From: LdBeth <andpuke@foxmail.com>
To: 64977@debbugs.gnu.org
Subject: bug#64977: 29.1; `auth-source-macos-keychain-search' handles :user key incorrectly
Date: Tue, 08 Aug 2023 17:20:32 -0500 [thread overview]
Message-ID: <tencent_63671D234CC7DCCAFFEFD16DAF7BD2B1A805@qq.com> (raw)
In-Reply-To: <tencent_CD6EDCDD508E583D10180D3A5C56737F2408@qq.com>
[-- Attachment #1: Type: text/plain, Size: 433 bytes --]
Finally I get some time looking at this issue.
I think the bug is caused by `auth-source-macos-keychain-search-items'
forget the fact that :users can be a list of string instead of a string.
The `auth-source-macos-keychain-search-items' also did
not handle the protocol argument correctly. The `security' command
needs the "-r" argument to be a string of 4 characters. This is also
fixed in the patch attached.
Best wishes,
ldb
[-- Attachment #2: patch --]
[-- Type: text/plain, Size: 6329 bytes --]
--- auth-source.el.old 2023-08-08 16:37:41.000000000 -0500
+++ auth-source.el 2023-08-08 17:08:23.000000000 -0500
@@ -1958,20 +1958,23 @@
(hosts (if (and hosts (listp hosts)) hosts `(,hosts)))
(ports (plist-get spec :port))
(ports (if (and ports (listp ports)) ports `(,ports)))
+ (users (plist-get spec :user))
+ (users (if (and users (listp users)) users `(,users)))
;; Loop through all combinations of host/port and pass each of these to
;; auth-source-macos-keychain-search-items
(items (catch 'match
(dolist (host hosts)
(dolist (port ports)
- (let* ((port (if port (format "%S" port)))
- (items (apply #'auth-source-macos-keychain-search-items
- coll
- type
- max
- host port
- search-spec)))
- (when items
- (throw 'match items)))))))
+ (dolist (user users)
+ (let ((items (apply
+ #'auth-source-macos-keychain-search-items
+ coll
+ type
+ max
+ host port user
+ search-spec)))
+ (when items
+ (throw 'match items))))))))
;; ensure each item has each key in `returned-keys'
(items (mapcar (lambda (plist)
@@ -2003,8 +2006,9 @@
collect var))
'utf-8)))
-(cl-defun auth-source-macos-keychain-search-items (coll _type _max host port
- &key label type user
+(cl-defun auth-source-macos-keychain-search-items (coll _type _max
+ host port user
+ &key label type
&allow-other-keys)
(let* ((keychain-generic (eq type 'macos-keychain-generic))
(args `(,(if keychain-generic
@@ -2022,47 +2026,47 @@
(when port
(if keychain-generic
(setq args (append args (list "-s" port)))
- (setq args (append args (list
- (if (string-match "[0-9]+" port) "-P" "-r")
- port)))))
-
- (unless (equal coll "default")
- (setq args (append args (list coll))))
-
- (with-temp-buffer
- (apply #'call-process "/usr/bin/security" nil t nil args)
- (goto-char (point-min))
- (while (not (eobp))
- (cond
- ((looking-at "^password: \\(?:0x[0-9A-F]+\\)? *\"\\(.+\\)\"")
- (setq ret (auth-source-macos-keychain-result-append
- ret
- keychain-generic
- "secret"
- (let ((v (auth-source--decode-octal-string
- (match-string 1))))
- (lambda () v)))))
- ;; TODO: check if this is really the label
- ;; match 0x00000007 <blob>="AppleID"
- ((looking-at
- "^[ ]+0x00000007 <blob>=\\(?:0x[0-9A-F]+\\)? *\"\\(.+\\)\"")
- (setq ret (auth-source-macos-keychain-result-append
- ret
- keychain-generic
- "label"
- (auth-source--decode-octal-string (match-string 1)))))
- ;; match "crtr"<uint32>="aapl"
- ;; match "svce"<blob>="AppleID"
- ((looking-at
- "^[ ]+\"\\([a-z]+\\)\"[^=]+=\\(?:0x[0-9A-F]+\\)? *\"\\(.+\\)\"")
- (setq ret (auth-source-macos-keychain-result-append
- ret
- keychain-generic
- (auth-source--decode-octal-string (match-string 1))
- (auth-source--decode-octal-string (match-string 2))))))
- (forward-line)))
- ;; return `ret' iff it has the :secret key
- (and (plist-get ret :secret) (list ret))))
+ (setq args (append args (if (string-match "[0-9]+" port)
+ (list "-P" port)
+ (list "-r" (format "%-4s" port)))))))
+
+ (unless (equal coll "default")
+ (setq args (append args (list coll))))
+
+ (with-temp-buffer
+ (apply #'call-process "/usr/bin/security" nil t nil args)
+ (goto-char (point-min))
+ (while (not (eobp))
+ (cond
+ ((looking-at "^password: \\(?:0x[0-9A-F]+\\)? *\"\\(.+\\)\"")
+ (setq ret (auth-source-macos-keychain-result-append
+ ret
+ keychain-generic
+ "secret"
+ (let ((v (auth-source--decode-octal-string
+ (match-string 1))))
+ (lambda () v)))))
+ ;; TODO: check if this is really the label
+ ;; match 0x00000007 <blob>="AppleID"
+ ((looking-at
+ "^[ ]+0x00000007 <blob>=\\(?:0x[0-9A-F]+\\)? *\"\\(.+\\)\"")
+ (setq ret (auth-source-macos-keychain-result-append
+ ret
+ keychain-generic
+ "label"
+ (auth-source--decode-octal-string (match-string 1)))))
+ ;; match "crtr"<uint32>="aapl"
+ ;; match "svce"<blob>="AppleID"
+ ((looking-at
+ "^[ ]+\"\\([a-z]+\\)\"[^=]+=\\(?:0x[0-9A-F]+\\)? *\"\\(.+\\)\"")
+ (setq ret (auth-source-macos-keychain-result-append
+ ret
+ keychain-generic
+ (auth-source--decode-octal-string (match-string 1))
+ (auth-source--decode-octal-string (match-string 2))))))
+ (forward-line)))
+ ;; return `ret' iff it has the :secret key
+ (and (plist-get ret :secret) (list ret))))
(defun auth-source-macos-keychain-result-append (result generic k v)
(push v result)
next prev parent reply other threads:[~2023-08-08 22:20 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-07-31 15:46 bug#64977: 29.1; `auth-source-macos-keychain-search' handles :user key incorrectly LdBeth
2023-08-02 13:22 ` J.P.
2023-08-08 22:20 ` LdBeth [this message]
2023-08-12 6:55 ` Eli Zaretskii
2023-08-12 11:39 ` Michael Albinus
2023-08-12 12:55 ` LdBeth
2023-08-12 13:14 ` Michael Albinus
2023-08-12 15:40 ` LdBeth
2023-08-12 16:02 ` Michael Albinus
2023-08-12 19:02 ` LdBeth
2023-08-13 16:34 ` Michael Albinus
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=tencent_63671D234CC7DCCAFFEFD16DAF7BD2B1A805@qq.com \
--to=andpuke@foxmail.com \
--cc=64977@debbugs.gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/emacs.git
https://git.savannah.gnu.org/cgit/emacs/org-mode.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.