diff options
| author | Sean Whitton <spwhitton@spwhitton.name> | 2022-04-10 14:26:12 -0700 |
|---|---|---|
| committer | Sean Whitton <spwhitton@spwhitton.name> | 2022-04-10 16:41:53 -0700 |
| commit | 2cd6181492f8ea14cfb92c5df60eb99604f7646d (patch) | |
| tree | 25679fa93db128a0bab184c140e442afd4ff144c | |
| parent | 3304c0b4992943d5e440b69574e517e1b86eb394 (diff) | |
| download | consfigurator-2cd6181492f8ea14cfb92c5df60eb99604f7646d.tar.gz | |
rename PASSPHRASE class and its associated functions
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
| -rw-r--r-- | src/connection/sudo.lisp | 17 | ||||
| -rw-r--r-- | src/data.lisp | 16 | ||||
| -rw-r--r-- | src/package.lisp | 5 |
3 files changed, 20 insertions, 18 deletions
diff --git a/src/connection/sudo.lisp b/src/connection/sudo.lisp index cbdf259..459a832 100644 --- a/src/connection/sudo.lisp +++ b/src/connection/sudo.lisp @@ -61,14 +61,15 @@ (make-instance 'sudo-connection :connattrs `(:remote-user ,user) - :password-file (and password - (aprog1 (mktemp) - ;; We'll send the password followed by ^M, then the - ;; real stdin. Use CODE-CHAR in this way so that we - ;; can be sure ASCII ^M is what will get emitted. - (write-remote-file it (strcat (passphrase password) - (string (code-char 13))) - :mode #o600))))) + :password-file + (and password + (aprog1 (mktemp) + ;; We'll send the password followed by ^M, then the real stdin. Use + ;; CODE-CHAR in this way so that we can be sure ASCII ^M is what + ;; will get emitted. + (write-remote-file it (strcat (unwrap-passphrase password) + (string (code-char 13))) + :mode #o600))))) (defmethod connection-tear-down :after ((connection sudo-connection)) (when-let ((file (slot-value connection 'password-file))) diff --git a/src/data.lisp b/src/data.lisp index d5f053e..7bdc0f3 100644 --- a/src/data.lisp +++ b/src/data.lisp @@ -487,26 +487,26 @@ properties, or data sources which return objects referencing existing files." ;;;; Passphrases -(defclass passphrase () - ((passphrase :initarg :passphrase :reader passphrase))) +(defclass wrapped-passphrase () + ((passphrase :initarg :passphrase :reader unwrap-passphrase))) -(defun make-passphrase (passphrase) +(defun wrap-passphrase (passphrase) "Make an object which is unprintable by default to contain a passphrase." - (make-instance 'passphrase :passphrase passphrase)) + (make-instance 'wrapped-passphrase :passphrase passphrase)) (defun get-data-protected-string (iden1 iden2) "Like GET-DATA-STRING, but wrap the content in an object which is unprintable by default. Intended for code which fetches passwords and wants to lessen the chance of those passwords showing up in the clear in the Lisp debugger." - (make-passphrase (get-data-string iden1 iden2))) + (wrap-passphrase (get-data-string iden1 iden2))) (defvar *allow-printing-passphrases* nil) -(defmethod print-object ((passphrase passphrase) stream) +(defmethod print-object ((passphrase wrapped-passphrase) stream) (if *allow-printing-passphrases* (format stream "#.~S" - `(make-instance 'passphrase - :passphrase ,(passphrase passphrase))) + `(make-instance 'wrapped-passphrase + :passphrase ,(unwrap-passphrase passphrase))) (print-unreadable-object (passphrase stream) (format stream "PASSPHRASE"))) passphrase) diff --git a/src/package.lisp b/src/package.lisp index 8e28d89..31a21dd 100644 --- a/src/package.lisp +++ b/src/package.lisp @@ -319,8 +319,9 @@ #:connection-upload #:connection-clear-data-cache #:upload-all-prerequisite-data - #:passphrase - #:make-passphrase + #:wrapped-passphrase + #:wrap-passphrase + #:unwrap-passphrase #:get-data-protected-string ;; image.lisp |