Ethan Glasser-Camp <ethan.glasser.c...@gmail.com> writes: > Hi emacs/tramp developers! Thank you for your efforts on tramp!
Hi Ethan, > Today I updated emacs to 29.2 and I noticed something strange when I > tried to use tramp to access files through the sudo method. This might > turn out to be user error but I investigated it a little bit and I > wanted to report what I found. Thanks for the detailed report! > I also tried turning on tramp-verbose to 10, which made emacs loop. (I > think global-flycheck-mode was running on the tramp debug buffers and > bringing emacs to its knees somehow.) However, it also produced a > bunch of backtraces including an error like "Wrong type argument: > stringp, #[0 "\300\207" ["..."]", where what was inside the ... was my > actual user account password. This was kind of alarming, both because > of the obscurity of the error and because I didn't expect the program > to have access to my login password. That error has given me a clue what happened :-) > - This :secret value is a byte-compiled function, but the > byte-compiled function does not return a string when called -- > instead, it returns a second byte-compiled function (which, when > called, would return a string). And this is indeed the problem, in auth-info-password. It expects a string or a function from the search, and if it is a function, it calls it and expects the password string then. However: in the "secrets:Login" case, this could be a *cascaded* function. So you must call it again and again, until it returns a string. Tramp did know this trap, and has provided a proper compatibility function tramp-compat-auth-info-password. But when auth-info-password exists, as it is the case in Emacs 29, this original function is called with this error for passwords handled by the "secrets:Login" backend. I have pushed the appended patch to the emacs-29[*] branch of Emacs git. Could you pls apply it to your Emacs 29.2, and check whether it works? [*]: The recent Emacs release is 29.3. Honestly, I don't expect that there will be an Emacs 29.4; likely the next release witll be 30.1. But anyway, the patch will be contained there, whatever release it is. > Thanks! > > Ethan Best regards, Michael.
diff --git a/lisp/auth-source.el b/lisp/auth-source.el index 5969cdbf9f8..4dcf7d73717 100644 --- a/lisp/auth-source.el +++ b/lisp/auth-source.el @@ -874,9 +874,9 @@ auth-source-specmatchp (defun auth-info-password (auth-info) "Return the :secret password from the AUTH-INFO." (let ((secret (plist-get auth-info :secret))) - (if (functionp secret) - (funcall secret) - secret))) + (while (functionp secret) + (setq secret (funcall secret))) + secret)) (defun auth-source-pick-first-password (&rest spec) "Pick the first secret found by applying `auth-source-search' to SPEC."
