diff options
| author | Michael Albinus | 2025-09-15 11:43:52 +0200 |
|---|---|---|
| committer | Michael Albinus | 2025-09-15 11:43:52 +0200 |
| commit | 72c19d0f395e8883c65689c86e79905a34d36586 (patch) | |
| tree | bb277e51742b2f473246287fc1048784df5ffa75 | |
| parent | 897d32285fc17b8afd889b1f733aed7149b50a5c (diff) | |
| download | emacs-72c19d0f395e8883c65689c86e79905a34d36586.tar.gz emacs-72c19d0f395e8883c65689c86e79905a34d36586.zip | |
Improve check for netrc tokens
* doc/misc/auth.texi (Help for users): Mention also "#" inside tokens.
* lisp/auth-source.el (auth-source-netrc-create): Better check for
token format.
* test/lisp/auth-source-tests.el (auth-source-backend-parse-json):
New test.
(auth-source-test-netrc-create-secret): Extend test.
| -rw-r--r-- | doc/misc/auth.texi | 4 | ||||
| -rw-r--r-- | lisp/auth-source.el | 13 | ||||
| -rw-r--r-- | test/lisp/auth-source-tests.el | 17 |
3 files changed, 26 insertions, 8 deletions
diff --git a/doc/misc/auth.texi b/doc/misc/auth.texi index cc6fc0c3396..1fd232a697e 100644 --- a/doc/misc/auth.texi +++ b/doc/misc/auth.texi | |||
| @@ -132,8 +132,8 @@ use them automatically, either pass @code{:client-certificate t} to | |||
| 132 | @code{open-network-stream}, or customize | 132 | @code{open-network-stream}, or customize |
| 133 | @code{network-stream-use-client-certificates} to @code{t}. | 133 | @code{network-stream-use-client-certificates} to @code{t}. |
| 134 | 134 | ||
| 135 | You can use spaces inside a password or other token by surrounding the | 135 | You can use spaces or number signs (@t{"#"}) inside a password or other |
| 136 | token with either single or double quotes. | 136 | token by surrounding the token with either single or double quotes. |
| 137 | 137 | ||
| 138 | You can use apostrophes inside a password or other token by | 138 | You can use apostrophes inside a password or other token by |
| 139 | surrounding it with double quotes, e.g., @t{"he'llo"}. Similarly you | 139 | surrounding it with double quotes, e.g., @t{"he'llo"}. Similarly you |
diff --git a/lisp/auth-source.el b/lisp/auth-source.el index 442fe2fc1e3..e7c8f43b7f9 100644 --- a/lisp/auth-source.el +++ b/lisp/auth-source.el | |||
| @@ -1468,7 +1468,9 @@ See `auth-source-search' for details on SPEC." | |||
| 1468 | (when (and (stringp data) | 1468 | (when (and (stringp data) |
| 1469 | (< 0 (length data))) | 1469 | (< 0 (length data))) |
| 1470 | (when (eq r 'secret) | 1470 | (when (eq r 'secret) |
| 1471 | (setq save-function t)) | 1471 | (setq save-function |
| 1472 | (not (and (string-match-p "\"" data) | ||
| 1473 | (string-match-p "'" data))))) | ||
| 1472 | ;; this function is not strictly necessary but I think it | 1474 | ;; this function is not strictly necessary but I think it |
| 1473 | ;; makes the code clearer -tzz | 1475 | ;; makes the code clearer -tzz |
| 1474 | (let ((printer (lambda () | 1476 | (let ((printer (lambda () |
| @@ -1484,9 +1486,12 @@ See `auth-source-search' for details on SPEC." | |||
| 1484 | (secret "password") | 1486 | (secret "password") |
| 1485 | (port "port") ; redundant but clearer | 1487 | (port "port") ; redundant but clearer |
| 1486 | (t (symbol-name r))) | 1488 | (t (symbol-name r))) |
| 1487 | (if (string-match "[\"# ]" data) | 1489 | (cond |
| 1488 | (format "%S" data) | 1490 | ((string-match-p "\"" data) |
| 1489 | data))))) | 1491 | (format "'%s'" data)) |
| 1492 | ((string-match-p "['# ]" data) | ||
| 1493 | (format "%S" data)) | ||
| 1494 | (t data)))))) | ||
| 1490 | (setq add (concat add (funcall printer))))))) | 1495 | (setq add (concat add (funcall printer))))))) |
| 1491 | 1496 | ||
| 1492 | (when save-function | 1497 | (when save-function |
diff --git a/test/lisp/auth-source-tests.el b/test/lisp/auth-source-tests.el index b4bc0f5a7f6..d6845b0af37 100644 --- a/test/lisp/auth-source-tests.el +++ b/test/lisp/auth-source-tests.el | |||
| @@ -119,6 +119,16 @@ | |||
| 119 | (create-function | 119 | (create-function |
| 120 | . auth-source-netrc-create)))) | 120 | . auth-source-netrc-create)))) |
| 121 | 121 | ||
| 122 | (ert-deftest auth-source-backend-parse-json () | ||
| 123 | (auth-source-validate-backend '(:source "foo.json") | ||
| 124 | '((source . "foo.json") | ||
| 125 | (type . json) | ||
| 126 | (search-function . auth-source-json-search) | ||
| 127 | (create-function | ||
| 128 | ;; To be implemented: | ||
| 129 | ;; . auth-source-json-create)))) | ||
| 130 | . ignore)))) | ||
| 131 | |||
| 122 | (ert-deftest auth-source-backend-parse-secrets () | 132 | (ert-deftest auth-source-backend-parse-secrets () |
| 123 | (provide 'secrets) ; simulates the presence of the `secrets' package | 133 | (provide 'secrets) ; simulates the presence of the `secrets' package |
| 124 | (let ((secrets-enabled t)) | 134 | (let ((secrets-enabled t)) |
| @@ -383,7 +393,8 @@ | |||
| 383 | (auth-source-save-behavior t) | 393 | (auth-source-save-behavior t) |
| 384 | (auth-source-ignore-non-existing-file t) | 394 | (auth-source-ignore-non-existing-file t) |
| 385 | host auth-info auth-passwd) | 395 | host auth-info auth-passwd) |
| 386 | (dolist (passwd '("foo" "" nil)) | 396 | (dolist (passwd `("foo" "bar baz" "bar'baz" "bar\"baz" |
| 397 | "foo'bar\"baz" "" nil)) | ||
| 387 | ;; Redefine `read-*' in order to avoid interactive input. | 398 | ;; Redefine `read-*' in order to avoid interactive input. |
| 388 | (cl-letf (((symbol-function 'read-passwd) (lambda (_) passwd)) | 399 | (cl-letf (((symbol-function 'read-passwd) (lambda (_) passwd)) |
| 389 | ((symbol-function 'read-string) | 400 | ((symbol-function 'read-string) |
| @@ -409,7 +420,9 @@ | |||
| 409 | auth-passwd (auth-info-password auth-info)) | 420 | auth-passwd (auth-info-password auth-info)) |
| 410 | (with-temp-buffer | 421 | (with-temp-buffer |
| 411 | (insert-file-contents netrc-file) | 422 | (insert-file-contents netrc-file) |
| 412 | (if (zerop (length passwd)) | 423 | (if (or (zerop (length passwd)) |
| 424 | (and (string-match-p "\"" passwd) | ||
| 425 | (string-match-p "'" passwd))) | ||
| 413 | (progn | 426 | (progn |
| 414 | (should-not (plist-get auth-info :user)) | 427 | (should-not (plist-get auth-info :user)) |
| 415 | (should-not (plist-get auth-info :host)) | 428 | (should-not (plist-get auth-info :host)) |