Commit | Line | Data |
---|---|---|
8f7abae3 MB |
1 | ;;; auth-source.el --- authentication sources for Gnus and Emacs |
2 | ||
ae940284 | 3 | ;; Copyright (C) 2008, 2009 Free Software Foundation, Inc. |
8f7abae3 MB |
4 | |
5 | ;; Author: Ted Zlatanov <tzz@lifelogs.com> | |
6 | ;; Keywords: news | |
7 | ||
8 | ;; This file is part of GNU Emacs. | |
9 | ||
5e809f55 | 10 | ;; GNU Emacs is free software: you can redistribute it and/or modify |
8f7abae3 | 11 | ;; it under the terms of the GNU General Public License as published by |
5e809f55 GM |
12 | ;; the Free Software Foundation, either version 3 of the License, or |
13 | ;; (at your option) any later version. | |
8f7abae3 MB |
14 | |
15 | ;; GNU Emacs is distributed in the hope that it will be useful, | |
16 | ;; but WITHOUT ANY WARRANTY; without even the implied warranty of | |
5e809f55 | 17 | ;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
8f7abae3 MB |
18 | ;; GNU General Public License for more details. |
19 | ||
20 | ;; You should have received a copy of the GNU General Public License | |
5e809f55 | 21 | ;; along with GNU Emacs. If not, see <http://www.gnu.org/licenses/>. |
8f7abae3 MB |
22 | |
23 | ;;; Commentary: | |
24 | ||
25 | ;; This is the auth-source.el package. It lets users tell Gnus how to | |
26 | ;; authenticate in a single place. Simplicity is the goal. Instead | |
27 | ;; of providing 5000 options, we'll stick to simple, easy to | |
28 | ;; understand options. | |
d55fe5bb MB |
29 | |
30 | ;; Easy setup: | |
31 | ;; (require 'auth-source) | |
32 | ;; (customize-variable 'auth-sources) ;; optional | |
33 | ||
34 | ;; now, whatever sources you've defined for password have to be available | |
35 | ||
36 | ;; if you want encrypted sources, which is strongly recommended, do | |
37 | ;; (require 'epa-file) | |
26b9f88d | 38 | ;; (epa-file-enable) |
a368801c | 39 | ;; (setq epa-file-cache-passphrase-for-symmetric-encryption t) ; VERY important |
d55fe5bb MB |
40 | |
41 | ;; before you put some data in ~/.authinfo.gpg (the default place) | |
42 | ||
e952b711 MB |
43 | ;;; For url-auth authentication (HTTP/HTTPS), you need to use: |
44 | ||
45 | ;;; machine yourmachine.com:80 port http login testuser password testpass | |
46 | ||
47 | ;;; This will match any realm and authentication method (basic or | |
48 | ;;; digest). If you want finer controls, explore the url-auth source | |
49 | ;;; code and variables. | |
50 | ||
4079589f MB |
51 | ;;; For tramp authentication, use: |
52 | ||
43d28dcd | 53 | ;;; machine yourmachine.com port scp login testuser password testpass |
4079589f | 54 | |
43d28dcd MA |
55 | ;;; Note that the port denotes the Tramp connection method. When you |
56 | ;;; don't use a port entry, you match any Tramp method. | |
4079589f | 57 | |
8f7abae3 MB |
58 | ;;; Code: |
59 | ||
e952b711 MB |
60 | (require 'gnus-util) |
61 | ||
8f7abae3 | 62 | (eval-when-compile (require 'cl)) |
9b3ebcb6 | 63 | (eval-when-compile (require 'netrc)) |
8f7abae3 MB |
64 | |
65 | (defgroup auth-source nil | |
66 | "Authentication sources." | |
9b3ebcb6 | 67 | :version "23.1" ;; No Gnus |
8f7abae3 MB |
68 | :group 'gnus) |
69 | ||
9b3ebcb6 MB |
70 | (defcustom auth-source-protocols '((imap "imap" "imaps" "143" "993") |
71 | (pop3 "pop3" "pop" "pop3s" "110" "995") | |
72 | (ssh "ssh" "22") | |
73 | (sftp "sftp" "115") | |
74 | (smtp "smtp" "25")) | |
75 | "List of authentication protocols and their names" | |
76 | ||
77 | :group 'auth-source | |
78 | :version "23.1" ;; No Gnus | |
79 | :type '(repeat :tag "Authentication Protocols" | |
80 | (cons :tag "Protocol Entry" | |
81 | (symbol :tag "Protocol") | |
82 | (repeat :tag "Names" | |
83 | (string :tag "Name"))))) | |
84 | ||
85 | ;;; generate all the protocols in a format Customize can use | |
86 | (defconst auth-source-protocols-customize | |
87 | (mapcar (lambda (a) | |
88 | (let ((p (car-safe a))) | |
43d28dcd | 89 | (list 'const |
9b3ebcb6 MB |
90 | :tag (upcase (symbol-name p)) |
91 | p))) | |
92 | auth-source-protocols)) | |
93 | ||
ed778fad MB |
94 | (defvar auth-source-cache (make-hash-table :test 'equal) |
95 | "Cache for auth-source data") | |
96 | ||
97 | (defcustom auth-source-do-cache t | |
98 | "Whether auth-source should cache information." | |
99 | :group 'auth-source | |
100 | :version "23.1" ;; No Gnus | |
101 | :type `boolean) | |
102 | ||
4079589f | 103 | (defcustom auth-sources '((:source "~/.authinfo.gpg" :host t :protocol t)) |
8f7abae3 MB |
104 | "List of authentication sources. |
105 | ||
106 | Each entry is the authentication type with optional properties." | |
107 | :group 'auth-source | |
9b3ebcb6 MB |
108 | :version "23.1" ;; No Gnus |
109 | :type `(repeat :tag "Authentication Sources" | |
110 | (list :tag "Source definition" | |
111 | (const :format "" :value :source) | |
112 | (string :tag "Authentication Source") | |
113 | (const :format "" :value :host) | |
d55fe5bb | 114 | (choice :tag "Host (machine) choice" |
9b3ebcb6 | 115 | (const :tag "Any" t) |
d55fe5bb | 116 | (regexp :tag "Host (machine) regular expression (TODO)") |
9b3ebcb6 MB |
117 | (const :tag "Fallback" nil)) |
118 | (const :format "" :value :protocol) | |
119 | (choice :tag "Protocol" | |
120 | (const :tag "Any" t) | |
121 | (const :tag "Fallback" nil) | |
122 | ,@auth-source-protocols-customize)))) | |
8f7abae3 MB |
123 | |
124 | ;; temp for debugging | |
9b3ebcb6 MB |
125 | ;; (unintern 'auth-source-protocols) |
126 | ;; (unintern 'auth-sources) | |
127 | ;; (customize-variable 'auth-sources) | |
128 | ;; (setq auth-sources nil) | |
129 | ;; (format "%S" auth-sources) | |
130 | ;; (customize-variable 'auth-source-protocols) | |
131 | ;; (setq auth-source-protocols nil) | |
132 | ;; (format "%S" auth-source-protocols) | |
133 | ;; (auth-source-pick "a" 'imap) | |
134 | ;; (auth-source-user-or-password "login" "imap.myhost.com" 'imap) | |
135 | ;; (auth-source-user-or-password "password" "imap.myhost.com" 'imap) | |
136 | ;; (auth-source-user-or-password-imap "login" "imap.myhost.com") | |
137 | ;; (auth-source-user-or-password-imap "password" "imap.myhost.com") | |
138 | ;; (auth-source-protocol-defaults 'imap) | |
139 | ||
58a67d68 MB |
140 | (defun auth-source-pick (host protocol &optional fallback) |
141 | "Parse `auth-sources' for HOST, and PROTOCOL matches. | |
9b3ebcb6 | 142 | |
58a67d68 | 143 | Returns fallback choices (where PROTOCOL or HOST are nil) with FALLBACK t." |
9b3ebcb6 MB |
144 | (interactive "sHost: \nsProtocol: \n") ;for testing |
145 | (let (choices) | |
146 | (dolist (choice auth-sources) | |
58a67d68 | 147 | (let ((h (plist-get choice :host)) |
9b3ebcb6 MB |
148 | (p (plist-get choice :protocol))) |
149 | (when (and | |
150 | (or (equal t h) | |
151 | (and (stringp h) (string-match h host)) | |
152 | (and fallback (equal h nil))) | |
153 | (or (equal t p) | |
154 | (and (symbolp p) (equal p protocol)) | |
155 | (and fallback (equal p nil)))) | |
156 | (push choice choices)))) | |
157 | (if choices | |
158 | choices | |
159 | (unless fallback | |
58a67d68 | 160 | (auth-source-pick host protocol t))))) |
9b3ebcb6 | 161 | |
ed778fad MB |
162 | (defun auth-source-forget-user-or-password (mode host protocol) |
163 | (interactive "slogin/password: \nsHost: \nsProtocol: \n") ;for testing | |
164 | (remhash (format "%s %s:%s" mode host protocol) auth-source-cache)) | |
165 | ||
58a67d68 MB |
166 | (defun auth-source-user-or-password (mode host protocol) |
167 | "Find user or password (from the string MODE) matching HOST and PROTOCOL." | |
43d28dcd | 168 | (gnus-message 9 |
e952b711 MB |
169 | "auth-source-user-or-password: get %s for %s (%s)" |
170 | mode host protocol) | |
ed778fad MB |
171 | (let* ((cname (format "%s %s:%s" mode host protocol)) |
172 | (found (gethash cname auth-source-cache))) | |
173 | (if found | |
174 | (progn | |
175 | (gnus-message 9 | |
176 | "auth-source-user-or-password: cached %s=%s for %s (%s)" | |
177 | mode | |
178 | ;; don't show the password | |
179 | (if (equal mode "password") "SECRET" found) | |
180 | host protocol) | |
181 | found) | |
182 | (dolist (choice (auth-source-pick host protocol)) | |
183 | (setq found (netrc-machine-user-or-password | |
184 | mode | |
185 | (plist-get choice :source) | |
186 | (list host) | |
187 | (list (format "%s" protocol)) | |
188 | (auth-source-protocol-defaults protocol))) | |
189 | (when found | |
190 | (gnus-message 9 | |
191 | "auth-source-user-or-password: found %s=%s for %s (%s)" | |
192 | mode | |
193 | ;; don't show the password | |
194 | (if (equal mode "password") "SECRET" found) | |
195 | host protocol) | |
196 | (when auth-source-do-cache | |
197 | (puthash cname found auth-source-cache))) | |
9b3ebcb6 MB |
198 | (return found))))) |
199 | ||
200 | (defun auth-source-protocol-defaults (protocol) | |
201 | "Return a list of default ports and names for PROTOCOL." | |
202 | (cdr-safe (assoc protocol auth-source-protocols))) | |
203 | ||
58a67d68 MB |
204 | (defun auth-source-user-or-password-imap (mode host) |
205 | (auth-source-user-or-password mode host 'imap)) | |
9b3ebcb6 | 206 | |
58a67d68 MB |
207 | (defun auth-source-user-or-password-pop3 (mode host) |
208 | (auth-source-user-or-password mode host 'pop3)) | |
9b3ebcb6 | 209 | |
58a67d68 MB |
210 | (defun auth-source-user-or-password-ssh (mode host) |
211 | (auth-source-user-or-password mode host 'ssh)) | |
9b3ebcb6 | 212 | |
58a67d68 MB |
213 | (defun auth-source-user-or-password-sftp (mode host) |
214 | (auth-source-user-or-password mode host 'sftp)) | |
9b3ebcb6 | 215 | |
58a67d68 MB |
216 | (defun auth-source-user-or-password-smtp (mode host) |
217 | (auth-source-user-or-password mode host 'smtp)) | |
8f7abae3 MB |
218 | |
219 | (provide 'auth-source) | |
220 | ||
221 | ;; arch-tag: ff1afe78-06e9-42c2-b693-e9f922cbe4ab | |
222 | ;;; auth-source.el ends here |