--- Begin Message ---
Subject: |
25.3; Secret Service API treats labels as unique |
Date: |
Mon, 4 Dec 2017 21:42:26 -0800 |
The Secret Service API [1] treats labels as unique keys for each
secret item in a collection. However, labels are not required to be
unique in a collection [2], the attribute key/value pairs are.
It is perfectly valid to have multiple secrets with the same label, in
which case Emacs's Secret Service API is not able to retrieve all but
the most recently created (?) secret.
This can be demonstrated by creating two such secrets using the
secret-tool utility:
secret-tool store --label=Test1 id foo
secret-tool store --label=Test1 id bar
You can see how the attributes uniquely identify secrets:
secret-tool store --label=Test2 id foo # This overwrites the first secret.
Implementation idea: Use attribute plists instead of label strings to
uniquely identify secret items.
This would require creating a new copy of the API to preserve backward
compatibility.
[1]:
https://www.gnu.org/software/emacs/manual/html_node/auth/Secret-Service-API.html
[2]: https://specifications.freedesktop.org/secret-service/re02.html
In GNU Emacs 25.3.1 (x86_64-pc-linux-gnu, GTK+ Version 3.22.19)
of 2017-09-16 built on juergen
Windowing system distributor 'The X.Org Foundation', version 11.0.11905000
Configured using:
'configure --prefix=/usr --sysconfdir=/etc --libexecdir=/usr/lib
--localstatedir=/var --with-x-toolkit=gtk3 --with-xft --with-modules
'CFLAGS=-march=x86-64 -mtune=generic -O2 -pipe -fstack-protector-strong
-fno-plt' CPPFLAGS=-D_FORTIFY_SOURCE=2
LDFLAGS=-Wl,-O1,--sort-common,--as-needed,-z,relro,-z,now'
Configured features:
XPM JPEG TIFF GIF PNG RSVG IMAGEMAGICK SOUND GPM DBUS GCONF GSETTINGS
NOTIFY ACL GNUTLS LIBXML2 FREETYPE M17N_FLT LIBOTF XFT ZLIB
TOOLKIT_SCROLL_BARS GTK3 X11 MODULES
--- End Message ---
--- Begin Message ---
Subject: |
Re: bug#29575: 25.3; Secret Service API treats labels as unique |
Date: |
Tue, 11 Sep 2018 11:49:31 +0200 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux) |
Version: 27.1
Allen Li <address@hidden> writes:
Hi Allen,
> Yes, it works. I think this needs to be documented in the auth-source
> manual, but otherwise all the functionality seems to be there and
> working, thanks.
Thanks for checking. I've updated the auth.texi manual, closing the bug.
Best regards, Michael.
--- End Message ---