Bug: auth-sources not set before retrieving authinfo

Bug: auth-sources not set before retrieving authinfo

[XeCycle]

[-- Attachment #1: Type: text/plain, Size: 1057 bytes --]

Hello, I'm bothered by the behaviour that Gnus always asks me to
decrypt my .authinfo.gpg, though none of the servers need
authentication.

I had a look at the source and found the bug here:

At nntp.el, around line 1197, at beginning of defun
nntp-send-authinfo, a call to auth-source-search is made.  This
function parses entries in auth-sources, which should be
nntp-authinfo-file, as suggested by the manual; but we didn't set
it.  Therefore it's trying to visit the default auth source
files, and decrypts that.

I guess the solution is to add this in the let*, before that
call:

(auth-sources (list nntp-authinfo-file))

Can you add it and try?

PS. I don't know why specifying (nntp-authinfo-function my-no-op)
doesn't work, where my-no-op is a function that accepts any
parameter and does nothing; it's never called.  Perhaps another
bug out there.

-- 
Carl Lei (XeCycle)
Department of Physics, Shanghai Jiao Tong University
OpenPGP public key: 7795E591
Fingerprint: 1FB6 7F1F D45D F681 C845 27F7 8D71 8EC4 7795 E591

[-- Attachment #2: Type: application/pgp-signature, Size: 489 bytes --]

Re: Bug: auth-sources not set before retrieving authinfo

[XeCycle]

[-- Attachment #1: Type: text/plain, Size: 982 bytes --]

XeCycle <XeCycle@Gmail.com> writes:


[...]

> I guess the solution is to add this in the let*, before that
> call:
>
> (auth-sources (list nntp-authinfo-file))
>
> Can you add it and try?

I added it here, and it works.

> PS. I don't know why specifying (nntp-authinfo-function my-no-op)
> doesn't work, where my-no-op is a function that accepts any
> parameter and does nothing; it's never called.  Perhaps another
> bug out there.

Found it.  At nntp.el, around line 1359, at the end of defun
nntp-open-connection, we're calling (nntp-send-authinfo t),
without looking at the server variable nntp-authinfo-function.
This behaviour is not the same as described in manual.

My gnus-version "Ma Gnus v0.6", checkout on 2012-05-13.

Thanks; I think these bugs are trivial to fix.

-- 
Carl Lei (XeCycle)
Department of Physics, Shanghai Jiao Tong University
OpenPGP public key: 7795E591
Fingerprint: 1FB6 7F1F D45D F681 C845 27F7 8D71 8EC4 7795 E591

[-- Attachment #2: Type: application/pgp-signature, Size: 489 bytes --]

Re: Bug: auth-sources not set before retrieving authinfo

[Lars Magne Ingebrigtsen]

XeCycle <XeCycle@Gmail.com> writes:

> Hello, I'm bothered by the behaviour that Gnus always asks me to
> decrypt my .authinfo.gpg, though none of the servers need
> authentication.

Yes, nntp.el needs to look into the .authinfo.gpg file to see whether
the server you're connecting to has a "force" parameter in the
.authinfo.gpg file.

I would suggest setting up a GPG agent or just leaving the .authinfo
file unencrypted.

-- 
(domestic pets only, the antidote for overdose, milk.)
  bloggy blog http://lars.ingebrigtsen.no/

Re: Bug: auth-sources not set before retrieving authinfo

[Ted Zlatanov]

On Sun, 10 Jun 2012 21:02:39 +0200 Lars Magne Ingebrigtsen <larsi@gnus.org> wrote: 

LMI> XeCycle <XeCycle@Gmail.com> writes:
>> Hello, I'm bothered by the behaviour that Gnus always asks me to
>> decrypt my .authinfo.gpg, though none of the servers need
>> authentication.

LMI> Yes, nntp.el needs to look into the .authinfo.gpg file to see whether
LMI> the server you're connecting to has a "force" parameter in the
LMI> .authinfo.gpg file.

LMI> I would suggest setting up a GPG agent or just leaving the .authinfo
LMI> file unencrypted.

You can also structure `auth-sources' so a specific host is found in
~/.authinfo but all others come from ~/.authinfo.gpg.

First in the list, put the ~/.authinfo entry, and add an extra parameter
"host: regex" with `M-x customize-variable'.  The equivalent Lisp:

#+begin_src lisp
(setq auth-sources '((:source "~/.authinfo" :host "yourhost" :port t)
                     (:source "~/.authinfo.gpg" :host t :port t)))

#+end_src

Let me know if it works OK for you or not.

Ted

Re: Bug: auth-sources not set before retrieving authinfo

[XeCycle]

[-- Attachment #1: Type: text/plain, Size: 1724 bytes --]

Lars Magne Ingebrigtsen <larsi@gnus.org> writes:

> XeCycle <XeCycle@Gmail.com> writes:
>
>> Hello, I'm bothered by the behaviour that Gnus always asks me to
>> decrypt my .authinfo.gpg, though none of the servers need
>> authentication.
>
> Yes, nntp.el needs to look into the .authinfo.gpg file to see whether
> the server you're connecting to has a "force" parameter in the
> .authinfo.gpg file.

From (gnus) NNTP:

--8<---------------cut here---------------start------------->8---
`nntp-authinfo-function'
     This function will be used to send `AUTHINFO' to the NNTP server.
     The default function is `nntp-send-authinfo', which looks through
     your `~/.authinfo' (or whatever you've set the
     `nntp-authinfo-file' variable to) for applicable entries.
--8<---------------cut here---------------end--------------->8---

I tried setting this function to no-op, but the default one is
still used.  And I tried setting nntp-authinfo-file, it still
looks for ~/.authinfo.  These behaviours are inconsistent with
the manual, so I believe these are bugs.

> I would suggest setting up a GPG agent or just leaving the .authinfo
> file unencrypted.

I already use that.  But on first system start, it still asks for
password; and my timeout is quite short (~10 min), so if I killed
Emacs and start it again sometime, Gnus will be asking that
again.

The point is, *none* of the servers need authentication; I do
understand the need to look for `force', but please enable me to
inhibit this.

Thank you.

-- 
Carl Lei (XeCycle)
Department of Physics, Shanghai Jiao Tong University
OpenPGP public key: 7795E591
Fingerprint: 1FB6 7F1F D45D F681 C845 27F7 8D71 8EC4 7795 E591

[-- Attachment #2: Type: application/pgp-signature, Size: 489 bytes --]

Re: Bug: auth-sources not set before retrieving authinfo

[XeCycle]

[-- Attachment #1: Type: text/plain, Size: 1099 bytes --]

Ted Zlatanov <tzz@lifelogs.com> writes:

[...]

> You can also structure `auth-sources' so a specific host is found in
> ~/.authinfo but all others come from ~/.authinfo.gpg.
>
> First in the list, put the ~/.authinfo entry, and add an extra parameter
> "host: regex" with `M-x customize-variable'.  The equivalent Lisp:
>
> #+begin_src lisp
> (setq auth-sources '((:source "~/.authinfo" :host "yourhost" :port t)
>                      (:source "~/.authinfo.gpg" :host t :port t)))
>
> #+end_src
>
> Let me know if it works OK for you or not.

Sadly it doesn't.  It seems to try all sources.

I've set it to this:

--8<---------------cut here---------------start------------->8---
(setq auth-sources '((:source "/dev/null" :host "localhost")
                     (:source "~/.authinfo.gpg" :host t)))
--8<---------------cut here---------------end--------------->8---

It still asks me for that.

-- 
Carl Lei (XeCycle)
Department of Physics, Shanghai Jiao Tong University
OpenPGP public key: 7795E591
Fingerprint: 1FB6 7F1F D45D F681 C845 27F7 8D71 8EC4 7795 E591

[-- Attachment #2: Type: application/pgp-signature, Size: 489 bytes --]

Re: Bug: auth-sources not set before retrieving authinfo

[Ted Zlatanov]

On Mon, 11 Jun 2012 12:26:06 +0800 XeCycle <XeCycle@Gmail.com> wrote: 

X> Ted Zlatanov <tzz@lifelogs.com> writes:
X> [...]

>> You can also structure `auth-sources' so a specific host is found in
>> ~/.authinfo but all others come from ~/.authinfo.gpg.
>> 
>> First in the list, put the ~/.authinfo entry, and add an extra parameter
>> "host: regex" with `M-x customize-variable'.  The equivalent Lisp:
>> 
>> #+begin_src lisp
>> (setq auth-sources '((:source "~/.authinfo" :host "yourhost" :port t)
>> (:source "~/.authinfo.gpg" :host t :port t)))
>> 
>> #+end_src
>> 
>> Let me know if it works OK for you or not.

X> Sadly it doesn't.  It seems to try all sources.

X> I've set it to this:
X> (setq auth-sources '((:source "/dev/null" :host "localhost")
X>                      (:source "~/.authinfo.gpg" :host t)))

X> It still asks me for that.

It will search `auth-sources' until it finds a match; the second entry
has :host t so it's considered in the search.  We don't have the ability
to say "don't search for host X" yet.  So you'll have to make a file
with an entry for localhost and put it first in auth-sources.

I think this is a pretty unusual case and I hope you agree.  If not I
can look into supporting it better.

Ted

Re: Bug: auth-sources not set before retrieving authinfo

[Ted Zlatanov]

On Wed, 06 Jun 2012 11:55:13 +0800 XeCycle <XeCycle@Gmail.com> wrote: 

X> XeCycle <XeCycle@Gmail.com> writes:
X> [...]

>> I guess the solution is to add this in the let*, before that
>> call:
>> 
>> (auth-sources (list nntp-authinfo-file))
>> 
>> Can you add it and try?

X> I added it here, and it works.

Can you send a patch?

>> PS. I don't know why specifying (nntp-authinfo-function my-no-op)
>> doesn't work, where my-no-op is a function that accepts any
>> parameter and does nothing; it's never called.  Perhaps another
>> bug out there.

X> Found it.  At nntp.el, around line 1359, at the end of defun
X> nntp-open-connection, we're calling (nntp-send-authinfo t),
X> without looking at the server variable nntp-authinfo-function.
X> This behaviour is not the same as described in manual.

X> My gnus-version "Ma Gnus v0.6", checkout on 2012-05-13.

X> Thanks; I think these bugs are trivial to fix.

Was this ever fixed?

Thanks
Ted

Re: Bug: auth-sources not set before retrieving authinfo

[Ted Zlatanov]

On Wed, 18 Jul 2012 10:13:30 -0400 Ted Zlatanov <tzz@lifelogs.com> wrote: 

TZ> On Mon, 11 Jun 2012 12:26:06 +0800 XeCycle <XeCycle@Gmail.com> wrote: 
X> Ted Zlatanov <tzz@lifelogs.com> writes:
X> [...]

>>> You can also structure `auth-sources' so a specific host is found in
>>> ~/.authinfo but all others come from ~/.authinfo.gpg.
>>> 
>>> First in the list, put the ~/.authinfo entry, and add an extra parameter
>>> "host: regex" with `M-x customize-variable'.  The equivalent Lisp:
>>> 
>>> #+begin_src lisp
>>> (setq auth-sources '((:source "~/.authinfo" :host "yourhost" :port t)
>>> (:source "~/.authinfo.gpg" :host t :port t)))
>>> 
>>> #+end_src
>>> 
>>> Let me know if it works OK for you or not.

X> Sadly it doesn't.  It seems to try all sources.

X> I've set it to this:
X> (setq auth-sources '((:source "/dev/null" :host "localhost")
X> (:source "~/.authinfo.gpg" :host t)))

X> It still asks me for that.

TZ> It will search `auth-sources' until it finds a match; the second entry
TZ> has :host t so it's considered in the search.  We don't have the ability
TZ> to say "don't search for host X" yet.  So you'll have to make a file
TZ> with an entry for localhost and put it first in auth-sources.

TZ> I think this is a pretty unusual case and I hope you agree.  If not I
TZ> can look into supporting it better.

I haven't heard of anyone else needing this, but wanted to check again 6
months later and ask if I should implement it more natively.  Any interest?

Thanks
Ted