bug#38311: [PATCH] Hide quoted passwords with spaces in Authinfo

bug-gnu-emacs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#38311: [PATCH] Hide quoted passwords with spaces in Authinfo

From:	Dario Gjorgjevski
Subject:	bug#38311: [PATCH] Hide quoted passwords with spaces in Authinfo
Date:	Thu, 21 Nov 2019 10:18:03 +0100

The auth-source library hides passwords in authinfo-mode, putting an
overlay of "****" over them.

For example,
    “machine localhost port sudo login root password foobar”
will show up as
    “machine localhost port sudo login root password ****”.

However, it fails to properly hide passwords which are quoted and
contain spaces, even though those are still valid and parsed
successfully.

For example,
    “machine localhost port sudo login root password "foo bar"”
will show up as
    “machine localhost port sudo login root password **** bar"”.

The attached patch fixes this by using the same logic that
‘auth-source-netrc-parse-one’ uses to retrieve the field.  The logic is
moved to a separate function.

Best regards,
Dario

>From 34f07b1dc8517d1c7e580bff1e5ac34b69c993d6 Mon Sep 17 00:00:00 2001
From: Dario Gjorgjevski <dario.gjorgjevski+git@gmail.com>
Date: Thu, 21 Nov 2019 10:10:32 +0100
Subject: [PATCH] Hide quoted passwords with spaces in Authinfo
To: bug-gnu-emacs@gnu.org

* lisp/auth-source.el (auth-source-netrc-looking-at-one): New
function, extracted from auth-source-netrc-parse-one.
(auth-source-netrc-parse-one, authinfo--hide-passwords): Use
auth-source-netrc-looking-at-one.
---
 lisp/auth-source.el | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/lisp/auth-source.el b/lisp/auth-source.el
index 4926f67f0a..0800202914 100644
--- a/lisp/auth-source.el
+++ b/lisp/auth-source.el
@@ -1000,13 +1000,17 @@ auth-source-netrc-parse-next-interesting
     (forward-line 1)
     (skip-chars-forward "\t ")))
 
+(defun auth-source-netrc-looking-at-one ()
+  "Modify match data with one thing from the current buffer."
+  (or (looking-at "'\\([^']*\\)'")
+      (looking-at "\"\\([^\"]*\\)\"")
+      (looking-at "\\([^ \t\n]+\\)")))
+
 (defun auth-source-netrc-parse-one ()
   "Read one thing from the current buffer."
   (auth-source-netrc-parse-next-interesting)
 
-  (when (or (looking-at "'\\([^']*\\)'")
-            (looking-at "\"\\([^\"]*\\)\"")
-            (looking-at "\\([^ \t\n]+\\)"))
+  (when (auth-source-netrc-looking-at-one)
     (forward-char (length (match-string 0)))
     (prog1
         (match-string-no-properties 1)
@@ -2427,7 +2431,7 @@ authinfo--hide-passwords
       (while (re-search-forward (format "\\(\\s-\\|^\\)\\(%s\\)\\s-+"
                                         authinfo-hidden)
                                 nil t)
-        (when (looking-at "[^\n\t ]+")
+        (when (auth-source-netrc-looking-at-one)
           (let ((overlay (make-overlay (match-beginning 0) (match-end 0))))
             (overlay-put overlay 'display (propertize "****"
                                                       'face 'warning))
-- 
2.17.1

[Prev in Thread]

Current Thread

[Next in Thread]

bug#38311: [PATCH] Hide quoted passwords with spaces in Authinfo, Dario Gjorgjevski <=
- bug#38311: [PATCH] Hide quoted passwords with spaces in Authinfo, Lars Ingebrigtsen, 2019/11/21

Prev by Date: bug#37667: 27.0.50; Tab Bar display problems with more than 5 tabs
Next by Date: bug#38025: 26.1; tramp-unload-tramp renders Emacs completely unresponsive
Previous by thread: bug#38310: 27.0.50; (image-convert "data" t) doesn't work
Next by thread: bug#38311: [PATCH] Hide quoted passwords with spaces in Authinfo
Index(es):
- Date
- Thread