From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Ben Key Newsgroups: gmane.emacs.devel Subject: Re: Modifying Emacs to use the Mac OS X Keychain Services Date: Sun, 5 Jun 2011 18:23:59 -0500 Message-ID: NNTP-Posting-Host: lo.gmane.org Mime-Version: 1.0 Content-Type: multipart/alternative; boundary=0016e68deb3d556cb704a4ff4952 X-Trace: dough.gmane.org 1307316290 30713 80.91.229.12 (5 Jun 2011 23:24:50 GMT) X-Complaints-To: usenet@dough.gmane.org NNTP-Posting-Date: Sun, 5 Jun 2011 23:24:50 +0000 (UTC) To: Emacs Development , Ted Zlatanov Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Mon Jun 06 01:24:46 2011 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([140.186.70.17]) by lo.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1QTMgX-0007K4-24 for ged-emacs-devel@m.gmane.org; Mon, 06 Jun 2011 01:24:45 +0200 Original-Received: from localhost ([::1]:58177 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1QTMgV-0006wS-VY for ged-emacs-devel@m.gmane.org; Sun, 05 Jun 2011 19:24:44 -0400 Original-Received: from eggs.gnu.org ([140.186.70.92]:54128) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1QTMgC-0006vj-Pm for Emacs-devel@gnu.org; Sun, 05 Jun 2011 19:24:26 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1QTMgB-0006lf-2B for Emacs-devel@gnu.org; Sun, 05 Jun 2011 19:24:24 -0400 Original-Received: from mail-bw0-f41.google.com ([209.85.214.41]:40838) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1QTMgA-0006kd-Hm for Emacs-devel@gnu.org; Sun, 05 Jun 2011 19:24:23 -0400 Original-Received: by bwz17 with SMTP id 17so3714259bwz.0 for ; Sun, 05 Jun 2011 16:24:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:from:date:message-id:subject:to :content-type; bh=ZJmIWBNpJigzoomqHcrVndzg+Y0erMvhhEkFKcXfqTY=; b=d6DigFmQoJEM1U6fblnDhh8R87WsZjxdnhn4lyInIQSosLsCC93yhezW3rZeEa8sH1 rk4NtfncaCbf1Kc0VH/L/4jDVaOHeKeQrhPx7iKxY/QgslsIH16Ox16Vqq+PAbScgWPI gqqS4gvNmeu8oKC0c/PLAlLBXHi9iYUvFJI94= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:from:date:message-id:subject:to:content-type; b=MVzDlYXpwfBn3t4hvy62HyqUSDVZtjoePScBLNql0pL1Lyx8eshJvAsVbUuDB18aSD r8kg0T8eiRd9N+KPQ7RWMF1bI9YaYx0VSSLycq8uM7wgBXrNOzPC9rx8tdC47nhmGlGr 0KGhECNhkm+6zElU5nSiXnsVv4nOSEg09ma2Q= Original-Received: by 10.204.82.166 with SMTP id b38mr4175191bkl.207.1307316260793; Sun, 05 Jun 2011 16:24:20 -0700 (PDT) Original-Received: by 10.204.59.212 with HTTP; Sun, 5 Jun 2011 16:23:59 -0700 (PDT) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 2) X-Received-From: 209.85.214.41 X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.devel:140215 Archived-At: --0016e68deb3d556cb704a4ff4952 Content-Type: text/plain; charset=ISO-8859-1 Ted Zlatanov wrote: *> Right, so the name of the collection is the serviceName as far as the OS > is concerned. That means it could be stored anywhere, right? * Yes. A keychain item for a given serviceName can be stored anywhere. *> Does the user care what file it's stored in? Can you have any > serviceName in any file, or is there some connection or dependency > between the two? * I do not know if the user cares what file it is stored in. I just know what I see in auth-source.el. In the auth-sources defcustom I see several items that appear to be related to using the secrets API as defined in secrets.el. They are as follows: (const :tag "Default Secrets API Collection" 'default) (const :tag "Login Secrets API Collection" "secrets:Login") (const :tag "Temp Secrets API Collection" "secrets:session") The value assigned to the auth-sources defcustom appears to be associated with the collection parameter that is used when calling secrets-get-secret and secrets-get-attributes. I do not know enough Lisp to be certain of that. It is the "secrets:Login" item that made me think I was misinterpreting the collection parameter in my implementation. This item seems to exactly describe the Login keychain file in Mac OS X. The default item seems to be analogous to the default keychain in Mac OS X, which is by default the Login keychain but can be changed to a user defined keychain file using the Keychain Access application. As for your question about whether you can have any serviceName in any file, yes you can. There is no dependency or connection between the serviceName parameter and the keychain file. I just want to do this right. If the right approach is to use the default keychain by default providing a way to customize Emacs to use another keychain file and interpreting the collection parameter as the service name, then that is the approach I will use. But, if I should instead use the collection parameter as an indication of which keychain file to use, as the three "Secrets API Collection" items in the auth-sources defcustom imply I should, then that is the approach I will use. It seems that you favor the first approach. Are there any other opinions? * * --0016e68deb3d556cb704a4ff4952 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Ted Zlatanov wrote:

> Right, so the name of t= he collection is the serviceName as far as the OS
> is concerned.=A0 = That means it could be stored anywhere, right?

Yes.=A0 A keychai= n item for a given serviceName can be stored anywhere.

> Does the user care what file it's stored in?=A0 Can you hav= e any
> serviceName in any file, or is there some connection or depen= dency
> between the two?

I do not know if the user cares w= hat file it is stored in.=A0 I just know what I see in auth-source.el.=A0 I= n the auth-sources defcustom I see several items that appear to be related = to using the secrets API as defined in secrets.el.=A0 They are as follows:<= br> =A0 (const :tag "Default Secrets API Collection" 'default)=A0 (const :tag "Login Secrets API Collection" "secrets:Log= in")
=A0 (const :tag "Temp Secrets API Collection" "= secrets:session")

The value assigned to the auth-sources defcustom appears to be associat= ed with the collection parameter that is used when calling secrets-get-secr= et and secrets-get-attributes.=A0 I do not know enough Lisp to be certain o= f that.=A0 It is the "secrets:Login" item that made me think I wa= s misinterpreting the collection parameter in my implementation.=A0 This it= em seems to exactly describe the Login keychain file in Mac OS X.=A0 The de= fault item seems to be analogous to the default keychain in Mac OS X, which= is by default the Login keychain but can be changed to a user defined keyc= hain file using the Keychain Access application.

As for your question about whether you can have any serviceName in any = file, yes you can.=A0 There is no dependency or connection between the serv= iceName parameter and the keychain file.

I just want to do this righ= t.=A0 If the right approach is to use the default keychain by default provi= ding a way to customize Emacs to use another keychain file and interpreting= the collection parameter as the service name, then that is the approach I = will use.=A0 But, if I should instead use the collection parameter as an in= dication of which keychain file to use, as the three "Secrets API Coll= ection" items in the auth-sources defcustom imply I should, then that = is the approach I will use.

It seems that you favor the first approach.=A0 Are there any other opin= ions?

 --0016e68deb3d556cb704a4ff4952--