Chris Cunningham uploaded a new version of Network to project The Inbox: http://source.squeak.org/inbox/Network-cbc.234.mcz
==================== Summary ====================
Name: Network-cbc.234 Author: cbc Time: 7 June 2019, 12:56:17.741581 pm UUID: a2081791-f54f-40fd-bd59-b8da1d52265d Ancestors: Network-pre.233
Password was very specific for ServerDirectory. Re-factor Password into a more generic password holder (usuable in other classes). Create ServerPassword as a sub-class of Password with necessary specilizations moved down to it. Make ServcieDirectory point to ServerPassword.
This allows us to use Password generally to store a password in memory (encoded) during a Squeak session, which is cleared out when saving. The intended use case is to not store passwords in code or in the file system - instead prompt the user at first use and cache it for the rest of the life of the session.
=============== Diff against Network-pre.233 ===============
Item was changed: Object subclass: #Password + instanceVariableNames: 'cache' - instanceVariableNames: 'cache sequence' classVariableNames: '' poolDictionaries: '' category: 'Network-Kernel'!
+ !Password commentStamp: 'cbc 6/7/2019 11:19' prior: 0! + "Hold a password in memory during a run of the app. - !Password commentStamp: 'pre 12/11/2018 15:53' prior: 0! - "Hold a password. There are three ways to get the password.
+ After each save (after each startup), when an applicaiton asks for a password, one of two things will happen: + 1> the user will be prompted for the password + 2> If the user was previously prompted, return that password - If there is no password (sequence == nil), ask the user for it.
+ Passwords are stored encoded. + At shutDown, passwords are cleared (will not be written to disc). - If the user supplied one during this session, return that. It is cleared at shutDown.
+ The intent for this class is to avoid storing passwords in code or on files on the system. Instead, prompt the user during the running of the application."! - If sequence is a number, get the server passwords off the disk. File 'sqk.info' must be in the same folder 'Squeak.sources' file. Decode the file. Return the password indexed by sequence."!
Item was changed: ----- Method: Password>>cache: (in category 'accessing') ----- cache: anObject + "if anObject is nil, then clear out cache - don't store values to disc" + anObject ifNil: [^cache := nil]. + "Otherwise, 'encode' (trivially) the password while it resides in memory - no plain text" + cache := self decode: anObject! - cache := anObject!
Item was removed: - ----- Method: Password>>passwordFor: (in category 'accessing') ----- - passwordFor: serverDir - "Returned the password from one of many sources. OK if send in a nil arg." - - | sp msg | - cache ifNotNil: [^ cache]. - sequence ifNotNil: [ - (sp := self serverPasswords) ifNotNil: [ - sequence <= sp size ifTrue: [^ sp at: sequence]]]. - msg := serverDir isRemoteDirectory - ifTrue: [serverDir moniker] - ifFalse: ['this directory']. - (serverDir user = 'anonymous') & (serverDir typeWithDefault == #ftp) ifTrue: [ - ^ cache := UIManager default request: 'Please let this anonymous ftp\server know your email address.\This is the polite thing to do.' withCRs - initialAnswer: 'yourName@company.com']. - - ^ cache := UIManager default requestPassword: 'Password for ', serverDir user, ' at ', msg, ':'. - "Diff between empty string and abort?"!
Item was added: + ----- Method: Password>>passwordForMessage: (in category 'accessing') ----- + passwordForMessage: msg + cache ifNotNil: [^self decode: cache]. "Our stored value is encoded" + ^self decode: (cache := self decode: (UIManager default requestPassword: 'Password for ', msg, ':')).!
Item was removed: - ----- Method: Password>>sequence (in category 'accessing') ----- - sequence - ^sequence!
Item was removed: - ----- Method: Password>>sequence: (in category 'accessing') ----- - sequence: anNumber - sequence := anNumber!
Item was removed: - ----- Method: Password>>serverPasswords (in category 'accessing') ----- - serverPasswords - "Get the server passwords off the disk and decode them. The file 'sqk.info' must be in some folder that Squeak thinks is special (vm folder, or default directory). (Note: This code works even if you are running with no system sources file.)" - - | sfile | - (sfile := FileDirectory lookInUsualPlaces: 'sqk.info') ifNil: [^ nil]. - "If not there, Caller will ask user for password" - "If you don't have this file, and you really do want to release an update, - contact Ted Kaehler." - ^ (self decode: (sfile contentsOfEntireFile)) lines - !
Item was changed: ----- Method: ServerDirectory>>password (in category 'accessing') ----- password
+ passwordHolder ifNil: [passwordHolder := ServerPassword new]. - passwordHolder ifNil: [passwordHolder := Password new]. ^ passwordHolder passwordFor: self "may ask the user"!
Item was changed: ----- Method: ServerDirectory>>password: (in category 'accessing') ----- password: pp
+ passwordHolder := ServerPassword new. - passwordHolder := Password new. pp isString ifTrue: [passwordHolder cache: pp. ^ self]. pp isInteger ifTrue: [passwordHolder sequence: pp] ifFalse: [passwordHolder := pp].!
Item was changed: ----- Method: ServerDirectory>>passwordSequence: (in category 'accessing') ----- passwordSequence: aNumber
+ passwordHolder ifNil: [passwordHolder := ServerPassword new]. - passwordHolder ifNil: [passwordHolder := Password new]. passwordHolder sequence: aNumber!
Item was added: + Password subclass: #ServerPassword + instanceVariableNames: 'sequence' + classVariableNames: '' + poolDictionaries: '' + category: 'Network-Kernel'! + + !ServerPassword commentStamp: 'cbc 6/7/2019 11:15' prior: 0! + "Hold a password. There are three ways to get the password. + + If there is no password (sequence == nil), ask the user for it. + + If the user supplied one during this session, return that. It is cleared at shutDown. + + If sequence is a number, get the server passwords off the disk. File 'sqk.info' must be in the same folder 'Squeak.sources' file. Decode the file. Return the password indexed by sequence."!
Item was added: + ----- Method: ServerPassword>>cache: (in category 'accessing') ----- + cache: anObject + cache := anObject!
Item was added: + ----- Method: ServerPassword>>passwordFor: (in category 'accessing') ----- + passwordFor: serverDir + "Returned the password from one of many sources. OK if send in a nil arg." + + | sp msg | + cache ifNotNil: [^ cache]. + sequence ifNotNil: [ + (sp := self serverPasswords) ifNotNil: [ + sequence <= sp size ifTrue: [^ sp at: sequence]]]. + msg := serverDir isRemoteDirectory + ifTrue: [serverDir moniker] + ifFalse: ['this directory']. + (serverDir user = 'anonymous') & (serverDir typeWithDefault == #ftp) ifTrue: [ + ^ cache := UIManager default request: 'Please let this anonymous ftp\server know your email address.\This is the polite thing to do.' withCRs + initialAnswer: 'yourName@company.com']. + + ^ cache := UIManager default requestPassword: 'Password for ', serverDir user, ' at ', msg, ':'. + "Diff between empty string and abort?"!
Item was added: + ----- Method: ServerPassword>>sequence (in category 'accessing') ----- + sequence + ^sequence!
Item was added: + ----- Method: ServerPassword>>sequence: (in category 'accessing') ----- + sequence: anNumber + sequence := anNumber!
Item was added: + ----- Method: ServerPassword>>serverPasswords (in category 'accessing') ----- + serverPasswords + "Get the server passwords off the disk and decode them. The file 'sqk.info' must be in some folder that Squeak thinks is special (vm folder, or default directory). (Note: This code works even if you are running with no system sources file.)" + + | sfile | + (sfile := FileDirectory lookInUsualPlaces: 'sqk.info') ifNil: [^ nil]. + "If not there, Caller will ask user for password" + "If you don't have this file, and you really do want to release an update, + contact Ted Kaehler." + ^ (self decode: (sfile contentsOfEntireFile)) lines + !
HI.
Could someone that has used ServerDirectory verifies it still works with this change? The rest of the changes I've burned in for a couple of months, but never having used ServerDirectory (and being confused by it, too), I haven't verified that part. It *should* continue to work without issues.
Thanks, cbc
On Fri, Jun 7, 2019, 12:56 commits@source.squeak.org wrote:
Chris Cunningham uploaded a new version of Network to project The Inbox: http://source.squeak.org/inbox/Network-cbc.234.mcz
==================== Summary ====================
Name: Network-cbc.234 Author: cbc Time: 7 June 2019, 12:56:17.741581 pm UUID: a2081791-f54f-40fd-bd59-b8da1d52265d Ancestors: Network-pre.233
Password was very specific for ServerDirectory. Re-factor Password into a more generic password holder (usuable in other classes). Create ServerPassword as a sub-class of Password with necessary specilizations moved down to it. Make ServcieDirectory point to ServerPassword.
This allows us to use Password generally to store a password in memory (encoded) during a Squeak session, which is cleared out when saving. The intended use case is to not store passwords in code or in the file system - instead prompt the user at first use and cache it for the rest of the life of the session.
=============== Diff against Network-pre.233 ===============
Item was changed: Object subclass: #Password
instanceVariableNames: 'cache'
instanceVariableNames: 'cache sequence' classVariableNames: '' poolDictionaries: '' category: 'Network-Kernel'!
- !Password commentStamp: 'cbc 6/7/2019 11:19' prior: 0!
- "Hold a password in memory during a run of the app.
- !Password commentStamp: 'pre 12/11/2018 15:53' prior: 0!
- "Hold a password. There are three ways to get the password.
- After each save (after each startup), when an applicaiton asks for a
password, one of two things will happen:
- 1> the user will be prompted for the password
- 2> If the user was previously prompted, return that password
- If there is no password (sequence == nil), ask the user for it.
- Passwords are stored encoded.
- At shutDown, passwords are cleared (will not be written to disc).
- If the user supplied one during this session, return that. It is
cleared at shutDown.
- The intent for this class is to avoid storing passwords in code or on
files on the system. Instead, prompt the user during the running of the application."!
- If sequence is a number, get the server passwords off the disk. File '
sqk.info' must be in the same folder 'Squeak.sources' file. Decode the file. Return the password indexed by sequence."!
Item was changed: ----- Method: Password>>cache: (in category 'accessing') ----- cache: anObject
"if anObject is nil, then clear out cache - don't store values to
disc"
anObject ifNil: [^cache := nil].
"Otherwise, 'encode' (trivially) the password while it resides in
memory - no plain text"
cache := self decode: anObject!
cache := anObject!
Item was removed:
- ----- Method: Password>>passwordFor: (in category 'accessing') -----
- passwordFor: serverDir
"Returned the password from one of many sources. OK if send in a
nil arg."
| sp msg |
cache ifNotNil: [^ cache].
sequence ifNotNil: [
(sp := self serverPasswords) ifNotNil: [
sequence <= sp size ifTrue: [^ sp at: sequence]]].
msg := serverDir isRemoteDirectory
ifTrue: [serverDir moniker]
ifFalse: ['this directory'].
(serverDir user = 'anonymous') & (serverDir typeWithDefault ==
#ftp) ifTrue: [
^ cache := UIManager default request: 'Please let
this anonymous ftp\server know your email address.\This is the polite thing to do.' withCRs
initialAnswer: 'yourName@company.com'].
^ cache := UIManager default requestPassword: 'Password for ',
serverDir user, ' at ', msg, ':'.
"Diff between empty string and abort?"!
Item was added:
- ----- Method: Password>>passwordForMessage: (in category 'accessing')
- passwordForMessage: msg
cache ifNotNil: [^self decode: cache]. "Our stored value is
encoded"
^self decode: (cache := self decode: (UIManager default
requestPassword: 'Password for ', msg, ':')).!
Item was removed:
- ----- Method: Password>>sequence (in category 'accessing') -----
- sequence
^sequence!
Item was removed:
- ----- Method: Password>>sequence: (in category 'accessing') -----
- sequence: anNumber
sequence := anNumber!
Item was removed:
- ----- Method: Password>>serverPasswords (in category 'accessing') -----
- serverPasswords
"Get the server passwords off the disk and decode them. The file '
sqk.info' must be in some folder that Squeak thinks is special (vm folder, or default directory). (Note: This code works even if you are running with no system sources file.)"
| sfile |
(sfile := FileDirectory lookInUsualPlaces: 'sqk.info') ifNil: [^
nil].
"If not there, Caller will ask user for password"
"If you don't have this file, and you really do want to
release an update,
contact Ted Kaehler."
^ (self decode: (sfile contentsOfEntireFile)) lines
- !
Item was changed: ----- Method: ServerDirectory>>password (in category 'accessing') ----- password
passwordHolder ifNil: [passwordHolder := ServerPassword new].
passwordHolder ifNil: [passwordHolder := Password new]. ^ passwordHolder passwordFor: self "may ask the user"!
Item was changed: ----- Method: ServerDirectory>>password: (in category 'accessing') ----- password: pp
passwordHolder := ServerPassword new.
passwordHolder := Password new. pp isString ifTrue: [passwordHolder cache: pp. ^ self]. pp isInteger ifTrue: [passwordHolder sequence: pp] ifFalse: [passwordHolder := pp].!
Item was changed: ----- Method: ServerDirectory>>passwordSequence: (in category 'accessing') ----- passwordSequence: aNumber
passwordHolder ifNil: [passwordHolder := ServerPassword new].
passwordHolder ifNil: [passwordHolder := Password new]. passwordHolder sequence: aNumber!
Item was added:
- Password subclass: #ServerPassword
instanceVariableNames: 'sequence'
classVariableNames: ''
poolDictionaries: ''
category: 'Network-Kernel'!
- !ServerPassword commentStamp: 'cbc 6/7/2019 11:15' prior: 0!
- "Hold a password. There are three ways to get the password.
- If there is no password (sequence == nil), ask the user for it.
- If the user supplied one during this session, return that. It is
cleared at shutDown.
- If sequence is a number, get the server passwords off the disk. File '
sqk.info' must be in the same folder 'Squeak.sources' file. Decode the file. Return the password indexed by sequence."!
Item was added:
- ----- Method: ServerPassword>>cache: (in category 'accessing') -----
- cache: anObject
cache := anObject!
Item was added:
- ----- Method: ServerPassword>>passwordFor: (in category 'accessing')
- passwordFor: serverDir
"Returned the password from one of many sources. OK if send in a
nil arg."
| sp msg |
cache ifNotNil: [^ cache].
sequence ifNotNil: [
(sp := self serverPasswords) ifNotNil: [
sequence <= sp size ifTrue: [^ sp at: sequence]]].
msg := serverDir isRemoteDirectory
ifTrue: [serverDir moniker]
ifFalse: ['this directory'].
(serverDir user = 'anonymous') & (serverDir typeWithDefault ==
#ftp) ifTrue: [
^ cache := UIManager default request: 'Please let
this anonymous ftp\server know your email address.\This is the polite thing to do.' withCRs
initialAnswer: 'yourName@company.com'].
^ cache := UIManager default requestPassword: 'Password for ',
serverDir user, ' at ', msg, ':'.
"Diff between empty string and abort?"!
Item was added:
- ----- Method: ServerPassword>>sequence (in category 'accessing') -----
- sequence
^sequence!
Item was added:
- ----- Method: ServerPassword>>sequence: (in category 'accessing') -----
- sequence: anNumber
sequence := anNumber!
Item was added:
- ----- Method: ServerPassword>>serverPasswords (in category 'accessing')
- serverPasswords
"Get the server passwords off the disk and decode them. The file '
sqk.info' must be in some folder that Squeak thinks is special (vm folder, or default directory). (Note: This code works even if you are running with no system sources file.)"
| sfile |
(sfile := FileDirectory lookInUsualPlaces: 'sqk.info') ifNil: [^
nil].
"If not there, Caller will ask user for password"
"If you don't have this file, and you really do want to
release an update,
contact Ted Kaehler."
^ (self decode: (sfile contentsOfEntireFile)) lines
- !
squeak-dev@lists.squeakfoundation.org