* tramp.el: remote processes and password-cache
@ 2014-03-05 22:41 Mario Lang
2014-03-06 10:03 ` Michael Albinus
0 siblings, 1 reply; 4+ messages in thread
From: Mario Lang @ 2014-03-05 22:41 UTC (permalink / raw)
To: Kai Großjohann, Michael Albinus; +Cc: emacs-devel
Hi.
Playing with remote processes in eshell I stumbled across
unexpected behaviour. I have tried several methods, including scpc to
make sure that ControlMaster would be used, and as far as I can tell, it
is being used for normal TRAMP operations, since I do only have to enter
my password once. However, when invoking a remote process, I am always
being reasked for a password, even if I invoke several remote processes
in a row. I had expected `password-cache-expiry' to have an effect, but
it did not. Digging through the code I found this call to
`password-cache-remove' in `tramp-read-passwd', and yes, removing the
call does solve my problem. If I invoke several remote
processes in a row, my setting of `password-cache-expiry' is actually
honored and the password is cached. I am sort of confused about this
code though. As far as I can tell, removing the clearing of the cache
entry does not impose any security problems, since the password has been
cached previously already. We just stop removing the
cache entry before it could actually get used. However, I get the
feeling this piece of code used to do something useful. All I can tell
from here is that removing it solves a bug I observe. I'd actually like
to see `password-cache-expiry' to be taken into account for remote
processes.
If this is to prevent failing authentification due to changed passwords,
I think the default setting of `password-cache-expiry' is still
low enough to allow for removing of the cache clearing without
a lot of user problems. If a user chooses to configure a much higher
cache expiry time they should be aware of that (rather rare?) problem
anyways.
Can you comment on this issue please?
--- a/lisp/net/tramp.el
+++ b/lisp/net/tramp.el
@@ -4131,9 +4131,6 @@ Invokes `password-read' if available, `read-passwd' else."
"password" tramp-current-host tramp-current-method)))
;; Try the password cache.
(when (functionp 'password-read)
- (unless (tramp-get-connection-property
- v "first-password-request" nil)
- (tramp-compat-funcall 'password-cache-remove key))
(let ((password
(tramp-compat-funcall 'password-read pw-prompt key)))
(tramp-compat-funcall 'password-cache-add key password)
--
CYa,
⡍⠁⠗⠊⠕
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: tramp.el: remote processes and password-cache
2014-03-05 22:41 tramp.el: remote processes and password-cache Mario Lang
@ 2014-03-06 10:03 ` Michael Albinus
2014-03-06 13:30 ` Michael Albinus
0 siblings, 1 reply; 4+ messages in thread
From: Michael Albinus @ 2014-03-06 10:03 UTC (permalink / raw)
To: Mario Lang; +Cc: Kai Großjohann, emacs-devel
Mario Lang <mlang@delysid.org> writes:
> Hi.
Hi Mario,
> However, I get the
> feeling this piece of code used to do something useful. All I can tell
> from here is that removing it solves a bug I observe. I'd actually like
> to see `password-cache-expiry' to be taken into account for remote
> processes.
This code is intented to give you a chance to reenter a password, when
you have mistyped it. And yes, it is unfortune that it forces you to
enter the password for other remote processes, again.
I'll check what could be done. Simply removing this code, and hoping
that the `tramp-clear-passwd' call in `tramp-process-actions' would do
the job, does not work. So we need to rearrange the code for that purpose.
Will check.
Best regards, Michael.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: tramp.el: remote processes and password-cache
2014-03-06 10:03 ` Michael Albinus
@ 2014-03-06 13:30 ` Michael Albinus
2014-03-06 16:57 ` Mario Lang
0 siblings, 1 reply; 4+ messages in thread
From: Michael Albinus @ 2014-03-06 13:30 UTC (permalink / raw)
To: Mario Lang; +Cc: Kai Großjohann, emacs-devel
Michael Albinus <michael.albinus@gmx.de> writes:
> I'll check what could be done. Simply removing this code, and hoping
> that the `tramp-clear-passwd' call in `tramp-process-actions' would do
> the job, does not work. So we need to rearrange the code for that purpose.
Well, I've committed a patch which shall fix it. Could you, please, check?
Best regards, Michael.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: tramp.el: remote processes and password-cache
2014-03-06 13:30 ` Michael Albinus
@ 2014-03-06 16:57 ` Mario Lang
0 siblings, 0 replies; 4+ messages in thread
From: Mario Lang @ 2014-03-06 16:57 UTC (permalink / raw)
To: Michael Albinus; +Cc: emacs-devel
Michael Albinus <michael.albinus@gmx.de> writes:
> Michael Albinus <michael.albinus@gmx.de> writes:
>
>> I'll check what could be done. Simply removing this code, and hoping
>> that the `tramp-clear-passwd' call in `tramp-process-actions' would do
>> the job, does not work. So we need to rearrange the code for that purpose.
>
> Well, I've committed a patch which shall fix it. Could you, please, check?
Yes, thank you. `password-cache-expiry' is now also honored for remote
processes. This is actually rather useful I think, thanks again for
fixing it swiftly.
--
CYa,
⡍⠁⠗⠊⠕
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2014-03-06 16:57 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-03-05 22:41 tramp.el: remote processes and password-cache Mario Lang
2014-03-06 10:03 ` Michael Albinus
2014-03-06 13:30 ` Michael Albinus
2014-03-06 16:57 ` Mario Lang
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).