From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Ben Key Newsgroups: gmane.emacs.devel Subject: Re: Modifying Emacs to use the Mac OS X Keychain Services Date: Wed, 8 Jun 2011 00:50:50 -0500 Message-ID: References: <8739jmso4c.fsf@gmx.de> <87y61ekr8y.fsf@gmx.de> NNTP-Posting-Host: lo.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-Trace: dough.gmane.org 1307512499 25959 80.91.229.12 (8 Jun 2011 05:54:59 GMT) X-Complaints-To: usenet@dough.gmane.org NNTP-Posting-Date: Wed, 8 Jun 2011 05:54:59 +0000 (UTC) To: Emacs Development Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Wed Jun 08 07:54:55 2011 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([140.186.70.17]) by lo.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1QUBjB-0002gQ-HG for ged-emacs-devel@m.gmane.org; Wed, 08 Jun 2011 07:54:53 +0200 Original-Received: from localhost ([::1]:52000 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1QUBjA-0007lk-U4 for ged-emacs-devel@m.gmane.org; Wed, 08 Jun 2011 01:54:53 -0400 Original-Received: from eggs.gnu.org ([140.186.70.92]:49078) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1QUBfe-0007KZ-CY for Emacs-devel@gnu.org; Wed, 08 Jun 2011 01:51:15 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1QUBfc-00057s-6u for Emacs-devel@gnu.org; Wed, 08 Jun 2011 01:51:14 -0400 Original-Received: from mail-bw0-f41.google.com ([209.85.214.41]:53040) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1QUBfb-00056G-Ni for Emacs-devel@gnu.org; Wed, 08 Jun 2011 01:51:12 -0400 Original-Received: by bwz17 with SMTP id 17so162988bwz.0 for ; Tue, 07 Jun 2011 22:51:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:in-reply-to:references:from:date :message-id:subject:to:content-type:content-transfer-encoding; bh=ZxWFjbSckOKO9SftImvHED2YaaOydeW7yFsM5liZlZ4=; b=Piyw2OQWtvqtLH5Zav0+AfPVLT8YOWBz4t89zYPd3JY+s6TNBKshKrN+tk/agMmDBC Y/4piqucE1JmhqY3YzGpIDVxLKm0JlrZkPVeq1acq1HYJ93GsHHKygC7zw8vpLAOp1xO lUY6jNIH9oWGBGF3P/nL9TKs7io0jsyMdcLjg= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :content-type:content-transfer-encoding; b=TSlKvbIA9e4Q9ywTThsgRvbZgEg929Rv48FDEsu5uhIa+jEXSeWkiHqNM20z6AgXFx kfg5jwB9fBSQe/oFO/Voc2IUR/cAW1JG2ZbV7fotBIvmWcCmE9l3SKdZfyXXpSyAoabp bZMVbJeXkDws3GHquPsu/J5zaW/KeFRwoMgRE= Original-Received: by 10.204.3.193 with SMTP id 1mr720734bko.72.1307512270265; Tue, 07 Jun 2011 22:51:10 -0700 (PDT) Original-Received: by 10.204.59.212 with HTTP; Tue, 7 Jun 2011 22:50:50 -0700 (PDT) In-Reply-To: X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 2) X-Received-From: 209.85.214.41 X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.devel:140285 Archived-At: On Tue, Jun 7, 2011 at 2:58 AM, Michael Albinus wr= ote: > Reading your explanation of keychain files, it sounds natural. Since it seems that both you and Ted Zlatanov seem to prefer the second interpretation of the collection parameter, this evening I rewrote the ns-keychain functions I had already written so that they interpret the collection parameter to be an indication of what keychain file the data should be stored in. =A0The values "default" or "secrets:default" are interpreted to mean that the default keychain should be used. =A0The values "login" or "secrets:Login" are interpreted to mean that the login keychain file should be used. =A0Other values for collection such as "session" or "secrets:session" are not supported at this time. =A0The values "session" or "secrets:session" cause an error with an "At this time the 'session' collection is not supported on Mac OS X" message. =A0Other non-supported values simply result in the default keychain being used. > The major idea of the "session" collection is to NOT store secrets > permanently. Therefore, I would recommend that you raise an error "not > available" or something like this, if somebody uses the "session" > collection in your case. I could mimic this capability by storing the data in a keychain file, such as ~/Library/Keychains/emacs-session.keychain that gets deleted using the function SecKeychainDelete when Emacs exits. =A0This would make it an Emacs session keychain. =A0Of course if Emacs crashes, the keychain file would not be deleted. =A0If we decide to do this later, I can add that functionality at any time without too much difficulty. For now, I just raise an error in this case as you suggested. Since the collection parameter is now being interpreted as an indication of which keychain file to store the data in, I had to pick a value for the serviceName parameter that is used by functions like SecKeychainAddGenericPassword and SecKeychainFindGenericPassword. =A0I chose the value "GNU Emacs." =A0Are there any objections to this? =A0I could have added a parameter to allow the user to select the value of the serviceName parameter but this would have made it necessary to abandon my plan of adding one ns-keychain function for each secrets API function that has the same parameters, and as near to the same behavior, as the corresponding secrets API function.