unofficial mirror of help-gnu-emacs@gnu.org
 help / color / mirror / Atom feed
* improving SMTP credential caching
@ 2013-03-22 20:43 Tom Roche
  2013-03-24 15:39 ` W. Greenhouse
                   ` (2 more replies)
  0 siblings, 3 replies; 4+ messages in thread
From: Tom Roche @ 2013-03-22 20:43 UTC (permalink / raw)
  To: help-gnu-emacs


How to either

* cause emacs (or whatever dependency emacs is driving for SMTP mail)
  to not cache failed credentials?

* force reauthentication from smtpmail, without restarting emacs or
  waiting? I'd most appreciate something bindable to `C-u C-c C-c` or
  similar.

Why I ask:

I send email from a debian box

$ cat /etc/debian_version
wheezy/sid
$ uname -rv
3.2.0-4-amd64 #1 SMP Debian 3.2.32-1
$ gcc --version | head -n 1
gcc (Debian 4.6.3-1) 4.6.3

using GNU Emacs 24.2.50.1 (package=emacs-snapshot), smtpmail, TLS
(package=gnutls-bin et al), and .authinfo. If I `compose-mail` and
then `C-c C-c` (message-send-and-exit), one of 3 results follows, as
determined by 5 parameters. The parameters are

P0. t_0: time at which I started emacs.

P1. t_s: time of most recent successful TLS authentication.

P2. t_f: time of most recent TLS authentication failure (typically due
    to typing the wrong password at the prompt).

P3. t_c: duration of credential cache.

P4. t: time at which I attempt to send mail.

The results they determine are:

R0. If either

    t_s < t_0
    (t_s + t_c) < t
    (t_f + t_c) < t

    I get prompted for the password corresponding to the {server,
    account} matched from my .authinfo, and message send succeeds or
    fails on my typing.

R1. If all of

    t_f < t_s
    t_0 < t_s
    t < (t_s + t_c)

    I get no password prompt, and my message sends successfully.

R2. If all of

    t_s < t_f
    t_0 < t_f
    t < (t_f + t_c)

    I get no password prompt, but message send fails with error like

> smtpmail-send-it: Sending failed: 535 5.7.8 Error: authentication
> failed: authentication failure in response to AUTH PLAIN

My problem is R2: smtpmail, or some dependency, is caching
_failed_ credentials, which blocks sending email until either

- I restart emacs, thus making ((t_s < t_0) && (t_f < t_0))

- I wait until the failed credentials expire, thus making
  (t_f + t_c) < t

both of which are suboptimal. I would prefer either

+ to make emacs (or dependency) *not* cache failed credentials

+ to force reauthentication (e.g., via `C-u C-c C-c`)

+ something else short of restarting or waiting

How to do?

TIA, Tom Roche <Tom_Roche@pobox.com>



^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: improving SMTP credential caching
  2013-03-22 20:43 improving SMTP credential caching Tom Roche
@ 2013-03-24 15:39 ` W. Greenhouse
  2013-03-25 18:33 ` Stefan Monnier
       [not found] ` <mailman.22817.1364236429.855.help-gnu-emacs@gnu.org>
  2 siblings, 0 replies; 4+ messages in thread
From: W. Greenhouse @ 2013-03-24 15:39 UTC (permalink / raw)
  To: help-gnu-emacs-mXXj517/zsQ

Hi Tom,

Tom Roche <Tom_Roche-e+AXbWqSrlAAvxtiuMwx3w@public.gmane.org> writes:

> ...I would prefer either
>
> + to make emacs (or dependency) *not* cache failed credentials
>
> + to force reauthentication (e.g., via `C-u C-c C-c`)
>
> + something else short of restarting or waiting
>
> How to do?
>
> TIA, Tom Roche <Tom_Roche-e+AXbWqSrlAAvxtiuMwx3w@public.gmane.org>

The dependency implicated here is the Emacs auth-source library, which
handles credential caching for smtpmail and many other bits of Emacs.

Any of these would eliminate your problem and hopefully make using
auth-source more pleasant:

+ Best: Run Emacs under gpg-agent and using an encrypted auth-source
  file (e.g. ~/.authinfo.gpg) that includes your email account
  passwords.  Then caching is guaranteed only to happen when you entered
  the GPG passphrase correctly, and expiry will be controlled through
  the gpg-agent, by setting the --max-cache-ttl option.

+ Manual and irksome: Invoke M-x auth-source-forget-all-cached after you
  flub an SMTP password.  Or, possibly, find something in smtpmail's
  error handling to which to hook this function.

+ Worst and most inconvenient: Disable password caching entirely.
  (setq auth-source-do-cache nil)

Hope this helps,
Will

-- 
BOFH excuse #4:

static from nylon underwear




^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: improving SMTP credential caching
  2013-03-22 20:43 improving SMTP credential caching Tom Roche
  2013-03-24 15:39 ` W. Greenhouse
@ 2013-03-25 18:33 ` Stefan Monnier
       [not found] ` <mailman.22817.1364236429.855.help-gnu-emacs@gnu.org>
  2 siblings, 0 replies; 4+ messages in thread
From: Stefan Monnier @ 2013-03-25 18:33 UTC (permalink / raw)
  To: help-gnu-emacs

> * cause Emacs (or whatever dependency emacs is driving for SMTP mail)
>   to not cache failed credentials?

If it caches failed credentials, it's most likely a bug,
so please M-x report-emacs-bug


        Stefan




^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: improving SMTP credential caching
       [not found] ` <mailman.22817.1364236429.855.help-gnu-emacs@gnu.org>
@ 2013-03-27 13:22   ` Ted Zlatanov
  0 siblings, 0 replies; 4+ messages in thread
From: Ted Zlatanov @ 2013-03-27 13:22 UTC (permalink / raw)
  To: help-gnu-emacs

On Mon, 25 Mar 2013 14:33:26 -0400 Stefan Monnier <monnier@iro.umontreal.ca> wrote: 

>> * cause Emacs (or whatever dependency emacs is driving for SMTP mail)
>> to not cache failed credentials?

SM> If it caches failed credentials, it's most likely a bug,
SM> so please M-x report-emacs-bug

Yes, the smtpmail.el code should not cache failed credentials.  I'll
look at the bug if there's a recipe.  I couldn't duplicate based on the
OP instructions, unfortunately.

Ted


^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2013-03-27 13:22 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2013-03-22 20:43 improving SMTP credential caching Tom Roche
2013-03-24 15:39 ` W. Greenhouse
2013-03-25 18:33 ` Stefan Monnier
     [not found] ` <mailman.22817.1364236429.855.help-gnu-emacs@gnu.org>
2013-03-27 13:22   ` Ted Zlatanov

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).