From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.io/gmane.emacs.gnus.general/68739 Path: news.gmane.org!not-for-mail From: Ted Zlatanov Newsgroups: gmane.emacs.gnus.general,gmane.emacs.devel Subject: Re: auth-source patch for secure logging Date: Thu, 16 Jul 2009 11:15:09 -0500 Organization: =?utf-8?B?0KLQtdC+0LTQvtGAINCX0LvQsNGC0LDQvdC+0LI=?= @ Cienfuegos Message-ID: <877hy8ppte.fsf@lifelogs.com> References: <87vdlsr9jy.fsf@lifelogs.com> <87zlb4iqxr.fsf@stupidchicken.com> NNTP-Posting-Host: lo.gmane.org Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" X-Trace: ger.gmane.org 1247761227 31398 80.91.229.12 (16 Jul 2009 16:20:27 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Thu, 16 Jul 2009 16:20:27 +0000 (UTC) Cc: emacs-devel@gnu.org To: ding@gnus.org Original-X-From: ding-owner+M17163@lists.math.uh.edu Thu Jul 16 18:20:20 2009 Return-path: Envelope-to: ding-account@gmane.org Original-Received: from util0.math.uh.edu ([129.7.128.18]) by lo.gmane.org with esmtp (Exim 4.50) id 1MRTgv-000129-MY for ding-account@gmane.org; Thu, 16 Jul 2009 18:20:17 +0200 Original-Received: from localhost ([127.0.0.1] helo=lists.math.uh.edu) by util0.math.uh.edu with smtp (Exim 4.63) (envelope-from ) id 1MRTgk-0002Dy-5Z; Thu, 16 Jul 2009 11:20:06 -0500 Original-Received: from mx2.math.uh.edu ([129.7.128.33]) by util0.math.uh.edu with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63) (envelope-from ) id 1MRTgi-0002De-69 for ding@lists.math.uh.edu; Thu, 16 Jul 2009 11:20:04 -0500 Original-Received: from quimby.gnus.org ([80.91.231.51]) by mx2.math.uh.edu with esmtp (Exim 4.69) (envelope-from ) id 1MRTgh-00046e-9U for ding@lists.math.uh.edu; Thu, 16 Jul 2009 11:20:04 -0500 Original-Received: from main.gmane.org ([80.91.229.2] helo=ciao.gmane.org) by quimby.gnus.org with esmtp (Exim 3.36 #1 (Debian)) id 1MRThF-0004cW-00 for ; Thu, 16 Jul 2009 18:20:37 +0200 Original-Received: from root by ciao.gmane.org with local (Exim 4.43) id 1MRTgg-0007mm-Ry for ding@gnus.org; Thu, 16 Jul 2009 16:20:02 +0000 Original-Received: from 38.98.147.130 ([38.98.147.130]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Thu, 16 Jul 2009 16:20:02 +0000 Original-Received: from tzz by 38.98.147.130 with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Thu, 16 Jul 2009 16:20:02 +0000 X-Injected-Via-Gmane: http://gmane.org/ Original-Lines: 105 Original-X-Complaints-To: usenet@ger.gmane.org X-Gmane-NNTP-Posting-Host: 38.98.147.130 X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6;d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT= D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx" User-Agent: Gnus/5.110011 (No Gnus v0.11) Emacs/23.1.50 (gnu/linux) Cancel-Lock: sha1:GGxW6VkF8iW9ToqXS2fsjPIeH/Q= X-Spam-Score: -1.5 (-) List-ID: Precedence: bulk Xref: news.gmane.org gmane.emacs.gnus.general:68739 gmane.emacs.devel:112539 Archived-At: --=-=-= On Thu, 16 Jul 2009 11:32:48 -0400 Chong Yidong wrote: CY> It may be checked into the trunk, with the following caveats: CY> This docstring could be improved. I suggest: ... CY> The docstring of auth-source-hide-passwords should also mention that CY> it's only relevant if auth-source-debug is non-nil. ... CY> You should put the `when' check on the outside. Thanks. Another revision of the patch is attached for your consideration. Ted --=-=-= Content-Type: text/x-diff Content-Disposition: attachment; filename=auth-source.patch Index: auth-source.el =================================================================== RCS file: /usr/local/cvsroot/gnus/lisp/auth-source.el,v retrieving revision 7.16 diff -r7.16 auth-source.el 102a77,101 > (defcustom auth-source-debug nil > "Whether auth-source should log debug messages. > Also see `auth-source-hide-passwords'. > > If the value is nil, debug messages are not logged. > If the value is t, debug messages are logged with `message'. > In that case, your authentication data will be in the > clear (except for passwords, which are always stripped out). > If the value is a function, debug messages are logged by calling > that function using the same arguments as `message'." > :group 'auth-source > :version "23.1" ;; No Gnus > :type `(choice > :tag "auth-source debugging mode" > (const :tag "Log using `message' to the *Messages* buffer" t) > (function :tag "Function that takes arguments like `message'") > (const :tag "Don't log anything" nil))) > > (defcustom auth-source-hide-passwords t > "Whether auth-source should hide passwords in log messages. > Only relevant if auth-source-debug is not nil." > :group 'auth-source > :version "23.1" ;; No Gnus > :type `boolean) > 139a139,151 > ;; (let ((auth-source-debug 'debug)) (auth-source-debug "hello")) > ;; (let ((auth-source-debug t)) (auth-source-debug "hello")) > ;; (let ((auth-source-debug nil)) (auth-source-debug "hello")) > (defun auth-source-do-debug (&rest msg) > ;; set logger to either the function in auth-source-debug or 'message > ;; note that it will be 'message if auth-source-debug is nil, so > ;; we also check the value > (when auth-source-debug > (let ((logger (if (functionp auth-source-debug) > auth-source-debug > 'message))) > (apply logger msg)))) > 174,176c186,188 < (gnus-message 9 < "auth-source-user-or-password: get %s for %s (%s)" < mode host protocol) --- > (auth-source-do-debug > "auth-source-user-or-password: get %s for %s (%s)" > mode host protocol) 183,188c195,200 < (gnus-message 9 < "auth-source-user-or-password: cached %s=%s for %s (%s)" < mode < ;; don't show the password < (if (member "password" mode) "SECRET" found) < host protocol) --- > (auth-source-do-debug > "auth-source-user-or-password: cached %s=%s for %s (%s)" > mode > ;; don't show the password > (if (and (member "password" mode) auth-source-hide-passwords) "SECRET" found) > host protocol) 198,203c210,215 < (gnus-message 9 < "auth-source-user-or-password: found %s=%s for %s (%s)" < mode < ;; don't show the password < (if (member "password" mode) "SECRET" found) < host protocol) --- > (auth-source-do-debug > "auth-source-user-or-password: found %s=%s for %s (%s)" > mode > ;; don't show the password > (if (and (member "password" mode) auth-source-hide-passwords) "SECRET" found) > host protocol) --=-=-=--