From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Stefan Monnier Newsgroups: gmane.emacs.bugs Subject: bug#9423: lisp/server.el: Allow custom server-auth-key Date: Thu, 01 Sep 2011 23:39:23 -0400 Message-ID: References: <1314366861-27398-1-git-send-email-mina86@mina86.com> NNTP-Posting-Host: lo.gmane.org Mime-Version: 1.0 Content-Type: text/plain X-Trace: dough.gmane.org 1314934790 10854 80.91.229.12 (2 Sep 2011 03:39:50 GMT) X-Complaints-To: usenet@dough.gmane.org NNTP-Posting-Date: Fri, 2 Sep 2011 03:39:50 +0000 (UTC) Cc: Michal Nazarewicz To: 9423@debbugs.gnu.org Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Fri Sep 02 05:39:46 2011 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([140.186.70.17]) by lo.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1QzKbZ-000147-MA for geb-bug-gnu-emacs@m.gmane.org; Fri, 02 Sep 2011 05:39:46 +0200 Original-Received: from localhost ([::1]:52612 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1QzKbY-0008FL-Si for geb-bug-gnu-emacs@m.gmane.org; Thu, 01 Sep 2011 23:39:44 -0400 Original-Received: from eggs.gnu.org ([140.186.70.92]:53622) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1QzKbW-0008CQ-6r for bug-gnu-emacs@gnu.org; Thu, 01 Sep 2011 23:39:43 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1QzKbV-0006Ji-9I for bug-gnu-emacs@gnu.org; Thu, 01 Sep 2011 23:39:42 -0400 Original-Received: from debbugs.gnu.org ([140.186.70.43]:47695) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1QzKbV-0006Je-6Y for bug-gnu-emacs@gnu.org; Thu, 01 Sep 2011 23:39:41 -0400 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.69) (envelope-from ) id 1QzKek-0004uq-Ix; Thu, 01 Sep 2011 23:43:02 -0400 X-Loop: help-debbugs@gnu.org Resent-From: Stefan Monnier Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-To: owner@debbugs.gnu.org Resent-CC: mina86@mina86.com, bug-gnu-emacs@gnu.org Resent-Date: Fri, 02 Sep 2011 03:43:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 9423 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: X-Debbugs-Original-To: bug-gnu-emacs@gnu.org X-Debbugs-Original-Xcc: Michal Nazarewicz Original-Received: via spool by submit@debbugs.gnu.org id=B.131493497518880 (code B ref -1); Fri, 02 Sep 2011 03:43:02 +0000 Original-Received: (at submit) by debbugs.gnu.org; 2 Sep 2011 03:42:55 +0000 Original-Received: from localhost ([127.0.0.1] helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.69) (envelope-from ) id 1QzKec-0004uT-Fv for submit@debbugs.gnu.org; Thu, 01 Sep 2011 23:42:55 -0400 Original-Received: from eggs.gnu.org ([140.186.70.92]) by debbugs.gnu.org with esmtp (Exim 4.69) (envelope-from ) id 1QzKea-0004uM-6J for submit@debbugs.gnu.org; Thu, 01 Sep 2011 23:42:53 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1QzKbI-0006IF-Oe for submit@debbugs.gnu.org; Thu, 01 Sep 2011 23:39:30 -0400 Original-Received: from lists.gnu.org ([140.186.70.17]:54789) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1QzKbI-0006I5-MX for submit@debbugs.gnu.org; Thu, 01 Sep 2011 23:39:28 -0400 Original-Received: from eggs.gnu.org ([140.186.70.92]:53566) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1QzKbH-00089b-Hc for bug-gnu-emacs@gnu.org; Thu, 01 Sep 2011 23:39:28 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1QzKbF-0006Hc-OH for bug-gnu-emacs@gnu.org; Thu, 01 Sep 2011 23:39:27 -0400 Original-Received: from ironport2-out.teksavvy.com ([206.248.154.183]:26607 helo=ironport2-out.pppoe.ca) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1QzKbF-0006HX-KG for bug-gnu-emacs@gnu.org; Thu, 01 Sep 2011 23:39:25 -0400 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: Av0EAHlPYE64rwMJ/2dsb2JhbABCqFJ4gUABAQQBVigLOwQSFBgNN4dyuUiDWYMGBKAPhEA X-IronPort-AV: E=Sophos;i="4.68,317,1312171200"; d="scan'208";a="134027831" Original-Received: from 184-175-3-9.dsl.teksavvy.com (HELO ceviche.home) ([184.175.3.9]) by ironport2-out.pppoe.ca with ESMTP/TLS/ADH-AES256-SHA; 01 Sep 2011 23:39:24 -0400 Original-Received: by ceviche.home (Postfix, from userid 20848) id C0A836623F; Thu, 1 Sep 2011 23:39:23 -0400 (EDT) In-Reply-To: <1314366861-27398-1-git-send-email-mina86@mina86.com> (Michal Nazarewicz's message of "Fri, 26 Aug 2011 15:54:21 +0200") User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.0.50 (gnu/linux) X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 3) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.11 Precedence: list Resent-Date: Thu, 01 Sep 2011 23:43:02 -0400 X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 1) X-Received-From: 140.186.70.43 X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.bugs:50541 Archived-At: Package: emacs Severity: wishlist Tag: patch > This patch adds a possibility to set create a custom server-auth-key > which may be shared between several machines without the need of > having common file system, etc. > I'm resending this patch as last time the discussion somehow died. > As for legal stuff, the patch is (c) Google Inc. but since Google has > signed necessary agreement it should be no problem, right? > Changelog entry is as follows: > 2011-08-26 Michal Nazarewicz > * lisp/selver.el (server-auth-key, server-generate-key, > server-get-auth-key, server-start): Add possibility to set > server-auth-key instead of using random one each time. > === modified file 'lisp/server.el' > *** lisp/server.el 2011-07-04 22:40:03 +0000 > --- lisp/server.el 2011-08-08 14:12:01 +0000 > *************** directory residing in a NTFS partition i > *** 134,139 **** > --- 134,166 ---- > ;;;###autoload > (put 'server-auth-dir 'risky-local-variable t) > + (defcustom server-auth-key nil > + "Server authentication key. > + > + Normally, authentication key is generated on random when server > + starts, which guarantees some level of security. It is > + recommended to leave it that way. Using a long-lived shared key > + may decrease security (especially since the key is transmitted as > + plain text). > + > + In some situations however, it can be difficult to share randomly > + generated password with remote hosts (eg. no shared directory), > + so you can set the key with this variable and then copy server > + file to remote host (with possible changes to IP address and/or > + port if that applies). > + > + The key must consist of 64 US-ASCII printable characters except > + for space (this means characters from ! to ~; or from code 33 > + to 126). > + > + You can use \\[server-generate-key] to get a random authentication > + key." > + :group 'server > + :type '(choice > + (const :tag "Random" nil) > + (string :tag "Password")) > + :version "24.0") > + > (defcustom server-raise-frame t > "If non-nil, raise frame when switching to a buffer." > :group 'server > *************** See variable `server-auth-dir' for detai > *** 503,508 **** > --- 530,561 ---- > (unless safe > (error "The directory `%s' is unsafe" dir))))) > + (defun server-generate-key () > + "Generates and returns a random 64-byte strings of random chars > + in the range `!'..`~'. If called interactively, also inserts it > + into current buffer." > + (interactive) > + (let ((auth-key > + (loop repeat 64 > + collect (+ 33 (random 94)) into auth > + finally return (concat auth)))) > + (if (called-interactively-p) > + (insert auth-key)) > + auth-key)) > + > + (defun server-get-auth-key () > + "Returns server's authentication key. > + > + If `server-auth-key' is nil this function will just call > + `server-generate-key'. Otherwise, if `server-auth-key' is > + a valid authentication it will return it. Otherwise, it will > + signal an error." > + (if server-auth-key > + (if (string-match "^[!-~]\\{64\\}$" server-auth-key) > + server-auth-key > + (error "The key '%s' is invalid" server-auth-key)) > + (server-generate-key))) > + > ;;;###autoload > (defun server-start (&optional leave-dead inhibit-prompt) > "Allow this Emacs process to be a server for client processes. > *************** server or call `M-x server-force-delete' > *** 596,608 **** > (unless server-process (error "Could not start server process")) > (process-put server-process :server-file server-file) > (when server-use-tcp > ! (let ((auth-key > ! (loop > ! ;; The auth key is a 64-byte string of random chars in the > ! ;; range `!'..`~'. > ! repeat 64 > ! collect (+ 33 (random 94)) into auth > ! finally return (concat auth)))) > (process-put server-process :auth-key auth-key) > (with-temp-file server-file > (set-buffer-multibyte nil) > --- 649,655 ---- > (unless server-process (error "Could not start server process")) > (process-put server-process :server-file server-file) > (when server-use-tcp > ! (let ((auth-key (server-get-auth-key))) > (process-put server-process :auth-key auth-key) > (with-temp-file server-file > (set-buffer-multibyte nil)