allout patch to workaround discrepancies with new pgg interface (gpg-agent provisions)

allout patch to workaround discrepancies with new pgg interface (gpg-agent provisions)

[Ken Manheimer]

[-- Attachment #1: Type: text/plain, Size: 1007 bytes --]

the attached patch works around problems with the new version of pgg's
use of pgg-agent.  when the agent is active, passphrases passed in to
pgg are effectively ignored, such that pgg-agent continues to prompt
(via pinentry) for the passphrase.   the patch inhibits use of the
agent just in the scope that allout does its encryption, and
acknowledges that inhibition in various relevant module commentaries.

though it would be best to have allout defer to gpg-agent, via pgg, it
may be complicated  to do that and preserve allout's full current
encryption features.  a simpler intermediate fix would be to have pgg
respect passed in passphrases, and not resort to pgg-agent.
-- 
ken
http://myriadicity.net


2006-12-22  Ken Manheimer  <ken.manheimer@gmail.com>

	* allout.el (allout-encrypt-string): Inhibit use of agent within
	body of let form where encryption happens.  Acknowledge non-use of
	gpg-agent in docstring.
	(allout-toggle-subtree-encryption): Acknowledge non-use of
	gpg-agent in docstring.

[-- Attachment #2: allout-patch.txt --]
[-- Type: text/plain, Size: 2326 bytes --]

Index: allout.el
===================================================================
RCS file: /sources/emacs/emacs/lisp/allout.el,v
retrieving revision 1.90
diff -u -u -r1.90 allout.el
--- allout.el	3 Dec 2006 21:37:33 -0000	1.90
+++ allout.el	23 Dec 2006 17:52:34 -0000
@@ -45,7 +45,9 @@
 ;;  - Symmetric-key and key-pair topic encryption, plus symmetric passphrase
 ;;    mnemonic support, with verification against an established passphrase
 ;;    (using a stashed encrypted dummy string) and user-supplied hint
-;;    maintenance.  (See allout-toggle-current-subtree-encryption docstring.)
+;;    maintenance.  (See allout-toggle-current-subtree-encryption docstring.
+;;    Currently only GnuPG encryption is supported, and integration
+;;    with gpg-agent is not yet implemented.)
 ;;  - Automatic topic-number maintenance
 ;;  - "Hot-spot" operation, for single-keystroke maneuvering and
 ;;    exposure control (see the allout-mode docstring)
@@ -5748,7 +5750,8 @@
 passphrase cache.  With no universal argument, the appropriate passphrase
 is obtained from the cache, if available, else from the user.
 
-Currently only GnuPG encryption is supported.
+Currently only GnuPG encryption is supported, and integration
+with gpg-agent is not yet implemented.
 
 \**NOTE WELL** that the encrypted text must be ascii-armored.  For gnupg
 encryption, include the option ``armor'' in your ~/.gnupg/gpg.conf file.
@@ -5820,7 +5823,8 @@
 passphrase cache.  With no universal argument, the appropriate passphrase
 is obtained from the cache, if available, else from the user.
 
-Currently only GnuPG encryption is supported.
+Currently only GnuPG encryption is supported, and integration
+with gpg-agent is not yet implemented.
 
 \**NOTE WELL** that the encrypted text must be ascii-armored.  For gnupg
 encryption, include the option ``armor'' in your ~/.gnupg/gpg.conf file.
@@ -5996,7 +6000,9 @@
          (rejected (or rejected 0))
          (rejections-left (- allout-encryption-ciphertext-rejection-ceiling
                              rejected))
-         result-text status)
+         result-text status
+         ;; Inhibit use of gpg-agent in the scope of this let:
+         (pgg-gpg-use-agent nil))
 
     (if (and fetch-pass (not passphrase))
         ;; Force later fetch by evicting passphrase from the cache.

[-- Attachment #3: ChangeLog-entry.txt --]
[-- Type: text/plain, Size: 298 bytes --]

2006-12-22  Ken Manheimer  <ken.manheimer@gmail.com>

	* allout.el (allout-encrypt-string): Inhibit use of agent within
	body of let form where encryption happens.  Acknowledge non-use of
	gpg-agent in docstring.
	(allout-toggle-subtree-encryption): Acknowledge non-use of
	gpg-agent in docstring.

[-- Attachment #4: Type: text/plain, Size: 142 bytes --]

_______________________________________________
Emacs-devel mailing list
Emacs-devel@gnu.org
http://lists.gnu.org/mailman/listinfo/emacs-devel

Re: allout patch to workaround discrepancies with new pgg interface (gpg-agent provisions)

[Chong Yidong]

"Ken Manheimer" <ken.manheimer@gmail.com> writes:

> the attached patch works around problems with the new version of pgg's
> use of pgg-agent.  when the agent is active, passphrases passed in to
> pgg are effectively ignored, such that pgg-agent continues to prompt
> (via pinentry) for the passphrase.   the patch inhibits use of the
> agent just in the scope that allout does its encryption, and
> acknowledges that inhibition in various relevant module commentaries.

Checked in.  Thanks.

Re: allout patch to workaround discrepancies with new pgg interface (gpg-agent provisions)

[Richard Stallman]

To inhibit use of gpg-agent is a bad idea, especially since that is
now the recommended way for people to specify their passphrases.

Before we fall back to a drastic solution like this, we should see
if they can fix pgg.

Re: allout patch to workaround discrepancies with new pgg interface (gpg-agent provisions)

[Ken Manheimer]

[-- Attachment #1: Type: text/plain, Size: 718 bytes --]

as i said in the other thread ("Documenting gpg-agent"), i do think
there's a problem in that passed-in passphrases seem to be
disregarded.  i also think, however, that allout is better off not
handling keypair passphrases, though it must continue to handle
symmetric-key passphrases (which i explain in detail in the other
thread).  so the attached patch does exactly that - allout will
continue to handle symmetric-key passphrases, but defer to pgg for
keypair passphrases.  i think this is a win all around.

--
ken
ken.manheimer@myriadicity.net

2006-12-25  Ken Manheimer  <ken.manheimer@gmail.com>

	* allout.el (allout-encrypt-string): Handle symmetric-key
	passphrase caching but leave keypair catching to pgg.

[-- Attachment #2: allout-patch.txt --]
[-- Type: text/plain, Size: 3139 bytes --]

--- allout.el	23 Dec 2006 20:20:17 -0500	1.91
+++ allout.el	25 Dec 2006 12:58:57 -0500	
@@ -5750,10 +5750,9 @@
 passphrase cache.  With no universal argument, the appropriate passphrase
 is obtained from the cache, if available, else from the user.
 
-Currently only GnuPG encryption is supported, and integration
-with gpg-agent is not yet implemented.
+Only GnuPG encryption is supported.
 
-\**NOTE WELL** that the encrypted text must be ascii-armored.  For gnupg
+\*NOTE WELL* that the encrypted text must be ascii-armored.  For gnupg
 encryption, include the option ``armor'' in your ~/.gnupg/gpg.conf file.
 
 Both symmetric-key and key-pair encryption is implemented.  Symmetric is
@@ -5767,8 +5766,8 @@
 encryption are encrypted.  See allout-encrypt-unencrypted-on-saves for
 auto-encryption specifics.
 
-\**NOTE WELL** that automatic encryption that happens during saves will
-default to symmetric encryption - you must manually (re)encrypt key-pair
+\*NOTE WELL* that automatic encryption that happens during saves will
+default to symmetric encryption - you must deliberately (re)encrypt key-pair
 encrypted topics if you want them to continue to use the key-pair cipher.
 
 Level-one topics, with prefix consisting solely of an `*' asterisk, cannot be
@@ -5780,10 +5779,8 @@
 The encryption passphrase is solicited if not currently available in the
 passphrase cache from a recent encryption action.
 
-The solicited passphrase is retained for reuse in a buffer-specific cache
-for some set period of time (default, 60 seconds), after which the string
-is nulled.  The passphrase cache timeout is customized by setting
-`pgg-passphrase-cache-expiry'.
+The solicited passphrase is retained for reuse in a cache, if enabled.  See
+`pgg-cache-passphrase' and `pgg-passphrase-cache-expiry' for details.
 
   Symmetric Passphrase Hinting and Verification
 
@@ -6001,8 +5998,10 @@
          (rejections-left (- allout-encryption-ciphertext-rejection-ceiling
                              rejected))
          result-text status
-         ;; Inhibit use of gpg-agent in the scope of this let:
-         (pgg-gpg-use-agent nil))
+         ;; Inhibit gpg-agent use for symmetric keys in the scope of this let:
+         (pgg-gpg-use-agent (if (equal key-type 'keypair)
+                                pgg-gpg-use-agent
+                              nil)))
 
     (if (and fetch-pass (not passphrase))
         ;; Force later fetch by evicting passphrase from the cache.
@@ -6010,12 +6009,9 @@
 
     (catch 'encryption-failed
 
-        ;; Obtain the passphrase if we don't already have one and we're not
-        ;; doing a keypair encryption:
-        (if (not (or passphrase
-                     (and (equal key-type 'keypair)
-                          (not decrypt))))
-
+        ;; We handle only symmetric-key passphrase caching.
+        (if (and (not passphrase)
+                 (not (equal key-type 'keypair)))
             (setq passphrase (allout-obtain-passphrase for-key
                                                        target-cache-id
                                                        target-prompt-id

[-- Attachment #3: ChangeLog-entry.txt --]
[-- Type: text/plain, Size: 170 bytes --]

2006-12-25  Ken Manheimer  <ken.manheimer@gmail.com>

	* allout.el (allout-encrypt-string): Handle symmetric-key
	passphrase caching but leave keypair catching to pgg.  

[-- Attachment #4: Type: text/plain, Size: 142 bytes --]

_______________________________________________
Emacs-devel mailing list
Emacs-devel@gnu.org
http://lists.gnu.org/mailman/listinfo/emacs-devel

Re: allout patch to workaround discrepancies with new pgg interface (gpg-agent provisions)

[Ken Manheimer]

as i mentioned, i'm going to have online access only intermittently
over the next few weeks.  it looks like daiki ueno has submitted a
patch that may repair the underlying pgg problem that provoked the
patch i submitted in a prior message in this thread, but the patch is
still an important improvment in the way allout uses pgg, even with
the pgg problem fixed.  i hope my patch will be applied, and also
daiki ueno's pgg patch, if sascha wilde checks and oks it.

(i won't need to suppress pgg-gpg-use-agent at all, if the pgg
passphrase problem is fixed, but the suppression won't hurt, and the
other parts of my patch are crucial.  if the timing works out and the
pgg problem gets settled i'll submit a new patch removing the
suppression, on jan 1 or 2.)
-- 
ken
http://myriadicity.net

On 12/25/06, Ken Manheimer <ken.manheimer@gmail.com> wrote:
> as i said in the other thread ("Documenting gpg-agent"), i do think
> there's a problem in that passed-in passphrases seem to be
> disregarded.  i also think, however, that allout is better off not
> handling keypair passphrases, though it must continue to handle
> symmetric-key passphrases (which i explain in detail in the other
> thread).  so the attached patch does exactly that - allout will
> continue to handle symmetric-key passphrases, but defer to pgg for
> keypair passphrases.  i think this is a win all around.
>
> --
> ken
> ken.manheimer@myriadicity.net
>
> 2006-12-25  Ken Manheimer  <ken.manheimer@gmail.com>
>
>         * allout.el (allout-encrypt-string): Handle symmetric-key
>         passphrase caching but leave keypair catching to pgg.