From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Michal Nazarewicz Newsgroups: gmane.emacs.devel Subject: Re: [PATCH] lisp/server.el: Introduction of server-auth-key variable Date: Sun, 01 May 2011 00:55:14 +0200 Message-ID: <87fwoz5oz1.fsf@erwin.mina86.com> References: <835b9d42b15c18e5adf7381138f347061fbc17e8.1298381336.git.mina86@mina86.com> NNTP-Posting-Host: lo.gmane.org Mime-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha1; protocol="application/pgp-signature" X-Trace: dough.gmane.org 1304204255 16701 80.91.229.12 (30 Apr 2011 22:57:35 GMT) X-Complaints-To: usenet@dough.gmane.org NNTP-Posting-Date: Sat, 30 Apr 2011 22:57:35 +0000 (UTC) Cc: Michal Nazarewicz , Stefan Monnier , emacs-devel@gnu.org To: Juanma Barranquero Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Sun May 01 00:57:31 2011 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([140.186.70.17]) by lo.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1QGJ6Q-0003kL-GH for ged-emacs-devel@m.gmane.org; Sun, 01 May 2011 00:57:30 +0200 Original-Received: from localhost ([::1]:36890 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1QGJ6P-0004TA-MR for ged-emacs-devel@m.gmane.org; Sat, 30 Apr 2011 18:57:29 -0400 Original-Received: from eggs.gnu.org ([140.186.70.92]:37644) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1QGJ4S-00016l-5N for emacs-devel@gnu.org; Sat, 30 Apr 2011 18:55:28 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1QGJ4Q-0001gL-UU for emacs-devel@gnu.org; Sat, 30 Apr 2011 18:55:28 -0400 Original-Received: from mail-wy0-f169.google.com ([74.125.82.169]:42186) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1QGJ4Q-0001gF-Ih for emacs-devel@gnu.org; Sat, 30 Apr 2011 18:55:26 -0400 Original-Received: by wyf19 with SMTP id 19so4337656wyf.0 for ; Sat, 30 Apr 2011 15:55:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:sender:from:to:cc:subject:references:x-face :face:x-url:x-pgp-fp:x-pgp:date:in-reply-to:message-id:user-agent :mime-version:content-type; bh=sgxC874PdsEw+TQzQAgaGzsylGHkLtXZBvdZiSzRob4=; b=kzOWL6l6U5R5HFApQupOtHDPkuHjocWknf1s/Kot2oCj0dYqayLkhaH6bXHu4jXqA+ FzPHQaIF22goFuFMEllT3FUH54pIU0hqx8NhBYDcdow1PvnEj5e4UjcKrYc842vrfqMi ko4IETCfBgJcmC0Rt7wIUDv3eiClI51EGPfQs= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=sender:from:to:cc:subject:references:x-face:face:x-url:x-pgp-fp :x-pgp:date:in-reply-to:message-id:user-agent:mime-version :content-type; b=LCdUq1GYtpp3PY8yBTz+BnH63Y79sRnDScYSoOiYrXG+CG7Y51XDEbMQcbZ4mHJvNN l7ohuqlY7vqikF8iOCT6a03x3DyJNnUb6AFgZc49gVfUaJvqyz6FZEmgyXI41lcZP1w/ GwUXwxgS8BMKYgjYaYy3wn/2eEc2VO3fdE7X0= Original-Received: by 10.216.254.79 with SMTP id g57mr953619wes.96.1304204124991; Sat, 30 Apr 2011 15:55:24 -0700 (PDT) Original-Received: from erwin.piotrekn (84-72-135-97.dclient.hispeed.ch [84.72.135.97]) by mx.google.com with ESMTPS id o6sm2500513wbo.37.2011.04.30.15.55.23 (version=TLSv1/SSLv3 cipher=OTHER); Sat, 30 Apr 2011 15:55:24 -0700 (PDT) X-Face: PbkBB1w#)bOqd`iCe"Ds{e+!C7`pkC9a|f)Qo^BMQvy\q5x3?vDQJeN(DS?|-^$uMti[3D*#^_Ts"pU$jBQLq~Ud6iNwAw_r_o_4]|JO?]}P_}Nc&"p#D(ZgUb4uCNPe7~a[DbPG0T~!&c.y$Ur,=N4RT>]dNpd; KFrfMCylc}gc??'U2j,!8%xdD Face: iVBORw0KGgoAAAANSUhEUgAAADAAAAAwBAMAAAClLOS0AAAAJFBMVEWbfGlUPDDHgE57V0jUupKjgIObY0PLrom9mH4dFRK4gmjPs41MxjOgAAACQElEQVQ4jW3TMWvbQBQHcBk1xE6WyALX1069oZBMlq+ouUwpEQQ6uRjttkWP4CmBgGM0BQLBdPFZYPsyFUo6uEtKDQ7oy/U96XR2Ux8ehH/89Z6enqxBcS7Lg81jmSuujrfCZcLI/TYYvbGj+jbgFpHJ/bqQAUISj8iLyu4LuFHJTosxsucO4jSDNE0Hq3hwK/ceQ5sx97b8LcUDsILfk+ovHkOIsMbBfg43VuQ5Ln9YAGCkUdKJoXR9EclFBhixy3EGVz1K6eEkhxCAkeMMnqoAhAKwhoUJkDrCqvbecaYINlFKSRS1i12VKH1XpUd4qxL876EkMcDvHj3s5RBajHHMlA5iK32e0C7VgG0RlzFPvoYHZLRmAC0BmNcBruhkE0KsMsbEc62ZwUJDxWUdMsMhVqovoT96i/DnX/ASvz/6hbCabELLk/6FF/8PNpPCGqcZTGFcBhhAaZZDbQPaAB3+KrWWy2XgbYDNIinkdWAFcCpraDE/knwe5DBqGmgzESl1p2E4MWAz0VUPgYYzmfWb9yS4vCvgsxJriNTHoIBz5YteBvg+VGISQWUqhMiByPIPpygeDBE6elD973xWwKkEiHZAHKjhuPsFnBuArrzxtakRcISv+XMIPl4aGBUJm8Emk7qBYU8IlgNEIpiJhk/No24jHwkKTFHDWfPniR 4iw5vJaw2nzSjfq2zffcE/GDjRC2dn0J0XwPAbDL84TvaFCJEU4Oml9pRyEUhR3Cl2t01AoEjRbs0sYugp14/4X5n4pU4EHHnMAAAAAElFTkSuQmCC X-Url: http://mina86.com/ X-PGP-FP: 9134 06FA 7AD8 D134 9D0C C33F 532C CB00 B7C6 DF1E X-PGP: B7C6DF1E In-Reply-To: (Juanma Barranquero's message of "Sat, 30 Apr 2011 16:31:29 +0200") User-Agent: Gnus/5.110011 (No Gnus v0.11) Emacs/24.0 (Slckware Linux) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 2) X-Received-From: 74.125.82.169 X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.devel:138932 Archived-At: --=-=-= Content-Transfer-Encoding: quoted-printable Juanma Barranquero writes: > On Fri, Apr 29, 2011 at 18:22, Stefan Monnier = wrote: > >> PS: emacsclient should really try not to send the key in cleartext, but >> instead send something like "nonce,hash(nonce,key)". > > That's not hard to do, assuming that md5 is an acceptable hash > (because we already include C and elisp implementation, unlike > SHA-xx). Depending on how paranoid are we, MD5 could feel too weak though. (Also, one could wish for HMAC.) > In the server side, > > (unless (process-get proc :authenticated) > (if (or > ;; New method: -auth2 nonce md5(nonce . auth-key) > (and (string-match "-auth2 \\([!-~]+\\) > \\([0-9a-f]\\{32\\}\\)\n?" string) > (string=3D (md5 (concat (match-string 1 string) > (process-get proc :auth-key))) > (match-string 2 string))) > ;; Old method: -auth auth-key > (and (string-match "-auth \\([!-~]+\\)\n?" string) > (string=3D (match-string 1 string) (process-get proc :auth-= key)))) > (...set authenticated) > (...fail)) Actually, server would have to generate the nonce. Otherwise, the authentication scheme would be prone to replay attacks and would really defy the purpose of nonce. > but in the emacsclient side, if it sends -auth2 it won't be > back-compatible with pre-24.1, and if it tries -auth, then -auth2, > -auth2 is not really used beause -auth is always accepted. So the only > ways I see to make this useful at all is to remove compatibility, or > introduce some kind of version check, perhaps resurrecting the > currently obsolete -version command: > > ;; -version CLIENT-VERSION: obsolete at birth. > (`"-version" (pop args-left)) That would still break backward compatibility, wouldn't it? The old servers would not accept this command anyway. Unless server would issue it to client just after making connection. From what I see, the old clients would "only" print error message. In the worst case, the client could first try the new authenticating scheme and on error reconnect with the old scheme. =2D-=20 Best regards, _ _ .o. | Liege of Serenly Enlightened Majesty of o' \,=3D./ `o ..o | Computer Science, Michal "mina86" Nazarewicz (o o) ooo +----ooO--(_)--Ooo-- --=-=-= Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (GNU/Linux) iEYEARECAAYFAk28k1kACgkQUyzLALfG3x5jtACeM+P8vSD9qtiDfsH7gKIZJfwS 4O0AnRmtlAIFzfjODoRSnN62F+WZ80SK =G5aw -----END PGP SIGNATURE----- --=-=-=--