Re: 29.1; ERC 5.5.0.29.1: Unnecessary .authinfo.gpg decryption causes connection failure to irc.libera.chat

[Jake <jforst.mailman@gmail.com>]

[-- Attachment #1: Type: text/plain, Size: 3440 bytes --]

Hi J.P.

Thanks for taking the time.

> It just decrypts the file straight
> away if it has access to the key it was encrypted with and fails
> otherwise.
It sounds like you've successfully reproduced it, because it's attempted to
decrypt the auth-source file.

Now I feel like I'm definitely missing something. Why does it do this? I
assume nothing in this file is required to connect to irc.libera.chat,
since the connection succeeds if the file is not present.

> So, I was wondering if this prompt is coming from somewhere
> external, such as a secrets manager or a TTY pinentry program
I've had the prompt from gnome keyring on Ubuntu (I assume that's what it
is) and gtk-pinentry on another machine. But my issue is that the prompt
occurs at all.

> Also, is the "irc.libera.chat:6697" buffer completely blank
> after the failure?
yes it is blank.

> And is there anything relevant recorded in the
> "*Messages*" buffer?
Decrypting /home/jake/.authinfo.gpg...done
epa-file-insert-file-contents: Opening input file: Decryption failed, , No
secret key

Thanks
Jake

On Sat, Dec 23, 2023 at 4:41 AM J.P. <jp@neverwas.me> wrote:

> Hi Jake,
>
> Jake <jforst.mailman@gmail.com> writes:
>
> > Hello
> >
> > I encountered an issue with authinfo interfering with ERC:
> > When I attempt to connect to the irc.libera.chat server with a random
> > nickname and no password, if a ~/.authinfo.gpg file is present on my
> > system (or any .gpg file in the auth-sources variable), ERC attempts to
> > decrypt this file when connecting. When I don't decrypt it, the
> > connection fails.
> >
> > This occurs with emacs -Q.
> >
> > If I set auth-sources to nil, or change the name of the .gpg file to
> > something else not in auth-sources, I get the expected behavior; i.e.,
> it connects to the server.
> >
> > Steps to reproduce:
> > 1. have an encrypted ~/.authinfo.gpg file (this will also be an element
> of
> > the variable auth-sources, which is the default)
> > 2. emacs -Q
> > 3. M-x erc-tls
> > interactively: RET on default values irc.libera.chat and 6697, then
> enter a unique nickname and do not
> > enter a password
> > 4. be prompted to decrypt ~/.authinfo.gpg
>
> I haven't tried very hard to reproduce this yet, but I can't seem to get
> Emacs to prompt me from emacs -Q. It just decrypts the file straight
> away if it has access to the key it was encrypted with and fails
> otherwise. So, I was wondering if this prompt is coming from somewhere
> external, such as a secrets manager or a TTY pinentry program, for
> example,
>
>   Please enter the passphrase to unlock the OpenPGP secret key:
>   "Your Name <you@example.com>"
>   3071 RSA key, ID DEAD..BEEF
>   created 2023-12-22 17:30 (main key ID ...).
>
>   Passprhase: ____________________________
>
>   <OK> <Cancel>
>
> (although, from your description, it seems like you're using graphical
> Emacs). Also, is the "irc.libera.chat:6697" buffer completely blank
> after the failure? And is there anything relevant recorded in the
> "*Messages*" buffer? Perhaps something like:
>
>   For information about GNU Emacs and the GNU system, type C-h C-a.
>   Decrypting /root/.authinfo.gpg...done
>   epa-file-insert-file-contents:
>   Opening input file: Decryption failed, , No secret key
>
> I'm mainly trying to avoid having to replicate your setup in a VM.
>
> TIA,
> J.P.
>

[-- Attachment #2: Type: text/html, Size: 4419 bytes --]