1
0
mirror of https://git.savannah.gnu.org/git/emacs.git synced 2024-11-27 07:37:33 +00:00
emacs/lisp/password-cache.el
Óscar Fuentes f01365f62c password-cache: differentiate null values from non-existent entries
* password-cache.el (password-in-cache-p, password-cache-add):
  properly detect non-existent entry.  (Bug#36834)
2019-08-12 01:43:19 +02:00

146 lines
4.7 KiB
EmacsLisp

;;; password-cache.el --- Read passwords, possibly using a password cache. -*- lexical-binding: t -*-
;; Copyright (C) 1999-2000, 2003-2019 Free Software Foundation, Inc.
;; Author: Simon Josefsson <simon@josefsson.org>
;; Created: 2003-12-21
;; Keywords: extensions
;; This file is part of GNU Emacs.
;; GNU Emacs is free software: you can redistribute it and/or modify
;; it under the terms of the GNU General Public License as published by
;; the Free Software Foundation, either version 3 of the License, or
;; (at your option) any later version.
;; GNU Emacs is distributed in the hope that it will be useful,
;; but WITHOUT ANY WARRANTY; without even the implied warranty of
;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
;; GNU General Public License for more details.
;; You should have received a copy of the GNU General Public License
;; along with GNU Emacs. If not, see <https://www.gnu.org/licenses/>.
;;; Commentary:
;; Greatly influenced by pgg.el written by Daiki Ueno, with timer
;; fixes for XEmacs by Katsumi Yamaoka. In fact, this is mostly just
;; a rip-off.
;;
;; (password-read "Password? " "test")
;; ;; Minibuffer prompt for password.
;; => "foo"
;;
;; (password-cache-add "test" "foo")
;; => nil
;; (password-read "Password? " "test")
;; ;; No minibuffer prompt
;; => "foo"
;;
;; (password-read "Password? " "test")
;; ;; No minibuffer prompt
;; => "foo"
;;
;; ;; Wait `password-cache-expiry' seconds.
;;
;; (password-read "Password? " "test")
;; ;; Minibuffer prompt for password is back.
;; => "foo"
;;; Code:
;; Options are autoloaded since they are used by eg mml-sec.el.
;;;###autoload
(defcustom password-cache t
"Whether to cache passwords."
:group 'password
:type 'boolean)
;;;###autoload
(defcustom password-cache-expiry 16
"How many seconds passwords are cached, or nil to disable expiring.
Whether passwords are cached at all is controlled by `password-cache'."
:group 'password
:type '(choice (const :tag "Never" nil)
(integer :tag "Seconds")))
(defvar password-data (make-hash-table :test #'equal))
(defun password-read-from-cache (key)
"Obtain passphrase for KEY from time-limited passphrase cache.
Custom variables `password-cache' and `password-cache-expiry'
regulate cache behavior."
(and password-cache
key
(gethash key password-data)))
;;;###autoload
(defun password-in-cache-p (key)
"Check if KEY is in the cache."
(and password-cache
key
(not (eq (gethash key password-data 'password-cache-no-data)
'password-cache-no-data))))
(defun password-read (prompt &optional key)
"Read password, for use with KEY, from user, or from cache if wanted.
KEY indicate the purpose of the password, so the cache can
separate passwords. The cache is not used if KEY is nil.
KEY is typically a string but can be anything (compared via `equal').
The variable `password-cache' control whether the cache is used."
(or (password-read-from-cache key)
(read-passwd prompt)))
(defun password-read-and-add (prompt &optional key)
"Read password, for use with KEY, from user, or from cache if wanted.
Then store the password in the cache. Uses `password-read' and
`password-cache-add'. Custom variables `password-cache' and
`password-cache-expiry' regulate cache behavior.
Warning: the password is cached without checking that it is
correct. It is better to check the password before caching. If
you must use this function, take care to check passwords and
remove incorrect ones from the cache."
(declare (obsolete password-read "23.1"))
(let ((password (password-read prompt key)))
(when (and password key)
(password-cache-add key password))
password))
(defun password-cache-remove (key)
"Remove password indexed by KEY from password cache.
This is typically run by a timer setup from `password-cache-add',
but can be invoked at any time to forcefully remove passwords
from the cache. This may be useful when it has been detected
that a password is invalid, so that `password-read' query the
user again."
(let ((password (gethash key password-data)))
(when (stringp password)
(if (fboundp 'clear-string)
(clear-string password)
(fillarray password ?_)))
(remhash key password-data)))
(defun password-cache-add (key password)
"Add password to cache.
The password is removed by a timer after `password-cache-expiry' seconds."
(when (and password-cache-expiry
(eq (gethash key password-data 'password-cache-no-data)
'password-cache-no-data))
(run-at-time password-cache-expiry nil
#'password-cache-remove
key))
(puthash key password password-data)
nil)
(defun password-reset ()
"Clear the password cache."
(interactive)
(clrhash password-data))
(provide 'password-cache)
;;; password-cache.el ends here