From: Paul Eggert Date: Sat, 19 Nov 2016 22:31:05 +0000 (-0800) Subject: Merge from origin/emacs-25 X-Git-Tag: emacs-26.0.90~1301 X-Git-Url: http://git.eshelyaron.com/gitweb/?a=commitdiff_plain;h=c61ee94959ba96b2a327df0684593f7e569e30be;p=emacs.git Merge from origin/emacs-25 4af5981 Add a comment in generated refcards about the source ef880a5 ; * etc/refcards/calccard.tex: Remove obsolete comment. 4887e7c js-mode: Fix indent problem after a regexp e992ac0 Fix sluggish display of symbols in UTF-8 language environment 1fc101b Don't confuse how Texinfo outputs @var with the input 91aa5d1 * doc/lispref/display.texi (Scroll Bars): * doc/lispref/frame... f758fcd * doc/emacs/cmdargs.texi (Initial Options): Copyedit for --da... 5b0cddd More fixes in copyright notices in etc/refcards/ f994c20 Update copyright text in refcards 9ad2ae7 Fix Outline command names 26c3554 Send text received by bracketed paste to process db0b58d Correct the statement about programming modes always running ... 78aece4 Improve documentation of 'occur' eb364fd Do call debugger on failed cl-assert 3ef4ee8 Avoid infloop in python 8da810f Don't refer to obsolete FEATURE-unload-hook 4f478ca Improve documentation of dabbrevs 7272e5d * lisp/chistory.el (list-command-history): Doc fix. (Bug#24890) 89b7482 * lisp/simple.el (set-mark-command): Doc fix. (Bug#24890) 3b199f7 Improve documentation of some Help commands 93d3a0e Fix documentation of yes-or-no prompts af04919 Fix documentation of partial completion style ed80184 Fix documentation of the mode line on emacsclient frames e6be855 Fix description of 'C-z' in User manual 16f7007 Improve and clarify documentation of Outline Mode 31d93aa Add Emacs version number to nt/README.W32 0b6b815 Fix python-mode hideshow regexp dc152c5 Modernize usage of 'macOS' in doc and comments 84c5343 Prefer comments /* like this */ in C code bb61e50 * doc/lispref/loading.texi (Autoload): Better link (Bug#24845). 3ef86fd Clarify documentation of face attribute functions de51d59 ; * nt/README.W32: Minor copyedits. db436e9 Don't call debug on failed cl-assert # Conflicts: # doc/emacs/cmdargs.texi # etc/NEWS # etc/PROBLEMS # lisp/auth-source.el # lisp/net/tramp-sh.el --- c61ee94959ba96b2a327df0684593f7e569e30be diff --cc etc/NEWS.25 index a5bcb8dabdc,00000000000..f6792431907 mode 100644,000000..100644 --- a/etc/NEWS.25 +++ b/etc/NEWS.25 @@@ -1,1798 -1,0 +1,1798 @@@ +GNU Emacs NEWS -- history of user-visible changes. + +Copyright (C) 2014-2016 Free Software Foundation, Inc. +See the end of the file for license conditions. + +Please send Emacs bug reports to bug-gnu-emacs@gnu.org. +If possible, use M-x report-emacs-bug. + +This file is about changes in Emacs version 25. + +See file HISTORY for a list of GNU Emacs versions and release dates. +See files NEWS.24, NEWS.23, NEWS.22, NEWS.21, NEWS.20, NEWS.19, NEWS.18, +and NEWS.1-17 for changes in older Emacs versions. + +You can narrow news to a specific version by calling 'view-emacs-news' +with a prefix argument or by typing C-u C-h C-n. + + +* Changes in Emacs 25.2 +This is a bug-fix release with (almost) no new features. + +--- +** 'find-library', 'help-function-def' and 'help-variable-def' now run +'find-function-after-hook'. + ++++ +** New basic face 'fixed-pitch-serif', for a fixed-width font with serifs. +The 'Info-quoted' and 'tex-verbatim' faces now default to inheriting +from it. + +--- +** New variable 'use-default-font-for-symbols' for backward compatibility. +This variable allows to get back pre-Emacs 25 behavior whereby the +font for displaying symbol and punctuation characters was always +selected according to your fontset setup. Emacs 25 by default tries +to use the default face's font for such characters, disregarding the +fontsets if the default font supports these characters. Set this +variable to nil to disable the new behavior and get back the old +behavior. + ++++ +** 'electric-quote-mode' is no longer suppressed in a buffer whose +whose coding system cannot represent curved quote characters. +Instead, users can deal with the unrepresentable characters in the +usual way when they save the buffer. + +--- +** New variable 'inhibit-compacting-font-caches'. +Set this variable to a non-nil value to speed up display of characters +using large fonts, at the price of a larger memory footprint of the +Emacs session. + + +* Installation Changes in Emacs 25.1 + +** Building Emacs now requires C99 or later. + +** Building Emacs now requires GNU make, version 3.81 or later. + +** New configure option --with-cairo. +This builds Emacs with Cairo drawing. As a side effect, it provides +support for built-in printing, when Emacs was built with GTK+. +The Emacs Cairo drawing is experimental and still has some known +display problems. We encourage more testing of this build and +reporting any problems you find, but it is not recommended for +production. + +** New configure option --with-modules. +This enables support for loading dynamic modules; see below. + +** By default, Emacs no longer works on IRIX. We expect that Emacs +users are not affected by this, as SGI stopped supporting IRIX in +December 2013. If you are affected, please send a bug report. You +should be able to work around the problem either by porting the Emacs +undumping code to GCC under IRIX, or by configuring --with-wide-int, +or by sticking with Emacs 24.4. + +** The Emacs garbage collector assumes GC_MARK_STACK == GC_MAKE_GCPROS_NOOPS. +The GC_MAKE_GCPROS_NOOPS stack-marking variant has been the default +since Emacs 24.4, and the other variants were undocumented and were +obstacles to maintenance and development. GC_MARK_STACK and its +related symbols have been removed from the C internals. + +** 'configure' now prefers gnustep-config when configuring GNUstep. +If gnustep-config is not available, the old heuristics are used. + +** 'configure' now prefers inotify to gfile for file notification, +unless gfile is explicitly requested via --with-file-notification='gfile'. + +** 'configure' detects the kqueue file notification library on *BSD - and Mac OS X machines. ++and macOS machines. + +** The configure option '--with-pkg-config-prog' has been removed. +Use './configure PKG_CONFIG=/full/name/of/pkg-config' if you need to. + +** The configure option '--with-mmdf' has been removed. +It was no longer useful, as it relied on libraries that are no longer +supported, and its presence led to confusion during configuration. +This affects only the 'movemail' utility; Emacs itself can still +process MMDF-format files as before. + +** The configure option '--enable-silent-rules' is now the default, +and silent rules are now quieter. To get the old behavior where +'make' chatters a lot, configure with '--disable-silent-rules' or +build with 'make V=1'. + +** The configure option '--with-gameuser' now allows you to specify a +group instead of a user if its argument is prefixed by ':' (a colon). +This will cause the game score files in "${localstatedir}/games/emacs" +to be owned by that group, and the helper program for updating them to +be installed setgid. The option now defaults to the 'games' group. + +** The 'grep-changelog' script (and its manual page) are no longer included. +It has no particular connection to Emacs and has not changed in years, +so if you want to use it, you can always take a copy from an older Emacs. + +** Emacs 25 comes with a new set of icons. +Various resolutions are available as etc/images/icons/hicolor/*/apps/emacs.png. +The old Emacs logo icons are available as 'emacs23.png' in the same location. + +** New make target 'check-expensive' to run additional tests. +This includes all tests which run via "make check", plus additional +tests which take more time to perform. + + +* Startup Changes in Emacs 25.1 + +** When Emacs is given a file as a command line argument and +'initial-buffer-choice' is non-nil, display both the file and +'initial-buffer-choice'. When Emacs is given more than one file and +'initial-buffer-choice' is non-nil, show 'initial-buffer-choice' +and '*Buffer List*'. This makes Emacs convenient to use from the +command line when 'initial-buffer-choice' is non-nil. + +** The value of 'initial-scratch-message' is now treated as a doc string +and can contain escape sequences for command keys, quotes, and the like. + +** The default height of GUI frames was enlarged. +This is so there's enough space in the initial window to display the +optional text about recovering crashes sessions, without losing the +splash image display. + + +* Changes in Emacs 25.1 + +** Xwidgets: a new feature for embedding native widgets inside Emacs buffers. +If you have gtk3 and webkitgtk3 installed, and Emacs was built with +xwidget support, you can access the embedded webkit browser with 'M-x +xwidget-webkit-browse-url'. This opens a new buffer with the embedded +browser. The buffer will have a new mode, 'xwidget-webkit-mode' +(similar to 'image-mode'), which supports the webkit widget. + +*** New functions for xwidget-webkit mode 'xwidget-webkit-insert-string', +'xwidget-webkit-adjust-size-dispatch', 'xwidget-webkit-back', +'xwidget-webkit-browse-url', 'xwidget-webkit-reload', +'xwidget-webkit-current-url', 'xwidget-webkit-scroll-backward', +'xwidget-webkit-scroll-forward', 'xwidget-webkit-scroll-down', +'xwidget-webkit-scroll-up'. + +** Emacs can now load shared/dynamic libraries (modules). +A dynamic Emacs module is a shared library that provides additional +functionality for use in Emacs Lisp programs, just like a package +written in Emacs Lisp would. The functions 'load', 'require', +'load-file', etc. were extended to load such modules, as they do with +Emacs Lisp packages. The new variable 'module-file-suffix' holds the +system-dependent value of the file-name extension ('.so' on Posix +hosts) of the module files. + +A module should export a C-callable function named +'emacs_module_init', which Emacs will call as part of the call to +'load' or 'require' which loads the module. It should also export a +symbol named 'plugin_is_GPL_compatible' to indicate that its code is +released under the GPL or compatible license; Emacs will refuse to +load modules that don't export such a symbol. + +If a module needs to call Emacs functions, it should do so through the +API defined and documented in the header file 'emacs-module.h'. Note +that any module that provides Lisp-callable functions will have to use +Emacs functions such as 'fset' and 'funcall', in order to register its +functions with the Emacs Lisp interpreter. + +Modules can create 'user-ptr' Lisp objects that embed pointers to C +structs defined by the module. This is useful for keeping around +complex data structures created by a module, to be passed back to the +module's functions. User-ptr objects can also have associated +"finalizers" -- functions to be run when the object is GC'ed; this is +useful for freeing any resources allocated for the underlying data +structure, such as memory, open file descriptors, etc. A new +predicate 'user-ptrp' returns non-nil if its argument is a 'user-ptr' +object. + +Loadable modules in Emacs are an experimental feature, and subject to +change in future releases. For that reason, their support is disabled +by default, and must be enabled by using the '--with-modules' option +at configure time. + +** Network security (TLS/SSL certificate validity and the like) is +added via the new Network Security Manager (NSM) and controlled via +the 'network-security-level' variable. + +** 'C-h l' now also lists the commands that were run. + +** 'x-select-enable-clipboard' is renamed 'select-enable-clipboard' +and 'x-select-enable-primary' is renamed 'select-enable-primary'. - Additionally they both now apply to all systems (OSX, GNUstep, Windows, you - name it), with the proviso that on some systems (e.g. Windows) - 'select-enable-primary' is ineffective since the system doesn't - have the equivalent of a primary selection. ++Additionally they both now apply to all systems (macOS, GNUstep, ++MS-Windows, you name it), with the proviso that on some systems (e.g., ++MS-Windows) 'select-enable-primary' is ineffective since the system ++doesn't have the equivalent of a primary selection. + +** New option 'switch-to-buffer-in-dedicated-window' allows you to +customize how 'switch-to-buffer' proceeds interactively when the +selected window is strongly dedicated to its buffer. + +** The option 'even-window-heights' has been renamed to +'even-window-sizes' and now handles window widths as well. + +** 'terpri' gets an optional arg ENSURE to conditionally output a newline. + +** 'insert-register' now leaves point after the inserted text +when called interactively. A prefix argument toggles this behavior. + +** The new variable 'term-file-aliases' replaces some files from lisp/term. +The function 'tty-run-terminal-initialization' consults this variable +when deciding what terminal-specific initialization code to run. + +** New variable 'system-configuration-features', listing some of the +main features that Emacs was compiled with. This is mainly intended +for use in Emacs bug reports. + +** A password is now hidden also when typed in batch mode. Another +hiding character but the default '.' can be used by let-binding the +variable 'read-hide-char'. + +** The Emacs pseudo-random number generator can be securely seeded. +On systems where Emacs can access the system entropy or some other +cryptographically secure random stream, it now uses that when 'random' +is called with its argument t. This allows cryptographically strong +random values; in particular, the Emacs server now uses this facility +to produce its authentication key. + +** New input methods: 'tamil-dvorak', 'programmer-dvorak' and 'probhat'. + + +* Editing Changes in Emacs 25.1 + +** 'M-x' suggests shorthands and ignores obsolete commands for completion. + +** Changes in undo + +*** Successive single-char deletions are collapsed in the undo-log just like +successive char insertions. Which commands invoke this behavior is +controlled by the new 'undo-auto-amalgamate' function. See the node +"Undo" in the ELisp manual for more details. + +*** The heuristic used to insert 'undo-boundary' after each command +has changed, so that if a command causes changes in more than just the +current buffer, Emacs now calls 'undo-boundary' in every buffer +affected by the command. + +** New command 'comment-line' bound to 'C-x C-;'. + +** New and improved facilities for inserting Unicode characters + +*** Unicode names entered via 'C-x 8 RET' now use substring completion +by default. + +*** 'C-x 8' now has shorthands for several chars, such as U+2010 +(HYPHEN), U+2011 (NON-BREAKING HYPHEN), and U+2012 (FIGURE DASH). As +before, you can type 'C-x 8 C-h' to list shorthands. + +*** New minor mode 'electric-quote-mode' for using curved quotes as you +type. See also the new variable 'text-quoting-style'. + +** New minor mode 'global-eldoc-mode' is enabled by default. + +** Emacs now uses "bracketed paste mode" on text terminals that support it. +Bracketed paste mode causes text terminals to wrap pasted text in special +escape sequences that allow Emacs to tell the difference between text +you type and text you paste from other applications. Emacs then +avoids interpreting each character in the pasted text as it does with +keyboard input, which results in a paste experience similar to that +under a window system, and significant performance improvements when +pasting large amounts of text. + +Bracketed paste mode is disabled by default, so Emacs automatically +enables it at startup if the terminal supports it. + +** Emacs now supports the latest version of the UBA. +The Emacs implementation of the Unicode Bidirectional Algorithm (UBA) +was updated to support all the latest additions and changes introduced +in Unicode Standard versions 6.3, 7.0, and the latest Unicode 8.0. +This includes full support for directional isolates and the +Bidirectional Parentheses Algorithm (BPA) specified by these Unicode +standards. + +** You can access 'mouse-buffer-menu' ('C-down-mouse-1') using 'C-f10'. + +** New buffer-local 'electric-pair-local-mode'. + +** New variable 'fast-but-imprecise-scrolling' inhibits +fontification during full screen scrolling operations, giving less +hesitant operation during auto-repeat of 'C-v', 'M-v' at the cost of +possible inaccuracies in the end position. + +** New documentation command 'describe-symbol'. +Works for functions, variables, faces, etc. It is bound to 'C-h o' by +default. + +** New function 'custom-prompt-customize-unsaved-options' checks for +unsaved customizations and prompts user to customize (if found). It +is intended for adding to 'kill-emacs-query-functions'. + +** The old 'C-x w' bindings in 'hi-lock-mode' are officially deprecated +in favor of the global 'M-s h' bindings introduced in Emacs 23.1. +They'll disappear soon. + + +* Changes in Specialized Modes and Packages in Emacs 25.1 + +** Checkdoc + +*** New command 'checkdoc-package-keywords' checks if the +current package keywords are recognized. Set the new option +'checkdoc-package-keywords-flag' to non-nil to make +'checkdoc-current-buffer' call this function automatically. + +*** New function 'checkdoc-file' checks for style errors. +It's meant for use together with 'compile': +emacs -batch --eval "(checkdoc-file \"subr.el\")" + +** Desktop + +*** The desktop format version has been upgraded from 206 to 208. +Although Emacs 25.1 can read a version 206 desktop, earlier Emacsen +cannot read a version 208 desktop. To upgrade your desktop file, you +must explicitly request the upgrade, by 'C-u M-x desktop-save'. You are +recommended to do this as soon as you have firmly upgraded to Emacs +25.1 (or later). Should you ever need to downgrade your desktop file +to version 206, you can do this with 'C-u C-u M-x desktop-save'. + +*** 'desktop-restore-in-current-display' now defaults to t, not nil. +That is, Emacs by default now restores frames into the current display. + +** New function 'bookmark-set-no-overwrite' bound to 'C-x r M'. +It raises an error if a bookmark of that name already exists, +unlike 'bookmark-set' which silently updates an existing bookmark. + +** Gnus + +*** New user options 'mm-html-inhibit-images' and 'mm-html-blocked-images' +now control how mm-* functions fetch and display images in an HTML +message. Gnus still uses 'gnus-inhibit-images' and 'gnus-blocked-images' +for that purpose, i.e., binds mm-html- variables with those gnus- +variables, but other packages do not have to bind gnus- variables now. + +*** 'mm-inline-text-html-with-images' has been removed. +Use 'mm-html-inhibit-images' instead. Note that the value is opposite +in meaning. + +** IMAP + +*** 'imap-ssl-program' has been removed, and imap.el uses the internal +GnuTLS encryption functions if possible. + +** JSON + +*** 'json-encode-string' now only escapes the characters it has to. +Which means that the encoded strings can contain non-ASCII characters. + +*** 'json-pretty-print' and 'json-pretty-print-buffer' now maintain +the ordering of object keys by default. + +*** New commands 'json-pretty-print-ordered' and +'json-pretty-print-buffer-ordered' pretty prints JSON objects with +object keys sorted alphabetically. + +** Prettify Symbols mode + +*** Prettify Symbols mode supports custom composition predicates. By +overriding the default 'prettify-symbols-compose-predicate', modes can +specify in which contexts a symbol may be displayed as some Unicode +character. 'prettify-symbols-default-compose-p' is the default which +is suitable for most programming languages such as C or Lisp (but not +(La)TeX). + +*** Symbols can be unprettified while point is inside them. +New variable 'prettify-symbols-unprettify-at-point' configures this. + +** Enhanced xterm support + +*** The new variable 'xterm-screen-extra-capabilities' for configuring xterm. +This variable tells Emacs which advanced capabilities are available in +the xterm terminal emulator used to display Emacs text-mode frames. +The default is to check each capability, and use it if available. +(This variable was introduced in Emacs 24.1, but was not announced in +its NEWS.) + +*** Killing text now also sets the CLIPBOARD/PRIMARY selection +in the surrounding GUI (using the OSC-52 escape sequence). This only works +if your xterm supports it and enables the 'allowWindowOps' options (disabled +by default at least in Debian, for security reasons). + +Similarly, you can yank the CLIPBOARD/PRIMARY selection (using the OSC-52 +escape sequence) if your xterm has the feature enabled but for that you +additionally need to add 'getSelection' to 'xterm-extra-capabilities'. + +*** 'xterm-mouse-mode' now supports mouse-tracking (if your xterm supports it). + +** The way to turn on and off 'save-place' mode has changed. +It is no longer sufficient to load the saveplace library and set +'save-place' non-nil. Instead, use the two new minor modes: +'save-place-mode' turns on saving last place in every file, and +'save-place-local-mode' does that only for the file in whose buffer it +is invoked. The 'save-place' variable is now an obsolete alias for +'save-place-mode', which replaces it, and 'toggle-save-place' is an +obsolete alias for the new 'save-place-local-mode' command. + +** ERC + +*** ERC can now hide message types by network or channel. +'erc-hide-list' will hide all messages of the specified type, while +'erc-network-hide-list' and 'erc-channel-hide-list' will only hide the +specified message types for the respective specified targets. + +*** Reconnection is now asynchronous. + +*** Nick completion is now case-insensitive again after inadvertently +being made case-sensitive in Emacs 24.2. + +** MPC + +*** New commands, key binds, and menu items. + +**** '<' and '>' for navigating previous and next tracks in playlist + +**** New play/pause command 'mpc-toggle-play' bound to 's' + +**** 'g' bound to new command 'mpc-seek-current' will navigate current +track. + +**** New commands 'mpc-toggle-{consume,repeat,single,shuffle}' for +toggling playback modes. + +*** Now supports connecting to a UNIX domain socket. + +*** Looks at more image file names to use as album art. +Case-insensitively tries for .folder.png (freedesktop) and folder.jpg +(XP) in addition to cover.jpg. + +*** Searches in more locations for MPD configuration files. +MPD supports the XDG base directory specification since version 0.17.6. + +** Midnight-mode + +*** 'midnight-mode' is now a proper minor mode. + +*** clean-buffer-*-regexps can now specify buffers via predicate functions. + +** package.el + +*** New "external" package status. +An external package is any installed package that's not built-in and +not from 'package-user-dir', which usually means it's from an entry in +'package-directory-list'. They are treated much like built-in +packages, in that they cannot be deleted through the package menu and +are not considered for upgrades. + +The effect is that a user can manually place a specific version of a +package inside 'package-directory-list' and the package menu will +always respect that. + +*** If a package is available on multiple archives and one has higher +priority (as per 'package-archive-priorities') only that one is +listed. This can be configured with 'package-menu-hide-low-priority'. + +*** 'package-menu-toggle-hiding' now toggles the hiding of packages. +This includes the above-mentioned low-priority packages, as well as +available packages whose version is lower than the currently installed +version (which were previously impossible to display). +This allows users to downgrade a package if a lower version is +available. + +*** When filtering the package menu, keywords starting with "arc:" or +"status:" represent package archive or status, respectively, instead +of actual keywords. + +*** Most functions which involve downloading information now take an +ASYNC argument. If it is non-nil, package.el performs the download(s) +asynchronously. + +*** New variable 'package-menu-async' controls whether the +package-menu uses asynchronous downloads. + +*** 'package-install-from-buffer' and 'package-install-file' work on directories. +This follows the same rules as installing from a .tar file, except the +-pkg file is optional. + +*** Packages which are dependencies of other packages cannot be deleted. +The FORCE argument to 'package-delete' overrides this. + +*** New custom variable 'package-selected-packages' tracks packages +which were installed by the user (as opposed to installed as +dependencies). This variable can also be manually customized. + +*** New command 'package-install-selected-packages' installs all +packages from 'package-selected-packages' which are currently missing. + +*** 'package-install' function now takes a DONT-SELECT argument. If +this function is called interactively or if DONT-SELECT is nil, add the +package being installed to 'package-selected-packages'. + +*** New command 'package-autoremove' removes all packages which were +installed strictly as dependencies but are no longer needed. + +** Shell + +When you invoke 'shell' interactively, the '*shell*' buffer will now +display in a new window. However, you can customize this behavior via +the 'display-buffer-alist' variable. For example, to get +the old behavior -- '*shell*' buffer displays in current window -- use +(add-to-list 'display-buffer-alist + '("^\\*shell\\*$" . (display-buffer-same-window))). + +** EIEIO +*** The ':protection' slot option is not obeyed any more. +*** The 'newname' argument to constructors is optional&deprecated. +If you need your objects to be named, do it by inheriting from 'eieio-named'. +*** The -list-p and -child-p functions are declared obsolete. +*** The variables are declared obsolete. +*** The variables are declared obsolete. +*** defgeneric and defmethod are declared obsolete. +Use the equivalent facilities from cl-generic.el instead. +*** 'constructor' is now an obsolete alias for 'make-instance'. +*** 'pcase' accepts a new UPattern 'eieio'. + +** ido + +*** New command 'ido-bury-buffer-at-head' bound to 'C-S-b'. +Bury the buffer at the head of 'ido-matches', analogous to how 'C-k' +kills the buffer at head. + +*** A prefix argument to 'ido-restrict-to-matches' will reverse its +meaning, and the list is restricted to those elements that do not +match the current input. + +** Minibuffer + +*** You can use and arrow keys to move through history by lines. +The new commands 'next-line-or-history-element' and +'previous-line-or-history-element', bound to and in the +minibuffer, allow by-line movement through minibuffer history, +similarly to an ordinary buffer. Only when point moves over +the bottom/top of the minibuffer it goes to the next/previous history +element. 'M-p' and 'M-n' still move directly to previous/next history +item as before. + +** Search and Replace + +*** 'isearch' and 'query-replace' can now perform character folding in matches. +This is analogous to case folding, but instead of disregarding case +variants, it disregards wider classes of distinctions between similar +characters. (Case folding is a special case of character folding.) +This means many characters in the search string will match entire +groups of characters instead of just themselves. + +For instance, the ASCII double quote character " will match all +variants of double quotes, and the letter 'a' will match all of its +accented cousins, even those composed of multiple characters, as well +as many other symbols like U+249C (PARENTHESIZED LATIN SMALL LETTER +A). + +Character folding is enabled by customizing 'search-default-mode' to +the value 'char-fold-to-regexp'. You can also toggle character +folding in the middle of a search by typing 'M-s ''. + +'query-replace' honors character folding if the new variable +'replace-char-fold' is customized to a non-nil value. + +*** New user option 'search-default-mode'. +This option specifies the default mode for Isearch. The default +value, nil specifies that Isearch does literal searches (however, +'case-fold-search' and 'isearch-lax-whitespace' may still be applied, +as in previous Emacs versions). + +*** New function 'char-fold-to-regexp' can be used +by searching commands to produce a regexp matching anything that +char-folds into STRING. + +*** The new 'M-s M-w' key binding uses eww to search the web for the +text in the region. The search engine to use for this is specified by +the customizable variable 'eww-search-prefix'. + +*** 'query-replace' history is enhanced. +When 'query-replace' reads the FROM string from the minibuffer, typing +'M-p' will now show previous replacements as "FROM SEP TO", where FROM +and TO are the original text and its replacement, and SEP is an arrow +string defined by the new variable 'query-replace-from-to-separator'. +To select a prior replacement, type 'M-p' until the desired +replacement appears in the minibuffer, and then exit the minibuffer by +typing RET. + +** Calc +*** If 'quick-calc' is called with a prefix argument, insert the +result of the calculation into the current buffer. + +** In Edebug, you can now set the initial mode with 'C-x C-a C-m'. +With this you can tell Edebug not to stop at the start of the first +instrumented function. + +** ElDoc + +*** New minor mode 'global-eldoc-mode'. +It is turned on by default, and affects '*scratch*' and other buffers +whose major mode supports Emacs Lisp. + +*** 'eldoc-documentation-function' now defaults to 'ignore'. + +*** 'describe-char-eldoc' displays information about character at point, +and can be used as a default value of 'eldoc-documentation-function'. It is +useful when, for example, one needs to distinguish various spaces - e.g., +U+00A0 (NO-BREAK SPACE), U+2002 (EN SPACE), and U+2009 (THIN SPACE) - while +using mono-spaced font. + +** eww + +*** HTML can now be rendered using variable-width fonts. + +*** A new command 'F' ('eww-toggle-fonts') can be used to toggle +whether to use variable-pitch fonts or not. The user can also +customize the 'shr-use-fonts' variable. + +*** A new command 'R' ('eww-readable') will try do identify the main +textual parts of a web page and display only that, leaving menus and +the like off the page. + +*** A new command 'D' ('eww-toggle-paragraph-direction') allows you to +toggle the paragraph direction between left-to-right and right-to-left. + +*** You can now use several eww buffers in parallel by renaming eww +buffers you want to keep separate. + +*** Partial state of the eww buffers (the URIs and the titles of the +pages visited) is now preserved in the desktop file. + +*** 'eww-after-render-hook' is now called after eww has rendered +the data in the buffer. + +*** The 'eww-reload' command now takes a prefix to not reload via +the net, but just use the local copy of the HTML. + +*** The DOM shr and eww uses has been changed to the general Emacs +xml.el/libxml2 DOM, and a new package dom.el has been added to +interact with this DOM. See the Emacs Lisp manual for interface +details. + +*** 'mailcap-mime-data' is now consulted when displaying PDF files. + +*** The new 'S' command will list all eww buffers, and allow managing +them. + +*** https pages with valid certificates have headers marked in green, while +invalid certificates are marked in red. + +** Message mode + +*** text/html messages that contain inline image parts will be +transformed into multipart/related messages before sending. + +** In Show Paren Mode, a parenthesis can be highlighted when point +stands inside it, and certain parens can be highlighted when point is +at BOL or EOL, or in whitespace there. To enable these, customize, +respectively, 'show-paren-when-point-inside-paren' or +'show-paren-when-point-in-periphery'. + +** If gpg2 exists on the system, it is now used as the default value +of 'epg-gpg-program' (instead of gpg). + +** Lisp mode + +*** Strings after ':documentation' are highlighted as docstrings. +This enhances Lisp mode fontification to handle documentation of the +form '(:documentation "the doc string")' used in Common Lisp code for +CLOS class and slot documentation. + +** Rectangle editing + +*** Rectangle Mark mode can have corners past EOL or in the middle of a TAB. + +*** 'C-x C-x' in 'rectangle-mark-mode' now cycles through the four corners. +*** 'string-rectangle' provides on-the-fly preview of the result. + +** New font-lock functions 'font-lock-ensure' and 'font-lock-flush'. +These should be used in preference to 'font-lock-fontify-buffer' when +called from Lisp. + +** Macro 'minibuffer-with-setup-hook' can optionally append a function +to 'minibuffer-setup-hook'. + +If the first argument of the macro is of the form '(:append FUN)', +then FUN will be appended to 'minibuffer-setup-hook', instead of +prepending it. + +** cl-lib +*** New functions 'cl-fresh-line', 'cl-digit-char-p', and 'cl-parse-integer'. + +*** 'pcase' accepts the new UPattern 'cl-struct'. + +** Calendar and diary + +*** The default 'diary-file' is now located in "~/.emacs.d". + +*** New commands to insert diary entries with Chinese dates: +'diary-chinese-insert-anniversary-entry' 'diary-chinese-insert-entry' +'diary-chinese-insert-monthly-entry', 'diary-chinese-insert-yearly-entry'. + +*** The calendar can now list and mark diary entries with Chinese dates. +See 'diary-chinese-list-entries' and 'diary-chinese-mark-entries'. + +*** The option 'calendar-mode-line-format' can now be nil, +which means to do nothing special with the mode line in calendars. + +*** New option 'calendar-weekend-days'. +The option customizes which day headers receive the +'calendar-weekend-header' face. + +*** New optional args N and STRING for 'holiday-greek-orthodox-easter'. + +*** Many items obsolete since at least version 23.1 have been removed. +The majority were function/variable/face aliases, too numerous to list here. +The remainder were: + +**** Functions 'calendar-one-frame-setup', 'calendar-only-one-frame-setup', +'calendar-two-frame-setup', 'european-calendar', 'american-calendar'. + +**** Hooks 'cal-menu-load-hook', 'cal-x-load-hook'. + +**** Macro 'calendar-for-loop'. + +**** Variables 'european-calendar-style', 'diary-face', 'hebrew-holidays-{1,4}'. + +**** The nil and list forms of 'diary-display-function'. + +** New ERT function 'ert-summarize-tests-batch-and-exit'. +If the output of ERT tests in batch mode execution can be saved to a +log file, then it can be passed as an argument to the above function +to produce a neat summary. + +** New js.el option 'js-indent-first-init'. + +** Info + +** Info mode now displays symbol names in fixed-pitch font. +If you want to get the old behavior back, customize the 'Info-quoted' +face to use the same definitions as the default face. + +*** 'Info-fontify-maximum-menu-size' can be t for no limit. + +*** 'info-display-manual' can now be given a prefix argument which (any +non-nil value) directs the command to limit the completion +alternatives to currently visited manuals. + +** ntlm.el has support for NTLM2. + +** Rmail + +*** The Rmail commands 'd', 'C-d' and 'u' take optional repeat counts +to delete or undelete multiple messages. + +*** Rmail can now render HTML mail messages if your Emacs was built with +libxml2 or if you have the Lynx browser installed. By default, Rmail +will display the HTML version of a mail message that has both HTML and +plain text parts, if display of HTML email is possible; customize the +'rmail-mime-prefer-html' option to nil if you don't want that. + +*** In the commands that make summaries by subject, recipients, or senders, +you can no longer use commas to separate regular expressions. + +** SES now supports local printer functions; see 'ses-define-local-printer'. + +** Shell-script Mode +*** In sh-mode you can now use 'sh-shell' as a file-local variable to +specify the type of shell in use (bash, csh, etc). + +*** New value 'always' for 'sh-indent-after-continuation'. +This provides old-style ("dumb") indentation of continued lines. +See the doc string of 'sh-indent-after-continuation' for details. + +** TLS +*** Fatal TLS errors are now silent by default. + +*** If Emacs isn't built with TLS support, an external TLS-capable +program is used instead. This program used to be run in --insecure +mode by default, but has now changed to be secure instead, and will +fail if you try to connect to non-verifiable hosts. This is +controlled by the 'tls-program' variable. + +** URL + +*** The URL package accepts now the protocols "ssh", "scp" and "rsync". +When 'url-handler-mode' is enabled, file operations for these +protocols as well as for "telnet" and "ftp" are passed to Tramp. + +*** The URL package allows customizing the 'url-user-agent' string. +The new 'url-user-agent' variable can be customized to be a string or +a function. + +*** The new interface variable 'url-request-noninteractive' can be used +to specify that we're running in a noninteractive context, and that +we should not be queried about things like TLS certificate validity. + +*** 'url-mime-accept-string' can now be used as in "interface" +variable, meaning you can bind it around an 'url-retrieve' call. + +*** If URL is used with a https connection, the first callback argument +PLIST will contain a :peer element that has the output of +'gnutls-peer-status' (if Emacs is built with GnuTLS support). + +** Tramp + - *** New connection method "afp", which allows you to access Mac OS X ++*** New connection method "afp", which allows you to access macOS +volumes via the Apple Filing Protocol. + +*** New connection method "nc", which allows you to access dumb +busyboxes. + +*** Method-specific parameters can be overwritten now with variable +'tramp-connection-properties'. + +*** Handler for 'file-notify-valid-p' for remote machines that support +filesystem notifications. + +** SQL mode + +*** New user variable 'sql-default-directory' enables remote +connections using Tramp. + +*** New command 'sql-send-line-and-next'. +This command, bound to 'C-c C-n' by default, sends the current line to +the SQL process and advances to the next line, skipping whitespace and +comments. + +*** Added support for Vertica SQL. + +** VC and related modes + +*** Basic push support, via 'vc-push', bound to 'C-x v P'. +Implemented for Bzr, Git, Hg. As part of this change, the pre-existing +(undocumented) command 'vc-hg-push' now behaves slightly differently. + +*** The new command 'vc-region-history' shows the log+diff of the active region. + +*** You can refresh the VC state of a file buffer with 'M-x vc-refresh-state'. +This command is useful when you perform version control commands +outside Emacs (e.g., from the shell prompt), or if you switch the VC +back-end for the buffer's file, or remove it from version control. + +*** New option 'vc-annotate-background-mode' controls whether +the color range from 'vc-annotate-color-map' is applied to the +background or to the foreground. + +*** New options for customizing encoding of Git commit log messages. +The new user options 'vc-git-commits-coding-system' and +'vc-git-log-output-coding-system' specify the encoding of log messages +sent to Git when committing, and the decoding of log messages read +from Git history commands. These options default to UTF-8; if +customized, they should be consistent with the Git config variables +i18n.commitEncoding and i18n.logOutputEncoding. +('vc-git-commits-coding-system' existed previously, but was a +variable, not a user option.) + +*** 'compare-windows' now compares text with the most recently selected window +instead of the next window. If you want the previous behavior of +comparing with the next window, customize the new option +'compare-windows-get-window-function' to the value +'compare-windows-get-next-window'. + +*** Two new faces 'compare-windows-removed' and 'compare-windows-added' +replace the face 'compare-windows', which is now an obsolete alias for +'compare-windows-added'. + +*** The VC state indicator in the mode line now has different faces +corresponding to each of the possible states. See the 'vc-faces' +customization group. + +*** 'log-edit-insert-changelog' converts "(tiny change)" to +"Copyright-paperwork-exempt: yes". Set 'log-edit-rewrite-tiny-change' +nil to disable this. + +*** vc-mcvs.el has been removed. + +** VHDL mode now supports VHDL'08. + +** Calculator + +*** Decimal display mode uses "," groups, so it's more +fitting for use in money calculations + +*** Factorial works with non-integer inputs. + +** Hide-IfDef mode + +*** Hide-IfDef mode now support full C/C++ expressions in macros, +macro argument expansion, interactive macro evaluation and automatic +scanning of #define'd symbols. + +*** New command 'hif-evaluate-macro', bound to 'C-c @ e', displays the +result of evaluating a macro. + +*** New command 'hif-clear-all-ifdef-define', bound to 'C-c @ C', clears +all defined symbols in 'hide-ifdef-env'. + +*** New custom variable 'hide-ifdef-header-regexp' to define C/C++ header +file name patterns. Defaults to files whose extension is one of '.h', +'.hh', '.hpp', '.hxx', or '.h++', matched case-insensitively. + +*** New custom variable 'hide-ifdef-expand-reinclusion-protection' to prevent +reinclusion protected (a.k.a. "idempotent") header files from being hidden. +(This could happen when an idempotent header file is visited again, +when its guard symbol is already defined.) Defaults to t. + +*** New custom variable 'hide-ifdef-exclude-define-regexp' to define symbol +name patterns (e.g. all "FOR_DOXYGEN_ONLY_*") to be ignored when +looking for macro definitions. By default, no symbols are ignored. + +** TeX mode + +*** New custom variable 'tex-print-file-extension' to help users who +use PDF instead of DVI. + +*** TeX mode now supports Prettify Symbols mode. When enabling +'prettify-symbols-mode' in a tex-mode buffer, \alpha ... \omega, and +many other math macros are displayed using unicode characters. + +** New 'big-indent' style in 'whitespace-mode' highlights deep indentation. +By default, 32 consecutive spaces or four consecutive TABs are +considered to be too deep, but the new variable +'whitespace-big-indent-regexp' can be customized to change that. + +** New options in 'tildify-mode'. +New options 'tildify-space-string', 'tildify-pattern', and +'tildify-foreach-region-function' variables make +'tildify-string-alist', 'tildify-pattern-alist', and +'tildify-ignored-environments-alist' variables (as well as a few +helper functions) obsolete. + +** New package Xref replaces Etags's front-end and UI. + +The new package Xref provides a generic framework and new commands to +find and move to definitions of functions, macros, data structures +etc., as well as go back to the location where you were before moving +to a definition. It supersedes and obsoletes many Etags commands, +while still using the etags.el code that reads the TAGS tables as one +of its back-ends. + +The command 'xref-find-definitions' replaces 'find-tag' and provides +an interface to pick one definition among several. +'tags-loop-continue' is now unbound. 'xref-pop-marker-stack' replaces +'pop-tag-mark', but has a keybinding ('M-,') different from the one +'pop-tag-mark' used. + +'xref-find-definitions-other-window' replaces 'find-tag-other-window'. +'xref-find-definitions-other-frame' replaces 'find-tag-other-frame'. +'xref-find-apropos' replaces 'find-tag-regexp'. + +As a result of this, the following commands are now obsolete: +'find-tag-other-window', 'find-tag-other-frame', 'find-tag-regexp', +'tags-apropos'. + +'tags-loop-continue' is not obsolete because it's still useful in +'tags-search' and 'tags-query-replace', for which there are no direct +replacements yet. + +*** Variants of 'tags-search' and 'tags-query-replace' in Dired were also +replaced by xref-style commands, see the "Dired" section below. + +*** New variables + +'find-tag-marker-ring-length' is now an obsolete alias for +'xref-marker-ring-length'. 'find-tag-marker-ring' is now an obsolete +alias for a private variable. 'xref-push-marker-stack' and +'xref-pop-marker-stack' should be used instead to manipulate the stack +of searches for definitions. + +*** 'xref-find-definitions' and 'describe-function' now display +information about mode local overrides (defined by cedet/mode-local.el +'define-overloadable-function' 'define-mode-local-overrides'). + +The framework's Lisp API is still experimental and can change in major, +backward-incompatible ways. + +** New package Project + +The new package Project provides generic infrastructure for dealing +with projects. The main commands included in it are +'project-find-file' and 'project-find-regexp'. + +The Lisp API of this package is still experimental. + +** EUDC +EUDC's LDAP backend has been improved. + +*** EUDC supports LDAP-over-SSL URLs (ldaps://). + +*** EUDC passes LDAP passwords through a pipe to the ldapsearch +subprocess instead of on the command line. + +*** EUDC handles LDAP wildcards automatically so the user shouldn't +need to configure this manually anymore. + +*** The LDAP configuration section of EUDC's manual has been +rewritten. + +There have also been customization changes. + +*** New custom variable 'eudc-server-hotlist' to allow specifying +multiple EUDC servers in init file. + +*** Custom variable 'eudc-inline-query-format' defaults to completing +on email and firstname instead of surname. + +*** Custom variable 'eudc-expansion-overwrites-query' defaults to nil +to avoid interfering with the kill ring. + +*** Custom variable 'eudc-inline-expansion-format' defaults to +"Firstname Surname ". + +*** Custom variable 'eudc-options-file' defaults to +"~/.emacs.d/eudc-options". + +*** New custom variable 'ldap-ldapsearch-password-prompt-regexp' to +allow overriding the regular expression that recognizes the ldapsearch +command line's password prompt. + +*** EUDC's BBDB backend now supports BBDB 3. + +*** EUDC's PH backend (eudcb-ph.el) is obsolete. + +** Eshell + +*** The new built-in command 'clear' can scroll window contents out of sight. +If provided with an optional non-nil argument, the scrollback contents +will be cleared. + +*** New buffer syntax '#', which is equivalent to +'#'. This shorthand makes interacting with +buffers from eshell more convenient. Custom variable +'eshell-buffer-shorthand', which has been broken for a while, has been +removed. + +*** By default, eshell "visual" program buffers (created by +'eshell-visual-commands' and similar custom vars) are no longer killed +when their processes die. This fixes issues with short-lived commands +and makes visual programs more useful in general. For example, if +"git log" is a visual command, it will always show the visual command +buffer, even if the "git log" process dies. For the old behavior, +make the new option 'eshell-destroy-buffer-when-process-dies' non-nil. + +** Browse-url + +*** Support for the Google Chrome web browser. + +*** Support for the Conkeror web browser. + +*** Support for several ancient browsers is now officially obsolete. + +** 'tar-mode': new 'tar-new-entry' command, allowing for new members to +be added to the archive. + +** Autorevert + +*** Dired buffers are also auto-reverted via file notifications, if +Emacs is compiled with file notification support. + +*** 'auto-revert-use-notify' is set to nil in 'global-auto-revert-mode'. +See . + +** File Notifications + - *** The kqueue library is integrated for *BSD and Mac OS X machines. ++*** The kqueue library is integrated for *BSD and macOS machines. + +*** The new event 'stopped' signals, that a file notification watch is +not active any longer. + +*** The new function 'file-notify-valid-p' checks, whether a file +notification descriptor still corresponds to an activate watch. + +** Dired + +*** The command 'dired-do-compress', bound to 'Z', now can compress +directories and decompress zip files. + +*** New command 'dired-do-compress-to', bound to 'c', can be used to +compress many marked files into a single named archive. The +compression command is determined from the new +'dired-compress-files-alist' variable. + +*** New user interface for the 'A' and 'Q' commands. +These keys, now bound to 'dired-do-find-regexp' and +'dired-do-find-regexp-and-replace', work similarly to 'xref-find-apropos' +and 'xref-query-replace-in-results': they present the matches +in the '*xref*' buffer and let you move through the matches. No need +to use 'tags-loop-continue' to resume the search or replace loop. The +previous commands, 'dired-do-search' and +'dired-do-query-replace-regexp', are still available, but not bound to +keys; rebind 'A' and 'Q' to invoke them if you want the old behavior +back. We intend to obsolete the old commands in a future release. + +** Tabulated List Mode + +*** It is now safe for a mode that derives 'tabulated-list-mode' to not +call 'tabulated-list-init-header', in which case it will have no +header. + +*** 'tabulated-list-print' takes a second optional argument, UPDATE, +which specifies an alternative printing method which is faster when +few or no entries have changed. + +** Obsolete packages + +*** gulp.el + +*** landmark.el (moved to elpa.gnu.org) + + +* New Modes and Packages in Emacs 25.1 + +** pinentry.el allows GnuPG passphrase to be prompted through the +minibuffer instead of a graphical dialog, depending on whether the gpg +command is called from Emacs (i.e., INSIDE_EMACS environment variable +is set). This feature requires newer versions of GnuPG (2.1.5 or +later) and Pinentry (0.9.5 or later). To use this feature, add +"allow-emacs-pinentry" to "~/.gnupg/gpg-agent.conf" and reload the +configuration with "gpgconf --reload gpg-agent". + +** cl-generic.el provides CLOS-style multiple-dispatch generic functions. +The main entry points are 'cl-defgeneric' and 'cl-defmethod'. See the +node "Generic Functions" in the Emacs Lisp manual for more details. + +** 'scss-mode' (a minor variant of 'css-mode') is a major mode for editing +SCSS (Sassy CSS) files. + +** 'let-alist' is a new macro (and a package) that allows one to easily +let-bind the values stored in an alist. + +** 'tildify-mode' allows automatic insertion of hard spaces as one +types the text. Breaking line after a single-character words is +forbidden by Czech and Polish typography (and may be discouraged in +other languages), so 'auto-tildify-mode' makes it easier to create +a typographically-correct documents. + +** The 'seq' library adds sequence manipulation functions and macros +that complement basic functions provided by subr.el. All functions +are prefixed with 'seq-' and work on lists, strings and vectors. +'pcase' accepts a new Upattern 'seq'. + +** The 'map' library provides map-manipulation functions that work on +alists, hash-table and arrays. All functions are prefixed with +'map-'. 'pcase' accepts a new UPattern 'map'. + +** The 'thunk' library provides functions and macros to control the +evaluation of forms. + +** 'js-jsx-mode' (a minor variant of 'js-mode') provides indentation +support for JSX, an XML-like syntax extension to ECMAScript. + + +* Incompatible Lisp Changes in Emacs 25.1 + +** 'setq' and 'setf' must now be called with an even number of +arguments. The earlier behavior of silently supplying a nil to the +last variable when there was an odd number of arguments has been +eliminated. + +** 'syntax-begin-function' is declared obsolete. +Removed 'font-lock-beginning-of-syntax-function' and the SYNTAX-BEGIN +slot in 'font-lock-defaults'. + +** The new implementation of Subword mode affects word movement everywhere. +When Subword mode is turned on, 'forward-word', 'backward-word', and +everything that uses them will move by sub-words, effectively +overriding the buffer's syntax table. Lisp programs that shouldn't be +affected by Subword mode should call the new functions +'forward-word-strictly' and 'backward-word-strictly' instead. + +** 'package-initialize' now sets 'package-enable-at-startup' to nil if +called during startup. Users who call this function in their init +file and still expect it to be run after startup should set +'package-enable-at-startup' to t after the call to +'package-initialize'. + +** ':global' minor mode use 'setq-default' rather than 'setq'. +This means that you can't use 'make-local-variable' and expect them to +"magically" become buffer-local. + +** 'track-mouse' no longer freezes the shape of the mouse pointer. +The 'track-mouse' form no longer refrains from changing the shape of +the mouse pointer for the entire time the body of that form is +executed. Lisp programs that use 'track-mouse' for dragging across +large portions of the Emacs display, and want to avoid changes in the +pointer shape during dragging, should bind the variable 'track-mouse' +to the special value 'dragging' in the body of the form. + +** The optional PREDICATE argument of 'lisp-complete-symbol' no longer +has any effect. (This change was made in Emacs 24.4 but was not +advertised at the time.) + +** 'indirect-function' does not signal 'void-function' any more. +This is mostly a bug-fix, since this change was missed back in 24.4 when +'symbol-function' was changed not to signal 'void-function' any more. + +*** As a consequence, the second arg of 'indirect-function' is now obsolete. + +** 'M-x shell' and 'M-x compile' no longer set the EMACS environment variable. +This avoids clashing when other programs use the variable for other purposes. +Although 'M-x term' still sets EMACS for compatibility with Bash 4.3 +and earlier, this is deprecated and will be phased out when Bash 4.4 +or later takes over. Use the INSIDE_EMACS environment variable instead. + +** 'save-excursion' does not save&restore the mark any more. +Use 'save-mark-and-excursion' if you want the old behavior. + +** 'read-buffer' and 'read-buffer-function' can now be called with a 4th +argument (PREDICATE). + +** 'completion-table-dynamic' by default stays in the minibuffer. +The minibuffer will be the current buffer when the function is called. +If you want the old behavior of calling the function in the buffer +from which the minibuffer was entered, use the new argument +SWITCH-BUFFER to 'completion-table-dynamic'. + +** window-configurations no longer record the buffers' marks. + +** 'inhibit-modification-hooks' now also inhibits lock-file checks, as +well as active region handling. + +** 'deactivate-mark' is now buffer-local. + +** 'cl-the' now asserts that its argument is of the given type. + +** 'process-running-child-p' may now return a numeric process +group ID instead of t. + +** Mouse click events on mode line or header line no longer include +any reference to a buffer position. The 6th member of the mouse +position list returned for such events is now nil. + +** Menu items in keymaps do not support the "key shortcut cache" any more. +These slots used to hold key-shortcut data, but have been obsolete since +Emacs 21. + +** Emacs no longer downcases the first letter of a system diagnostic +when signaling a file error. For example, it now reports "Permission +denied" instead of "permission denied". The old behavior was problematic +in languages like German where downcasing rules depend on grammar. + +** New variable 'text-quoting-style' to control how Emacs translates quotes. +Set it to 'curve' for curved single quotes, to 'straight' for straight +apostrophes, and to 'grave' for grave accent and apostrophe. The +default value nil acts like 'curve' if curved single quotes are +displayable, and like 'grave' otherwise. The new variable affects +display of diagnostics and help, but not of info. As the variable is +not intended for casual use, it is not a user option. + +** Message-issuing functions like 'message' and 'error' now translate +various sorts of single quotes in their format strings according to +the value of 'text-quoting-style' (see above). This translation +cannot be disabled. To get the old behavior, use 'format', which is +not affected by 'text-quoting-style', e.g., (message "%s" (format +"...." foo bar)). + +** 'substitute-command-keys' now replaces quotes. +That is, it converts documentation strings' quoting style as per the +value of 'text-quoting-style'. Doc strings in source code can use +either curved single quotes or grave accents and apostrophes. As +before, characters preceded by \= are output as-is. + +** The character classes [:alpha:] and [:alnum:] in regular expressions +now match multibyte characters using Unicode character properties. +If you want the old behavior where they matched any character with +word syntax, use '\sw' instead. + +** The character classes [:graph:] and [:print:] in regular expressions +no longer match every multibyte character. Instead, Emacs now +consults the Unicode character properties to determine which +characters are graphic or printable. In particular, surrogates and +unassigned codepoints are now rejected. If you want the old behavior, +use [:multibyte:] instead. + +** The 'diff' command uses the unified format now. To restore the old +behavior, set 'diff-switches' to '-c'. + +** 'grep-template' and 'grep-find-template' values don't include the +--color argument anymore. It's added at the place holder position +dynamically. Any third-party code that changes these templates should +be updated accordingly. + +** '(/ N)' is now equivalent to '(/ 1 N)' rather than to '(/ N 1)'. +The new behavior is compatible with Common Lisp and with XEmacs. +This change does not affect Lisp code intended to be portable to +Emacs 24.2 and earlier, which did not support unary '/'. + +** The 'default-directory' value doesn't have to end slash. To make +that happen, 'unhandled-file-name-directory' now defaults to calling +'file-name-as-directory'. + +** The URL package now insists on sending only unibyte strings to server +This means packages that use URL cannot bind 'url-request-data' to +multibyte strings. If non-ASCII characters should be part of the URL +payload, then 'url-request-data' should be encoded to become a unibyte +string. + + +* Lisp Changes in Emacs 25.1 + +** 'pcase' +*** New UPatterns 'quote', 'app'. +*** New UPatterns can be defined with 'pcase-defmacro'. +*** New vector QPattern. + +** 'syntax-propertize' is now automatically called on-demand during forward +parsing functions like 'forward-sexp'. + +** New hooks 'prefix-command-echo-keystrokes-functions' and +'prefix-command-preserve-state-hook' allow the definition of prefix +commands other than the predefined 'C-u'. + +** New functions 'filepos-to-bufferpos' and 'bufferpos-to-filepos'. +These allow conversion between buffer positions and the corresponding +file byte offsets, given the file's encoding. + +** The default value of 'load-read-function' is now 'read'. +Previously, the default value of nil implied using 'read'. + +** New hook 'pre-redisplay-functions'. +It is a bit easier to use than 'pre-redisplay-function'. + +** The second arg of 'looking-back' should always be provided explicitly. +Previously, it was an optional argument, now it's mandatory. + +** Text properties 'intangible', 'point-entered', and 'point-left' are obsolete. +Replaced by properties 'cursor-intangible' and 'cursor-sensor-functions', +implemented by the new 'cursor-intangible-mode' and +'cursor-sensor-mode' minor modes. + +** 'inhibit-point-motion-hooks' now defaults to t and is obsolete. +Use the new minor modes 'cursor-intangible-mode' and +'cursor-sensor-mode' instead. + +** New process type 'pipe', which can be used in combination with the +':stderr' keyword of 'make-process' to handle standard error output +of subprocess. + +** New function 'make-process' provides an alternative interface to +'start-process'. It allows programs to set process parameters such as +process filter, sentinel, etc., through keyword arguments (similar to +'make-network-process'). + +** Subprocesses are automatically told about changes in window dimensions. +The new option 'window-adjust-process-window-size-function' controls +how subprocesses are told to adapt their logical window sizes to +changes in the Emacs window configuration. Its default value calls +'set-process-window-size' with the smallest dimensions of all the +windows that display the subprocess's buffer. + +** A new function 'directory-files-recursively' returns all matching +files (recursively) under a directory. + +** New variable 'inhibit-message', when bound to non-nil, inhibits +'message' and related functions from displaying messages in the echo +area. The output is still logged to the '*Messages*' buffer. + +** A new text property 'inhibit-read-only' can be used in read-only +buffers to allow certain parts of the text to be writable. + +** A new variable 'comment-end-can-be-escaped' is useful in languages +such as C and C++ where line comments with escaped newlines are +continued to the next line. + +** New macro 'define-advice'. + +** Emacs Lisp now supports generators. +See the "Generators" section of the ELisp manual for the details. + +** New finalizer facility for running code when objects become unreachable. +See the "Finalizer Type" subsection in the ELisp manual for the +details. + +** Lexical closures can use '(:documentation FORM)' to build their docstring. +It should be placed right where the docstring would be, and FORM is then +evaluated (and should return a string) when the closure is built. + +** 'define-inline' provides a new way to define inlinable functions. + +** New function 'macroexpand-1' to perform a single step of macro expansion. + +** Some "x-*" functions were obsoleted and/or renamed: +*** 'x-select-text' is renamed 'gui-select-text'. +*** 'x-selection-value' is renamed 'gui-selection-value'. +*** 'x-get-selection' is renamed 'gui-get-selection'. +*** 'x-get-clipboard' and 'x-clipboard-yank' are marked obsolete. +*** 'x-get-selection-value' is renamed to 'gui-get-primary-selection'. +*** 'x-set-selection' is renamed to 'gui-set-selection'. + +** New function 'string-greaterp', which return the opposite result of +'string-lessp'. + +** The new functions 'string-collate-lessp' and 'string-collate-equalp' +preserve the collation order as defined by the system's locale(1) +environment. For the time being this is implemented for modern POSIX +systems and for MS-Windows, for other systems they fall back to their +counterparts 'string-lessp' and 'string-equal'. + +*** The ls-lisp package uses 'string-collate-lessp' to sort file names. +The effect is that, on systems that use ls-lisp for Dired, the default +sort order of the files in Dired is now different from what it was in +previous versions of Emacs. In particular, the file names are sorted +disregarding punctuation, accents, and diacritics, and letter case is +ignored. For example, files whose name begin with a period will no +longer appear near the beginning of the directory listing. If you +want the old, locale-independent sorting, customize the new option +'ls-lisp-use-string-collate' to the nil value. + +*** The MS-Windows specific variable 'w32-collate-ignore-punctuation', +if set to a non-nil value, causes the above 2 functions to ignore +symbol and punctuation characters when collating strings. This +emulates the behavior of modern Posix platforms when the locale's +codeset is "UTF-8" (as in "en_US.UTF-8"). This is needed because +MS-Windows doesn't support UTF-8 as codeset in its locales. + +** New function 'alist-get', which is a generalized variable +suitable for use with 'setf'. + +** New function 'funcall-interactively', which works like 'funcall' +but makes 'called-interactively-p' treat the function as (you guessed it) +called interactively. + +** New function 'function-put' to use instead of 'put' for function properties. + +** The new function 'bidi-find-overridden-directionality' allows you to +find characters whose directionality was, perhaps maliciously, +overridden by directional override control characters. Lisp programs +can use this to detect potential phishing of URLs and other links that +exploits bidirectional display reordering. + +** The new function 'buffer-substring-with-bidi-context' allows you to +copy a portion of a buffer into a different location while preserving +the visual appearance both of the copied text and the text at +destination, even when the copied text includes mixed bidirectional +text and directional control characters. + +** New properties that can be specified with 'declare': +*** '(interactive-only INSTEAD)', says to use INSTEAD for non-interactive use. +*** '(pure VAL)', if VAL is non-nil, indicates the function is pure. +*** '(side-effect-free VAL)', if VAL is non-nil, indicates the function does not +have side effects. + +** New macro 'with-file-modes', for evaluating expressions with default file +permissions set to temporary values (e.g., for creating private files). + +** You can access the slots of structures using 'cl-struct-slot-value'. + +** Function 'sort' can deal with vectors. + +** Function 'system-name' now returns an updated value if the current +system's name has changed or if the Emacs process has changed systems. +To avoid long waits it no longer consults DNS to canonicalize the name +(in some cases this may affect generated message-id headers - customize +'message-user-fqdn' if this bothers you). The variable 'system-name' +is now obsolete. + +** Function 'write-region' no longer outputs "Wrote FILE" in batch mode. + +** If 'pwd' is called with a prefix argument, insert the current default +directory at point. + +** New functions return extended information about fonts and faces. + +*** The function 'font-info' now returns more details about a font. +In particular, it now returns the average width of the font's +characters, which can be used for geometry-related calculations. + +*** A new function 'default-font-width' returns the average width of a +character in the current buffer's default font. If the default face +is remapped (see 'face-remapping-alist'), the value for the remapped +face is returned. This function complements the existing function +'default-font-height'. + +*** New functions 'window-font-height' and 'window-font-width' return +the height and average width of characters in a specified face and +window. If FACE is remapped (see 'face-remapping-alist'), the +function returns the information for the remapped face. + +*** A new function 'window-max-chars-per-line' returns the maximal +number of characters that can be displayed on one line. If a face +and/or window are provided, these values are used for the +calculation. This function is different from 'window-body-width' in +that it accounts for (i) continuation glyphs, (ii) the size of the +font, and (iii) the specified window. + +** New utilities in subr-x.el: + +*** New macros 'if-let' and 'when-let' allow defining bindings and to +execute code depending whether all values are true. + +*** New macros 'thread-first' and 'thread-last' allow threading a form +as the first or last argument of subsequent forms. + +** Documentation strings now support quoting with curved single quotes +in addition to the old style with grave accent and apostrophe. The +new style looks better on today's displays. In the new Electric Quote +mode, you can enter curved single quotes into documentation by typing +grave accent and apostrophe. Outside Electric Quote mode, you can +enter them by typing 'C-x 8 [' and 'C-x 8 ]', or (if your Alt key +works) by typing 'A-[' and 'A-]'. As described above under +'text-quoting-style', the user can specify how to display doc string +quotes. + +** New function 'format-message' is like 'format' and also converts +curved single quotes, grave accents and apostrophes as per +'text-quoting-style'. + +** 'show-help-function's arg is converted via 'substitute-command-keys' +before being passed to the function. Help strings, help-echo +properties, etc. can therefore contain command key escapes and +quotation marks. + +** Time-related changes: + +*** Time conversion functions now accept an optional ZONE argument +that specifies the time zone rules for conversion. ZONE is omitted or +nil for Emacs local time, t for Universal Time, 'wall' for system wall +clock time, or a string as in the TZ environment variable. The +affected functions are 'current-time-string', 'current-time-zone', +'decode-time', and 'format-time-string'. The function 'encode-time', +which already accepted a simple time zone rule argument, has been +extended to accept all the new forms. + +*** Incompatible change in the third argument of 'format-time-string'. +Previously, any non-nil argument was interpreted as specifying Universal Time. +This is no longer true; packages that want Universal Time should pass t +as the third argument. + +*** Time-related functions now consistently accept numbers +(representing seconds since the epoch) and nil (representing the +current time) as well as the usual list-of-integer representation. +Affected functions include 'current-time-string', 'current-time-zone', +'decode-time', 'float-time', 'format-time-string', 'seconds-to-time', +'time-add', 'time-less-p', 'time-subtract', 'time-to-day-in-year', +'time-to-days', and 'time-to-seconds'. + +*** The 'encode-time-value' and 'with-decoded-time-value' macros have +been obsoleted. + +*** 'calendar-next-time-zone-transition', 'time-add', and +'time-subtract' no longer return time values in the obsolete and +undocumented integer-pair format. Instead, they return a list of two +integers. + +** New function 'set-binary-mode' allows switching a standard stream +of the Emacs process to binary I/O mode. + +** The new function 'directory-name-p' can be used to check whether a file +name (as returned from, for instance, 'file-name-all-completions') is +a directory file name. It returns non-nil if the last character in +the name is a directory separator character (forward slash on GNU and +Unix systems, forward- or backslash on MS-Windows and MS-DOS). + +** ASCII approximations to curved quotes are put in 'standard-display-table' +if the terminal cannot display curved quotes. + +** Standard output and error streams now transliterate characters via +'standard-display-table', and encode output using 'locale-coding-system'. +To force a specific encoding, bind 'coding-system-for-write' to the +coding-system of your choice when invoking functions like 'prin1' and +'message'. + +** New var 'truncate-string-ellipsis' to choose how to indicate truncation. + +** New possible value for 'system-type': 'nacl'. +This is used by Google's Native Client (NaCl). + +** Miscellaneous name change + +For consistency with the usual Emacs spelling, the Lisp variable +'hfy-optimisations' has been renamed to 'hfy-optimizations'. +The old name should still work, as an obsolescent alias. + +** Changes in Frame- and Window- Handling + +*** Emacs can now draw horizontal scroll bars on some platforms that +provide toolkit scroll bars, namely Gtk+, Lucid, Motif and Windows. +Horizontal scroll bars are turned off by default. + +**** New function 'horizontal-scroll-bars-available-p' telling whether +horizontal scroll bars are available on the underlying system. + +**** New mode 'horizontal-scroll-bar-mode' to toggle horizontal scroll +bars on all existing and future frames. + +**** New function 'toggle-horizontal-scroll-bar' to toggle horizontal +scroll bars on the selected frame. + +**** New frame parameters 'horizontal-scroll-bars' and +'scroll-bar-height' to set horizontal scroll bars and their height +for individual frames and in 'default-frame-alist'. + +***** The 'horizontal-scroll-bars' parameter was already present and non-nil +by default in Emacs 24 and before (although it didn't have any +effect). This could cause a problem if you share your desktop files +with older versions of Emacs: saving desktop in Emacs before v25.1, +then restoring it in v25.1 would turn on horizontal scroll bars in all +buffers. To resolve this issue, put this in your ~/.emacs init file: + + (modify-all-frames-parameters '((horizontal-scroll-bars . nil))) + +**** New functions 'frame-scroll-bar-height' and +'window-scroll-bar-height' return the height of horizontal scroll +bars on a specific frame or window. + +**** 'set-window-scroll-bars' now accepts five parameters where the last +two specify height and type of the window's horizontal scroll bar. + +**** 'window-scroll-bars' now returns type and sizes of horizontal scroll +bars too. + +**** New buffer-local variables 'horizontal-scroll-bar' and +'scroll-bar-height'. + +*** New functions 'frame-geometry' and 'frame-edges' give access to a +frame's geometry. + +*** New functions 'mouse-absolute-pixel-position' and +'set-mouse-absolute-pixel-position' get/set screen coordinates of the +mouse cursor. + +*** The function 'window-edges' now accepts three additional arguments to +retrieve body, absolute and pixel edges of the window. + +*** The functions 'window-inside-edges', 'window-inside-pixel-edges' and +'window-inside-absolute-pixel-edges' have been renamed to respectively +'window-body-edges', 'window-body-pixel-edges' and +'window-absolute-body-pixel-edges'. The old names are kept as aliases. + +*** New function 'window-absolute-pixel-position' to get the screen +coordinates of a visible buffer position. + +*** The height of a frame's menu and tool bar are no longer counted in the +frame's text height. This means that the text height stands only for +the height of the frame's root window plus that of the echo area (if +present). This was already the behavior for frames with external tool +and menu bars (like in the Gtk builds) but has now been extended to all +builds. + +*** Frames now do not necessarily preserve the number of columns or lines +they display when setting default font, menu bar, fringe width, or +scroll bars. In particular, maximized and fullscreen frames are +conceptually never resized if such settings change. For fullheight and +fullwidth frames, the behavior may depend on the toolkit used. + +**** New option 'frame-inhibit-implied-resize' if non-nil, means that +setting default font, menu bar, fringe width, or scroll bars of a +specific frame does not resize that frame in order to preserve the +number of columns or lines it displays. + +*** New function 'window-preserve-size' allows you to preserve the size of +a window without "fixing" it. It's supported by 'fit-window-to-buffer', +'temp-buffer-resize-mode' and 'display-buffer'. + +*** New 'display-buffer' action function 'display-buffer-use-some-frame'. +This displays the buffer in an existing frame other than the current +frame, and allows the caller to specify a frame predicate to exclude +frames. + +*** New minor mode 'window-divider-mode' and options +'window-divider-default-places', 'window-divider-default-bottom-width' +and 'window-divider-default-right-width'. + +*** When a window is shrunk horizontally its margins are no longer removed +automatically. Rather, Emacs refuses to split or resize windows when +this would cause margins to no longer fit into the width reserved for the +corresponding window. An application can override this behavior for a +particular window by setting that window's 'min-margins' parameter. As +a consequence, the application becomes fully responsible for trimming +the margin sizes of that window and any window inheriting these margins. + +*** The window displaying the '*Completions*' buffer with minibuffer +completion candidates is now shown at the bottom of the selected +frame. The size of that window is always as large as required to +display all the candidates, except when limited by the minimum size +of the other windows on that frame; those other windows are resized +to provide space for the '*Completions*' display. The Emacs manual +describes how to customize 'display-buffer-alist' to get back the old +behavior, see the node "Temporary Displays" there. + +** Tearoff menus and detachable toolbars for Gtk+ have been removed. +Those features have been deprecated in Gtk+ for a long time. + +** Etags + +*** etags no longer qualifies class members by default. + +By default, 'etags' will not qualify class members for Perl and C-like +object-oriented languages with their class names and namespaces, and +will remove qualifications used explicitly in the code from the tag +names it puts in TAGS files. This is so the etags.el back-end for +'xref-find-definitions' is more accurate and produces less false +positives. + +Use --class-qualify (-Q) if you want the old default behavior of +qualifying class members in C++, Java, Objective C, and Perl. Note +that using -Q might make some class members become "unknown" to 'M-.' +('xref-find-definitions'); if so, you can use 'C-u M-.' to specify the +qualified names by hand. + +*** New language Ruby + +Names of modules, classes, methods, functions, and constants are +tagged. Overloaded operators are also tagged. + +*** New language Go +Names of packages, functions, and types are tagged. + +*** Improved support for Lua + +Etags now tags functions even if the "function" keyword follows some +whitespace at line beginning. + + +* Changes in Emacs 25.1 on Non-Free Operating Systems + +** MS-Windows specific Emacs build scripts are no longer in the distribution. +This includes the makefile.w32-in files in various subdirectories, and +the support files. The file nt/configure.bat now just tells the user +to use the procedure described in nt/INSTALL, by running the Posix +'configure' script in the top-level directory. + +** Building Emacs for MS-Windows requires at least Windows XP +or Windows Server 2003. The built binaries still run on all versions +of Windows starting with Windows 9X. + +** Emacs running on MS-Windows now supports the daemon mode. + +** The byte counts in etags-generated TAGS files are now the same on +MS-Windows as they are on other platforms. + - ** On OS X, configure creates a Cocoa ("Nextstep") build by default. ++** On macOS, configure creates a Cocoa ("Nextstep") build by default. +Pass '--without-ns' to configure to create an X11 build, the old default. + - ** OS X 10.5 or older is no longer supported. ++** Mac OS X 10.5 or older is no longer supported. + - ** OS X on PowerPC is no longer supported. ++** Mac OS X on PowerPC is no longer supported. + +** New variable 'ns-use-fullscreen-animation' controls animation for +non-native NS fullscreen. The default is nil. Set to t to enable - animation when entering and leaving fullscreen. For native OSX fullscreen - this has no effect. ++animation when entering and leaving fullscreen. For native macOS ++fullscreen this has no effect. + - ** On the OS X Cocoa ("Nextstep") port, multicolor font (such as color ++** On the macOS Cocoa ("Nextstep") port, multicolor font (such as color +emoji) display is disabled. This feature was accidentally added when +Emacs 24.4 included the new Core Text based font backend code that was +originally implemented for a non-mainline port. This will be enabled +again once it is also implemented in Emacs on free operating systems. +If some symbols, such as emoji, do not display, we suggest to install +an appropriate font, such as Symbola; then they will be displayed, +albeit without the color effects. + +** The new function 'w32-application-type' returns the type of an +MS-Windows application given the name of its executable program file. + +** New variable 'w32-pipe-buffer-size'. +It can be used to tune the size of the buffer of pipes created for +communicating with subprocesses, when the program run by a subprocess +exhibits unusual buffering behavior. Default is zero, which lets the +OS use its default size. + + +---------------------------------------------------------------------- +This file is part of GNU Emacs. + +GNU Emacs is free software: you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation, either version 3 of the License, or +(at your option) any later version. + +GNU Emacs is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Emacs. If not, see . + + +Local variables: +coding: us-ascii +mode: outline +paragraph-separate: "[ ]*$" +end: diff --cc lisp/auth-source.el index 96693644ceb,00000000000..62d9a4521c0 mode 100644,000000..100644 --- a/lisp/auth-source.el +++ b/lisp/auth-source.el @@@ -1,2149 -1,0 +1,2149 @@@ +;;; auth-source.el --- authentication sources for Gnus and Emacs -*- lexical-binding: t -*- + +;; Copyright (C) 2008-2016 Free Software Foundation, Inc. + +;; Author: Ted Zlatanov +;; Keywords: news + +;; This file is part of GNU Emacs. + +;; GNU Emacs is free software: you can redistribute it and/or modify +;; it under the terms of the GNU General Public License as published by +;; the Free Software Foundation, either version 3 of the License, or +;; (at your option) any later version. + +;; GNU Emacs is distributed in the hope that it will be useful, +;; but WITHOUT ANY WARRANTY; without even the implied warranty of +;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;; GNU General Public License for more details. + +;; You should have received a copy of the GNU General Public License +;; along with GNU Emacs. If not, see . + +;;; Commentary: + +;; This is the auth-source.el package. It lets users tell Gnus how to +;; authenticate in a single place. Simplicity is the goal. Instead +;; of providing 5000 options, we'll stick to simple, easy to +;; understand options. + +;; See the auth.info Info documentation for details. + +;; TODO: + +;; - never decode the backend file unless it's necessary +;; - a more generic way to match backends and search backend contents +;; - absorb netrc.el and simplify it +;; - protect passwords better +;; - allow creating and changing netrc lines (not files) e.g. change a password + +;;; Code: + +(require 'password-cache) + +(eval-when-compile (require 'cl-lib)) +(require 'eieio) + +(autoload 'secrets-create-item "secrets") +(autoload 'secrets-delete-item "secrets") +(autoload 'secrets-get-alias "secrets") +(autoload 'secrets-get-attributes "secrets") +(autoload 'secrets-get-secret "secrets") +(autoload 'secrets-list-collections "secrets") +(autoload 'secrets-search-items "secrets") + +(autoload 'rfc2104-hash "rfc2104") + +(autoload 'plstore-open "plstore") +(autoload 'plstore-find "plstore") +(autoload 'plstore-put "plstore") +(autoload 'plstore-delete "plstore") +(autoload 'plstore-save "plstore") +(autoload 'plstore-get-file "plstore") + +(eval-when-compile (require 'epg)) ;; setf-method for `epg-context-armor' +(autoload 'epg-make-context "epg") +(autoload 'epg-context-set-passphrase-callback "epg") +(autoload 'epg-decrypt-string "epg") +(autoload 'epg-encrypt-string "epg") + +(autoload 'help-mode "help-mode" nil t) + +(defvar secrets-enabled) + +(defgroup auth-source nil + "Authentication sources." + :version "23.1" ;; No Gnus + :group 'gnus) + +;;;###autoload +(defcustom auth-source-cache-expiry 7200 + "How many seconds passwords are cached, or nil to disable +expiring. Overrides `password-cache-expiry' through a +let-binding." + :version "24.1" + :group 'auth-source + :type '(choice (const :tag "Never" nil) + (const :tag "All Day" 86400) + (const :tag "2 Hours" 7200) + (const :tag "30 Minutes" 1800) + (integer :tag "Seconds"))) + +;; The slots below correspond with the `auth-source-search' spec, +;; so a backend with :host set, for instance, would match only +;; searches for that host. Normally they are nil. +(defclass auth-source-backend () + ((type :initarg :type + :initform 'netrc + :type symbol + :custom symbol + :documentation "The backend type.") + (source :initarg :source + :type string + :custom string + :documentation "The backend source.") + (host :initarg :host + :initform t + :type t + :custom string + :documentation "The backend host.") + (user :initarg :user + :initform t + :type t + :custom string + :documentation "The backend user.") + (port :initarg :port + :initform t + :type t + :custom string + :documentation "The backend protocol.") + (data :initarg :data + :initform nil + :documentation "Internal backend data.") + (create-function :initarg :create-function + :initform ignore + :type function + :custom function + :documentation "The create function.") + (search-function :initarg :search-function + :initform ignore + :type function + :custom function + :documentation "The search function."))) + +(defcustom auth-source-protocols '((imap "imap" "imaps" "143" "993") + (pop3 "pop3" "pop" "pop3s" "110" "995") + (ssh "ssh" "22") + (sftp "sftp" "115") + (smtp "smtp" "25")) + "List of authentication protocols and their names" + + :group 'auth-source + :version "23.2" ;; No Gnus + :type '(repeat :tag "Authentication Protocols" + (cons :tag "Protocol Entry" + (symbol :tag "Protocol") + (repeat :tag "Names" + (string :tag "Name"))))) + +;; Generate all the protocols in a format Customize can use. +;; TODO: generate on the fly from auth-source-protocols +(defconst auth-source-protocols-customize + (mapcar (lambda (a) + (let ((p (car-safe a))) + (list 'const + :tag (upcase (symbol-name p)) + p))) + auth-source-protocols)) + +(defvar auth-source-creation-defaults nil + ;; FIXME: AFAICT this is not set (or let-bound) anywhere! + "Defaults for creating token values. Usually let-bound.") + +(defvar auth-source-creation-prompts nil + "Default prompts for token values. Usually let-bound.") + +(make-obsolete 'auth-source-hide-passwords nil "Emacs 24.1") + +(defcustom auth-source-save-behavior 'ask + "If set, auth-source will respect it for save behavior." + :group 'auth-source + :version "23.2" ;; No Gnus + :type `(choice + :tag "auth-source new token save behavior" + (const :tag "Always save" t) + (const :tag "Never save" nil) + (const :tag "Ask" ask))) + +;; TODO: make the default (setq auth-source-netrc-use-gpg-tokens `((,(if (boundp 'epa-file-auto-mode-alist-entry) (car epa-file-auto-mode-alist-entry) "\\.gpg\\'") never) (t gpg))) +;; TODO: or maybe leave as (setq auth-source-netrc-use-gpg-tokens 'never) + +(defcustom auth-source-netrc-use-gpg-tokens 'never + "Set this to tell auth-source when to create GPG password +tokens in netrc files. It's either an alist or `never'. +Note that if EPA/EPG is not available, this should NOT be used." + :group 'auth-source + :version "23.2" ;; No Gnus + :type `(choice + (const :tag "Always use GPG password tokens" (t gpg)) + (const :tag "Never use GPG password tokens" never) + (repeat :tag "Use a lookup list" + (list + (choice :tag "Matcher" + (const :tag "Match anything" t) + (const :tag "The EPA encrypted file extensions" + ,(if (boundp 'epa-file-auto-mode-alist-entry) + (car epa-file-auto-mode-alist-entry) + "\\.gpg\\'")) + (regexp :tag "Regular expression")) + (choice :tag "What to do" + (const :tag "Save GPG-encrypted password tokens" gpg) + (const :tag "Don't encrypt tokens" never)))))) + +(defvar auth-source-magic "auth-source-magic ") + +(defcustom auth-source-do-cache t + "Whether auth-source should cache information with `password-cache'." + :group 'auth-source + :version "23.2" ;; No Gnus + :type `boolean) + +(defcustom auth-source-debug nil + "Whether auth-source should log debug messages. + +If the value is nil, debug messages are not logged. + +If the value is t, debug messages are logged with `message'. In +that case, your authentication data will be in the clear (except +for passwords). + +If the value is a function, debug messages are logged by calling + that function using the same arguments as `message'." + :group 'auth-source + :version "23.2" ;; No Gnus + :type `(choice + :tag "auth-source debugging mode" + (const :tag "Log using `message' to the *Messages* buffer" t) + (const :tag "Log all trivia with `message' to the *Messages* buffer" + trivia) + (function :tag "Function that takes arguments like `message'") + (const :tag "Don't log anything" nil))) + +(defcustom auth-sources '("~/.authinfo" "~/.authinfo.gpg" "~/.netrc") + "List of authentication sources. +Each entry is the authentication type with optional properties. +Entries are tried in the order in which they appear. +See Info node `(auth)Help for users' for details. + +If an entry names a file with the \".gpg\" extension and you have +EPA/EPG set up, the file will be encrypted and decrypted +automatically. See Info node `(epa)Encrypting/decrypting gpg files' +for details. + +It's best to customize this with `\\[customize-variable]' because the choices +can get pretty complex." + :group 'auth-source + :version "24.1" ;; No Gnus + :type `(repeat :tag "Authentication Sources" + (choice + (string :tag "Just a file") + (const :tag "Default Secrets API Collection" default) + (const :tag "Login Secrets API Collection" "secrets:Login") + (const :tag "Temp Secrets API Collection" "secrets:session") + + (const :tag "Default internet Mac OS Keychain" + macos-keychain-internet) + + (const :tag "Default generic Mac OS Keychain" + macos-keychain-generic) + + (list :tag "Source definition" + (const :format "" :value :source) + (choice :tag "Authentication backend choice" + (string :tag "Authentication Source (file)") + (list + :tag "Secret Service API/KWallet/GNOME Keyring" + (const :format "" :value :secrets) + (choice :tag "Collection to use" + (string :tag "Collection name") + (const :tag "Default" default) + (const :tag "Login" "Login") + (const + :tag "Temporary" "session"))) + (list + :tag "Mac OS internet Keychain" + (const :format "" + :value :macos-keychain-internet) + (choice :tag "Collection to use" + (string :tag "internet Keychain path") + (const :tag "default" default))) + (list + :tag "Mac OS generic Keychain" + (const :format "" + :value :macos-keychain-generic) + (choice :tag "Collection to use" + (string :tag "generic Keychain path") + (const :tag "default" default)))) + (repeat :tag "Extra Parameters" :inline t + (choice :tag "Extra parameter" + (list + :tag "Host" + (const :format "" :value :host) + (choice :tag "Host (machine) choice" + (const :tag "Any" t) + (regexp + :tag "Regular expression"))) + (list + :tag "Protocol" + (const :format "" :value :port) + (choice + :tag "Protocol" + (const :tag "Any" t) + ,@auth-source-protocols-customize)) + (list :tag "User" :inline t + (const :format "" :value :user) + (choice + :tag "Personality/Username" + (const :tag "Any" t) + (string + :tag "Name"))))))))) + +(defcustom auth-source-gpg-encrypt-to t + "List of recipient keys that `authinfo.gpg' encrypted to. +If the value is not a list, symmetric encryption will be used." + :group 'auth-source + :version "24.1" ;; No Gnus + :type '(choice (const :tag "Symmetric encryption" t) + (repeat :tag "Recipient public keys" + (string :tag "Recipient public key")))) + +;; temp for debugging +;; (unintern 'auth-source-protocols) +;; (unintern 'auth-sources) +;; (customize-variable 'auth-sources) +;; (setq auth-sources nil) +;; (format "%S" auth-sources) +;; (customize-variable 'auth-source-protocols) +;; (setq auth-source-protocols nil) +;; (format "%S" auth-source-protocols) +;; (auth-source-pick nil :host "a" :port 'imap) +;; (auth-source-user-or-password "login" "imap.myhost.com" 'imap) +;; (auth-source-user-or-password "password" "imap.myhost.com" 'imap) +;; (auth-source-user-or-password-imap "login" "imap.myhost.com") +;; (auth-source-user-or-password-imap "password" "imap.myhost.com") +;; (auth-source-protocol-defaults 'imap) + +;; (let ((auth-source-debug 'debug)) (auth-source-do-debug "hello")) +;; (let ((auth-source-debug t)) (auth-source-do-debug "hello")) +;; (let ((auth-source-debug nil)) (auth-source-do-debug "hello")) +(defun auth-source-do-debug (&rest msg) + (when auth-source-debug + (apply #'auth-source-do-warn msg))) + +(defun auth-source-do-trivia (&rest msg) + (when (or (eq auth-source-debug 'trivia) + (functionp auth-source-debug)) + (apply #'auth-source-do-warn msg))) + +(defun auth-source-do-warn (&rest msg) + (apply + ;; set logger to either the function in auth-source-debug or 'message + ;; note that it will be 'message if auth-source-debug is nil + (if (functionp auth-source-debug) + auth-source-debug + 'message) + msg)) + + +;; (auth-source-read-char-choice "enter choice? " '(?a ?b ?q)) +(defun auth-source-read-char-choice (prompt choices) + "Read one of CHOICES by `read-char-choice', or `read-char'. +`dropdown-list' support is disabled because it doesn't work reliably. +Only one of CHOICES will be returned. The PROMPT is augmented +with \"[a/b/c] \" if CHOICES is \(?a ?b ?c)." + (when choices + (let* ((prompt-choices + (apply #'concat + (cl-loop for c in choices collect (format "%c/" c)))) + (prompt-choices (concat "[" (substring prompt-choices 0 -1) "] ")) + (full-prompt (concat prompt prompt-choices)) + k) + + (while (not (memq k choices)) + (setq k (read-char-choice full-prompt choices))) + k))) + +;; (auth-source-pick nil :host "any" :port 'imap :user "joe") +;; (auth-source-pick t :host "any" :port 'imap :user "joe") +;; (setq auth-sources '((:source (:secrets default) :host t :port t :user "joe") +;; (:source (:secrets "session") :host t :port t :user "joe") +;; (:source (:secrets "Login") :host t :port t) +;; (:source "~/.authinfo.gpg" :host t :port t))) + +;; (setq auth-sources '((:source (:secrets default) :host t :port t :user "joe") +;; (:source (:secrets "session") :host t :port t :user "joe") +;; (:source (:secrets "Login") :host t :port t) +;; )) + +;; (setq auth-sources '((:source "~/.authinfo.gpg" :host t :port t))) + +;; (auth-source-backend-parse "myfile.gpg") +;; (auth-source-backend-parse 'default) +;; (auth-source-backend-parse "secrets:Login") +;; (auth-source-backend-parse 'macos-keychain-internet) +;; (auth-source-backend-parse 'macos-keychain-generic) +;; (auth-source-backend-parse "macos-keychain-internet:/path/here.keychain") +;; (auth-source-backend-parse "macos-keychain-generic:/path/here.keychain") + +(defun auth-source-backend-parse (entry) + "Creates an auth-source-backend from an ENTRY in `auth-sources'." + (auth-source-backend-parse-parameters + entry + (cond + ;; take 'default and recurse to get it as a Secrets API default collection + ;; matching any user, host, and protocol + ((eq entry 'default) + (auth-source-backend-parse '(:source (:secrets default)))) + ;; take secrets:XYZ and recurse to get it as Secrets API collection "XYZ" + ;; matching any user, host, and protocol + ((and (stringp entry) (string-match "^secrets:\\(.+\\)" entry)) + (auth-source-backend-parse `(:source (:secrets ,(match-string 1 entry))))) + + ;; take 'macos-keychain-internet and recurse to get it as a Mac OS + ;; Keychain collection matching any user, host, and protocol + ((eq entry 'macos-keychain-internet) + (auth-source-backend-parse '(:source (:macos-keychain-internet default)))) + ;; take 'macos-keychain-generic and recurse to get it as a Mac OS + ;; Keychain collection matching any user, host, and protocol + ((eq entry 'macos-keychain-generic) + (auth-source-backend-parse '(:source (:macos-keychain-generic default)))) - ;; take macos-keychain-internet:XYZ and recurse to get it as MacOS ++ ;; take macos-keychain-internet:XYZ and recurse to get it as macOS + ;; Keychain "XYZ" matching any user, host, and protocol + ((and (stringp entry) (string-match "^macos-keychain-internet:\\(.+\\)" + entry)) + (auth-source-backend-parse `(:source (:macos-keychain-internet + ,(match-string 1 entry))))) - ;; take macos-keychain-generic:XYZ and recurse to get it as MacOS ++ ;; take macos-keychain-generic:XYZ and recurse to get it as macOS + ;; Keychain "XYZ" matching any user, host, and protocol + ((and (stringp entry) (string-match "^macos-keychain-generic:\\(.+\\)" + entry)) + (auth-source-backend-parse `(:source (:macos-keychain-generic + ,(match-string 1 entry))))) + + ;; take just a file name and recurse to get it as a netrc file + ;; matching any user, host, and protocol + ((stringp entry) + (auth-source-backend-parse `(:source ,entry))) + + ;; a file name with parameters + ((stringp (plist-get entry :source)) + (if (equal (file-name-extension (plist-get entry :source)) "plist") + (auth-source-backend + (plist-get entry :source) + :source (plist-get entry :source) + :type 'plstore + :search-function #'auth-source-plstore-search + :create-function #'auth-source-plstore-create + :data (plstore-open (plist-get entry :source))) + (auth-source-backend + (plist-get entry :source) + :source (plist-get entry :source) + :type 'netrc + :search-function #'auth-source-netrc-search + :create-function #'auth-source-netrc-create))) + - ;; the MacOS Keychain ++ ;; the macOS Keychain + ((and + (not (null (plist-get entry :source))) ; the source must not be nil + (listp (plist-get entry :source)) ; and it must be a list + (or + (plist-get (plist-get entry :source) :macos-keychain-generic) + (plist-get (plist-get entry :source) :macos-keychain-internet))) + + (let* ((source-spec (plist-get entry :source)) + (keychain-generic (plist-get source-spec :macos-keychain-generic)) + (keychain-type (if keychain-generic + 'macos-keychain-generic + 'macos-keychain-internet)) + (source (plist-get source-spec (if keychain-generic + :macos-keychain-generic + :macos-keychain-internet)))) + + (when (symbolp source) + (setq source (symbol-name source))) + + (auth-source-backend + (format "Mac OS Keychain (%s)" source) + :source source + :type keychain-type + :search-function #'auth-source-macos-keychain-search + :create-function #'auth-source-macos-keychain-create))) + + ;; the Secrets API. We require the package, in order to have a + ;; defined value for `secrets-enabled'. + ((and + (not (null (plist-get entry :source))) ; the source must not be nil + (listp (plist-get entry :source)) ; and it must be a list + (require 'secrets nil t) ; and we must load the Secrets API + secrets-enabled) ; and that API must be enabled + + ;; the source is either the :secrets key in ENTRY or + ;; if that's missing or nil, it's "session" + (let ((source (or (plist-get (plist-get entry :source) :secrets) + "session"))) + + ;; if the source is a symbol, we look for the alias named so, + ;; and if that alias is missing, we use "Login" + (when (symbolp source) + (setq source (or (secrets-get-alias (symbol-name source)) + "Login"))) + + (if (featurep 'secrets) + (auth-source-backend + (format "Secrets API (%s)" source) + :source source + :type 'secrets + :search-function #'auth-source-secrets-search + :create-function #'auth-source-secrets-create) + (auth-source-do-warn + "auth-source-backend-parse: no Secrets API, ignoring spec: %S" entry) + (auth-source-backend + (format "Ignored Secrets API (%s)" source) + :source "" + :type 'ignore)))) + + ;; none of them + (t + (auth-source-do-warn + "auth-source-backend-parse: invalid backend spec: %S" entry) + (make-instance 'auth-source-backend + :source "" + :type 'ignore))))) + +(defun auth-source-backend-parse-parameters (entry backend) + "Fills in the extra auth-source-backend parameters of ENTRY. +Using the plist ENTRY, get the :host, :port, and :user search +parameters." + (let ((entry (if (stringp entry) + nil + entry)) + val) + (when (setq val (plist-get entry :host)) + (oset backend host val)) + (when (setq val (plist-get entry :user)) + (oset backend user val)) + (when (setq val (plist-get entry :port)) + (oset backend port val))) + backend) + +;; (mapcar 'auth-source-backend-parse auth-sources) + +(cl-defun auth-source-search (&rest spec + &key max require create delete + &allow-other-keys) + "Search or modify authentication backends according to SPEC. + +This function parses `auth-sources' for matches of the SPEC +plist. It can optionally create or update an authentication +token if requested. A token is just a standard Emacs property +list with a :secret property that can be a function; all the +other properties will always hold scalar values. + +Typically the :secret property, if present, contains a password. + +Common search keys are :max, :host, :port, and :user. In +addition, :create specifies if and how tokens will be created. +Finally, :type can specify which backend types you want to check. + +A string value is always matched literally. A symbol is matched +as its string value, literally. All the SPEC values can be +single values (symbol or string) or lists thereof (in which case +any of the search terms matches). + +:create t means to create a token if possible. + +A new token will be created if no matching tokens were found. +The new token will have only the keys the backend requires. For +the netrc backend, for instance, that's the user, host, and +port keys. + +Here's an example: + +\(let ((auth-source-creation-defaults \\='((user . \"defaultUser\") + (A . \"default A\")))) + (auth-source-search :host \"mine\" :type \\='netrc :max 1 + :P \"pppp\" :Q \"qqqq\" + :create t)) + +which says: + +\"Search for any entry matching host `mine' in backends of type + `netrc', maximum one result. + + Create a new entry if you found none. The netrc backend will + automatically require host, user, and port. The host will be + `mine'. We prompt for the user with default `defaultUser' and + for the port without a default. We will not prompt for A, Q, + or P. The resulting token will only have keys user, host, and + port.\" + +:create \\='(A B C) also means to create a token if possible. + +The behavior is like :create t but if the list contains any +parameter, that parameter will be required in the resulting +token. The value for that parameter will be obtained from the +search parameters or from user input. If any queries are needed, +the alist `auth-source-creation-defaults' will be checked for the +default value. If the user, host, or port are missing, the alist +`auth-source-creation-prompts' will be used to look up the +prompts IN THAT ORDER (so the `user' prompt will be queried first, +then `host', then `port', and finally `secret'). Each prompt string +can use %u, %h, and %p to show the user, host, and port. + +Here's an example: + +\(let ((auth-source-creation-defaults \\='((user . \"defaultUser\") + (A . \"default A\"))) + (auth-source-creation-prompts + \\='((password . \"Enter IMAP password for %h:%p: \")))) + (auth-source-search :host \\='(\"nonesuch\" \"twosuch\") :type \\='netrc :max 1 + :P \"pppp\" :Q \"qqqq\" + :create \\='(A B Q))) + +which says: + +\"Search for any entry matching host `nonesuch' + or `twosuch' in backends of type `netrc', maximum one result. + + Create a new entry if you found none. The netrc backend will + automatically require host, user, and port. The host will be + `nonesuch' and Q will be `qqqq'. We prompt for the password + with the shown prompt. We will not prompt for Q. The resulting + token will have keys user, host, port, A, B, and Q. It will not + have P with any value, even though P is used in the search to + find only entries that have P set to `pppp'.\" + +When multiple values are specified in the search parameter, the +user is prompted for which one. So :host (X Y Z) would ask the +user to choose between X, Y, and Z. + +This creation can fail if the search was not specific enough to +create a new token (it's up to the backend to decide that). You +should `catch' the backend-specific error as usual. Some +backends (netrc, at least) will prompt the user rather than throw +an error. + +:require (A B C) means that only results that contain those +tokens will be returned. Thus for instance requiring :secret +will ensure that any results will actually have a :secret +property. + +:delete t means to delete any found entries. nil by default. +Use `auth-source-delete' in ELisp code instead of calling +`auth-source-search' directly with this parameter. + +:type (X Y Z) will check only those backend types. `netrc' and +`secrets' are the only ones supported right now. + +:max N means to try to return at most N items (defaults to 1). +More than N items may be returned, depending on the search and +the backend. + +When :max is 0 the function will return just t or nil to indicate +if any matches were found. + +:host (X Y Z) means to match only hosts X, Y, or Z according to +the match rules above. Defaults to t. + +:user (X Y Z) means to match only users X, Y, or Z according to +the match rules above. Defaults to t. + +:port (P Q R) means to match only protocols P, Q, or R. +Defaults to t. + +:K (V1 V2 V3) for any other key K will match values V1, V2, or +V3 (note the match rules above). + +The return value is a list with at most :max tokens. Each token +is a plist with keys :backend :host :port :user, plus any other +keys provided by the backend (notably :secret). But note the +exception for :max 0, which see above. + +The token can hold a :save-function key. If you call that, the +user will be prompted to save the data to the backend. You can't +request that this should happen right after creation, because +`auth-source-search' has no way of knowing if the token is +actually useful. So the caller must arrange to call this function. + +The token's :secret key can hold a function. In that case you +must call it to obtain the actual value." + (let* ((backends (mapcar #'auth-source-backend-parse auth-sources)) + (max (or max 1)) + (ignored-keys '(:require :create :delete :max)) + (keys (cl-loop for i below (length spec) by 2 + unless (memq (nth i spec) ignored-keys) + collect (nth i spec))) + (cached (auth-source-remembered-p spec)) + ;; note that we may have cached results but found is still nil + ;; (there were no results from the search) + (found (auth-source-recall spec)) + filtered-backends) + + (if (and cached auth-source-do-cache) + (auth-source-do-debug + "auth-source-search: found %d CACHED results matching %S" + (length found) spec) + + (cl-assert + (or (eq t create) (listp create)) t + "Invalid auth-source :create parameter (must be t or a list): %s %s") + + (cl-assert + (listp require) t + "Invalid auth-source :require parameter (must be a list): %s") + + (setq filtered-backends (copy-sequence backends)) + (dolist (backend backends) + (cl-dolist (key keys) + ;; ignore invalid slots + (condition-case nil + (unless (auth-source-search-collection + (plist-get spec key) + (slot-value backend key)) + (setq filtered-backends (delq backend filtered-backends)) + (cl-return)) + (invalid-slot-name nil)))) + + (auth-source-do-trivia + "auth-source-search: found %d backends matching %S" + (length filtered-backends) spec) + + ;; (debug spec "filtered" filtered-backends) + ;; First go through all the backends without :create, so we can + ;; query them all. + (setq found (auth-source-search-backends filtered-backends + spec + ;; to exit early + max + ;; create is always nil here + nil delete + require)) + + (auth-source-do-debug + "auth-source-search: found %d results (max %d) matching %S" + (length found) max spec) + + ;; If we didn't find anything, then we allow the backend(s) to + ;; create the entries. + (when (and create + (not found)) + (setq found (auth-source-search-backends filtered-backends + spec + ;; to exit early + max + create delete + require)) + (auth-source-do-debug + "auth-source-search: CREATED %d results (max %d) matching %S" + (length found) max spec)) + + ;; note we remember the lack of result too, if it's applicable + (when auth-source-do-cache + (auth-source-remember spec found))) + + (if (zerop max) + (not (null found)) + found))) + +(defun auth-source-search-backends (backends spec max create delete require) + (let ((max (if (zerop max) 1 max)) ; stop with 1 match if we're asked for zero + matches) + (dolist (backend backends) + (when (> max (length matches)) ; if we need more matches... + (let* ((bmatches (apply + (slot-value backend 'search-function) + :backend backend + :type (slot-value backend 'type) + ;; note we're overriding whatever the spec + ;; has for :max, :require, :create, and :delete + :max max + :require require + :create create + :delete delete + spec))) + (when bmatches + (auth-source-do-trivia + "auth-source-search-backend: got %d (max %d) in %s:%s matching %S" + (length bmatches) max + (slot-value backend 'type) + (slot-value backend 'source) + spec) + (setq matches (append matches bmatches)))))) + matches)) + +;; (auth-source-search :max 0) +;; (auth-source-search :max 1) +;; (funcall (plist-get (nth 0 (auth-source-search :max 1)) :secret)) +;; (auth-source-search :host "nonesuch" :type 'netrc :K 1) +;; (auth-source-search :host "nonesuch" :type 'secrets) + +(defun auth-source-delete (&rest spec) + "Delete entries from the authentication backends according to SPEC. +Calls `auth-source-search' with the :delete property in SPEC set to t. +The backend may not actually delete the entries. + +Returns the deleted entries." + (auth-source-search (plist-put spec :delete t))) + +(defun auth-source-search-collection (collection value) + "Returns t is VALUE is t or COLLECTION is t or COLLECTION contains VALUE." + (when (and (atom collection) (not (eq t collection))) + (setq collection (list collection))) + + ;; (debug :collection collection :value value) + (or (eq collection t) + (eq value t) + (equal collection value) + (member value collection))) + +(defvar auth-source-netrc-cache nil) + +(defun auth-source-forget-all-cached () + "Forget all cached auth-source data." + (interactive) + (cl-do-symbols (sym password-data) + ;; when the symbol name starts with auth-source-magic + (when (string-match (concat "^" auth-source-magic) (symbol-name sym)) + ;; remove that key + (password-cache-remove (symbol-name sym)))) + (setq auth-source-netrc-cache nil)) + +(defun auth-source-format-cache-entry (spec) + "Format SPEC entry to put it in the password cache." + (concat auth-source-magic (format "%S" spec))) + +(defun auth-source-remember (spec found) + "Remember FOUND search results for SPEC." + (let ((password-cache-expiry auth-source-cache-expiry)) + (password-cache-add + (auth-source-format-cache-entry spec) found))) + +(defun auth-source-recall (spec) + "Recall FOUND search results for SPEC." + (password-read-from-cache (auth-source-format-cache-entry spec))) + +(defun auth-source-remembered-p (spec) + "Check if SPEC is remembered." + (password-in-cache-p + (auth-source-format-cache-entry spec))) + +(defun auth-source-forget (spec) + "Forget any cached data matching SPEC exactly. + +This is the same SPEC you passed to `auth-source-search'. +Returns t or nil for forgotten or not found." + (password-cache-remove (auth-source-format-cache-entry spec))) + +;; (loop for sym being the symbols of password-data when (string-match (concat "^" auth-source-magic) (symbol-name sym)) collect (symbol-name sym)) + +;; (auth-source-remember '(:host "wedd") '(4 5 6)) +;; (auth-source-remembered-p '(:host "wedd")) +;; (auth-source-remember '(:host "xedd") '(1 2 3)) +;; (auth-source-remembered-p '(:host "xedd")) +;; (auth-source-remembered-p '(:host "zedd")) +;; (auth-source-recall '(:host "xedd")) +;; (auth-source-recall '(:host t)) +;; (auth-source-forget+ :host t) + +(defun auth-source-forget+ (&rest spec) + "Forget any cached data matching SPEC. Returns forgotten count. + +This is not a full `auth-source-search' spec but works similarly. +For instance, \(:host \"myhost\" \"yourhost\") would find all the +cached data that was found with a search for those two hosts, +while \(:host t) would find all host entries." + (let ((count 0) + sname) + (cl-do-symbols (sym password-data) + ;; when the symbol name matches with auth-source-magic + (when (and (setq sname (symbol-name sym)) + (string-match (concat "^" auth-source-magic "\\(.+\\)") + sname) + ;; and the spec matches what was stored in the cache + (auth-source-specmatchp spec (read (match-string 1 sname)))) + ;; remove that key + (password-cache-remove sname) + (cl-incf count))) + count)) + +(defun auth-source-specmatchp (spec stored) + (let ((keys (cl-loop for i below (length spec) by 2 + collect (nth i spec)))) + (not (eq + (cl-dolist (key keys) + (unless (auth-source-search-collection (plist-get stored key) + (plist-get spec key)) + (cl-return 'no))) + 'no)))) + +;; (auth-source-pick-first-password :host "z.lifelogs.com") +;; (auth-source-pick-first-password :port "imap") +(defun auth-source-pick-first-password (&rest spec) + "Pick the first secret found from applying SPEC to `auth-source-search'." + (let* ((result (nth 0 (apply #'auth-source-search (plist-put spec :max 1)))) + (secret (plist-get result :secret))) + + (if (functionp secret) + (funcall secret) + secret))) + +;; (auth-source-format-prompt "test %u %h %p" '((?u "user") (?h "host"))) +(defun auth-source-format-prompt (prompt alist) + "Format PROMPT using %x (for any character x) specifiers in ALIST." + (dolist (cell alist) + (let ((c (nth 0 cell)) + (v (nth 1 cell))) + (when (and c v) + (setq prompt (replace-regexp-in-string (format "%%%c" c) + (format "%s" v) + prompt nil t))))) + prompt) + +(defun auth-source-ensure-strings (values) + (if (eq values t) + values + (unless (listp values) + (setq values (list values))) + (mapcar (lambda (value) + (if (numberp value) + (format "%s" value) + value)) + values))) + +;;; Backend specific parsing: netrc/authinfo backend + +(defun auth-source--aput-1 (alist key val) + (let ((seen ()) + (rest alist)) + (while (and (consp rest) (not (equal key (caar rest)))) + (push (pop rest) seen)) + (cons (cons key val) + (if (null rest) alist + (nconc (nreverse seen) + (if (equal key (caar rest)) (cdr rest) rest)))))) +(defmacro auth-source--aput (var key val) + `(setq ,var (auth-source--aput-1 ,var ,key ,val))) + +(defun auth-source--aget (alist key) + (cdr (assoc key alist))) + +;; (auth-source-netrc-parse :file "~/.authinfo.gpg") +(cl-defun auth-source-netrc-parse (&key file max host user port require + &allow-other-keys) + "Parse FILE and return a list of all entries in the file. +Note that the MAX parameter is used so we can exit the parse early." + (if (listp file) + ;; We got already parsed contents; just return it. + file + (when (file-exists-p file) + (setq port (auth-source-ensure-strings port)) + (with-temp-buffer + (let* ((max (or max 5000)) ; sanity check: default to stop at 5K + (modified 0) + (cached (cdr-safe (assoc file auth-source-netrc-cache))) + (cached-mtime (plist-get cached :mtime)) + (cached-secrets (plist-get cached :secret)) + (check (lambda(alist) + (and alist + (auth-source-search-collection + host + (or + (auth-source--aget alist "machine") + (auth-source--aget alist "host") + t)) + (auth-source-search-collection + user + (or + (auth-source--aget alist "login") + (auth-source--aget alist "account") + (auth-source--aget alist "user") + t)) + (auth-source-search-collection + port + (or + (auth-source--aget alist "port") + (auth-source--aget alist "protocol") + t)) + (or + ;; the required list of keys is nil, or + (null require) + ;; every element of require is in n(ormalized) + (let ((n (nth 0 (auth-source-netrc-normalize + (list alist) file)))) + (cl-loop for req in require + always (plist-get n req))))))) + result) + + (if (and (functionp cached-secrets) + (equal cached-mtime + (nth 5 (file-attributes file)))) + (progn + (auth-source-do-trivia + "auth-source-netrc-parse: using CACHED file data for %s" + file) + (insert (funcall cached-secrets))) + (insert-file-contents file) + ;; cache all netrc files (used to be just .gpg files) + ;; Store the contents of the file heavily encrypted in memory. + ;; (note for the irony-impaired: they are just obfuscated) + (auth-source--aput + auth-source-netrc-cache file + (list :mtime (nth 5 (file-attributes file)) + :secret (let ((v (mapcar #'1+ (buffer-string)))) + (lambda () (apply #'string (mapcar #'1- v))))))) + (goto-char (point-min)) + (let ((entries (auth-source-netrc-parse-entries check max)) + alist) + (while (setq alist (pop entries)) + (push (nreverse alist) result))) + + (when (< 0 modified) + (when auth-source-gpg-encrypt-to + ;; (see bug#7487) making `epa-file-encrypt-to' local to + ;; this buffer lets epa-file skip the key selection query + ;; (see the `local-variable-p' check in + ;; `epa-file-write-region'). + (unless (local-variable-p 'epa-file-encrypt-to (current-buffer)) + (make-local-variable 'epa-file-encrypt-to)) + (if (listp auth-source-gpg-encrypt-to) + (setq epa-file-encrypt-to auth-source-gpg-encrypt-to))) + + ;; ask AFTER we've successfully opened the file + (when (y-or-n-p (format "Save file %s? (%d deletions)" + file modified)) + (write-region (point-min) (point-max) file nil 'silent) + (auth-source-do-debug + "auth-source-netrc-parse: modified %d lines in %s" + modified file))) + + (nreverse result)))))) + +(defun auth-source-netrc-parse-next-interesting () + "Advance to the next interesting position in the current buffer." + ;; If we're looking at a comment or are at the end of the line, move forward + (while (or (looking-at "#") + (and (eolp) + (not (eobp)))) + (forward-line 1)) + (skip-chars-forward "\t ")) + +(defun auth-source-netrc-parse-one () + "Read one thing from the current buffer." + (auth-source-netrc-parse-next-interesting) + + (when (or (looking-at "'\\([^']*\\)'") + (looking-at "\"\\([^\"]*\\)\"") + (looking-at "\\([^ \t\n]+\\)")) + (forward-char (length (match-string 0))) + (auth-source-netrc-parse-next-interesting) + (match-string-no-properties 1))) + +;; with thanks to org-mode +(defsubst auth-source-current-line (&optional pos) + (save-excursion + (and pos (goto-char pos)) + ;; works also in narrowed buffer, because we start at 1, not point-min + (+ (if (bolp) 1 0) (count-lines 1 (point))))) + +(defun auth-source-netrc-parse-entries(check max) + "Parse up to MAX netrc entries, passed by CHECK, from the current buffer." + (let ((adder (lambda(check alist all) + (when (and + alist + (> max (length all)) + (funcall check alist)) + (push alist all)) + all)) + item item2 all alist default) + (while (setq item (auth-source-netrc-parse-one)) + (setq default (equal item "default")) + ;; We're starting a new machine. Save the old one. + (when (and alist + (or default + (equal item "machine"))) + ;; (auth-source-do-trivia + ;; "auth-source-netrc-parse-entries: got entry %S" alist) + (setq all (funcall adder check alist all) + alist nil)) + ;; In default entries, we don't have a next token. + ;; We store them as ("machine" . t) + (if default + (push (cons "machine" t) alist) + ;; Not a default entry. Grab the next item. + (when (setq item2 (auth-source-netrc-parse-one)) + ;; Did we get a "machine" value? + (if (equal item2 "machine") + (error + "%s: Unexpected `machine' token at line %d" + "auth-source-netrc-parse-entries" + (auth-source-current-line)) + (push (cons item item2) alist))))) + + ;; Clean up: if there's an entry left over, use it. + (when alist + (setq all (funcall adder check alist all)) + ;; (auth-source-do-trivia + ;; "auth-source-netrc-parse-entries: got2 entry %S" alist) + ) + (nreverse all))) + +(defvar auth-source-passphrase-alist nil) + +(defun auth-source-token-passphrase-callback-function (_context _key-id file) + (let* ((file (file-truename file)) + (entry (assoc file auth-source-passphrase-alist)) + passphrase) + ;; return the saved passphrase, calling a function if needed + (or (copy-sequence (if (functionp (cdr entry)) + (funcall (cdr entry)) + (cdr entry))) + (progn + (unless entry + (setq entry (list file)) + (push entry auth-source-passphrase-alist)) + (setq passphrase + (read-passwd + (format "Passphrase for %s tokens: " file) + t)) + (setcdr entry (let ((p (copy-sequence passphrase))) + (lambda () p))) + passphrase)))) + +;; (auth-source-epa-extract-gpg-token "gpg:LS0tLS1CRUdJTiBQR1AgTUVTU0FHRS0tLS0tClZlcnNpb246IEdudVBHIHYxLjQuMTEgKEdOVS9MaW51eCkKCmpBMEVBd01DT25qMjB1ak9rZnRneVI3K21iNm9aZWhuLzRad3cySkdlbnVaKzRpeEswWDY5di9icDI1U1dsQT0KPS9yc2wKLS0tLS1FTkQgUEdQIE1FU1NBR0UtLS0tLQo=" "~/.netrc") +(defun auth-source-epa-extract-gpg-token (secret file) + "Pass either the decoded SECRET or the gpg:BASE64DATA version. +FILE is the file from which we obtained this token." + (when (string-match "^gpg:\\(.+\\)" secret) + (setq secret (base64-decode-string (match-string 1 secret)))) + (let ((context (epg-make-context 'OpenPGP))) + (epg-context-set-passphrase-callback + context + (cons #'auth-source-token-passphrase-callback-function + file)) + (epg-decrypt-string context secret))) + +(defvar pp-escape-newlines) + +;; (insert (auth-source-epa-make-gpg-token "mysecret" "~/.netrc")) +(defun auth-source-epa-make-gpg-token (secret file) + (let ((context (epg-make-context 'OpenPGP)) + (pp-escape-newlines nil) + cipher) + (setf (epg-context-armor context) t) + (epg-context-set-passphrase-callback + context + (cons #'auth-source-token-passphrase-callback-function + file)) + (setq cipher (epg-encrypt-string context secret nil)) + (with-temp-buffer + (insert cipher) + (base64-encode-region (point-min) (point-max) t) + (concat "gpg:" (buffer-substring-no-properties + (point-min) + (point-max)))))) + +(defun auth-source--symbol-keyword (symbol) + (intern (format ":%s" symbol))) + +(defun auth-source-netrc-normalize (alist filename) + (mapcar (lambda (entry) + (let (ret item) + (while (setq item (pop entry)) + (let ((k (car item)) + (v (cdr item))) + + ;; apply key aliases + (setq k (cond ((member k '("machine")) "host") + ((member k '("login" "account")) "user") + ((member k '("protocol")) "port") + ((member k '("password")) "secret") + (t k))) + + ;; send back the secret in a function (lexical binding) + (when (equal k "secret") + (setq v (let ((lexv v) + (token-decoder nil)) + (when (string-match "^gpg:" lexv) + ;; it's a GPG token: create a token decoder + ;; which unsets itself once + (setq token-decoder + (lambda (val) + (prog1 + (auth-source-epa-extract-gpg-token + val + filename) + (setq token-decoder nil))))) + (lambda () + (when token-decoder + (setq lexv (funcall token-decoder lexv))) + lexv)))) + (setq ret (plist-put ret + (auth-source--symbol-keyword k) + v)))) + ret)) + alist)) + +;; (setq secret (plist-get (nth 0 (auth-source-search :host t :type 'netrc :K 1 :max 1)) :secret)) +;; (funcall secret) + +(cl-defun auth-source-netrc-search (&rest spec + &key backend require create + type max host user port + &allow-other-keys) + "Given a property list SPEC, return search matches from the :backend. +See `auth-source-search' for details on SPEC." + ;; just in case, check that the type is correct (null or same as the backend) + (cl-assert (or (null type) (eq type (oref backend type))) + t "Invalid netrc search: %s %s") + + (let ((results (auth-source-netrc-normalize + (auth-source-netrc-parse + :max max + :require require + :file (oref backend source) + :host (or host t) + :user (or user t) + :port (or port t)) + (oref backend source)))) + + ;; if we need to create an entry AND none were found to match + (when (and create + (not results)) + + ;; create based on the spec and record the value + (setq results (or + ;; if the user did not want to create the entry + ;; in the file, it will be returned + (apply (slot-value backend 'create-function) spec) + ;; if not, we do the search again without :create + ;; to get the updated data. + + ;; the result will be returned, even if the search fails + (apply #'auth-source-netrc-search + (plist-put spec :create nil))))) + results)) + +(defun auth-source-netrc-element-or-first (v) + (if (listp v) + (nth 0 v) + v)) + +;; (auth-source-search :host "nonesuch" :type 'netrc :max 1 :create t) +;; (auth-source-search :host "nonesuch" :type 'netrc :max 1 :create t :create-extra-keys '((A "default A") (B))) + +(cl-defun auth-source-netrc-create (&rest spec + &key backend host port create + &allow-other-keys) + (let* ((base-required '(host user port secret)) + ;; we know (because of an assertion in auth-source-search) that the + ;; :create parameter is either t or a list (which includes nil) + (create-extra (if (eq t create) nil create)) + (current-data (car (auth-source-search :max 1 + :host host + :port port))) + (required (append base-required create-extra)) + (file (oref backend source)) + (add "") + ;; `valist' is an alist + valist + ;; `artificial' will be returned if no creation is needed + artificial) + + ;; only for base required elements (defined as function parameters): + ;; fill in the valist with whatever data we may have from the search + ;; we complete the first value if it's a list and use the value otherwise + (dolist (br base-required) + (let ((val (plist-get spec (auth-source--symbol-keyword br)))) + (when val + (let ((br-choice (cond + ;; all-accepting choice (predicate is t) + ((eq t val) nil) + ;; just the value otherwise + (t val)))) + (when br-choice + (auth-source--aput valist br br-choice)))))) + + ;; for extra required elements, see if the spec includes a value for them + (dolist (er create-extra) + (let ((k (auth-source--symbol-keyword er)) + (keys (cl-loop for i below (length spec) by 2 + collect (nth i spec)))) + (when (memq k keys) + (auth-source--aput valist er (plist-get spec k))))) + + ;; for each required element + (dolist (r required) + (let* ((data (auth-source--aget valist r)) + ;; take the first element if the data is a list + (data (or (auth-source-netrc-element-or-first data) + (plist-get current-data + (auth-source--symbol-keyword r)))) + ;; this is the default to be offered + (given-default (auth-source--aget + auth-source-creation-defaults r)) + ;; the default supplementals are simple: + ;; for the user, try `given-default' and then (user-login-name); + ;; otherwise take `given-default' + (default (cond + ((and (not given-default) (eq r 'user)) + (user-login-name)) + (t given-default))) + (printable-defaults (list + (cons 'user + (or + (auth-source-netrc-element-or-first + (auth-source--aget valist 'user)) + (plist-get artificial :user) + "[any user]")) + (cons 'host + (or + (auth-source-netrc-element-or-first + (auth-source--aget valist 'host)) + (plist-get artificial :host) + "[any host]")) + (cons 'port + (or + (auth-source-netrc-element-or-first + (auth-source--aget valist 'port)) + (plist-get artificial :port) + "[any port]")))) + (prompt (or (auth-source--aget auth-source-creation-prompts r) + (cl-case r + (secret "%p password for %u@%h: ") + (user "%p user name for %h: ") + (host "%p host name for user %u: ") + (port "%p port for %u@%h: ")) + (format "Enter %s (%%u@%%h:%%p): " r))) + (prompt (auth-source-format-prompt + prompt + `((?u ,(auth-source--aget printable-defaults 'user)) + (?h ,(auth-source--aget printable-defaults 'host)) + (?p ,(auth-source--aget printable-defaults 'port)))))) + + ;; Store the data, prompting for the password if needed. + (setq data (or data + (if (eq r 'secret) + ;; Special case prompt for passwords. + ;; TODO: make the default (setq auth-source-netrc-use-gpg-tokens `((,(if (boundp 'epa-file-auto-mode-alist-entry) (car epa-file-auto-mode-alist-entry) "\\.gpg\\'") nil) (t gpg))) + ;; TODO: or maybe leave as (setq auth-source-netrc-use-gpg-tokens 'never) + (let* ((ep (format "Use GPG password tokens in %s?" file)) + (gpg-encrypt + (cond + ((eq auth-source-netrc-use-gpg-tokens 'never) + 'never) + ((listp auth-source-netrc-use-gpg-tokens) + (let ((check (copy-sequence + auth-source-netrc-use-gpg-tokens)) + item ret) + (while check + (setq item (pop check)) + (when (or (eq (car item) t) + (string-match (car item) file)) + (setq ret (cdr item)) + (setq check nil))) + ;; FIXME: `ret' unused. + ;; Should we return it here? + )) + (t 'never))) + (plain (or (eval default) (read-passwd prompt)))) + ;; ask if we don't know what to do (in which case + ;; auth-source-netrc-use-gpg-tokens must be a list) + (unless gpg-encrypt + (setq gpg-encrypt (if (y-or-n-p ep) 'gpg 'never)) + ;; TODO: save the defcustom now? or ask? + (setq auth-source-netrc-use-gpg-tokens + (cons `(,file ,gpg-encrypt) + auth-source-netrc-use-gpg-tokens))) + (if (eq gpg-encrypt 'gpg) + (auth-source-epa-make-gpg-token plain file) + plain)) + (if (stringp default) + (read-string (if (string-match ": *\\'" prompt) + (concat (substring prompt 0 (match-beginning 0)) + " (default " default "): ") + (concat prompt "(default " default ") ")) + nil nil default) + (eval default))))) + + (when data + (setq artificial (plist-put artificial + (auth-source--symbol-keyword r) + (if (eq r 'secret) + (let ((data data)) + (lambda () data)) + data)))) + + ;; When r is not an empty string... + (when (and (stringp data) + (< 0 (length data))) + ;; this function is not strictly necessary but I think it + ;; makes the code clearer -tzz + (let ((printer (lambda () + ;; append the key (the symbol name of r) + ;; and the value in r + (format "%s%s %s" + ;; prepend a space + (if (zerop (length add)) "" " ") + ;; remap auth-source tokens to netrc + (cl-case r + (user "login") + (host "machine") + (secret "password") + (port "port") ; redundant but clearer + (t (symbol-name r))) + (if (string-match "[\"# ]" data) + (format "%S" data) + data))))) + (setq add (concat add (funcall printer))))))) + + (plist-put + artificial + :save-function + (let ((file file) + (add add)) + (lambda () (auth-source-netrc-saver file add)))) + + (list artificial))) + +;;(funcall (plist-get (nth 0 (auth-source-search :host '("nonesuch2") :user "tzz" :port "imap" :create t :max 1)) :save-function)) +(defun auth-source-netrc-saver (file add) + "Save a line ADD in FILE, prompting along the way. +Respects `auth-source-save-behavior'. Uses +`auth-source-netrc-cache' to avoid prompting more than once." + (let* ((key (format "%s %s" file (rfc2104-hash 'md5 64 16 file add))) + (cached (assoc key auth-source-netrc-cache))) + + (if cached + (auth-source-do-trivia + "auth-source-netrc-saver: found previous run for key %s, returning" + key) + (with-temp-buffer + (when (file-exists-p file) + (insert-file-contents file)) + (when auth-source-gpg-encrypt-to + ;; (see bug#7487) making `epa-file-encrypt-to' local to + ;; this buffer lets epa-file skip the key selection query + ;; (see the `local-variable-p' check in + ;; `epa-file-write-region'). + (unless (local-variable-p 'epa-file-encrypt-to (current-buffer)) + (make-local-variable 'epa-file-encrypt-to)) + (if (listp auth-source-gpg-encrypt-to) + (setq epa-file-encrypt-to auth-source-gpg-encrypt-to))) + ;; we want the new data to be found first, so insert at beginning + (goto-char (point-min)) + + ;; Ask AFTER we've successfully opened the file. + (let ((prompt (format "Save auth info to file %s? " file)) + (done (not (eq auth-source-save-behavior 'ask))) + (bufname "*auth-source Help*") + k) + (while (not done) + (setq k (auth-source-read-char-choice prompt '(?y ?n ?N ?e ??))) + (cl-case k + (?y (setq done t)) + (?? (save-excursion + (with-output-to-temp-buffer bufname + (princ + (concat "(y)es, save\n" + "(n)o but use the info\n" + "(N)o and don't ask to save again\n" + "(e)dit the line\n" + "(?) for help as you can see.\n")) + ;; Why? Doesn't with-output-to-temp-buffer already do + ;; the exact same thing anyway? --Stef + (set-buffer standard-output) + (help-mode)))) + (?n (setq add "" + done t)) + (?N + (setq add "" + done t) + (customize-save-variable 'auth-source-save-behavior nil)) + (?e (setq add (read-string "Line to add: " add))) + (t nil))) + + (when (get-buffer-window bufname) + (delete-window (get-buffer-window bufname))) + + ;; Make sure the info is not saved. + (when (null auth-source-save-behavior) + (setq add "")) + + (when (< 0 (length add)) + (progn + (unless (bolp) + (insert "\n")) + (insert add "\n") + (write-region (point-min) (point-max) file nil 'silent) + ;; Make the .authinfo file non-world-readable. + (set-file-modes file #o600) + (auth-source-do-debug + "auth-source-netrc-create: wrote 1 new line to %s" + file) + (message "Saved new authentication information to %s" file) + nil)))) + (auth-source--aput auth-source-netrc-cache key "ran")))) + +;;; Backend specific parsing: Secrets API backend + +;; (let ((auth-sources '(default))) (auth-source-search :max 1 :create t)) +;; (let ((auth-sources '(default))) (auth-source-search :max 1 :delete t)) +;; (let ((auth-sources '(default))) (auth-source-search :max 1)) +;; (let ((auth-sources '(default))) (auth-source-search)) +;; (let ((auth-sources '("secrets:Login"))) (auth-source-search :max 1)) +;; (let ((auth-sources '("secrets:Login"))) (auth-source-search :max 1 :signon_realm "https://git.gnus.org/Git")) + +(defun auth-source-secrets-listify-pattern (pattern) + "Convert a pattern with lists to a list of string patterns. + +auth-source patterns can have values of the form :foo (\"bar\" +\"qux\"), which means to match any secret with :foo equal to +\"bar\" or :foo equal to \"qux\". The secrets backend supports +only string values for patterns, so this routine returns a list +of patterns that is equivalent to the single original pattern +when interpreted such that if a secret matches any pattern in the +list, it matches the original pattern." + (if (null pattern) + '(nil) + (let* ((key (pop pattern)) + (value (pop pattern)) + (tails (auth-source-secrets-listify-pattern pattern)) + (heads (if (stringp value) + (list (list key value)) + (mapcar (lambda (v) (list key v)) value)))) + (cl-loop for h in heads + nconc (cl-loop for tl in tails collect (append h tl)))))) + +(cl-defun auth-source-secrets-search (&rest spec + &key backend create delete label max + &allow-other-keys) + "Search the Secrets API; spec is like `auth-source'. + +The :label key specifies the item's label. It is the only key +that can specify a substring. Any :label value besides a string +will allow any label. + +All other search keys must match exactly. If you need substring +matching, do a wider search and narrow it down yourself. + +You'll get back all the properties of the token as a plist. + +Here's an example that looks for the first item in the `Login' +Secrets collection: + + (let ((auth-sources \\='(\"secrets:Login\"))) + (auth-source-search :max 1) + +Here's another that looks for the first item in the `Login' +Secrets collection whose label contains `gnus': + + (let ((auth-sources \\='(\"secrets:Login\"))) + (auth-source-search :max 1 :label \"gnus\") + +And this one looks for the first item in the `Login' Secrets +collection that's a Google Chrome entry for the git.gnus.org site +authentication tokens: + + (let ((auth-sources \\='(\"secrets:Login\"))) + (auth-source-search :max 1 :signon_realm \"https://git.gnus.org/Git\")) +" + + ;; TODO + (cl-assert (not create) nil + "The Secrets API auth-source backend doesn't support creation yet") + ;; TODO + ;; (secrets-delete-item coll elt) + (cl-assert (not delete) nil + "The Secrets API auth-source backend doesn't support deletion yet") + + (let* ((coll (oref backend source)) + (max (or max 5000)) ; sanity check: default to stop at 5K + (ignored-keys '(:create :delete :max :backend :label :require :type)) + (search-keys (cl-loop for i below (length spec) by 2 + unless (memq (nth i spec) ignored-keys) + collect (nth i spec))) + ;; build a search spec without the ignored keys + ;; if a search key is nil or t (match anything), we skip it + (search-specs (auth-source-secrets-listify-pattern + (apply #'append (mapcar + (lambda (k) + (if (or (null (plist-get spec k)) + (eq t (plist-get spec k))) + nil + (list k (plist-get spec k)))) + search-keys)))) + ;; needed keys (always including host, login, port, and secret) + (returned-keys (delete-dups (append + '(:host :login :port :secret) + search-keys))) + (items + (cl-loop + for search-spec in search-specs + nconc + (cl-loop for item in (apply #'secrets-search-items coll search-spec) + unless (and (stringp label) + (not (string-match label item))) + collect item))) + ;; TODO: respect max in `secrets-search-items', not after the fact + (items (butlast items (- (length items) max))) + ;; convert the item name to a full plist + (items (mapcar (lambda (item) + (append + ;; make an entry for the secret (password) element + (list + :secret + (let ((v (secrets-get-secret coll item))) + (lambda () v))) + ;; rewrite the entry from ((k1 v1) (k2 v2)) to plist + (apply #'append + (mapcar (lambda (entry) + (list (car entry) (cdr entry))) + (secrets-get-attributes coll item))))) + items)) + ;; ensure each item has each key in `returned-keys' + (items (mapcar (lambda (plist) + (append + (apply #'append + (mapcar (lambda (req) + (if (plist-get plist req) + nil + (list req nil))) + returned-keys)) + plist)) + items))) + items)) + +(defun auth-source-secrets-create (&rest spec) + ;; TODO + ;; (apply 'secrets-create-item (auth-get-source entry) name passwd spec) + (debug spec)) + +;;; Backend specific parsing: Mac OS Keychain (using /usr/bin/security) backend + +;; (let ((auth-sources '(macos-keychain-internet))) (auth-source-search :max 1 :create t)) +;; (let ((auth-sources '(macos-keychain-internet))) (auth-source-search :max 1 :delete t)) +;; (let ((auth-sources '(macos-keychain-internet))) (auth-source-search :max 1)) +;; (let ((auth-sources '(macos-keychain-internet))) (auth-source-search)) + +;; (let ((auth-sources '(macos-keychain-generic))) (auth-source-search :max 1 :create t)) +;; (let ((auth-sources '(macos-keychain-generic))) (auth-source-search :max 1 :delete t)) +;; (let ((auth-sources '(macos-keychain-generic))) (auth-source-search :max 1)) +;; (let ((auth-sources '(macos-keychain-generic))) (auth-source-search)) + +;; (let ((auth-sources '("macos-keychain-internet:/Users/tzz/Library/Keychains/login.keychain"))) (auth-source-search :max 1)) +;; (let ((auth-sources '("macos-keychain-generic:Login"))) (auth-source-search :max 1 :host "git.gnus.org")) +;; (let ((auth-sources '("macos-keychain-generic:Login"))) (auth-source-search :max 1)) + +(cl-defun auth-source-macos-keychain-search (&rest spec + &key backend create delete type max + &allow-other-keys) - "Search the MacOS Keychain; spec is like `auth-source'. ++ "Search the macOS Keychain; spec is like `auth-source'. + +All search keys must match exactly. If you need substring +matching, do a wider search and narrow it down yourself. + +You'll get back all the properties of the token as a plist. + +The :type key is either `macos-keychain-internet' or +`macos-keychain-generic'. + +For the internet keychain type, the :label key searches the +item's labels (\"-l LABEL\" passed to \"/usr/bin/security\"). +Similarly, :host maps to \"-s HOST\", :user maps to \"-a USER\", +and :port maps to \"-P PORT\" or \"-r PROT\" +\(note PROT has to be a 4-character string). + +For the generic keychain type, the :label key searches the item's +labels (\"-l LABEL\" passed to \"/usr/bin/security\"). +Similarly, :host maps to \"-c HOST\" (the \"creator\" keychain +field), :user maps to \"-a USER\", and :port maps to \"-s PORT\". + +Here's an example that looks for the first item in the default - generic MacOS Keychain: ++generic macOS Keychain: + + (let ((auth-sources \\='(macos-keychain-generic))) + (auth-source-search :max 1) + +Here's another that looks for the first item in the internet - MacOS Keychain collection whose label is `gnus': ++macOS Keychain collection whose label is `gnus': + + (let ((auth-sources \\='(macos-keychain-internet))) + (auth-source-search :max 1 :label \"gnus\") + +And this one looks for the first item in the internet keychain +entries for git.gnus.org: + + (let ((auth-sources \\='(macos-keychain-internet\"))) + (auth-source-search :max 1 :host \"git.gnus.org\")) +" + ;; TODO + (cl-assert (not create) nil - "The MacOS Keychain auth-source backend doesn't support creation yet") ++ "The macOS Keychain auth-source backend doesn't support creation yet") + ;; TODO + ;; (macos-keychain-delete-item coll elt) + (cl-assert (not delete) nil - "The MacOS Keychain auth-source backend doesn't support deletion yet") ++ "The macOS Keychain auth-source backend doesn't support deletion yet") + + (let* ((coll (oref backend source)) + (max (or max 5000)) ; sanity check: default to stop at 5K + ;; Filter out ignored keys from the spec + (ignored-keys '(:create :delete :max :backend :label :host :port)) + ;; Build a search spec without the ignored keys + ;; FIXME make this loop a function? it's used in at least 3 places + (search-keys (cl-loop for i below (length spec) by 2 + unless (memq (nth i spec) ignored-keys) + collect (nth i spec))) + ;; If a search key value is nil or t (match anything), we skip it + (search-spec (apply #'append (mapcar + (lambda (k) + (if (or (null (plist-get spec k)) + (eq t (plist-get spec k))) + nil + (list k (plist-get spec k)))) + search-keys))) + ;; needed keys (always including host, login, port, and secret) + (returned-keys (delete-dups (append + '(:host :login :port :secret) + search-keys))) + ;; Extract host and port from spec + (hosts (plist-get spec :host)) + (hosts (if (and hosts (listp hosts)) hosts `(,hosts))) + (ports (plist-get spec :port)) + (ports (if (and ports (listp ports)) ports `(,ports))) + ;; Loop through all combinations of host/port and pass each of these to + ;; auth-source-macos-keychain-search-items + (items (catch 'match + (dolist (host hosts) + (dolist (port ports) + (let* ((port (if port (format "%S" port))) + (items (apply #'auth-source-macos-keychain-search-items + coll + type + max + host port + search-spec))) + (when items + (throw 'match items))))))) + + ;; ensure each item has each key in `returned-keys' + (items (mapcar (lambda (plist) + (append + (apply #'append + (mapcar (lambda (req) + (if (plist-get plist req) + nil + (list req nil))) + returned-keys)) + plist)) + items))) + items)) + + +(defun auth-source--decode-octal-string (string) + "Convert octal string to utf-8 string. E.g: 'a\134b' to 'a\b'" + (let ((list (string-to-list string)) + (size (length string))) + (decode-coding-string + (apply #'unibyte-string + (cl-loop for i = 0 then (+ i (if (eq (nth i list) ?\\) 4 1)) + for var = (nth i list) + while (< i size) + if (eq var ?\\) + collect (string-to-number + (concat (cl-subseq list (+ i 1) (+ i 4))) 8) + else + collect var)) + 'utf-8))) + +(cl-defun auth-source-macos-keychain-search-items (coll _type _max host port + &key label type user + &allow-other-keys) + (let* ((keychain-generic (eq type 'macos-keychain-generic)) + (args `(,(if keychain-generic + "find-generic-password" + "find-internet-password") + "-g")) + (ret (list :type type))) + (when label + (setq args (append args (list "-l" label)))) + (when host + (setq args (append args (list (if keychain-generic "-c" "-s") host)))) + (when user + (setq args (append args (list "-a" user)))) + + (when port + (if keychain-generic + (setq args (append args (list "-s" port))) + (setq args (append args (list + (if (string-match "[0-9]+" port) "-P" "-r") + port))))) + + (unless (equal coll "default") + (setq args (append args (list coll)))) + + (with-temp-buffer + (apply #'call-process "/usr/bin/security" nil t nil args) + (goto-char (point-min)) + (while (not (eobp)) + (cond + ((looking-at "^password: \\(?:0x[0-9A-F]+\\)? *\"\\(.+\\)\"") + (setq ret (auth-source-macos-keychain-result-append + ret + keychain-generic + "secret" + (let ((v (auth-source--decode-octal-string + (match-string 1)))) + (lambda () v))))) + ;; TODO: check if this is really the label + ;; match 0x00000007 ="AppleID" + ((looking-at + "^[ ]+0x00000007 =\\(?:0x[0-9A-F]+\\)? *\"\\(.+\\)\"") + (setq ret (auth-source-macos-keychain-result-append + ret + keychain-generic + "label" + (auth-source--decode-octal-string (match-string 1))))) + ;; match "crtr"="aapl" + ;; match "svce"="AppleID" + ((looking-at + "^[ ]+\"\\([a-z]+\\)\"[^=]+=\\(?:0x[0-9A-F]+\\)? *\"\\(.+\\)\"") + (setq ret (auth-source-macos-keychain-result-append + ret + keychain-generic + (auth-source--decode-octal-string (match-string 1)) + (auth-source--decode-octal-string (match-string 2)))))) + (forward-line))) + ;; return `ret' iff it has the :secret key + (and (plist-get ret :secret) (list ret)))) + +(defun auth-source-macos-keychain-result-append (result generic k v) + (push v result) + (push (auth-source--symbol-keyword + (cond + ((equal k "acct") "user") + ;; for generic keychains, creator is host, service is port + ((and generic (equal k "crtr")) "host") + ((and generic (equal k "svce")) "port") + ;; for internet keychains, protocol is port, server is host + ((and (not generic) (equal k "ptcl")) "port") + ((and (not generic) (equal k "srvr")) "host") + (t k))) + result)) + +(defun auth-source-macos-keychain-create (&rest spec) + ;; TODO + (debug spec)) + +;;; Backend specific parsing: PLSTORE backend + +(cl-defun auth-source-plstore-search (&rest spec + &key backend create delete max + &allow-other-keys) + "Search the PLSTORE; spec is like `auth-source'." + (let* ((store (oref backend data)) + (max (or max 5000)) ; sanity check: default to stop at 5K + (ignored-keys '(:create :delete :max :backend :label :require :type)) + (search-keys (cl-loop for i below (length spec) by 2 + unless (memq (nth i spec) ignored-keys) + collect (nth i spec))) + ;; build a search spec without the ignored keys + ;; if a search key is nil or t (match anything), we skip it + (search-spec (apply #'append (mapcar + (lambda (k) + (let ((v (plist-get spec k))) + (if (or (null v) + (eq t v)) + nil + (if (stringp v) + (setq v (list v))) + (list k v)))) + search-keys))) + ;; needed keys (always including host, login, port, and secret) + (returned-keys (delete-dups (append + '(:host :login :port :secret) + search-keys))) + (items (plstore-find store search-spec)) + (item-names (mapcar #'car items)) + (items (butlast items (- (length items) max))) + ;; convert the item to a full plist + (items (mapcar (lambda (item) + (let* ((plist (copy-tree (cdr item))) + (secret (plist-member plist :secret))) + (if secret + (setcar + (cdr secret) + (let ((v (car (cdr secret)))) + (lambda () v)))) + plist)) + items)) + ;; ensure each item has each key in `returned-keys' + (items (mapcar (lambda (plist) + (append + (apply #'append + (mapcar (lambda (req) + (if (plist-get plist req) + nil + (list req nil))) + returned-keys)) + plist)) + items))) + (cond + ;; if we need to create an entry AND none were found to match + ((and create + (not items)) + + ;; create based on the spec and record the value + (setq items (or + ;; if the user did not want to create the entry + ;; in the file, it will be returned + (apply (slot-value backend 'create-function) spec) + ;; if not, we do the search again without :create + ;; to get the updated data. + + ;; the result will be returned, even if the search fails + (apply #'auth-source-plstore-search + (plist-put spec :create nil))))) + ((and delete + item-names) + (dolist (item-name item-names) + (plstore-delete store item-name)) + (plstore-save store))) + items)) + +(cl-defun auth-source-plstore-create (&rest spec + &key backend host port create + &allow-other-keys) + (let* ((base-required '(host user port secret)) + (base-secret '(secret)) + ;; we know (because of an assertion in auth-source-search) that the + ;; :create parameter is either t or a list (which includes nil) + (create-extra (if (eq t create) nil create)) + (current-data (car (auth-source-search :max 1 + :host host + :port port))) + (required (append base-required create-extra)) + ;; `valist' is an alist + valist + ;; `artificial' will be returned if no creation is needed + artificial + secret-artificial) + + ;; only for base required elements (defined as function parameters): + ;; fill in the valist with whatever data we may have from the search + ;; we complete the first value if it's a list and use the value otherwise + (dolist (br base-required) + (let ((val (plist-get spec (auth-source--symbol-keyword br)))) + (when val + (let ((br-choice (cond + ;; all-accepting choice (predicate is t) + ((eq t val) nil) + ;; just the value otherwise + (t val)))) + (when br-choice + (auth-source--aput valist br br-choice)))))) + + ;; for extra required elements, see if the spec includes a value for them + (dolist (er create-extra) + (let ((k (auth-source--symbol-keyword er)) + (keys (cl-loop for i below (length spec) by 2 + collect (nth i spec)))) + (when (memq k keys) + (auth-source--aput valist er (plist-get spec k))))) + + ;; for each required element + (dolist (r required) + (let* ((data (auth-source--aget valist r)) + ;; take the first element if the data is a list + (data (or (auth-source-netrc-element-or-first data) + (plist-get current-data + (auth-source--symbol-keyword r)))) + ;; this is the default to be offered + (given-default (auth-source--aget + auth-source-creation-defaults r)) + ;; the default supplementals are simple: + ;; for the user, try `given-default' and then (user-login-name); + ;; otherwise take `given-default' + (default (cond + ((and (not given-default) (eq r 'user)) + (user-login-name)) + (t given-default))) + (printable-defaults (list + (cons 'user + (or + (auth-source-netrc-element-or-first + (auth-source--aget valist 'user)) + (plist-get artificial :user) + "[any user]")) + (cons 'host + (or + (auth-source-netrc-element-or-first + (auth-source--aget valist 'host)) + (plist-get artificial :host) + "[any host]")) + (cons 'port + (or + (auth-source-netrc-element-or-first + (auth-source--aget valist 'port)) + (plist-get artificial :port) + "[any port]")))) + (prompt (or (auth-source--aget auth-source-creation-prompts r) + (cl-case r + (secret "%p password for %u@%h: ") + (user "%p user name for %h: ") + (host "%p host name for user %u: ") + (port "%p port for %u@%h: ")) + (format "Enter %s (%%u@%%h:%%p): " r))) + (prompt (auth-source-format-prompt + prompt + `((?u ,(auth-source--aget printable-defaults 'user)) + (?h ,(auth-source--aget printable-defaults 'host)) + (?p ,(auth-source--aget printable-defaults 'port)))))) + + ;; Store the data, prompting for the password if needed. + (setq data (or data + (if (eq r 'secret) + (or (eval default) (read-passwd prompt)) + (if (stringp default) + (read-string + (if (string-match ": *\\'" prompt) + (concat (substring prompt 0 (match-beginning 0)) + " (default " default "): ") + (concat prompt "(default " default ") ")) + nil nil default) + (eval default))))) + + (when data + (if (member r base-secret) + (setq secret-artificial + (plist-put secret-artificial + (auth-source--symbol-keyword r) + data)) + (setq artificial (plist-put artificial + (auth-source--symbol-keyword r) + data)))))) + (plstore-put (oref backend data) + (sha1 (format "%s@%s:%s" + (plist-get artificial :user) + (plist-get artificial :host) + (plist-get artificial :port))) + artificial secret-artificial) + (if (y-or-n-p (format "Save auth info to file %s? " + (plstore-get-file (oref backend data)))) + (plstore-save (oref backend data))))) + +;;; older API + +;; (auth-source-user-or-password '("login" "password") "imap.myhost.com" t "tzz") + +;; deprecate the old interface +(make-obsolete 'auth-source-user-or-password + 'auth-source-search "Emacs 24.1") +(make-obsolete 'auth-source-forget-user-or-password + 'auth-source-forget "Emacs 24.1") + +(defun auth-source-user-or-password + (mode host port &optional username create-missing delete-existing) + "Find MODE (string or list of strings) matching HOST and PORT. + +DEPRECATED in favor of `auth-source-search'! + +USERNAME is optional and will be used as \"login\" in a search +across the Secret Service API (see secrets.el) if the resulting +items don't have a username. This means that if you search for +username \"joe\" and it matches an item but the item doesn't have +a :user attribute, the username \"joe\" will be returned. + +A non nil DELETE-EXISTING means deleting any matching password +entry in the respective sources. This is useful only when +CREATE-MISSING is non nil as well; the intended use case is to +remove wrong password entries. + +If no matching entry is found, and CREATE-MISSING is non nil, +the password will be retrieved interactively, and it will be +stored in the password database which matches best (see +`auth-sources'). + +MODE can be \"login\" or \"password\"." + (auth-source-do-debug + "auth-source-user-or-password: DEPRECATED get %s for %s (%s) + user=%s" + mode host port username) + + (let* ((listy (listp mode)) + (mode (if listy mode (list mode))) + ;; (cname (if username + ;; (format "%s %s:%s %s" mode host port username) + ;; (format "%s %s:%s" mode host port))) + (search (list :host host :port port)) + (search (if username (append search (list :user username)) search)) + (search (if create-missing + (append search (list :create t)) + search)) + (search (if delete-existing + (append search (list :delete t)) + search)) + ;; (found (if (not delete-existing) + ;; (gethash cname auth-source-cache) + ;; (remhash cname auth-source-cache) + ;; nil))) + (found nil)) + (if found + (progn + (auth-source-do-debug + "auth-source-user-or-password: DEPRECATED cached %s=%s for %s (%s) + %s" + mode + ;; don't show the password + (if (and (member "password" mode) t) + "SECRET" + found) + host port username) + found) ; return the found data + ;; else, if not found, search with a max of 1 + (let ((choice (nth 0 (apply #'auth-source-search + (append '(:max 1) search))))) + (when choice + (dolist (m mode) + (cond + ((equal "password" m) + (push (if (plist-get choice :secret) + (funcall (plist-get choice :secret)) + nil) found)) + ((equal "login" m) + (push (plist-get choice :user) found))))) + (setq found (nreverse found)) + (setq found (if listy found (car-safe found))))) + + found)) + +(defun auth-source-user-and-password (host &optional user) + (let* ((auth-info (car + (if user + (auth-source-search + :host host + :user "yourusername" + :max 1 + :require '(:user :secret) + :create nil) + (auth-source-search + :host host + :max 1 + :require '(:user :secret) + :create nil)))) + (user (plist-get auth-info :user)) + (password (plist-get auth-info :secret))) + (when (functionp password) + (setq password (funcall password))) + (list user password auth-info))) + +(provide 'auth-source) + +;;; auth-source.el ends here diff --cc lisp/ls-lisp.el index 11cbea0b373,41587bfe144..8395622546d --- a/lisp/ls-lisp.el +++ b/lisp/ls-lisp.el @@@ -72,10 -72,10 +72,10 @@@ (defcustom ls-lisp-emulation (cond ;; ((eq system-type 'windows-nt) 'MS-Windows) - ((memq system-type '(hpux usg-unix-v irix berkeley-unix)) + ((memq system-type '(hpux usg-unix-v berkeley-unix)) 'UNIX)) ; very similar to GNU ;; Anything else defaults to nil, meaning GNU. - "Platform to emulate: GNU (default), MacOS, MS-Windows, UNIX. + "Platform to emulate: GNU (default), macOS, MS-Windows, UNIX. Corresponding value is one of: nil, `MacOS', `MS-Windows', `UNIX'. Set this to your preferred value; it need not match the actual platform you are using. diff --cc lisp/net/tramp-sh.el index 9496ebf7563,842b1ce2880..f44a4d37e78 --- a/lisp/net/tramp-sh.el +++ b/lisp/net/tramp-sh.el @@@ -4105,32 -4243,41 +4105,32 @@@ process to set up. VEC specifies the c ;; CCC this can't be the right way to do it. Hm. (tramp-message vec 5 "Determining coding system") (with-current-buffer (process-buffer proc) - (if (featurep 'mule) - ;; Use MULE to select the right EOL convention for - ;; communicating with the process. - (let ((cs (or (and (memq 'utf-8 (coding-system-list)) - (string-match "utf-?8" (tramp-get-remote-locale vec)) - (cons 'utf-8 'utf-8)) - (tramp-compat-funcall 'process-coding-system proc) - (cons 'undecided 'undecided))) - cs-decode cs-encode) - (when (symbolp cs) (setq cs (cons cs cs))) - (setq cs-decode (or (car cs) 'undecided) - cs-encode (or (cdr cs) 'undecided)) - (setq cs-encode - (tramp-compat-coding-system-change-eol-conversion - cs-encode (if (string-match "^Darwin" uname) 'mac 'unix))) - (tramp-send-command vec "echo foo ; echo bar" t) - (goto-char (point-min)) - (when (search-forward "\r" nil t) - (setq cs-decode (tramp-compat-coding-system-change-eol-conversion - cs-decode 'dos))) - ;; Special setting for macOS. - (when (and (string-match "^Darwin" uname) - (memq 'utf-8-hfs (coding-system-list))) - (setq cs-decode 'utf-8-hfs - cs-encode 'utf-8-hfs)) - (tramp-compat-funcall - 'set-buffer-process-coding-system cs-decode cs-encode) - (tramp-message - vec 5 "Setting coding system to `%s' and `%s'" cs-decode cs-encode)) - ;; Look for ^M and do something useful if found. - (when (search-forward "\r" nil t) - ;; We have found a ^M but cannot frob the process coding - ;; system because we're running on a non-MULE Emacs. Let's - ;; try stty, instead. - (tramp-send-command vec "stty -onlcr" t)))) + ;; Use MULE to select the right EOL convention for communicating + ;; with the process. + (let ((cs (or (and (memq 'utf-8 (coding-system-list)) + (string-match "utf-?8" (tramp-get-remote-locale vec)) + (cons 'utf-8 'utf-8)) + (process-coding-system proc) + (cons 'undecided 'undecided))) + cs-decode cs-encode) + (when (symbolp cs) (setq cs (cons cs cs))) + (setq cs-decode (or (car cs) 'undecided) + cs-encode (or (cdr cs) 'undecided) + cs-encode + (coding-system-change-eol-conversion + cs-encode (if (string-match "^Darwin" uname) 'mac 'unix))) + (tramp-send-command vec "echo foo ; echo bar" t) + (goto-char (point-min)) + (when (search-forward "\r" nil t) + (setq cs-decode (coding-system-change-eol-conversion cs-decode 'dos))) - ;; Special setting for Mac OS X. ++ ;; Special setting for macOS. + (when (and (string-match "^Darwin" uname) + (memq 'utf-8-hfs (coding-system-list))) + (setq cs-decode 'utf-8-hfs + cs-encode 'utf-8-hfs)) + (set-buffer-process-coding-system cs-decode cs-encode) + (tramp-message + vec 5 "Setting coding system to `%s' and `%s'" cs-decode cs-encode))) (tramp-send-command vec "set +o vi +o emacs" t) diff --cc lisp/net/tramp.el index e9697ff2e1e,5d8081cd815..60199d2047e --- a/lisp/net/tramp.el +++ b/lisp/net/tramp.el @@@ -977,11 -1015,10 +977,11 @@@ in the third line of the code Please raise a bug report via \"M-x tramp-bug\" if your system needs this variable to be set as well." :group 'tramp - :type '(choice (const nil) integer)) + :type '(choice (const nil) integer) + :require 'tramp) ;; Logging in to a remote host normally requires obtaining a pty. But - ;; Emacs on MacOS X has process-connection-type set to nil by default, + ;; Emacs on macOS has process-connection-type set to nil by default, ;; so on those systems Tramp doesn't obtain a pty. Here, we allow ;; for an override of the system default. (defcustom tramp-process-connection-type t diff --cc src/nsterm.m index 1b44a73cd8b,4f99a13c44e..7e6ec85abf1 --- a/src/nsterm.m +++ b/src/nsterm.m @@@ -3879,10 -3937,10 +3879,10 @@@ ns_send_appdefined (int value #ifdef NS_IMPL_COCOA if (! send_appdefined) { - /* OSX 10.10.1 swallows the AppDefined event we are sending ourselves + /* OS X 10.10.1 swallows the AppDefined event we are sending ourselves in certain situations (rapid incoming events). So check if we have one, if not add one. */ - NSEvent *appev = [NSApp nextEventMatchingMask:NSApplicationDefinedMask + NSEvent *appev = [NSApp nextEventMatchingMask:NSEventMaskApplicationDefined untilDate:[NSDate distantPast] inMode:NSDefaultRunLoopMode dequeue:NO]; @@@ -5187,10 -5245,10 +5187,10 @@@ ns_term_shutdown (int sig #ifdef NS_IMPL_COCOA /* If no dialog and none of our frames have focus and it is a move, skip it. - It is a mouse move in an auxiliary menu, i.e. on the top right on OSX, + It is a mouse move in an auxiliary menu, i.e. on the top right on macOS, such as Wifi, sound, date or similar. This prevents "spooky" highlighting in the frame under the menu. */ - if (type == NSMouseMoved && [NSApp modalWindow] == nil) + if (type == NSEventTypeMouseMoved && [NSApp modalWindow] == nil) { struct ns_display_info *di; BOOL has_focus = NO; @@@ -5722,10 -5784,10 +5722,10 @@@ not_in_argv (NSString *arg NSTRACE ("[EmacsView keyDown:]"); - /* Rhapsody and OS X give up and down events for the arrow keys */ + /* Rhapsody and macOS give up and down events for the arrow keys */ if (ns_fake_keydown == YES) ns_fake_keydown = NO; - else if ([theEvent type] != NSKeyDown) + else if ([theEvent type] != NSEventTypeKeyDown) return; if (!emacs_event)