From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail From: "J.P." Newsgroups: gmane.emacs.bugs Subject: bug#58985: 29.0.50; Have auth-source-pass behave more like other back ends Date: Thu, 10 Nov 2022 06:40:08 -0800 Message-ID: <87pmduc1pz.fsf__6973.17943429283$1668091279$gmane$org@neverwas.me> References: <87wn8cb0ym.fsf@neverwas.me> <874jvdardn.fsf__3771.40490324877$1667692584$gmane$org@neverwas.me> <87pme09vis.fsf@gmx.de> <87a653z7dl.fsf@neverwas.me> <874jvbnje1.fsf@gmx.de> <875yfpmtwb.fsf__40235.4477484309$1667915906$gmane$org@neverwas.me> <87o7tfiqws.fsf@thaodan.de> <875yfnnzy6.fsf@neverwas.me> <87cz9vhqqq.fsf@thaodan.de> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214"; logging-data="7462"; mail-complaints-to="usenet@ciao.gmane.io" User-Agent: Gnus/5.13 (Gnus v5.13) Cc: Damien Cassou , emacs-erc@gnu.org, Michael Albinus , 58985@debbugs.gnu.org To: =?UTF-8?Q?Bj=C3=B6rn?= Bidar Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Thu Nov 10 15:41:12 2022 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane-mx.org Original-Received: from lists.gnu.org ([209.51.188.17]) by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1ot8jv-0001li-Fd for geb-bug-gnu-emacs@m.gmane-mx.org; Thu, 10 Nov 2022 15:41:12 +0100 Original-Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1ot8jo-0005BV-GZ; Thu, 10 Nov 2022 09:41:04 -0500 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1ot8jn-0005BD-0m for bug-gnu-emacs@gnu.org; Thu, 10 Nov 2022 09:41:03 -0500 Original-Received: from debbugs.gnu.org ([209.51.188.43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1ot8jm-000216-La for bug-gnu-emacs@gnu.org; Thu, 10 Nov 2022 09:41:02 -0500 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1ot8jm-0006PC-HM for bug-gnu-emacs@gnu.org; Thu, 10 Nov 2022 09:41:02 -0500 X-Loop: help-debbugs@gnu.org Resent-From: "J.P." Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Thu, 10 Nov 2022 14:41:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 58985 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: patch Original-Received: via spool by 58985-submit@debbugs.gnu.org id=B58985.166809122724550 (code B ref 58985); Thu, 10 Nov 2022 14:41:02 +0000 Original-Received: (at 58985) by debbugs.gnu.org; 10 Nov 2022 14:40:27 +0000 Original-Received: from localhost ([127.0.0.1]:42373 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1ot8jC-0006Nt-P9 for submit@debbugs.gnu.org; Thu, 10 Nov 2022 09:40:27 -0500 Original-Received: from mail-108-mta70.mxroute.com ([136.175.108.70]:42725) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1ot8j8-0006NX-NI for 58985@debbugs.gnu.org; Thu, 10 Nov 2022 09:40:25 -0500 Original-Received: from mail-111-mta2.mxroute.com ([136.175.111.2] filter006.mxroute.com) (Authenticated sender: mN4UYu2MZsgR) by mail-108-mta70.mxroute.com (ZoneMTA) with ESMTPSA id 18461fbef470006e99.002 for <58985@debbugs.gnu.org> (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES128-GCM-SHA256); Thu, 10 Nov 2022 14:40:11 +0000 X-Zone-Loop: fd0a94a630bff99168dd22a87ab3d1f3feac19ab9bfd X-Originating-IP: [136.175.111.2] DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=neverwas.me ; s=x; h=Content-Transfer-Encoding:Content-Type:MIME-Version:Message-ID:Date: References:In-Reply-To:Subject:Cc:To:From:Sender:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=pWU+4tY6j3rcmei+SZdkD6ZhyHJD8pir7YfscG/tiCQ=; b=d6/IGOw9xslWdSLvFKkcdqLeP9 XuPKiAXxhvNpKuH5JxmKnBk+TlqR/G/dmYfZ7Ou7FEBNHcDm11ww3Mx1zdgjxJ/TQU9Wxj759deCK nqANmqlNN+sOJRLU1M2WOYau+tAQIpAtDf5y26p89POOciOBlhbliJCBybaOB9YlyG/3xJgW0ue6T FlmSdrXzChD/nWgKJVqo9V7oku1cvc3z4EQzYdqETkjZxWGOPHIBvbevAmoDiJmPAuaNvMJcArRDl RszKbGSdOZcuEHBubJ03g9VrVsaaHQEj/nmVU38I9hn0kRGChZy8SVnu750CevayTfKiVrLVk7UYW gFyTq2oA==; In-Reply-To: <87cz9vhqqq.fsf@thaodan.de> ("=?UTF-8?Q?Bj=C3=B6rn?= Bidar"'s message of "Thu, 10 Nov 2022 15:40:45 +0200") X-Authenticated-Id: masked@neverwas.me X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Xref: news.gmane.io gmane.emacs.bugs:247521 Archived-At: Bj=C3=B6rn Bidar writes: > "J.P." writes: > >> I know this is asking a lot, but if you get a chance, please apply the >> v2 patches and try them out. (Actually, you can omit the second one in >> the set, which only affects ERC.) > > I want to add I'm not an ERC user but circe user, I've got interested in > the patch as I use the backend with circe, gnus, magit, elfeed and so > on. All great packages! >>> will this mean the backend will act less like Passwordstore.org >>> describes or more? >> >> That's a good question. My main goal thus far has been to make its query >> behavior as close as possible to that of the other auth-source back >> ends. Glancing at that web page, it seems auth-source-pass has taken >> some liberties WRT to query features, like drilling down into the tail >> of a file's contents and ascribing semantics to parts of a file name. > > A lot of programs don't implement the full path traversal and just end > up having a static or a bogus path (e.g. those that implement > Freedesktop SecretService with pass). Interesting. I just blindly assumed auth-source-pass would be alone in that regard, but I guess not in the slightest. > So I favor a correct implementation, any progress is welcome. I don't think correctness from the passwordstore.org perspective will butt heads with auth-source's because only the latter has any concept of host, user, and port. Although, as you've noticed, my patch only addresses queries and doesn't handle writes, which may be a different animal entirely. >>> I think the backend should follow the users organization of the >>> passwordstore folder if possible. >> >> From this I'll infer that the current implementation of auth-source-pass >> does that sufficiently. If that's so and the changes I'm proposing >> threaten to interfere with that, what's your opinion on the default >> value of a knob to toggle the new behavior? > > Hm it depends if there are any backends that workaround that old behavior. > From what I see the only difference really is that you can specify > require and max. There are actually a few subtle areas where the behavior between old and new differs and maybe one or two slightly unintuitive gotchas for folks unfamiliar with how the other back ends operate. If you're curious, there's a series of side-by-side comparisons added by the first patch toward the bottom of test/lisp/auth-source-pass-tests.el Please let me know if you have any questions. > My personal bindings for circe to auth-source currently only exist of > small functions: > ;; Adopted from Ghub.el, refactored for use with Circe IRC > (defun circe--ident (username network) > (format "%s^%s" username network)) > (defun circe--auth-source-get (keys &rest spec) > (declare (indent 1)) > (let ((plist (car (apply #'auth-source-search > (append spec (list :max 1)))))) ~~~~~~ ERC would choke on this ^ > (mapcar (lambda (k) > (plist-get plist k)) > keys))) > (defun circe-pass-get (host user &optional network) > "\fn(fn host user &optional network)" > (auth-source-forget (list :host host :user user :max 1)) > (when network > (setq user (circe--ident user network))) > (let ((match (car (circe--auth-source-get (list :secret) > :host host :user user)))) > (cond ((null match) > (error "Auth source empty for %s %s %s" host user network)) > ((functionp match) > (funcall match)) (t match)))) > > > Which makes me wonder why ERC needs the different behavior but then I'm > not really a good lisp programmer more a novice. The approach is broadly similar to what you have. But ERC uses auth-source to query server passwords, network credentials, and channel keys more or less transparently, without user interaction. It overloads both :host and :user to accommodate various values based on context and doesn't rely on auth-source for narrowing. It asks for all applicable results and does its own thing from there.