[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Opportunistic STARTTLS in smtpmail.el

From: Lars Magne Ingebrigtsen
Subject: Re: Opportunistic STARTTLS in smtpmail.el
Date: Wed, 04 May 2011 00:04:06 +0200
User-agent: Gnus/5.110018 (No Gnus v0.18) Emacs/24.0.50 (gnu/linux)

Ted Zlatanov <address@hidden> writes:

> For example:
> (setq auth-sources '((:source (:user tzz :keyfile "mykeyfile" :host "myhost" 
> :port 587))
>                      "~/.authinfo.gpg"))
> I think that's cleaner since the inlined data maps nicely to the netrc format.

Won't this still require opening the ~/.authinfo.gpg file, or does it
stop searching after you've find the first match?

Anyway, I don't really like having long, complicated user-exposed
variables.  Users usually mess them up.  Putting stuff like this in a
file seems like a nice feature.  

Another idea occurred to me based on the /etc/passwd + /etc/secret
split, plus the password in-memory obfuscation code.  :-)

That is, if we allow lines like

machine smtp.mail.host login foo password .secrets.gpg:smtp1 port smtp keyfile 

in ~/.authinfo and then have a ~/.secrets.gpg file with

smtp1 password bar

we could allow mixing the queries for open and secret credentials.

Let me explain.

The typical usage will be

(auth-source-search :host "smtp.mail.hos" :port "smtp")

which would return an auth-source object, but will not read
~/.secrets.gpg.  If we look at elements like :keyfile, we'll find the
:keyfile element.  If, however, we try to access the :password element,
auth-source.el will *then* open ~/.secrets.gpg, read it, and return the

So we defer reading the ~/.secrets.gpg file to the very last possible
moment -- which is when we know that we actually need it.

(domestic pets only, the antidote for overdose, milk.)
  bloggy blog http://lars.ingebrigtsen.no/

reply via email to

[Prev in Thread] Current Thread [Next in Thread]