emacs-erc
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#57956: 29.0.50; Add minimal authorization support to sasl-scram-rfc

From: J.P.
Subject: bug#57956: 29.0.50; Add minimal authorization support to sasl-scram-rfc
Date: Tue, 20 Sep 2022 06:06:37 -0700
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/29.0.50 (gnu/linux) 
Tags: patch

Hi people,

ERC plans on basing its SASL library on sasl.el and friends. Although
rare, authorization (or "authz") support is sometimes needed by IRC
administrators wanting to authenticate as other users. It's also
expected by at least one IRC-compliance test suite [1]. The PLAIN
implementation in sasl.el currently offers implicit support via the
`authenticator-name' client property (see `sasl-plain-response'). This
patch proposes we do much the same with sasl-scram-rfc.el.

As for specifics, I've encapsulated the actual prop-lookup and
header-construction details in a new function that's called indirectly
via a new top-level variable (although perhaps that's just unnecessary
or more suited to a user option). The only other change appears in
`sasl-scram--client-final-message'. It concerns the base64 encoding of
the GS2 header and the client proof, both of which currently suffer from
occasional whitespace complications [2].

Anyway, ERC would benefit greatly from these (or superior) changes
because we'd like to introduce `erc-compat' analogs in an upcoming
release (probably ERC 5.6). If anyone out there can spare the time,
your feedback would be greatly appreciated.

Thanks,
J.P.

P.S. Tests covering these changes appear in the patch sets for bug#29108
and bug#49860.


[1] Authz support for PLAIN, with SCRAM possibly on the way:

    https://github.com/progval/irctest/blob/master/irctest/client_tests/sasl.py

[2] Calling `base64-encode-string' with NO-LINE-BREAK set to t seems to
    solve the issue, which is likely related to this excerpt from
    https://www.rfc-editor.org/rfc/rfc5802#section-2.1:
 
     "The use of base64 in SCRAM is restricted to the canonical form
      with no whitespace."
 
    FWIW, I tried advising `base64-encode-string' to avoid having to
    submit a patch, but it seems the byte compiler precomputes the
    result for certain constant params, like `cbind-input' in
    `sasl-scram--client-final-message'.


In GNU Emacs 29.0.50 (build 2, x86_64-pc-linux-gnu, GTK+ Version
 3.24.34, cairo version 1.17.6) of 2022-09-19 built on localhost
Repository revision: 132d5cb0a3ec94afbb49772631861e00160ffffb
Repository branch: master
Windowing system distributor 'The X.Org Foundation', version 11.0.12014000
System Description: Fedora Linux 36 (Workstation Edition)

Configured using:
 'configure --enable-check-lisp-object-type --enable-checking=yes,glyphs
 'CFLAGS=-O0 -g3'
 PKG_CONFIG_PATH=:/usr/lib64/pkgconfig:/usr/share/pkgconfig'

Configured features:
ACL CAIRO DBUS FREETYPE GIF GLIB GMP GNUTLS GPM GSETTINGS HARFBUZZ JPEG
JSON LCMS2 LIBOTF LIBSELINUX LIBSYSTEMD LIBXML2 M17N_FLT MODULES NOTIFY
INOTIFY PDUMPER PNG RSVG SECCOMP SOUND SQLITE3 THREADS TIFF
TOOLKIT_SCROLL_BARS WEBP X11 XDBE XIM XINPUT2 XPM GTK3 ZLIB

Important settings:
  value of $LANG: en_US.UTF-8
  value of $XMODIFIERS: @im=ibus
  locale-coding-system: utf-8-unix

Major mode: Lisp Interaction

Minor modes in effect:
  tooltip-mode: t
  global-eldoc-mode: t
  eldoc-mode: t
  show-paren-mode: t
  electric-indent-mode: t
  mouse-wheel-mode: t
  tool-bar-mode: t
  menu-bar-mode: t
  file-name-shadow-mode: t
  global-font-lock-mode: t
  font-lock-mode: t
  blink-cursor-mode: t
  line-number-mode: t
  indent-tabs-mode: t
  transient-mark-mode: t
  auto-composition-mode: t
  auto-encryption-mode: t
  auto-compression-mode: t

Load-path shadows:
None found.

Features:
(shadow sort mail-extr emacsbug message mailcap yank-media puny dired
dired-loaddefs rfc822 mml mml-sec password-cache epa derived epg rfc6068
epg-config gnus-util text-property-search time-date subr-x mm-decode
mm-bodies mm-encode mail-parse rfc2231 mailabbrev gmm-utils mailheader
cl-loaddefs cl-lib sendmail rfc2047 rfc2045 ietf-drums mm-util
mail-prsvr mail-utils rmc iso-transl tooltip eldoc paren electric
uniquify ediff-hook vc-hooks lisp-float-type elisp-mode mwheel
term/x-win x-win term/common-win x-dnd tool-bar dnd fontset image
regexp-opt fringe tabulated-list replace newcomment text-mode lisp-mode
prog-mode register page tab-bar menu-bar rfn-eshadow isearch easymenu
timer select scroll-bar mouse jit-lock font-lock syntax font-core
term/tty-colors frame minibuffer nadvice seq simple cl-generic
indonesian philippine cham georgian utf-8-lang misc-lang vietnamese
tibetan thai tai-viet lao korean japanese eucjp-ms cp51932 hebrew greek
romanian slovak czech european ethiopic indian cyrillic chinese
composite emoji-zwj charscript charprop case-table epa-hook
jka-cmpr-hook help abbrev obarray oclosure cl-preloaded button loaddefs
faces cus-face macroexp files window text-properties overlay sha1 md5
base64 format env code-pages mule custom widget keymap
hashtable-print-readable backquote threads dbusbind inotify lcms2
dynamic-setting system-font-setting font-render-setting cairo
move-toolbar gtk x-toolkit xinput2 x multi-tty make-network-process
emacs)

Memory information:
((conses 16 36059 6198)
 (symbols 48 5107 0)
 (strings 32 13115 1641)
 (string-bytes 1 372299)
 (vectors 16 9247)
 (vector-slots 8 146583 10252)
 (floats 8 21 25)
 (intervals 56 220 0)
 (buffers 1000 10))

Attachment: 0001-Add-GS2-authorization-to-sasl-scram-rfc.patch
Description: Text Data

reply via email to
[Prev in Thread] Current Thread [Next in Thread]