aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--doc/misc/auth.texi11
-rw-r--r--etc/NEWS3
-rw-r--r--lisp/auth-source-pass.el9
-rw-r--r--lisp/erc/erc-compat.el2
-rw-r--r--test/lisp/auth-source-pass-tests.el24
5 files changed, 26 insertions, 23 deletions
diff --git a/doc/misc/auth.texi b/doc/misc/auth.texi
index 872e5f88f55..83728be0a54 100644
--- a/doc/misc/auth.texi
+++ b/doc/misc/auth.texi
@@ -560,11 +560,12 @@ favors the @samp{rms@@gnu.org.gpg} form for usernames over the
560param was provided. 560param was provided.
561 561
562In general, if you prefer idiosyncrasies traditionally exhibited by 562In general, if you prefer idiosyncrasies traditionally exhibited by
563this backend, such as prioritizing field count in a filename, try 563this backend, such as prioritizing field count in a filename or
564setting this option to @code{nil}. But, if you experience problems 564matching against subdomain labels, keep this option set to @code{nil}
565predicting the outcome of searches relative to other auth-source 565(the default). But, if you experience problems predicting the outcome
566backends or encounter code expecting to query multiple backends 566of searches relative to other auth-source backends or encounter code
567uniformly, try flipping it back to @code{t} (the default). 567expecting to query multiple backends uniformly, try flipping it to
568@code{t}.
568@end defvar 569@end defvar
569 570
570@node Help for developers 571@node Help for developers
diff --git a/etc/NEWS b/etc/NEWS
index 7b64752f46c..0ffc849feca 100644
--- a/etc/NEWS
+++ b/etc/NEWS
@@ -1410,7 +1410,8 @@ database stored on disk.
1410*** New user option 'auth-source-pass-extra-query-keywords'. 1410*** New user option 'auth-source-pass-extra-query-keywords'.
1411Whether to recognize additional keyword params, like ':max' and 1411Whether to recognize additional keyword params, like ':max' and
1412':require', as well as accept lists of query terms paired with 1412':require', as well as accept lists of query terms paired with
1413applicable keywords. 1413applicable keywords. This disables most known behavioral quirks
1414unique to auth-source-pass, such as wildcard subdomain matching.
1414 1415
1415** Dired 1416** Dired
1416 1417
diff --git a/lisp/auth-source-pass.el b/lisp/auth-source-pass.el
index dc274843e10..74d38084480 100644
--- a/lisp/auth-source-pass.el
+++ b/lisp/auth-source-pass.el
@@ -55,12 +55,13 @@
55 :type 'string 55 :type 'string
56 :version "27.1") 56 :version "27.1")
57 57
58(defcustom auth-source-pass-extra-query-keywords t 58(defcustom auth-source-pass-extra-query-keywords nil
59 "Whether to consider additional keywords when performing a query. 59 "Whether to consider additional keywords when performing a query.
60Specifically, when the value is t, recognize the `:max' and 60Specifically, when the value is t, recognize the `:max' and
61`:require' keywords and accept lists of query parameters for 61`:require' keywords and accept lists of query parameters for
62certain keywords, such as `:host' and `:user'. Also, wrap all 62certain keywords, such as `:host' and `:user'. Beyond that, wrap
63returned secrets in a function and forgo any further results 63all returned secrets in a function and don't bother considering
64subdomains when matching hosts. Also, forgo any further results
64filtering unless given an applicable `:require' argument. When 65filtering unless given an applicable `:require' argument. When
65this option is nil, do none of that, and enact the narrowing 66this option is nil, do none of that, and enact the narrowing
66behavior described toward the bottom of the Info node `(auth) The 67behavior described toward the bottom of the Info node `(auth) The
@@ -110,7 +111,7 @@ HOSTS can be a string or a list of strings."
110(defun auth-source-pass--match-regexp (s) 111(defun auth-source-pass--match-regexp (s)
111 (rx-to-string ; autoloaded 112 (rx-to-string ; autoloaded
112 `(: (or bot "/") 113 `(: (or bot "/")
113 (or (: (? (group-n 20 (+ (not (in ?\ ?/ ?@ ,s)))) "@") 114 (or (: (? (group-n 20 (+ (not (in ?\ ?/ ,s)))) "@")
114 (group-n 10 (+ (not (in ?\ ?/ ?@ ,s)))) 115 (group-n 10 (+ (not (in ?\ ?/ ?@ ,s))))
115 (? ,s (group-n 30 (+ (not (in ?\ ?/ ,s)))))) 116 (? ,s (group-n 30 (+ (not (in ?\ ?/ ,s))))))
116 (: (group-n 11 (+ (not (in ?\ ?/ ?@ ,s)))) 117 (: (group-n 11 (+ (not (in ?\ ?/ ?@ ,s))))
diff --git a/lisp/erc/erc-compat.el b/lisp/erc/erc-compat.el
index 66a9a615e32..abbaafcd936 100644
--- a/lisp/erc/erc-compat.el
+++ b/lisp/erc/erc-compat.el
@@ -176,7 +176,7 @@ If START or END is negative, it counts from the end."
176;; This hard codes `auth-source-pass-port-separator' to ":" 176;; This hard codes `auth-source-pass-port-separator' to ":"
177(defun erc-compat--29-auth-source-pass--retrieve-parsed (seen e port-number-p) 177(defun erc-compat--29-auth-source-pass--retrieve-parsed (seen e port-number-p)
178 (when (string-match (rx (or bot "/") 178 (when (string-match (rx (or bot "/")
179 (or (: (? (group-n 20 (+ (not (in " /@")))) "@") 179 (or (: (? (group-n 20 (+ (not (in " /:")))) "@")
180 (group-n 10 (+ (not (in " /:@")))) 180 (group-n 10 (+ (not (in " /:@"))))
181 (? ":" (group-n 30 (+ (not (in " /:")))))) 181 (? ":" (group-n 30 (+ (not (in " /:"))))))
182 (: (group-n 11 (+ (not (in " /:@")))) 182 (: (group-n 11 (+ (not (in " /:@"))))
diff --git a/test/lisp/auth-source-pass-tests.el b/test/lisp/auth-source-pass-tests.el
index 6e6671efca5..1107e09b51b 100644
--- a/test/lisp/auth-source-pass-tests.el
+++ b/test/lisp/auth-source-pass-tests.el
@@ -697,29 +697,29 @@ machine Libera.Chat password b
697;; with slightly more realistic and less legible values. 697;; with slightly more realistic and less legible values.
698 698
699(ert-deftest auth-source-pass-extra-query-keywords--suffixed-user () 699(ert-deftest auth-source-pass-extra-query-keywords--suffixed-user ()
700 (let ((store (sort (copy-sequence '(("x.com:42/bar" (secret . "a")) 700 (let ((store (sort (copy-sequence '(("x.com:42/b@r" (secret . "a"))
701 ("bar@x.com" (secret . "b")) 701 ("b@r@x.com" (secret . "b"))
702 ("x.com" (secret . "?")) 702 ("x.com" (secret . "?"))
703 ("bar@y.org" (secret . "c")) 703 ("b@r@y.org" (secret . "c"))
704 ("fake.com" (secret . "?")) 704 ("fake.com" (secret . "?"))
705 ("fake.com/bar" (secret . "d")) 705 ("fake.com/b@r" (secret . "d"))
706 ("y.org/bar" (secret . "?")) 706 ("y.org/b@r" (secret . "?"))
707 ("bar@fake.com" (secret . "e")))) 707 ("b@r@fake.com" (secret . "e"))))
708 (lambda (&rest _) (zerop (random 2)))))) 708 (lambda (&rest _) (zerop (random 2))))))
709 (auth-source-pass--with-store store 709 (auth-source-pass--with-store store
710 (auth-source-pass-enable) 710 (auth-source-pass-enable)
711 (let* ((auth-source-pass-extra-query-keywords t) 711 (let* ((auth-source-pass-extra-query-keywords t)
712 (results (auth-source-search :host '("x.com" "fake.com" "y.org") 712 (results (auth-source-search :host '("x.com" "fake.com" "y.org")
713 :user "bar" 713 :user "b@r"
714 :require '(:user) :max 5))) 714 :require '(:user) :max 5)))
715 (dolist (result results) 715 (dolist (result results)
716 (setf (plist-get result :secret) (auth-info-password result))) 716 (setf (plist-get result :secret) (auth-info-password result)))
717 (should (equal results 717 (should (equal results
718 '((:host "x.com" :user "bar" :secret "b") 718 '((:host "x.com" :user "b@r" :secret "b")
719 (:host "x.com" :user "bar" :port "42" :secret "a") 719 (:host "x.com" :user "b@r" :port "42" :secret "a")
720 (:host "fake.com" :user "bar" :secret "e") 720 (:host "fake.com" :user "b@r" :secret "e")
721 (:host "fake.com" :user "bar" :secret "d") 721 (:host "fake.com" :user "b@r" :secret "d")
722 (:host "y.org" :user "bar" :secret "c")))))))) 722 (:host "y.org" :user "b@r" :secret "c"))))))))
723 723
724;; This is a more distilled version of `suffixed-user', above. It 724;; This is a more distilled version of `suffixed-user', above. It
725;; better illustrates that search order takes precedence over "/user" 725;; better illustrates that search order takes precedence over "/user"
generated by cgit v1.2.1 (git 2.18.0) at 2026-03-05 04:56:21 +0000