Re: [PATCH] lisp/server.el: Introduction of server-auth-key variable

[Michal Nazarewicz <mina86@mina86.com>]

[-- Attachment #1: Type: text/plain, Size: 2507 bytes --]

Juanma Barranquero <lekktu@gmail.com> writes:

> On Fri, Apr 29, 2011 at 18:22, Stefan Monnier <monnier@iro.umontreal.ca> wrote:
>
>> PS: emacsclient should really try not to send the key in cleartext, but
>> instead send something like "nonce,hash(nonce,key)".
>
> That's not hard to do, assuming that md5 is an acceptable hash
> (because we already include C and elisp implementation, unlike
> SHA-xx).

Depending on how paranoid are we, MD5 could feel too weak though.
(Also, one could wish for HMAC.)

> In the server side,
>
>   (unless (process-get proc :authenticated)
>     (if (or
>          ;; New method: -auth2 nonce md5(nonce . auth-key)
>          (and (string-match "-auth2 \\([!-~]+\\)
> \\([0-9a-f]\\{32\\}\\)\n?" string)
>               (string= (md5 (concat (match-string 1 string)
>                                     (process-get proc :auth-key)))
>                        (match-string 2 string)))
>          ;; Old method: -auth auth-key
>          (and (string-match "-auth \\([!-~]+\\)\n?" string)
>               (string= (match-string 1 string) (process-get proc :auth-key))))
> 	(...set authenticated)
>       (...fail))

Actually, server would have to generate the nonce.  Otherwise, the
authentication scheme would be prone to replay attacks and would really
defy the purpose of nonce.

> but in the emacsclient side, if it sends -auth2 it won't be
> back-compatible with pre-24.1, and if it tries -auth, then -auth2,
> -auth2 is not really used beause -auth is always accepted. So the only
> ways I see to make this useful at all is to remove compatibility, or
> introduce some kind of version check, perhaps resurrecting the
> currently obsolete -version command:
>
>                 ;; -version CLIENT-VERSION: obsolete at birth.
>                 (`"-version" (pop args-left))

That would still break backward compatibility, wouldn't it?  The old
servers would not accept this command anyway.  Unless server would issue
it to client just after making connection.  From what I see, the old
clients would "only" print error message.

In the worst case, the client could first try the new authenticating
scheme and on error reconnect with the old scheme.

-- 
Best regards,                                          _     _
 .o. | Liege of Serenly Enlightened Majesty of       o' \,=./ `o
 ..o | Computer Science,  Michal "mina86" Nazarewicz    (o o)
 ooo +-<mina86-mina86.com>-<jid:mina86-jabber.org>--ooO--(_)--Ooo--

[-- Attachment #2: Type: application/pgp-signature, Size: 197 bytes --]