From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Leonidas Tsampros Newsgroups: gmane.emacs.devel Subject: Re: [PATCH] ldap.el: use auth-source if passwd is not defined in ldap-host-parameters-list Date: Sat, 05 Mar 2011 11:16:39 +0200 Message-ID: <87fwr2udu0.fsf@bifteki.lan> References: <878vwuvciv.fsf@bifteki.lan> <87ipvyz2md.fsf@lifelogs.com> NNTP-Posting-Host: lo.gmane.org Mime-Version: 1.0 Content-Type: text/plain X-Trace: dough.gmane.org 1299316622 28424 80.91.229.12 (5 Mar 2011 09:17:02 GMT) X-Complaints-To: usenet@dough.gmane.org NNTP-Posting-Date: Sat, 5 Mar 2011 09:17:02 +0000 (UTC) Cc: emacs-devel@gnu.org To: Ted Zlatanov Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Sat Mar 05 10:16:57 2011 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([199.232.76.165]) by lo.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1Pvnba-0005v0-27 for ged-emacs-devel@m.gmane.org; Sat, 05 Mar 2011 10:16:54 +0100 Original-Received: from localhost ([127.0.0.1]:39755 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1PvnbZ-0002ys-Ik for ged-emacs-devel@m.gmane.org; Sat, 05 Mar 2011 04:16:53 -0500 Original-Received: from [140.186.70.92] (port=43833 helo=eggs.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1PvnbT-0002y0-HC for emacs-devel@gnu.org; Sat, 05 Mar 2011 04:16:48 -0500 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1PvnbS-0004zN-6l for emacs-devel@gnu.org; Sat, 05 Mar 2011 04:16:47 -0500 Original-Received: from mail-wy0-f169.google.com ([74.125.82.169]:57816) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1PvnbS-0004zC-0w for emacs-devel@gnu.org; Sat, 05 Mar 2011 04:16:46 -0500 Original-Received: by wyi11 with SMTP id 11so3330639wyi.0 for ; Sat, 05 Mar 2011 01:16:45 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:sender:from:to:cc:subject:references:date :message-id:user-agent:mime-version:content-type; bh=C5NlhMLLaNUEJucc6QBmd/45L7VNmxpG7JkunfYPf/Y=; b=p1GE4ZewOrnoxUYVfCa8+4piiS56sBSoyhByPTvn4cbXrXy17X3GilqlnKIAj13t+O MvLiFi9y3ADXWnylOyp8hiknr6lblydz1wtuTOGmC3rtzm5DkyOg7BIWlM0wRD0FpzMH oc8ajm4PtJT7mcNu7UL9iHNLUSh+OiQGTBfQs= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=sender:from:to:cc:subject:references:date:message-id:user-agent :mime-version:content-type; b=ScqmOiv+iWb2MW1DnhpVYaHkTLXyRVsRRFZVbwokCY9bkwAV/H7kVvajPCUbrMfIzG /a0fpPxdp3I4qWkqM1o3lFdYZR1d0zBOvUnVXPrqG0bzIZ2g5lAD2Q22Dnxz2PyxihiT 3GDyJowqhKskwG86hW2DIy4I5/muSuyx/1j1w= Original-Received: by 10.216.157.68 with SMTP id n46mr290188wek.111.1299316604999; Sat, 05 Mar 2011 01:16:44 -0800 (PST) Original-Received: from bifteki.lan ([64.211.150.195]) by mx.google.com with ESMTPS id c54sm143379wer.30.2011.03.05.01.16.42 (version=SSLv3 cipher=OTHER); Sat, 05 Mar 2011 01:16:43 -0800 (PST) Original-Received: from ltsampros-ferrari-one-200 (localhost.localdomain [127.0.0.1]) by bifteki.lan (Postfix) with ESMTP id E369E64A13B; Sat, 5 Mar 2011 11:16:39 +0200 (EET) User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.0.50 (gnu/linux) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 2) X-Received-From: 74.125.82.169 X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.devel:136785 Archived-At: Ted Zlatanov writes: > On Fri, 04 Mar 2011 22:47:20 +0200 Leonidas Tsampros wrote: > > LT> Attached you can find a small patch to make ldap.el use auth-source if > LT> passwd is not defined in the ldap-host-parameters-list. > > Cool! I made some changes to it, please let me know what you think: > > - must pass `auth-source' set to t in the SEARCH-PLIST to activate this > functionality (I don't know if you agree) Agreed. It's nice not to catch users by surprise. > - search for 'port "ldap"' entries in the netrc file (should we default > to no port?) This is the only part I disagree a bit. For example, my imap host is the same with my ldap host, the credentials are the same for both services, and both imap/ldap use the default ports. (This is a classic case of an Exchange server I think) So I was thinking that it might be good idea to use the same authinfo line for both of them, IN CASE, there is not something more specific in the authinfo file. However, I'm not strong about this, and I really didn't mind having a second authinfo line at all. > - take the password and use it > > - take "binddn" or "user" tokens for `binddn' > > - take "base" tokens for `base' > > so the user can have a netrc line like this > > machine X user Y password Z base B port ldap > All of the above are self explanatory, and really thanks for doing it. > I tried to document it to explain all this. If I'm going in the wrong > direction, tell me. I don't know ldap.el so well. > > Ted > I tested your patch and I think that it works really great! Many thanks! (Really there is no wrong direction in this. We just don't want to carry passwords in our configuration files. :)