bug#37196: 27.0.50; auth-source no longer obfuscates passwords

bug-gnu-emacs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#37196: 27.0.50; auth-source no longer obfuscates passwords

From:	Lars Ingebrigtsen
Subject:	bug#37196: 27.0.50; auth-source no longer obfuscates passwords
Date:	Fri, 20 Sep 2019 22:13:11 +0200
User-agent:	Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux)

Lars Ingebrigtsen <larsi@gnus.org> writes:

> Hm.  Now that I typed that, it strikes me that this should be rather
> trivial to do with gnutls-symmetric-encrypt on systems where that is
> available.  I'll give it a go...

Fortunately I remembered that I had already written all this symmetric
encryption stuff in a separate project, so I just cut and paste a bit.

(I mean, the encryption primitives are already in Emacs, but actually
using them requires a bit of typing...)

(auth-source-search :max 1 :host "foo.bar")
=> ((:host "foo.bar" :user "zot" :secret #[0 "..." 
["Ng==-26GRPWrYlJnQAE+8gaEDcg==-DThpcRwaAi5ZBXQZC0rC3g==" (nil) 
auth-source--deobfuscate] 3]))

There.  That's better.  It does leak that the password is 6 characters
long, though, but that's a lot less leaky than ... it was before.

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no

[Prev in Thread]

Current Thread

[Next in Thread]

bug#37196: 27.0.50; auth-source no longer obfuscates passwords, Lars Ingebrigtsen, 2019/09/20
- bug#37196: 27.0.50; auth-source no longer obfuscates passwords, Lars Ingebrigtsen <=

Prev by Date: bug#37362: 26.2; Emacs crashes (and maybe X server does too?)
Next by Date: bug#35873: Add atomic window support to Gnus
Previous by thread: bug#37196: 27.0.50; auth-source no longer obfuscates passwords
Next by thread: bug#37193: 27.0.50; TAB in article mode gets trapped in the header section
Index(es):
- Date
- Thread