From: Ben Key <bkey76@gmail.com>
To: Emacs Development <Emacs-devel@gnu.org>
Subject: Re: Modifying Emacs to use the Mac OS X Keychain Services
Date: Wed, 8 Jun 2011 00:50:50 -0500 [thread overview]
Message-ID: <BANLkTinEgJ9AgNMA8U5wiAjf3S=nwpEx-Q@mail.gmail.com> (raw)
In-Reply-To: <BANLkTin1DxY33iaQ5=9KJKD_gwQvsJwJ8Q@mail.gmail.com>
On Tue, Jun 7, 2011 at 2:58 AM, Michael Albinus <michael.albinus@gmx.de> wrote:
> Reading your explanation of keychain files, it sounds natural.
Since it seems that both you and Ted Zlatanov seem to prefer the
second interpretation of the collection parameter, this evening I
rewrote the ns-keychain functions I had already written so that they
interpret the collection parameter to be an indication of what
keychain file the data should be stored in. The values "default" or
"secrets:default" are interpreted to mean that the default keychain
should be used. The values "login" or "secrets:Login" are interpreted
to mean that the login keychain file should be used. Other values for
collection such as "session" or "secrets:session" are not supported at
this time. The values "session" or "secrets:session" cause an error
with an "At this time the 'session' collection is not supported on Mac
OS X" message. Other non-supported values simply result in the
default keychain being used.
> The major idea of the "session" collection is to NOT store secrets
> permanently. Therefore, I would recommend that you raise an error "not
> available" or something like this, if somebody uses the "session"
> collection in your case.
I could mimic this capability by storing the data in a keychain file,
such as ~/Library/Keychains/emacs-session.keychain that gets deleted
using the function SecKeychainDelete when Emacs exits. This would
make it an Emacs session keychain. Of course if Emacs crashes, the
keychain file would not be deleted. If we decide to do this later, I
can add that functionality at any time without too much difficulty.
For now, I just raise an error in this case as you suggested.
Since the collection parameter is now being interpreted as an
indication of which keychain file to store the data in, I had to pick
a value for the serviceName parameter that is used by functions like
SecKeychainAddGenericPassword and SecKeychainFindGenericPassword. I
chose the value "GNU Emacs." Are there any objections to this? I
could have added a parameter to allow the user to select the value of
the serviceName parameter but this would have made it necessary to
abandon my plan of adding one ns-keychain function for each secrets
API function that has the same parameters, and as near to the same
behavior, as the corresponding secrets API function.
next prev parent reply other threads:[~2011-06-08 5:50 UTC|newest]
Thread overview: 48+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-06-01 2:04 Modifying Emacs to use the Mac OS X Keychain Services Ben Key
2011-06-01 2:13 ` Ted Zlatanov
2011-06-05 18:54 ` Ben Key
2011-06-05 20:01 ` Ted Zlatanov
2011-06-06 20:26 ` Michael Albinus
2011-06-07 3:34 ` Ben Key
2011-06-07 7:58 ` Michael Albinus
[not found] ` <BANLkTin1DxY33iaQ5=9KJKD_gwQvsJwJ8Q@mail.gmail.com>
2011-06-08 5:50 ` Ben Key [this message]
2011-06-08 20:48 ` Ted Zlatanov
2012-07-27 15:20 ` Dave Abrahams
2012-07-28 12:16 ` Harald Hanche-Olsen
2012-07-28 16:33 ` Dave Abrahams
2012-07-28 16:45 ` Harald Hanche-Olsen
2012-07-29 22:05 ` Ted Zlatanov
2012-07-30 13:34 ` Michael Albinus
2012-07-31 15:45 ` Ted Zlatanov
2012-08-20 13:42 ` Dave Abrahams
2012-08-20 13:49 ` Dave Abrahams
2012-08-20 14:02 ` Dave Abrahams
-- strict thread matches above, loose matches on Subject: below --
2011-06-12 2:28 Ben Key
2011-06-12 4:18 ` Ben Key
2011-06-12 16:40 ` Eli Zaretskii
2011-06-12 22:23 ` Ted Zlatanov
2011-06-13 3:14 ` Ben Key
2011-06-14 3:12 ` Stefan Monnier
2011-06-15 2:15 ` Ben Key
2011-06-15 15:12 ` Ted Zlatanov
2011-06-15 16:30 ` Andreas Schwab
2011-06-15 20:02 ` Ted Zlatanov
2011-06-15 23:26 ` Stefan Monnier
2011-06-17 20:31 ` Chong Yidong
2011-06-12 22:21 ` Ted Zlatanov
2011-06-11 0:30 Ben Key
2011-06-11 1:13 ` Ted Zlatanov
2011-06-05 23:23 Ben Key
2011-06-06 0:05 ` Ted Zlatanov
2011-05-30 1:08 Ben Key
2011-05-30 1:19 ` Daniel Colascione
2011-05-30 12:27 ` Ted Zlatanov
2011-05-28 18:32 Ben Key
2011-05-28 2:56 Ben Key
2011-05-28 11:09 ` Michael Albinus
2011-05-28 13:00 ` Ben Key
2011-05-28 14:32 ` Michael Albinus
2011-05-28 17:16 ` Ben Key
2011-05-28 18:13 ` Ted Zlatanov
2011-05-28 19:38 ` Michael Albinus
2011-05-28 15:11 ` Ted Zlatanov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.gnu.org/software/emacs/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='BANLkTinEgJ9AgNMA8U5wiAjf3S=nwpEx-Q@mail.gmail.com' \
--to=bkey76@gmail.com \
--cc=Emacs-devel@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).