[Monotone-devel] Re: popen replacement

[William Uther]

Agent Smith wrote:

> The code makes me a little uneasy -- lots of pointer arithmetic/ 
> malloc usage.  Not clear that's fixable, though.
>
> The formatting could be better -- we tend not to skimp on the space
> bar too much

> .  "(char**)malloc((n+1)*sizeof(char*))" is not
> particularly easy to read, for instance.  (Also, old-style casts?)

Not my chosen style either.  I was matching the surrounding code.   
( except the parts of my patch were taken from lua/liolib.cc )

> I can think of two cleaner solutions:
>   -- we already have netxx_pipe.cc to provide a cross-platform way to
>      spawn and talk to a child process.  Trying to wire up netxx to
>      lua filehandles directly sounds totally un-fun,

I didn't know about that.  Just had a look.  If I cared, then it  
could be done, but I don't think it is worth the effort.  Maybe the  
reason I think this is that I haven't implemented the Windows part.  :)

>      for your
>      use case, at least, one could just have a lua function where  
> you hand it the
>      stdin you made up as a string, and it hands you the
>      stdout you want as a string.  (In fact, the testsuite has code to
>      do something very like this, and cross-platform, doesn't it?)

Okie.  That would be another option.  If the Windows part is hard to  
implement, and the get_passphrase hook isn't going away, then this is  
probably the best option.

>   -- simply implement OS X keychain integration directly

> .  It
>      looks like this would be _really_ easy

Yup - another option.  If you're going to go this route, you're  
better off merging the ssh-agent branch and then using http:// 
www.sshkeychain.org/ on the mac.  That solution is cross-platform.

> OTOH, this is a small patch, so maybe it doesn't matter that much  
> if there are other cleaner ways to do things, we could get to them  
> later.  Does anyone else have an opinion?

Part of the reason I chose that way, was that it was the "Unix Way".   
Adding popen means that anyone can use any command in any hook script  
and make it work.  popen is more flexible than the simple function  
you mentioned in the test harness.

> Good timing, we've just been debating whether get_passphrase is
> actually useful for anything once you have the possibility to store
> unencrypted keys

> .  (Since the major current use case for
> get_passphrase is server keys.)

The tutorial still suggests get_passphrase as the standard way of  
accessing your key.  Keys for signing code might not really need to  
be secure.  However, monotone also uses the keys for access control  
to the server.  At least one of those needs to be pretty secure.   
Merging the ssh-agent branch might be the real answer here (assuming  
it does what I think it does - there is no branch readme, and  
searching the mailing list doesn't reveal much).  Until someone else  
wants popen in a different hook.

Cheers,

Will        :-}