From 893111f48abd504208408904ea54bc487641756d Mon Sep 17 00:00:00 2001
From: Lars Ingebrigtsen <larsi@gnus.org>
Date: Sat, 21 Sep 2019 12:03:55 +0200
Subject: [PATCH] Hide passwords in .authinfo and .netrc files

* lisp/auth-source.el (authinfo-mode): New mode (bug#28785).
(authinfo--hide-passwords, authinfo--toggle-display): New functions.

* lisp/files.el (auto-mode-alist): Use authinfo-mode for .authinfo
and .netrc files.
---
 etc/NEWS            |  5 +++++
 lisp/auth-source.el | 32 ++++++++++++++++++++++++++++++++
 lisp/files.el       |  1 +
 3 files changed, 38 insertions(+)

diff --git a/etc/NEWS b/etc/NEWS
index 02fe93a782d..82b8506ae0c 100644
--- a/etc/NEWS
+++ b/etc/NEWS
@@ -1488,6 +1488,11 @@ To recover the previous behavior, set new user option
 ---
 *** The Secret Service backend supports the ':create' key now.
 
+*** .authinfo and .netrc files now use a new mode: 'authinfo-mode'.
+This is just like 'fundamental-mode', except that it hides passwords
+under a "****" display property.  When the cursor moves to this text,
+the real password is revealed (via `reveal-mode').
+
 ** Tramp
 
 +++
diff --git a/lisp/auth-source.el b/lisp/auth-source.el
index 2164a550b0a..9669ae976cc 100644
--- a/lisp/auth-source.el
+++ b/lisp/auth-source.el
@@ -2397,6 +2397,38 @@ MODE can be \"login\" or \"password\"."
       (setq password (funcall password)))
     (list user password auth-info)))
 
+;;; Tiny mode for editing .netrc/.authinfo modes (that basically just
+;;; hides passwords).
+
+;;;###autoload
+(define-derived-mode authinfo-mode fundamental-mode "Authinfo"
+  "Mode for editing .authinfo/.netrc files.
+
+This is just like `fundamental-mode', but hides passwords.  The
+passwords are revealed when point moved into the password.
+
+\\{authinfo-mode-map}"
+  (authinfo--hide-passwords (point-min) (point-max))
+  (reveal-mode))
+
+(defun authinfo--hide-passwords (start end)
+  (save-excursion
+    (save-restriction
+      (narrow-to-region start end)
+      (goto-char start)
+      (while (re-search-forward "\\bpassword +\\([^\n\t ]+\\)"
+                                nil t)
+        (let ((overlay (make-overlay (match-beginning 1) (match-end 1))))
+          (overlay-put overlay 'display (propertize "****"
+                                                    'face 'warning))
+          (overlay-put overlay 'reveal-toggle-invisible
+                       #'authinfo--toggle-display))))))
+
+(defun authinfo--toggle-display (overlay hide)
+  (if hide
+      (overlay-put overlay 'display (propertize "****" 'face 'warning))
+    (overlay-put overlay 'display nil)))
+
 (provide 'auth-source)
 
 ;;; auth-source.el ends here
diff --git a/lisp/files.el b/lisp/files.el
index 0c3da1fe3cc..8c355b02aa1 100644
--- a/lisp/files.el
+++ b/lisp/files.el
@@ -2811,6 +2811,7 @@ ARC\\|ZIP\\|LZH\\|LHA\\|ZOO\\|[JEW]AR\\|XPI\\|RAR\\|CBR\\|7Z\\)\\'" . archive-mo
      ("\\.docbook\\'" . sgml-mode)
      ("\\.com\\'" . dcl-mode)
      ("/config\\.\\(?:bat\\|log\\)\\'" . fundamental-mode)
+     ("/\\.\\(authinfo\\|netrc\\)\\'" . authinfo-mode)
      ;; Windows candidates may be opened case sensitively on Unix
      ("\\.\\(?:[iI][nN][iI]\\|[lL][sS][tT]\\|[rR][eE][gG]\\|[sS][yY][sS]\\)\\'" . conf-mode)
      ("\\.la\\'" . conf-unix-mode)
-- 
2.39.5