GNU bug report logs -
#79628
Change in url-auth.el breaks HTTP proxy authentication with user/password
Previous Next
To reply to this bug, email your comments to 79628 AT debbugs.gnu.org.
There is no need to reopen the bug first.
Toggle the display of automated, internal messages from the tracker.
Report forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#79628; Package
emacs.
(Tue, 14 Oct 2025 20:06:02 GMT)
Full text and
rfc822 format available.
Acknowledgement sent
to
James Cherti <contact <at> jamescherti.com>:
New bug report received and forwarded. Copy sent to
bug-gnu-emacs <at> gnu.org.
(Tue, 14 Oct 2025 20:06:02 GMT)
Full text and
rfc822 format available.
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
The following Emacs Lisp code successfully enables proxy
authentication in Emacs 30.2 but fails to function in
Emacs 31 (master branch):
--8<---------------cut here---------------start------------->8---
(defvar my-proxy-host "127.0.0.1:3128")
(defvar my-proxy-realm "proxy")
(defvar my-proxy-userpass "user:password")
(setq url-proxy-services
(list
(cons "http" my-proxy-host)
(cons "https" my-proxy-host)))
(setq url-http-proxy-basic-auth-storage
(list (list my-proxy-host
(cons "dev"
(base64-encode-string my-proxy-userpass)))))
--8<---------------cut here---------------start------------->8---
There is an issue with lisp/url/url-auth.el in Emacs 31
(master branch) that breaks HTTP proxy authentication using
a username and password
This issue has been introduced by the following commit:
git revert a7a22e7c22cef0948f84daa86c9929d7b0dd6d56
(Bjorn Bidar, the author of this commits, is included in CC.)
--8<---------------cut here---------------start------------->8---
commit a7a22e7c22cef0948f84daa86c9929d7b0dd6d56
Author: Björn Bidar <bjorn.bidar <at> thaodan.de>
Date: 2024-08-08 17:31:20 +0300
Fix secret search with basic auth with a port in URL
* lisp/url/url-auth.el (url-basic-auth): Fix retrieving of
secrets when the URL contains a port. Amending the port to
server breaks 'auth-source-search' matching for :host which
is redundant as it already specified in :port. (Bug#72526)
diff --git lisp/url/url-auth.el lisp/url/url-auth.el
index 8f4df780a54..c73047da6b3 100644
--- lisp/url/url-auth.el
+++ lisp/url/url-auth.el
@@ -70,12 +70,11 @@ url-basic-auth
(file (url-filename href))
(user (url-user href))
(pass (url-password href))
(enable-recursive-minibuffers t) ; for url-handler-mode
(bug#10298)
byserv retval data)
- (setq server (format "%s:%d" server port)
- file (cond
+ (setq file (cond
(realm realm)
((string= "" file) "/")
((string-match "/$" file) file)
(t (url-file-directory file)))
byserv (cdr-safe (assoc server
@@ -92,10 +91,11 @@ url-basic-auth
(or user (user-real-login-name)))))
pass (or
(url-do-auth-source-search server type :secret)
(and (url-interactive-p)
(read-passwd "Password: " nil (or pass "")))))
+ (setq server (format "%s:%d" server port))
(set url-basic-auth-storage
(cons (list server
(cons file
(setq retval
(base64-encode-string
@@ -127,10 +127,11 @@ url-basic-auth
(user-real-login-name))))
pass (or
(url-do-auth-source-search server type :secret)
(and (url-interactive-p)
(read-passwd "Password: ")))
+ server (format "%s:%d" server port)
retval (base64-encode-string (format "%s:%s" user
pass) t)
byserv (assoc server (symbol-value
url-basic-auth-storage)))
(setcdr byserv
(cons (cons file retval) (cdr byserv))))))
(t (setq retval nil)))
--8<---------------cut here---------------start------------->8---
--
James Cherti
GitHub: https://github.com/jamescherti
Website: https://www.jamescherti.com/
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#79628; Package
emacs.
(Sat, 01 Nov 2025 09:02:01 GMT)
Full text and
rfc822 format available.
Message #8 received at 79628 <at> debbugs.gnu.org (full text, mbox):
Ping! Bjorn, could you please chime in to this discussion?
> Cc: bjorn.bidar <at> thaodan.de
> Date: Tue, 14 Oct 2025 16:04:58 -0400
> From: James Cherti <contact <at> jamescherti.com>
>
> The following Emacs Lisp code successfully enables proxy
> authentication in Emacs 30.2 but fails to function in
> Emacs 31 (master branch):
>
> --8<---------------cut here---------------start------------->8---
> (defvar my-proxy-host "127.0.0.1:3128")
> (defvar my-proxy-realm "proxy")
> (defvar my-proxy-userpass "user:password")
> (setq url-proxy-services
> (list
> (cons "http" my-proxy-host)
> (cons "https" my-proxy-host)))
> (setq url-http-proxy-basic-auth-storage
> (list (list my-proxy-host
> (cons "dev"
> (base64-encode-string my-proxy-userpass)))))
> --8<---------------cut here---------------start------------->8---
>
> There is an issue with lisp/url/url-auth.el in Emacs 31
> (master branch) that breaks HTTP proxy authentication using
> a username and password
>
> This issue has been introduced by the following commit:
> git revert a7a22e7c22cef0948f84daa86c9929d7b0dd6d56
>
> (Bjorn Bidar, the author of this commits, is included in CC.)
>
> --8<---------------cut here---------------start------------->8---
> commit a7a22e7c22cef0948f84daa86c9929d7b0dd6d56
> Author: Björn Bidar <bjorn.bidar <at> thaodan.de>
> Date: 2024-08-08 17:31:20 +0300
>
> Fix secret search with basic auth with a port in URL
>
> * lisp/url/url-auth.el (url-basic-auth): Fix retrieving of
> secrets when the URL contains a port. Amending the port to
> server breaks 'auth-source-search' matching for :host which
> is redundant as it already specified in :port. (Bug#72526)
>
> diff --git lisp/url/url-auth.el lisp/url/url-auth.el
> index 8f4df780a54..c73047da6b3 100644
> --- lisp/url/url-auth.el
> +++ lisp/url/url-auth.el
> @@ -70,12 +70,11 @@ url-basic-auth
> (file (url-filename href))
> (user (url-user href))
> (pass (url-password href))
> (enable-recursive-minibuffers t) ; for url-handler-mode
> (bug#10298)
> byserv retval data)
> - (setq server (format "%s:%d" server port)
> - file (cond
> + (setq file (cond
> (realm realm)
> ((string= "" file) "/")
> ((string-match "/$" file) file)
> (t (url-file-directory file)))
> byserv (cdr-safe (assoc server
> @@ -92,10 +91,11 @@ url-basic-auth
> (or user (user-real-login-name)))))
> pass (or
> (url-do-auth-source-search server type :secret)
> (and (url-interactive-p)
> (read-passwd "Password: " nil (or pass "")))))
> + (setq server (format "%s:%d" server port))
> (set url-basic-auth-storage
> (cons (list server
> (cons file
> (setq retval
> (base64-encode-string
> @@ -127,10 +127,11 @@ url-basic-auth
> (user-real-login-name))))
> pass (or
> (url-do-auth-source-search server type :secret)
> (and (url-interactive-p)
> (read-passwd "Password: ")))
> + server (format "%s:%d" server port)
> retval (base64-encode-string (format "%s:%s" user
> pass) t)
> byserv (assoc server (symbol-value
> url-basic-auth-storage)))
> (setcdr byserv
> (cons (cons file retval) (cdr byserv))))))
> (t (setq retval nil)))
> --8<---------------cut here---------------start------------->8---
>
> --
> James Cherti
> GitHub: https://github.com/jamescherti
> Website: https://www.jamescherti.com/
>
>
>
>
>
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#79628; Package
emacs.
(Mon, 03 Nov 2025 13:29:01 GMT)
Full text and
rfc822 format available.
Message #11 received at 79628 <at> debbugs.gnu.org (full text, mbox):
Hello Eli,
Thank you for notifying Bjorn. I also sent him an email in
case one of his filters caused him to miss 'bug#79628'.
FYI: I am using the Emacs master branch. I tried today without
reverting the commit a7a22e7c22cef0948f84daa86c9929d7b0dd6d56:
--8<---------------cut here---------------start------------->8---
package--with-response-buffer-1:
https://melpa.org/packages/PACKAGE_NAME-20200331.1019.tar: Proxy
authentication required
--8<---------------cut here---------------start------------->8---
Reverting the commit using the following fixes the
connection to an HTTP proxy that requires authentication:
--8<---------------cut here---------------start------------->8---
git revert a7a22e7c22cef0948f84daa86c9929d7b0dd6d56
--8<---------------cut here---------------start------------->8---
Here is the result after reverting the commit:
--8<---------------cut here---------------start------------->8---
Contacting host: melpa.org:443 [2 times]
Parsing tar file...done
Extracting...done
INFO Scraping 3 files for loaddefs...done
GEN PACKAGE_NAME-autoloads.el
Checking /home/user/.emacs.d/elpa/PACKAGE_NAME-20200331.1019... [2 times]
Wrote
/home/user/.emacs.d/elpa/PACKAGE_NAME-20200331.1019/PACKAGE_NAME-parsers.elc
Checking /home/user/.emacs.d/elpa/PACKAGE_NAME-20200331.1019... [2 times]
Wrote /home/user/.emacs.d/elpa/PACKAGE_NAME-20200331.1019/PACKAGE_NAME.elc
Checking /home/user/.emacs.d/elpa/PACKAGE_NAME-20200331.1019...
--8<---------------cut here---------------start------------->8---
--
James Cherti
GitHub: https://github.com/jamescherti
Website: https://www.jamescherti.com/
On 2025-11-01 05:01, Eli Zaretskii wrote:
> Ping! Bjorn, could you please chime in to this discussion?
>
>> Cc: bjorn.bidar <at> thaodan.de
>> Date: Tue, 14 Oct 2025 16:04:58 -0400
>> From: James Cherti <contact <at> jamescherti.com>
>>
>> The following Emacs Lisp code successfully enables proxy
>> authentication in Emacs 30.2 but fails to function in
>> Emacs 31 (master branch):
>>
>> --8<---------------cut here---------------start------------->8---
>> (defvar my-proxy-host "127.0.0.1:3128")
>> (defvar my-proxy-realm "proxy")
>> (defvar my-proxy-userpass "user:password")
>> (setq url-proxy-services
>> (list
>> (cons "http" my-proxy-host)
>> (cons "https" my-proxy-host)))
>> (setq url-http-proxy-basic-auth-storage
>> (list (list my-proxy-host
>> (cons "dev"
>> (base64-encode-string my-proxy-userpass)))))
>> --8<---------------cut here---------------start------------->8---
>>
>> There is an issue with lisp/url/url-auth.el in Emacs 31
>> (master branch) that breaks HTTP proxy authentication using
>> a username and password
>>
>> This issue has been introduced by the following commit:
>> git revert a7a22e7c22cef0948f84daa86c9929d7b0dd6d56
>>
>> (Bjorn Bidar, the author of this commits, is included in CC.)
>>
>> --8<---------------cut here---------------start------------->8---
>> commit a7a22e7c22cef0948f84daa86c9929d7b0dd6d56
>> Author: Björn Bidar <bjorn.bidar <at> thaodan.de>
>> Date: 2024-08-08 17:31:20 +0300
>>
>> Fix secret search with basic auth with a port in URL
>>
>> * lisp/url/url-auth.el (url-basic-auth): Fix retrieving of
>> secrets when the URL contains a port. Amending the port to
>> server breaks 'auth-source-search' matching for :host which
>> is redundant as it already specified in :port. (Bug#72526)
>>
>> diff --git lisp/url/url-auth.el lisp/url/url-auth.el
>> index 8f4df780a54..c73047da6b3 100644
>> --- lisp/url/url-auth.el
>> +++ lisp/url/url-auth.el
>> @@ -70,12 +70,11 @@ url-basic-auth
>> (file (url-filename href))
>> (user (url-user href))
>> (pass (url-password href))
>> (enable-recursive-minibuffers t) ; for url-handler-mode
>> (bug#10298)
>> byserv retval data)
>> - (setq server (format "%s:%d" server port)
>> - file (cond
>> + (setq file (cond
>> (realm realm)
>> ((string= "" file) "/")
>> ((string-match "/$" file) file)
>> (t (url-file-directory file)))
>> byserv (cdr-safe (assoc server
>> @@ -92,10 +91,11 @@ url-basic-auth
>> (or user (user-real-login-name)))))
>> pass (or
>> (url-do-auth-source-search server type :secret)
>> (and (url-interactive-p)
>> (read-passwd "Password: " nil (or pass "")))))
>> + (setq server (format "%s:%d" server port))
>> (set url-basic-auth-storage
>> (cons (list server
>> (cons file
>> (setq retval
>> (base64-encode-string
>> @@ -127,10 +127,11 @@ url-basic-auth
>> (user-real-login-name))))
>> pass (or
>> (url-do-auth-source-search server type :secret)
>> (and (url-interactive-p)
>> (read-passwd "Password: ")))
>> + server (format "%s:%d" server port)
>> retval (base64-encode-string (format "%s:%s" user
>> pass) t)
>> byserv (assoc server (symbol-value
>> url-basic-auth-storage)))
>> (setcdr byserv
>> (cons (cons file retval) (cdr byserv))))))
>> (t (setq retval nil)))
>> --8<---------------cut here---------------start------------->8---
>>
>> --
>> James Cherti
>> GitHub: https://github.com/jamescherti
>> Website: https://www.jamescherti.com/
>>
>>
>>
>>
>>
>
>
>
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#79628; Package
emacs.
(Thu, 06 Nov 2025 17:15:02 GMT)
Full text and
rfc822 format available.
Message #14 received at 79628 <at> debbugs.gnu.org (full text, mbox):
FYI, my the first patch [1] in bug#79486 [2] should fix this.
[1] https://debbugs.gnu.org/cgi/bugreport.cgi?filename=0001-Lookup-cached-basic-auth-credentials-with-the-correc.patch;att=1;bug=79486;msg=5
[2] https://debbugs.gnu.org/cgi/bugreport.cgi?bug=79486
Reply sent
to
Eli Zaretskii <eliz <at> gnu.org>:
You have taken responsibility.
(Sat, 08 Nov 2025 18:40:02 GMT)
Full text and
rfc822 format available.
Notification sent
to
James Cherti <contact <at> jamescherti.com>:
bug acknowledged by developer.
(Sat, 08 Nov 2025 18:40:02 GMT)
Full text and
rfc822 format available.
Message #19 received at 79628-done <at> debbugs.gnu.org (full text, mbox):
> From: Steven Allen <steven <at> stebalien.com>
> Cc: eliz <at> gnu.org, bjorn.bidar <at> thaodan.de, 79628 <at> debbugs.gnu.org
> Date: Thu, 06 Nov 2025 09:14:01 -0800
>
>
> FYI, my the first patch [1] in bug#79486 [2] should fix this.
Thanks, closing.
This bug report was last modified 23 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.