From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Ted Zlatanov Newsgroups: gmane.emacs.devel Subject: Re: netrc field encryption in auth-source Date: Thu, 16 Jun 2011 08:35:23 -0500 Organization: =?utf-8?B?0KLQtdC+0LTQvtGAINCX0LvQsNGC0LDQvdC+0LI=?= @ Cienfuegos Message-ID: <87boxxx5k4.fsf@lifelogs.com> References: <87liyofwxp.fsf@lifelogs.com> <874o5cfui5.fsf@lifelogs.com> <87liyndz5l.fsf@lifelogs.com> <8739jogwf9.fsf@lifelogs.com> <87lix9eknu.fsf_-_@lifelogs.com> <878vt52ykv.fsf@lifelogs.com> <878vt25tbf.fsf@lifelogs.com> Reply-To: emacs-devel@gnu.org NNTP-Posting-Host: lo.gmane.org Mime-Version: 1.0 Content-Type: text/plain X-Trace: dough.gmane.org 1308234498 14640 80.91.229.12 (16 Jun 2011 14:28:18 GMT) X-Complaints-To: usenet@dough.gmane.org NNTP-Posting-Date: Thu, 16 Jun 2011 14:28:18 +0000 (UTC) To: emacs-devel@gnu.org Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Thu Jun 16 16:28:15 2011 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([140.186.70.17]) by lo.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1QXDYM-0001N9-Hl for ged-emacs-devel@m.gmane.org; Thu, 16 Jun 2011 16:28:14 +0200 Original-Received: from localhost ([::1]:59629 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1QXDYL-0002x4-Bm for ged-emacs-devel@m.gmane.org; Thu, 16 Jun 2011 10:28:13 -0400 Original-Received: from eggs.gnu.org ([140.186.70.92]:36161) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1QXCo2-00071L-HM for emacs-devel@gnu.org; Thu, 16 Jun 2011 09:40:30 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1QXCnq-0007YV-3c for emacs-devel@gnu.org; Thu, 16 Jun 2011 09:40:21 -0400 Original-Received: from lo.gmane.org ([80.91.229.12]:39717) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1QXCnp-0007Ws-C5 for emacs-devel@gnu.org; Thu, 16 Jun 2011 09:40:09 -0400 Original-Received: from list by lo.gmane.org with local (Exim 4.69) (envelope-from ) id 1QXCjU-0006uf-6d for emacs-devel@gnu.org; Thu, 16 Jun 2011 15:35:40 +0200 Original-Received: from 38.98.147.133 ([38.98.147.133]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Thu, 16 Jun 2011 15:35:39 +0200 Original-Received: from tzz by 38.98.147.133 with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Thu, 16 Jun 2011 15:35:39 +0200 X-Injected-Via-Gmane: http://gmane.org/ Mail-Followup-To: emacs-devel@gnu.org Original-Lines: 53 Original-X-Complaints-To: usenet@dough.gmane.org X-Gmane-NNTP-Posting-Host: 38.98.147.133 X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6; d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT= D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx" Mail-Copies-To: never User-Agent: Gnus/5.110018 (No Gnus v0.18) Emacs/24.0.50 (gnu/linux) Cancel-Lock: sha1:Yu5bLdXxFnBanK8lrJP1SN5vtIk= X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 3) X-Received-From: 80.91.229.12 X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.devel:140552 Archived-At: On Thu, 16 Jun 2011 10:32:15 +0200 Robert Pluim wrote: RP> Ted Zlatanov writes: >> Applied. See `auth-source-save-secrets' for the only user-controllable >> piece of the code. It should really be using the EPA functions directly >> instead of relying on the file handlers but I wasn't able to get that >> working. Maybe Daiki Ueno could give me a hint. Or I will get to it >> eventually... RP> I just took a look at this, it contains RP> +(defcustom auth-source-save-secrets nil RP> + "If set, auth-source will respect it for password tokens behavior." RP> + :group 'auth-source RP> + :version "23.2" ;; No Gnus RP> + :type `(choice RP> + :tag "auth-source new password token behavior" RP> + (const :tag "Use GPG tokens" gpg) RP> + (const :tag "Save unencrypted" nil) RP> + (const :tag "Ask" ask))) RP> I'm glad auth-source will show respect, but that doc-string is almost RP> information free. Damn it, someone noticed ;) RP> How about something like RP> "This controls what auth-source will do with password tokens: save them, RP> ask, store as gpg tokens in .authinfo" You're just listing the defcustom choices in the docstring itself. What if we add choices? We have to edit the docstring again. How about "Set this to tell auth-source how to handle password tokens in unencrypted files." RP> Also, does ask mean 'ask once', or does it mean 'ask every time'? I'm RP> personally looking for something that would give me "don't store RP> passwords and don't ask me about storing them except maybe the first RP> time". I'm not sure yet. Right now it's once per Emacs session, if 'ask, but I left the default nil since it's 100% experimental. So users that update blindly will not be affected at all, for now. I can certainly use Customize to set it to 'gpg or nil forever after the first time it's asked. The problem is, I'm also not sure if it should be a single global setting. It feels like something that should be decided for each individual netrc file. And if that's the case, maybe the defcustom should hold that choice in an alist with regex matching. Ted