bug#31877: 26.1; Cannot view second certificate information when updating packages

bug#31877: 26.1; Cannot view second certificate information when updating packages

[Allen Li]

1. emacs -Q

Note: This depends on some local state for remembering choices for
certs, so you might want to add
HOME="$(mktemp -d)" to use a clean temporary environment

2. M-: (setq network-security-level 'paranoid) RET
3. M-: (setq package-archives
'(("gnu" . "https://elpa.gnu.org/packages/")
("org" . "https://orgmode.org/elpa/"))) RET

4. M-x package-list-packages RET

5. There should be two windows, one with the package list and one with
certificate information for the ELPA archive.  Emacs prompts for
"Continue connecting? (...)"

6. Press a

7. Now there will be two windows, both displaying the package list.
There will be some success message in the minibuffer.  Emacs is actually
in a state where it is requesting input for the certificate for the
second archive, but this is non obvious because the success message from
the first certificate overrides the prompt for input for the second
certificate [BUG 1].  Also, both windows are displaying the package
list.  The information for the second certificate is not displayed, so
the user cannot check the certificate information to decide whether to
accept it [BUG 2].  Pressing ? displays a help window that explains the
three possible choices, but there is no way to go back to the
certificate information even if it were displayed before, giving the
user no way to verify the certificate information if they accidentally
pressed ? [BUG 3].

In GNU Emacs 26.1 (build 1, x86_64-pc-linux-gnu, GTK+ Version 3.22.30)
 of 2018-05-28 built on juergen
Windowing system distributor 'The X.Org Foundation', version 11.0.12000000

Configured using:
 'configure --prefix=/usr --sysconfdir=/etc --libexecdir=/usr/lib
 --localstatedir=/var --with-x-toolkit=gtk3 --with-xft --with-modules
 'CFLAGS=-march=x86-64 -mtune=generic -O2 -pipe -fstack-protector-strong
 -fno-plt' CPPFLAGS=-D_FORTIFY_SOURCE=2
 LDFLAGS=-Wl,-O1,--sort-common,--as-needed,-z,relro,-z,now'

Configured features:
XPM JPEG TIFF GIF PNG RSVG IMAGEMAGICK SOUND GPM DBUS GSETTINGS NOTIFY
ACL GNUTLS LIBXML2 FREETYPE M17N_FLT LIBOTF XFT ZLIB TOOLKIT_SCROLL_BARS
GTK3 X11 MODULES THREADS LIBSYSTEMD LCMS2

bug#31877: [PATCH] nsm.el: Add choice to reshow certificate information

[Allen Li]

[-- Attachment #1: Type: text/plain, Size: 197 bytes --]

I have attached a patch to add a choice to reshow the cert, since the
fundamental problem is that the user could get stuck in a situation
where they have to choose to accept a cert they can't see.

[-- Attachment #2: 0001-Add-choice-to-reshow-certificate-information.patch --]
[-- Type: text/x-patch, Size: 3484 bytes --]

From 9b474c7f93fa277ce9b136012c05f43c56a6b498 Mon Sep 17 00:00:00 2001
From: Allen Li <darkfeline@felesatra.moe>
Date: Wed, 1 Aug 2018 03:04:26 -0700
Subject: [PATCH] Add choice to reshow certificate information

In various situations, the window displaying the certificate
information can be hidden (such as if the user accidentally presses ?,
which causes the read-multiple-choice help window to replace it).
Instead of leaving the user to make a choice blindly, add a choice to
reshow the certification information.

* lisp/net/nsm.el (nsm-query-user): Add reshow choice.
---
 lisp/net/nsm.el | 51 +++++++++++++++++++++++++++----------------------
 1 file changed, 28 insertions(+), 23 deletions(-)

diff --git a/lisp/net/nsm.el b/lisp/net/nsm.el
index dab9003e02..b4721ca7cf 100644
--- a/lisp/net/nsm.el
+++ b/lisp/net/nsm.el
@@ -365,29 +365,34 @@ nsm-query
 	t))))
 
 (defun nsm-query-user (message args cert)
-  (let ((buffer (get-buffer-create "*Network Security Manager*")))
-    (save-window-excursion
-      ;; First format the certificate and warnings.
-      (with-help-window buffer
-        (with-current-buffer buffer
-          (erase-buffer)
-          (when (> (length cert) 0)
-            (insert cert "\n"))
-          (let ((start (point)))
-            (insert (apply #'format-message message args))
-            (goto-char start)
-            ;; Fill the first line of the message, which usually
-            ;; contains lots of explanatory text.
-            (fill-region (point) (line-end-position)))))
-      ;; Then ask the user what to do about it.
-      (unwind-protect
-          (cadr
-           (read-multiple-choice
-            "Continue connecting?"
-            '((?a "always" "Accept this certificate this session and for all future sessions.")
-              (?s "session only" "Accept this certificate this session only.")
-              (?n "no" "Refuse to use this certificate, and close the connection."))))
-        (kill-buffer buffer)))))
+  (catch 'return
+    (while t
+      (let ((buffer (get-buffer-create "*Network Security Manager*")))
+        (save-window-excursion
+          ;; First format the certificate and warnings.
+          (with-help-window buffer
+            (with-current-buffer buffer
+              (erase-buffer)
+              (when (> (length cert) 0)
+                (insert cert "\n"))
+              (let ((start (point)))
+                (insert (apply #'format-message message args))
+                (goto-char start)
+                ;; Fill the first line of the message, which usually
+                ;; contains lots of explanatory text.
+                (fill-region (point) (line-end-position)))))
+          ;; Then ask the user what to do about it.
+          (pcase (unwind-protect
+                     (cadr
+                      (read-multiple-choice
+                       "Continue connecting?"
+                       '((?a "always" "Accept this certificate this session and for all future sessions.")
+                         (?s "session only" "Accept this certificate this session only.")
+                         (?n "no" "Refuse to use this certificate, and close the connection.")
+                         (?r "reshow" "Reshow certificate information."))))
+                   (kill-buffer buffer))
+            ("reshow")
+            (val (throw 'return val))))))))
 
 (defun nsm-save-host (host port status what permanency)
   (let* ((id (nsm-id host port))
-- 
2.18.0

bug#31877: 26.1; Cannot view second certificate information when updating packages

[Allen Li]

Could I get this looked at?

bug#31877: [PATCH] nsm.el: Add choice to reshow certificate information

[Noam Postavsky]

tags 31877 fixed
close 31877 26.2
quit

Allen Li <darkfeline@felesatra.moe> writes:

> I have attached a patch to add a choice to reshow the cert, since the
> fundamental problem is that the user could get stuck in a situation
> where they have to choose to accept a cert they can't see.

Pushed to emacs-26.

[1: 3bbf21b913]: 2018-09-16 21:15:21 -0400
  Add choice to reshow certificate information (Bug#31877)
  https://git.savannah.gnu.org/cgit/emacs.git/commit/?id=3bbf21b9139e203d7254a9434c88bd38238ed57e