Re: Gnus and pgp

Re: Gnus and pgp

[Ted Zlatanov]

On Sun, 29 Nov 2009 19:35:17 +0100 Richard Riley <rileyrgdev@gmail.com> wrote: 

RR> I just wonder how many of you were using pgp and something like
RR> gupg-agent?

RR> I was having terrible connection problems for ages with a set up like
RR> this:

RR> ,----
RR> | (require 'auth-source)
RR> | (require 'epa-file)
RR> | (setq epa-file-cache-passphrase-for-symmetric-encryption t) ;;VERY Important
RR> | (if (file-exists-p "~/.authinfo")
RR> |     (setq auth-sources '((:source "~/.authinfo" :host t :protocol t)))
RR> |     (setq auth-sources '((:source "~/.authinfo.gpg" :host t :protocol t))))
RR> | (setq 
RR> |       mml2015-encrypt-to-self t
RR> |       mml2015-cache-passphrase t
RR> |       mml2015-passphrase-cache-expiry 60000
RR> |       mml2015-verbose t)
RR> `----

RR> When using the .gpg, hard to pinpoint but constant refusals to connect
RR> to a server (nntp) when doing a refresh or even starting Gnus for the first
RR> time. Often quitting gnus and then restarting fixed it. I know the
RR> default above is .authinfo as that is my set up now (I just recreated
RR> the .authinfo from the .gpg file) and all connection issues vanished.

RR> Is anyone else here using the epa stuff with more success? Can you share
RR> your setup? I would love to use the (chmodded) .authinfo and replace
RR> with a .gpg but it doesn't seem very stable with my set up above.

RR> I know the agent was running fine.

I don't use the GnuPG agent, I just cache the passphrase locally.  It
works perfectly for me with heavy daily usage.  Can you try that (set
GPG_AGENT_INFO=none) and see if it works for you?

Ted

Re: Gnus and pgp

[Richard Riley]

Ted Zlatanov <tzz@lifelogs.com> writes:

> On Sun, 29 Nov 2009 19:35:17 +0100 Richard Riley <rileyrgdev@gmail.com> wrote: 
>
> RR> I just wonder how many of you were using pgp and something like
> RR> gupg-agent?
>
> RR> I was having terrible connection problems for ages with a set up like
> RR> this:
>
> RR> ,----
> RR> | (require 'auth-source)
> RR> | (require 'epa-file)
> RR> | (setq epa-file-cache-passphrase-for-symmetric-encryption t) ;;VERY Important
> RR> | (if (file-exists-p "~/.authinfo")
> RR> |     (setq auth-sources '((:source "~/.authinfo" :host t :protocol t)))
> RR> |     (setq auth-sources '((:source "~/.authinfo.gpg" :host t :protocol t))))
> RR> | (setq 
> RR> |       mml2015-encrypt-to-self t
> RR> |       mml2015-cache-passphrase t
> RR> |       mml2015-passphrase-cache-expiry 60000
> RR> |       mml2015-verbose t)
> RR> `----
>
> RR> When using the .gpg, hard to pinpoint but constant refusals to connect
> RR> to a server (nntp) when doing a refresh or even starting Gnus for the first
> RR> time. Often quitting gnus and then restarting fixed it. I know the
> RR> default above is .authinfo as that is my set up now (I just recreated
> RR> the .authinfo from the .gpg file) and all connection issues vanished.
>
> RR> Is anyone else here using the epa stuff with more success? Can you share
> RR> your setup? I would love to use the (chmodded) .authinfo and replace
> RR> with a .gpg but it doesn't seem very stable with my set up above.
>
> RR> I know the agent was running fine.
>
> I don't use the GnuPG agent, I just cache the passphrase locally.  It
> works perfectly for me with heavy daily usage.  Can you try that (set
> GPG_AGENT_INFO=none) and see if it works for you?
>
> Ted

I wasn't aware you could do that! Works reliably now indicating an issue
with emacs talking to the agent.

Re: Gnus and pgp

[Richard Riley]

Ted Zlatanov <tzz@lifelogs.com> writes:

> On Sun, 29 Nov 2009 19:35:17 +0100 Richard Riley <rileyrgdev@gmail.com> wrote: 
>
> RR> I just wonder how many of you were using pgp and something like
> RR> gupg-agent?
>
> RR> I was having terrible connection problems for ages with a set up like
> RR> this:
>
> RR> ,----
> RR> | (require 'auth-source)
> RR> | (require 'epa-file)
> RR> | (setq epa-file-cache-passphrase-for-symmetric-encryption t) ;;VERY Important
> RR> | (if (file-exists-p "~/.authinfo")
> RR> |     (setq auth-sources '((:source "~/.authinfo" :host t :protocol t)))
> RR> |     (setq auth-sources '((:source "~/.authinfo.gpg" :host t :protocol t))))
> RR> | (setq 
> RR> |       mml2015-encrypt-to-self t
> RR> |       mml2015-cache-passphrase t
> RR> |       mml2015-passphrase-cache-expiry 60000
> RR> |       mml2015-verbose t)
> RR> `----
>
> RR> When using the .gpg, hard to pinpoint but constant refusals to connect
> RR> to a server (nntp) when doing a refresh or even starting Gnus for the first
> RR> time. Often quitting gnus and then restarting fixed it. I know the
> RR> default above is .authinfo as that is my set up now (I just recreated
> RR> the .authinfo from the .gpg file) and all connection issues vanished.
>
> RR> Is anyone else here using the epa stuff with more success? Can you share
> RR> your setup? I would love to use the (chmodded) .authinfo and replace
> RR> with a .gpg but it doesn't seem very stable with my set up above.
>
> RR> I know the agent was running fine.
>
> I don't use the GnuPG agent, I just cache the passphrase locally.  It
> works perfectly for me with heavy daily usage.  Can you try that (set
> GPG_AGENT_INFO=none) and see if it works for you?
>
> Ted

Works fine now with your suggestion. But now I am confused as to how to
correctly set this up. Do I still need to to set (nntp-authinfo-file
"~/.authinfo.gpg") for each secondary select method call? And if so,
where doe the epa set up come in? If you could explain how it fits
together that would be great.

e.g I have now


(require 'auth-source)
(require 'epa-file)
(setq epa-file-cache-passphrase-for-symmetric-encryption t) ;;VERY Important
(if (file-exists-p "~/.authinfo.gpg")
    (setq auth-sources '((:source "~/.authinfo.gpg" :host t :protocol t)))
    (setq auth-sources '((:source "~/.authinfo" :host t :protocol t))))
(setq 
      mml2015-encrypt-to-self t
      mml2015-cache-passphrase t
      mml2015-passphrase-cache-expiry 60000
      mml2015-verbose t)

(add-to-list 'gnus-secondary-select-methods
              '(nntp "motzarella"
                       (nntp-address "news.eternal-september.org")
  		       (nntp-authinfo-file "~/.authinfo.gpg")
		       (nntp-port-number 119)
		       )
	      )

so I am wondering where the auth-sources fits in now?

Re: Gnus and pgp

[Ted Zlatanov]

On Wed, 02 Dec 2009 20:08:11 +0100 Richard Riley <rileyrgdev@gmail.com> wrote: 

RR> I wasn't aware you could do that! Works reliably now indicating an issue
RR> with emacs talking to the agent.

Since EPA is part of Emacs proper, you should file a bug.  I know it's
not easy to repeat the bug but it certainly seems annoying.

On Wed, 02 Dec 2009 20:20:44 +0100 Richard Riley <rileyrgdev@gmail.com> wrote: 

RR> Works fine now with your suggestion. But now I am confused as to how to
RR> correctly set this up. Do I still need to to set (nntp-authinfo-file
RR> "~/.authinfo.gpg") for each secondary select method call? And if so,
RR> where doe the epa set up come in? If you could explain how it fits
RR> together that would be great.

I set the authinfo file globally, with just auth-sources.  I don't set
it per select method.  You can, but the effect will be different and I
don't know for sure it will work correctly.

When you load EPG/EPA (I forget the exact package demarkation) a handler
is set up for .gpg files *by default* (you can change that).  When you
open or save such a file, it's automatically decoded or encoded by the
EPG/EPA handlers.  All of this is outside Gnus.  So specifying a .gpg
file for auth-sources is no different than a regular file.

Ted

Re: Gnus and pgp

[Richard Riley]

Ted Zlatanov <tzz@lifelogs.com> writes:

> On Wed, 02 Dec 2009 20:08:11 +0100 Richard Riley <rileyrgdev@gmail.com> wrote: 
>
> RR> I wasn't aware you could do that! Works reliably now indicating an issue
> RR> with emacs talking to the agent.
>
> Since EPA is part of Emacs proper, you should file a bug.  I know it's
> not easy to repeat the bug but it certainly seems annoying.
>
> On Wed, 02 Dec 2009 20:20:44 +0100 Richard Riley <rileyrgdev@gmail.com> wrote: 
>
> RR> Works fine now with your suggestion. But now I am confused as to how to
> RR> correctly set this up. Do I still need to to set (nntp-authinfo-file
> RR> "~/.authinfo.gpg") for each secondary select method call? And if so,
> RR> where doe the epa set up come in? If you could explain how it fits
> RR> together that would be great.
>
> I set the authinfo file globally, with just auth-sources.  I don't set
> it per select method.  You can, but the effect will be different and I
> don't know for sure it will work correctly.

Without specifying  (nntp-authinfo-file "~/.authinfo.gpg")
in my secondary methods it does not connect :-(

But just to confirm : with no such line gnus should use the
auth-sources?

>
> When you load EPG/EPA (I forget the exact package demarkation) a handler
> is set up for .gpg files *by default* (you can change that).  When you
> open or save such a file, it's automatically decoded or encoded by the
> EPG/EPA handlers.  All of this is outside Gnus.  So specifying a .gpg
> file for auth-sources is no different than a regular file.
>
> Ted

-- 

Re: Gnus and pgp

[Ted Zlatanov]

On Thu, 03 Dec 2009 01:54:04 +0100 Richard Riley <rileyrgdev@gmail.com> wrote: 

RR> Ted Zlatanov <tzz@lifelogs.com> writes:
>> On Wed, 02 Dec 2009 20:08:11 +0100 Richard Riley <rileyrgdev@gmail.com> wrote: 
>> 
RR> I wasn't aware you could do that! Works reliably now indicating an issue
RR> with emacs talking to the agent.
>> 
>> Since EPA is part of Emacs proper, you should file a bug.  I know it's
>> not easy to repeat the bug but it certainly seems annoying.
>> 
>> On Wed, 02 Dec 2009 20:20:44 +0100 Richard Riley <rileyrgdev@gmail.com> wrote: 
>> 
RR> Works fine now with your suggestion. But now I am confused as to how to
RR> correctly set this up. Do I still need to to set (nntp-authinfo-file
RR> "~/.authinfo.gpg") for each secondary select method call? And if so,
RR> where doe the epa set up come in? If you could explain how it fits
RR> together that would be great.
>> 
>> I set the authinfo file globally, with just auth-sources.  I don't set
>> it per select method.  You can, but the effect will be different and I
>> don't know for sure it will work correctly.

RR> Without specifying  (nntp-authinfo-file "~/.authinfo.gpg")
RR> in my secondary methods it does not connect :-(

RR> But just to confirm : with no such line gnus should use the
RR> auth-sources?

Yes.  It works for me with just setting auth-sources so you're either
using different libraries from me or your configuration is different.

Do you know ELisp well enough to debug the problem?

Ted

Re: Gnus and pgp

[Richard Riley]

Ted Zlatanov <tzz@lifelogs.com> writes:

> On Thu, 03 Dec 2009 01:54:04 +0100 Richard Riley <rileyrgdev@gmail.com> wrote: 
>
> RR> Ted Zlatanov <tzz@lifelogs.com> writes:
>>> On Wed, 02 Dec 2009 20:08:11 +0100 Richard Riley <rileyrgdev@gmail.com> wrote: 
>>> 
> RR> I wasn't aware you could do that! Works reliably now indicating an issue
> RR> with emacs talking to the agent.
>>> 
>>> Since EPA is part of Emacs proper, you should file a bug.  I know it's
>>> not easy to repeat the bug but it certainly seems annoying.
>>> 
>>> On Wed, 02 Dec 2009 20:20:44 +0100 Richard Riley <rileyrgdev@gmail.com> wrote: 
>>> 
> RR> Works fine now with your suggestion. But now I am confused as to how to
> RR> correctly set this up. Do I still need to to set (nntp-authinfo-file
> RR> "~/.authinfo.gpg") for each secondary select method call? And if so,
> RR> where doe the epa set up come in? If you could explain how it fits
> RR> together that would be great.
>>> 
>>> I set the authinfo file globally, with just auth-sources.  I don't set
>>> it per select method.  You can, but the effect will be different and I
>>> don't know for sure it will work correctly.
>
> RR> Without specifying  (nntp-authinfo-file "~/.authinfo.gpg")
> RR> in my secondary methods it does not connect :-(
>
> RR> But just to confirm : with no such line gnus should use the
> RR> auth-sources?
>
> Yes.  It works for me with just setting auth-sources so you're either
> using different libraries from me or your configuration is different.
>
> Do you know ELisp well enough to debug the problem?
>
> Ted

I'm using the debian testing emacs 23.

I'll have a crack at debugging it some time next week.

Re: Gnus and pgp

[Richard Riley]

Ted Zlatanov <tzz@lifelogs.com> writes:

> On Wed, 02 Dec 2009 20:08:11 +0100 Richard Riley <rileyrgdev@gmail.com> wrote: 
>
> RR> I wasn't aware you could do that! Works reliably now indicating an issue
> RR> with emacs talking to the agent.
>
> Since EPA is part of Emacs proper, you should file a bug.  I know it's
> not easy to repeat the bug but it certainly seems annoying.
>
> On Wed, 02 Dec 2009 20:20:44 +0100 Richard Riley <rileyrgdev@gmail.com> wrote: 
>
> RR> Works fine now with your suggestion. But now I am confused as to how to
> RR> correctly set this up. Do I still need to to set (nntp-authinfo-file
> RR> "~/.authinfo.gpg") for each secondary select method call? And if so,
> RR> where doe the epa set up come in? If you could explain how it fits
> RR> together that would be great.
>
> I set the authinfo file globally, with just auth-sources.  I don't set
> it per select method.  You can, but the effect will be different and I
> don't know for sure it will work correctly.
>
> When you load EPG/EPA (I forget the exact package demarkation) a handler
> is set up for .gpg files *by default* (you can change that).  When you
> open or save such a file, it's automatically decoded or encoded by the
> EPG/EPA handlers.  All of this is outside Gnus.  So specifying a .gpg
> file for auth-sources is no different than a regular file.
>
> Ted

btw, just looked again

(setq    gnus-select-method '(nnimap "mymail"
				   (nnimap-stream tls)
				   (nnimap-address "myserver.net")
				   (nnimap-expunge-on-close always)
				   (nnimap-authinfo-file "~/.authinfo.gpg")
				   (nnimap-nov-is-evil nil)
				   (nnir-search-engine imap)))

if I remove the nnimap-authinfo line it most definitely does not default
to auth-sources. it prompts me for a user and a password. my authsources
set up is

(require 'auth-source)
(require 'epa-file)
(setq epa-file-cache-passphrase-for-symmetric-encryption t) ;;VERY Important
(if (file-exists-p "~/.authinfo.gpg")
    (setq auth-sources '((:source "~/.authinfo.gpg" :host t :protocol t)))
    (setq auth-sources '((:source "~/.authinfo" :host t :protocol t))))

 
emacs 23 (with accompanying gnus).

Re: Gnus and pgp

[Richard Riley]

Ted Zlatanov <tzz@lifelogs.com> writes:

> On Wed, 02 Dec 2009 20:08:11 +0100 Richard Riley <rileyrgdev@gmail.com> wrote: 
>
> RR> I wasn't aware you could do that! Works reliably now indicating an issue
> RR> with emacs talking to the agent.
>
> Since EPA is part of Emacs proper, you should file a bug.  I know it's
> not easy to repeat the bug but it certainly seems annoying.
>
> On Wed, 02 Dec 2009 20:20:44 +0100 Richard Riley <rileyrgdev@gmail.com> wrote: 
>
> RR> Works fine now with your suggestion. But now I am confused as to how to
> RR> correctly set this up. Do I still need to to set (nntp-authinfo-file
> RR> "~/.authinfo.gpg") for each secondary select method call? And if so,
> RR> where doe the epa set up come in? If you could explain how it fits
> RR> together that would be great.
>
> I set the authinfo file globally, with just auth-sources.  I don't set
> it per select method.  You can, but the effect will be different and I
> don't know for sure it will work correctly.
>
> When you load EPG/EPA (I forget the exact package demarkation) a handler
> is set up for .gpg files *by default* (you can change that).  When you
> open or save such a file, it's automatically decoded or encoded by the
> EPG/EPA handlers.  All of this is outside Gnus.  So specifying a .gpg
> file for auth-sources is no different than a regular file.
>
> Ted

With the latest emacs build in debian testing, I came back to this. It
100% does not work for me unless I specifically set the authinfo file
for each select method. My set up includes this:

,----
| (require 'epa-file)
| (epa-file-enable)
| (setq epa-file-cache-passphrase-for-symmetric-encryption t) ;;VERY Important
| (if (file-exists-p "~/.authinfo.gpg")
|     (setq auth-sources '((:source "~/.authinfo.gpg" :host t :protocol t)))
|     (setq auth-sources '((:source "~/.authinfo" :host t :protocol t))))
| (setq 
|       mml2015-encrypt-to-self t
|       mml2015-cache-passphrase t
|       mml2015-passphrase-cache-expiry 60000
|       mml2015-verbose t)
| 
| 
| 
| (setq       gnus-select-method '(nnimap "mymail"
| 				   (nnimap-stream tls)
| 				   (nnimap-address "richardriley.net")
| 				   (nnimap-expunge-on-close always)
| ;;				   (nnimap-authinfo-file "~/.authinfo.gpg")
| 				   (nnimap-nov-is-evil nil)
| 				   (nnir-search-engine imap)))
| 
| (add-to-list 'gnus-secondary-select-methods
|               '(nntp "motzarella"
|                        (nntp-address "news.eternal-september.org")
| 		       (nntp-port-number 119)
| ;;  		       (nntp-authinfo-file "~/.authinfo.gpg")
| 		       )
| 	      )
`----

With the authinfo lines commented out as above I get prompted for user
id and password for the imap server.

What am I missing?

regards

r.

Re: Gnus and pgp

[Ted Zlatanov]

On Tue, 22 Dec 2009 19:08:21 +0100 Richard Riley <rileyrgdev@gmail.com> wrote: 

RR> ,----
RR> | (require 'epa-file)
RR> | (epa-file-enable)
RR> | (setq epa-file-cache-passphrase-for-symmetric-encryption t) ;;VERY Important
RR> | (if (file-exists-p "~/.authinfo.gpg")
RR> |     (setq auth-sources '((:source "~/.authinfo.gpg" :host t :protocol t)))
RR> |     (setq auth-sources '((:source "~/.authinfo" :host t :protocol t))))
RR> | (setq 
RR> |       mml2015-encrypt-to-self t
RR> |       mml2015-cache-passphrase t
RR> |       mml2015-passphrase-cache-expiry 60000
RR> |       mml2015-verbose t)
RR> | 
RR> | 
RR> | 
RR> | (setq       gnus-select-method '(nnimap "mymail"
RR> | 				   (nnimap-stream tls)
RR> | 				   (nnimap-address "richardriley.net")
RR> | 				   (nnimap-expunge-on-close always)
RR> | ;;				   (nnimap-authinfo-file "~/.authinfo.gpg")
RR> | 				   (nnimap-nov-is-evil nil)
RR> | 				   (nnir-search-engine imap)))
RR> | 
RR> | (add-to-list 'gnus-secondary-select-methods
RR> |               '(nntp "motzarella"
RR> |                        (nntp-address "news.eternal-september.org")
RR> | 		       (nntp-port-number 119)
RR> | ;;  		       (nntp-authinfo-file "~/.authinfo.gpg")
RR> | 		       )
RR> | 	      )
RR> `----

RR> With the authinfo lines commented out as above I get prompted for user
RR> id and password for the imap server.

Let's debug it.  Run the following in a clean (emacs -q) instance:

(require 'epa-file)
(require 'auth-source)
(require 'cl)
(epa-file-enable)
(setq auth-source-debug t ; use `message' to log messages
      epa-file-cache-passphrase-for-symmetric-encryption t
      auth-sources '((:source "~/.authinfo.gpg" :host t :protocol t)))
(auth-source-user-or-password "login" "richardriley.net" "imap")

What does the last call return (should be your login name)?  What's in
*Messages*?

Thanks
Ted

Re: Gnus and pgp

[Richard Riley]

Ted Zlatanov <tzz@lifelogs.com> writes:

> Let's debug it.  Run the following in a clean (emacs -q) instance:
>
> (require 'epa-file)
> (require 'auth-source)
> (require 'cl)
> (epa-file-enable)
> (setq auth-source-debug t ; use `message' to log messages
>       epa-file-cache-passphrase-for-symmetric-encryption t
>       auth-sources '((:source "~/.authinfo.gpg" :host t :protocol t)))
> (auth-source-user-or-password "login" "richardriley.net" "imap")
>
> What does the last call return (should be your login name)?  What's in
> *Messages*?
>
> Thanks
> Ted

It returns my login name ok. 

*Messages* just has

auth-source-user-or-password: found (login)=(shamrock) for richardriley.net (imap)
"shamrock"


I also got prompted for a symmetric password to unlock the authinfo.gpg

Note that my login name for the remote host is, in this case, the same
as my local login id.

Re: Gnus and pgp

[Ted Zlatanov]

On Wed, 06 Jan 2010 01:42:48 +0100 Richard Riley <rileyrgdev@gmail.com> wrote: 

RR> Ted Zlatanov <tzz@lifelogs.com> writes:
>> Let's debug it.  Run the following in a clean (emacs -q) instance:
>> 
>> (require 'epa-file)
>> (require 'auth-source)
>> (require 'cl)
>> (epa-file-enable)
>> (setq auth-source-debug t ; use `message' to log messages
>> epa-file-cache-passphrase-for-symmetric-encryption t
>> auth-sources '((:source "~/.authinfo.gpg" :host t :protocol t)))
>> (auth-source-user-or-password "login" "richardriley.net" "imap")
>> 
>> What does the last call return (should be your login name)?  What's in
>> *Messages*?

RR> It returns my login name ok. 

RR> *Messages* just has

RR> auth-source-user-or-password: found (login)=(shamrock) for richardriley.net (imap)
RR> "shamrock"

RR> I also got prompted for a symmetric password to unlock the authinfo.gpg

RR> Note that my login name for the remote host is, in this case, the same
RR> as my local login id.

If this works, it should work for all other IMAP cases as well.  Look at
nnimap.el, it has the same call in nnimap-open-connection.  Can you try
the auth-source-user-or-password call inside your regular sessions
(instead of `emacs -q'), where auth-source.el doesn't work for you?  Is
there something you see that might hint what the problem is?

Ted

Re: Gnus and pgp

[Richard Riley]

Ted Zlatanov <tzz@lifelogs.com> writes:

> On Wed, 06 Jan 2010 01:42:48 +0100 Richard Riley <rileyrgdev@gmail.com> wrote: 
>
> RR> Ted Zlatanov <tzz@lifelogs.com> writes:
>>> Let's debug it.  Run the following in a clean (emacs -q) instance:
>>> 
>>> (require 'epa-file)
>>> (require 'auth-source)
>>> (require 'cl)
>>> (epa-file-enable)
>>> (setq auth-source-debug t ; use `message' to log messages
>>> epa-file-cache-passphrase-for-symmetric-encryption t
>>> auth-sources '((:source "~/.authinfo.gpg" :host t :protocol t)))
>>> (auth-source-user-or-password "login" "richardriley.net" "imap")
>>> 
>>> What does the last call return (should be your login name)?  What's in
>>> *Messages*?
>
> RR> It returns my login name ok. 
>
> RR> *Messages* just has
>
> RR> auth-source-user-or-password: found (login)=(shamrock) for richardriley.net (imap)
> RR> "shamrock"
>
> RR> I also got prompted for a symmetric password to unlock the authinfo.gpg
>
> RR> Note that my login name for the remote host is, in this case, the same
> RR> as my local login id.
>
> If this works, it should work for all other IMAP cases as well.  Look at
> nnimap.el, it has the same call in nnimap-open-connection.  Can you try
> the auth-source-user-or-password call inside your regular sessions
> (instead of `emacs -q'), where auth-source.el doesn't work for you?  Is
> there something you see that might hint what the problem is?
>
> Ted

The issue was with nntp selects not other IMAPS as  recall.

-- 
Google Talk : rileyrgdev@googlemail.com  http://www.google.com/talk

Re: Gnus and pgp

[Ted Zlatanov]

On Thu, 14 Jan 2010 01:19:38 +0100 Richard Riley <rileyrgdev@gmail.com> wrote: 

RR> Ted Zlatanov <tzz@lifelogs.com> writes:
>> On Wed, 06 Jan 2010 01:42:48 +0100 Richard Riley <rileyrgdev@gmail.com> wrote: 
>> 
RR> Ted Zlatanov <tzz@lifelogs.com> writes:
>>>> Let's debug it.  Run the following in a clean (emacs -q) instance:
>>>> 
>>>> (require 'epa-file)
>>>> (require 'auth-source)
>>>> (require 'cl)
>>>> (epa-file-enable)
>>>> (setq auth-source-debug t ; use `message' to log messages
>>>> epa-file-cache-passphrase-for-symmetric-encryption t
>>>> auth-sources '((:source "~/.authinfo.gpg" :host t :protocol t)))
>>>> (auth-source-user-or-password "login" "richardriley.net" "imap")
>>>> 
>>>> What does the last call return (should be your login name)?  What's in
>>>> *Messages*?
>> 
RR> It returns my login name ok. 
>> 
RR> *Messages* just has
>> 
RR> auth-source-user-or-password: found (login)=(shamrock) for richardriley.net (imap)
RR> "shamrock"
>> 
RR> I also got prompted for a symmetric password to unlock the authinfo.gpg
>> 
RR> Note that my login name for the remote host is, in this case, the same
RR> as my local login id.
>> 
>> If this works, it should work for all other IMAP cases as well.  Look at
>> nnimap.el, it has the same call in nnimap-open-connection.  Can you try
>> the auth-source-user-or-password call inside your regular sessions
>> (instead of `emacs -q'), where auth-source.el doesn't work for you?  Is
>> there something you see that might hint what the problem is?
>> 
>> Ted

RR> The issue was with nntp selects not other IMAPS as  recall.

Can you try the call with "nntp" as the protocol and the right host name?

Ted

Re: Gnus and pgp

[Richard Riley]

Ted Zlatanov <tzz@lifelogs.com> writes:

> On Thu, 14 Jan 2010 01:19:38 +0100 Richard Riley <rileyrgdev@gmail.com> wrote: 
>
> RR> Ted Zlatanov <tzz@lifelogs.com> writes:
>>> On Wed, 06 Jan 2010 01:42:48 +0100 Richard Riley <rileyrgdev@gmail.com> wrote: 
>>> 
> RR> Ted Zlatanov <tzz@lifelogs.com> writes:
>>>>> Let's debug it.  Run the following in a clean (emacs -q) instance:
>>>>> 
>>>>> (require 'epa-file)
>>>>> (require 'auth-source)
>>>>> (require 'cl)
>>>>> (epa-file-enable)
>>>>> (setq auth-source-debug t ; use `message' to log messages
>>>>> epa-file-cache-passphrase-for-symmetric-encryption t
>>>>> auth-sources '((:source "~/.authinfo.gpg" :host t :protocol t)))
>>>>> (auth-source-user-or-password "login" "richardriley.net" "imap")
>>>>> 
>>>>> What does the last call return (should be your login name)?  What's in
>>>>> *Messages*?
>>> 
> RR> It returns my login name ok. 
>>> 
> RR> *Messages* just has
>>> 
> RR> auth-source-user-or-password: found (login)=(shamrock) for richardriley.net (imap)
> RR> "shamrock"
>>> 
> RR> I also got prompted for a symmetric password to unlock the authinfo.gpg
>>> 
> RR> Note that my login name for the remote host is, in this case, the same
> RR> as my local login id.
>>> 
>>> If this works, it should work for all other IMAP cases as well.  Look at
>>> nnimap.el, it has the same call in nnimap-open-connection.  Can you try
>>> the auth-source-user-or-password call inside your regular sessions
>>> (instead of `emacs -q'), where auth-source.el doesn't work for you?  Is
>>> there something you see that might hint what the problem is?
>>> 
>>> Ted
>
> RR> The issue was with nntp selects not other IMAPS as  recall.
>
> Can you try the call with "nntp" as the protocol and the right host name?
>
> Ted

It returns nil.


-- 
Google Talk : rileyrgdev@googlemail.com  http://www.google.com/talk

Re: Gnus and pgp

[Ted Zlatanov]

On Thu, 14 Jan 2010 16:36:58 +0100 Richard Riley <rileyrgdev@gmail.com> wrote: 

RR> Ted Zlatanov <tzz@lifelogs.com> writes:
>> On Thu, 14 Jan 2010 01:19:38 +0100 Richard Riley <rileyrgdev@gmail.com> wrote: 
>> 
RR> Ted Zlatanov <tzz@lifelogs.com> writes:
>>>> On Wed, 06 Jan 2010 01:42:48 +0100 Richard Riley <rileyrgdev@gmail.com> wrote: 
>>>> 
RR> Ted Zlatanov <tzz@lifelogs.com> writes:
>>>>>> Let's debug it.  Run the following in a clean (emacs -q) instance:
>>>>>> 
>>>>>> (require 'epa-file)
>>>>>> (require 'auth-source)
>>>>>> (require 'cl)
>>>>>> (epa-file-enable)
>>>>>> (setq auth-source-debug t ; use `message' to log messages
>>>>>> epa-file-cache-passphrase-for-symmetric-encryption t
>>>>>> auth-sources '((:source "~/.authinfo.gpg" :host t :protocol t)))
>>>>>> (auth-source-user-or-password "login" "richardriley.net" "imap")
>>>>>> 
>>>>>> What does the last call return (should be your login name)?  What's in
>>>>>> *Messages*?
>>>> 
RR> It returns my login name ok. 
>>>> 
RR> *Messages* just has
>>>> 
RR> auth-source-user-or-password: found (login)=(shamrock) for richardriley.net (imap)
RR> "shamrock"
>>>> 
RR> I also got prompted for a symmetric password to unlock the authinfo.gpg
>>>> 
RR> Note that my login name for the remote host is, in this case, the same
RR> as my local login id.
>>>> 
>>>> If this works, it should work for all other IMAP cases as well.  Look at
>>>> nnimap.el, it has the same call in nnimap-open-connection.  Can you try
>>>> the auth-source-user-or-password call inside your regular sessions
>>>> (instead of `emacs -q'), where auth-source.el doesn't work for you?  Is
>>>> there something you see that might hint what the problem is?
>>>> 
>>>> Ted
>> 
RR> The issue was with nntp selects not other IMAPS as  recall.
>> 
>> Can you try the call with "nntp" as the protocol and the right host name?

OK, so your authinfo file doesn't match NNTP.  Can you insert a line
without a port for that server and see if it returns the user name?
IOW,

machine richardriley.net login shamrock password XYZ

should specify that for richardriley.net, login "shamrock" is to be used
for all protocols.  If that works, but 

machine richardriley.net login shamrock password XYZ port nntp

does not work for the call 

(auth-source-user-or-password "login" "richardriley.net" "nntp")

then we may have a bug I haven't seen before.

For all this testing, please make sure you're in emacs -q with only the
config above loaded.

Thanks
Ted

Gnus and pgp

[Richard Riley]

I just wonder how many of you were using pgp and something like
gupg-agent?

I was having terrible connection problems for ages with a set up like
this:

,----
| (require 'auth-source)
| (require 'epa-file)
| (setq epa-file-cache-passphrase-for-symmetric-encryption t) ;;VERY Important
| (if (file-exists-p "~/.authinfo")
|     (setq auth-sources '((:source "~/.authinfo" :host t :protocol t)))
|     (setq auth-sources '((:source "~/.authinfo.gpg" :host t :protocol t))))
| (setq 
|       mml2015-encrypt-to-self t
|       mml2015-cache-passphrase t
|       mml2015-passphrase-cache-expiry 60000
|       mml2015-verbose t)
`----

When using the .gpg, hard to pinpoint but constant refusals to connect
to a server (nntp) when doing a refresh or even starting Gnus for the first
time. Often quitting gnus and then restarting fixed it. I know the
default above is .authinfo as that is my set up now (I just recreated
the .authinfo from the .gpg file) and all connection issues vanished.

Is anyone else here using the epa stuff with more success? Can you share
your setup? I would love to use the (chmodded) .authinfo and replace
with a .gpg but it doesn't seem very stable with my set up above.

I know the agent was running fine.

Emacs 23 in Debian backports.