From c3958e48f6a257fa7e681b2b39ea83d677bcb2f3 Mon Sep 17 00:00:00 2001
From: Lars Ingebrigtsen <larsi@gnus.org>
Date: Fri, 20 Sep 2019 22:24:56 +0200
Subject: Add some comments to the auth-source obfuscation

* lisp/auth-source.el (auth-source--obfuscate): Add comments.
---
 lisp/auth-source.el | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/lisp/auth-source.el b/lisp/auth-source.el
index e608afca2db..365ed2fa284 100644
--- a/lisp/auth-source.el
+++ b/lisp/auth-source.el
@@ -1164,9 +1164,15 @@ FILE is the file from which we obtained this token."
 (defvar auth-source--session-nonce nil)
 
 (defun auth-source--obfuscate (string)
+  ;; We want to keep passwords out of backtraces and bug reports and
+  ;; the like, so if we have GnuTLS available, we encrypt them with a
+  ;; nonce that we just keep in memory.  If somebody has access to the
+  ;; current Emacs session, they can be decrypted, but if not, little
+  ;; useful information is leaked.  If you reset the nonce, you also
+  ;; have to call `auth-source-forget-all-cached'.
   (unless auth-source--session-nonce
     (setq auth-source--session-nonce
-          (apply #'string (cl-loop repeat 10
+          (apply #'string (cl-loop repeat 32
                                    collect (random 128)))))
   (if (and (fboundp 'gnutls-symmetric-encrypt)
            (gnutls-available-p))
-- 
cgit v1.2.1