| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
Run "TZ=UTC0 admin/update-copyright".
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The option `auth-source-pass-extra-query-keywords' aims to make its
back end hew as close to the other built-in ones as possible, except
WRT features not yet implemented, such as arbitrary "attribute"
retrieval and new entry creation. This change only concerns behavior
exhibited when the option is enabled.
* lisp/auth-source-pass.el (auth-source-pass--match-parts): Account
for the case in which a query lacks a reference parameter for a
`:port' or `:user' but still requires one or both via the `:require'
keyword. Previously, such a query would fail even when an entry met
this requirement by simply specifying a field with any non-null value
corresponding to the required parameter.
(auth-source-pass--find-match-many): Account for the baseline case
where a matching entry lacks a secret and the user doesn't require
one. Although this function doesn't currently return so-called
"attributes" from the contents of a matching decrypted file, were it
to eventually, this case would no longer be academic.
* test/lisp/auth-source-pass-tests.el
(auth-source-pass-extra-query-keywords--req-noparam-miss-netrc)
(auth-source-pass-extra-query-keywords--req-noparam-miss)
(auth-source-pass-extra-query-keywords--req-param-netrc)
(auth-source-pass-extra-query-keywords--req-param): New tests.
(auth-source-pass-extra-query-keywords--netrc-baseline): New test
asserting behavior of netrc backend when passed a lone `:host' as a
query parameter.
(auth-source-pass-extra-query-keywords--baseline): Reverse expected
outcome to match that of the netrc reference implementation.
(bug#72441)
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* lisp/auth-source-pass.el (auth-source-pass--match-regexp): Allow an
entry's host and user fields to contain spaces, just like other
backends do.
* lisp/erc/erc-compat.el
(erc-compat--29-auth-source-pass--retrieve-parsed): Change regexp to
allow spaces in host and user components of file names.
* test/lisp/auth-source-pass-tests.el (auth-source-pass-any-host):
Silence warning message re wildcards emitted by
`auth-source-pass-search'.
(auth-source-pass-extra-query-keywords--suffixed-user): Add spaces
to users and hosts of some example entries. (Bug#58985.)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* doc/misc/auth.texi: Mention subdomain matching in
`auth-source-pass-extra-query-keywords' section.
* etc/NEWS: Mention the loss of traditional auth-source-pass features
when `auth-source-pass-extra-query-keywords' is enabled.
* lisp/auth-source-pass (auth-source-pass-extra-query-keywords): Set
default to nil. Mention domain matching in doc string.
(auth-source-pass--match-regexp): Allow username to contain "@".
* lisp/erc/erc-compat.el:
(erc-compat--29-auth-source-pass--retrieve-parsed): Adjust regexp.
* test/lisp/auth-source-pass-tests.el
(auth-source-pass-extra-query-keywords--suffixed-user): make plain
username more email-like.
(Bug#58985.)
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* lisp/auth-source-pass.el (auth-source-pass-extra-query-keywords): Add
new option to bring search behavior more in line with other backends.
(auth-source-pass-search): Add new keyword params `max' and `require'
and consider new option `auth-source-pass-extra-query-keywords' for
dispatch.
(auth-source-pass--match-regexp, auth-source-pass--retrieve-parsed,
auth-source-pass--match-parts): Add supporting variable and helpers.
(auth-source-pass--build-result-many,
auth-source-pass--find-match-many): Add "-many" variants for existing
workhorse functions.
* test/lisp/auth-source-pass-tests.el: Require `ert-x'.
(auth-source-pass-can-start-from-auth-source-search): Ensure
`auth-source-pass-extra-query-keywords' is enabled around test body.
(auth-source-pass-extra-query-keywords--wild-port-miss-netrc,
auth-source-pass-extra-query-keywords--wild-port-miss,
auth-source-pass-extra-query-keywords--wild-port-hit-netrc,
auth-source-pass-extra-query-keywords--wild-port-hit,
auth-source-pass-extra-query-keywords--wild-port-req-miss-netrc,
auth-source-pass-extra-query-keywords--wild-port-req-miss,
auth-source-pass-extra-query-keywords--netrc-akib,
auth-source-pass-extra-query-keywords--akib,
auth-source-pass-extra-query-keywords--netrc-host,
auth-source-pass-extra-query-keywords--host,
auth-source-pass-extra-query-keywords--baseline,
auth-source-pass-extra-query-keywords--port-type,
auth-source-pass-extra-query-keywords--hosts-first,
auth-source-pass-extra-query-keywords--ambiguous-user-host,
auth-source-pass-extra-query-keywords--suffixed-user,
auth-source-pass-extra-query-keywords--user-priorities): Add
juxtaposed netrc and extra-query-keywords pairs to demo optional
extra-compliant behavior.
* doc/misc/auth.texi: Add option
`auth-source-pass-extra-query-keywords' to auth-source-pass section.
* etc/NEWS: Mention `auth-source-pass-extra-query-keywords' in Emacs
29.1 package changes section. (Bug#58985.)
Special thanks to Akib Azmain Turja <akib@disroot.org> for helping
improve this patch.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Users should be able to store a field as follows:
message: remember: Destroy the image and you will break the enemy
and later, recover the message untouched, i.e.:
"remember: Destroy the image and you will break the enemy"
* lisp/auth-source-pass.el (auth-source-pass--parse-data): Preserve
inner spaces at data.
* test/lisp/auth-source-pass-tests.el
(auth-source-pass-parse-with-colons-in-data): Add test.
|
| |
|
|
|
|
|
|
|
|
| |
* lisp/auth-source-pass.el (auth-source-pass-search): Accept a list of
strings for argument HOST.
(auth-source-pass--build-result): Rename argument HOST to HOSTS. Also
return value "host" from entry if it exists.
(auth-source-pass--find-match): Rename argument HOST to HOSTS. Iterate
over each host in HOSTS.
* test/lisp/auth-source-pass-tests.el: Add corresponding tests
|
| |
|
|
| |
Run "TZ=UTC0 admin/update-copyright".
|
| | |
|
| |
|
|
| |
Run "TZ=UTC0 admin/update-copyright $(git ls-files)".
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* lisp/auth-source-pass.el (auth-source-pass--find-match): Refactor by
moving some code to auth-source-pass--disambiguate.
(auth-source-pass--disambiguate)
(auth-source-pass--entries-matching-suffix): New function.
(auth-source-pass--find-match-unambiguous)
(auth-source-pass--select-from-entries)
(auth-source-pass--entry-reducer): Refactor to simplify and improve
logging.
(auth-source-pass--matching-entries)
(auth-source-pass--accumulate-matches): Remove.
* test/lisp/auth-source-pass-tests.el: Complete rewrite to facilitate
maintenance.
(auth-source-pass--have-message-containing): Remove.
(auth-source-pass--have-message-matching)
(auth-source-pass--explain--have-message-matching)
(auth-source-pass--explain-match-entry-p)
(auth-source-pass--includes-sorted-entries)
(auth-source-pass--explain-includes-sorted-entries)
(auth-source-pass--explain-match-any-entry-p)
(auth-source-pass--matching-entries)
(auth-source-pass-match-entry-p)
(auth-source-pass-match-any-entry-p): New function.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Prior to this commit, while searching for the most applicable entry
password-store entries were decrypted and parsed to ensure they were
valid. The entries were parsed in the order they were found on the
filesystem and all applicable entries would be decrypted and parsed,
which varied based on the contents of the password-store and the entry
to be found.
This is fine when the GPG key is cached and each entry can be
decrypted without user interaction. However, for security some people
have their GPG on a hardware token like a Yubikey setup so that they
have to touch a sensor on the toke for every cryptographic operation,
in which case it becomes inconvenient as each attempt to find an entry
requires a variable number of touches of the hardware token.
The implementation already assumes that names which contain more of
the information in the search key should be preferred so there is an
ordering of preference of applicable entries. If the decrypt and
parsing is removed from the initial identification of applicable
entries in the store then in most cases a single decrypt and parse of
the most preferred entry will suffice, improving the experience for
hardware token users that require interaction with the token.
This commit implements that strategy. It is in spirit a refactor of
the existing code.
* lisp/auth-source-pass.el (auth-source-pass--matching-entries): New
function, generate an ordered list of regular expression matchers for
all possible names that could be in the password-store for the entry
to be found and then makes a pass over the password-store entry names
accumulating the matching entries in a list after the regexp that
matched. This implementation ensures the password-store entry list
still only has to be scanned once.
(auth-source-pass--find-match-unambiguous): Use it to obtain candidate
entries and then parse them one by one until an entry containing the
desired information is located. When complete, return the parsed data
of the entry instead of the entry name so that the information can be
used directly to construct the auth-source response.
(auth-source-pass--build-result): Update accordingly.
(auth-source-pass--find-match): Update docstring accordingly.
(auth-source-pass--select-one-entry)
(auth-source-pass--entry-valid-p)
(auth-source-pass--find-all-by-entry-name)
(auth-source-pass--find-one-by-entry-name): Remove.
(auth-source-pass--select-from-entries)
(auth-source-pass--accumulate-matches)
(auth-source-pass--entry-reducer)
(auth-source-pass--generate-entry-suffixes)
(auth-source-pass--domains)
(auth-source-pass--name-port-user-suffixes): New functions.
* test/lisp/auth-source-pass-tests.el: One test case was added to the
test suite to verify that only the minimal number of entries are
parsed in common cases. The
auth-source-pass-only-return-entries-that-can-be-open test case had to
be re-implemented because the function it was used eliminated as the
functionality is provided elsewhere. All the other fairly substantial
changes to the test suite are the result of mechanical changes that
were required to adapt to auth-source-pass--find-match returning the
data from a parsed password-store entry instead of the entry name.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
auth-source-pass supports entries with username either prefixed to the
hostname with an @ as separator or in a subdirectory under the
hostname. This was true when there was no port or service included in
the name, but got broken with the introduction of
auth-source-pass-port-separator.
* lisp/auth-source-pass.el (auth-source-pass--find-match-unambiguous): Fix
to match hostname:port/username.
* test/lisp/auth-source-pass-tests.el: Add corresponding tests.
|
| |
|
|
|
|
|
|
|
| |
* lisp/auth-source-pass.el (auth-source-pass-port-separator): New
option to specify separator between host and port, default to
colon (":").
(auth-source-pass--find-match-unambiguous): Adapt to make use of the
new variable.
* test/lisp/auth-source-pass-tests.el: Add corresponding tests.
|
| |
|
|
|
|
|
|
|
|
| |
* lisp/auth-source-pass.el (auth-source-pass-search): If there is no
matching entry, auth-source-pass-search should return nil, not (nil).
This lets auth-source fall back to other backends in the auth-sources
list.
* test/lisp/auth-source-pass-tests.el: Add corresponding test.
Copyright-paperwork-exempt: yes
|
| |\
| |
| |
| |
| |
| | |
2fcf2df Fix copyright years by hand
26bed8b Update copyright year to 2019
2814292 Fix value of default frame height. (Bug#33921)
|
| | |
| |
| |
| | |
Run 'TZ=UTC0 admin/update-copyright $(git ls-files)'.
|
| | |
| |
| |
| |
| | |
* test/lisp/auth-source-pass-tests.el
(auth-source-pass-can-start-from-auth-source-search): Add test.
|
| | |
| |
| |
| |
| |
| |
| |
| | |
* lisp/auth-source-pass.el (auth-source-pass-search): Warn when
passing multiple hosts in SPEC. Early return and warn when passing a
wildcard as host in SPEC. Early return when host is nil.
* test/lisp/auth-source-pass-tests.el (auth-source-pass-any-host,
auth-source-pass-undefined-host): Add corresponding tests.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* lisp/auth-source-pass.el (auth-source-pass--find-match): Add PORT
parameter and reorganize code by extracting `find-match-unambiguous'.
(auth-source-pass--find-match-unambiguous): New function.
(auth-source-pass--build-result): Fix the call to `find-match'.
(auth-source-pass--hostname, auth-source-pass--hostname-with-user,
auth-source-pass--user): Remove functions.
* test/lisp/auth-source-pass-tests.el: Fix the calls to `find-match'.
(auth-source-pass-find-host-without-port) Add corresponding test.
|
| | |
| |
| |
| |
| |
| | |
* test/lisp/auth-source-pass-tests.el
(auth-source-pass-build-result-passes-full-host-to-find-match): Add
missing test cases.
|
| | |
| |
| |
| |
| |
| | |
* test/lisp/auth-source-pass-tests.el
(auth-source-pass-build-result-passes-full-host-to-find-match): Add
test making sure find-match is called with full host.
|
| | |
| |
| |
| |
| | |
* test/lisp/auth-source-pass-tests.el
(auth-source-pass-only-return-entries-that-can-be-open): Fix indentation.
|
| | | |
|
| |\ \
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
63b04c11d5 Fix copyright years by hand
5c7dd8a783 Update copyright year to 2018
220a9ecba1 Merge from Gnulib
312c565566 Don't add empty keyboard macro to macro ring (Bug#24992)
39ca289a7a Allow customization of decoding of "man" command
f8240815ea * etc/NEWS: Add security consideration note on passphrase ...
0c78822c70 Fix subtle problem with scroll-down when scroll-margin is ...
acd289c5a4 Fix problems with indexing in User manual
b240c7846b * lisp/help.el (describe-key): Only (copy-sequence elt) wh...
e879a5444a * src/buffer.c (Frestore_buffer_modified_p): Fix bug#29846
81b1028b63 Improve documentation of 'inhibit-modification-hooks' and ...
7175496d7a Fix doc string of 'enable-recursive-minibuffers'
5b38406491 Fix documentation of delsel and of killing text
# Conflicts:
# etc/NEWS
# etc/refcards/ru-refcard.tex
|
| | |
| |
| |
| | |
Run admin/update-copyright.
|
| |/
|
|
|
|
|
|
|
|
|
|
| |
* lisp/auth-source-pass.el (auth-source-pass--user): New function.
(auth-source-pass--find-match): Use it. When the user is not
explicitly specified and no entry is found, extract the user from
the host and then search again. (Bug#29045)
* test/lisp/auth-source-pass-tests.el
(auth-source-pass-find-match-matching-extracting-user-from-host):
Add a new test case.
Copyright-paperwork-exempt: yes
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Most of this change is to boilerplate commentary such as license URLs.
This change was prompted by ftp://ftp.gnu.org's going-away party,
planned for November. Change these FTP URLs to https://ftp.gnu.org
instead. Make similar changes for URLs to other organizations moving
away from FTP. Also, change HTTP to HTTPS for URLs to gnu.org and
fsf.org when this works, as this will further help defend against
man-in-the-middle attacks (for this part I omitted the MS-DOS and
MS-Windows sources and the test tarballs to keep the workload down).
HTTPS is not fully working to lists.gnu.org so I left those URLs alone
for now.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
* doc/misc/auth.texi: Document new integration with Pass. Use @itemize
instead of @enumerate.
* lisp/auth-source-pass.el: Fix indentation.
(auth-source-pass--remove-directory-name): Remove.
* test/lisp/auth-source-pass-tests.el: Adjust test macros.
|
| |
|
|
|
| |
* lisp/auth-source-pass.el: Enable finding entries by "host/username".
* test/lisp/auth-source-pass-tests.el: Adjust tests to check it.
|
|
|
* lisp/auth-source-pass.el: auth-source backend for password-store.
* test/lisp/auth-source-pass-tests.el: Tests for auth-source-pass
behavior.
|
