From: "J.P." <jp@neverwas.me>
To: Olivier Certner <olce.emacs@certner.fr>
Cc: emacs-erc@gnu.org, 46777@debbugs.gnu.org
Subject: bug#46777: 28.0.50; ERC: NickServ identification: Prompt for password after other sources, overall simplifications
Date: Mon, 26 Jul 2021 00:39:39 -0700 [thread overview]
Message-ID: <87sg01jzgk.fsf_-___26265.8926121489$1627285217$gmane$org@neverwas.me> (raw)
In-Reply-To: <4764688.dQ8sKJKaaQ@ravel> (Olivier Certner's message of "Tue, 06 Jul 2021 16:52:06 +0200")
Olivier Certner <olce.emacs@certner.fr> writes:
> * lisp/erc/erc-services.el (erc-nickserv-identify): Don't take the
> password anymore as an argument (and don't prompt for it
> interactively). On the contrary, now take the nick to use for
> identification (interactively, ask for it, defaulting to the current
> one). Move actual message sending into the new
> `erc-nickserv-send-identify', and password prompting into
> `erc-nickserv-get-password'.
>
> [...]
>
> -;;;###autoload
> -(defun erc-nickserv-identify (password)
> [...]
> +;;;###autoload
> +(defun erc-nickserv-identify (&optional nick)
> + "Identify to NickServ immediately.
Hi Olivier, this concerns your changes to the autoloaded command
`erc-nickserv-identify'. Someone seeking help for a loosely related
issue shared this on Libera today:
(defun uh-erc-identify ()
(let ((pass
(let ((s (shell-command-to-string "pass malc@irc.libera.chat")))
(substring s 0 -1))))
(erc-nickserv-identify pass)))
It strikes me that other folks may be doing the same, namely, using this
function in lisp code. So just to settle some imaginary nerves, it might
help to flesh out exactly why there's little risk of something
unfortunate/scary happening as a result of this interface change.
As I see it, the worst case scenario is that your password is sent in
place of your nick and ends up in the network's logs (where passwords
are normally redacted). If that's a realistic concern, perhaps you
should consider keeping the password param in its original position
for the sake of compatibility. Just a thought.
Also, I think the addition of the nick param bears some justifying too
because it may not be clear from your commit log and emails (or #45340)
why this is necessary. For me, the param is needed because some IRCds
and services daemons won't let you auth by passing your currently
assigned (perhaps unregistered) nick. In other words:
PRIVMSG NickServ :IDENTIFY bob` mypass
or
PRIVMSG NickServ :IDENTIFY mypass
won't work if you're trying to identify as "bob" and are currently
"bob`". But without the nick param you've added, a user would be forced
to issue the IRC command manually. Hope that's clear.
BTW, I've noticed that many services automatically re-NICK you as
confirmation of success, triggering `erc-nick-changed-functions', which
`erc-nickserv-identify-on-nick-change' is a member of by default. So you
get prompted again for no reason. (As you may be aware, double prompting
has also come up recently in the ERC channel, but I suspect the two are
unrelated.)
Anyway, I doubt you'll recall, but I tried (rather unconvincingly) to
raise this point earlier in this bug thread. If addressing this isn't in
the cards, then hopefully we can get a ruling on this patch and start
putting the days of scraping NickServ replies behind us (and begin
embracing the evolving standard). Thanks.
next prev parent reply other threads:[~2021-07-26 7:39 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-02-25 17:33 bug#46777: 28.0.50; ERC: NickServ identification: Prompt for password after other sources, overall simplifications Olivier Certner
2021-02-25 17:38 ` Olivier Certner
2021-02-25 17:47 ` Basil L. Contovounesios
2021-02-25 18:22 ` Olivier Certner
2021-06-08 2:23 ` J.P.
[not found] ` <878s3l6qms.fsf@neverwas.me>
2021-06-09 13:30 ` Olivier Certner
2021-06-10 3:59 ` J.P.
2021-07-06 14:52 ` bug#46777: Updated patch Olivier Certner
2021-07-22 12:29 ` bug#46777: 28.0.50; ERC: NickServ identification: Prompt for password after other sources, overall simplifications Lars Ingebrigtsen
2021-07-30 12:27 ` Amin Bandali
2021-07-30 12:43 ` Lars Ingebrigtsen
2021-07-26 7:39 ` J.P. [this message]
[not found] ` <87sg01jzgk.fsf_-_@neverwas.me>
2021-09-14 9:20 ` J.P.
2021-09-16 5:30 ` Amin Bandali
[not found] ` <87v931cck5.fsf@gnu.org>
2021-09-16 12:42 ` Lars Ingebrigtsen
2021-09-17 4:45 ` Amin Bandali
[not found] ` <87a6kbn72z.fsf@gnu.org>
2021-09-17 7:57 ` Olivier Certner
2021-09-19 15:26 ` Amin Bandali
2021-09-17 2:16 ` J.P.
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.gnu.org/software/emacs/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='87sg01jzgk.fsf_-___26265.8926121489$1627285217$gmane$org@neverwas.me' \
--to=jp@neverwas.me \
--cc=46777@debbugs.gnu.org \
--cc=emacs-erc@gnu.org \
--cc=olce.emacs@certner.fr \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).