Re: Opportunistic STARTTLS in smtpmail.el

[Lars Magne Ingebrigtsen]

Ted Zlatanov <address@hidden> writes:

> For example:
>
> (setq auth-sources '((:source (:user tzz :keyfile "mykeyfile" :host "myhost" 
> :port 587))
>                      "~/.authinfo.gpg"))
>
> I think that's cleaner since the inlined data maps nicely to the netrc format.

Won't this still require opening the ~/.authinfo.gpg file, or does it
stop searching after you've find the first match?

Anyway, I don't really like having long, complicated user-exposed
variables.  Users usually mess them up.  Putting stuff like this in a
file seems like a nice feature.  

Another idea occurred to me based on the /etc/passwd + /etc/secret
split, plus the password in-memory obfuscation code.  :-)

That is, if we allow lines like

machine smtp.mail.host login foo password .secrets.gpg:smtp1 port smtp keyfile 
mykeyfile

in ~/.authinfo and then have a ~/.secrets.gpg file with

smtp1 password bar

we could allow mixing the queries for open and secret credentials.

Let me explain.

The typical usage will be

(auth-source-search :host "smtp.mail.hos" :port "smtp")

which would return an auth-source object, but will not read
~/.secrets.gpg.  If we look at elements like :keyfile, we'll find the
:keyfile element.  If, however, we try to access the :password element,
auth-source.el will *then* open ~/.secrets.gpg, read it, and return the
password.

So we defer reading the ~/.secrets.gpg file to the very last possible
moment -- which is when we know that we actually need it.

-- 
(domestic pets only, the antidote for overdose, milk.)
  bloggy blog http://lars.ingebrigtsen.no/