[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: bug#58985: 29.0.50; Have auth-source-pass behave more like other bac
|
From: |
Akib Azmain Turja |
|
Subject: |
Re: bug#58985: 29.0.50; Have auth-source-pass behave more like other back ends |
|
Date: |
Thu, 10 Nov 2022 00:21:11 +0600 |
Michael Albinus <michael.albinus@gmx.de> writes:
> "J.P." <jp@neverwas.me> writes:
>
> Hi,
>
>> v2. Respect existing user option.
>
> I'm not familiar with the auth-source-pass.el implementation, so I
> cannot speak too much about your patch. Reading it roughly, I haven't
> found serious flaws, 'tho.
It has a serious flaw AFAIK. I have a password entry
"akib@disroot.org", and this legitimate search query doesn't find it:
(auth-source-search :host "disroot.org")
But if specify the user, it finds the entry:
(auth-source-search :host "disroot.org" :user "akib")
And the entries can also be ambiguous. For example, the entry at path
"foo.org/bar.net" might be interpreted as the password of bar.net, or
as the password of the user "bar.net" on "foo.org". The current
implementation seems to interpret such entries unpredictably.
>
> However :-)
>
> +(defcustom auth-source-pass-standard-search nil
> + "Whether to use more standardized search behavior.
> +When nil, the password-store backend works like it always has and
> +considers at most one `:user' search parameter and returns at
> +most one result. With t, it tries to more faithfully mimic other
> +auth-source backends."
> + :version "29.1"
> + :type 'boolean)
>
> - The name of this user option as well as its docstring are focussed on
> the current behavior. People won't know what "mimic other auth-source
> backends" would mean. Please describe the effect w/o that comparison,
> and pls give it a name based on its effect, and not "...-standard-search".
I agree. This variable should be something like
"auth-source-pass-old-search" (or even "...-obsolete-search"). And the
default should be nil, because it fixes many bugs, and it's pointless to
disable the fixes by the default.
>
> - I'm missing the documentation in doc/misc/auth.texi and etc/NEWS.
What documentation? Of this change or anything else? I think we should
focus on the implement before writing documentation.
>
> Best regards, Michael.
>
>
>
--
Akib Azmain Turja, GPG key: 70018CE5819F17A3BBA666AFE74F0EFA922AE7F5
Fediverse: akib@hostux.social
Codeberg: akib
emailselfdefense.fsf.org | "Nothing can be secure without encryption."
signature.asc
Description: PGP signature
- Re: bug#58985: 29.0.50; Have auth-source-pass behave more like other back ends, (continued)
- Re: bug#58985: 29.0.50; Have auth-source-pass behave more like other back ends, Akib Azmain Turja, 2022/11/11
- Re: bug#58985: 29.0.50; Have auth-source-pass behave more like other back ends, J.P., 2022/11/11
- Re: bug#58985: 29.0.50; Have auth-source-pass behave more like other back ends, Akib Azmain Turja, 2022/11/12
- Re: bug#58985: 29.0.50; Have auth-source-pass behave more like other back ends, Akib Azmain Turja, 2022/11/13
- Re: bug#58985: 29.0.50; Have auth-source-pass behave more like other back ends, J.P., 2022/11/13
- Re: bug#58985: 29.0.50; Have auth-source-pass behave more like other back ends, Akib Azmain Turja, 2022/11/14
- Re: bug#58985: 29.0.50; Have auth-source-pass behave more like other back ends, J.P., 2022/11/14
- Re: bug#58985: 29.0.50; Have auth-source-pass behave more like other back ends, Akib Azmain Turja, 2022/11/14
- Re: bug#58985: 29.0.50; Have auth-source-pass behave more like other back ends, J.P., 2022/11/14
- Re: bug#58985: 29.0.50; Have auth-source-pass behave more like other back ends, J.P., 2022/11/18
- Re: bug#58985: 29.0.50; Have auth-source-pass behave more like other back ends,
Akib Azmain Turja <=
- Re: bug#58985: 29.0.50; Have auth-source-pass behave more like other back ends, J.P., 2022/11/10
- Re: bug#58985: 29.0.50; Have auth-source-pass behave more like other back ends, Akib Azmain Turja, 2022/11/10
- Re: bug#58985: 29.0.50; Have auth-source-pass behave more like other back ends, Akib Azmain Turja, 2022/11/10
Message not available