* [RESEND] lisp/server.el: Allow custom server-auth-key
@ 2011-08-26 13:54 Michal Nazarewicz
2011-09-02 3:39 ` bug#9423: " Stefan Monnier
0 siblings, 1 reply; 11+ messages in thread
From: Michal Nazarewicz @ 2011-08-26 13:54 UTC (permalink / raw)
To: emacs-devel
This patch adds a possibility to set create a custom server-auth-key
which may be shared between several machines without the need of
having common file system, etc.
I'm resending this patch as last time the discussion somehow died.
As for legal stuff, the patch is (c) Google Inc. but since Google has
signed necessary agreement it should be no problem, right?
Changelog entry is as follows:
2011-08-26 Michal Nazarewicz <mina86@mina86.com>
* lisp/selver.el (server-auth-key, server-generate-key,
server-get-auth-key, server-start): Add possibility to set
server-auth-key instead of using random one each time.
=== modified file 'lisp/server.el'
*** lisp/server.el 2011-07-04 22:40:03 +0000
--- lisp/server.el 2011-08-08 14:12:01 +0000
*************** directory residing in a NTFS partition i
*** 134,139 ****
--- 134,166 ----
;;;###autoload
(put 'server-auth-dir 'risky-local-variable t)
+ (defcustom server-auth-key nil
+ "Server authentication key.
+
+ Normally, authentication key is generated on random when server
+ starts, which guarantees some level of security. It is
+ recommended to leave it that way. Using a long-lived shared key
+ may decrease security (especially since the key is transmitted as
+ plain text).
+
+ In some situations however, it can be difficult to share randomly
+ generated password with remote hosts (eg. no shared directory),
+ so you can set the key with this variable and then copy server
+ file to remote host (with possible changes to IP address and/or
+ port if that applies).
+
+ The key must consist of 64 US-ASCII printable characters except
+ for space (this means characters from ! to ~; or from code 33
+ to 126).
+
+ You can use \\[server-generate-key] to get a random authentication
+ key."
+ :group 'server
+ :type '(choice
+ (const :tag "Random" nil)
+ (string :tag "Password"))
+ :version "24.0")
+
(defcustom server-raise-frame t
"If non-nil, raise frame when switching to a buffer."
:group 'server
*************** See variable `server-auth-dir' for detai
*** 503,508 ****
--- 530,561 ----
(unless safe
(error "The directory `%s' is unsafe" dir)))))
+ (defun server-generate-key ()
+ "Generates and returns a random 64-byte strings of random chars
+ in the range `!'..`~'. If called interactively, also inserts it
+ into current buffer."
+ (interactive)
+ (let ((auth-key
+ (loop repeat 64
+ collect (+ 33 (random 94)) into auth
+ finally return (concat auth))))
+ (if (called-interactively-p)
+ (insert auth-key))
+ auth-key))
+
+ (defun server-get-auth-key ()
+ "Returns server's authentication key.
+
+ If `server-auth-key' is nil this function will just call
+ `server-generate-key'. Otherwise, if `server-auth-key' is
+ a valid authentication it will return it. Otherwise, it will
+ signal an error."
+ (if server-auth-key
+ (if (string-match "^[!-~]\\{64\\}$" server-auth-key)
+ server-auth-key
+ (error "The key '%s' is invalid" server-auth-key))
+ (server-generate-key)))
+
;;;###autoload
(defun server-start (&optional leave-dead inhibit-prompt)
"Allow this Emacs process to be a server for client processes.
*************** server or call `M-x server-force-delete'
*** 596,608 ****
(unless server-process (error "Could not start server process"))
(process-put server-process :server-file server-file)
(when server-use-tcp
! (let ((auth-key
! (loop
! ;; The auth key is a 64-byte string of random chars in the
! ;; range `!'..`~'.
! repeat 64
! collect (+ 33 (random 94)) into auth
! finally return (concat auth))))
(process-put server-process :auth-key auth-key)
(with-temp-file server-file
(set-buffer-multibyte nil)
--- 649,655 ----
(unless server-process (error "Could not start server process"))
(process-put server-process :server-file server-file)
(when server-use-tcp
! (let ((auth-key (server-get-auth-key)))
(process-put server-process :auth-key auth-key)
(with-temp-file server-file
(set-buffer-multibyte nil)
^ permalink raw reply [flat|nested] 11+ messages in thread
* bug#9423: lisp/server.el: Allow custom server-auth-key
2011-08-26 13:54 [RESEND] lisp/server.el: Allow custom server-auth-key Michal Nazarewicz
@ 2011-09-02 3:39 ` Stefan Monnier
2012-04-12 19:46 ` Lars Magne Ingebrigtsen
0 siblings, 1 reply; 11+ messages in thread
From: Stefan Monnier @ 2011-09-02 3:39 UTC (permalink / raw)
To: 9423; +Cc: Michal Nazarewicz
Package: emacs
Severity: wishlist
Tag: patch
> This patch adds a possibility to set create a custom server-auth-key
> which may be shared between several machines without the need of
> having common file system, etc.
> I'm resending this patch as last time the discussion somehow died.
> As for legal stuff, the patch is (c) Google Inc. but since Google has
> signed necessary agreement it should be no problem, right?
> Changelog entry is as follows:
> 2011-08-26 Michal Nazarewicz <mina86@mina86.com>
> * lisp/selver.el (server-auth-key, server-generate-key,
> server-get-auth-key, server-start): Add possibility to set
> server-auth-key instead of using random one each time.
> === modified file 'lisp/server.el'
> *** lisp/server.el 2011-07-04 22:40:03 +0000
> --- lisp/server.el 2011-08-08 14:12:01 +0000
> *************** directory residing in a NTFS partition i
> *** 134,139 ****
> --- 134,166 ----
> ;;;###autoload
> (put 'server-auth-dir 'risky-local-variable t)
> + (defcustom server-auth-key nil
> + "Server authentication key.
> +
> + Normally, authentication key is generated on random when server
> + starts, which guarantees some level of security. It is
> + recommended to leave it that way. Using a long-lived shared key
> + may decrease security (especially since the key is transmitted as
> + plain text).
> +
> + In some situations however, it can be difficult to share randomly
> + generated password with remote hosts (eg. no shared directory),
> + so you can set the key with this variable and then copy server
> + file to remote host (with possible changes to IP address and/or
> + port if that applies).
> +
> + The key must consist of 64 US-ASCII printable characters except
> + for space (this means characters from ! to ~; or from code 33
> + to 126).
> +
> + You can use \\[server-generate-key] to get a random authentication
> + key."
> + :group 'server
> + :type '(choice
> + (const :tag "Random" nil)
> + (string :tag "Password"))
> + :version "24.0")
> +
> (defcustom server-raise-frame t
> "If non-nil, raise frame when switching to a buffer."
> :group 'server
> *************** See variable `server-auth-dir' for detai
> *** 503,508 ****
> --- 530,561 ----
> (unless safe
> (error "The directory `%s' is unsafe" dir)))))
> + (defun server-generate-key ()
> + "Generates and returns a random 64-byte strings of random chars
> + in the range `!'..`~'. If called interactively, also inserts it
> + into current buffer."
> + (interactive)
> + (let ((auth-key
> + (loop repeat 64
> + collect (+ 33 (random 94)) into auth
> + finally return (concat auth))))
> + (if (called-interactively-p)
> + (insert auth-key))
> + auth-key))
> +
> + (defun server-get-auth-key ()
> + "Returns server's authentication key.
> +
> + If `server-auth-key' is nil this function will just call
> + `server-generate-key'. Otherwise, if `server-auth-key' is
> + a valid authentication it will return it. Otherwise, it will
> + signal an error."
> + (if server-auth-key
> + (if (string-match "^[!-~]\\{64\\}$" server-auth-key)
> + server-auth-key
> + (error "The key '%s' is invalid" server-auth-key))
> + (server-generate-key)))
> +
> ;;;###autoload
> (defun server-start (&optional leave-dead inhibit-prompt)
> "Allow this Emacs process to be a server for client processes.
> *************** server or call `M-x server-force-delete'
> *** 596,608 ****
> (unless server-process (error "Could not start server process"))
> (process-put server-process :server-file server-file)
> (when server-use-tcp
> ! (let ((auth-key
> ! (loop
> ! ;; The auth key is a 64-byte string of random chars in the
> ! ;; range `!'..`~'.
> ! repeat 64
> ! collect (+ 33 (random 94)) into auth
> ! finally return (concat auth))))
> (process-put server-process :auth-key auth-key)
> (with-temp-file server-file
> (set-buffer-multibyte nil)
> --- 649,655 ----
> (unless server-process (error "Could not start server process"))
> (process-put server-process :server-file server-file)
> (when server-use-tcp
> ! (let ((auth-key (server-get-auth-key)))
> (process-put server-process :auth-key auth-key)
> (with-temp-file server-file
> (set-buffer-multibyte nil)
^ permalink raw reply [flat|nested] 11+ messages in thread
* bug#9423: lisp/server.el: Allow custom server-auth-key
2011-09-02 3:39 ` bug#9423: " Stefan Monnier
@ 2012-04-12 19:46 ` Lars Magne Ingebrigtsen
2012-04-12 22:14 ` Glenn Morris
2012-04-12 22:48 ` Michal Nazarewicz
0 siblings, 2 replies; 11+ messages in thread
From: Lars Magne Ingebrigtsen @ 2012-04-12 19:46 UTC (permalink / raw)
To: Stefan Monnier; +Cc: 9423, Michal Nazarewicz
Stefan Monnier <monnier@iro.umontreal.ca> writes:
>> This patch adds a possibility to set create a custom server-auth-key
>> which may be shared between several machines without the need of
>> having common file system, etc.
>
>> I'm resending this patch as last time the discussion somehow died.
I'm assuming this patch has been approved, but not applied because of
the pretest window?
>> As for legal stuff, the patch is (c) Google Inc. but since Google has
>> signed necessary agreement it should be no problem, right?
Anybody know? I've always assumed that the FSF needs assignment from
the person who wrote the code, even if their employer claims to own the
code. (That doesn't sound likely, now that I'm typing it...)
>> Changelog entry is as follows:
>
>> 2011-08-26 Michal Nazarewicz <mina86@mina86.com>
>
>> * lisp/selver.el (server-auth-key, server-generate-key,
>> server-get-auth-key, server-start): Add possibility to set
>> server-auth-key instead of using random one each time.
--
(domestic pets only, the antidote for overdose, milk.)
bloggy blog http://lars.ingebrigtsen.no/
^ permalink raw reply [flat|nested] 11+ messages in thread
* bug#9423: lisp/server.el: Allow custom server-auth-key
2012-04-12 19:46 ` Lars Magne Ingebrigtsen
@ 2012-04-12 22:14 ` Glenn Morris
2012-04-14 4:16 ` Richard Stallman
2012-04-12 22:48 ` Michal Nazarewicz
1 sibling, 1 reply; 11+ messages in thread
From: Glenn Morris @ 2012-04-12 22:14 UTC (permalink / raw)
To: Lars Magne Ingebrigtsen; +Cc: 9423, Michal Nazarewicz
Lars Magne Ingebrigtsen wrote:
> Anybody know? I've always assumed that the FSF needs assignment from
> the person who wrote the code, even if their employer claims to own the
> code.
That's my assumption too. Ask assign@gnu for a definitive answer, I guess.
Or just get an assignment anyway to be safe. (People in the US can do it
entirely by email now, so it's not much work.)
^ permalink raw reply [flat|nested] 11+ messages in thread
* bug#9423: lisp/server.el: Allow custom server-auth-key
2012-04-12 19:46 ` Lars Magne Ingebrigtsen
2012-04-12 22:14 ` Glenn Morris
@ 2012-04-12 22:48 ` Michal Nazarewicz
2012-04-13 12:50 ` Stefan Monnier
1 sibling, 1 reply; 11+ messages in thread
From: Michal Nazarewicz @ 2012-04-12 22:48 UTC (permalink / raw)
To: Stefan Monnier, Lars Magne Ingebrigtsen; +Cc: 9423
On Thu, 12 Apr 2012 21:46:54 +0200, Lars Magne Ingebrigtsen <larsi@gnus.org> wrote:
>>> As for legal stuff, the patch is (c) Google Inc. but since Google has
>>> signed necessary agreement it should be no problem, right?
> Anybody know? I've always assumed that the FSF needs assignment from
> the person who wrote the code, even if their employer claims to own the
> code. (That doesn't sound likely, now that I'm typing it...)
I don't have any copyright over the code, so I'm not sure why I would have
to assign the copyright to FSF if copyright holder already did that. Then
again, if required, I can do it. Could anyone point me to necessary
paperwork? CONTRIBUTE only says that “The process is straightforward --
contact us at emacs-devel@gnu.org to obtain the relevant forms.” but gives
no details.
--
Best regards, _ _
.o. | Liege of Serenely Enlightened Majesty of o' \,=./ `o
..o | Computer Science, Michał “mina86” Nazarewicz (o o)
ooo +----<email/xmpp: mpn@google.com>--------------ooO--(_)--Ooo--
^ permalink raw reply [flat|nested] 11+ messages in thread
* bug#9423: lisp/server.el: Allow custom server-auth-key
2012-04-12 22:48 ` Michal Nazarewicz
@ 2012-04-13 12:50 ` Stefan Monnier
2012-04-13 13:00 ` Michal Nazarewicz
2012-04-14 11:16 ` Lars Ingebrigtsen
0 siblings, 2 replies; 11+ messages in thread
From: Stefan Monnier @ 2012-04-13 12:50 UTC (permalink / raw)
To: Michal Nazarewicz; +Cc: 9423, Lars Magne Ingebrigtsen
>>>> As for legal stuff, the patch is (c) Google Inc. but since Google has
>>>> signed necessary agreement it should be no problem, right?
>> Anybody know? I've always assumed that the FSF needs assignment from
>> the person who wrote the code, even if their employer claims to own the
>> code. (That doesn't sound likely, now that I'm typing it...)
> I don't have any copyright over the code, so I'm not sure why I would have
> to assign the copyright to FSF if copyright holder already did that.
The FSF's copyright clerk confirmed that, as long as the copyright
belongs to Google, we're good to go. So we can install your patch
right away. Lars, can you take care of that?
> Then again, if required, I can do it. Could anyone point me to
> necessary paperwork? CONTRIBUTE only says that “The process is
> straightforward -- contact us at emacs-devel@gnu.org to obtain the
> relevant forms.” but gives no details.
That would be even better, since it's sometimes non-trivial to figure
out if your employer owns the copyright or if you do.
The process is as follows: fill the form below and email it as
instructed so the FSF can send you the necessary paperwork to sign.
Thank you for your contribution,
Stefan
Please email the following information to assign@gnu.org, and we
will send you the assignment form for your past and future changes.
Please use your full legal name (in ASCII characters) as the subject
line of the message.
----------------------------------------------------------------------
REQUEST: SEND FORM FOR PAST AND FUTURE CHANGES
[What is the name of the program or package you're contributing to?]
Emacs
[Did you copy any files or text written by someone else in these changes?
Even if that material is free software, we need to know about it.]
[Do you have an employer who might have a basis to claim to own
your changes? Do you attend a school which might make such a claim?]
[For the copyright registration, what country are you a citizen of?]
[What year were you born?]
[Please write your email address here.]
[Please write your postal address here.]
[Which files have you changed so far, and which new files have you written
so far?]
^ permalink raw reply [flat|nested] 11+ messages in thread
* bug#9423: lisp/server.el: Allow custom server-auth-key
2012-04-13 12:50 ` Stefan Monnier
@ 2012-04-13 13:00 ` Michal Nazarewicz
2012-04-14 11:16 ` Lars Ingebrigtsen
1 sibling, 0 replies; 11+ messages in thread
From: Michal Nazarewicz @ 2012-04-13 13:00 UTC (permalink / raw)
To: Stefan Monnier; +Cc: 9423, Lars Magne Ingebrigtsen
On Fri, 13 Apr 2012 14:50:12 +0200, Stefan Monnier <monnier@iro.umontreal.ca> wrote:
> The process is as follows: fill the form below and email it as
> instructed so the FSF can send you the necessary paperwork to sign.
> Thank you for your contribution,
>
> Stefan
>
> Please email the following information to assign@gnu.org, and we
> will send you the assignment form for your past and future changes.
Done.
--
Best regards, _ _
.o. | Liege of Serenely Enlightened Majesty of o' \,=./ `o
..o | Computer Science, Michał “mina86” Nazarewicz (o o)
ooo +----<email/xmpp: mpn@google.com>--------------ooO--(_)--Ooo--
^ permalink raw reply [flat|nested] 11+ messages in thread
* bug#9423: lisp/server.el: Allow custom server-auth-key
2012-04-12 22:14 ` Glenn Morris
@ 2012-04-14 4:16 ` Richard Stallman
2012-04-14 18:08 ` Glenn Morris
0 siblings, 1 reply; 11+ messages in thread
From: Richard Stallman @ 2012-04-14 4:16 UTC (permalink / raw)
To: Glenn Morris; +Cc: 9423, larsi, mina86
If the employer claims copyright, only the employer can assign the
copyright. In that case, the employee's signature is not needed.
--
Dr Richard Stallman
President, Free Software Foundation
51 Franklin St
Boston MA 02110
USA
www.fsf.org www.gnu.org
Skype: No way! That's nonfree (freedom-denying) software.
Use free telephony http://directory.fsf.org/category/tel/
^ permalink raw reply [flat|nested] 11+ messages in thread
* bug#9423: lisp/server.el: Allow custom server-auth-key
2012-04-13 12:50 ` Stefan Monnier
2012-04-13 13:00 ` Michal Nazarewicz
@ 2012-04-14 11:16 ` Lars Ingebrigtsen
1 sibling, 0 replies; 11+ messages in thread
From: Lars Ingebrigtsen @ 2012-04-14 11:16 UTC (permalink / raw)
To: Stefan Monnier; +Cc: 9423, Michal Nazarewicz
Stefan Monnier <monnier@iro.umontreal.ca> writes:
> The FSF's copyright clerk confirmed that, as long as the copyright
> belongs to Google, we're good to go. So we can install your patch
> right away. Lars, can you take care of that?
I've now applied the patch to the Emacs trunk.
--
(domestic pets only, the antidote for overdose, milk.)
http://lars.ingebrigtsen.no * Sent from my Rome
^ permalink raw reply [flat|nested] 11+ messages in thread
* bug#9423: lisp/server.el: Allow custom server-auth-key
2012-04-14 4:16 ` Richard Stallman
@ 2012-04-14 18:08 ` Glenn Morris
2012-04-15 2:18 ` Richard Stallman
0 siblings, 1 reply; 11+ messages in thread
From: Glenn Morris @ 2012-04-14 18:08 UTC (permalink / raw)
To: rms; +Cc: 9423
Richard Stallman wrote:
> If the employer claims copyright, only the employer can assign the
> copyright. In that case, the employee's signature is not needed.
Thanks. Maybe you could add a sentence along those lines to the "Copyright
Papers" section of "Information for GNU Maintainers".
http://www.gnu.org/prep/maintain/maintain.html#Copyright-Papers
It would seem to fit naturally after the current sentence:
We may also need an employer's disclaimer from the person's employer.
^ permalink raw reply [flat|nested] 11+ messages in thread
* bug#9423: lisp/server.el: Allow custom server-auth-key
2012-04-14 18:08 ` Glenn Morris
@ 2012-04-15 2:18 ` Richard Stallman
0 siblings, 0 replies; 11+ messages in thread
From: Richard Stallman @ 2012-04-15 2:18 UTC (permalink / raw)
To: Glenn Morris; +Cc: 9423
Thanks. Maybe you could add a sentence along those lines to the "Copyright
Papers" section of "Information for GNU Maintainers".
I added it. Thanks.
--
Dr Richard Stallman
President, Free Software Foundation
51 Franklin St
Boston MA 02110
USA
www.fsf.org www.gnu.org
Skype: No way! That's nonfree (freedom-denying) software.
Use free telephony http://directory.fsf.org/category/tel/
^ permalink raw reply [flat|nested] 11+ messages in thread
end of thread, other threads:[~2012-04-15 2:18 UTC | newest]
Thread overview: 11+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2011-08-26 13:54 [RESEND] lisp/server.el: Allow custom server-auth-key Michal Nazarewicz
2011-09-02 3:39 ` bug#9423: " Stefan Monnier
2012-04-12 19:46 ` Lars Magne Ingebrigtsen
2012-04-12 22:14 ` Glenn Morris
2012-04-14 4:16 ` Richard Stallman
2012-04-14 18:08 ` Glenn Morris
2012-04-15 2:18 ` Richard Stallman
2012-04-12 22:48 ` Michal Nazarewicz
2012-04-13 12:50 ` Stefan Monnier
2012-04-13 13:00 ` Michal Nazarewicz
2012-04-14 11:16 ` Lars Ingebrigtsen
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/emacs.git
https://git.savannah.gnu.org/cgit/emacs/org-mode.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.