[Emacs-diffs] /srv/bzr/emacs/trunk r107905: Allow using `server-auth-key

emacs-diffs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Emacs-diffs] /srv/bzr/emacs/trunk r107905: Allow using `server-auth-key

From:	Lars Ingebrigtsen
Subject:	[Emacs-diffs] /srv/bzr/emacs/trunk r107905: Allow using `server-auth-key' to set a permanent shared key
Date:	Sat, 14 Apr 2012 13:16:17 +0200
User-agent:	Bazaar (2.3.1)

------------------------------------------------------------
revno: 107905
fixes bug(s): http://debbugs.gnu.org/9423
author: Michal Nazarewicz <address@hidden>
committer: Lars Ingebrigtsen <address@hidden>
branch nick: trunk
timestamp: Sat 2012-04-14 13:16:17 +0200
message:
  Allow using `server-auth-key' to set a permanent shared key
  
  * server.el (server-auth-key): New variable.
  (server-generate-key): New function.
  (server-get-auth-key): New function.
  (server-start): Use the new variable and functions to allow
  setting a permanent server key.
modified:
  etc/NEWS
  lisp/ChangeLog
  lisp/server.el

=== modified file 'etc/NEWS'
--- a/etc/NEWS  2012-04-14 02:31:50 +0000
+++ b/etc/NEWS  2012-04-14 11:16:17 +0000
@@ -53,8 +53,11 @@
 ** which-function-mode now applies to all applicable major modes by default.
 
 ** erc will look up server/channel names via auth-source and use the
-   channel keys found, if any.
+channel keys found, if any.
 
+** The `server-auth-key' variable can be used to set a permanent
+shared key for Emacs Server.
+   
 ** Obsolete packages:
 
 *** mailpost.el

=== modified file 'lisp/ChangeLog'
--- a/lisp/ChangeLog    2012-04-14 06:28:57 +0000
+++ b/lisp/ChangeLog    2012-04-14 11:16:17 +0000
@@ -1,3 +1,11 @@
+2012-04-14  Michal Nazarewicz  <address@hidden>
+
+       * server.el (server-auth-key): New variable.
+       (server-generate-key): New function.
+       (server-get-auth-key): New function.
+       (server-start): Use the new variable and functions to allow
+       setting a permanent server key (bug#9423).
+
 2012-04-14  Leo Liu  <address@hidden>
 
        * vc/diff-mode.el (diff-file-prev/next): Fix typo.

=== modified file 'lisp/server.el'
--- a/lisp/server.el    2012-04-04 17:13:00 +0000
+++ b/lisp/server.el    2012-04-14 11:16:17 +0000
@@ -139,6 +139,33 @@
 ;;;###autoload
 (put 'server-auth-dir 'risky-local-variable t)
 
+(defcustom server-auth-key nil
+  "Server authentication key.
+
+Normally, authentication key is generated on random when server
+starts, which guarantees some level of security.  It is
+recommended to leave it that way.  Using a long-lived shared key
+may decrease security (especially since the key is transmitted as
+plain text).
+
+In some situations however, it can be difficult to share randomly
+generated password with remote hosts (eg. no shared directory),
+so you can set the key with this variable and then copy server
+file to remote host (with possible changes to IP address and/or
+port if that applies).
+
+The key must consist of 64 US-ASCII printable characters except
+for space (this means characters from ! to ~; or from code 33
+to 126).
+
+You can use \\[server-generate-key] to get a random authentication
+key."
+  :group 'server
+  :type '(choice
+         (const :tag "Random" nil)
+         (string :tag "Password"))
+  :version "24.2")
+
 (defcustom server-raise-frame t
   "If non-nil, raise frame when switching to a buffer."
   :group 'server
@@ -522,6 +549,32 @@
       (unless safe
        (error "The directory `%s' is unsafe" dir)))))
 
+(defun server-generate-key ()
+  "Generates and returns a random 64-byte strings of random chars
+in the range `!'..`~'. If called interactively, also inserts it
+into current buffer."
+  (interactive)
+  (let ((auth-key
+        (loop repeat 64
+              collect (+ 33 (random 94)) into auth
+              finally return (concat auth))))
+    (if (called-interactively-p)
+       (insert auth-key))
+    auth-key))
+
+(defun server-get-auth-key ()
+  "Returns server's authentication key.
+
+If `server-auth-key' is nil this function will just call
+`server-generate-key'.  Otherwise, if `server-auth-key' is
+a valid authentication it will return it.  Otherwise, it will
+signal an error."
+  (if server-auth-key
+    (if (string-match "^[!-~]\\{64\\}$" server-auth-key)
+        server-auth-key
+      (error "The key '%s' is invalid" server-auth-key))
+    (server-generate-key)))
+
 ;;;###autoload
 (defun server-start (&optional leave-dead inhibit-prompt)
   "Allow this Emacs process to be a server for client processes.
@@ -615,13 +668,7 @@
          (unless server-process (error "Could not start server process"))
          (process-put server-process :server-file server-file)
          (when server-use-tcp
-           (let ((auth-key
-                  (loop
-                   ;; The auth key is a 64-byte string of random chars in the
-                   ;; range `!'..`~'.
-                   repeat 64
-                   collect (+ 33 (random 94)) into auth
-                   finally return (concat auth))))
+           (let ((auth-key (server-get-auth-key)))
              (process-put server-process :auth-key auth-key)
              (with-temp-file server-file
                (set-buffer-multibyte nil)

[Prev in Thread]

Current Thread

[Next in Thread]

[Emacs-diffs] /srv/bzr/emacs/trunk r107905: Allow using `server-auth-key' to set a permanent shared key, Lars Ingebrigtsen <=

Prev by Date: [Emacs-diffs] /srv/bzr/emacs/emacs-24 r107829: * doc/emacs/glossary.texi (Glossary): Standardize on "text terminal" terminology.
Next by Date: [Emacs-diffs] /srv/bzr/emacs/trunk r107906: (server-generate-key): `called-interactively-p' requires a parameter.
Previous by thread: [Emacs-diffs] /srv/bzr/emacs/emacs-24 r107829: * doc/emacs/glossary.texi (Glossary): Standardize on "text terminal" terminology.
Next by thread: [Emacs-diffs] /srv/bzr/emacs/trunk r107906: (server-generate-key): `called-interactively-p' requires a parameter.
Index(es):
- Date
- Thread