From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!.POSTED.blaine.gmane.org!not-for-mail
From: Bruno =?utf-8?Q?F=C3=A9lix?= Rezende Ribeiro <oitofelix@gnu.org>
Newsgroups: gmane.emacs.devel
Subject: tramp-auto-auth.el --- TRAMP automatic authentication library
Date: Thu, 22 Aug 2019 23:08:51 -0300
Message-ID: <877e74skek.fsf@oitofelix.com>
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="=-=-="
Injection-Info: blaine.gmane.org; posting-host="blaine.gmane.org:195.159.176.226";
	logging-data="135487"; mail-complaints-to="usenet@blaine.gmane.org"
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.3 (gnu/linux)
To: emacs-devel@gnu.org
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Fri Aug 23 04:09:40 2019
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane.org
Original-Received: from lists.gnu.org ([209.51.188.17])
	by blaine.gmane.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
	(Exim 4.89)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1i0z1H-000Z8m-2v
	for ged-emacs-devel@m.gmane.org; Fri, 23 Aug 2019 04:09:39 +0200
Original-Received: from localhost ([::1]:50948 helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1i0z1G-0000aG-0p
	for ged-emacs-devel@m.gmane.org; Thu, 22 Aug 2019 22:09:38 -0400
Original-Received: from eggs.gnu.org ([2001:470:142:3::10]:55446)
 by lists.gnu.org with esmtp (Exim 4.90_1)
 (envelope-from <oitofelix@gnu.org>) id 1i0z0Z-0000a7-8N
 for emacs-devel@gnu.org; Thu, 22 Aug 2019 22:08:57 -0400
Original-Received: from fencepost.gnu.org ([2001:470:142:3::e]:49977)
 by eggs.gnu.org with esmtp (Exim 4.71)
 (envelope-from <oitofelix@gnu.org>) id 1i0z0Z-0008QC-1y
 for emacs-devel@gnu.org; Thu, 22 Aug 2019 22:08:55 -0400
Original-Received: from [189.15.117.231] (port=43256 helo=felix-laptop)
 by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_128_CBC_SHA1:128)
 (Exim 4.82) (envelope-from <oitofelix@gnu.org>) id 1i0z0Y-0008DP-H6
 for emacs-devel@gnu.org; Thu, 22 Aug 2019 22:08:54 -0400
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/emacs-devel>,
 <mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/emacs-devel>,
 <mailto:emacs-devel-request@gnu.org?subject=subscribe>
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Original-Sender: "Emacs-devel" <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Xref: news.gmane.org gmane.emacs.devel:239498
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/239498>

--=-=-=
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable


Hello Emacs developers,

Please, find attached =E2=80=98tramp-auto-auth.el=E2=80=99.  Quoting from i=
ts commentary
header section:

  This library provides =E2=80=98tramp-auto-auth-mode=E2=80=99: a global mi=
nor mode
  whose purpose is to automatically feed TRAMP sub-processes with
  passwords for paths matching regexps.  This is useful in situations
  where interactive user input is not desirable or feasible.  For
  instance, in sub-nets with large number of hosts or whose hosts have
  dynamic IPs assigned to them.  In those cases it=E2=80=99s not practical =
to
  query passwords using the =E2=80=98auth-source=E2=80=99 library, since th=
is would
  require each host to be listed explicitly and immutably in a Netrc
  file.  Another scenario where this mode is useful are non-interactive
  Emacs sessions (like those used for batch processing or by evaluating
  =E2=80=98:async=E2=80=99 Org Babel source blocks) in which it=E2=80=99s i=
mpossible for the
  user to answer a password-asking prompt.

This library has proved extremely useful for my work using Emacs to
access remote machines in the aforementioned conditions and whose
authentication policies I couldn=E2=80=99t change.  For quite some time, I=
=E2=80=99ve
searched extensively for ways of accomplishing the same task with a
practical setup, to no avail.  Perhaps you could comment on alternative
approaches you had experience with but I failed to contemplate.

I=E2=80=99d like to discuss this implementation=E2=80=99s deficiencies and =
get your
insights and perspectives onto the problem this code is supposed to
solve.  I also would like to discuss how equivalent functionality could
make its way to the standard distribution, in case other people find it
useful enough to be worth supporting out-of-the-box.


Thanks in advance,
Bruno


--=-=-=
Content-Type: application/emacs-lisp
Content-Disposition: attachment; filename=tramp-auto-auth.el
Content-Transfer-Encoding: quoted-printable

;;; tramp-auto-auth.el --- TRAMP automatic authentication library

;; Copyright (C) 2019 Bruno F=C3=A9lix Rezende Ribeiro <oitofelix@gnu.org>

;; Author: Bruno F=C3=A9lix Rezende Ribeiro <oitofelix@gnu.org>
;; Maintainer: Bruno F=C3=A9lix Rezende Ribeiro <oitofelix@gnu.org>
;; Keywords: comm, processes
;; Package: tramp-auto-auth

;; Package-Requires: (tramp)

;; This program is free software: you can redistribute it and/or modify
;; it under the terms of the GNU General Public License as published by
;; the Free Software Foundation, either version 3 of the License, or
;; (at your option) any later version.

;; This program is distributed in the hope that it will be useful,
;; but WITHOUT ANY WARRANTY; without even the implied warranty of
;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
;; GNU General Public License for more details.

;; You should have received a copy of the GNU General Public License
;; along with this program.  If not, see <https://www.gnu.org/licenses/>.

;;; Commentary:

;; This library provides =E2=80=98tramp-auto-auth-mode=E2=80=99: a global m=
inor mode
;; whose purpose is to automatically feed TRAMP sub-processes with
;; passwords for paths matching regexps.  This is useful in situations
;; where interactive user input is not desirable or feasible.  For
;; instance, in sub-nets with large number of hosts or whose hosts
;; have dynamic IPs assigned to them.  In those cases it=E2=80=99s not
;; practical to query passwords using the =E2=80=98auth-source=E2=80=99 lib=
rary, since
;; this would require each host to be listed explicitly and immutably
;; in a Netrc file.  Another scenario where this mode is useful are
;; non-interactive Emacs sessions (like those used for batch
;; processing or by evaluating =E2=80=98:async=E2=80=99 Org Babel source bl=
ocks) in
;; which it=E2=80=99s impossible for the user to answer a password-asking
;; prompt.
;;
;; To make use of the automatic authentication feature, the variable
;; =E2=80=98tramp-auto-auth-alist=E2=80=99 must be customized to hold the p=
ath regexps
;; and their respective passwords, and then =E2=80=98tramp-auto-auth-mode=
=E2=80=99
;; must be enabled.  For example:
;;
;; (require =E2=80=99tramp-auto-auth)
;; (add-to-list 'tramp-auto-auth-alist '("root@10\\.0\\." . "$r00tPasWD!"))
;; (tramp-auto-auth-mode)

;;; Code:


(require 'tramp)


(defcustom tramp-auto-auth-alist
  nil
  "Alist of TRAMP paths regexps and their respective passwords.
Each element has the form (PATH-REGEXP . PASSWORD), where
PATH-REGEXP is a regular expression to be matched against TRAMP
paths and PASSWORD is the respective password to be sent to the
TRAMP=E2=80=99s sub-process in case a match does occur."
  :type '(alist
	  :key-type
	  (string :tag "Path Regexp"
		  :help-echo "Regexp which matches the desired TRAMP path")
	  :value-type
	  (string :tag "Password"
		  :help-echo "Password for the TRAMP path resource"))
  :group 'tramp
  :require 'tramp-auto-auth)

;;;###autoload
(define-minor-mode tramp-auto-auth-mode
  "Toggle Tramp-Auto-Auth global minor mode on or off.
With a prefix argument ARG, enable Tramp-Auto-Auth mode if ARG is
positive, and disable it otherwise.  If called from Lisp, enable
the mode if ARG is omitted or nil, and toggle it if ARG is =E2=80=98toggle=
=E2=80=99.

When enabled =E2=80=98tramp-auto-auth-alist=E2=80=99 is used to automatical=
ly
authenticate to remote servers."
  :group 'tramp
  :global t
  :require 'tramp-auto-auth
  (if tramp-auto-auth-mode
      (progn
	(advice-add #'tramp-action-password :around
		    (lambda (tramp-action-password proc vec)
		      (pcase (or (car (last vec)) "")
			((and (app (lambda (expval)
				     (assoc-default expval tramp-auto-auth-alist
						    #'string-match-p))
				   passwd)
			      (guard passwd))
			 (process-send-string proc (concat passwd tramp-local-end-of-line)))
			(_ (funcall tramp-action-password proc vec))))
		    '((name . tramp-auto-auth-mode)))
	(advice-add #'tramp-action-yesno :around
		    (lambda (tramp-action-yesno proc vec)
		      (pcase (or (car (last vec)) "")
			((pred (lambda (expval)
				 (assoc-default expval tramp-auto-auth-alist
						#'string-match-p)))
			 (tramp-send-string vec (concat "yes" tramp-local-end-of-line)))
			(_ (funcall tramp-action-yesno proc vec))))
		    '((name . tramp-auto-auth-mode))))
    (advice-remove #'tramp-action-password 'tramp-auto-auth-mode)
    (advice-remove #'tramp-action-yesno 'tramp-auto-auth-mode)))


(provide 'tramp-auto-auth)

;;; tramp-auto-auth.el ends here

--=-=-=
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable


--=20
 88888  FFFFF Bruno F=C3=A9lix Rezende Ribeiro (oitofelix) [0x28D618AF]
 8   8  F     http://oitofelix.freeshell.org/
 88888  FFFF  mailto:oitofelix@gnu.org
 8   8  F     irc://chat.freenode.org/oitofelix
 88888  F     xmpp://oitofelix@riseup.net

--=-=-=--