GNU bug report logs -
#36052
26.2.50; [PATCH] Improve auth-source-pass
Previous Next
Reported by: Damien Cassou <damien <at> cassou.me>
Date: Sun, 2 Jun 2019 09:13:02 UTC
Severity: normal
Tags: patch
Found in version 26.2.50
Done: Eli Zaretskii <eliz <at> gnu.org>
Bug is archived. No further changes may be made.
To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 36052 in the body.
You can then email your comments to 36052 AT debbugs.gnu.org in the normal way.
Toggle the display of automated, internal messages from the tracker.
Report forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#36052; Package
emacs.
(Sun, 02 Jun 2019 09:13:02 GMT)
Full text and
rfc822 format available.
Acknowledgement sent
to
Damien Cassou <damien <at> cassou.me>:
New bug report received and forwarded. Copy sent to
bug-gnu-emacs <at> gnu.org.
(Sun, 02 Jun 2019 09:13:02 GMT)
Full text and
rfc822 format available.
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
Hi,
auth-source-pass users have worked hard to improve the package. Everyone
is on CC.
3 have signed the FSF paperwork:
- Keith Amidon:
https://github.com/DamienCassou/auth-password-store/pull/80#issuecomment-480853577
- Iku Iwasa:
https://github.com/DamienCassou/auth-password-store/pull/87#issuecomment-480816595
- galaunay:
https://github.com/DamienCassou/auth-password-store/pull/78#issuecomment-453862089
Magnus Henoch hasn't signed but his contribution is rather small (4
lines of a new unit-test and 2 lines of code). See patch 0001.
Here is a summary of the attached patches.
Damien Cassou (5):
* lisp/auth-source-pass.el: Version 4.0.2
* lisp/auth-source-pass.el (auth-source-pass-get): Add autoload
Refactoring of auth-source-pass
* lisp/auth-source-pass.el: Version 5.0.0
* etc/NEWS: Describe changes to auth-source-pass
Iku Iwasa (1):
Add auth-source-pass-port-separator option
Keith Amidon (4):
Fix auth-source-pass to search for hostname:port/username
Split out the attribute retrieval form auth-source-pass-get
Minimize entry parsing in auth-source-pass
* lisp/auth-source-pass.el: Add Keith Amidon to authors
Magnus Henoch (1):
Fix auth-source-pass to return nil if no entry found
galaunay (1):
Add auth-source-pass-path option
etc/NEWS | 19 ++
lisp/auth-source-pass.el | 224 ++++++++-----
test/lisp/auth-source-pass-tests.el | 473 +++++++++++++++++++---------
3 files changed, 491 insertions(+), 225 deletions(-)
--
Damien Cassou
http://damiencassou.seasidehosting.st
"Success is the ability to go from one failure to another without
losing enthusiasm." --Winston Churchill
[0001-Fix-auth-source-pass-to-return-nil-if-no-entry-found.patch (text/x-patch, attachment)]
[0002-lisp-auth-source-pass.el-Version-4.0.2.patch (text/x-patch, attachment)]
[0003-lisp-auth-source-pass.el-auth-source-pass-get-Add-au.patch (text/x-patch, attachment)]
[0004-Add-auth-source-pass-path-option.patch (text/x-patch, attachment)]
[0005-Add-auth-source-pass-port-separator-option.patch (text/x-patch, attachment)]
[0006-Fix-auth-source-pass-to-search-for-hostname-port-use.patch (text/x-patch, attachment)]
[0007-Split-out-the-attribute-retrieval-form-auth-source-p.patch (text/x-patch, attachment)]
[0008-Minimize-entry-parsing-in-auth-source-pass.patch (text/x-patch, attachment)]
[0009-lisp-auth-source-pass.el-Add-Keith-Amidon-to-authors.patch (text/x-patch, attachment)]
[0010-Refactoring-of-auth-source-pass.patch (text/x-patch, attachment)]
[0011-lisp-auth-source-pass.el-Version-5.0.0.patch (text/x-patch, attachment)]
[0012-etc-NEWS-Describe-changes-to-auth-source-pass.patch (text/x-patch, attachment)]
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#36052; Package
emacs.
(Fri, 07 Jun 2019 00:44:05 GMT)
Full text and
rfc822 format available.
Message #8 received at 36052 <at> debbugs.gnu.org (full text, mbox):
Damien Cassou <damien <at> cassou.me> writes:
> Magnus Henoch hasn't signed but his contribution is rather small (4
> lines of a new unit-test and 2 lines of code). See patch 0001.
His patch needs the line
Copyright-paperwork-exempt: yes
> Subject: [PATCH 04/12] Add auth-source-pass-path option
I think auth-source-pass-filename would be the correct name to conform
with GNU naming conventions.
> Subject: [PATCH 07/12] Split out the attribute retrieval form
> auth-source-pass-get
>
> Eliminate the need to repeatedly retrieve and parse the data for the
> entry. This is generally a good thing since it eliminates repetitions
> of the same crypto and parsing operations. It is especially valuable
> when protecting an entry with a yubikey with touch required for crypto
> operations as it eliminates the need to touch the yubikey sensor for
> each attribute retrieved.
Missing double spacing at end of sentence here.
> +(defun auth-source-pass--get-attr (key entry-data)
> + "Return the value associated to KEY in data from an already parsed entry.
> +
> +ENTRY-DATA is the data from a parsed password-store entry.
> +The key used to retrieve the password is the symbol `secret'.
> +
> +The convention used as the format for a password-store file is
> +the following (see http://www.passwordstore.org/#organization):
> +
> +secret
> +key1: value1
> +key2: value2"
I think the end of the docstring could be replaced with
See `auth-source-pass-get'.
It seems a little silly to duplicate this info so close by.
> Subject: [PATCH 08/12] Minimize entry parsing in auth-source-pass
>
> Prior to this commit, while searching for the most applicable entry
> password-store entries were decrypted and parsed to ensure they were
> valid. The entries were parsed in the order they were found on the
> filesystem and all applicable entries would be decrypted and parsed,
> which varied based on the contents of the password-store and the entry
> to be found.
>
> This is fine when the GPG key is cached and each entry can be
> decrypted without user interaction. However, for security some people
> have their GPG on a hardware token like a Yubikey setup so that they
> have to touch a sensor on the toke for every cryptographic operation,
> in which case it becomes inconvenient as each attempt to find an entry
> requires a variable number of touches of the hardware token.
>
> The implementation already assumes that names which contain more of
> the information in the search key should be preferred so there is an
> ordering of preference of applicable entries. If the decrypt and
> parsing is removed from the initial identification of applicable
> entries in the store then in most cases a single decrypt and parse of
> the most preferred entry will suffice, improving the experience for
> hardware token users that require interaction with the token.
>
> This commit implements that strategy. It is in spirit a refactor of
> the existing code. The core of the change is the function
> auth-source-pass--applicable-entries, which generates an ordered list
> of regular expression matchers for all possible names that could be in
> the password-store for the entry to be found and then makes a pass
> over the password-store entry names accumulating the matching entries
> in a list after the regexp that matched. This implementation ensures
> the password-store entry list still only has to be scanned once.
>
> The existing auth-source-pass--find-match-unambiguous was modified to
> use this new function to obtain candidate entries and then parse them
> one by one until an entry containing the desired information is
> located. When complete it now returns the parsed data of the entry
> instead of the entry name so that the information can be used directly
> to construct the auth-source response.
>
> * lisp/auth-source-pass.el: Private functions were refactored to
> reduce the number of decryption operations.
Double spacing, and this ChangeLog entry is a little sparse. It looks
like the last two prose paragraphs could be easily made into ChangeLog
entries, since they're already talking about specific functions.
> + (when (> (length name-components) 0)
> + (cons (mapconcat 'identity name-components ".")
> + (auth-source-pass--domains (cdr name-components)))))
I suggest instead:
(cl-maplist (lambda (components) (mapconcat #'identity components "."))
name-components)
> Subject: [PATCH 10/12] Refactoring of auth-source-pass
>
> * lisp/auth-source-pass.el: Refactoring.
This one's a little empty too.
> Subject: [PATCH 12/12] * etc/NEWS: Describe changes to auth-source-pass
>
> ---
> etc/NEWS | 19 +++++++++++++++++++
> 1 file changed, 19 insertions(+)
>
> diff --git a/etc/NEWS b/etc/NEWS
> index 975fab495a..5dcdac2668 100644
> --- a/etc/NEWS
> +++ b/etc/NEWS
> @@ -1485,6 +1485,25 @@ the new variable 'buffer-auto-revert-by-notification' to a non-nil
> value. Auto Revert mode can use this information to avoid polling the
> buffer periodically when 'auto-revert-avoid-polling' is non-nil.
>
> +** auth-source-pass
> +
> +*** New customizable variable 'auth-source-pass-path' for the path to
> +the password-store. This defaults to ~/.password-store.
It's better to have NEWS entries have the first sentence in one line.
Something like
*** New customizable variable 'auth-source-pass-path'.
Allows setting the path to the password-store, defaults to ~/.password-store.
> +*** New customizable variable 'auth-source-pass-port-separator' to
> +specify separator between host and port. This defaults to colon
> +":".
*** New customizable variable 'auth-source-pass-port-separator'.
Specifies separator between host and port, defaults to colon ":".
> +*** auth-source-pass.el and auth-source-pass-tests.el have been
> +massively rewritten to minimize parsing of password-store entries.
> +This makes the package usable with physical tokens requiring touching
> +a sensor for every decryption.
This one puts too much emphasis on the rewrite which is an
implementation detail.
*** Minimize the number of decryptions during password lookup.
This makes the package usable with physical tokens requiring touching
a sensor for every decryption.
> +*** 'auth-source-pass-get' has an autoload cookie now.
Maybe just say "is now autoloaded".
> +*** 'auth-source-pass-search' now correctly returns nil if no entry
> +found.
We don't put bug fixes in NEWS, so this one can be left out.
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#36052; Package
emacs.
(Sat, 08 Jun 2019 15:49:03 GMT)
Full text and
rfc822 format available.
Message #11 received at 36052 <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
Hi Noam and everyone,
thank you *very* much for your review. I appreciate the effort to review
such a series of patches. Please find attached the new patches. I took
all your comments into account except for what follows:
Noam Postavsky <npostavs <at> gmail.com> writes:
> Damien Cassou <damien <at> cassou.me> writes:
>> * lisp/auth-source-pass.el: Private functions were refactored to
>> reduce the number of decryption operations.
>
> Double spacing, and this ChangeLog entry is a little sparse. It looks
> like the last two prose paragraphs could be easily made into ChangeLog
> entries, since they're already talking about specific functions.
I thought about doing that as well but didn't. If you insist, I will do
the requested changes but here are my reasons for not doing it right
away:
- The changes are on private methods (with the "--" naming convention)
and I'm not sure how much of private changes should be in the
ChangeLog.
- The commit message you mention modifies functions that are modified
again by a later patch (named "Refactoring of auth-source-pass"). I
usually only send the latest version of my code and not the whole
history but, this time, I'm not the author of the original version and
I believe the author deserves to have his name in Emacs' git history
because of the massive work he did for the package.
- I have tried not to rewrite too much of contributor's code and text in
their own commit so that the authorship makes sense. I have no problem
changing contributions in a later commit though (as I've shown in the
patch "Refactoring of auth-source-pass").
What do you think?
>> * lisp/auth-source-pass.el: Refactoring.
>
> This one's a little empty too.
Changes are again on private functions. What do you suggest?
Thank you again for your work!
--
Damien Cassou
http://damiencassou.seasidehosting.st
"Success is the ability to go from one failure to another without
losing enthusiasm." --Winston Churchill
[0001-Fix-auth-source-pass-to-return-nil-if-no-entry-found.patch (text/x-patch, attachment)]
[0002-lisp-auth-source-pass.el-Version-4.0.2.patch (text/x-patch, attachment)]
[0003-lisp-auth-source-pass.el-auth-source-pass-get-Add-au.patch (text/x-patch, attachment)]
[0004-Add-auth-source-pass-filename-option.patch (text/x-patch, attachment)]
[0004-Add-auth-source-pass-path-option.patch (text/x-patch, attachment)]
[0005-Add-auth-source-pass-port-separator-option.patch (text/x-patch, attachment)]
[0006-Fix-auth-source-pass-to-search-for-hostname-port-use.patch (text/x-patch, attachment)]
[0007-Split-out-the-attribute-retrieval-form-auth-source-p.patch (text/x-patch, attachment)]
[0008-Minimize-entry-parsing-in-auth-source-pass.patch (text/x-patch, attachment)]
[0009-lisp-auth-source-pass.el-Add-Keith-Amidon-to-authors.patch (text/x-patch, attachment)]
[0010-Refactoring-of-auth-source-pass.patch (text/x-patch, attachment)]
[0011-lisp-auth-source-pass.el-Version-5.0.0.patch (text/x-patch, attachment)]
[0012-etc-NEWS-Describe-changes-to-auth-source-pass.patch (text/x-patch, attachment)]
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#36052; Package
emacs.
(Sat, 08 Jun 2019 16:04:01 GMT)
Full text and
rfc822 format available.
Message #14 received at 36052 <at> debbugs.gnu.org (full text, mbox):
> From: Damien Cassou <damien <at> cassou.me>
> Date: Sat, 08 Jun 2019 17:47:53 +0200
> Cc: Magnus Henoch <magnus.henoch <at> gmail.com>, Nicolas Petton <nicolas <at> petton.fr>,
> Iku Iwasa <iku.iwasa <at> gmail.com>, Keith Amidon <camalot <at> picnicpark.org>,
> galaunay <gaby.launay <at> tutanota.com>, 36052 <at> debbugs.gnu.org,
> Ted Zlatanov <tzz <at> lifelogs.com>
>
> +(defcustom auth-source-pass-filename "~/.password-store"
> + "Path to the password-store folder."
> + :type 'directory)
Please add/update a :version tag to any defcustom that you introduce
or modify. This is the basis for a "C-h v" and a few other features
that report on options introduced/changed in a certain Emacs version.
Also, GNU Coding Standards frown on calling "path" anything that is
not colon-separated PATH-style list of directories.
> >From d46e8dd1bbc3a1c7ac6506e3e6cfe3d87e57e99e Mon Sep 17 00:00:00 2001
> From: galaunay <gaby.launay <at> tutanota.com>
> Date: Sun, 13 Jan 2019 21:30:53 +0000
> Subject: [PATCH 04/12] Add auth-source-pass-path option
This patch was included twice, it seems.
> +(defun auth-source-pass--get-attr (key entry-data)
> + "Return the value associated to KEY in data from an already parsed entry.
We prefer that the first line of a function's doc references all of
the arguments. In this case, I suggest to reword as follows:
Return value associated with KEY in an ENTRY-DATA.
What ENTRY-DATA is is explained in the very next line"
> +ENTRY-DATA is the data from a parsed password-store entry.
So you don't need to repeat that in the first line.
> --- a/etc/NEWS
> +++ b/etc/NEWS
> @@ -1485,6 +1485,21 @@ the new variable 'buffer-auto-revert-by-notification' to a non-nil
> value. Auto Revert mode can use this information to avoid polling the
> buffer periodically when 'auto-revert-avoid-polling' is non-nil.
>
> +** auth-source-pass
> +
> +*** New customizable variable 'auth-source-pass-filename'.
> +Allows setting the path to the password-store, defaults to
> +~/.password-store.
> +
> +*** New customizable variable 'auth-source-pass-port-separator'.
> +Specifies separator between host and port, defaults to colon ":".
> +
> +*** Minimize the number of decryptions during password lookup.
> +This makes the package usable with physical tokens requiring touching
> +a sensor for every decryption.
> +
> +*** 'auth-source-pass-get' is now autoloaded.
Do these changes warrant changes in auth.texi manual?
Thanks for working on this.
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#36052; Package
emacs.
(Sat, 08 Jun 2019 22:39:01 GMT)
Full text and
rfc822 format available.
Message #17 received at 36052 <at> debbugs.gnu.org (full text, mbox):
Damien Cassou <damien <at> cassou.me> writes:
>>
>> Double spacing, and this ChangeLog entry is a little sparse. It looks
>> like the last two prose paragraphs could be easily made into ChangeLog
>> entries, since they're already talking about specific functions.
>
>
> I thought about doing that as well but didn't. If you insist, I will do
> the requested changes but here are my reasons for not doing it right
> away:
>
> - The changes are on private methods (with the "--" naming convention)
> and I'm not sure how much of private changes should be in the
> ChangeLog.
AFAIK, we don't keep "private" functions out of the ChangeLog. Same
with even more internal C functions.
> - The commit message you mention modifies functions that are modified
> again by a later patch (named "Refactoring of auth-source-pass"). I
> usually only send the latest version of my code and not the whole
> history but, this time, I'm not the author of the original version and
> I believe the author deserves to have his name in Emacs' git history
> because of the massive work he did for the package.
>
> - I have tried not to rewrite too much of contributor's code and text in
> their own commit so that the authorship makes sense. I have no problem
> changing contributions in a later commit though (as I've shown in the
> patch "Refactoring of auth-source-pass").
Sure that make sense, but I think the commit message only needs some
pretty minor formatting (although it seems that the original patch
message has a typo in the function name mentioned, it should be
auth-source-pass--matching-entries rather than
auth-source-pass--applicable-entries), e.g., just change the last
two paragraphs into:
This commit implements that strategy. It is in spirit a refactor of
the existing code.
* lisp/auth-source-pass.el (auth-source-pass--matching-entries): New
function, generate an ordered list of regular expression matchers for
all possible names that could be in the password-store for the entry to
be found and then makes a pass over the password-store entry names
accumulating the matching entries in a list after the regexp that
matched. This implementation ensures the password-store entry list
still only has to be scanned once.
(auth-source-pass--find-match-unambiguous): Use it to obtain candidate
entries and then parse them one by one until an entry containing the
desired information is located. When complete, return the parsed data of
the entry instead of the entry name so that the information can be used
directly to construct the auth-source response.
and then at least mention the other functions:
(auth-source-pass--build-result): Update accordingly.
(auth-source-pass--select-one-entry)
(auth-source-pass--entry-valid-p)
(auth-source-pass--find-all-by-entry-name)
(auth-source-pass--find-one-by-entry-name): Remove.
(auth-source-pass--select-from-entries)
(auth-source-pass--accumulate-matches)
(auth-source-pass--entry-reducer)
(auth-source-pass--generate-entry-suffixes)
(auth-source-pass--domains)
(auth-source-pass--name-port-user-suffixes): New functions.
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#36052; Package
emacs.
(Thu, 13 Jun 2019 20:00:02 GMT)
Full text and
rfc822 format available.
Message #20 received at 36052 <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
Hi everyone,
thank you so much to Eli and Noam for their detailed review. Here is a
new patch series that address every concern received so far. This series
also includes a new patch rewriting the "The Unix password store"
section of auth.texi.
Best,
--
Damien Cassou
http://damiencassou.seasidehosting.st
"Success is the ability to go from one failure to another without
losing enthusiasm." --Winston Churchill
[0001-Fix-auth-source-pass-to-return-nil-if-no-entry-found.patch (text/x-patch, attachment)]
[0002-lisp-auth-source-pass.el-Version-4.0.2.patch (text/x-patch, attachment)]
[0003-lisp-auth-source-pass.el-auth-source-pass-get-Add-au.patch (text/x-patch, attachment)]
[0004-Add-auth-source-pass-filename-option.patch (text/x-patch, attachment)]
[0005-Add-auth-source-pass-port-separator-option.patch (text/x-patch, attachment)]
[0006-Fix-auth-source-pass-to-search-for-hostname-port-use.patch (text/x-patch, attachment)]
[0007-Split-out-the-attribute-retrieval-form-auth-source-p.patch (text/x-patch, attachment)]
[0008-Minimize-entry-parsing-in-auth-source-pass.patch (text/x-patch, attachment)]
[0009-lisp-auth-source-pass.el-Add-Keith-Amidon-to-authors.patch (text/x-patch, attachment)]
[0010-Refactoring-of-auth-source-pass.patch (text/x-patch, attachment)]
[0011-lisp-auth-source-pass.el-Version-5.0.0.patch (text/x-patch, attachment)]
[0012-etc-NEWS-Describe-changes-to-auth-source-pass.patch (text/x-patch, attachment)]
[0013-doc-misc-auth.texi-The-Unix-password-store-Complete-.patch (text/x-patch, attachment)]
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#36052; Package
emacs.
(Thu, 13 Jun 2019 21:24:01 GMT)
Full text and
rfc822 format available.
Message #23 received at 36052 <at> debbugs.gnu.org (full text, mbox):
Damien Cassou <damien <at> cassou.me> writes:
> thank you so much to Eli and Noam for their detailed review. Here is a
> new patch series that address every concern received so far. This series
> also includes a new patch rewriting the "The Unix password store"
> section of auth.texi.
A couple more minor points, and some formatting nitpicks.
> Subject: [PATCH 04/13] Add auth-source-pass-filename option
> +(defcustom auth-source-pass-filename "~/.password-store"
> + "Path to the password-store folder."
As Eli mentioned, the docstring should say Filename rather than Path too
(I guess this got missed/mixed up with my similar point about the
variable name).
> Subject: [PATCH 10/13] Refactoring of auth-source-pass
>
> * lisp/auth-source-pass.el (auth-source-pass--find-match): Refactor by
> moving some code to auth-source-pass--disambiguate.
> (auth-source-pass--disambiguate):
> (auth-source-pass--entries-matching-suffix): New function.
When you have two or more ChangeLog entries from the same file sharing
the same message, don't leave a colon at the end of the blank lines (see
also the example in CONTRIBUTE). I.e., this should be
(auth-source-pass--disambiguate)
(auth-source-pass--entries-matching-suffix): New function.
Same for the other entries below.
> (auth-source-pass--find-match-unambiguous):
> (auth-source-pass--select-from-entries):
> (auth-source-pass--entry-reducer): Refactor to simplify and improve
> logging.
> (auth-source-pass--matching-entries):
> (auth-source-pass--accumulate-matches): Remove
^
> * test/lisp/auth-source-pass-tests.el: Complete rewrite to facilitate
> maintenance.
> (auth-source-pass--have-message-containing): Remove
^
Period at the end of sentence.
> (auth-source-pass--have-message-matching):
> (auth-source-pass--explain--have-message-matching):
> (auth-source-pass--explain-match-entry-p):
> (auth-source-pass--includes-sorted-entries):
> (auth-source-pass--explain-includes-sorted-entries):
> (auth-source-pass--explain-match-any-entry-p):
> (auth-source-pass--matching-entries):
> (auth-source-pass-match-entry-p):
> (auth-source-pass-match-any-entry-p): New function.
> Subject: [PATCH 12/13] * etc/NEWS: Describe changes to auth-source-pass
> +** auth-source-pass
> +
> +*** New customizable variable 'auth-source-pass-filename'.
> +Allows setting the path to the password-store, defaults to
> +~/.password-store.
> +
> +*** New customizable variable 'auth-source-pass-port-separator'.
> +Specifies separator between host and port, defaults to colon ":".
I guess these NEWS entries should be marked +++ since you have added
text to the manual about them.
> +*** Minimize the number of decryptions during password lookup.
> +This makes the package usable with physical tokens requiring touching
> +a sensor for every decryption.
> +
> +*** 'auth-source-pass-get' is now autoloaded.
And these should have ---.
> Subject: [PATCH 13/13] * doc/misc/auth.texi (The Unix password store):
> Complete rewrite
> --- a/doc/misc/auth.texi
> +++ b/doc/misc/auth.texi
> @@ -445,19 +445,34 @@ The Unix password store
>
> @uref{http://www.passwordstore.org,,The standard unix password
> manager} (or just @code{pass}) stores your passwords in
> +@code{gpg}-protected files following the Unix philosophy. The store
^
Double spacing at the end of sentence. Same for the rest of this patch.
> +Emacs integration of @code{pass} follows the approach suggested by the
> +pass project itself for data organization to find data. In particular,
> +to store a password for the user @code{rms} on the host @code{gnu.org}
> +on port @code{22}, you should use one of the following filenames.
> +@itemize
> +@item @code{"gnu.org.gpg"} : No username or port in the filename means that any username and port will match.
> +@item @code{"gnu.org/rms.gpg"} : The username to match can be expressed as filename inside a directory whose name matches the host. This is useful if the store has passwords for several users on the same host.
> +@item @code{"rms@@gnu.org.gpg"} : The username can also be expressed as a prefix, separated from the host with an at-sign (@code{@@}).
> +@item @code{"gnu.org:22.gpg"} : The port (aka. service) to match can only be expressed after the host and separated with a colon (@code{:}). The separator can be changed through the @code{auth-source-pass-port-separator} variable.
> +If several entries match, the one matching the most is
> +preferred.
"the most" meaning highest number of matching items (where an "item" is
one of username, port or filename)? The current wording could be
understood as "longest match" (counting characters) which I don't think
is what you meant.
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#36052; Package
emacs.
(Fri, 14 Jun 2019 07:12:01 GMT)
Full text and
rfc822 format available.
Message #26 received at 36052 <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
Hi everyone,
after yet another detailed review from Noam, here is my new series of
patch. I hopefully took care of every feedback I got.
Thank you so much to the reviewers, you are doing an amazing job.
--
Damien Cassou
http://damiencassou.seasidehosting.st
"Success is the ability to go from one failure to another without
losing enthusiasm." --Winston Churchill
[0001-Fix-auth-source-pass-to-return-nil-if-no-entry-found.patch (text/x-patch, attachment)]
[0002-lisp-auth-source-pass.el-Version-4.0.2.patch (text/x-patch, attachment)]
[0003-lisp-auth-source-pass.el-auth-source-pass-get-Add-au.patch (text/x-patch, attachment)]
[0004-Add-auth-source-pass-filename-option.patch (text/x-patch, attachment)]
[0005-Add-auth-source-pass-port-separator-option.patch (text/x-patch, attachment)]
[0006-Fix-auth-source-pass-to-search-for-hostname-port-use.patch (text/x-patch, attachment)]
[0007-Split-out-the-attribute-retrieval-form-auth-source-p.patch (text/x-patch, attachment)]
[0008-Minimize-entry-parsing-in-auth-source-pass.patch (text/x-patch, attachment)]
[0009-lisp-auth-source-pass.el-Add-Keith-Amidon-to-authors.patch (text/x-patch, attachment)]
[0010-Refactoring-of-auth-source-pass.patch (text/x-patch, attachment)]
[0011-lisp-auth-source-pass.el-Version-5.0.0.patch (text/x-patch, attachment)]
[0012-etc-NEWS-Describe-changes-to-auth-source-pass.patch (text/x-patch, attachment)]
[0013-doc-misc-auth.texi-The-Unix-password-store-Complete-.patch (text/x-patch, attachment)]
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#36052; Package
emacs.
(Fri, 14 Jun 2019 07:49:01 GMT)
Full text and
rfc822 format available.
Message #29 received at 36052 <at> debbugs.gnu.org (full text, mbox):
> From: Damien Cassou <damien <at> cassou.me>
> Cc: Noam Postavsky <npostavs <at> gmail.com>, Magnus Henoch <magnus.henoch <at> gmail.com>, Ted Zlatanov <tzz <at> lifelogs.com>, Iku Iwasa <iku.iwasa <at> gmail.com>, Keith Amidon <camalot <at> picnicpark.org>, galaunay <gaby.launay <at> tutanota.com>, Nicolas Petton <nicolas <at> petton.fr>, Eli Zaretskii <eliz <at> gnu.org>
> Date: Thu, 13 Jun 2019 21:59:32 +0200
>
> diff --git a/etc/NEWS b/etc/NEWS
> index 95d7e08074..f5781fb7e5 100644
> --- a/etc/NEWS
> +++ b/etc/NEWS
> @@ -1512,6 +1512,21 @@ the new variable 'buffer-auto-revert-by-notification' to a non-nil
> value. Auto Revert mode can use this information to avoid polling the
> buffer periodically when 'auto-revert-avoid-polling' is non-nil.
>
> +** auth-source-pass
> +
> +*** New customizable variable 'auth-source-pass-filename'.
> +Allows setting the path to the password-store, defaults to
> +~/.password-store.
> +
> +*** New customizable variable 'auth-source-pass-port-separator'.
> +Specifies separator between host and port, defaults to colon ":".
> +
> +*** Minimize the number of decryptions during password lookup.
> +This makes the package usable with physical tokens requiring touching
> +a sensor for every decryption.
> +
> +*** 'auth-source-pass-get' is now autoloaded.
These are all described in the patch for the manual, right? If so,
the entries should be marked with "+++", see the beginning of NEWS for
instructions about that.
> +@itemize
> +@item @code{"gnu.org.gpg"} : No username or port in the filename means that any username and port will match.
> +@item @code{"gnu.org/rms.gpg"} : The username to match can be expressed as filename inside a directory whose name matches the host. This is useful if the store has passwords for several users on the same host.
> +@item @code{"rms@@gnu.org.gpg"} : The username can also be expressed as a prefix, separated from the host with an at-sign (@code{@@}).
> +@item @code{"gnu.org:22.gpg"} : The port (aka. service) to match can only be expressed after the host and separated with a colon (@code{:}). The separator can be changed through the @code{auth-source-pass-port-separator} variable.
> +@item @code{"gnu.org:22/rms.gpg"}
> +@item @code{"rms@@gnu.org:22.gpg"}
> +@item @code{"a/b/gnu.org.gpg"} : Entries can be stored in arbitrary directories.
> +@item @code{"a/b/gnu.org/rms.gpg"}
> +@item @code{"a/b/rms@@gnu.org.gpg"}
> +@item @code{"a/b/gnu.org:22.gpg"}
> +@item @code{"a/b/gnu.org:22/rms.gpg"}
> +@item @code{"a/b/rms@@gnu.org:22.gpg"}
> +@end itemize
Please make the text describing each @item start on a new line. Also,
it sounds like you want @table here, not @itemize. And finally,
quoting in @code is sub-optimal; would @samp (and losing the quotes)
do the job?
> +@defvar auth-source-pass-filename
> +Set this variable to a string locating the password store on the
> +disk. Defaults to @code{"~/.password-store"}.
File names or their parts should have the @file markup, not @code.
Thanks.
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#36052; Package
emacs.
(Fri, 14 Jun 2019 16:17:02 GMT)
Full text and
rfc822 format available.
Message #32 received at 36052 <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
Eli Zaretskii <eliz <at> gnu.org> writes:
> These are all described in the patch for the manual, right? If so,
> the entries should be marked with "+++", see the beginning of NEWS for
> instructions about that.
I'm not sure which patch you reviewed so I attach it again to this new
email. The first 2 items in NEWS (new user options) are covered by the
manual so I've added '+++' in front of each. The last 2 items (less
decryption and autoload) shouldn't be in the manual so I've added '---'
in front of each.
> Please make the text describing each @item start on a new line. Also,
> it sounds like you want @table here, not @itemize. And finally,
> quoting in @code is sub-optimal; would @samp (and losing the quotes)
> do the job?
>
> File names or their parts should have the @file markup, not @code.
I'm not sure I did it right, but you will find a new patch attached to
this email.
--
Damien Cassou
http://damiencassou.seasidehosting.st
"Success is the ability to go from one failure to another without
losing enthusiasm." --Winston Churchill
[0013-doc-misc-auth.texi-The-Unix-password-store-Complete-.patch (text/x-patch, attachment)]
[0012-etc-NEWS-Describe-changes-to-auth-source-pass.patch (text/x-patch, attachment)]
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#36052; Package
emacs.
(Sat, 22 Jun 2019 09:04:02 GMT)
Full text and
rfc822 format available.
Message #35 received at 36052 <at> debbugs.gnu.org (full text, mbox):
> From: Damien Cassou <damien <at> cassou.me>
> Cc: 36052 <at> debbugs.gnu.org, npostavs <at> gmail.com, magnus.henoch <at> gmail.com, tzz <at> lifelogs.com, iku.iwasa <at> gmail.com, camalot <at> picnicpark.org, gaby.launay <at> tutanota.com, nicolas <at> petton.fr
> Date: Fri, 14 Jun 2019 18:16:01 +0200
>
> Eli Zaretskii <eliz <at> gnu.org> writes:
> > These are all described in the patch for the manual, right? If so,
> > the entries should be marked with "+++", see the beginning of NEWS for
> > instructions about that.
>
>
> I'm not sure which patch you reviewed so I attach it again to this new
> email. The first 2 items in NEWS (new user options) are covered by the
> manual so I've added '+++' in front of each. The last 2 items (less
> decryption and autoload) shouldn't be in the manual so I've added '---'
> in front of each.
>
>
> > Please make the text describing each @item start on a new line. Also,
> > it sounds like you want @table here, not @itemize. And finally,
> > quoting in @code is sub-optimal; would @samp (and losing the quotes)
> > do the job?
> >
> > File names or their parts should have the @file markup, not @code.
>
> I'm not sure I did it right, but you will find a new patch attached to
> this email.
Thanks, these LGTM.
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#36052; Package
emacs.
(Mon, 24 Jun 2019 07:27:01 GMT)
Full text and
rfc822 format available.
Message #38 received at 36052 <at> debbugs.gnu.org (full text, mbox):
Eli Zaretskii <eliz <at> gnu.org> writes:
> Thanks, these LGTM.
I've just pushed to master. Because it's my first time, can you please
check I did it right?
I guess this bug report can be closed now.
--
Damien Cassou
http://damiencassou.seasidehosting.st
"Success is the ability to go from one failure to another without
losing enthusiasm." --Winston Churchill
Reply sent
to
Eli Zaretskii <eliz <at> gnu.org>:
You have taken responsibility.
(Mon, 24 Jun 2019 14:34:02 GMT)
Full text and
rfc822 format available.
Notification sent
to
Damien Cassou <damien <at> cassou.me>:
bug acknowledged by developer.
(Mon, 24 Jun 2019 14:34:02 GMT)
Full text and
rfc822 format available.
Message #43 received at 36052-done <at> debbugs.gnu.org (full text, mbox):
> From: Damien Cassou <damien <at> cassou.me>
> Cc: 36052 <at> debbugs.gnu.org, npostavs <at> gmail.com, magnus.henoch <at> gmail.com, tzz <at> lifelogs.com, iku.iwasa <at> gmail.com, camalot <at> picnicpark.org, gaby.launay <at> tutanota.com, nicolas <at> petton.fr
> Date: Mon, 24 Jun 2019 09:26:04 +0200
>
> Eli Zaretskii <eliz <at> gnu.org> writes:
> > Thanks, these LGTM.
>
> I've just pushed to master. Because it's my first time, can you please
> check I did it right?
You forgot to mention the bug number, AFAICT (happens to everyone from
time to time). Other than that, looks OK to me.
> I guess this bug report can be closed now.
Done.
Thanks.
bug archived.
Request was from
Debbugs Internal Request <help-debbugs <at> gnu.org>
to
internal_control <at> debbugs.gnu.org.
(Tue, 23 Jul 2019 11:24:11 GMT)
Full text and
rfc822 format available.
This bug report was last modified 5 years and 327 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.