From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail From: Akib Azmain Turja via "Bug reports for GNU Emacs, the Swiss army knife of text editors" Newsgroups: gmane.emacs.bugs Subject: bug#58985: 29.0.50; Have auth-source-pass behave more like other back ends Date: Sat, 12 Nov 2022 21:24:37 +0600 Message-ID: <875yfkdwlm.fsf__30293.2345819258$1668266854$gmane$org@disroot.org> References: <87wn8cb0ym.fsf@neverwas.me> <874jvdardn.fsf__3771.40490324877$1667692584$gmane$org@neverwas.me> <87pme09vis.fsf@gmx.de> <87a653z7dl.fsf@neverwas.me> <878rkjl1vd.fsf@disroot.org> <877d026uym.fsf@neverwas.me> <87tu35eehq.fsf@disroot.org> <87bkpcu74w.fsf@neverwas.me> Reply-To: Akib Azmain Turja Mime-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha256; protocol="application/pgp-signature" Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214"; logging-data="23164"; mail-complaints-to="usenet@ciao.gmane.io" Cc: Damien Cassou , =?UTF-8?Q?Bj=C3=B6rn?= Bidar , emacs-erc@gnu.org, Michael Albinus , 58985@debbugs.gnu.org To: "J.P." Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Sat Nov 12 16:27:26 2022 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane-mx.org Original-Received: from lists.gnu.org ([209.51.188.17]) by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1otsPm-0005qr-9q for geb-bug-gnu-emacs@m.gmane-mx.org; Sat, 12 Nov 2022 16:27:26 +0100 Original-Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1otsPd-0007rK-TC; Sat, 12 Nov 2022 10:27:20 -0500 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1otsPZ-0007p9-Is for bug-gnu-emacs@gnu.org; Sat, 12 Nov 2022 10:27:14 -0500 Original-Received: from debbugs.gnu.org ([209.51.188.43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1otsPO-00064C-5g for bug-gnu-emacs@gnu.org; Sat, 12 Nov 2022 10:27:12 -0500 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1otsPO-00056U-06 for bug-gnu-emacs@gnu.org; Sat, 12 Nov 2022 10:27:02 -0500 X-Loop: help-debbugs@gnu.org Resent-From: Akib Azmain Turja Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Sat, 12 Nov 2022 15:27:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 58985 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: patch Original-Received: via spool by 58985-submit@debbugs.gnu.org id=B58985.166826681119602 (code B ref 58985); Sat, 12 Nov 2022 15:27:01 +0000 Original-Received: (at 58985) by debbugs.gnu.org; 12 Nov 2022 15:26:51 +0000 Original-Received: from localhost ([127.0.0.1]:48798 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1otsPD-000565-5D for submit@debbugs.gnu.org; Sat, 12 Nov 2022 10:26:51 -0500 Original-Received: from knopi.disroot.org ([178.21.23.139]:36548) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1otsPA-00055v-Sc for 58985@debbugs.gnu.org; Sat, 12 Nov 2022 10:26:49 -0500 Original-Received: from localhost (localhost [127.0.0.1]) by disroot.org (Postfix) with ESMTP id B65D340E0B; Sat, 12 Nov 2022 16:26:47 +0100 (CET) X-Virus-Scanned: SPAM Filter at disroot.org Original-Received: from knopi.disroot.org ([127.0.0.1]) by localhost (disroot.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fD67cm_uJSBP; Sat, 12 Nov 2022 16:26:46 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=disroot.org; s=mail; t=1668266806; bh=HMP+842BLjbsCpFFi2H2N0MOBUWHd6qOzNCmAEyb9kQ=; h=From:To:Cc:Subject:In-Reply-To:References:Date:From; b=KEbb9SzxD+xI8z2rPV/MrW6vJTaojXgXcaYJOWw02ckK3S+gFWTXx/dLAPfNSpVQ5 rPmc6OqDl5dZeK4JzrANTj8RXmrhYlABoQIHi5P1KQL5uynsIqd2ZWBB0faLZwhvlZ 67AWMJaPRgwPfVr4/3myvjNMyqIR0R1LC+gmdGRIm9dpMhX6p/64gLYJLk7nMigOVo P3MuyNyzzlOQ+eIEH7MnQLA7+npvaG3SQrW42d7vOn4a9BakBiNIwJXbFmEN87qC+u ixCKZ286HZqgFQBIjvZWLbYkj38yCoeXJ08tmqpUSBBRS7ck12Id05AHJ9Rw2xzVb1 Z9F9uswOW8dyA== In-Reply-To: <87bkpcu74w.fsf@neverwas.me> (J. P.'s message of "Fri, 11 Nov 2022 20:30:23 -0800") X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Xref: news.gmane.io gmane.emacs.bugs:247664 Archived-At: --=-=-= Content-Type: text/plain Content-Transfer-Encoding: quoted-printable "J.P." writes: > Akib Azmain Turja writes: > >> Why the closure doesn't capture "s"? For me, the following code >> captures "s" (obviously with lexical binding): (just let-wrapped version >> of your code) >> >> (let ((e '(:secret "topsecret"))) >> (when-let* ((s (plist-get e :secret)) ; s not captured by closure >> (v (auth-source--obfuscate s))) >> (setf (plist-get e :secret) >> (lambda () (auth-source--deobfuscate v)))) >> e) >> ;; =3D> (:secret >> ;; (closure >> ;; ((p #1) >> ;; (v . "XIcHKKIKtavKgK8J6zXP1w=3D=3D-N/XAaAOqAtGcCzKGKX71og=3D= =3D") >> ;; (s . "topsecret") ;; LEAKED!!! >> ;; (e :secret #1) >> ;; t) >> ;; nil >> ;; (auth-source--deobfuscate v))) >> > > Looks like you don't have: > > commit 1b1ffe07897ebe06cf96ab423fad3cde9fd6c981 > Author: Stefan Monnier > Date: Mon Oct 17 17:11:40 2022 -0400 >=20=20=20 > (Ffunction): Make interpreted closures safe for space >=20=20=20=20=20 > It's easiest to just make a habit of applying patches on the latest > HEAD. Once you do, you'll find that the output of your example changes. > If ELPA's Compat ever takes an interest, I suppose a backported version > could just `byte-compile' the lambda. That's a recent commit, I'm using Emacs from a commit over two months ago (I tried to upgrade just a few days before Eglot merged, but was forced to revert due to native compilation errors). > >>> + (push e out))))) >> >> [...] >> >>> +(defun auth-source-pass--retrieve-parsed (seen path port-number-p) >>> + (when-let ((m (string-match auth-source-pass--match-regexp path))) >> >> Why do you let-bound "m"? > > Because I am slow and blind, I guess. > >> I can't find any use of it in the body. > > Go figure. (Thanks.) I can't find any existence of "m". > >>> +(defun auth-source-pass--find-match-many (hosts users ports require ma= x) >>> + "Return plists for valid combinations of HOSTS, USERS, PORTS. >>> +Each plist contains, at the very least, a host and a secret." >>> + (let ((seen (make-hash-table :test #'equal)) >>> + (entries (auth-source-pass-entries)) >>> + out) >>> + (catch 'done >>> + (dolist (host hosts out) >>> + (pcase-let ((`(,_ ,u ,p) (auth-source-pass--disambiguate host)= )) >>> + (unless (or (not (equal "443" p)) (string-prefix-p "https://= " host)) >>> + (setq p nil)) >>> + (dolist (user (or users (list u))) >>> + (dolist (port (or ports (list p))) >>> + (dolist (e entries) >>> + (when-let* >>> + ((m (or (gethash e seen) (auth-source-pass--retrie= ve-parsed >>> + seen e (integerp port)))) >>> + ((equal host (plist-get m :host))) >>> + ((auth-source-pass--match-parts m :port port requ= ire)) >>> + ((auth-source-pass--match-parts m :user user requ= ire)) >>> + (parsed (auth-source-pass-parse-entry e)) >>> + ;; For now, ignore body-content pairs, if any, >>> + ;; from `auth-source-pass--parse-data'. >>> + (secret (or (auth-source-pass--get-attr 'secret p= arsed) >>> + (not (memq :secret require))))) >>> + (push >>> + `( :host ,host ; prefer user-provided :host over h >>> + ,@(and-let* ((u (plist-get m :user))) (list :use= r u)) >>> + ,@(and-let* ((p (plist-get m :port))) (list :por= t p)) >>> + ,@(and secret (not (eq secret t)) (list :secret = secret))) >>> + out) >>> + (when (or (zerop (cl-decf max)) >>> + (null (setq entries (remove e entries)))) >> >> Remove will create a lot of garbage, e.g. (let ((x '(1 2 3 4 5))) >> (eq (remove 6 x) x)) and (let ((x '(1 2 3 4 5))) (eq (remove 1 x) >> (cdr x))) both returns nil. > > Since you're clearly aware that, for lists, `remove' just calls `delete' > on a shallow copy, how could (remove thing x) ever be eq to some nthcdr > of x so long as both are non-nil? > >> If you think delete is OK, go ahead and use it. If you think remove is >> better, keep it. Do whatever you think right. > > As I tried to explain in > > https://debbugs.gnu.org/cgi/bugreport.cgi?bug=3D58985#64 > > I think `delete' is safe in this situation, assuming of course that, for > ancient, core functions, the implementation can be construed as the de > facto interface. Based on your comments, you seem to agree with this > assumption, which seems only sane. I have thus reverted the change. > Any one contributing to core Emacs is almost certain more experienced that me, so they should ignore me if they wish. >> >>> + (throw 'done out))))))))))) >>> + >> >> [...] > > While I certainly welcome the assiduous scrutinizing of Emacs lisp > mechanics and technique (truly), I was mainly hoping that, as an avid > pass user, you would also help flesh out the precise effects of the > behavior introduced by these changes and hopefully share some insights > into how they might impact day-to-day usage for the typical pass user. > Granted, that necessarily involves applying these patches atop your > daily driver and living with them for a spell and, ideally, investing > some thought into imagining common usage patterns beyond your own (plus > any potentially problematic edge cases). If you have the energy to > devote to (perhaps just some of) these areas, it would really help move > this bug report forward. Thanks. > > > > Actually, I'm not very brave, and any damage to my password-store would be an absolute disaster. However, I have made a backup and add the encrypted passwords to a Git repository, and since the patch looks safe, I'm going to apply and test it. =2D-=20 Akib Azmain Turja, GPG key: 70018CE5819F17A3BBA666AFE74F0EFA922AE7F5 Fediverse: akib@hostux.social Codeberg: akib emailselfdefense.fsf.org | "Nothing can be secure without encryption." --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEyVTKmrtL6kNBe3FRVTX89U2IYWsFAmNvurUACgkQVTX89U2I YWsarA//frrnI19lAZiPLvZOr3EF5X5jatpj9xycSRflgBWRHm7Di/ToN8Tdvrq6 qNYK5BNHNXymqKpMR349aPipjnr8TzAZsW6Xxxya6++yEHJWusKoQJhBk1qS//qg UK/zY4etL+QmzI4tRnm1IAfH5OgOBrC9BsbNXnD6VrpIRIpn0HWZTiYJNsuxibTt 0yrbH3IaMQqIAXm13n1fCn+ot+aSqRd5O40eUG7OSM5J5KKyCEYbGyMp92tH3PxH wiqMvlZuG7JIeErAQ8ZsGtW59PvpQiCG1cvk6aBqESn14MZpwo+tDFrJbbUYBTTk tmdUp5/aS/iTRcRekan/m07aCbUwtV8BxLQf768QWvseCXd0Jow3VCobF/dmXR+W teyp7VPgqYqMihGPNkW6aNfmJUc6XvKqNcYy4Sp6eW/GifnTBtFFmxuQ3fQsXptM p1hAv0y6EtR3h8N8mK74nCTRThCtx4ZyOh8gSRIsrn/AS5PzCqt+Aa19Z8YQJKGc TzjrKCjHzfh/Jr/UGhnnQN6STJavTE598ndq3QZTk3G8niftRT8JCcd6jWebpDiG mXwYREm0TO1eSunNnfRhc8EbmsnTLR74C9N46Bir1POm80EjyboWEyflr+SYedHr 18qnt5xlV3JMiom4A1Ojw/lkQx8NplEHUpa0Qa+4Y9THSLmCXtg= =A0nS -----END PGP SIGNATURE----- --=-=-=--