GNU bug report logs -
#57956
29.0.50; Add minimal authorization support to sasl-scram-rfc
Previous Next
Reported by: "J.P." <jp <at> neverwas.me>
Date: Tue, 20 Sep 2022 13:07:02 UTC
Severity: wishlist
Tags: patch
Found in version 29.0.50
Fixed in version 29.1
Done: "J.P." <jp <at> neverwas.me>
Bug is archived. No further changes may be made.
To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 57956 in the body.
You can then email your comments to 57956 AT debbugs.gnu.org in the normal way.
Toggle the display of automated, internal messages from the tracker.
Report forwarded
to
emacs-erc <at> gnu.org, bug-gnu-emacs <at> gnu.org
:
bug#57956
; Package
emacs
.
(Tue, 20 Sep 2022 13:07:02 GMT)
Full text and
rfc822 format available.
Acknowledgement sent
to
"J.P." <jp <at> neverwas.me>
:
New bug report received and forwarded. Copy sent to
emacs-erc <at> gnu.org, bug-gnu-emacs <at> gnu.org
.
(Tue, 20 Sep 2022 13:07:02 GMT)
Full text and
rfc822 format available.
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
Tags: patch
Hi people,
ERC plans on basing its SASL library on sasl.el and friends. Although
rare, authorization (or "authz") support is sometimes needed by IRC
administrators wanting to authenticate as other users. It's also
expected by at least one IRC-compliance test suite [1]. The PLAIN
implementation in sasl.el currently offers implicit support via the
`authenticator-name' client property (see `sasl-plain-response'). This
patch proposes we do much the same with sasl-scram-rfc.el.
As for specifics, I've encapsulated the actual prop-lookup and
header-construction details in a new function that's called indirectly
via a new top-level variable (although perhaps that's just unnecessary
or more suited to a user option). The only other change appears in
`sasl-scram--client-final-message'. It concerns the base64 encoding of
the GS2 header and the client proof, both of which currently suffer from
occasional whitespace complications [2].
Anyway, ERC would benefit greatly from these (or superior) changes
because we'd like to introduce `erc-compat' analogs in an upcoming
release (probably ERC 5.6). If anyone out there can spare the time,
your feedback would be greatly appreciated.
Thanks,
J.P.
P.S. Tests covering these changes appear in the patch sets for bug#29108
and bug#49860.
[1] Authz support for PLAIN, with SCRAM possibly on the way:
https://github.com/progval/irctest/blob/master/irctest/client_tests/sasl.py
[2] Calling `base64-encode-string' with NO-LINE-BREAK set to t seems to
solve the issue, which is likely related to this excerpt from
https://www.rfc-editor.org/rfc/rfc5802#section-2.1:
"The use of base64 in SCRAM is restricted to the canonical form
with no whitespace."
FWIW, I tried advising `base64-encode-string' to avoid having to
submit a patch, but it seems the byte compiler precomputes the
result for certain constant params, like `cbind-input' in
`sasl-scram--client-final-message'.
In GNU Emacs 29.0.50 (build 2, x86_64-pc-linux-gnu, GTK+ Version
3.24.34, cairo version 1.17.6) of 2022-09-19 built on localhost
Repository revision: 132d5cb0a3ec94afbb49772631861e00160ffffb
Repository branch: master
Windowing system distributor 'The X.Org Foundation', version 11.0.12014000
System Description: Fedora Linux 36 (Workstation Edition)
Configured using:
'configure --enable-check-lisp-object-type --enable-checking=yes,glyphs
'CFLAGS=-O0 -g3'
PKG_CONFIG_PATH=:/usr/lib64/pkgconfig:/usr/share/pkgconfig'
Configured features:
ACL CAIRO DBUS FREETYPE GIF GLIB GMP GNUTLS GPM GSETTINGS HARFBUZZ JPEG
JSON LCMS2 LIBOTF LIBSELINUX LIBSYSTEMD LIBXML2 M17N_FLT MODULES NOTIFY
INOTIFY PDUMPER PNG RSVG SECCOMP SOUND SQLITE3 THREADS TIFF
TOOLKIT_SCROLL_BARS WEBP X11 XDBE XIM XINPUT2 XPM GTK3 ZLIB
Important settings:
value of $LANG: en_US.UTF-8
value of $XMODIFIERS: @im=ibus
locale-coding-system: utf-8-unix
Major mode: Lisp Interaction
Minor modes in effect:
tooltip-mode: t
global-eldoc-mode: t
eldoc-mode: t
show-paren-mode: t
electric-indent-mode: t
mouse-wheel-mode: t
tool-bar-mode: t
menu-bar-mode: t
file-name-shadow-mode: t
global-font-lock-mode: t
font-lock-mode: t
blink-cursor-mode: t
line-number-mode: t
indent-tabs-mode: t
transient-mark-mode: t
auto-composition-mode: t
auto-encryption-mode: t
auto-compression-mode: t
Load-path shadows:
None found.
Features:
(shadow sort mail-extr emacsbug message mailcap yank-media puny dired
dired-loaddefs rfc822 mml mml-sec password-cache epa derived epg rfc6068
epg-config gnus-util text-property-search time-date subr-x mm-decode
mm-bodies mm-encode mail-parse rfc2231 mailabbrev gmm-utils mailheader
cl-loaddefs cl-lib sendmail rfc2047 rfc2045 ietf-drums mm-util
mail-prsvr mail-utils rmc iso-transl tooltip eldoc paren electric
uniquify ediff-hook vc-hooks lisp-float-type elisp-mode mwheel
term/x-win x-win term/common-win x-dnd tool-bar dnd fontset image
regexp-opt fringe tabulated-list replace newcomment text-mode lisp-mode
prog-mode register page tab-bar menu-bar rfn-eshadow isearch easymenu
timer select scroll-bar mouse jit-lock font-lock syntax font-core
term/tty-colors frame minibuffer nadvice seq simple cl-generic
indonesian philippine cham georgian utf-8-lang misc-lang vietnamese
tibetan thai tai-viet lao korean japanese eucjp-ms cp51932 hebrew greek
romanian slovak czech european ethiopic indian cyrillic chinese
composite emoji-zwj charscript charprop case-table epa-hook
jka-cmpr-hook help abbrev obarray oclosure cl-preloaded button loaddefs
faces cus-face macroexp files window text-properties overlay sha1 md5
base64 format env code-pages mule custom widget keymap
hashtable-print-readable backquote threads dbusbind inotify lcms2
dynamic-setting system-font-setting font-render-setting cairo
move-toolbar gtk x-toolkit xinput2 x multi-tty make-network-process
emacs)
Memory information:
((conses 16 36059 6198)
(symbols 48 5107 0)
(strings 32 13115 1641)
(string-bytes 1 372299)
(vectors 16 9247)
(vector-slots 8 146583 10252)
(floats 8 21 25)
(intervals 56 220 0)
(buffers 1000 10))
[0001-Add-GS2-authorization-to-sasl-scram-rfc.patch (text/x-patch, attachment)]
Information forwarded
to
bug-gnu-emacs <at> gnu.org
:
bug#57956
; Package
emacs
.
(Tue, 20 Sep 2022 15:29:02 GMT)
Full text and
rfc822 format available.
Message #8 received at 57956 <at> debbugs.gnu.org (full text, mbox):
"J.P." <jp <at> neverwas.me> writes:
> Anyway, ERC would benefit greatly from these (or superior) changes
> because we'd like to introduce `erc-compat' analogs in an upcoming
> release (probably ERC 5.6). If anyone out there can spare the time,
> your feedback would be greatly appreciated.
Looks OK to me.
Information forwarded
to
bug-gnu-emacs <at> gnu.org
:
bug#57956
; Package
emacs
.
(Wed, 21 Sep 2022 13:18:01 GMT)
Full text and
rfc822 format available.
Message #11 received at 57956 <at> debbugs.gnu.org (full text, mbox):
Lars Ingebrigtsen <larsi <at> gnus.org> writes:
> "J.P." <jp <at> neverwas.me> writes:
>
>> Anyway, ERC would benefit greatly from these (or superior) changes
>> because we'd like to introduce `erc-compat' analogs in an upcoming
>> release (probably ERC 5.6). If anyone out there can spare the time,
>> your feedback would be greatly appreciated.
>
> Looks OK to me.
Cool, thanks.
* * *
Question for Philip (Cc'd):
Hi. When 29.1 is released, I might want to propose some of these updated
sasl-scram-rfc.el items for inclusion in Compat. However, one of them,
`sasl-scram--client-final-message'
is obviously an internal function. Does that matter? Would you rather we
export it (as in rename it or alias it) beforehand (IOW, now)?
Thanks,
J.P.
Information forwarded
to
bug-gnu-emacs <at> gnu.org
:
bug#57956
; Package
emacs
.
(Wed, 21 Sep 2022 18:37:02 GMT)
Full text and
rfc822 format available.
Message #14 received at 57956 <at> debbugs.gnu.org (full text, mbox):
"J.P." <jp <at> neverwas.me> writes:
> Lars Ingebrigtsen <larsi <at> gnus.org> writes:
>
>> "J.P." <jp <at> neverwas.me> writes:
>>
>>> Anyway, ERC would benefit greatly from these (or superior) changes
>>> because we'd like to introduce `erc-compat' analogs in an upcoming
>>> release (probably ERC 5.6). If anyone out there can spare the time,
>>> your feedback would be greatly appreciated.
>>
>> Looks OK to me.
>
> Cool, thanks.
>
> * * *
>
> Question for Philip (Cc'd):
>
> Hi. When 29.1 is released, I might want to propose some of these updated
> sasl-scram-rfc.el items for inclusion in Compat. However, one of them,
>
> `sasl-scram--client-final-message'
>
> is obviously an internal function. Does that matter? Would you rather we
> export it (as in rename it or alias it) beforehand (IOW, now)?
I'd rather not add "internal functions" to Compat, at least in a way
that it would be exposed as part of the official Compat interface. That
being said, I am not familiar with the feature being discussed here, so
maybe an exception has to be made?
> Thanks,
> J.P.
Information forwarded
to
bug-gnu-emacs <at> gnu.org
:
bug#57956
; Package
emacs
.
(Thu, 22 Sep 2022 06:24:04 GMT)
Full text and
rfc822 format available.
Message #17 received at 57956 <at> debbugs.gnu.org (full text, mbox):
Philip Kaludercic <philipk <at> posteo.net> writes:
> "J.P." <jp <at> neverwas.me> writes:
>
>> is obviously an internal function. Does that matter? Would you rather we
>> export it (as in rename it or alias it) beforehand (IOW, now)?
>
> I'd rather not add "internal functions" to Compat, at least in a way
> that it would be exposed as part of the official Compat interface. That
> being said, I am not familiar with the feature being discussed here,
The feature (also a bug fix) being discussed here concerns the final
client-side step of the SCRAM protocol. Basically, it computes a
challenge from the server and packs the answer into an outgoing reply.
> so maybe an exception has to be made?
No reason to. We can keep it internal (the "final step" function, that
is) and backport its logic, its helpers, and all (two-ish?) public
functions that call it (I'm likely adding a third).
Alternatively, we could
- have ERC restrict this feature to users of Emacs 29+, or
- stick with the status quo and manage this particular case manually via
erc-comapt.el [1].
I'd be fine with any of the above, really.
[1] https://lists.gnu.org/archive/html/emacs-erc/2022-09/txtCuKCxr1b72.txt
Information forwarded
to
bug-gnu-emacs <at> gnu.org
:
bug#57956
; Package
emacs
.
(Fri, 23 Sep 2022 13:38:02 GMT)
Full text and
rfc822 format available.
Message #20 received at 57956 <at> debbugs.gnu.org (full text, mbox):
"J.P." <jp <at> neverwas.me> writes:
> Philip Kaludercic <philipk <at> posteo.net> writes:
>
>> "J.P." <jp <at> neverwas.me> writes:
>>
>>> is obviously an internal function. Does that matter? Would you rather we
>>> export it (as in rename it or alias it) beforehand (IOW, now)?
>>
>> I'd rather not add "internal functions" to Compat, at least in a way
>> that it would be exposed as part of the official Compat interface. That
>> being said, I am not familiar with the feature being discussed here,
>
> The feature (also a bug fix) being discussed here concerns the final
> client-side step of the SCRAM protocol. Basically, it computes a
> challenge from the server and packs the answer into an outgoing reply.
>
>> so maybe an exception has to be made?
>
> No reason to. We can keep it internal (the "final step" function, that
> is) and backport its logic, its helpers, and all (two-ish?) public
> functions that call it (I'm likely adding a third).
There should be no issue with adding two or three functions to Compat.
> Alternatively, we could
>
> - have ERC restrict this feature to users of Emacs 29+, or
> - stick with the status quo and manage this particular case manually via
> erc-comapt.el [1].
>
> I'd be fine with any of the above, really.
Do you think there is any interest in providing these functions outside
of ERC? If so, I think adding the code to Compat ought to be fine.
Information forwarded
to
bug-gnu-emacs <at> gnu.org
:
bug#57956
; Package
emacs
.
(Wed, 28 Sep 2022 01:23:02 GMT)
Full text and
rfc822 format available.
Message #23 received at 57956 <at> debbugs.gnu.org (full text, mbox):
Philip Kaludercic <philipk <at> posteo.net> writes:
> "J.P." <jp <at> neverwas.me> writes:
>
>> Alternatively, we could
>>
>> - have ERC restrict this feature to users of Emacs 29+, or
>> - stick with the status quo and manage this particular case manually via
>> erc-comapt.el [1].
>>
>> I'd be fine with any of the above, really.
>
> Do you think there is any interest in providing these functions outside
> of ERC? If so, I think adding the code to Compat ought to be fine.
Thanks, that's very generous, but somehow I doubt there'd be much
general interest (though I'd like to be wrong here). For now, I guess we
can just keep them in erc-compat until 29.1 is cut and maybe circle back
in the lead-up to 29.2, if that's agreeable to everyone.
Severity set to 'wishlist' from 'normal'
Request was from
Stefan Kangas <stefankangas <at> gmail.com>
to
control <at> debbugs.gnu.org
.
(Thu, 13 Oct 2022 13:48:10 GMT)
Full text and
rfc822 format available.
Information forwarded
to
bug-gnu-emacs <at> gnu.org
:
bug#57956
; Package
emacs
.
(Wed, 26 Oct 2022 13:14:01 GMT)
Full text and
rfc822 format available.
Message #28 received at 57956 <at> debbugs.gnu.org (full text, mbox):
If no one has anything else to add, I will mark this as being cleared
for installation alongside the proposed changes from bug#29108, which
will hopefully be ready relatively shortly, pending any last looks. This
should allow time enough for human trials and feedback before ERC 5.5 is
finally released and Emacs 29 is cut. Thanks.
bug marked as fixed in version 29.1, send any further explanations to
57956 <at> debbugs.gnu.org and "J.P." <jp <at> neverwas.me>
Request was from
"J.P." <jp <at> neverwas.me>
to
control <at> debbugs.gnu.org
.
(Thu, 24 Nov 2022 03:26:01 GMT)
Full text and
rfc822 format available.
bug archived.
Request was from
Debbugs Internal Request <help-debbugs <at> gnu.org>
to
internal_control <at> debbugs.gnu.org
.
(Thu, 22 Dec 2022 12:24:11 GMT)
Full text and
rfc822 format available.
This bug report was last modified 1 year and 124 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.