mirror of
git://git.sv.gnu.org/emacs.git
synced 2026-01-18 08:51:45 -08:00
0a580c187d
Prior to this commit, while searching for the most applicable entry password-store entries were decrypted and parsed to ensure they were valid. The entries were parsed in the order they were found on the filesystem and all applicable entries would be decrypted and parsed, which varied based on the contents of the password-store and the entry to be found. This is fine when the GPG key is cached and each entry can be decrypted without user interaction. However, for security some people have their GPG on a hardware token like a Yubikey setup so that they have to touch a sensor on the toke for every cryptographic operation, in which case it becomes inconvenient as each attempt to find an entry requires a variable number of touches of the hardware token. The implementation already assumes that names which contain more of the information in the search key should be preferred so there is an ordering of preference of applicable entries. If the decrypt and parsing is removed from the initial identification of applicable entries in the store then in most cases a single decrypt and parse of the most preferred entry will suffice, improving the experience for hardware token users that require interaction with the token. This commit implements that strategy. It is in spirit a refactor of the existing code. * lisp/auth-source-pass.el (auth-source-pass--matching-entries): New function, generate an ordered list of regular expression matchers for all possible names that could be in the password-store for the entry to be found and then makes a pass over the password-store entry names accumulating the matching entries in a list after the regexp that matched. This implementation ensures the password-store entry list still only has to be scanned once. (auth-source-pass--find-match-unambiguous): Use it to obtain candidate entries and then parse them one by one until an entry containing the desired information is located. When complete, return the parsed data of the entry instead of the entry name so that the information can be used directly to construct the auth-source response. (auth-source-pass--build-result): Update accordingly. (auth-source-pass--find-match): Update docstring accordingly. (auth-source-pass--select-one-entry) (auth-source-pass--entry-valid-p) (auth-source-pass--find-all-by-entry-name) (auth-source-pass--find-one-by-entry-name): Remove. (auth-source-pass--select-from-entries) (auth-source-pass--accumulate-matches) (auth-source-pass--entry-reducer) (auth-source-pass--generate-entry-suffixes) (auth-source-pass--domains) (auth-source-pass--name-port-user-suffixes): New functions. * test/lisp/auth-source-pass-tests.el: One test case was added to the test suite to verify that only the minimal number of entries are parsed in common cases. The auth-source-pass-only-return-entries-that-can-be-open test case had to be re-implemented because the function it was used eliminated as the functionality is provided elsewhere. All the other fairly substantial changes to the test suite are the result of mechanical changes that were required to adapt to auth-source-pass--find-match returning the data from a parsed password-store entry instead of the entry name. |
||
|---|---|---|
| .. | ||
| calc | ||
| calendar | ||
| custom-resources | ||
| emacs-lisp | ||
| emulation | ||
| erc | ||
| eshell | ||
| gnus | ||
| international | ||
| net | ||
| nxml | ||
| org | ||
| play | ||
| progmodes | ||
| textmodes | ||
| url | ||
| vc | ||
| abbrev-tests.el | ||
| arc-mode-tests.el | ||
| auth-source-pass-tests.el | ||
| auth-source-tests.el | ||
| autoinsert-tests.el | ||
| autorevert-tests.el | ||
| buff-menu-tests.el | ||
| button-tests.el | ||
| char-fold-tests.el | ||
| color-tests.el | ||
| comint-tests.el | ||
| custom-tests.el | ||
| dabbrev-tests.el | ||
| delim-col-tests.el | ||
| descr-text-tests.el | ||
| dired-aux-tests.el | ||
| dired-tests.el | ||
| dired-x-tests.el | ||
| dom-tests.el | ||
| electric-tests.el | ||
| epg-tests.el | ||
| faces-tests.el | ||
| ffap-tests.el | ||
| filenotify-tests.el | ||
| files-tests.el | ||
| files-x-tests.el | ||
| font-lock-tests.el | ||
| help-fns-tests.el | ||
| hi-lock-tests.el | ||
| htmlfontify-tests.el | ||
| ibuffer-tests.el | ||
| ido-tests.el | ||
| image-file-tests.el | ||
| image-tests.el | ||
| imenu-tests.el | ||
| info-xref-tests.el | ||
| isearch-tests.el | ||
| jit-lock-tests.el | ||
| json-tests.el | ||
| jsonrpc-tests.el | ||
| kmacro-tests.el | ||
| ls-lisp-tests.el | ||
| makesum-tests.el | ||
| man-tests.el | ||
| md4-tests.el | ||
| minibuffer-tests.el | ||
| mouse-tests.el | ||
| obarray-tests.el | ||
| paren-tests.el | ||
| password-cache-tests.el | ||
| ps-print-tests.el | ||
| register-tests.el | ||
| replace-tests.el | ||
| rot13-tests.el | ||
| ses-tests.el | ||
| shadowfile-tests.el | ||
| shell-tests.el | ||
| simple-tests.el | ||
| sort-tests.el | ||
| soundex-tests.el | ||
| subr-tests.el | ||
| tabify-tests.el | ||
| tar-mode-tests.el | ||
| tempo-tests.el | ||
| term-tests.el | ||
| thingatpt-tests.el | ||
| thread-tests.el | ||
| timezone-tests.el | ||
| wdired-tests.el | ||
| whitespace-tests.el | ||
| wid-edit-tests.el | ||
| xdg-tests.el | ||
| xml-tests.el | ||
| xt-mouse-tests.el | ||