From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail
From: "J.P." <jp@neverwas.me>
Newsgroups: gmane.emacs.bugs
Subject: bug#58985: 29.0.50;
 Gnus setup broken by commit 2cf9e699ef0fc43a4eadaf00a1ed2f876765c64d
Date: Fri, 25 Nov 2022 06:23:47 -0800
Message-ID: <87mt8fi03w.fsf@neverwas.me>
References: <87sfi8ve35.fsf@gmail.com> <87fse8wg4g.fsf@neverwas.me>
 <87ilj4uzvp.fsf@gmail.com>
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="=-=-="
Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214";
	logging-data="10384"; mail-complaints-to="usenet@ciao.gmane.io"
User-Agent: Gnus/5.13 (Gnus v5.13)
Cc: Kai Tetzlaff <emacs+bug@tetzco.de>, 58985@debbugs.gnu.org
To: =?UTF-8?Q?Jo=C3=A3o_?= =?UTF-8?Q?T=C3=A1vora?= <joaotavora@gmail.com>
Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Fri Nov 25 15:25:30 2022
Return-path: <bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org>
Envelope-to: geb-bug-gnu-emacs@m.gmane-mx.org
Original-Received: from lists.gnu.org ([209.51.188.17])
	by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
	(Exim 4.92)
	(envelope-from <bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org>)
	id 1oyZdx-0002PU-LU
	for geb-bug-gnu-emacs@m.gmane-mx.org; Fri, 25 Nov 2022 15:25:30 +0100
Original-Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <bug-gnu-emacs-bounces@gnu.org>)
	id 1oyZda-0001ea-Mx; Fri, 25 Nov 2022 09:25:06 -0500
Original-Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1oyZdY-0001e3-DC
 for bug-gnu-emacs@gnu.org; Fri, 25 Nov 2022 09:25:04 -0500
Original-Received: from debbugs.gnu.org ([209.51.188.43])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1oyZdX-0005xd-Kx
 for bug-gnu-emacs@gnu.org; Fri, 25 Nov 2022 09:25:03 -0500
Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1oyZdW-0002sA-G8
 for bug-gnu-emacs@gnu.org; Fri, 25 Nov 2022 09:25:02 -0500
X-Loop: help-debbugs@gnu.org
Resent-From: "J.P." <jp@neverwas.me>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-gnu-emacs@gnu.org
Resent-Date: Fri, 25 Nov 2022 14:25:02 +0000
Resent-Message-ID: <handler.58985.B58985.166938624510956@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 58985
X-GNU-PR-Package: emacs
X-GNU-PR-Keywords: patch
Original-Received: via spool by 58985-submit@debbugs.gnu.org id=B58985.166938624510956
 (code B ref 58985); Fri, 25 Nov 2022 14:25:02 +0000
Original-Received: (at 58985) by debbugs.gnu.org; 25 Nov 2022 14:24:05 +0000
Original-Received: from localhost ([127.0.0.1]:33899 helo=debbugs.gnu.org)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
 id 1oyZca-0002qd-Mn
 for submit@debbugs.gnu.org; Fri, 25 Nov 2022 09:24:05 -0500
Original-Received: from mail-108-mta176.mxroute.com ([136.175.108.176]:36241)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <jp@neverwas.me>) id 1oyZcV-0002q5-4x
 for 58985@debbugs.gnu.org; Fri, 25 Nov 2022 09:24:03 -0500
Original-Received: from mail-111-mta2.mxroute.com ([136.175.111.2]
 filter006.mxroute.com) (Authenticated sender: mN4UYu2MZsgR)
 by mail-108-mta176.mxroute.com (ZoneMTA) with ESMTPSA id
 184af2c5ce70006e99.001 for <58985@debbugs.gnu.org>
 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES128-GCM-SHA256);
 Fri, 25 Nov 2022 14:23:51 +0000
X-Zone-Loop: a7fdf5038d92ad0833928a568db30d01f2a529694e28
X-Originating-IP: [136.175.111.2]
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=neverwas.me
 ; s=x;
 h=Content-Type:MIME-Version:Message-ID:Date:References:In-Reply-To:
 Subject:Cc:To:From:Sender:Reply-To:Content-Transfer-Encoding:Content-ID:
 Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
 :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
 List-Post:List-Owner:List-Archive;
 bh=rzIPu8XcxY3ALcn9/0yifEm32XfSDMdwol7JHTOmbWs=; b=CDiqWEp/GpKjYsO9cASOG71urY
 T39kSziSDlVunBtnN/xjmzzI71PXBeQF3YDBleV+i/PEu6KSrOu76xFbKEoJKOWbLvmtiDhmiypdz
 hShN3EnqBg7QCSdqqBf5UpuZPNQ8Q7C78oWgX9oYsewEHD1FO51wBEFlfGLK89tTpRxqX28ksiozD
 ui9GTs+AC0xUb9GTrcHotoGNIjL/WFsKV/FxrpC5kwGGLcOPs5CpqYTAL/5NKikSTZaOdyaCVXmYO
 4SKWGb7amv6JluHXhjmCi0rL0QoG6Fl2mY0VbNangg1c2i19apkNIAmgVwyv6yTDerm9LxJ8tEJfh
 Sg3Eos+w==;
In-Reply-To: <87ilj4uzvp.fsf@gmail.com> ("=?UTF-8?Q?Jo=C3=A3o_?=
 =?UTF-8?Q?T=C3=A1vora?="'s message of "Thu, 24 Nov 2022 15:38:02 +0000")
X-Authenticated-Id: masked@neverwas.me
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
X-BeenThere: bug-gnu-emacs@gnu.org
List-Id: "Bug reports for GNU Emacs,
 the Swiss army knife of text editors" <bug-gnu-emacs.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/bug-gnu-emacs>,
 <mailto:bug-gnu-emacs-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/bug-gnu-emacs>
List-Post: <mailto:bug-gnu-emacs@gnu.org>
List-Help: <mailto:bug-gnu-emacs-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/bug-gnu-emacs>,
 <mailto:bug-gnu-emacs-request@gnu.org?subject=subscribe>
Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org
Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org
Xref: news.gmane.io gmane.emacs.bugs:249002
Archived-At: <http://permalink.gmane.org/gmane.emacs.bugs/249002>

--=-=-=
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

Jo=C3=A3o T=C3=A1vora <joaotavora@gmail.com> writes:

> The affected item is, I believe, ~/.password-store/local-gmail:imap.gpg
> and likely also ~/.password-store/smtp.gmail.com:465.gpg.  When I set
> auth-source-debug to t, these lines appeared in *Messages*
>
> auth-source-pass: final result: nil
> auth-source-search: found 0 results (max 1) matching (:max 1 :host
> ("local-gmail" "localhost") :port ("imap" "imap" "143") :user
> "joaotavora@gmail.com" :require (:user :secret) :create t)
> auth-source-pass: final result: nil
> auth-source-search: CREATED 0 results (max 1) matching (:max 1 :host
> ("local-gmail" "localhost") :port ("imap" "imap" "143") :user
> "joaotavora@gmail.com" :require (:user :secret) :create t)
> Opening nnimap server on local-gmail...failed:=20

This was helpful, thanks. It seems

  :require (:user ...)

is clashing with the absence of a "user" component in the affected file
names.

Among other things, the commit in question tries to provide a way of
honoring the `:require' keyword in a manner befitting the doc string of
`auth-source-search':

  :require (A B C) means that only results that contain those
  tokens will be returned.  Thus for instance requiring :secret
  will ensure that any results will actually have a :secret
  property.

The other back ends more or less do the same. (Take a peek at the
attached examples if you're bored.) So, I guess the takeaway here, at
least as things stand, is basically this: if for some reason you really
wanted to enable the option, you'd need to rename the affected files.
Either

  ~/.password-store/joaotavora@gmail.com@local-gmail:imap.gpg

or

  ~/.password-store/local-gmail:imap/joaotavora@gmail.com.gpg

should do it. Alternatively, if the gnus function that calls
`auth-source-search' were somehow configurable (guessing no), you could
omit the `:require's altogether, increase the `:max' value, and
prioritize the results, which is what ERC does (or tries to do).

>> However, I think it's probably best to forgo all that and do what I was
>> leaning toward from the outset, and that's keeping the new behavior off
>> by default in Emacs 29. It's looking liable to cause too much churn for
>> too many folks [1]. Thus, unless anyone objects or has anything else to
>> add, I will do this in the next 24 hours or so. Apologies again for the
>> disruption and the time spent bisecting.
>
> No problem, and thanks for understanding.

Thank YOU for understanding. (All I did was break your email.)

> I think it is indeed better if you make this opt-in. I can then opt
> into it and help you debug the root cause. But in the meantime, my
> email won't be broken :-)

I've pushed the change, but you may need to clear your auth-source cache
or restart your session to see any effect. Please let me know if that
doesn't do it. And thanks for all your work on Emacs!

J.P.


--=-=-=
Content-Type: text/x-patch
Content-Disposition: attachment;
 filename=0001-POC-Compare-require-among-auth-source-backends.patch

>From 5b0f0c108578cbae5f0804fe1daa60599a71d4bf Mon Sep 17 00:00:00 2001
From: "F. Jason Park" <jp@neverwas.me>
Date: Thu, 24 Nov 2022 21:03:03 -0800
Subject: [PATCH] [POC] Compare :require among auth-source backends

---
 test/lisp/auth-source-pass-tests.el | 305 ++++++++++++++++++++++++++++
 1 file changed, 305 insertions(+)

diff --git a/test/lisp/auth-source-pass-tests.el b/test/lisp/auth-source-pass-tests.el
index 1107e09b51..ed88cf5476 100644
--- a/test/lisp/auth-source-pass-tests.el
+++ b/test/lisp/auth-source-pass-tests.el
@@ -751,6 +751,311 @@ auth-source-pass-extra-query-keywords--user-priorities
                          (:host "g" :user "u" :port 2 :secret "@") ; **
                          (:host "g" :user "u" :port 2 :secret "/"))))))))
 
+;;;; :require demo
+
+;; Swapping out smtp.gmail.com and 465 with local-gmail and imap
+;; doesn't change the outcome of any cases below.
+
+;; netrc
+
+(ert-deftest auth-source-pass-extra-query-keywords--netrc-joao ()
+  (ert-with-temp-file netrc-file
+    :text "\
+machine local-gmail port imap password a
+machine smtp.gmail.com port 465 password b
+"
+    (let* ((auth-sources (list netrc-file))
+           (auth-source-do-cache nil)
+           (results (auth-source-search :max 1
+                                        :host '("local-gmail" "localhost")
+                                        :port '("imap" "imap" "143")
+                                        :user "joaotavora@gmail.com"
+                                        :require '(:user :secret))))
+      (should-not results))))
+
+(ert-deftest auth-source-pass-extra-query-keywords--netrc-joao-user ()
+  (ert-with-temp-file netrc-file
+    :text "\
+machine local-gmail login joaotavora@gmail.com port imap password a
+machine smtp.gmail.com login joaotavora@gmail.com port 465 password b
+"
+    (let* ((auth-sources (list netrc-file))
+           (auth-source-do-cache nil)
+           (results (auth-source-search :max 1
+                                        :host '("local-gmail" "localhost")
+                                        :port '("imap" "imap" "143")
+                                        :user "joaotavora@gmail.com"
+                                        :require '(:user :secret))))
+      (dolist (result results)
+        (setf (plist-get result :secret) (auth-info-password result)))
+      (should (equal results '(( :host "local-gmail"
+                                 :user "joaotavora@gmail.com"
+                                 :port "imap"
+                                 :secret "a")))))))
+
+;; plstore
+
+(require 'epg)
+
+(ert-deftest auth-source-pass-extra-query-keywords--plstore-joao ()
+  (ert-with-temp-file plstore-file
+    :suffix ".plist"
+    :text "\
+;;; public entries -*- mode: plstore -*-
+((\"7c0d0c60eba2b3da2feebff6a007934b73d6ba8c\"
+  :secret-secret t
+  :host \"local-gmail\"
+  :port \"imap\")
+ (\"e579bb71ac879a2fbe90462be686ec090bcb995f\"
+  :secret-secret t
+  :host \"smtp.gmail.com\"
+  :port \"465\"))
+;;; secret entries
+((\"7c0d0c60eba2b3da2feebff6a007934b73d6ba8c\" :secret \"a\")
+ (\"e579bb71ac879a2fbe90462be686ec090bcb995f\" :secret \"b\"))
+"
+    (cl-letf (((symbol-function 'epg-decrypt-string)
+               (lambda (&rest r) (prin1-to-string (cadr r))))
+              ((symbol-function 'epg-find-configuration)
+               (lambda (&rest _) '((program . "/bin/true")))))
+      (let* ((auth-sources (list plstore-file))
+             (auth-source-do-cache nil)
+             (results (auth-source-search :max 1
+                                          :host '("local-gmail" "localhost")
+                                          :port '("imap" "imap" "143")
+                                          :user "joaotavora@gmail.com"
+                                          :require '(:user :secret))))
+        (should-not results)))))
+
+(ert-deftest auth-source-pass-extra-query-keywords--plstore-joao-user ()
+  (ert-with-temp-file plstore-file
+    :suffix ".plist"
+    :text "\
+;;; public entries -*- mode: plstore -*-
+((\"b0d8e1b370cff2d4c71cd503905d1bfa80247a82\"
+  :secret-secret t
+  :host \"local-gmail\"
+  :user \"joaotavora@gmail.com\"
+  :port \"imap\")
+ (\"5d05df976779ae4690254c6572c1652748ac4b58\"
+  :secret-secret t
+  :host \"smtp.gmail.com\"
+  :user \"joaotavora@gmail.com\"
+  :port \"465\"))
+;;; secret entries
+((\"b0d8e1b370cff2d4c71cd503905d1bfa80247a82\" :secret \"a\")
+ (\"5d05df976779ae4690254c6572c1652748ac4b58\" :secret \"b\"))
+"
+    (cl-letf (((symbol-function 'epg-decrypt-string)
+               (lambda (&rest r) (prin1-to-string (cadr r))))
+              ((symbol-function 'epg-find-configuration)
+               (lambda (&rest _) '((program . "/bin/true")))))
+      (let* ((auth-sources (list plstore-file))
+             (auth-source-do-cache nil)
+             (results (auth-source-search :max 1
+                                          :host '("local-gmail" "localhost")
+                                          :port '("imap" "imap" "143")
+                                          :user "joaotavora@gmail.com"
+                                          :require '(:user :secret))))
+        (dolist (result results)
+          (setf (plist-get result :secret) (auth-info-password result)))
+        (should (equal results '(( :login nil
+                                   :secret "a"
+                                   :host "local-gmail"
+                                   :user "joaotavora@gmail.com"
+                                   :port "imap"))))))))
+
+;; json
+
+(ert-deftest auth-source-pass-extra-query-keywords--json-joao ()
+  (ert-with-temp-file json-store
+    :suffix ".json"
+    :text "\
+[{\"host\":\"local-gmail\",
+  \"port\":\"imap\",
+  \"secret\":\"a\"},
+ {\"host\":\"smtp.gmail.com\",
+  \"port\":\"465\",
+  \"secret\":\"b\"}]
+"
+    (let ((auth-sources (list json-store))
+          (auth-source-do-cache nil))
+      (should-not (auth-source-search :max 1
+                                      :host '("local-gmail" "localhost")
+                                      :port '("imap" "imap" "143")
+                                      :user "joaotavora@gmail.com"
+                                      :require '(:user :secret))))))
+
+(ert-deftest auth-source-pass-extra-query-keywords--json-joao-user ()
+  (ert-with-temp-file json-store
+    :suffix ".json"
+    :text "\
+[{\"host\":\"local-gmail\",
+  \"port\":\"imap\",
+  \"user\":\"joaotavora@gmail.com\",
+  \"secret\":\"a\"},
+ {\"host\":\"smtp.gmail.com\",
+  \"port\":\"465\",
+  \"user\":\"joaotavora@gmail.com\",
+  \"secret\":\"b\"}]
+"
+    (let* ((auth-sources (list json-store))
+           (auth-source-do-cache nil)
+           (results (auth-source-search :max 1
+                                        :host '("local-gmail" "localhost")
+                                        :port '("imap" "imap" "143")
+                                        :user "joaotavora@gmail.com"
+                                        :require '(:user :secret))))
+      (dolist (result results)
+        (setf (plist-get result :secret) (auth-info-password result)))
+      (should (equal results
+                     '(( :host "local-gmail"
+                         :port "imap"
+                         :user "joaotavora@gmail.com"
+                         :secret "a")))))))
+
+;; secrets
+
+;; With the secrets backend, any "attribute" (keyword) specified in
+;; the query must exist in the entry, so `:require' is implied.  The
+;; mocked search below is so contrived as to be meaningless, but it
+;; nevertheless emphasizes the "must match" nature of the upstream
+;; SearchItems DBus method (of the Secret Service API's collections
+;; interface: org.freedesktop.Secret.Collection.SearchItems).
+;;
+;; https://specifications.freedesktop.org/secret-service/latest/re02.html
+;; #org.freedesktop.Secret.Collection.SearchItems
+
+(require 'secrets)
+
+(ert-deftest auth-source-pass-extra-query-keywords--secrets-joao ()
+  (let ((auth-sources '("secrets:Test"))
+        (auth-source-do-cache nil)
+        (entries '(("nil@local-gmail:imap"
+                    (:host . "local-gmail")
+                    (:port . "imap")
+                    (:xdg:schema . "org.freedesktop.Secret.Generic"))
+                   ("nil@smtp.gmail.com:465"
+                    (:host . "smtp.gmail.com")
+                    (:port . "465")
+                    (:xdg:schema . "org.freedesktop.Secret.Generic"))))
+        (secrets '(("nil@local-gmail:imap" . "a")
+                   ("nil@smtp.gmail.com:465" . "b"))))
+
+    (cl-letf (((symbol-function 'secrets-search-items)
+               (lambda (_ &rest r)
+                 (mapcan (lambda (s)
+                           (and (seq-every-p (pcase-lambda (`(,k . ,v))
+                                               (equal v (alist-get k (cdr s))))
+                                             (map-pairs r))
+                                (list (car s))))
+                         entries)))
+              ((symbol-function 'secrets-get-secret)
+               (lambda (_ label) (assoc-default label secrets)))
+              ((symbol-function 'secrets-get-attributes)
+               (lambda (_ label) (assoc-default label entries))))
+
+      (should-not (auth-source-search :max 1
+                                      :host '("local-gmail" "localhost")
+                                      :port '("imap" "imap" "143")
+                                      :user "joaotavora@gmail.com"
+                                      :require '(:user :secret))))))
+
+(ert-deftest auth-source-pass-extra-query-keywords--secrets-joao-user ()
+  (let ((auth-sources '("secrets:Test"))
+        (auth-source-do-cache nil)
+        (entries '(("joaotavora@gmail.com@local-gmail:imap"
+                    (:host . "local-gmail")
+                    (:user . "joaotavora@gmail.com")
+                    (:port . "imap")
+                    (:xdg:schema . "org.freedesktop.Secret.Generic"))
+                   ("joaotavora@gmail.com@smtp.gmail.com:465"
+                    (:host . "smtp.gmail.com")
+                    (:user . "joaotavora@gmail.com")
+                    (:port . "465")
+                    (:xdg:schema . "org.freedesktop.Secret.Generic"))))
+        (secrets '(("joaotavora@gmail.com@local-gmail:imap" . "a")
+                   ("joaotavora@gmail.com@smtp.gmail.com:465" . "b"))))
+
+    (cl-letf (((symbol-function 'secrets-search-items)
+               (lambda (_ &rest r)
+                 (mapcan (lambda (s)
+                           (and (seq-every-p (pcase-lambda (`(,k . ,v))
+                                               (equal v (alist-get k (cdr s))))
+                                             (map-pairs r))
+                                (list (car s))))
+                         entries)))
+              ((symbol-function 'secrets-get-secret)
+               (lambda (_ label) (assoc-default label secrets)))
+              ((symbol-function 'secrets-get-attributes)
+               (lambda (_ label) (assoc-default label entries))))
+
+      (let ((results (auth-source-search :max 1
+                                         :host '("local-gmail" "localhost")
+                                         :port '("imap" "imap" "143")
+                                         :user "joaotavora@gmail.com"
+                                         :require '(:user :secret))))
+        (dolist (result results)
+          (setf (plist-get result :secret) (auth-info-password result)))
+        (should (equal results
+                       '(( :login nil
+                           :secret "a"
+                           :host "local-gmail"
+                           :user "joaotavora@gmail.com"
+                           :port "imap"
+                           :xdg:schema "org.freedesktop.Secret.Generic"))))))))
+
+;; Pass
+
+(ert-deftest auth-source-pass-extra-query-keywords--pass--joao ()
+  (auth-source-pass--with-store '(("smtp.gmail.com:465" (secret . "a"))
+                                  ("local-gmail:imap" (secret . "b")))
+    (auth-source-pass-enable)
+    (let ((auth-source-pass-extra-query-keywords t))
+      (should-not (auth-source-search :max 1
+                                      :host '("local-gmail" "localhost")
+                                      :port '("imap" "imap" "143")
+                                      :user "joaotavora@gmail.com"
+                                      :require '(:user :secret))))))
+
+(ert-deftest auth-source-pass-extra-query-keywords--pass--joao-user ()
+  ;; "suffix" syntax
+  (auth-source-pass--with-store '(("smtp.gmail.com:465/joaotavora@gmail.com"
+                                   (secret . "a"))
+                                  ("local-gmail:imap/joaotavora@gmail.com"
+                                   (secret . "b")))
+    (auth-source-pass-enable)
+    (let* ((auth-source-pass-extra-query-keywords t)
+           (results (auth-source-search :max 1
+                                        :host '("local-gmail" "localhost")
+                                        :port '("imap" "imap" "143")
+                                        :user "joaotavora@gmail.com"
+                                        :require '(:user :secret))))
+      (dolist (result results)
+        (setf (plist-get result :secret) (auth-info-password result)))
+      (should (equal results '(( :host "local-gmail"
+                                 :user "joaotavora@gmail.com"
+                                 :port "imap"
+                                 :secret "b"))))))
+  ;; "prefix" syntax
+  (auth-source-pass--with-store '(("joaotavora@gmail.com@smtp.gmail.com:465"
+                                   (secret . "a"))
+                                  ("joaotavora@gmail.com@local-gmail:imap"
+                                   (secret . "b")))
+    (auth-source-pass-enable)
+    (let* ((auth-source-pass-extra-query-keywords t)
+           (results (auth-source-search :max 1
+                                        :host '("local-gmail" "localhost")
+                                        :port '("imap" "imap" "143")
+                                        :user "joaotavora@gmail.com"
+                                        :require '(:user :secret))))
+      (dolist (result results)
+        (setf (plist-get result :secret) (auth-info-password result)))
+      (should (equal results '(( :host "local-gmail"
+                                 :user "joaotavora@gmail.com"
+                                 :port "imap"
+                                 :secret "b")))))))
+
 (provide 'auth-source-pass-tests)
 
 ;;; auth-source-pass-tests.el ends here
-- 
2.38.1


--=-=-=--