From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: David Reitter Newsgroups: gmane.emacs.devel Subject: Re: can emacs use the mac os x keychain? Date: Thu, 29 Jul 2010 14:52:14 -0400 Message-ID: References: <370a1897-25aa-418f-9631-1570dfa99de3@z7g2000yqb.googlegroups.com> <87633kaess.fsf@lifelogs.com> <8d7c78ee-6ba8-448a-8f86-3d585e1af77f@u32g2000vbc.googlegroups.com> <87vd8z2myy.fsf@lifelogs.com> <01ea3506-d715-491d-b360-3abf34e98013@i31g2000yqm.googlegroups.com> <87r5iq1hjk.fsf@lifelogs.com> <871vanu08g.fsf@lifelogs.com> <1622C7E7-9B12-4D53-954A-70A4BFBA0775@gmail.com> <8739v2s9z2.fsf@lifelogs.com> NNTP-Posting-Host: lo.gmane.org Mime-Version: 1.0 (Apple Message framework v1081) Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable X-Trace: dough.gmane.org 1280429552 7896 80.91.229.12 (29 Jul 2010 18:52:32 GMT) X-Complaints-To: usenet@dough.gmane.org NNTP-Posting-Date: Thu, 29 Jul 2010 18:52:32 +0000 (UTC) Cc: emacs-devel@gnu.org To: Ted Zlatanov Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Thu Jul 29 20:52:31 2010 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([199.232.76.165]) by lo.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1OeYDW-0000S3-CO for ged-emacs-devel@m.gmane.org; Thu, 29 Jul 2010 20:52:31 +0200 Original-Received: from localhost ([127.0.0.1]:54086 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1OeYDR-0004pp-FF for ged-emacs-devel@m.gmane.org; Thu, 29 Jul 2010 14:52:25 -0400 Original-Received: from [140.186.70.92] (port=53115 helo=eggs.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1OeYDK-0004p8-N7 for emacs-devel@gnu.org; Thu, 29 Jul 2010 14:52:20 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.69) (envelope-from ) id 1OeYDJ-0003ed-HD for emacs-devel@gnu.org; Thu, 29 Jul 2010 14:52:18 -0400 Original-Received: from mail-wy0-f169.google.com ([74.125.82.169]:41538) by eggs.gnu.org with esmtp (Exim 4.69) (envelope-from ) id 1OeYDJ-0003eX-8m for emacs-devel@gnu.org; Thu, 29 Jul 2010 14:52:17 -0400 Original-Received: by wyg36 with SMTP id 36so471147wyg.0 for ; Thu, 29 Jul 2010 11:52:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:subject:mime-version :content-type:from:in-reply-to:date:cc:content-transfer-encoding :message-id:references:to:x-mailer; bh=5cNSduwdqkfA0vy3grKjKwhFEbj2QYaxxUX8J1vOiS0=; b=VnmLZM8FUZS6CKffSn8Ud9sqEKSR991N4pfy3IuOaAXhvmY/B8Ux/6EF+g+U3EAMa8 fgFvrNBLv91c5II34BzFA1B6o0QMo6cR5xNPSE8DzS+tit/HsMZbPsNdszIydSJDtBXi 9ku/zrwjXt0SnYkZ7/AhIi7KJdsr7d6lqCO90= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=subject:mime-version:content-type:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to:x-mailer; b=YLvWNTNXG0dRH1KYk5LITya0PLJNhZwK34tHYm1Ht25zo81OGoRzIC01kXnYVR/9n7 zDjDTXdo4bLLhdiVkY7WU/PduBVMY55IjR4QNMHuf0wTIhhyHIILqBcYN2R8tGdhmXPq FIPgSgCh84Wb5Evg7YHD1f5UFAAMu2LInL3sQ= Original-Received: by 10.227.146.76 with SMTP id g12mr586141wbv.82.1280429535120; Thu, 29 Jul 2010 11:52:15 -0700 (PDT) Original-Received: from vpn2-173.vpn.net.ed.ac.uk (vpn2-173.vpn.net.ed.ac.uk [129.215.4.173]) by mx.google.com with ESMTPS id k7sm666619wej.2.2010.07.29.11.52.12 (version=TLSv1/SSLv3 cipher=RC4-MD5); Thu, 29 Jul 2010 11:52:13 -0700 (PDT) In-Reply-To: <8739v2s9z2.fsf@lifelogs.com> X-Mailer: Apple Mail (2.1081) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 2) X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.devel:127974 Archived-At: On Jul 29, 2010, at 9:17 AM, Ted Zlatanov wrote: >=20 > AR> A useful-sounding idea but seems mainly like something that would = be > AR> a third-party package or maybe part of Aquamacs. Are there any > AR> platform-independent parts of the needed functionality that the NS > AR> port lacks and Emacs on X11 or W32 has? >=20 ... > Assuming we get the NS port access to the Mac OS X keychain, that = leaves > W32 as the only major platform lacking keychain support. I don't > believe W32 has a standard keychain so that may be OK. I principle, the C part would be fairly simple. There are separate = functions for "internet passwords", which retrieve and store passwords = for a host/port/account combination. Am I right assuming that we would need an API paralleling that provided = by secrets.el? There are a few issues as far as I can see: - The user is prompted via a graphical dialog to unlock a keychain = (i.e., to provide a password protecting all the passwords). When in = TTY, we shouldn't do this, but unlock the keychain ourselves, i.e., read = a password from the user via a (password) minibuffer. This sort of = interaction would have to be handled by an extra Lisp layer. (Once the = application is trusted, this prompt would go away.) How is this done = in GNOME? - Any passwords that we obtain would probably have to be copied so we = can return them as a Lisp string. What provisions are in place in order = to protect the copy and guarantee its deletion after use? = http://developer.apple.com/mac/library/documentation/Security/Reference/ke= ychainservices/Reference/reference.html#//apple_ref/c/func/SecKeychainFind= InternetPassword=