mirror of
https://git.savannah.gnu.org/git/emacs.git
synced 2024-11-21 06:55:39 +00:00
8903106bb7
* lisp/subr.el (if-let*, when-let*, if-let, when-let): Mark if-let and when-let obsolete (bug#73853 and elsewhere). Move docstring text around so that if-let* and when-let* descriptions no longer refer to if-let and when-let. * etc/NEWS: Announce the change. * admin/admin.el (reminder-for-release-blocking-bugs): * doc/misc/erc.texi (display-buffer): * lisp/ansi-color.el (ansi-color-apply) (ansi-color--face-vec-face): * lisp/ansi-osc.el (ansi-osc-apply-on-region) (ansi-osc-hyperlink): * lisp/arc-mode.el (archive-goto-file) (archive-next-file-displayer): * lisp/auth-source-pass.el (auth-source-pass-search) (auth-source-pass--parse-data) (auth-source-pass--find-match-many): * lisp/autorevert.el (auto-revert-notify-rm-watch): * lisp/buff-menu.el (Buffer-menu-unmark-all-buffers) (Buffer-menu-group-by-root): * lisp/calendar/parse-time.el (parse-iso8601-time-string): * lisp/cedet/pulse.el (pulse-tick): * lisp/comint.el (comint--fontify-input-ppss-flush-indirect) (comint--intersect-regions): * lisp/completion-preview.el (completion-preview--try-table) (completion-preview--capf-wrapper, completion-preview--update): * lisp/cus-edit.el (setopt--set) (custom-dirlocals-maybe-update-cons, custom-dirlocals-validate): * lisp/custom.el (load-theme): * lisp/descr-text.el (describe-char): * lisp/desktop.el (desktop--emacs-pid-running-p): * lisp/dired-x.el (menu): * lisp/dired.el (dired-font-lock-keywords) (dired-insert-directory, dired--insert-disk-space, dired-mode): * lisp/dnd.el (dnd-handle-multiple-urls): * lisp/dom.el (dom-remove-attribute): * lisp/emacs-lisp/byte-opt.el (byte-optimize-form-code-walker): * lisp/emacs-lisp/bytecomp.el (bytecomp--custom-declare): * lisp/emacs-lisp/comp-common.el (comp-function-type-spec): * lisp/emacs-lisp/comp-cstr.el (comp--all-classes) (comp-cstr-set-range-for-arithm, comp--cstr-union-1-no-mem) (comp-cstr-intersection-no-mem, comp-cstr-fixnum-p) (comp-cstr-type-p): * lisp/emacs-lisp/comp-run.el (comp-subr-trampoline-install) (native--compile-async): * lisp/emacs-lisp/comp.el (comp--get-function-cstr) (comp--function-pure-p, comp--intern-func-in-ctxt) (comp--addr-to-bb-name, comp--emit-assume, comp--maybe-add-vmvar) (comp--add-call-cstr, comp--compute-dominator-tree) (comp--dom-tree-walker, comp--ssa-rename) (comp--function-call-maybe-fold, comp--fwprop-call) (comp--call-optim-func): * lisp/emacs-lisp/edebug.el (edebug-global-prefix) (edebug-remove-instrumentation): * lisp/emacs-lisp/eieio.el (initialize-instance): * lisp/emacs-lisp/ert-x.el (ert-resource-directory): * lisp/emacs-lisp/ert.el (ert--expand-should-1) (ert-test-location, ert-write-junit-test-report) (ert-test--erts-test): * lisp/emacs-lisp/icons.el (icon-complete-spec, icon-string) (icons--create): * lisp/emacs-lisp/lisp-mode.el (lisp--local-defform-body-p): * lisp/emacs-lisp/loaddefs-gen.el (loaddefs-generate--make-autoload) (loaddefs-generate--parse-file): * lisp/emacs-lisp/multisession.el (multisession-edit-mode--revert, multisession-edit-value): * lisp/emacs-lisp/package-vc.el (package-vc--read-archive-data) (package-vc--version, package-vc--clone): * lisp/emacs-lisp/package.el (package--reload-previously-loaded): * lisp/emacs-lisp/pp.el (pp--insert-lisp): * lisp/emacs-lisp/subr-x.el (add-display-text-property): * lisp/emacs-lisp/tabulated-list.el (tabulated-list-print): * lisp/emacs-lisp/timer.el (run-at-time): * lisp/emacs-lisp/vtable.el (vtable-goto-table) (vtable-goto-column, vtable-update-object, vtable--insert-line) (vtable--compute-widths, vtable--make-keymap): * lisp/emacs-lisp/warnings.el (display-warning): * lisp/epa-file.el (epa-file-insert-file-contents): * lisp/epa.el (epa-show-key): * lisp/erc/erc-backend.el (erc--split-line, erc--conceal-prompt) (PRIVMSG, erc--get-isupport-entry): * lisp/erc/erc-button.el (erc-button-add-nickname-buttons) (erc--button-next): * lisp/erc/erc-common.el (erc--find-group): * lisp/erc/erc-fill.el (erc-fill, erc-fill-static) (erc-fill--wrap-escape-hidden-speaker) (erc-fill--wrap-unmerge-on-date-stamp) (erc-fill--wrap-massage-initial-message-post-clear) (erc-fill-wrap, erc-fill--wrap-rejigger-region): * lisp/erc/erc-goodies.el (erc--scrolltobottom-all) (erc--keep-place-indicator-on-window-buffer-change) (keep-place-indicator, erc--keep-place-indicator-adjust-on-clear) (erc-keep-place-move, erc--command-indicator-display): * lisp/erc/erc-ibuffer.el (erc-members): * lisp/erc/erc-join.el (erc-join--remove-requested-channel) (erc-autojoin--join): * lisp/erc/erc-networks.el (erc-networks--id-qualifying-init-parts, erc-networks--id-reload) (erc-networks--id-ensure-comparable) (erc-networks--reclaim-orphaned-target-buffers) (erc-networks--server-select): * lisp/erc/erc-nicks.el (erc-nicks-invert) (erc-nicks--redirect-face-widget-link, erc-nicks--highlight) (erc-nicks--highlight-button) (erc-nicks--list-faces-help-button-action, erc-nicks-list-faces) (erc-nicks-refresh, erc-nicks--colors-from-faces) (erc-nicks--track-prioritize) (erc-nicks--remember-face-for-track): * lisp/erc/erc-notify.el (querypoll, erc--querypoll-get-next) (erc--querypoll-on-352, erc--querypoll-send): * lisp/erc/erc-sasl.el (erc-sasl--read-password): * lisp/erc/erc-services.el (erc-services-issue-ghost-and-retry-nick): * lisp/erc/erc-speedbar.el (erc-speedbar--ensure, nickbar) (erc-speedbar-toggle-nicknames-window-lock) (erc-speedbar--compose-nicks-face): * lisp/erc/erc-stamp.el (erc-stamp--recover-on-reconnect) (erc-stamp-prefix-log-filter, erc--conceal-prompt) (erc--insert-timestamp-left, erc-insert-timestamp-right) (erc-stamp--defer-date-insertion-on-post-modify) (erc-insert-timestamp-left-and-right) (erc-stamp--redo-right-stamp-post-clear) (erc-stamp--reset-on-clear, erc-stamp--dedupe-date-stamps): * lisp/erc/erc-status-sidebar.el (bufbar) (erc-status-sidebar-prefer-target-as-name) (erc-status-sidebar-default-allsort, erc-status-sidebar-click): * lisp/erc/erc-track.el (erc-track--shortened-names-get) (erc-track--setup, erc-track--select-mode-line-face) (erc-track-modified-channels, erc-track--collect-faces-in) (erc-track--switch-buffer, erc-track--replace-killed-buffer): * lisp/erc/erc-truncate.el (erc-truncate--setup) (erc-truncate-buffer): * lisp/erc/erc.el (erc--ensure-query-member) (erc--ensure-query-members, erc--remove-channel-users-but) (erc--cusr-change-status, erc--find-mode, erc--update-modules) (erc-log-irc-protocol, erc--refresh-prompt) (erc--restore-important-text-props) (erc--order-text-properties-from-hash, erc-send-input-line) (erc-cmd-IGNORE, erc--unignore-user, erc-cmd-QUERY) (erc-cmd-BANLIST, erc--speakerize-nick) (erc--format-speaker-input-message, erc-channel-receive-names) (erc-send-current-line, erc-format-target-and/or-network) (erc-kill-buffer-function, erc-restore-text-properties) (erc--get-eq-comparable-cmd): * lisp/eshell/em-alias.el (eshell-maybe-replace-by-alias--which) (eshell-maybe-replace-by-alias): * lisp/eshell/em-glob.el (eshell-glob-convert): * lisp/eshell/em-pred.el (eshell-pred-user-or-group) (eshell-pred-file-time, eshell-pred-file-type) (eshell-pred-file-mode, eshell-pred-file-links) (eshell-pred-file-size): * lisp/eshell/em-prompt.el (eshell-forward-paragraph) (eshell-next-prompt): * lisp/eshell/esh-arg.el (eshell-resolve-current-argument): * lisp/eshell/esh-cmd.el (eshell-do-eval, eshell/which) (eshell-plain-command--which, eshell-plain-command): * lisp/eshell/esh-io.el (eshell-duplicate-handles) (eshell-protect-handles, eshell-get-target, eshell-close-target): * lisp/eshell/esh-proc.el (eshell-sentinel): * lisp/eshell/esh-var.el (eshell-parse-variable-ref) (eshell-get-variable, eshell-set-variable): * lisp/faces.el (face-at-point): * lisp/ffap.el (ffap-in-project): * lisp/filenotify.el (file-notify--rm-descriptor): * lisp/files-x.el (read-dir-locals-file) (connection-local-update-profile-variables) (connection-local-value): * lisp/files.el (file-remote-p, abbreviate-file-name) (set-auto-mode, hack-local-variables) (revert-buffer-restore-read-only): * lisp/find-dired.el (find-dired-sort-by-filename): * lisp/font-lock.el (font-lock--filter-keywords): * lisp/gnus/gnus-art.el (article-emojize-symbols): * lisp/gnus/gnus-int.el (gnus-close-server): * lisp/gnus/gnus-search.el (gnus-search-transform) (gnus-search-indexed-parse-output, gnus-search-server-to-engine): * lisp/gnus/gnus-sum.el (gnus-collect-urls, gnus-shorten-url): * lisp/gnus/gnus.el (gnus-check-backend-function): * lisp/gnus/message.el (message-send-mail): * lisp/gnus/mml.el (mml-generate-mime, mml-insert-mime-headers): * lisp/gnus/nnatom.el (nnatom--read-feed, nnatom--read-article) (nnatom--read-article-or-group-authors, nnatom--read-publish) (nnatom--read-update, nnatom--read-links): * lisp/gnus/nnfeed.el (nnfeed--read-server, nnfeed--write-server) (nnfeed--parse-feed, nnfeed--group-data, nnfeed-retrieve-article) (nnfeed-retrieve-headers, nnfeed--print-part) (nnfeed-request-article, nnfeed-request-group) (nnfeed-request-list, nnfeed--group-description) (nnfeed-request-group-description) (nnfeed-request-list-newsgroups, nnfeed-request-rename-group): * lisp/gnus/nnmh.el (nnmh-update-gnus-unreads): * lisp/help-fns.el (help-find-source) (help-fns--insert-menu-bindings, help-fns--mention-first-release) (help-fns--mention-shortdoc-groups) (help-fns--customize-variable-version) (help-fns--face-custom-version-info, describe-mode): * lisp/help-mode.el (help-make-xrefs): * lisp/help.el (help-key-description, help--describe-command): * lisp/hfy-cmap.el (htmlfontify-load-rgb-file): * lisp/ibuf-ext.el (ibuffer-jump-to-filter-group) (ibuffer-kill-filter-group, ibuffer-kill-line) (ibuffer-save-filter-groups, ibuffer-save-filters, filename) (basename, file-extension, ibuffer-diff-buffer-with-file-1) (ibuffer-mark-by-file-name-regexp) (ibuffer-mark-by-content-regexp): * lisp/ibuf-macs.el (ibuffer-aif, ibuffer-awhen): * lisp/ibuffer.el (ibuffer-mouse-toggle-mark) (ibuffer-toggle-marks, ibuffer-mark-interactive) (ibuffer-compile-format, process, ibuffer-map-lines): * lisp/image.el (image--compute-map) (image--compute-original-map): * lisp/image/exif.el (exif-parse-buffer): * lisp/image/image-converter.el (image-convert-p, image-convert) (image-converter--find-converter): * lisp/image/image-dired-util.el (image-dired-file-name-at-point): * lisp/image/image-dired.el (image-dired-track-original-file) (image-dired--on-file-in-dired-buffer) (image-dired--with-thumbnail-buffer) (image-dired-jump-original-dired-buffer) (image-dired--slideshow-step, image-dired-display-image): * lisp/image/wallpaper.el (wallpaper--init-action-kill) (wallpaper--find-setter, wallpaper--find-command) (wallpaper--find-command-args, wallpaper--x-monitor-name): * lisp/info-look.el (info-lookup-interactive-arguments) (info-complete)::(:mode): * lisp/info.el (info-pop-to-buffer, Info-read-node-name-1): * lisp/international/emoji.el (emoji--adjust-displayable-1) (emoji--add-recent): * lisp/jsonrpc.el (jsonrpc--call-deferred) (jsonrpc--process-sentinel, jsonrpc--remove): * lisp/keymap.el (keymap-local-lookup): * lisp/mail/emacsbug.el (report-emacs-bug-hook) (submit-emacs-patch): * lisp/mail/ietf-drums.el (ietf-drums-parse-addresses): * lisp/mail/mailclient.el (mailclient-send-it): * lisp/mail/rfc6068.el (rfc6068-parse-mailto-url): * lisp/mail/undigest.el (rmail-digest-parse-mixed-mime): * lisp/minibuffer.el (completion-metadata-get) (completions--after-change) (minibuffer-visible-completions--filter): * lisp/net/browse-url.el (browse-url-url-at-point) (browse-url-file-url, browse-url-emacs): * lisp/net/dbus.el (dbus-byte-array-to-string) (dbus-monitor-goto-serial): * lisp/net/dictionary.el (dictionary-search): * lisp/net/eww.el (eww--download-directory) (eww-auto-rename-buffer, eww-open-in-new-buffer, eww-submit) (eww-follow-link, eww-read-alternate-url) (eww-copy-alternate-url): * lisp/net/goto-addr.el (goto-address-at-point): * lisp/net/mailcap.el (mailcap-mime-info): * lisp/net/rcirc.el (rcirc, rcirc-connect, rcirc-send-string) (rcirc-kill-buffer-hook, rcirc-print, rcirc-when) (rcirc-color-attributes, rcirc-handler-NICK) (rcirc-handler-TAGMSG, rcirc-handler-BATCH): * lisp/net/shr.el (shr-descend, shr-adaptive-fill-function) (shr-correct-dom-case, shr-tag-a): * lisp/net/sieve.el (sieve-manage-quit): * lisp/outline.el (outline-cycle-buffer): * lisp/pcmpl-git.el (pcmpl-git--tracked-file-predicate): * lisp/proced.el (proced-auto-update-timer): * lisp/progmodes/bug-reference.el (bug-reference-try-setup-from-vc): * lisp/progmodes/c-ts-common.el (c-ts-common--fill-paragraph): * lisp/progmodes/c-ts-mode.el (c-ts-mode--preproc-offset) (c-ts-mode--anchor-prev-sibling, c-ts-mode-indent-defun): * lisp/progmodes/compile.el (compilation-error-properties) (compilation-find-file-1): * lisp/progmodes/eglot.el (eglot--check-object) (eglot--read-server, eglot-upgrade-eglot) (eglot-handle-notification, eglot--CompletionParams) (eglot-completion-at-point, eglot--sig-info) (eglot-register-capability): * lisp/progmodes/elisp-mode.el (emacs-lisp-native-compile-and-load) (elisp-eldoc-var-docstring-with-value): * lisp/progmodes/erts-mode.el (erts-mode--goto-start-of-test): * lisp/progmodes/flymake.el (flymake--update-eol-overlays) (flymake-eldoc-function): * lisp/progmodes/gdb-mi.el (gdb-breakpoints-list-handler-custom) (gdb-frame-handler): * lisp/progmodes/go-ts-mode.el (go-ts-mode-docstring) (go-ts-mode--comment-on-previous-line-p) (go-ts-mode--get-test-regexp-at-point) (go-ts-mode-test-this-file): * lisp/progmodes/grep.el (lgrep, rgrep-default-command) (grep-file-at-point): * lisp/progmodes/perl-mode.el (perl--end-of-format-p): * lisp/progmodes/php-ts-mode.el (php-ts-mode--anchor-prev-sibling, php-ts-mode--indent-defun): * lisp/progmodes/project.el (project--other-place-command) (project--find-default-from, project--transplant-file-name) (project-prefixed-buffer-name, project--remove-from-project-list) (project-prompt-project-name, project-remember-projects-under) (project--switch-project-command) (project-uniquify-dirname-transform, project-mode-line-format): * lisp/progmodes/python.el (python-font-lock-keywords-maximum-decoration) (python--treesit-fontify-union-types) (python-shell-get-process-name, python-shell-restart) (python-shell-completion-at-point, python-ffap-module-path) (python-util-comint-end-of-output-p, python--import-sources) (python-add-import, python-remove-import, python-fix-imports): * lisp/progmodes/xref.el (xref--add-log-current-defun): * lisp/repeat.el (repeat-echo-message-string): * lisp/saveplace.el (save-place-dired-hook): * lisp/server.el (server-save-buffers-kill-terminal): * lisp/shadowfile.el (shadow-make-fullname) (shadow-contract-file-name, shadow-define-literal-group): * lisp/shell.el (shell-highlight-undef-mode): * lisp/simple.el (command-completion-using-modes-p) (command-execute, file-user-uid, file-group-gid) (first-completion, last-completion, switch-to-completions): * lisp/startup.el (startup--load-user-init-file): * lisp/tab-line.el (tab-line-tabs-buffer-group-by-project): * lisp/tar-mode.el (tar-goto-file, tar-next-file-displayer): * lisp/term/android-win.el (android-encode-select-string) (gui-backend-set-selection): * lisp/term/haiku-win.el (haiku-dnd-convert-string) (haiku-select-encode-xstring, haiku-select-encode-utf-8-string): * lisp/textmodes/emacs-news-mode.el (emacs-news--buttonize): * lisp/textmodes/ispell.el (ispell-completion-at-point): * lisp/textmodes/sgml-mode.el (sgml-validate) (html-mode--complete-at-point): * lisp/textmodes/tex-mode.el (tex-recenter-output-buffer) (xref-backend-references): * lisp/thingatpt.el (thing-at-point-file-at-point) (thing-at-point-face-at-point): * lisp/thread.el (thread-list--get-status): * lisp/time.el (world-clock-copy-time-as-kill, world-clock): * lisp/touch-screen.el (touch-screen-handle-touch): * lisp/treesit.el (treesit-language-at, treesit-node-at) (treesit-node-on, treesit-buffer-root-node) (treesit-node-field-name, treesit-local-parsers-at) (treesit-local-parsers-on, treesit--cleanup-local-range-overlays) (treesit-font-lock-recompute-features) (treesit-font-lock-fontify-region, treesit-transpose-sexps) (treesit-add-log-current-defun, treesit-major-mode-setup) (treesit--explorer-refresh, treesit-install-language-grammar): * lisp/url/url.el (url-retrieve-synchronously): * lisp/vc/smerge-mode.el (smerge-diff): * lisp/vc/vc-dir.el (vc-dir): * lisp/vc/vc-dispatcher.el (vc-do-async-command): * lisp/vc/vc-git.el (vc-git-dir--branch-headers) (vc-git-dir--stash-headers, vc-git--log-edit-summary-check) (vc-git-stash-list): * lisp/vc/vc.el (vc-responsible-backend, vc-buffer-sync-fileset) (vc-clone): * lisp/visual-wrap.el (visual-wrap--apply-to-line): * lisp/wid-edit.el (widget-text) (widget-editable-list-insert-before): * lisp/window-tool-bar.el (window-tool-bar--keymap-entry-to-string): * lisp/window.el (display-buffer, display-buffer-full-frame) (window-point-context-set, window-point-context-use) (window-point-context-use-default-function): * lisp/xdg.el (xdg-current-desktop): * lisp/xwidget.el (xwidget-webkit-callback): * lisp/yank-media.el (yank-media--get-selection) (yank-media-types): * test/lisp/comint-tests.el (comint-tests/test-password-function): * test/lisp/completion-preview-tests.el (completion-preview-tests--capf): * test/lisp/cus-edit-tests.el (with-cus-edit-test): * test/lisp/erc/erc-scenarios-base-local-modules.el (-phony-sblm-): * test/lisp/erc/erc-scenarios-stamp.el (erc-scenarios-stamp--on-post-modify): * test/lisp/erc/erc-services-tests.el (erc-services-tests--asp-parse-entry): * test/lisp/erc/erc-tests.el (erc-modules--internal-property) (erc--find-mode, erc-tests--update-modules): * test/lisp/erc/resources/erc-d/erc-d-i.el (erc-d-i--parse-message): * test/lisp/erc/resources/erc-d/erc-d-t.el (erc-d-t-kill-related-buffers, erc-d-t-with-cleanup): * test/lisp/erc/resources/erc-d/erc-d-tests.el (erc-d-i--parse-message--irc-parser-tests): * test/lisp/erc/resources/erc-d/erc-d-u.el (erc-d-u--read-exchange-slowly): * test/lisp/erc/resources/erc-d/erc-d.el (erc-d--expire) (erc-d--finalize-done, erc-d--command-handle-all): * test/lisp/erc/resources/erc-scenarios-common.el (erc-scenarios-common-with-cleanup): * test/lisp/erc/resources/erc-tests-common.el (erc-tests--common-display-message) (erc-tests-common-create-subprocess): * test/lisp/ibuffer-tests.el (ibuffer-test-Bug25058): * test/lisp/international/mule-tests.el (mule-cmds-tests--ucs-names-missing-names): * test/lisp/progmodes/python-tests.el (python-tests-get-shell-interpreter) (python-tests--get-interpreter-info): * test/lisp/progmodes/ruby-ts-mode-tests.el (ruby-ts-resource-file): * test/lisp/replace-tests.el (replace-tests-with-undo): * test/src/emacs-tests.el (emacs-tests--seccomp-debug): * test/src/process-tests.el (process-tests--emacs-command) (process-tests--emacs-binary, process-tests--dump-file): * test/src/treesit-tests.el (treesit--ert-test-defun-navigation): Replace use of the now-obsolete if-let and when-let.
447 lines
19 KiB
EmacsLisp
447 lines
19 KiB
EmacsLisp
;;; erc-sasl.el --- SASL for ERC -*- lexical-binding: t -*-
|
|
|
|
;; Copyright (C) 2022-2024 Free Software Foundation, Inc.
|
|
;;
|
|
;; This file is part of GNU Emacs.
|
|
;;
|
|
;; GNU Emacs is free software: you can redistribute it and/or modify
|
|
;; it under the terms of the GNU General Public License as published
|
|
;; by the Free Software Foundation, either version 3 of the License,
|
|
;; or (at your option) any later version.
|
|
;;
|
|
;; GNU Emacs is distributed in the hope that it will be useful, but
|
|
;; WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
;; General Public License for more details.
|
|
;;
|
|
;; You should have received a copy of the GNU General Public License
|
|
;; along with GNU Emacs. If not, see <https://www.gnu.org/licenses/>.
|
|
|
|
;;; Commentary:
|
|
|
|
;; This "non-IRCv3" implementation resembles others that have surfaced
|
|
;; over the years, the first possibly being from Joseph Gay:
|
|
;;
|
|
;; https://lists.gnu.org/archive/html/erc-discuss/2012-02/msg00001.html
|
|
;;
|
|
;; See M-x customize-group RET erc-sasl RET and (info "(erc) SASL")
|
|
;; for usage.
|
|
;;
|
|
;; TODO:
|
|
;;
|
|
;; - Obfuscate non-auth-source passwords in memory. They're currently
|
|
;; visible in backtraces.
|
|
;;
|
|
;; - Implement a proxy mechanism that chooses the strongest available
|
|
;; mechanism for you. Requires CAP 3.2 (see bug#49860).
|
|
;;
|
|
;; - Integrate with whatever solution ERC eventually settles on to
|
|
;; handle user options for different network contexts. At the
|
|
;; moment, this does its own thing for stashing and restoring
|
|
;; session options, but ERC should make abstractions available for
|
|
;; all local modules to use, possibly based on connection-local
|
|
;; variables.
|
|
|
|
;;; Code:
|
|
(require 'erc)
|
|
(require 'rx)
|
|
(require 'sasl)
|
|
(require 'sasl-scram-rfc)
|
|
(require 'sasl-scram-sha256 nil t) ; not present in Emacs 27
|
|
|
|
(defgroup erc-sasl nil
|
|
"SASL for ERC."
|
|
:group 'erc
|
|
:package-version '(ERC . "5.5"))
|
|
|
|
(defcustom erc-sasl-mechanism 'plain
|
|
"SASL mechanism to connect with.
|
|
Note that any value other than nil or `external' likely requires
|
|
`erc-sasl-user' and `erc-sasl-password'."
|
|
:type '(choice (const plain)
|
|
(const external)
|
|
(const scram-sha-1)
|
|
(const scram-sha-256)
|
|
(const scram-sha-512)
|
|
(const ecdsa-nist256p-challenge)))
|
|
|
|
(defcustom erc-sasl-user :user
|
|
"Account username to send when authenticating.
|
|
This option specifies the SASL authentication identity, or
|
|
\"authcid\". A value of `:user' or `:nick' indicates that the
|
|
corresponding connection parameter on file should be used. ERC
|
|
typically obtains these from arguments given to its entry-point
|
|
commands, `erc' and `erc-tls'."
|
|
:type '(choice string (const :user) (const :nick)))
|
|
|
|
(defcustom erc-sasl-password :password
|
|
"Optional account password to send when authenticating.
|
|
When `erc-sasl-auth-source-function' is a function, ERC attempts
|
|
an auth-source query and prompts for input if it fails.
|
|
Otherwise, when the value of this option is a nonempty string,
|
|
ERC uses it unconditionally for most mechanisms. Likewise with a
|
|
value of `:password', except ERC instead uses the \"session
|
|
password\" on file, if any, which often originates from the
|
|
entry-point commands `erc' or `erc-tls'. As with auth-source,
|
|
ERC prompts for input as a fallback.
|
|
|
|
Note that, with `:password', ERC forgoes sending a traditional
|
|
server password via the IRC \"PASS\" command. Also, when
|
|
`erc-sasl-mechanism' is set to `ecdsa-nist256p-challenge', ERC
|
|
expects this option to hold the file name of the key."
|
|
:type '(choice (const nil) (const :password) string symbol))
|
|
|
|
(defcustom erc-sasl-auth-source-function nil
|
|
"Function to query auth-source for an SASL password.
|
|
If provided, this function should expect to be called with any
|
|
number of keyword params known to `auth-source-search', even
|
|
though ERC itself only specifies `:user' paired with a
|
|
\"resolved\" `erc-sasl-user' value. When calling this function,
|
|
ERC binds all options defined in this library, such as
|
|
`erc-sasl-password', to their values from entry-point invocation.
|
|
In return, ERC expects a string to send as the SASL password, or
|
|
nil, in which case, ERC prompts for input. See Info node `(erc)
|
|
auth-source' for details on ERC's auth-source integration."
|
|
:type '(choice (function-item erc-sasl-auth-source-password-as-host)
|
|
(function-item erc-auth-source-search)
|
|
(const nil)
|
|
function))
|
|
|
|
(defcustom erc-sasl-authzid nil
|
|
"SASL authorization identity, likely unneeded for everyday use."
|
|
:type '(choice (const nil) string))
|
|
|
|
|
|
;; Analogous to what erc-backend does to persist opening params.
|
|
(defvar-local erc-sasl--options nil)
|
|
|
|
;; Session-local (server buffer) SASL subproto state
|
|
(defvar-local erc-sasl--state nil)
|
|
|
|
(cl-defstruct erc-sasl--state
|
|
"Holder for client object and subproto state."
|
|
(client nil :type vector)
|
|
(step nil :type vector)
|
|
(pending nil :type string))
|
|
|
|
(defun erc-sasl--get-user ()
|
|
(pcase (alist-get 'user erc-sasl--options)
|
|
(:user erc-session-username)
|
|
(:nick (erc-current-nick))
|
|
(v v)))
|
|
|
|
(defun erc-sasl-auth-source-password-as-host (&rest plist)
|
|
"Call `erc-auth-source-search' with `erc-sasl-password' as `:host'.
|
|
But only do so when it's a string or a non-nil symbol, unless
|
|
that symbol is `:password', in which case, use a non-nil
|
|
`erc-session-password' instead. Otherwise, just defer to
|
|
`erc-auth-source-search' to pick a suitable `:host'. Expect
|
|
PLIST to contain keyword params known to `auth-source-search'."
|
|
(when-let* ((erc-sasl-password)
|
|
(host (if (eq :password erc-sasl-password)
|
|
(and (not (functionp erc-session-password))
|
|
erc-session-password)
|
|
erc-sasl-password)))
|
|
(setq plist `(,@plist :host ,(format "%s" host))))
|
|
(apply #'erc-auth-source-search plist))
|
|
|
|
(defun erc-sasl--read-password (prompt)
|
|
"Return configured option or server password.
|
|
If necessary, pass PROMPT to `read-passwd'."
|
|
(if-let* ((found (pcase (alist-get 'password erc-sasl--options)
|
|
((guard (alist-get 'authfn erc-sasl--options))
|
|
(let-alist erc-sasl--options
|
|
(let ((erc-sasl-user .user)
|
|
(erc-sasl-password .password)
|
|
(erc-sasl-mechanism .mechanism)
|
|
(erc-sasl-authzid .authzid)
|
|
(erc-sasl-auth-source-function .authfn))
|
|
(funcall .authfn :user (erc-sasl--get-user)))))
|
|
(:password erc-session-password)
|
|
((and (pred stringp) v) (unless (string-empty-p v) v)))))
|
|
(copy-sequence (erc--unfun found))
|
|
(read-passwd prompt)))
|
|
|
|
(defun erc-sasl--plain-response (client steps)
|
|
(let ((sasl-read-passphrase #'erc-sasl--read-password))
|
|
(sasl-plain-response client steps)))
|
|
|
|
(declare-function erc-compat--29-sasl-scram--client-final-message "erc-compat"
|
|
(hash-fun block-length hash-length client step))
|
|
|
|
(defun erc-sasl--scram-sha-hack-client-final-message (&rest args)
|
|
;; In the future (29+), we'll hopefully be able to call
|
|
;; `sasl-scram--client-final-message' directly
|
|
(require 'erc-compat)
|
|
(let ((sasl-read-passphrase #'erc-sasl--read-password))
|
|
(apply #'erc-compat--29-sasl-scram--client-final-message args)))
|
|
|
|
(defun erc-sasl--scram-sha-1-client-final-message (client step)
|
|
(erc-sasl--scram-sha-hack-client-final-message 'sha1 64 20 client step))
|
|
|
|
(defun erc-sasl--scram-sha-256-client-final-message (client step)
|
|
(erc-sasl--scram-sha-hack-client-final-message 'sasl-scram-sha256 64 32
|
|
client step))
|
|
|
|
(defun erc-sasl--scram-sha512 (object &optional start end binary)
|
|
(secure-hash 'sha512 object start end binary))
|
|
|
|
(defun erc-sasl--scram-sha-512-client-final-message (client step)
|
|
(erc-sasl--scram-sha-hack-client-final-message #'erc-sasl--scram-sha512
|
|
128 64 client step))
|
|
|
|
(defun erc-sasl--scram-sha-512-authenticate-server (client step)
|
|
(sasl-scram--authenticate-server #'erc-sasl--scram-sha512
|
|
128 64 client step))
|
|
|
|
(defun erc-sasl--ecdsa-first (client _step)
|
|
"Return CLIENT name."
|
|
(sasl-client-name client))
|
|
|
|
;; FIXME do this with gnutls somehow
|
|
(defun erc-sasl--ecdsa-sign (client step)
|
|
"Return signed challenge for CLIENT and current STEP."
|
|
(let ((challenge (sasl-step-data step)))
|
|
(with-temp-buffer
|
|
(set-buffer-multibyte nil)
|
|
(insert challenge)
|
|
(call-process-region (point-min) (point-max)
|
|
"openssl" 'delete t nil "pkeyutl" "-inkey"
|
|
(sasl-client-property client 'ecdsa-keyfile)
|
|
"-sign")
|
|
(buffer-string))))
|
|
|
|
(pcase-dolist
|
|
(`(,name . ,steps)
|
|
'(("PLAIN"
|
|
erc-sasl--plain-response)
|
|
("EXTERNAL"
|
|
ignore)
|
|
("SCRAM-SHA-1"
|
|
erc-compat--29-sasl-scram-client-first-message
|
|
erc-sasl--scram-sha-1-client-final-message
|
|
sasl-scram-sha-1-authenticate-server)
|
|
("SCRAM-SHA-256"
|
|
erc-compat--29-sasl-scram-client-first-message
|
|
erc-sasl--scram-sha-256-client-final-message
|
|
sasl-scram-sha-256-authenticate-server)
|
|
("SCRAM-SHA-512"
|
|
erc-compat--29-sasl-scram-client-first-message
|
|
erc-sasl--scram-sha-512-client-final-message
|
|
erc-sasl--scram-sha-512-authenticate-server)
|
|
("ECDSA-NIST256P-CHALLENGE"
|
|
erc-sasl--ecdsa-first
|
|
erc-sasl--ecdsa-sign)))
|
|
(let ((feature (intern (concat "erc-sasl-" (downcase name)))))
|
|
(put feature 'sasl-mechanism (sasl-make-mechanism name steps))
|
|
(provide feature)))
|
|
|
|
(cl-defgeneric erc-sasl--create-client (mechanism)
|
|
"Create and return a new SASL client object for MECHANISM."
|
|
(let ((sasl-mechanism-alist (copy-sequence sasl-mechanism-alist))
|
|
(sasl-mechanisms sasl-mechanisms)
|
|
(name (upcase (symbol-name mechanism)))
|
|
(feature (intern-soft (concat "erc-sasl-" (symbol-name mechanism))))
|
|
client)
|
|
(when feature
|
|
(setf (alist-get name sasl-mechanism-alist nil nil #'equal) `(,feature))
|
|
(cl-pushnew name sasl-mechanisms :test #'equal)
|
|
(setq client (sasl-make-client (sasl-find-mechanism (list name))
|
|
(erc-sasl--get-user)
|
|
"N/A" "N/A"))
|
|
(sasl-client-set-property client 'authenticator-name
|
|
(alist-get 'authzid erc-sasl--options))
|
|
client)))
|
|
|
|
(cl-defmethod erc-sasl--create-client ((_ (eql plain)))
|
|
"Create and return a new PLAIN client object."
|
|
;; https://tools.ietf.org/html/rfc4616#section-2.
|
|
(let* ((sans (remq (assoc "PLAIN" sasl-mechanism-alist)
|
|
sasl-mechanism-alist))
|
|
(sasl-mechanism-alist (cons '("PLAIN" erc-sasl-plain) sans))
|
|
(authc (erc-sasl--get-user))
|
|
(port (if (numberp erc-session-port)
|
|
(number-to-string erc-session-port)
|
|
"0"))
|
|
;; In most cases, `erc-server-announced-name' won't be known.
|
|
(host (or erc-server-announced-name erc-session-server))
|
|
(mech (sasl-find-mechanism '("PLAIN")))
|
|
(client (sasl-make-client mech authc port host)))
|
|
(sasl-client-set-property client 'authenticator-name
|
|
(alist-get 'authzid erc-sasl--options))
|
|
client))
|
|
|
|
(cl-defmethod erc-sasl--create-client ((_ (eql scram-sha-256)))
|
|
"Create and return a new SCRAM-SHA-256 client."
|
|
(when (featurep 'sasl-scram-sha256)
|
|
(cl-call-next-method)))
|
|
|
|
(cl-defmethod erc-sasl--create-client ((_ (eql scram-sha-512)))
|
|
"Create and return a new SCRAM-SHA-512 client."
|
|
(when (featurep 'sasl-scram-sha256)
|
|
(cl-call-next-method)))
|
|
|
|
(cl-defmethod erc-sasl--create-client ((_ (eql ecdsa-nist256p-challenge)))
|
|
"Create and return a new ECDSA-NIST256P-CHALLENGE client."
|
|
(let ((keyfile (cdr (assq 'password erc-sasl--options))))
|
|
;; Better to signal usage errors now than inside a process filter.
|
|
(cond ((or (not (stringp keyfile)) (not (file-readable-p keyfile)))
|
|
(erc-display-error-notice
|
|
nil "`erc-sasl-password' not accessible as a file")
|
|
nil)
|
|
((not (executable-find "openssl"))
|
|
(erc-display-error-notice nil "Could not find openssl program")
|
|
nil)
|
|
(t
|
|
(let ((client (cl-call-next-method)))
|
|
(sasl-client-set-property client 'ecdsa-keyfile keyfile)
|
|
client)))))
|
|
|
|
(defun erc-sasl--mechanism-offered-p (offered)
|
|
"Return non-nil when OFFERED appears among a list of mechanisms."
|
|
(string-match-p (rx-to-string
|
|
`(: (| bot ",")
|
|
,(symbol-name (alist-get 'mechanism erc-sasl--options))
|
|
(| eot ",")))
|
|
(downcase offered)))
|
|
|
|
(erc--define-catalog english
|
|
((s902 . "ERR_NICKLOCKED nick %n unavailable: %s")
|
|
(s904 . "ERR_SASLFAIL (authentication failed) %s")
|
|
(s905 . "ERR SASLTOOLONG (credentials too long) %s")
|
|
(s906 . "ERR_SASLABORTED (authentication aborted) %s")
|
|
(s907 . "ERR_SASLALREADY (already authenticated) %s")
|
|
(s908 . "RPL_SASLMECHS (unsupported mechanism: %m) %s")))
|
|
|
|
(define-erc-module sasl nil
|
|
"Non-IRCv3 SASL support for ERC.
|
|
This doesn't solicit or validate a suite of supported mechanisms."
|
|
;; See bug#49860 for a CAP 3.2-aware WIP implementation.
|
|
((unless erc--target
|
|
(setq erc-sasl--state (make-erc-sasl--state))
|
|
;; If the previous attempt failed during registration, this may be
|
|
;; non-nil and contain erroneous values, but how can we detect that?
|
|
;; What if the server dropped the connection for some other reason?
|
|
(erc--restore-initialize-priors erc-sasl-mode
|
|
erc-sasl--options `((user . ,erc-sasl-user)
|
|
(password . ,erc-sasl-password)
|
|
(mechanism . ,erc-sasl-mechanism)
|
|
(authfn . ,erc-sasl-auth-source-function)
|
|
(authzid . ,erc-sasl-authzid)))
|
|
(let* ((mech (alist-get 'mechanism erc-sasl--options))
|
|
(client (erc-sasl--create-client mech)))
|
|
(unless client
|
|
(erc-display-error-notice
|
|
nil (format "Unknown or unsupported SASL mechanism: `%s'" mech))
|
|
(error "Unknown or unsupported SASL mechanism: `%s'" mech))
|
|
(setf (erc-sasl--state-client erc-sasl--state) client))))
|
|
((kill-local-variable 'erc-sasl--state)
|
|
(kill-local-variable 'erc-sasl--options))
|
|
'local)
|
|
|
|
(define-erc-response-handler (AUTHENTICATE)
|
|
"Begin or resume an SASL session." nil
|
|
(if-let* ((response (car (erc-response.command-args parsed)))
|
|
((= 400 (length response))))
|
|
(cl-callf (lambda (s) (concat s response))
|
|
(erc-sasl--state-pending erc-sasl--state))
|
|
(cl-assert response t)
|
|
(when (string= "+" response)
|
|
(setq response ""))
|
|
(setf response (base64-decode-string
|
|
(concat (erc-sasl--state-pending erc-sasl--state)
|
|
response))
|
|
(erc-sasl--state-pending erc-sasl--state) nil)
|
|
(let ((client (erc-sasl--state-client erc-sasl--state))
|
|
(step (erc-sasl--state-step erc-sasl--state))
|
|
data)
|
|
(when step
|
|
(sasl-step-set-data step response))
|
|
(setq step (setf (erc-sasl--state-step erc-sasl--state)
|
|
(sasl-next-step client step))
|
|
data (sasl-step-data step))
|
|
(when (string= data "")
|
|
(setq data nil))
|
|
(setq data (if data (erc--unfun (base64-encode-string data t)) "+"))
|
|
(while (not (string-empty-p data))
|
|
(let ((end (min 400 (length data))))
|
|
;; For now, assume this is unlikely to block
|
|
(erc-server-send (concat "AUTHENTICATE " (substring data 0 end)))
|
|
(setq data (concat (substring data end) (and (= end 400) "+"))))))))
|
|
|
|
(defun erc-sasl--destroy (proc)
|
|
"Destroy process PROC and warn user that their settings are likely faulty."
|
|
(delete-process proc)
|
|
(erc--lwarn 'erc-sasl :error
|
|
"Disconnected from %s; please review SASL settings" proc)
|
|
nil)
|
|
|
|
(define-erc-response-handler (902)
|
|
"Handle an ERR_NICKLOCKED response." nil
|
|
(erc-display-message parsed '(notice error) 'active 's902
|
|
?n (car (erc-response.command-args parsed))
|
|
?s (erc-response.contents parsed))
|
|
(erc-sasl--destroy proc))
|
|
|
|
(define-erc-response-handler (903)
|
|
"Handle a RPL_SASLSUCCESS response." nil
|
|
(when erc-sasl-mode
|
|
(unless erc-server-connected
|
|
(erc-server-send "CAP END")))
|
|
(erc-display-message parsed 'notice proc (erc-response.contents parsed)))
|
|
|
|
(define-erc-response-handler (907)
|
|
"Handle a RPL_SASLALREADY response." nil
|
|
(erc-display-message parsed '(notice error) 'active 's907
|
|
?s (erc-response.contents parsed)))
|
|
|
|
(define-erc-response-handler (904 905 906)
|
|
"Handle various SASL-related error responses." nil
|
|
(erc-display-message parsed '(notice error) 'active
|
|
(intern (format "s%s" (erc-response.command parsed)))
|
|
?s (erc-response.contents parsed))
|
|
(erc-sasl--destroy proc))
|
|
|
|
(define-erc-response-handler (908)
|
|
"Handle a RPL_SASLMECHS response." nil
|
|
(erc-display-message parsed '(notice error) 'active 's908
|
|
?m (alist-get 'mechanism erc-sasl--options)
|
|
?s (string-join (cdr (erc-response.command-args parsed))
|
|
" "))
|
|
(erc-sasl--destroy proc))
|
|
|
|
(defvar erc-sasl--send-cap-ls nil
|
|
"Whether to send an opening \"CAP LS\" command.
|
|
This is an escape hatch for picky servers. If you need it turned
|
|
into a user option, please let ERC know via \\[erc-bug].
|
|
Otherwise, expect it to disappear in subsequent versions.")
|
|
|
|
(cl-defmethod erc--register-connection (&context (erc-sasl-mode (eql t)))
|
|
"Send speculative CAP and pipelined AUTHENTICATE and hope for the best."
|
|
(if-let* ((c (erc-sasl--state-client erc-sasl--state))
|
|
(m (sasl-mechanism-name (sasl-client-mechanism c))))
|
|
(progn
|
|
(erc-server-send (if erc-sasl--send-cap-ls "CAP LS" "CAP REQ :sasl"))
|
|
(let ((erc-session-password
|
|
(and erc-session-password
|
|
(not (eq :password
|
|
(alist-get 'password erc-sasl--options)))
|
|
erc-session-password))
|
|
(erc-session-username
|
|
;; The username may contain a colon or a space
|
|
(if (eq :user (alist-get 'user erc-sasl--options))
|
|
(erc-current-nick)
|
|
erc-session-username)))
|
|
(cl-call-next-method))
|
|
(when erc-sasl--send-cap-ls
|
|
(erc-server-send "CAP REQ :sasl"))
|
|
(erc-server-send (format "AUTHENTICATE %s" m)))
|
|
(erc-sasl--destroy erc-server-process)))
|
|
|
|
(provide 'erc-sasl)
|
|
;;; erc-sasl.el ends here
|
|
;;
|
|
;; Local Variables:
|
|
;; generated-autoload-file: "erc-loaddefs.el"
|
|
;; End:
|