GNU bug report logs -
#78189
31.0.50; require properties :key and :cert in auth search done from `network-stream-certificate'
Previous Next
Reported by: Jens Schmidt <jschmidt4gnu <at> vodafonemail.de>
Date: Thu, 1 May 2025 14:38:02 UTC
Severity: normal
Tags: fixed
Found in version 31.0.50
Fixed in version 31.1
Done: Robert Pluim <rpluim <at> gmail.com>
Bug is archived. No further changes may be made.
To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 78189 in the body.
You can then email your comments to 78189 AT debbugs.gnu.org in the normal way.
Toggle the display of automated, internal messages from the tracker.
Report forwarded
to
tzz <at> lifelogs.com, bug-gnu-emacs <at> gnu.org:
bug#78189; Package
emacs.
(Thu, 01 May 2025 14:38:02 GMT)
Full text and
rfc822 format available.
Acknowledgement sent
to
Jens Schmidt <jschmidt4gnu <at> vodafonemail.de>:
New bug report received and forwarded. Copy sent to
tzz <at> lifelogs.com, bug-gnu-emacs <at> gnu.org.
(Thu, 01 May 2025 14:38:02 GMT)
Full text and
rfc822 format available.
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
X-Debbugs-Cc: Robert Pluim <rpluim <at> gmail.com>
X-Debbugs-Cc: Ted Zlatanov <tzz <at> lifelogs.com>
This one is hard to reproduce, so no "emacs -Q" recipe here. I hope
Robert and Ted can confirm or correct my results even without that ...
Function `network-stream-certificate' attempts to find a suitable client
certificate for HOST and SERVICE by doing a search through the available
auth sources, like this ("old search"):
(let* ((auth-info
(ignore-errors
(car (auth-source-search :max 1
:host host
:port (format "%s" service)))))
I think this search should better explicitly require properties :key and
:cert for the auth source search, like this ("new search"):
(let* ((auth-info
(ignore-errors
(car (auth-source-search :max 1
:host host
:port (format "%s" service)
:require '(:key :cert)))))
The rest of this mail tries to convince me and you that this is TRT to
do. If you don't need convincing, you might skip it and instead check
the attached patch.
Thanks!
In the following F denotes function `network-stream-certificate'.
- First of all, my use case is based on a non-standard, rather expensive
auth source that does online XAUTH authentication, see [1]. I noticed
that during `smtpmail-send-it' my auth source gets searched twice,
namely once from function `network-stream-certificate', where it
cannot provide any useful data, and once from
`smtpmail-try-auth-methods', where it returns the expected result.
- If there is exactly one auth source S for HOST and SERVICE, and that
provides properties :key and :cert, old and new search will find that
auth source S and let F return '(KEY CERT) of S. If there are more
auth sources matching HOST and SERVICE and all of them provide
properties :key and :cert, both searches will similarly pick one of
these. Should be the same, but I'm not entirely sure about that case.
- If there are one or more auth sources for HOST and SERVICE, and none
of them provides properties :key and :cert, the old search will pick
an arbitrary first of these in AUTH-INFO. The following code from F:
(and key cert (file-readable-p key) (file-readable-p cert)
(list key cert)))))))
will however "discard" that search result (since KEY and CERT have
been let-bound to nil) and will let F return nil.
The new search will let-bind AUTH-INFO right away to nil, also letting
F as a whole return nil.
- If there are no auth sources for HOST and SERVICE at all, both old and
new search will result in nil, letting F return nil.
- Suppose the user has two or more auth sources S_1, S_2, ... for HOST
and SERVICE, some of them (among these S_i) providing properties :key
and :cert, and some not. Due to the :max property given in the call,
the old search might return, depending on the search order, some
single S_j with j != i, thus missing the right source. The new search
is guaranteed to return S_i. Which I consider the better thing.
[1]: https://lists.gnu.org/archive/html/emacs-devel/2023-05/msg00327.html
In GNU Emacs 31.0.50 (build 6, x86_64-pc-linux-gnu, GTK+ Version
3.24.38, cairo version 1.16.0) of 2025-04-30 built on sappc2
Repository revision: 766adfa8a731683c221630c3fee5aa5ace22428e
Repository branch: master
Windowing system distributor 'The X.Org Foundation', version 11.0.12201009
System Description: Debian GNU/Linux 12 (bookworm)
Configured using:
'configure --with-native-compilation --with-mailutils'
Configured features:
ACL CAIRO DBUS FREETYPE GIF GLIB GMP GNUTLS GPM GSETTINGS HARFBUZZ JPEG
LCMS2 LIBOTF LIBSELINUX LIBSYSTEMD LIBXML2 M17N_FLT MODULES NATIVE_COMP
NOTIFY INOTIFY PDUMPER PNG RSVG SECCOMP SOUND THREADS TIFF
TOOLKIT_SCROLL_BARS WEBP X11 XDBE XIM XINERAMA XINPUT2 XPM XRANDR GTK3
ZLIB
Important settings:
value of $LC_COLLATE: POSIX
value of $LC_TIME: POSIX
value of $LANG: en_US.UTF-8
value of $XMODIFIERS: @im=ibus
locale-coding-system: utf-8-unix
Major mode: Lisp Interaction
Minor modes in effect:
display-time-mode: t
delete-selection-mode: t
show-paren-mode: t
mouse-wheel-mode: t
file-name-shadow-mode: t
global-font-lock-mode: t
font-lock-mode: t
minibuffer-regexp-mode: t
line-number-mode: t
auto-composition-mode: t
auto-encryption-mode: t
auto-compression-mode: t
Load-path shadows:
/home/jschmidt/work/org-mode/lisp/org-element-ast hides /home/jschmidt/work/emacs-master/lisp/org/org-element-ast
/home/jschmidt/work/org-mode/lisp/org-attach hides /home/jschmidt/work/emacs-master/lisp/org/org-attach
/home/jschmidt/work/org-mode/lisp/ob-scheme hides /home/jschmidt/work/emacs-master/lisp/org/ob-scheme
/home/jschmidt/work/org-mode/lisp/ob-processing hides /home/jschmidt/work/emacs-master/lisp/org/ob-processing
/home/jschmidt/work/org-mode/lisp/ob-gnuplot hides /home/jschmidt/work/emacs-master/lisp/org/ob-gnuplot
/home/jschmidt/work/org-mode/lisp/org-element hides /home/jschmidt/work/emacs-master/lisp/org/org-element
/home/jschmidt/work/org-mode/lisp/ob-org hides /home/jschmidt/work/emacs-master/lisp/org/ob-org
/home/jschmidt/work/org-mode/lisp/ob-sql hides /home/jschmidt/work/emacs-master/lisp/org/ob-sql
/home/jschmidt/work/org-mode/lisp/oc-bibtex hides /home/jschmidt/work/emacs-master/lisp/org/oc-bibtex
/home/jschmidt/work/org-mode/lisp/ox-koma-letter hides /home/jschmidt/work/emacs-master/lisp/org/ox-koma-letter
/home/jschmidt/work/org-mode/lisp/ox-icalendar hides /home/jschmidt/work/emacs-master/lisp/org/ox-icalendar
/home/jschmidt/work/org-mode/lisp/ol-gnus hides /home/jschmidt/work/emacs-master/lisp/org/ol-gnus
/home/jschmidt/work/org-mode/lisp/ob-sqlite hides /home/jschmidt/work/emacs-master/lisp/org/ob-sqlite
/home/jschmidt/work/org-mode/lisp/ob-clojure hides /home/jschmidt/work/emacs-master/lisp/org/ob-clojure
/home/jschmidt/work/org-mode/lisp/org-indent hides /home/jschmidt/work/emacs-master/lisp/org/org-indent
/home/jschmidt/work/org-mode/lisp/org-persist hides /home/jschmidt/work/emacs-master/lisp/org/org-persist
/home/jschmidt/work/org-mode/lisp/ol-eww hides /home/jschmidt/work/emacs-master/lisp/org/ol-eww
/home/jschmidt/work/org-mode/lisp/ol-info hides /home/jschmidt/work/emacs-master/lisp/org/ol-info
/home/jschmidt/work/org-mode/lisp/ol-rmail hides /home/jschmidt/work/emacs-master/lisp/org/ol-rmail
/home/jschmidt/work/org-mode/lisp/oc-basic hides /home/jschmidt/work/emacs-master/lisp/org/oc-basic
/home/jschmidt/work/org-mode/lisp/ob-forth hides /home/jschmidt/work/emacs-master/lisp/org/ob-forth
/home/jschmidt/work/org-mode/lisp/org-timer hides /home/jschmidt/work/emacs-master/lisp/org/org-timer
/home/jschmidt/work/org-mode/lisp/ob-makefile hides /home/jschmidt/work/emacs-master/lisp/org/ob-makefile
/home/jschmidt/work/org-mode/lisp/ob-fortran hides /home/jschmidt/work/emacs-master/lisp/org/ob-fortran
/home/jschmidt/work/org-mode/lisp/ox-html hides /home/jschmidt/work/emacs-master/lisp/org/ox-html
/home/jschmidt/work/org-mode/lisp/ob-lob hides /home/jschmidt/work/emacs-master/lisp/org/ob-lob
/home/jschmidt/work/org-mode/lisp/org-plot hides /home/jschmidt/work/emacs-master/lisp/org/org-plot
/home/jschmidt/work/org-mode/lisp/ob-js hides /home/jschmidt/work/emacs-master/lisp/org/ob-js
/home/jschmidt/work/org-mode/lisp/ob-R hides /home/jschmidt/work/emacs-master/lisp/org/ob-R
/home/jschmidt/work/org-mode/lisp/org-inlinetask hides /home/jschmidt/work/emacs-master/lisp/org/org-inlinetask
/home/jschmidt/work/org-mode/lisp/ol-mhe hides /home/jschmidt/work/emacs-master/lisp/org/ol-mhe
/home/jschmidt/work/org-mode/lisp/ob-dot hides /home/jschmidt/work/emacs-master/lisp/org/ob-dot
/home/jschmidt/work/org-mode/lisp/ol-docview hides /home/jschmidt/work/emacs-master/lisp/org/ol-docview
/home/jschmidt/work/org-mode/lisp/ob-C hides /home/jschmidt/work/emacs-master/lisp/org/ob-C
/home/jschmidt/work/org-mode/lisp/ol-man hides /home/jschmidt/work/emacs-master/lisp/org/ol-man
/home/jschmidt/work/org-mode/lisp/org-cycle hides /home/jschmidt/work/emacs-master/lisp/org/org-cycle
/home/jschmidt/work/org-mode/lisp/org-pcomplete hides /home/jschmidt/work/emacs-master/lisp/org/org-pcomplete
/home/jschmidt/work/org-mode/lisp/org-faces hides /home/jschmidt/work/emacs-master/lisp/org/org-faces
/home/jschmidt/work/org-mode/lisp/org hides /home/jschmidt/work/emacs-master/lisp/org/org
/home/jschmidt/work/org-mode/lisp/ol hides /home/jschmidt/work/emacs-master/lisp/org/ol
/home/jschmidt/work/org-mode/lisp/ob-haskell hides /home/jschmidt/work/emacs-master/lisp/org/ob-haskell
/home/jschmidt/work/org-mode/lisp/ob-lisp hides /home/jschmidt/work/emacs-master/lisp/org/ob-lisp
/home/jschmidt/work/org-mode/lisp/org-mobile hides /home/jschmidt/work/emacs-master/lisp/org/org-mobile
/home/jschmidt/work/org-mode/lisp/org-agenda hides /home/jschmidt/work/emacs-master/lisp/org/org-agenda
/home/jschmidt/work/org-mode/lisp/ob-perl hides /home/jschmidt/work/emacs-master/lisp/org/ob-perl
/home/jschmidt/work/org-mode/lisp/org-lint hides /home/jschmidt/work/emacs-master/lisp/org/org-lint
/home/jschmidt/work/org-mode/lisp/org-id hides /home/jschmidt/work/emacs-master/lisp/org/org-id
/home/jschmidt/work/org-mode/lisp/ox-man hides /home/jschmidt/work/emacs-master/lisp/org/ox-man
/home/jschmidt/work/org-mode/lisp/ol-bbdb hides /home/jschmidt/work/emacs-master/lisp/org/ol-bbdb
/home/jschmidt/work/org-mode/lisp/ob-lilypond hides /home/jschmidt/work/emacs-master/lisp/org/ob-lilypond
/home/jschmidt/work/org-mode/lisp/org-archive hides /home/jschmidt/work/emacs-master/lisp/org/org-archive
/home/jschmidt/work/org-mode/lisp/ox-publish hides /home/jschmidt/work/emacs-master/lisp/org/ox-publish
/home/jschmidt/work/org-mode/lisp/ob-core hides /home/jschmidt/work/emacs-master/lisp/org/ob-core
/home/jschmidt/work/org-mode/lisp/ob-groovy hides /home/jschmidt/work/emacs-master/lisp/org/ob-groovy
/home/jschmidt/work/org-mode/lisp/ox-org hides /home/jschmidt/work/emacs-master/lisp/org/ox-org
/home/jschmidt/work/org-mode/lisp/org-entities hides /home/jschmidt/work/emacs-master/lisp/org/org-entities
/home/jschmidt/work/org-mode/lisp/org-goto hides /home/jschmidt/work/emacs-master/lisp/org/org-goto
/home/jschmidt/work/org-mode/lisp/ob-awk hides /home/jschmidt/work/emacs-master/lisp/org/ob-awk
/home/jschmidt/work/org-mode/lisp/ol-eshell hides /home/jschmidt/work/emacs-master/lisp/org/ol-eshell
/home/jschmidt/work/org-mode/lisp/org-num hides /home/jschmidt/work/emacs-master/lisp/org/org-num
/home/jschmidt/work/org-mode/lisp/oc-csl hides /home/jschmidt/work/emacs-master/lisp/org/oc-csl
/home/jschmidt/work/org-mode/lisp/org-capture hides /home/jschmidt/work/emacs-master/lisp/org/org-capture
/home/jschmidt/work/org-mode/lisp/ob-ref hides /home/jschmidt/work/emacs-master/lisp/org/ob-ref
/home/jschmidt/work/org-mode/lisp/org-list hides /home/jschmidt/work/emacs-master/lisp/org/org-list
/home/jschmidt/work/org-mode/lisp/org-macro hides /home/jschmidt/work/emacs-master/lisp/org/org-macro
/home/jschmidt/work/org-mode/lisp/org-clock hides /home/jschmidt/work/emacs-master/lisp/org/org-clock
/home/jschmidt/work/org-mode/lisp/ob-table hides /home/jschmidt/work/emacs-master/lisp/org/ob-table
/home/jschmidt/work/org-mode/lisp/org-datetree hides /home/jschmidt/work/emacs-master/lisp/org/org-datetree
/home/jschmidt/work/org-mode/lisp/org-mouse hides /home/jschmidt/work/emacs-master/lisp/org/org-mouse
/home/jschmidt/work/org-mode/lisp/ob-latex hides /home/jschmidt/work/emacs-master/lisp/org/ob-latex
/home/jschmidt/work/org-mode/lisp/org-keys hides /home/jschmidt/work/emacs-master/lisp/org/org-keys
/home/jschmidt/work/org-mode/lisp/org-compat hides /home/jschmidt/work/emacs-master/lisp/org/org-compat
/home/jschmidt/work/org-mode/lisp/org-habit hides /home/jschmidt/work/emacs-master/lisp/org/org-habit
/home/jschmidt/work/org-mode/lisp/org-tempo hides /home/jschmidt/work/emacs-master/lisp/org/org-tempo
/home/jschmidt/work/org-mode/lisp/org-refile hides /home/jschmidt/work/emacs-master/lisp/org/org-refile
/home/jschmidt/work/org-mode/lisp/ob-ruby hides /home/jschmidt/work/emacs-master/lisp/org/ob-ruby
/home/jschmidt/work/org-mode/lisp/org-attach-git hides /home/jschmidt/work/emacs-master/lisp/org/org-attach-git
/home/jschmidt/work/org-mode/lisp/org-loaddefs hides /home/jschmidt/work/emacs-master/lisp/org/org-loaddefs
/home/jschmidt/work/org-mode/lisp/org-duration hides /home/jschmidt/work/emacs-master/lisp/org/org-duration
/home/jschmidt/work/org-mode/lisp/ob-ocaml hides /home/jschmidt/work/emacs-master/lisp/org/ob-ocaml
/home/jschmidt/work/org-mode/lisp/org-fold hides /home/jschmidt/work/emacs-master/lisp/org/org-fold
/home/jschmidt/work/org-mode/lisp/ox-ascii hides /home/jschmidt/work/emacs-master/lisp/org/ox-ascii
/home/jschmidt/work/org-mode/lisp/ob-css hides /home/jschmidt/work/emacs-master/lisp/org/ob-css
/home/jschmidt/work/org-mode/lisp/ob-tangle hides /home/jschmidt/work/emacs-master/lisp/org/ob-tangle
/home/jschmidt/work/org-mode/lisp/ob-python hides /home/jschmidt/work/emacs-master/lisp/org/ob-python
/home/jschmidt/work/org-mode/lisp/org-crypt hides /home/jschmidt/work/emacs-master/lisp/org/org-crypt
/home/jschmidt/work/org-mode/lisp/ol-bibtex hides /home/jschmidt/work/emacs-master/lisp/org/ol-bibtex
/home/jschmidt/work/org-mode/lisp/oc-biblatex hides /home/jschmidt/work/emacs-master/lisp/org/oc-biblatex
/home/jschmidt/work/org-mode/lisp/org-protocol hides /home/jschmidt/work/emacs-master/lisp/org/org-protocol
/home/jschmidt/work/org-mode/lisp/org-feed hides /home/jschmidt/work/emacs-master/lisp/org/org-feed
/home/jschmidt/work/org-mode/lisp/ob-maxima hides /home/jschmidt/work/emacs-master/lisp/org/ob-maxima
/home/jschmidt/work/org-mode/lisp/org-colview hides /home/jschmidt/work/emacs-master/lisp/org/org-colview
/home/jschmidt/work/org-mode/lisp/ol-w3m hides /home/jschmidt/work/emacs-master/lisp/org/ol-w3m
/home/jschmidt/work/org-mode/lisp/ob-ditaa hides /home/jschmidt/work/emacs-master/lisp/org/ob-ditaa
/home/jschmidt/work/org-mode/lisp/ob-plantuml hides /home/jschmidt/work/emacs-master/lisp/org/ob-plantuml
/home/jschmidt/work/org-mode/lisp/org-src hides /home/jschmidt/work/emacs-master/lisp/org/org-src
/home/jschmidt/work/org-mode/lisp/ob-sed hides /home/jschmidt/work/emacs-master/lisp/org/ob-sed
/home/jschmidt/work/org-mode/lisp/ox-latex hides /home/jschmidt/work/emacs-master/lisp/org/ox-latex
/home/jschmidt/work/org-mode/lisp/ob-exp hides /home/jschmidt/work/emacs-master/lisp/org/ob-exp
/home/jschmidt/work/org-mode/lisp/ob-lua hides /home/jschmidt/work/emacs-master/lisp/org/ob-lua
/home/jschmidt/work/org-mode/lisp/ox hides /home/jschmidt/work/emacs-master/lisp/org/ox
/home/jschmidt/work/org-mode/lisp/org-footnote hides /home/jschmidt/work/emacs-master/lisp/org/org-footnote
/home/jschmidt/work/org-mode/lisp/ol-doi hides /home/jschmidt/work/emacs-master/lisp/org/ol-doi
/home/jschmidt/work/org-mode/lisp/ob-emacs-lisp hides /home/jschmidt/work/emacs-master/lisp/org/ob-emacs-lisp
/home/jschmidt/work/org-mode/lisp/ox-odt hides /home/jschmidt/work/emacs-master/lisp/org/ox-odt
/home/jschmidt/work/org-mode/lisp/ob-eval hides /home/jschmidt/work/emacs-master/lisp/org/ob-eval
/home/jschmidt/work/org-mode/lisp/ob-matlab hides /home/jschmidt/work/emacs-master/lisp/org/ob-matlab
/home/jschmidt/work/org-mode/lisp/ob-sass hides /home/jschmidt/work/emacs-master/lisp/org/ob-sass
/home/jschmidt/work/org-mode/lisp/ob-java hides /home/jschmidt/work/emacs-master/lisp/org/ob-java
/home/jschmidt/work/org-mode/lisp/ob-julia hides /home/jschmidt/work/emacs-master/lisp/org/ob-julia
/home/jschmidt/work/org-mode/lisp/org-version hides /home/jschmidt/work/emacs-master/lisp/org/org-version
/home/jschmidt/work/org-mode/lisp/ob-calc hides /home/jschmidt/work/emacs-master/lisp/org/ob-calc
/home/jschmidt/work/org-mode/lisp/org-table hides /home/jschmidt/work/emacs-master/lisp/org/org-table
/home/jschmidt/work/org-mode/lisp/ol-irc hides /home/jschmidt/work/emacs-master/lisp/org/ol-irc
/home/jschmidt/work/org-mode/lisp/ob-eshell hides /home/jschmidt/work/emacs-master/lisp/org/ob-eshell
/home/jschmidt/work/org-mode/lisp/org-fold-core hides /home/jschmidt/work/emacs-master/lisp/org/org-fold-core
/home/jschmidt/work/org-mode/lisp/org-macs hides /home/jschmidt/work/emacs-master/lisp/org/org-macs
/home/jschmidt/work/org-mode/lisp/ob-comint hides /home/jschmidt/work/emacs-master/lisp/org/ob-comint
/home/jschmidt/work/org-mode/lisp/ox-texinfo hides /home/jschmidt/work/emacs-master/lisp/org/ox-texinfo
/home/jschmidt/work/org-mode/lisp/oc-natbib hides /home/jschmidt/work/emacs-master/lisp/org/oc-natbib
/home/jschmidt/work/org-mode/lisp/ob-screen hides /home/jschmidt/work/emacs-master/lisp/org/ob-screen
/home/jschmidt/work/org-mode/lisp/ox-beamer hides /home/jschmidt/work/emacs-master/lisp/org/ox-beamer
/home/jschmidt/work/org-mode/lisp/ob-octave hides /home/jschmidt/work/emacs-master/lisp/org/ob-octave
/home/jschmidt/work/org-mode/lisp/ob hides /home/jschmidt/work/emacs-master/lisp/org/ob
/home/jschmidt/work/org-mode/lisp/ob-shell hides /home/jschmidt/work/emacs-master/lisp/org/ob-shell
/home/jschmidt/work/org-mode/lisp/ox-md hides /home/jschmidt/work/emacs-master/lisp/org/ox-md
/home/jschmidt/work/org-mode/lisp/oc hides /home/jschmidt/work/emacs-master/lisp/org/oc
/home/jschmidt/work/org-mode/lisp/org-ctags hides /home/jschmidt/work/emacs-master/lisp/org/org-ctags
Features:
(shadow sort mail-extr emacsbug lisp-mnt message yank-media puny dired
dired-loaddefs rfc822 mml mml-sec epa derived epg rfc6068 epg-config
gnus-util time-date mm-decode mm-bodies mm-encode mail-parse rfc2231
mailabbrev gmm-utils mailheader sendmail rfc2047 rfc2045 ietf-drums
mm-util mail-prsvr mail-utils compile text-property-search comint
ansi-osc ansi-color ring comp-run comp-common rx time delsel cus-load
advice files-x bc-dot-emacs warnings loadhist help-fns radix-tree
help-mode finder-inf simple-httpd-autoloads package browse-url xdg url
url-proxy url-privacy url-expand url-methods url-history url-cookie
generate-lisp-file url-domsuf url-util mailcap url-handlers url-parse
auth-source cl-seq eieio eieio-core cl-macs icons password-cache json
subr-x map byte-opt gv bytecomp byte-compile url-vars cl-loaddefs cl-lib
rmc iso-transl tooltip cconv eldoc paren electric uniquify ediff-hook
vc-hooks lisp-float-type elisp-mode mwheel term/x-win x-win
term/common-win x-dnd touch-screen tool-bar dnd fontset image regexp-opt
fringe tabulated-list replace newcomment text-mode lisp-mode prog-mode
register page tab-bar menu-bar rfn-eshadow isearch easymenu timer select
scroll-bar mouse jit-lock font-lock syntax font-core term/tty-colors
frame minibuffer nadvice seq simple cl-generic indonesian philippine
cham georgian utf-8-lang misc-lang vietnamese tibetan thai tai-viet lao
korean japanese eucjp-ms cp51932 hebrew greek romanian slovak czech
european ethiopic indian cyrillic chinese composite emoji-zwj charscript
charprop case-table epa-hook jka-cmpr-hook help abbrev obarray oclosure
cl-preloaded button loaddefs theme-loaddefs faces cus-face macroexp
files window text-properties overlay sha1 md5 base64 format env
code-pages mule custom widget keymap hashtable-print-readable backquote
threads dbusbind inotify lcms2 dynamic-setting system-font-setting
font-render-setting cairo gtk x-toolkit xinput2 x multi-tty move-toolbar
make-network-process tty-child-frames native-compile emacs)
Memory information:
((conses 16 129905 14356) (symbols 48 11228 0)
(strings 32 36337 2537) (string-bytes 1 1293500)
(vectors 16 17377) (vector-slots 8 218381 7563) (floats 8 36 2)
(intervals 56 263 0) (buffers 984 11))
[0001-Require-key-and-cert-when-searching-for-client-cert.patch (text/x-patch, attachment)]
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#78189; Package
emacs.
(Thu, 01 May 2025 21:09:02 GMT)
Full text and
rfc822 format available.
Message #8 received at 78189 <at> debbugs.gnu.org (full text, mbox):
I think I messed up the X-Debbugs-Cc pseudo header in the OP,
effectively not CCing Robert. Sorry for the noise.
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#78189; Package
emacs.
(Sun, 04 May 2025 20:16:01 GMT)
Full text and
rfc822 format available.
Message #11 received at 78189 <at> debbugs.gnu.org (full text, mbox):
On Thu, 1 May 2025 16:36:42 +0200 Jens Schmidt <jschmidt4gnu <at> vodafonemail.de> wrote:
JS> Function `network-stream-certificate' attempts to find a suitable client
JS> certificate for HOST and SERVICE by doing a search through the available
JS> auth sources, like this ("old search"):
JS> (let* ((auth-info
JS> (ignore-errors
JS> (car (auth-source-search :max 1
JS> :host host
JS> :port (format "%s" service)))))
JS> I think this search should better explicitly require properties :key and
JS> :cert for the auth source search, like this ("new search"):
JS> (let* ((auth-info
JS> (ignore-errors
JS> (car (auth-source-search :max 1
JS> :host host
JS> :port (format "%s" service)
JS> :require '(:key :cert)))))
JS> The rest of this mail tries to convince me and you that this is TRT to
JS> do. If you don't need convincing, you might skip it and instead check
JS> the attached patch.
I'm OK with a patch to prefer entries with :key and :cert.
I wonder if it might be better to just say "prefer the most
specific/interesting" in a generic way? Like
:prefer '(:key :cert)
which can also be one of these
:prefer 'most-keys ;;; count of keys
:prefer 'most-detail ;;; length of serialized entry?
:prefer 'network-stream-keys ;;; knows to look for host, port, key, cert
but that's extra work and maybe your proposed patch is simple enough to
Just Work.
Ted
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#78189; Package
emacs.
(Mon, 05 May 2025 11:22:01 GMT)
Full text and
rfc822 format available.
Message #14 received at 78189 <at> debbugs.gnu.org (full text, mbox):
> Cc: 78189 <at> debbugs.gnu.org
> From: Ted Zlatanov <tzz <at> lifelogs.com>
> Date: Sun, 04 May 2025 16:15:01 -0400
>
> On Thu, 1 May 2025 16:36:42 +0200 Jens Schmidt <jschmidt4gnu <at> vodafonemail.de> wrote:
>
> JS> Function `network-stream-certificate' attempts to find a suitable client
> JS> certificate for HOST and SERVICE by doing a search through the available
> JS> auth sources, like this ("old search"):
>
> JS> (let* ((auth-info
> JS> (ignore-errors
> JS> (car (auth-source-search :max 1
> JS> :host host
> JS> :port (format "%s" service)))))
>
> JS> I think this search should better explicitly require properties :key and
> JS> :cert for the auth source search, like this ("new search"):
>
> JS> (let* ((auth-info
> JS> (ignore-errors
> JS> (car (auth-source-search :max 1
> JS> :host host
> JS> :port (format "%s" service)
> JS> :require '(:key :cert)))))
>
> JS> The rest of this mail tries to convince me and you that this is TRT to
> JS> do. If you don't need convincing, you might skip it and instead check
> JS> the attached patch.
>
> I'm OK with a patch to prefer entries with :key and :cert.
>
> I wonder if it might be better to just say "prefer the most
> specific/interesting" in a generic way? Like
>
> :prefer '(:key :cert)
>
> which can also be one of these
>
> :prefer 'most-keys ;;; count of keys
> :prefer 'most-detail ;;; length of serialized entry?
> :prefer 'network-stream-keys ;;; knows to look for host, port, key, cert
>
> but that's extra work and maybe your proposed patch is simple enough to
> Just Work.
Robert, any comments form you?
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#78189; Package
emacs.
(Mon, 05 May 2025 11:45:02 GMT)
Full text and
rfc822 format available.
Message #17 received at 78189 <at> debbugs.gnu.org (full text, mbox):
>>>>> On Sun, 04 May 2025 16:15:01 -0400, Ted Zlatanov <tzz <at> lifelogs.com> said:
Ted> On Thu, 1 May 2025 16:36:42 +0200 Jens Schmidt <jschmidt4gnu <at> vodafonemail.de> wrote:
JS> Function `network-stream-certificate' attempts to find a suitable client
JS> certificate for HOST and SERVICE by doing a search through the available
JS> auth sources, like this ("old search"):
JS> (let* ((auth-info
JS> (ignore-errors
JS> (car (auth-source-search :max 1
JS> :host host
JS> :port (format "%s" service)))))
JS> I think this search should better explicitly require properties :key and
JS> :cert for the auth source search, like this ("new search"):
JS> (let* ((auth-info
JS> (ignore-errors
JS> (car (auth-source-search :max 1
JS> :host host
JS> :port (format "%s" service)
JS> :require '(:key :cert)))))
JS> The rest of this mail tries to convince me and you that this is TRT to
JS> do. If you don't need convincing, you might skip it and instead check
JS> the attached patch.
I始m convinced.
Ted> I'm OK with a patch to prefer entries with :key and :cert.
Jens attached a patch that did exactly that 馃榾
Jens, I think your copyright assignment is on file?
Ted> I wonder if it might be better to just say "prefer the most
Ted> specific/interesting" in a generic way? Like
Ted> :prefer '(:key :cert)
Ted> which can also be one of these
Ted> :prefer 'most-keys ;;; count of keys
Ted> :prefer 'most-detail ;;; length of serialized entry?
Ted> :prefer 'network-stream-keys ;;; knows to look for host, port, key, cert
I始m not seeing a use case for this. Just saying 'find an entry with
:key and :cert' should be enough, and is easy to explain.
Robert
--
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#78189; Package
emacs.
(Mon, 05 May 2025 20:30:02 GMT)
Full text and
rfc822 format available.
Message #20 received at 78189 <at> debbugs.gnu.org (full text, mbox):
Thanks, Ted and Robert for your review and comments! And to Eli
for keeping things going, as usual.
On 2025-05-05 13:44, Robert Pluim wrote:
>>>>>> On Sun, 04 May 2025 16:15:01 -0400, Ted Zlatanov <tzz <at> lifelogs.com> said:
> Jens, I think your copyright assignment is on file?
Yes, it is.
> Ted> specific/interesting" in a generic way? Like
>
> Ted> :prefer '(:key :cert)
>
> Ted> which can also be one of these
>
> Ted> :prefer 'most-keys ;;; count of keys
> Ted> :prefer 'most-detail ;;; length of serialized entry?
> Ted> :prefer 'network-stream-keys ;;; knows to look for host, port, key, cert
>
> I始m not seeing a use case for this. Just saying 'find an entry with
> :key and :cert' should be enough, and is easy to explain.
I don't have the bandwidth to implement anything along Ted's idea,
and I agree with Robert that keeping things simple here would be,
um, simpler.
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#78189; Package
emacs.
(Tue, 06 May 2025 07:44:01 GMT)
Full text and
rfc822 format available.
Message #23 received at 78189 <at> debbugs.gnu.org (full text, mbox):
>>>>> On Mon, 5 May 2025 22:29:29 +0200, Jens Schmidt via "Bug reports for GNU Emacs, the Swiss army knife of text editors" <bug-gnu-emacs <at> gnu.org> said:
Jens> Thanks, Ted and Robert for your review and comments! And to Eli
Jens> for keeping things going, as usual.
Jens> On 2025-05-05 13:44, Robert Pluim wrote:
>>>>>>> On Sun, 04 May 2025 16:15:01 -0400, Ted Zlatanov <tzz <at> lifelogs.com> said:
>> Jens, I think your copyright assignment is on file?
Jens> Yes, it is.
Ted> specific/interesting" in a generic way? Like
>>
Ted> :prefer '(:key :cert)
>>
Ted> which can also be one of these
>>
Ted> :prefer 'most-keys ;;; count of keys
Ted> :prefer 'most-detail ;;; length of serialized entry?
Ted> :prefer 'network-stream-keys ;;; knows to look for host, port, key, cert
>>
>> I始m not seeing a use case for this. Just saying 'find an entry with
>> :key and :cert' should be enough, and is easy to explain.
Jens> I don't have the bandwidth to implement anything along Ted's idea,
Jens> and I agree with Robert that keeping things simple here would be,
Jens> um, simpler.
Eli, OK for master, I presume? (I don始t think it would cause any
issues in emacs-30, but I始ve been wrong before 馃榾)
Robert
--
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#78189; Package
emacs.
(Thu, 08 May 2025 09:52:02 GMT)
Full text and
rfc822 format available.
Message #26 received at 78189 <at> debbugs.gnu.org (full text, mbox):
> From: Robert Pluim <rpluim <at> gmail.com>
> Cc: Ted Zlatanov <tzz <at> lifelogs.com>, Jens Schmidt
> <jschmidt4gnu <at> vodafonemail.de>, 78189 <at> debbugs.gnu.org
> Date: Tue, 06 May 2025 09:43:48 +0200
>
> >>>>> On Mon, 5 May 2025 22:29:29 +0200, Jens Schmidt via "Bug reports for GNU Emacs, the Swiss army knife of text editors" <bug-gnu-emacs <at> gnu.org> said:
>
> Jens> Thanks, Ted and Robert for your review and comments! And to Eli
> Jens> for keeping things going, as usual.
>
> Jens> On 2025-05-05 13:44, Robert Pluim wrote:
> >>>>>>> On Sun, 04 May 2025 16:15:01 -0400, Ted Zlatanov <tzz <at> lifelogs.com> said:
>
> >> Jens, I think your copyright assignment is on file?
>
> Jens> Yes, it is.
>
> Ted> specific/interesting" in a generic way? Like
> >>
> Ted> :prefer '(:key :cert)
> >>
> Ted> which can also be one of these
> >>
> Ted> :prefer 'most-keys ;;; count of keys
> Ted> :prefer 'most-detail ;;; length of serialized entry?
> Ted> :prefer 'network-stream-keys ;;; knows to look for host, port, key, cert
> >>
> >> I始m not seeing a use case for this. Just saying 'find an entry with
> >> :key and :cert' should be enough, and is easy to explain.
>
> Jens> I don't have the bandwidth to implement anything along Ted's idea,
> Jens> and I agree with Robert that keeping things simple here would be,
> Jens> um, simpler.
>
> Eli, OK for master, I presume? (I don始t think it would cause any
> issues in emacs-30, but I始ve been wrong before 馃榾)
Yes, master, please.
Thanks.
Added tag(s) fixed.
Request was from
Robert Pluim <rpluim <at> gmail.com>
to
control <at> debbugs.gnu.org.
(Mon, 12 May 2025 14:56:01 GMT)
Full text and
rfc822 format available.
bug marked as fixed in version 31.1, send any further explanations to
78189 <at> debbugs.gnu.org and Jens Schmidt <jschmidt4gnu <at> vodafonemail.de>
Request was from
Robert Pluim <rpluim <at> gmail.com>
to
control <at> debbugs.gnu.org.
(Mon, 12 May 2025 14:56:02 GMT)
Full text and
rfc822 format available.
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#78189; Package
emacs.
(Mon, 12 May 2025 14:57:01 GMT)
Full text and
rfc822 format available.
Message #33 received at 78189 <at> debbugs.gnu.org (full text, mbox):
tags 78189 fixed
close 78189 31.1
quit
>>>>> On Thu, 08 May 2025 12:51:31 +0300, Eli Zaretskii <eliz <at> gnu.org> said:
>> Eli, OK for master, I presume? (I don始t think it would cause any
>> issues in emacs-30, but I始ve been wrong before 馃榾)
Eli> Yes, master, please.
Eli> Thanks.
Pushed to master
d11570d80ee 2025-05-12T16:52:06+02:00 "Require key and cert when searching for client cert"
https://git.savannah.gnu.org/cgit/emacs.git/commit/?id=d11570d80ee18932ffb0ceed552313ada2879bcb
bug archived.
Request was from
Debbugs Internal Request <help-debbugs <at> gnu.org>
to
internal_control <at> debbugs.gnu.org.
(Tue, 10 Jun 2025 11:24:18 GMT)
Full text and
rfc822 format available.
This bug report was last modified 5 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.