Re: auth-source change default spec

emacs-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: auth-source change default spec

From:	Ted Zlatanov
Subject:	Re: auth-source change default spec
Date:	Mon, 30 Apr 2012 08:23:46 -0400
User-agent:	Gnus/5.130004 (Ma Gnus v0.4) Emacs/24.1.50 (gnu/linux)

On Sat, 28 Apr 2012 10:45:37 +1000 Tim Cross <address@hidden> wrote: 

TC> I've recently run into a minor problem with the auth-source library
TC> which I think is due to the default SPEC for auth-sources. I wanted
TC> some feedbak before logging a bug request and also wanted to make this
TC> possible issue visible asap given the need to get defaults sorted for
TC> the next release.

TC> The current default sorces spec (taken from recent emacs bzr sources) is

TC> ("~/.authinfo" "~/.authinfo.gpg" "~/.netrc")

TC> I think it should be changed to have .authinfo.gpg first in the
TC> list.

Could you please read through Emacs bug #9113?  It deals with this issue
at length.

http://comments.gmane.org/gmane.emacs.bugs/49377

I had the .gpg file first originally and would still like it to be
first, but the objections are quite reasonable.

TC> The reason is that if you already have a .authinfo.gpg file and then
TC> attempt to access a resource for which you don't yet have credentials
TC> and the search criteria specifies the :create option, because
TC> .authinfo is first, it will attempt to save the credentials in the
TC> .authinfo file and not .authinfo.gpg. If you have things configured to
TC> ask if you want to save (the default) it will ask if you want to save
TC> to .authinfo even when it is aware you have a .authinfo.gpg file. It
TC> does not appear to give you an option to change this.  If you just
TC> accept the defaults and you do use .authinfo.gpg, things will break
TC> when you add new credentials because it will create a .authinfo
TC> file.

I don't think anything is broken.  auth-source is simply respecting
`auth-sources' as it's supposed to.  Preferring the second source
because of some attribute (e.g. "it has the .gpg extension") is much
worse in terms of usability.

TC> Subsequent searches will never see the credentials you already have in
TC> your .authinfo.gpg file as the search stops it has found the .authinfo
TC> file.

I think that's correct behavior (most `auth-source-search' calls pass
:max 1 to get this effect).

TC> If this is not acceptable, I think the auth-source library may need to
TC> be enhanced so that it defaults to the gpg version of the file for
TC> saving when it knows one already exists.

I think it's much, much simpler to just ask the user to put the .gpg
file first in `auth-sources'.

Ted

[Prev in Thread]

Current Thread

[Next in Thread]

auth-source change default spec, Tim Cross, 2012/04/27
- Re: auth-source change default spec, Tim Cross, 2012/04/28
  - Re: auth-source change default spec, Stefan Monnier, 2012/04/28
    - Re: auth-source change default spec, Tim Cross, 2012/04/28
- Re: auth-source change default spec, Ted Zlatanov <=
  - Re: auth-source change default spec, Richard Riley, 2012/04/30
    - Re: auth-source change default spec, Tim Cross, 2012/04/30

Prev by Date: Re: [Emacs-diffs] /srv/bzr/emacs/emacs-24 r107925: Regenerate etc/refcards/*.pdf
Next by Date: Re: auth-source change default spec
Previous by thread: Re: auth-source change default spec
Next by thread: Re: auth-source change default spec
Index(es):
- Date
- Thread