From: Michal Nazarewicz <mina86@mina86.com>
To: Juanma Barranquero <lekktu@gmail.com>
Cc: Michal Nazarewicz <mnazarewicz@google.com>,
Stefan Monnier <monnier@iro.umontreal.ca>,
emacs-devel@gnu.org
Subject: Re: [PATCH] lisp/server.el: Introduction of server-auth-key variable
Date: Sun, 01 May 2011 00:55:14 +0200 [thread overview]
Message-ID: <87fwoz5oz1.fsf@erwin.mina86.com> (raw)
In-Reply-To: <BANLkTimAtPfP_vuoa4bwQL7BMUdB2eNFjQ@mail.gmail.com> (Juanma Barranquero's message of "Sat, 30 Apr 2011 16:31:29 +0200")
[-- Attachment #1: Type: text/plain, Size: 2507 bytes --]
Juanma Barranquero <lekktu@gmail.com> writes:
> On Fri, Apr 29, 2011 at 18:22, Stefan Monnier <monnier@iro.umontreal.ca> wrote:
>
>> PS: emacsclient should really try not to send the key in cleartext, but
>> instead send something like "nonce,hash(nonce,key)".
>
> That's not hard to do, assuming that md5 is an acceptable hash
> (because we already include C and elisp implementation, unlike
> SHA-xx).
Depending on how paranoid are we, MD5 could feel too weak though.
(Also, one could wish for HMAC.)
> In the server side,
>
> (unless (process-get proc :authenticated)
> (if (or
> ;; New method: -auth2 nonce md5(nonce . auth-key)
> (and (string-match "-auth2 \\([!-~]+\\)
> \\([0-9a-f]\\{32\\}\\)\n?" string)
> (string= (md5 (concat (match-string 1 string)
> (process-get proc :auth-key)))
> (match-string 2 string)))
> ;; Old method: -auth auth-key
> (and (string-match "-auth \\([!-~]+\\)\n?" string)
> (string= (match-string 1 string) (process-get proc :auth-key))))
> (...set authenticated)
> (...fail))
Actually, server would have to generate the nonce. Otherwise, the
authentication scheme would be prone to replay attacks and would really
defy the purpose of nonce.
> but in the emacsclient side, if it sends -auth2 it won't be
> back-compatible with pre-24.1, and if it tries -auth, then -auth2,
> -auth2 is not really used beause -auth is always accepted. So the only
> ways I see to make this useful at all is to remove compatibility, or
> introduce some kind of version check, perhaps resurrecting the
> currently obsolete -version command:
>
> ;; -version CLIENT-VERSION: obsolete at birth.
> (`"-version" (pop args-left))
That would still break backward compatibility, wouldn't it? The old
servers would not accept this command anyway. Unless server would issue
it to client just after making connection. From what I see, the old
clients would "only" print error message.
In the worst case, the client could first try the new authenticating
scheme and on error reconnect with the old scheme.
--
Best regards, _ _
.o. | Liege of Serenly Enlightened Majesty of o' \,=./ `o
..o | Computer Science, Michal "mina86" Nazarewicz (o o)
ooo +-<mina86-mina86.com>-<jid:mina86-jabber.org>--ooO--(_)--Ooo--
[-- Attachment #2: Type: application/pgp-signature, Size: 197 bytes --]
next prev parent reply other threads:[~2011-04-30 22:55 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-02-22 13:55 [PATCH] lisp/server.el: Introduction of server-auth-key variable Michal Nazarewicz
2011-04-29 11:30 ` Juanma Barranquero
2011-04-29 11:42 ` Michal Nazarewicz
2011-04-29 12:02 ` Juanma Barranquero
2011-04-29 12:43 ` Michal Nazarewicz
2011-04-29 14:34 ` Michal Nazarewicz
2011-04-30 6:39 ` Eli Zaretskii
2011-04-30 21:03 ` Richard Stallman
2011-04-30 22:24 ` Michal Nazarewicz
2011-04-29 16:22 ` Stefan Monnier
2011-04-29 16:35 ` Michal Nazarewicz
2011-04-29 17:09 ` Stefan Monnier
2011-04-30 14:31 ` Juanma Barranquero
2011-04-30 22:55 ` Michal Nazarewicz [this message]
2011-04-30 23:59 ` Juanma Barranquero
2011-05-01 0:44 ` Michal Nazarewicz
2011-05-01 0:58 ` Juanma Barranquero
2011-05-01 1:22 ` Michal Nazarewicz
2011-05-02 15:28 ` [PATCHv2] " Michal Nazarewicz
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.gnu.org/software/emacs/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87fwoz5oz1.fsf@erwin.mina86.com \
--to=mina86@mina86.com \
--cc=emacs-devel@gnu.org \
--cc=lekktu@gmail.com \
--cc=mnazarewicz@google.com \
--cc=monnier@iro.umontreal.ca \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).