04-18 14:24 ` J.P.
[not found] ` <87ee1ucvv3.fsf@neverwas.me>
2022-04-18 15:24 ` Damien Cassou
2022-04-18 16:52 ` Michael Albinus
[not found] ` <87k0bmbage.fsf@gmx.de>
2022-04-20 14:12 ` J.P.
[not found] ` <878rrz268v.fsf@neverwas.me>
2022-04-21 7:08 ` Michael Albinus [this message]
[not found] ` <87czha3oc5.fsf_-_@gmx.de>
2022-04-21 13:21 ` bug#48598: 28.0.50; buffer-naming collisions involving bouncers in ERC J.P.
[not found] ` <87v8v2o9l4.fsf@neverwas.me>
2022-04-22 9:29 ` Michael Albinus
[not found] ` <87k0bh31pt.fsf@gmx.de>
2022-04-22 14:24 ` J.P.
[not found] ` <8735i5nql8.fsf@neverwas.me>
2022-04-23 9:47 ` Michael Albinus
[not found] ` <87bkws2ksn.fsf@gmx.de>
2022-04-25 12:05 ` J.P.
[not found] ` <87czh5z7ui.fsf@neverwas.me>
2022-04-27 12:28 ` Michael Albinus
[not found] ` <874k2epv5n.fsf@gmx.de>
2022-04-28 8:08 ` Michael Albinus
[not found] ` <87levpmxz1.fsf@gmx.de>
2022-04-28 8:13 ` Michael Albinus
2022-04-29 13:03 ` J.P.
2022-05-25 19:29 ` J.P.
2022-05-26 5:17 ` J.P.
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.gnu.org/software/emacs/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='87czha3oc5.fsf_-___47943.6160925374$1650528508$gmane$org@gmx.de' \
--to=michael.albinus@gmx.de \
--cc=48598@debbugs.gnu.org \
--cc=damien@cassou.me \
--cc=emacs-erc@gnu.org \
--cc=jp@neverwas.me \
--cc=sds@gnu.org \
--cc=tzz@lifelogs.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).