aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDaiki Ueno2015-08-18 15:02:41 +0900
committerDaiki Ueno2015-08-18 15:05:40 +0900
commit9a1175cb0a33aeb13601ae8997931a853cb45249 (patch)
treed30cf60f54f98534131d6f8efcd5a5559bb74fec
parent9403daff6a8818d9c1ff11de4f339f958f52f3e2 (diff)
downloademacs-9a1175cb0a33aeb13601ae8997931a853cb45249.tar.gz
emacs-9a1175cb0a33aeb13601ae8997931a853cb45249.zip
Revert "pinentry.el: Support external passphrase cache"
This reverts commit e086e55a664ec27fbca7b3231c4b32cb78a89337. pinentry.el shouldn't directly interact with the secrets service, but ask the caller to cache the passphrase.
Diffstat
-rw-r--r--lisp/net/pinentry.el151
1 files changed, 46 insertions, 105 deletions
diff --git a/lisp/net/pinentry.el b/lisp/net/pinentry.el
index aee86473e10..13a15c964ab 100644
--- a/lisp/net/pinentry.el
+++ b/lisp/net/pinentry.el
@@ -63,11 +63,6 @@
63 :type 'integer 63 :type 'integer
64 :group 'pinentry) 64 :group 'pinentry)
65 65
66(defcustom pinentry-use-secrets nil
67 "If non-nil, use secrets.el to store passwords in login keyring."
68 :type 'boolean
69 :group 'pinentry)
70
71(defvar pinentry--server-process nil) 66(defvar pinentry--server-process nil)
72(defvar pinentry--connection-process-list nil) 67(defvar pinentry--connection-process-list nil)
73 68
@@ -75,10 +70,6 @@
75(put 'pinentry-read-point 'permanent-local t) 70(put 'pinentry-read-point 'permanent-local t)
76(defvar pinentry--read-point nil) 71(defvar pinentry--read-point nil)
77(put 'pinentry--read-point 'permanent-local t) 72(put 'pinentry--read-point 'permanent-local t)
78(defvar pinentry--allow-external-password-cache nil)
79(put 'pinentry--allow-external-password-cache 'permanent-local t)
80(defvar pinentry--key-info nil)
81(put 'pinentry--key-info 'permanent-local t)
82 73
83(defvar pinentry--prompt-buffer nil) 74(defvar pinentry--prompt-buffer nil)
84 75
@@ -152,10 +143,6 @@ If local sockets are not supported, this is nil.")
152 (concat prompt (substring short-prompt -2)) 143 (concat prompt (substring short-prompt -2))
153 query-args))) 144 query-args)))
154 145
155(defvar secrets-enabled)
156(declare-function secrets-search-items "secrets" (collection &rest attributes))
157(declare-function secrets-get-secret "secrets" (collection item))
158
159;;;###autoload 146;;;###autoload
160(defun pinentry-start () 147(defun pinentry-start ()
161 "Start a Pinentry service. 148 "Start a Pinentry service.
@@ -290,23 +277,6 @@ Assuan protocol."
290(defun pinentry--send-error (process error) 277(defun pinentry--send-error (process error)
291 (process-send-string process (format "ERR %d %s\n" (car error) (cdr error)))) 278 (process-send-string process (format "ERR %d %s\n" (car error) (cdr error))))
292 279
293(defun pinentry--send-passphrase (process passphrase)
294 (let (escaped-passphrase encoded-passphrase)
295 (unwind-protect
296 (condition-case nil
297 (progn
298 (setq escaped-passphrase (pinentry--escape-string passphrase))
299 (setq encoded-passphrase (encode-coding-string escaped-passphrase
300 'utf-8))
301 (pinentry--send-data process encoded-passphrase)
302 (process-send-string process "OK\n"))
303 (error
304 (pinentry--send-error process pinentry--error-cancelled)))
305 (if escaped-passphrase
306 (clear-string escaped-passphrase))
307 (if encoded-passphrase
308 (clear-string encoded-passphrase)))))
309
310(defun pinentry--process-filter (process input) 280(defun pinentry--process-filter (process input)
311 (unless (buffer-live-p (process-buffer process)) 281 (unless (buffer-live-p (process-buffer process))
312 (let ((buffer (generate-new-buffer " *pinentry*"))) 282 (let ((buffer (generate-new-buffer " *pinentry*")))
@@ -316,9 +286,7 @@ Assuan protocol."
316 (set-buffer-multibyte nil)) 286 (set-buffer-multibyte nil))
317 (make-local-variable 'pinentry--read-point) 287 (make-local-variable 'pinentry--read-point)
318 (setq pinentry--read-point (point-min)) 288 (setq pinentry--read-point (point-min))
319 (make-local-variable 'pinentry--labels) 289 (make-local-variable 'pinentry--labels))))
320 (make-local-variable 'pinentry--allow-external-password-cache)
321 (make-local-variable 'pinentry--key-info))))
322 (with-current-buffer (process-buffer process) 290 (with-current-buffer (process-buffer process)
323 (save-excursion 291 (save-excursion
324 (goto-char (point-max)) 292 (goto-char (point-max))
@@ -343,79 +311,52 @@ Assuan protocol."
343 ("NOP" 311 ("NOP"
344 (ignore-errors 312 (ignore-errors
345 (process-send-string process "OK\n"))) 313 (process-send-string process "OK\n")))
346 ("OPTION"
347 (if (and pinentry-use-secrets
348 (require 'secrets)
349 secrets-enabled
350 (equal string "allow-external-password-cache"))
351 (setq pinentry--allow-external-password-cache t))
352 (ignore-errors
353 (process-send-string process "OK\n")))
354 ("SETKEYINFO"
355 (setq pinentry--key-info string)
356 (ignore-errors
357 (process-send-string process "OK\n")))
358 ("GETPIN" 314 ("GETPIN"
359 (let (passphrase-sent) 315 (let ((prompt
360 (when (and pinentry--allow-external-password-cache 316 (or (cdr (assq 'desc pinentry--labels))
361 pinentry--key-info) 317 (cdr (assq 'prompt pinentry--labels))
362 (let ((items 318 ""))
363 (secrets-search-items "login" 319 (confirm (not (null (assq 'repeat pinentry--labels))))
364 :keygrip pinentry--key-info))) 320 entry)
365 (if items 321 (if (setq entry (assq 'error pinentry--labels))
366 (let (passphrase) 322 (setq prompt (concat "Error: "
367 (unwind-protect 323 (propertize
368 (progn 324 (copy-sequence (cdr entry))
369 (setq passphrase (secrets-get-secret 325 'face 'error)
370 "login" 326 "\n"
371 (car items))) 327 prompt)))
372 (ignore-errors 328 (if (setq entry (assq 'title pinentry--labels))
373 (process-send-string 329 (setq prompt (format "[%s] %s"
374 process 330 (cdr entry) prompt)))
375 "S PASSWORD_FROM_CACHE\n") 331 (let (passphrase escaped-passphrase encoded-passphrase)
376 (pinentry--send-passphrase 332 (unwind-protect
377 process passphrase) 333 (condition-case nil
378 (setq passphrase-sent t))) 334 (progn
379 (if passphrase 335 (setq passphrase
380 (clear-string passphrase))))))) 336 (pinentry--prompt prompt "Password: "
381 (unless passphrase-sent 337 #'read-passwd confirm))
382 (let ((prompt 338 (setq escaped-passphrase
383 (or (cdr (assq 'desc pinentry--labels)) 339 (pinentry--escape-string
384 (cdr (assq 'prompt pinentry--labels)) 340 passphrase))
385 "")) 341 (setq encoded-passphrase (encode-coding-string
386 (confirm 342 escaped-passphrase
387 (not (null (assq 'repeat pinentry--labels)))) 343 'utf-8))
388 entry) 344 (ignore-errors
389 (if (setq entry (assq 'error pinentry--labels)) 345 (pinentry--send-data
390 (setq prompt (concat "Error: " 346 process encoded-passphrase)
391 (propertize 347 (process-send-string process "OK\n")))
392 (copy-sequence (cdr entry)) 348 (error
393 'face 'error) 349 (ignore-errors
394 "\n" 350 (pinentry--send-error
395 prompt))) 351 process
396 (if (setq entry (assq 'title pinentry--labels)) 352 pinentry--error-cancelled))))
397 (setq prompt (format "[%s] %s" 353 (if passphrase
398 (cdr entry) prompt))) 354 (clear-string passphrase))
399 (let (passphrase) 355 (if escaped-passphrase
400 (unwind-protect 356 (clear-string escaped-passphrase))
401 (condition-case nil 357 (if encoded-passphrase
402 (progn 358 (clear-string encoded-passphrase))))
403 (setq passphrase 359 (setq pinentry--labels nil)))
404 (pinentry--prompt prompt "Password: "
405 #'read-passwd
406 confirm))
407 (ignore-errors
408 (pinentry--send-passphrase process
409 passphrase)
410 (process-send-string process "OK\n")))
411 (error
412 (ignore-errors
413 (pinentry--send-error
414 process
415 pinentry--error-cancelled))))
416 (if passphrase
417 (clear-string passphrase))))
418 (setq pinentry--labels nil)))))
419 ("CONFIRM" 360 ("CONFIRM"
420 (let ((prompt 361 (let ((prompt
421 (or (cdr (assq 'desc pinentry--labels)) 362 (or (cdr (assq 'desc pinentry--labels))
generated by cgit v1.2.1 (git 2.18.0) at 2026-01-26 05:49:11 +0000