From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!.POSTED.blaine.gmane.org!not-for-mail From: Damien Cassou Newsgroups: gmane.emacs.bugs Subject: bug#36052: 26.2.50; [PATCH] Improve auth-source-pass Date: Fri, 14 Jun 2019 18:16:01 +0200 Message-ID: <87imt8ywfy.fsf@cassou.me> References: <87o93gjqrw.fsf@cassou.me> <87a7eu2pk5.fsf@gmail.com> <87sgskhydy.fsf@cassou.me> <877e9p45p7.fsf@cassou.me> <83imt8y5ep.fsf@gnu.org> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" Injection-Info: blaine.gmane.org; posting-host="blaine.gmane.org:195.159.176.226"; logging-data="127280"; mail-complaints-to="usenet@blaine.gmane.org" Cc: magnus.henoch@gmail.com, nicolas@petton.fr, npostavs@gmail.com, iku.iwasa@gmail.com, camalot@picnicpark.org, gaby.launay@tutanota.com, 36052@debbugs.gnu.org, tzz@lifelogs.com To: Eli Zaretskii Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Fri Jun 14 19:07:51 2019 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([209.51.188.17]) by blaine.gmane.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.89) (envelope-from ) id 1hbpg7-000Wyy-KA for geb-bug-gnu-emacs@m.gmane.org; Fri, 14 Jun 2019 19:07:51 +0200 Original-Received: from localhost ([::1]:53596 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.86_2) (envelope-from ) id 1hbpg6-0005X5-H3 for geb-bug-gnu-emacs@m.gmane.org; Fri, 14 Jun 2019 13:07:50 -0400 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]:38172) by lists.gnu.org with esmtp (Exim 4.86_2) (envelope-from ) id 1hbot3-0006xr-Fu for bug-gnu-emacs@gnu.org; Fri, 14 Jun 2019 12:17:12 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1hbosz-0006vV-Oh for bug-gnu-emacs@gnu.org; Fri, 14 Jun 2019 12:17:08 -0400 Original-Received: from debbugs.gnu.org ([209.51.188.43]:52364) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1hbosw-0006qZ-SS for bug-gnu-emacs@gnu.org; Fri, 14 Jun 2019 12:17:03 -0400 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1hbosw-0002Nh-J6 for bug-gnu-emacs@gnu.org; Fri, 14 Jun 2019 12:17:02 -0400 X-Loop: help-debbugs@gnu.org Resent-From: Damien Cassou Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Fri, 14 Jun 2019 16:17:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 36052 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: patch Original-Received: via spool by 36052-submit@debbugs.gnu.org id=B36052.15605289739094 (code B ref 36052); Fri, 14 Jun 2019 16:17:02 +0000 Original-Received: (at 36052) by debbugs.gnu.org; 14 Jun 2019 16:16:13 +0000 Original-Received: from localhost ([127.0.0.1]:37675 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1hbos7-0002Mb-Lm for submit@debbugs.gnu.org; Fri, 14 Jun 2019 12:16:12 -0400 Original-Received: from mail.choca.pics ([62.210.108.126]:35212) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1hbos3-0002MQ-7Z for 36052@debbugs.gnu.org; Fri, 14 Jun 2019 12:16:08 -0400 Original-Received: from localhost (localhost.localdomain [IPv6:::1]) by mail.choca.pics (Postfix) with ESMTP id 8BA3CF1AE18; Fri, 14 Jun 2019 18:16:05 +0200 (CEST) Original-Received: from mail.choca.pics ([IPv6:::1]) by localhost (mail.choca.pics [IPv6:::1]) (amavisd-new, port 10032) with ESMTP id nXohaAGZDHrU; Fri, 14 Jun 2019 18:16:04 +0200 (CEST) Original-Received: from localhost (localhost.localdomain [IPv6:::1]) by mail.choca.pics (Postfix) with ESMTP id 041DAF1AE19; Fri, 14 Jun 2019 18:16:04 +0200 (CEST) X-Virus-Scanned: amavisd-new at choca.pics Original-Received: from mail.choca.pics ([IPv6:::1]) by localhost (mail.choca.pics [IPv6:::1]) (amavisd-new, port 10026) with ESMTP id iYcNcrPzdfZf; Fri, 14 Jun 2019 18:16:03 +0200 (CEST) Original-Received: from luz4 (92.116.5.93.rev.sfr.net [93.5.116.92]) by mail.choca.pics (Postfix) with ESMTPSA id 50292F1AE18; Fri, 14 Jun 2019 18:16:03 +0200 (CEST) In-Reply-To: <83imt8y5ep.fsf@gnu.org> X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 209.51.188.43 X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Original-Sender: "bug-gnu-emacs" Xref: news.gmane.org gmane.emacs.bugs:160563 Archived-At: --=-=-= Content-Type: text/plain Eli Zaretskii writes: > These are all described in the patch for the manual, right? If so, > the entries should be marked with "+++", see the beginning of NEWS for > instructions about that. I'm not sure which patch you reviewed so I attach it again to this new email. The first 2 items in NEWS (new user options) are covered by the manual so I've added '+++' in front of each. The last 2 items (less decryption and autoload) shouldn't be in the manual so I've added '---' in front of each. > Please make the text describing each @item start on a new line. Also, > it sounds like you want @table here, not @itemize. And finally, > quoting in @code is sub-optimal; would @samp (and losing the quotes) > do the job? > > File names or their parts should have the @file markup, not @code. I'm not sure I did it right, but you will find a new patch attached to this email. -- Damien Cassou http://damiencassou.seasidehosting.st "Success is the ability to go from one failure to another without losing enthusiasm." --Winston Churchill --=-=-= Content-Type: text/x-patch Content-Disposition: attachment; filename=0013-doc-misc-auth.texi-The-Unix-password-store-Complete-.patch >From 56e544db44c4a98e567e1407f0519483adc4eac7 Mon Sep 17 00:00:00 2001 From: Damien Cassou Date: Thu, 13 Jun 2019 21:54:21 +0200 Subject: [PATCH 13/13] * doc/misc/auth.texi (The Unix password store): Complete rewrite --- doc/misc/auth.texi | 71 +++++++++++++++++++++++++++++++++++++++------- 1 file changed, 61 insertions(+), 10 deletions(-) diff --git a/doc/misc/auth.texi b/doc/misc/auth.texi index a46e3d73fc..bbb66ecab5 100644 --- a/doc/misc/auth.texi +++ b/doc/misc/auth.texi @@ -445,19 +445,60 @@ The Unix password store @uref{http://www.passwordstore.org,,The standard unix password manager} (or just @code{pass}) stores your passwords in -@code{gpg}-protected files following the Unix philosophy. +@code{gpg}-protected files following the Unix philosophy. The store +location (any directory) must be specified in the +@code{auth-source-pass-filename} variable which defaults to +@file{~/.password-store}. -Emacs integration of @code{pass} follows the first approach suggested -by the pass project itself for data organization to find data. This -means that the filename of the file containing the password for a user -on a particular host must contain the host name. The file itself must -contain the password on the first line, as well as a @code{username} -field containing the username on a subsequent line. A @code{port} -field can be used to differentiate the authentication data for several -services with the same username on the same host. +Emacs integration of @code{pass} follows the approach suggested by the +pass project itself for data organization to find data. In +particular, to store a password for the user @code{rms} on the host +@code{gnu.org} and port @code{22}, you should use one of the following +filenames. + +@table @file +@item gnu.org.gpg +No username or port in the filename means that any username and port +will match. + +@item gnu.org/rms.gpg +The username to match can be expressed as filename inside a directory +whose name matches the host. This is useful if the store has +passwords for several users on the same host. + +@item rms@@gnu.org.gpg +The username can also be expressed as a prefix, separated from the +host with an at-sign (@code{@@}). + +@item gnu.org:22.gpg +The port (aka. service) to match can only be expressed after the host and separated with a colon (@code{:}). The separator can be changed through the @code{auth-source-pass-port-separator} variable. + +@item gnu.org:22/rms.gpg + +@item rms@@gnu.org:22.gpg + +@item a/b/gnu.org.gpg +Entries can be stored in arbitrary directories. + +@item a/b/gnu.org/rms.gpg + +@item a/b/rms@@gnu.org.gpg + +@item a/b/gnu.org:22.gpg + +@item a/b/gnu.org:22/rms.gpg + +@item a/b/rms@@gnu.org:22.gpg +@end table + +If several entries match, the one matching the most items (where an +``item'' is one of username, port or host) is preferred. For example, +while searching for an entry matching the @code{rms} user on host +@code{gnu.org} and port @code{22}, then the entry +@file{gnu.org:22/rms.gpg} is preferred over @file{gnu.org.gpg}. Users of @code{pass} may also be interested in functionality provided -by other Emacs packages dealing with pass: +by other Emacs packages: @itemize @item @@ -468,6 +509,16 @@ The Unix password store @uref{https://github.com/jabranham/helm-pass,,helm-pass}: helm interface for pass. @end itemize +@defvar auth-source-pass-filename +Set this variable to a string locating the password store on the disk. +Defaults to @file{~/.password-store}. +@end defvar + +@defvar auth-source-pass-port-separator +Set this variable to a string that should separate an host name from a +port in an entry. Defaults to @samp{:}. +@end defvar + @node Help for developers @chapter Help for developers -- 2.21.0 --=-=-= Content-Type: text/x-patch Content-Disposition: attachment; filename=0012-etc-NEWS-Describe-changes-to-auth-source-pass.patch >From 4d4b9408daac0d47b9b2e2d07e2aefae471376a6 Mon Sep 17 00:00:00 2001 From: Damien Cassou Date: Sun, 2 Jun 2019 11:08:40 +0200 Subject: [PATCH 12/13] * etc/NEWS: Describe changes to auth-source-pass --- etc/NEWS | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/etc/NEWS b/etc/NEWS index e3023216ac..67dc2e9164 100644 --- a/etc/NEWS +++ b/etc/NEWS @@ -1517,6 +1517,25 @@ the new variable 'buffer-auto-revert-by-notification' to a non-nil value. Auto Revert mode can use this information to avoid polling the buffer periodically when 'auto-revert-avoid-polling' is non-nil. +** auth-source-pass + ++++ +*** New customizable variable 'auth-source-pass-filename'. +Allows setting the path to the password-store, defaults to +~/.password-store. + ++++ +*** New customizable variable 'auth-source-pass-port-separator'. +Specifies separator between host and port, defaults to colon ":". + +--- +*** Minimize the number of decryptions during password lookup. +This makes the package usable with physical tokens requiring touching +a sensor for every decryption. + +--- +*** 'auth-source-pass-get' is now autoloaded. + ** Bookmarks --- -- 2.21.0 --=-=-=--