sieve-manage no longer works without authinfo

sieve-manage no longer works without authinfo

[Michael Welsh Duggan]

If an entry does not exists for a server in .authinfo, `sieve-manage' is
failing like this:

Debugger entered--Lisp error: (wrong-type-argument arrayp nil)
  fillarray(nil 0)
  sasl-digest-md5-response-value(nil "maru" "Kl93DxIqWEE4iqoNYz5qdoljslNK1/qkjIvYk8HQ/c4=" "4o7fa2m639mza2m6" 1 "auth" "sieve/localhost" nil)
  sasl-digest-md5-response([["DIGEST-MD5" (ignore sasl-digest-md5-response ignore)] nil "sieve" "localhost" sasl-client-properties] [ignore "nonce=\"Kl93DxIqWEE4iqoNYz5qdoljslNK1/qkjIvYk8HQ/c4=\",realm=\"maru\",qop=\"auth,auth-int,auth-conf\",cipher=\"rc4-40,rc4-56,rc4,des,3des\",maxbuf=4096,charset=utf-8,algorithm=md5-sess"])
  sasl-next-step([["DIGEST-MD5" (ignore sasl-digest-md5-response ignore)] nil "sieve" "localhost" sasl-client-properties] [ignore "nonce=\"Kl93DxIqWEE4iqoNYz5qdoljslNK1/qkjIvYk8HQ/c4=\",realm=\"maru\",qop=\"auth,auth-int,auth-conf\",cipher=\"rc4-40,rc4-56,rc4,des,3des\",maxbuf=4096,charset=utf-8,algorithm=md5-sess"])
  (setq step (sasl-next-step client step))
  (while t (setq rsp nil) (goto-char (point-min)) (while (null (or (progn (setq rsp (sieve-manage-is-string)) (if (not (and rsp ...)) (setq rsp nil) (goto-char (match-end 0)) rsp)) (setq rsp (sieve-manage-is-okno)))) (accept-process-output sieve-manage-process 1) (goto-char (point-min))) (sieve-manage-erase) (when (sieve-manage-ok-p rsp) (when (and (cadr rsp) (string-match "^SASL \"\\([^\"]+\\)\"" (cadr rsp))) (sasl-step-set-data step (base64-decode-string (match-string 1 (cadr rsp))))) (if (and (setq step (sasl-next-step client step)) (setq data (sasl-step-data step))) (error "Server not ready for SASL data: %s" data) (throw (quote done) t))) (unless (stringp rsp) (error "Server aborted SASL authentication: %s" (caddr rsp))) (sasl-step-set-data step (base64-decode-string rsp)) (setq step (sasl-next-step client step)) (sieve-manage-send (if (sasl-step-data step) (concat "\"" (base64-encode-string (sasl-step-data step) (quote no-line-break)) "\"") "")))
  (catch (quote done) (while t (setq rsp nil) (goto-char (point-min)) (while (null (or (progn (setq rsp (sieve-manage-is-string)) (if (not ...) (setq rsp nil) (goto-char ...) rsp)) (setq rsp (sieve-manage-is-okno)))) (accept-process-output sieve-manage-process 1) (goto-char (point-min))) (sieve-manage-erase) (when (sieve-manage-ok-p rsp) (when (and (cadr rsp) (string-match "^SASL \"\\([^\"]+\\)\"" (cadr rsp))) (sasl-step-set-data step (base64-decode-string (match-string 1 (cadr rsp))))) (if (and (setq step (sasl-next-step client step)) (setq data (sasl-step-data step))) (error "Server not ready for SASL data: %s" data) (throw (quote done) t))) (unless (stringp rsp) (error "Server aborted SASL authentication: %s" (caddr rsp))) (sasl-step-set-data step (base64-decode-string rsp)) (setq step (sasl-next-step client step)) (sieve-manage-send (if (sasl-step-data step) (concat "\"" (base64-encode-string (sasl-step-data step) (quote no-line-break)) "\"") ""))))
  (let* ((auth-info (auth-source-search :host sieve-manage-server :port "sieve" :max 1)) (user-name (plist-get (nth 0 auth-info) :user)) (user-password (plist-get (nth 0 auth-info) :secret)) (user-password (if (functionp user-password) (funcall user-password) user-password)) (client (sasl-make-client (sasl-find-mechanism (list mech)) user-name "sieve" sieve-manage-server)) (sasl-read-passphrase (\` (lambda (prompt) (\, (copy-sequence user-password))))) (step (sasl-next-step client nil)) (tag (sieve-manage-send (concat "AUTHENTICATE \"" mech "\"" (and (sasl-step-data step) (concat " \"" (base64-encode-string ... ...) "\""))))) data rsp) (catch (quote done) (while t (setq rsp nil) (goto-char (point-min)) (while (null (or (progn (setq rsp ...) (if ... ... ... rsp)) (setq rsp (sieve-manage-is-okno)))) (accept-process-output sieve-manage-process 1) (goto-char (point-min))) (sieve-manage-erase) (when (sieve-manage-ok-p rsp) (when (and (cadr rsp) (string-match "^SASL \"\\([^\"]+\\)\"" (cadr rsp))) (sasl-step-set-data step (base64-decode-string (match-string 1 ...)))) (if (and (setq step (sasl-next-step client step)) (setq data (sasl-step-data step))) (error "Server not ready for SASL data: %s" data) (throw (quote done) t))) (unless (stringp rsp) (error "Server aborted SASL authentication: %s" (caddr rsp))) (sasl-step-set-data step (base64-decode-string rsp)) (setq step (sasl-next-step client step)) (sieve-manage-send (if (sasl-step-data step) (concat "\"" (base64-encode-string (sasl-step-data step) (quote no-line-break)) "\"") "")))) (message "sieve: Login using %s...done" mech))
  (save-current-buffer (set-buffer buffer) (let* ((auth-info (auth-source-search :host sieve-manage-server :port "sieve" :max 1)) (user-name (plist-get (nth 0 auth-info) :user)) (user-password (plist-get (nth 0 auth-info) :secret)) (user-password (if (functionp user-password) (funcall user-password) user-password)) (client (sasl-make-client (sasl-find-mechanism (list mech)) user-name "sieve" sieve-manage-server)) (sasl-read-passphrase (\` (lambda (prompt) (\, (copy-sequence user-password))))) (step (sasl-next-step client nil)) (tag (sieve-manage-send (concat "AUTHENTICATE \"" mech "\"" (and (sasl-step-data step) (concat " \"" ... "\""))))) data rsp) (catch (quote done) (while t (setq rsp nil) (goto-char (point-min)) (while (null (or (progn ... ...) (setq rsp ...))) (accept-process-output sieve-manage-process 1) (goto-char (point-min))) (sieve-manage-erase) (when (sieve-manage-ok-p rsp) (when (and (cadr rsp) (string-match "^SASL \"\\([^\"]+\\)\"" ...)) (sasl-step-set-data step (base64-decode-string ...))) (if (and (setq step ...) (setq data ...)) (error "Server not ready for SASL data: %s" data) (throw (quote done) t))) (unless (stringp rsp) (error "Server aborted SASL authentication: %s" (caddr rsp))) (sasl-step-set-data step (base64-decode-string rsp)) (setq step (sasl-next-step client step)) (sieve-manage-send (if (sasl-step-data step) (concat "\"" (base64-encode-string ... ...) "\"") "")))) (message "sieve: Login using %s...done" mech)))
  (with-current-buffer buffer (let* ((auth-info (auth-source-search :host sieve-manage-server :port "sieve" :max 1)) (user-name (plist-get (nth 0 auth-info) :user)) (user-password (plist-get (nth 0 auth-info) :secret)) (user-password (if (functionp user-password) (funcall user-password) user-password)) (client (sasl-make-client (sasl-find-mechanism (list mech)) user-name "sieve" sieve-manage-server)) (sasl-read-passphrase (\` (lambda (prompt) (\, (copy-sequence user-password))))) (step (sasl-next-step client nil)) (tag (sieve-manage-send (concat "AUTHENTICATE \"" mech "\"" (and (sasl-step-data step) (concat " \"" ... "\""))))) data rsp) (catch (quote done) (while t (setq rsp nil) (goto-char (point-min)) (while (null (or (progn ... ...) (setq rsp ...))) (accept-process-output sieve-manage-process 1) (goto-char (point-min))) (sieve-manage-erase) (when (sieve-manage-ok-p rsp) (when (and (cadr rsp) (string-match "^SASL \"\\([^\"]+\\)\"" ...)) (sasl-step-set-data step (base64-decode-string ...))) (if (and (setq step ...) (setq data ...)) (error "Server not ready for SASL data: %s" data) (throw (quote done) t))) (unless (stringp rsp) (error "Server aborted SASL authentication: %s" (caddr rsp))) (sasl-step-set-data step (base64-decode-string rsp)) (setq step (sasl-next-step client step)) (sieve-manage-send (if (sasl-step-data step) (concat "\"" (base64-encode-string ... ...) "\"") "")))) (message "sieve: Login using %s...done" mech)))
  sieve-sasl-auth(#<buffer  *sieve* localhost:sieve> "DIGEST-MD5")
  sieve-manage-digest-md5-auth(#<buffer  *sieve* localhost:sieve>)
  funcall(sieve-manage-digest-md5-auth #<buffer  *sieve* localhost:sieve>)
  (if (funcall (nth 2 (assq sieve-manage-auth sieve-manage-authenticator-alist)) (current-buffer)) (progn (setq sieve-manage-state (quote auth))))
  (when (funcall (nth 2 (assq sieve-manage-auth sieve-manage-authenticator-alist)) (current-buffer)) (setq sieve-manage-state (quote auth)))
  (if (eq sieve-manage-state (quote nonauth)) (when (funcall (nth 2 (assq sieve-manage-auth sieve-manage-authenticator-alist)) (current-buffer)) (setq sieve-manage-state (quote auth))) sieve-manage-state)
  (save-current-buffer (set-buffer (or buffer (current-buffer))) (if (eq sieve-manage-state (quote nonauth)) (when (funcall (nth 2 (assq sieve-manage-auth sieve-manage-authenticator-alist)) (current-buffer)) (setq sieve-manage-state (quote auth))) sieve-manage-state))
  (with-current-buffer (or buffer (current-buffer)) (if (eq sieve-manage-state (quote nonauth)) (when (funcall (nth 2 (assq sieve-manage-auth sieve-manage-authenticator-alist)) (current-buffer)) (setq sieve-manage-state (quote auth))) sieve-manage-state))
  sieve-manage-authenticate()
  sieve-open-server("localhost" nil)
  sieve-manage("localhost")
  call-interactively(sieve-manage t nil)
  execute-extended-command(nil)
  call-interactively(execute-extended-command nil nil)

-- 
Michael Welsh Duggan
(md5i@md5i.com)

Re: sieve-manage no longer works without authinfo

[Ted Zlatanov]

On Mon, 07 Mar 2011 01:04:25 -0500 Michael Welsh Duggan <md5i@md5i.com> wrote: 

MWD> If an entry does not exists for a server in .authinfo, `sieve-manage' is
MWD> failing like this:

MWD> Debugger entered--Lisp error: (wrong-type-argument arrayp nil)
MWD>   fillarray(nil 0)

Try this patch, which defaults the user name and the password to "".
But I don't know if that's the right fix.  Julien Danjou, who added the
authentication support originally, should say.

Ted

diff --git a/lisp/sieve-manage.el b/lisp/sieve-manage.el
index c9a0df2..ca44238 100644
--- a/lisp/sieve-manage.el
+++ b/lisp/sieve-manage.el
@@ -276,8 +276,8 @@ Valid states are `closed', `initial', `nonauth', and `auth'.")
     (let* ((auth-info (auth-source-search :host sieve-manage-server
                                           :port "sieve"
                                           :max 1))
-           (user-name (plist-get (nth 0 auth-info) :user))
-           (user-password (plist-get (nth 0 auth-info) :secret))
+           (user-name (or (plist-get (nth 0 auth-info) :user) ""))
+           (user-password (or (plist-get (nth 0 auth-info) :secret) ""))
            (user-password (if (functionp user-password)
                               (funcall user-password)
                             user-password))

Re: sieve-manage no longer works without authinfo

[Julien Danjou]

[-- Attachment #1: Type: text/plain, Size: 620 bytes --]

On Mon, Mar 07 2011, Ted Zlatanov wrote:

> Try this patch, which defaults the user name and the password to "".
> But I don't know if that's the right fix.  Julien Danjou, who added the
> authentication support originally, should say.

Na, it seems someone named like you in the commit
36c0ef49e513e2e2318443b68257b5c71c2fe6a5 forgot to add ":create t" to
the new `auth-source-search' call. :-)
This is what was done before, in order to always have a user and
password to give to SASL. I've readded that, it should work now and ask
for your credentials.

-- 
Julien Danjou
❱ http://julien.danjou.info

[-- Attachment #2: Type: application/pgp-signature, Size: 835 bytes --]

Re: sieve-manage no longer works without authinfo

[Ted Zlatanov]

On Mon, 07 Mar 2011 15:33:05 +0100 Julien Danjou <julien@danjou.info> wrote: 

JD> On Mon, Mar 07 2011, Ted Zlatanov wrote:
>> Try this patch, which defaults the user name and the password to "".
>> But I don't know if that's the right fix.  Julien Danjou, who added the
>> authentication support originally, should say.

JD> Na, it seems someone named like you in the commit
JD> 36c0ef49e513e2e2318443b68257b5c71c2fe6a5 forgot to add ":create t" to
JD> the new `auth-source-search' call. :-)
JD> This is what was done before, in order to always have a user and
JD> password to give to SASL. I've readded that, it should work now and ask
JD> for your credentials.

Even with ":create t" the function can return nil user and password.  So
I think this has to be handled externally by the caller.

Ted

Re: sieve-manage no longer works without authinfo

[Julien Danjou]

[-- Attachment #1: Type: text/plain, Size: 512 bytes --]

On Mon, Mar 07 2011, Ted Zlatanov wrote:

> Even with ":create t" the function can return nil user and password.  So
> I think this has to be handled externally by the caller.

Ok, I did not know that.
I've added your proposed patch then.

Btw, I'm suprised by the code you added that check if the :password is a
function and then call it. Isn't that something which should be handled
by auth-source rather than its user? Or I miss something else.

-- 
Julien Danjou
❱ http://julien.danjou.info

[-- Attachment #2: Type: application/pgp-signature, Size: 835 bytes --]

Re: sieve-manage no longer works without authinfo

[Ted Zlatanov]

On Mon, 07 Mar 2011 16:42:01 +0100 Julien Danjou <julien@danjou.info> wrote: 

JD> Btw, I'm suprised by the code you added that check if the :password is a
JD> function and then call it. Isn't that something which should be handled
JD> by auth-source rather than its user? Or I miss something else.

Unfortunately Emacs Lisp doesn't offer a better way to hide secret data.
So this is how we have to hide passwords in stack traces, debug
messages, etc.  See also
http://permalink.gmane.org/gmane.emacs.gnus.general/77536 ("Re: Password protection")
where Lars and I talked about it.

Ted

Re: sieve-manage no longer works without authinfo

[Michael Welsh Duggan]

Julien Danjou <julien@danjou.info> writes:

> On Mon, Mar 07 2011, Ted Zlatanov wrote:
>
>> Even with ":create t" the function can return nil user and password.  So
>> I think this has to be handled externally by the caller.
>
> Ok, I did not know that.
> I've added your proposed patch then.
>
> Btw, I'm suprised by the code you added that check if the :password is a
> function and then call it. Isn't that something which should be handled
> by auth-source rather than its user? Or I miss something else.

Yes, that did the trick.  Thank you, both of you.

-- 
Michael Welsh Duggan
(md5i@md5i.com)