* new version of allout.el - patch and ChangeLog @ 2005-09-30 17:24 Ken Manheimer 2005-09-30 21:06 ` Sascha Wilde [not found] ` <E1ELj0L-0000Pn-3T@fencepost.gnu.org> 0 siblings, 2 replies; 156+ messages in thread From: Ken Manheimer @ 2005-09-30 17:24 UTC (permalink / raw) [-- Attachment #1: Type: text/plain, Size: 1881 bytes --] attached is a patch and ChangeLog for a substantial new version of allout.el, emacs' alternative (and much more extensive) outliner. i think it's ready to revise the distributed version. this version adds topic encryption, using GPG. it also includes several fixes and enhancements, described in the ChangeLog entry below is the synopsis of just the encryption features, from the ChangeLog entry. - new subsystem supporting easy gpg topic encryption/decryption. salient features: - both public- and symmetric-key modes are supported. - encryption being on a per-topic basis means you can intersperse encrypted and clear-text data in a single file to your heart's content. - user-provided symmetric-key hints, with consistency verification to help user avoid confusion - time-limited key reuse, a la (and using) mailcrypt's mc-passwd-timeout - write-file-hook and auto-save-hook activities to support auto encryption of pending topics on save; provision to skip currently-edited topic to avoid editing disturbance topic encryption functionality depends on both mailcrypt and crypt++ packages. (non-encryption allout functionality is not disrupted if either mailcrypt or crypt++ are absent.) `allout-toggle-current-subtree-encryption' is the central routine. there are a five new encryption customization variables: - allout-topic-encryption-bullet - allout-default-encryption-scheme - allout-key-verifier-handling - allout-key-hint-handling - allout-encrypt-unencrypted-on-saves topic encryption is included in mouse menu docstring for `allout-toggle-current-subtree-encryption' and customization variables provide detailed description. ken manheimer ken.manheimer@gmail.com [-- Attachment #2: allout-patch.txt --] [-- Type: text/plain, Size: 115417 bytes --] --- allout.el.~1.61.~ 2005-08-06 18:13:41.000000000 -0400 +++ allout.el 2005-09-30 13:09:03.000000000 -0400 @@ -3,10 +3,11 @@ ;; Copyright (C) 1992, 1993, 1994, 2001, 2002, 2003, 2004, ;; 2005 Free Software Foundation, Inc. -;; Author: Ken Manheimer <klm@zope.com> -;; Maintainer: Ken Manheimer <klm@zope.com> +;; Author: Ken Manheimer <ken dot manheimer at gmail dot com> +;; Maintainer: Ken Manheimer <ken dot manheimer at gmail dot com> ;; Created: Dec 1991 - first release to usenet -;; Keywords: outlines mode wp languages +;; Version: $Id: allout.el,v 1.67 2005/09/30 17:15:24 klm Exp $|| +;; Keywords: outlines wp languages ;; This file is part of GNU Emacs. @@ -34,43 +35,68 @@ ;; programming languages. (For an example, see the allout code ;; itself, which is organized in ;; an outline framework.) ;; -;; In addition to outline navigation and exposure, allout includes: +;; Some features: ;; -;; - topic-oriented repositioning, cut, and paste -;; - integral outline exposure-layout -;; - incremental search with dynamic exposure and reconcealment of hidden text +;; - classic outline-mode topic-oriented navigation and exposure adjustment +;; - topic-oriented editing including coherent topic and subtopic +;; creation, promotion, demotion, cut/paste across depths, etc +;; - incremental search with dynamic exposure and reconcealment of text +;; - customizable bullet format enbles programming-language specific +;; outlining, for ultimate code-folding editing. (allout code itself is +;; formatted as an outline - do ESC-x eval-current-buffer in allout.el +;; to try it out.) +;; - configurable per-file initial exposure settings +;; - symmetric-key and key-pair topic encryption, plus reliable key +;; verification and user-supplied hint maintenance. (see +;; allout-toggle-current-subtree-encryption docstring.) ;; - automatic topic-number maintenance -;; - "Hot-spot" operation, for single-keystroke maneuvering and -;; exposure control. (See the `allout-mode' docstring.) +;; - "hot-spot" operation, for single-keystroke maneuvering and +;; exposure control (see the allout-mode docstring) +;; - easy rendering of exposed portions into numbered, latex, indented, etc +;; outline styles ;; -;; and many other features. +;; and more. ;; ;; The outline menubar additions provide quick reference to many of -;; the features, and see the docstring of the function `allout-init' -;; for instructions on priming your Emacs session for automatic -;; activation of `allout-mode'. +;; the features, and see the docstring of the variable `allout-init' +;; for instructions on priming your emacs session for automatic +;; activation of allout-mode. ;; ;; See the docstring of the variables `allout-layout' and ;; `allout-auto-activation' for details on automatic activation of -;; allout `allout-mode' as a minor mode. (It has changed since allout +;; `allout-mode' as a minor mode. (It has changed since allout ;; 3.x, for those of you that depend on the old method.) ;; ;; Note - the lines beginning with `;;;_' are outline topic headers. ;; Just `ESC-x eval-current-buffer' to give it a whirl. -;; Ken Manheimer klm@zope.com +;; ken manheimer (ken dot manheimer at gmail dot com) ;;; Code: ;;;_* Provide +;(provide 'outline) (provide 'allout) +;;;_* Dependency autoloads +(eval-when-compile 'cl) ; otherwise, flet compilation fouls +(autoload 'crypt-encrypt-buffer "crypt++") +(setq-default crypt-encryption-type 'gpg) + +(autoload 'mc-encrypt "mailcrypt" + "*Encrypt the current buffer") +(autoload 'mc-activate-passwd "mailcrypt" + "Activate the passphrase matching ID, using PROMPT for a prompt. +Return the passphrase. If PROMPT is nil, only return value if cached.") +(autoload 'mc-gpg-process-region "mc-gpg") +(autoload 'mc-dectivate-passwd "mailcrypt" + "*Deactivate the passphrase cache.") + ;;;_* USER CUSTOMIZATION VARIABLES: (defgroup allout nil "Extensive outline mode for use alone and with other modes." :prefix "allout-" - :group 'editing - :version "22.1") + :group 'outlines) ;;;_ + Layout, Mode, and Topic Header Configuration @@ -111,8 +137,8 @@ A list value specifies a default layout for the current buffer, to be applied upon activation of `allout-mode'. Any non-nil value will -automatically trigger `allout-mode', provided `allout-init' -has been called to enable it. +automatically trigger `allout-mode', provided `allout-init' has been called +to enable it. See the docstring for `allout-init' for details on setting up for auto-mode-activation, and for `allout-expose-topic' for the format of @@ -171,7 +197,7 @@ :group 'allout) (make-variable-buffer-local 'allout-primary-bullet) ;;;_ = allout-plain-bullets-string -(defcustom allout-plain-bullets-string ".:,;" +(defcustom allout-plain-bullets-string ".," "*The bullets normally used in outline topic prefixes. See `allout-distinctive-bullets-string' for the other kind of @@ -185,7 +211,7 @@ :group 'allout) (make-variable-buffer-local 'allout-plain-bullets-string) ;;;_ = allout-distinctive-bullets-string -(defcustom allout-distinctive-bullets-string "*+-=>([{}&!?#%\"X@$~_\\" +(defcustom allout-distinctive-bullets-string "*+-=>()[{}&!?#%\"X@$~_\\:;^" "*Persistent outline header bullets used to distinguish special topics. These bullets are used to distinguish topics from the run-of-the-mill @@ -198,12 +224,13 @@ `?' question topics `\(' parenthetic comment \(with a matching close paren inside) `[' meta-note \(with a matching close ] inside) - `\"' a quote + `\"' a quotation `=' value settings `~' \"more or less\" + `^' see above -... just for example. (`#' typically has a special meaning to the -software, according to the value of `allout-numbered-bullet'.) + ... for example. (`#' typically has a special meaning to the software, +according to the value of `allout-numbered-bullet'.) See `allout-plain-bullets-string' for the selection of alternating bullets. @@ -337,7 +364,6 @@ Set this var to the bullet you want to use for file cross-references." :type '(choice (const nil) string) :group 'allout) - ;;;_ = allout-presentation-padding (defcustom allout-presentation-padding 2 "*Presentation-format white-space padding factor, for greater indent." @@ -381,7 +407,7 @@ :type 'string :group 'allout) ;;;_ - allout-title -(defcustom allout-title '(or buffer-file-name (current-buffer-name)) +(defcustom allout-title '(or buffer-file-name (buffer-name)) "*Expression to be evaluated to determine the title for LaTeX formatted copy." :type 'sexp @@ -397,6 +423,94 @@ :type 'string :group 'allout) +;;;_ + Topic encryption +;;;_ = allout-topic-encryption-bullet +(defcustom allout-topic-encryption-bullet "~" + "*Bullet signifying encryption of the entry's body." + :type '(choice (const nil) string) + :group 'allout) +;;;_ = allout-default-encryption-scheme +(defcustom allout-default-encryption-scheme 'mc-scheme-gpg + "*Default allout outline topic encryption mode. + +See mailcrypt variable `mc-schemes' and mailcrypt docs for encryption schemes." + :type 'symbol + :group 'allout) +;;;_ = allout-key-verifier-handling +(defcustom allout-key-verifier-handling 'situate + "*Dictate outline encryption key verifier handling. + +The key verifier is string associated with a file that is encrypted with +the file's current symmetric encryption key. It is used, if present, to +confirm that the key entered by the user is the same as the established +one, or explicitly presenting the user with the choice to go with a +new key when a difference is encountered. + +The range of values are: + + situate - include key verifier string as text in the file's local-vars + section + transient - establish the value as a variable in the file's buffer, but + don't preserve it as a file variable. + disabled - don't establish or do verification. + +See the docstring for the `allout-enable-file-variable-adjustment' +variable for details about allout ajustment of file variables." + :type '(choice (const situate) + (const transient) + (const disabled)) + :group 'allout) +(make-variable-buffer-local 'allout-key-verifier-handling) +;;;_ = allout-key-hint-handling +(defcustom allout-key-hint-handling 'always + "*Dictate outline encryption key reminder handling: + + always - always show reminder when prompting + needed - show reminder on key entry failure + manage - never present reminder, but still manage a file-var entry for it + disabled - don't even manage the file variable entry + +See the docstring for the `allout-enable-file-variable-adjustment' +variable for details about allout ajustment of file variables." + :type '(choice (const always) + (const needed) + (const manage) + (const disabled)) + :group 'allout) +(make-variable-buffer-local 'allout-key-hint-handling) +;;;_ = allout-encrypt-unencrypted-on-saves +(defcustom allout-encrypt-unencrypted-on-saves 'except-current + "*When saving, should topics pending encryption be encrypted? + +The idea is to prevent file-system exposure of any un-encrypted stuff, and +mostly covers both deliberate file writes and auto-saves. + + - Yes: encrypt all topics pending encryption, even if it's the one + currently being edited. \(In that case, the currently edited topic + will be automatically decrypted before any user interaction, so they + can continue editing but the copy on the file system will be + encrypted.) + Auto-saves will use the \"All except current topic\" mode if this + one is selected, to avoid practical difficulties - see below. + - All except current topic: skip the topic currently being edited, even if + it's pending encryption. This may expose the current topic on the + file sytem, but avoids the nuisance of prompts for the encryption + key in the middle of editing for, eg, autosaves. + This mode is used for auto-saves for both this option and \"Yes\". + - No: leave it to the user to encrypt any unencrypted topics. + +For practical reasons, auto-saves always use the 'except-current policy +when auto-encryption is enabled. \(Otherwise, spurious key prompts and +unavoidable timing collisions are too disruptive.) If security for a file +requires that even the current topic is never auto-saved in the clear, +disable auto-saves for that file." + + :type '(choice (const :tag "Yes" t) + (const :tag "All except current topic" except-current) + (const :tag "No" nil)) + :group 'allout) +(make-variable-buffer-local 'allout-encrypt-unencrypted-on-saves) + ;;;_ + Miscellaneous customization ;;;_ = allout-command-prefix @@ -422,13 +536,15 @@ ("\C-f" allout-forward-current-level) ("\C-b" allout-backward-current-level) ("\C-a" allout-beginning-of-current-entry) - ("\C-e" allout-end-of-current-entry) + ("\C-e" allout-end-of-entry) ; Exposure commands: ("\C-i" allout-show-children) ("\C-s" allout-show-current-subtree) ("\C-h" allout-hide-current-subtree) + ("h" allout-hide-current-subtree) ("\C-o" allout-show-current-entry) ("!" allout-show-all) + ("x" allout-toggle-current-subtree-encryption) ; Alteration commands: (" " allout-open-sibtopic) ("." allout-open-subtopic) @@ -489,19 +605,22 @@ (make-variable-buffer-local 'allout-reindent-bodies) -;;;_ = allout-inhibit-protection -(defcustom allout-inhibit-protection nil - "*Non-nil disables warnings and confirmation-checks for concealed-text edits. - -Outline mode uses Emacs change-triggered functions to detect unruly -changes to concealed regions. Set this var non-nil to disable the -protection, potentially increasing text-entry responsiveness a bit. - -This var takes effect at `allout-mode' activation, so you may have to -deactivate and then reactivate the mode if you want to toggle the -behavior." +;;;_ = allout-enable-file-variable-adjustment +(defcustom allout-enable-file-variable-adjustment t + "*If non-nil, some allout outline actions can edit Emacs file variables text. + +This can range from changes to existing entries, addition of new ones, +and creation of a new local variables section when necessary. + +Emacs file variables adjustments are also inhibited if `enable-local-variables' +is nil. + +Operations potentially causing edits include allout encryption routines. +See the docstring for `allout-toggle-current-subtree-encryption' for +details." :type 'boolean :group 'allout) +(make-variable-buffer-local 'allout-enable-file-variable-adjustment) ;;;_* CODE - no user customizations below. @@ -728,12 +847,17 @@ (car (cdr cell))))))) keymap-list) map)) - +;;;_ = allout-prior-bindings - being deprecated. +(defvar allout-prior-bindings nil + "Variable for use in V18, with allout-added-bindings, for +resurrecting, on mode deactivation, bindings that existed before +activation. Being deprecated.") +;;;_ = allout-added-bindings - being deprecated +(defvar allout-added-bindings nil + "Variable for use in V18, with allout-prior-bindings, for +resurrecting, on mode deactivation, bindings that existed before +activation. Being deprecated.") ;;;_ : Menu bar -(defvar allout-mode-exposure-menu) -(defvar allout-mode-editing-menu) -(defvar allout-mode-navigation-menu) -(defvar allout-mode-misc-menu) (defun produce-allout-mode-menubar-entries () (require 'easymenu) (easy-menu-define allout-mode-exposure-menu @@ -759,7 +883,11 @@ ["Shift Topic Out" allout-shift-out t] ["Rebullet Topic" allout-rebullet-topic t] ["Rebullet Heading" allout-rebullet-current-heading t] - ["Number Siblings" allout-number-siblings t])) + ["Number Siblings" allout-number-siblings t] + "----" + ["Toggle Topic Encryption" + allout-toggle-current-subtree-encryption + (> (allout-current-depth) 1)])) (easy-menu-define allout-mode-navigation-menu allout-mode-map "Allout outline navigation menu." @@ -775,7 +903,7 @@ "----" ["Beginning of Entry" allout-beginning-of-current-entry t] - ["End of Entry" allout-end-of-current-entry t] + ["End of Entry" allout-end-of-entry t] ["End of Subtree" allout-end-of-current-subtree t])) (easy-menu-define allout-mode-misc-menu allout-mode-map @@ -855,13 +983,6 @@ (setq allout-mode-prior-settings rebuild))))) ) ;;;_ : Mode-specific incidentals -;;;_ = allout-during-write-cue nil -(defvar allout-during-write-cue nil - "Used to inhibit outline change-protection during file write. - -See also `allout-post-command-business', `allout-write-file-hook', -`allout-before-change-protect', and `allout-post-command-business' -functions.") ;;;_ = allout-pre-was-isearching nil (defvar allout-pre-was-isearching nil "Cue for isearch-dynamic-exposure mechanism, implemented in @@ -869,22 +990,28 @@ (make-variable-buffer-local 'allout-pre-was-isearching) ;;;_ = allout-isearch-prior-pos nil (defvar allout-isearch-prior-pos nil - "Cue for isearch-dynamic-exposure tracking, used by `allout-isearch-expose'.") + "Cue for isearch-dynamic-exposure tracking, used by +`allout-isearch-expose'.") (make-variable-buffer-local 'allout-isearch-prior-pos) -;;;_ = allout-override-protect nil -(defvar allout-override-protect nil - "Used in `allout-mode' for regulate of concealed-text protection mechanism. - -Allout outline mode regulates alteration of concealed text to protect -against inadvertent, unnoticed changes. This is for use by specific, -native outline functions to temporarily override that protection. -It's automatically reset to nil after every buffer modification.") -(make-variable-buffer-local 'allout-override-protect) +;;;_ = allout-isearch-did-quit +(defvar allout-isearch-did-quit nil + "Distinguishes isearch conclusion and cancellation. + +Maintained by allout-isearch-abort \(which is wrapped around the real +isearch-abort), and monitored by allout-isearch-expose for action.") +(make-variable-buffer-local 'allout-isearch-did-quit) ;;;_ > allout-unprotected (expr) -(defmacro allout-unprotected (expression) - "Evaluate EXPRESSION with `allout-override-protect' let-bound to t." - `(let ((allout-override-protect t)) - ,expression)) +(defmacro allout-unprotected (expr) + "Enable internal outline operations to alter read-only text." + `(let ((was-inhibit-r-o inhibit-read-only)) + (unwind-protect + (progn + (setq inhibit-read-only t) + ,expr) + (setq inhibit-read-only was-inhibit-r-o) + ) + ) + ) ;;;_ = allout-undo-aggregation (defvar allout-undo-aggregation 30 "Amount of successive self-insert actions to bunch together per undo. @@ -897,14 +1024,109 @@ "Horrible hack used to prevent invalid multiple triggering of outline mode from prop-line file-var activation. Used by `allout-mode' function to track repeats.") -;;;_ > allout-write-file-hook () -(defun allout-write-file-hook () - "In `allout-mode', run as a `write-contents-functions' activity. - -Currently just sets `allout-during-write-cue', so outline change-protection -knows to keep inactive during file write." - (setq allout-during-write-cue t) - nil) +;;;_ = allout-file-key-verifier-string +(defvar allout-file-key-verifier-string nil + "Name for use as a file variable for verifying encryption key across +sessions.") +(make-variable-buffer-local 'allout-file-key-verifier-string) +;;;_ = allout-encryption-scheme +(defvar allout-encryption-scheme nil + "*Allout outline topic encryption scheme pending for the current buffer. + +Intended as a file-specific (buffer local) setting, it defaults to the +value of allout-default-encryption-scheme if nil.") +(make-variable-buffer-local 'allout-encryption-scheme) +;;;_ = allout-key-verifier-string +(defvar allout-key-verifier-string nil + "Setting used to test solicited encryption keys against that already +associated with a file. + +It consists of an encrypted random string useful only to verify that a key +entered by the user is effective for decryption. The key itself is \*not* +recorded in the file anywhere, and the encrypted contents are random binary +characters to avoid exposing greater susceptibility to search attacks. + +The verifier string is retained as an Emacs file variable, as well as in +the emacs buffer state, if file variable adjustments are enabled. See +`allout-enable-file-variable-adjustment' for details about that.") +(make-variable-buffer-local 'allout-key-verifier-string) +(setq-default allout-key-verifier-string nil) +;;;_ = allout-key-hint-string +(defvar allout-key-hint-string "" + "Variable used to retain a reminder string for a file's encryption key. + +See the description of `allout-key-hint-handling' for details about how +the reminder is deployed. + +The hint is retained as an Emacs file variable, as well as in the emacs buffer +state, if file variable adjustments are enabled. See +`allout-enable-file-variable-adjustment' for details about that.") +(make-variable-buffer-local 'allout-key-hint-string) +(setq-default allout-key-hint-string "") +;;;_ = allout-after-save-decrypt +(defvar allout-after-save-decrypt nil + "Internal variable, is nil or has the value of two points: + + - the location of a topic to be decrypted after saving is done + - where to situate the cursor after the decryption is performed + +This is used to decrypt the topic that was currently being edited, if it +was encrypted automatically as part of a file write or autosave.") +(make-variable-buffer-local 'allout-after-save-decrypt) +;;;_ > allout-write-file-hook-handler () +(defun allout-write-file-hook-handler () + "Implement `allout-encrypt-unencrypted-on-saves' policy for file writes." + + (if (or (not (boundp 'allout-encrypt-unencrypted-on-saves)) + (not allout-encrypt-unencrypted-on-saves)) + nil + (let ((except-mark (and (equal allout-encrypt-unencrypted-on-saves + 'except-current) + (point-marker)))) + (if (save-excursion (goto-char (point-min)) + (allout-next-topic-pending-encryption except-mark)) + (progn + (message "auto-encrypting pending topics") + (sit-for 2) + (condition-case failure + (setq allout-after-save-decrypt + (allout-encrypt-decrypted except-mark)) + (error (progn + (message + "allout-write-file-hook-handler suppressing error %s" + failure) + (sit-for 2)))))) + )) + nil) +;;;_ > allout-auto-save-hook-handler () +(defun allout-auto-save-hook-handler () + "Implement `allout-encrypt-unencrypted-on-saves' policy for auto saves." + + (if allout-encrypt-unencrypted-on-saves + ;; Always implement 'except-current policy when enabled. + (let ((allout-encrypt-unencrypted-on-saves 'except-current)) + (allout-write-file-hook-handler)))) +;;;_ > allout-after-saves-handler () +(defun allout-after-saves-handler () + "Decrypt topic encrypted for save, if it's currently being edited. + +Ie, if it was pending encryption and contained the point in its body before +the save. + +We use values stored in `allout-after-save-decrypt' to locate the topic +and the place for the cursor after the decryption is done." + (if (not (and (allout-mode-p) + (boundp 'allout-after-save-decrypt) + allout-after-save-decrypt)) + t + (goto-char (car allout-after-save-decrypt)) + (let ((was-modified (buffer-modified-p))) + (allout-toggle-current-subtree-encryption) + (if (not was-modified) + (set-buffer-modified-p nil))) + (goto-char (cadr allout-after-save-decrypt)) + (setq allout-after-save-decrypt nil)) + ) ;;;_ #2 Mode activation ;;;_ = allout-mode @@ -916,11 +1138,10 @@ 'allout-mode) ;;;_ = allout-explicitly-deactivated (defvar allout-explicitly-deactivated nil - "Non-nil if `allout-mode' was last deliberately deactivated. + "If t, `allout-mode's last deactivation was deliberate. So `allout-post-command-business' should not reactivate it...") (make-variable-buffer-local 'allout-explicitly-deactivated) ;;;_ > allout-init (&optional mode) -;;;###autoload (defun allout-init (&optional mode) "Prime `allout-mode' to enable/disable auto-activation, wrt `allout-layout'. @@ -939,9 +1160,9 @@ the `allout-layout' variable. (See `allout-layout' and `allout-expose-topic' docstrings for more details on auto layout). -`allout-init' works by setting up (or removing) -`allout-find-file-hook' in `find-file-hook', and giving -`allout-auto-activation' a suitable setting. +`allout-init' works by setting up (or removing) the allout-mode +find-file-hook, and giving `allout-auto-activation' a suitable +setting. To prime your Emacs session for full auto-outline operation, include the following two lines in your Emacs init file: @@ -949,32 +1170,35 @@ \(require 'allout) \(allout-init t)" - (interactive - (let ((m (completing-read - (concat "Select outline auto setup mode " - "(empty for report, ? for options) ") - '(("nil")("full")("activate")("deactivate") - ("ask") ("report") ("")) - nil - t))) - (if (string= m "") 'report - (intern-soft m)))) + (interactive) + (if (interactive-p) + (progn + (setq mode + (completing-read + (concat "Select outline auto setup mode " + "(empty for report, ? for options) ") + '(("nil")("full")("activate")("deactivate") + ("ask") ("report") ("")) + nil + t)) + (if (string= mode "") + (setq mode 'report) + (setq mode (intern-soft mode))))) (let ;; convenience aliases, for consistent ref to respective vars: ((hook 'allout-find-file-hook) (curr-mode 'allout-auto-activation)) (cond ((not mode) - (setq find-file-hook (delq hook find-file-hook)) + (setq find-file-hooks (delq hook find-file-hooks)) (if (interactive-p) (message "Allout outline mode auto-activation inhibited."))) ((eq mode 'report) - (if (memq hook find-file-hook) - ;; Just punt and use the reports from each of the modes: - (allout-init (symbol-value curr-mode)) - (allout-init nil) - (message "Allout outline mode auto-activation inhibited."))) - (t (add-hook 'find-file-hook hook) + (if (not (memq hook find-file-hooks)) + (allout-init nil) + ;; Just punt and use the reports from each of the modes: + (allout-init (symbol-value curr-mode)))) + (t (add-hook 'find-file-hooks hook) (set curr-mode ; `set', not `setq'! (cond ((eq mode 'activate) (message @@ -1022,10 +1246,11 @@ In addition to outline navigation and exposure, allout includes: - - topic-oriented repositioning, cut, and paste + - topic-oriented repositioning, promotion/demotion, cut, and paste - integral outline exposure-layout - incremental search with dynamic exposure and reconcealment of hidden text - automatic topic-number maintenance + - easy topic encryption and decryption - \"Hot-spot\" operation, for single-keystroke maneuvering and exposure control. \(See the allout-mode docstring.) @@ -1035,7 +1260,7 @@ special `allout-mode' features and terminology. See also the outline menubar additions for quick reference to many of the features, and see the docstring of the function `allout-init' for instructions on -priming your Emacs session for automatic activation of `allout-mode'. +priming your emacs session for automatic activation of `allout-mode'. The bindings are dictated by the `allout-keybindings-list' and @@ -1048,7 +1273,7 @@ C-c C-u allout-up-current-level | C-c C-s allout-show-current-subtree C-c C-f allout-forward-current-level | C-c C-o allout-show-current-entry C-c C-b allout-backward-current-level | ^U C-c C-s allout-show-all -C-c C-e allout-end-of-current-entry | allout-hide-current-leaves +C-c C-e allout-end-of-entry | allout-hide-current-leaves C-c C-a allout-beginning-of-current-entry, alternately, goes to hot-spot Topic Header Production: @@ -1064,7 +1289,7 @@ C-c<CR> allout-rebullet-topic Reconcile bullets of topic and its offspring - distinctive bullets are not changed, others alternated according to nesting depth. -C-c * allout-rebullet-current-heading Prompt for alternate bullet for +C-c b allout-rebullet-current-heading Prompt for alternate bullet for current topic. C-c # allout-number-siblings Number bullets of topic and siblings - the offspring are not affected. With repeat @@ -1087,8 +1312,8 @@ C-c C-SPC allout-mark-topic C-c = c allout-copy-exposed-to-buffer Duplicate outline, sans concealed text, to - buffer with name derived from derived from - that of current buffer - \"*XXX exposed*\". + buffer with name derived from derived from that + of current buffer - \"*BUFFERNAME exposed*\". C-c = p allout-flatten-exposed-to-buffer Like above 'copy-exposed', but convert topic prefixes to section.subsection... numeric @@ -1096,6 +1321,19 @@ ESC ESC (allout-init t) Setup Emacs session for outline mode auto-activation. + Encrypted Entries + +Outline mode supports easily togglable gpg encryption of topics, with +niceities like support for symmetric and key-pair modes, key timeout, key +consistency checking, user-provided hinting for symmetric key mode, and +auto-encryption of topics pending encryption on save. The aim is to enable +reliable topic privacy while preventing accidents like neglected +encryption, encryption with a mistaken key, forgetting which key was used, +and other practical pitfalls. + +See the `allout-toggle-current-subtree-encryption' function and +`allout-encrypt-unencrypted-on-saves' customization variable for details. + HOT-SPOT Operation Hot-spot operation provides a means for easy, single-keystroke outline @@ -1148,11 +1386,11 @@ HEADER: The first line of a topic, include the topic PREFIX and header text. -PREFIX: The leading text of a topic which distinguishes it from - normal text. It has a strict form, which consists of a - prefix-lead string, padding, and a bullet. The bullet may be - followed by a number, indicating the ordinal number of the - topic among its siblings, a space, and then the header text. +PREFIX: The leading text of a topic which distinguishes it from normal + text. It has a strict form, which consists of a prefix-lead + string, padding, and a bullet. The bullet may be followed by a + number, indicating the ordinal number of the topic among its + siblings, a space, and then the header text. The relative length of the PREFIX determines the nesting depth of the topic. @@ -1223,7 +1461,7 @@ ;; off on second invocation, so we detect it as best we can, and ;; skip everything. ((and same-complex-command ; Still in same complex command - ; as last time `allout-mode' invoked. + ; as last time `allout-mode' invoked. active ; Already activated. (not explicit-activation) ; Prop-line file-vars don't have args. (string-match "^19.1[89]" ; Bug only known to be in v19.18 and @@ -1238,6 +1476,19 @@ ; active state or *de*activation ; specifically requested: (setq allout-explicitly-deactivated t) + (if (string-match "^18\." emacs-version) + ; Revoke those keys that remain + ; as we set them: + (let ((curr-loc (current-local-map))) + (mapcar (function + (lambda (cell) + (if (eq (lookup-key curr-loc (car cell)) + (car (cdr cell))) + (define-key curr-loc (car cell) + (assq (car cell) allout-prior-bindings))))) + allout-added-bindings) + (allout-resumptions 'allout-added-bindings) + (allout-resumptions 'allout-prior-bindings))) (if allout-old-style-prefixes (progn @@ -1246,9 +1497,12 @@ (allout-resumptions 'selective-display) (if (and (boundp 'before-change-functions) before-change-functions) (allout-resumptions 'before-change-functions)) - (setq write-contents-functions - (delq 'allout-write-file-hook - write-contents-functions)) + (setq local-write-file-hooks + (delq 'allout-write-file-hook-handler + local-write-file-hooks)) + (setq auto-save-hook + (delq 'allout-auto-save-hook-handler + auto-save-hook)) (allout-resumptions 'paragraph-start) (allout-resumptions 'paragraph-separate) (allout-resumptions (if (string-match "^18" emacs-version) @@ -1288,25 +1542,27 @@ (cons '(allout-mode . allout-mode-map) minor-mode-map-alist)))) + ; V18 minor-mode key bindings: + ; Stash record of added bindings + ; for later revocation: + (allout-resumptions 'allout-added-bindings + (list allout-keybindings-list)) + (allout-resumptions 'allout-prior-bindings + (list (current-local-map))) ; and add them: (use-local-map (produce-allout-mode-map allout-keybindings-list (current-local-map))) ) ; selective-display is the - ; Emacs conditional exposure + ; emacs conditional exposure ; mechanism: (allout-resumptions 'selective-display '(t)) - (if allout-inhibit-protection - t - (allout-resumptions 'before-change-functions - '(allout-before-change-protect))) (add-hook 'pre-command-hook 'allout-pre-command-business) (add-hook 'post-command-hook 'allout-post-command-business) - ; Temporarily set by any outline - ; functions that can be trusted to - ; deal properly with concealed text. - (add-hook 'write-contents-functions 'allout-write-file-hook) + (add-hook 'local-write-file-hooks 'allout-write-file-hook-handler) + (make-variable-buffer-local 'auto-save-hook) + (add-hook 'auto-save-hook 'allout-auto-save-hook-handler) ; Custom auto-fill func, to support ; respect for topic headline, ; hanging-indents, etc: @@ -1337,7 +1593,8 @@ (if allout-layout (setq do-layout t)) - (if allout-isearch-dynamic-expose + (if (and allout-isearch-dynamic-expose + (not (fboundp 'allout-real-isearch-abort))) (allout-enwrap-isearch)) (run-hooks 'allout-mode-hook) @@ -1376,7 +1633,6 @@ ) ; let* ) ; defun ;;;_ > allout-minor-mode -;;; XXX released verion doesn't do this? (defalias 'allout-minor-mode 'allout-mode) ;;;_ #3 Internal Position State-Tracking - "allout-recent-*" funcs @@ -1400,12 +1656,12 @@ "Buffer point last returned by `allout-end-of-current-subtree'.") (make-variable-buffer-local 'allout-recent-end-of-subtree) ;;;_ > allout-prefix-data (beg end) -(defmacro allout-prefix-data (beginning end) +(defmacro allout-prefix-data (beg end) "Register allout-prefix state data - BEGINNING and END of prefix. For reference by `allout-recent' funcs. Returns BEGINNING." `(setq allout-recent-prefix-end ,end - allout-recent-prefix-beginning ,beginning)) + allout-recent-prefix-beginning ,beg)) ;;;_ > allout-recent-depth () (defmacro allout-recent-depth () "Return depth of last heading encountered by an outline maneuvering function. @@ -1598,7 +1854,7 @@ (or (match-end 2) allout-recent-prefix-end)))))) ;;;_ - Subtree Charting -;;;_ " These routines either produce or assess charts, which are +;;;_ #1 These routines either produce or assess charts, which are ;;; nested lists of the locations of topics within a subtree. ;;; ;;; Use of charts enables efficient navigation of subtrees, by @@ -1607,14 +1863,17 @@ ;;; for assessment or adjustment of the subtree, without redundant ;;; traversal of the structure. -;;;_ > allout-chart-subtree (&optional levels orig-depth prev-depth) +;;;_ #2 allout-chart-subtree (&optional levels orig-depth prev-depth) (defun allout-chart-subtree (&optional levels orig-depth prev-depth) "Produce a location \"chart\" of subtopics of the containing topic. Optional argument LEVELS specifies the depth \(relative to start -depth) for the chart. +depth) for the chart. Subsequent optional args are not for public +use. + +Point is left at the end of the subtree. -Charts are used to capture outline structure, so that outline altering +Charts are used to capture outline structure, so that allout-altering routines need assess the structure only once, and then use the chart for their elaborate manipulations. @@ -1625,11 +1884,9 @@ The chart for a topics' offspring precedes the entry for the topic itself. -\(fn &optional LEVELS)" - - ;; The other function parameters are for internal recursion, and should - ;; not be specified by external callers. ORIG-DEPTH is depth of topic at - ;; starting point, and PREV-DEPTH is depth of prior topic." +The other function parameters are for internal recursion, and should +not be specified by external callers. ORIG-DEPTH is depth of topic at +starting point, and PREV-DEPTH is depth of prior topic." (let ((original (not orig-depth)) ; `orig-depth' set only in recursion. chart curr-depth) @@ -1696,7 +1953,7 @@ chart ; (nreverse chart) not necessary, ; and maybe not preferable. )) -;;;_ > allout-chart-siblings (&optional start end) +;;;_ #3 allout-chart-siblings (&optional start end) (defun allout-chart-siblings (&optional start end) "Produce a list of locations of this and succeeding sibling topics. Effectively a top-level chart of siblings. See `allout-chart-subtree' @@ -1707,7 +1964,7 @@ (while (allout-next-sibling) (setq chart (cons (point) chart))) (if chart (setq chart (nreverse chart))))))) -;;;_ > allout-chart-to-reveal (chart depth) +;;;_ #4 allout-chart-to-reveal (chart depth) (defun allout-chart-to-reveal (chart depth) "Return a flat list of hidden points in subtree CHART, up to DEPTH. @@ -1731,7 +1988,7 @@ (setq result (cons here result))) (setq chart (cdr chart)))) result)) -;;;_ X allout-chart-spec (chart spec &optional exposing) +;;;_ #5 allout-chart-spec (chart spec &optional exposing) ;; (defun allout-chart-spec (chart spec &optional exposing) ;; "Not yet \(if ever) implemented. @@ -1835,11 +2092,18 @@ (if (re-search-forward allout-line-boundary-regexp nil 'move) (prog1 (goto-char (match-beginning 0)) (allout-prefix-data (match-beginning 2)(match-end 2))))) -;;;_ > allout-end-of-current-subtree () -(defun allout-end-of-current-subtree () - "Put point at the end of the last leaf in the currently visible topic." - (interactive) - (allout-back-to-current-heading) +;;;_ > allout-end-of-subtree (&optional current) +(defun allout-end-of-subtree (&optional current) + "Put point at the end of the last leaf in the containing topic. + +If optional CURRENT is true (default false), then put point at the end of +the containing visible topic. + +Returns the value of point." + (interactive "P") + (if current + (allout-back-to-current-heading) + (allout-goto-prefix)) (let ((level (allout-recent-depth))) (allout-next-heading) (while (and (not (eobp)) @@ -1851,9 +2115,16 @@ '(?\n ?\r)) (forward-char -1)) (setq allout-recent-end-of-subtree (point)))) +;;;_ > allout-end-of-current-subtree () +(defun allout-end-of-current-subtree () + "Put point at end of last leaf in currently visible containing topic. + +Returns the value of point." + (interactive) + (allout-end-of-subtree t)) ;;;_ > allout-beginning-of-current-entry () (defun allout-beginning-of-current-entry () - "When not already there, position point at beginning of current topic's body. + "When not already there, position point at beginning of current topic header. If already there, move cursor to bullet for hot-spot operation. \(See `allout-mode' doc string for details on hot-spot operation.)" @@ -1863,11 +2134,10 @@ (if (and (interactive-p) (= (point) start-point)) (goto-char (allout-current-bullet-pos))))) -;;;_ > allout-end-of-current-entry () -(defun allout-end-of-current-entry () +;;;_ > allout-end-of-entry () +(defun allout-end-of-entry () "Position the point at the end of the current topics' entry." (interactive) - (allout-show-entry) (prog1 (allout-pre-next-preface) (if (and (not (bobp))(looking-at "^$")) (forward-char -1)))) @@ -1875,9 +2145,27 @@ (defun allout-end-of-current-heading () (interactive) (allout-beginning-of-current-entry) - (forward-line -1) - (end-of-line)) + (re-search-forward "[\n\r]" nil t) + (forward-char -1)) (defalias 'allout-end-of-heading 'allout-end-of-current-heading) +;;;_ > allout-get-body-text () +(defun allout-get-body-text () + "Return the unmangled body text of the topic immediately containing point." + (save-excursion + (allout-end-of-prefix) + (if (not (re-search-forward "[\n\r]" nil t)) + nil + (backward-char 1) + (let ((pre-body (point))) + (if (not pre-body) + nil + (allout-end-of-entry) + (if (not (= pre-body (point))) + (buffer-substring-no-properties (1+ pre-body) (point)))) + ) + ) + ) + ) ;;;_ - Depth-wise ;;;_ > allout-ascend-to-depth (depth) @@ -1892,12 +2180,16 @@ (if (= (allout-recent-depth) depth) (progn (goto-char allout-recent-prefix-beginning) depth) - (goto-char last-good))))) + (goto-char last-good) + nil)) + (if (interactive-p) (allout-end-of-prefix)))) ;;;_ > allout-ascend () (defun allout-ascend () "Ascend one level, returning t if successful, nil if not." - (if (allout-beginning-of-level) - (allout-previous-heading))) + (prog1 + (if (allout-beginning-of-level) + (allout-previous-heading)) + (if (interactive-p) (allout-end-of-prefix)))) ;;;_ > allout-descend-to-depth (depth) (defun allout-descend-to-depth (depth) "Descend to depth DEPTH within current topic. @@ -1917,13 +2209,13 @@ nil)) ) ;;;_ > allout-up-current-level (arg &optional dont-complain) -(defun allout-up-current-level (arg &optional dont-complain interactive) +(defun allout-up-current-level (arg &optional dont-complain) "Move out ARG levels from current visible topic. Positions on heading line of containing topic. Error if unable to ascend that far, or nil if unable to ascend but optional arg DONT-COMPLAIN is non-nil." - (interactive "p\np") + (interactive "p") (allout-back-to-current-heading) (let ((present-level (allout-recent-depth)) (last-good (point)) @@ -1944,12 +2236,12 @@ (if (or failed (> arg 0)) (progn (goto-char last-good) - (if interactive (allout-end-of-prefix)) + (if (interactive-p) (allout-end-of-prefix)) (if (not dont-complain) (error "Can't ascend past outermost level") - (if interactive (allout-end-of-prefix)) + (if (interactive-p) (allout-end-of-prefix)) nil)) - (if interactive (allout-end-of-prefix)) + (if (interactive-p) (allout-end-of-prefix)) allout-recent-prefix-beginning))) ;;;_ - Linear @@ -1981,7 +2273,7 @@ nil)))) ;;;_ > allout-previous-sibling (&optional depth backward) (defun allout-previous-sibling (&optional depth backward) - "Like `allout-forward-current-level', but backwards & respect invisible topics. + "Like `allout-forward-current-level' backwards, respecting invisible topics. Optional DEPTH specifies depth to traverse, default current depth. @@ -2015,7 +2307,7 @@ (let ((depth (allout-depth))) (while (allout-previous-sibling depth nil)) (prog1 (allout-recent-depth) - (allout-end-of-prefix)))) + (if (interactive-p) (allout-end-of-prefix))))) ;;;_ > allout-next-visible-heading (arg) (defun allout-next-visible-heading (arg) "Move to the next ARG'th visible heading line, backward if arg is negative. @@ -2053,13 +2345,13 @@ (interactive "p") (allout-next-visible-heading (- arg))) ;;;_ > allout-forward-current-level (arg) -(defun allout-forward-current-level (arg &optional interactive) +(defun allout-forward-current-level (arg) "Position point at the next heading of the same level. Takes optional repeat-count, goes backward if count is negative. Returns resulting position, else nil if none found." - (interactive "p\np") + (interactive "p") (let ((start-depth (allout-current-depth)) (start-point (point)) (start-arg arg) @@ -2087,7 +2379,7 @@ (= (allout-recent-depth) start-depth))) allout-recent-prefix-beginning (goto-char last-good) - (if (not interactive) + (if (not (interactive-p)) nil (allout-end-of-prefix) (error "Hit %s level %d topic, traversed %d of %d requested" @@ -2096,10 +2388,10 @@ (- (abs start-arg) arg) (abs start-arg)))))) ;;;_ > allout-backward-current-level (arg) -(defun allout-backward-current-level (arg &optional interactive) +(defun allout-backward-current-level (arg) "Inverse of `allout-forward-current-level'." - (interactive "p\np") - (if interactive + (interactive "p") + (if (interactive-p) (let ((current-prefix-arg (* -1 arg))) (call-interactively 'allout-forward-current-level)) (allout-forward-current-level (* -1 arg)))) @@ -2107,153 +2399,34 @@ ;;;_ #5 Alteration ;;;_ - Fundamental -;;;_ > allout-before-change-protect (beg end) -(defun allout-before-change-protect (beg end) - "Outline before-change hook, regulates changes to concealed text. - -Reveal concealed text that would be changed by current command, and -offer user choice to commit or forego the change. Unchanged text is -reconcealed. User has option to have changed text reconcealed. - -Undo commands are specially treated - the user is not prompted for -choice, the undoes are always committed (based on presumption that the -things being undone were already subject to this regulation routine), -and undoes always leave the changed stuff exposed. - -Changes to concealed regions are ignored while file is being written. -\(This is for the sake of functions that do change the file during -writes, like crypt and zip modes.) - -Locally bound in outline buffers to `before-change-functions', which -in Emacs 19 is run before any change to the buffer. - -Any functions which set [`this-command' to `undo', or which set] -`allout-override-protect' non-nil (as does, eg, allout-flag-chars) -are exempt from this restriction." - (if (and (allout-mode-p) - ; allout-override-protect - ; set by functions that know what - ; they're doing, eg outline internals: - (not allout-override-protect) - (not allout-during-write-cue) - (save-match-data ; Preserve operation position state. - ; Both beginning and end chars must - ; be exposed: - (save-excursion (if (memq this-command '(newline open-line)) - ;; Compensate for stupid Emacs {new, - ;; open-}line display optimization: - (setq beg (1+ beg) - end (1+ end))) - (goto-char beg) - (or (allout-hidden-p) - (and (not (= beg end)) - (goto-char end) - (allout-hidden-p)))))) - (save-match-data - (if (equal this-command 'undo) - ;; Allow undo without inhibition. - ;; - Undoing new and open-line hits stupid Emacs redisplay - ;; optimization (em 19 cmds.c, ~ line 200). - ;; - Presumably, undoing what was properly protected when - ;; done. - ;; - Undo may be users' only recourse in protection faults. - ;; So, expose what getting changed: - (progn (message "Undo! - exposing concealed target...") - (if (allout-hidden-p) - (allout-show-children)) - (message "Undo!")) - (let (response - (rehide-completely (save-excursion (allout-goto-prefix) - (allout-hidden-p))) - rehide-place) - - (save-excursion - (if (condition-case err - ;; Condition case to catch keyboard quits during reads. - (progn - ; Give them a peek where - (save-excursion - (if (eolp) (setq rehide-place - (allout-goto-prefix))) - (allout-show-entry)) - ; Present the message, but... - ; leave the cursor at the location - ; until they respond: - ; Then interpret the response: - (while - (progn - (message (concat "Change inside concealed" - " region - do it? " - "(n or 'y'/'r'eclose)")) - (setq response (read-char)) - (not - (cond ((memq response '(?r ?R)) - (setq response 'reclose)) - ((memq response '(?y ?Y ? )) - (setq response t)) - ((memq response '(?n ?N 127)) - (setq response nil) - t) - ((eq response ??) - (message - "`r' means `yes, then reclose'") - nil) - (t (message "Please answer y, n, or r") - (sit-for 1) - nil))))) - response) - ('quit nil)) - ; Continue: - (if (eq response 'reclose) - (save-excursion - (if rehide-place (goto-char rehide-place)) - (if rehide-completely - (allout-hide-current-entry-completely) - (allout-hide-current-entry))) - (if (allout-ascend-to-depth (1- (allout-recent-depth))) - (allout-show-children) - (allout-show-to-offshoot))) - ; Prevent: - (if rehide-completely - (save-excursion - (if rehide-place (goto-char rehide-place)) - (allout-hide-current-entry-completely)) - (allout-hide-current-entry)) - (error "Change within concealed region prevented")))))) - ) ; if - ) ; defun ;;;_ = allout-post-goto-bullet (defvar allout-post-goto-bullet nil "Outline internal var, for `allout-pre-command-business' hot-spot operation. When set, tells post-processing to reposition on topic bullet, and -then unset it. Set by `allout-pre-command-business' when implementing +then unset it. Set by allout-pre-command-business when implementing hot-spot operation, where literal characters typed over a topic bullet are mapped to the command of the corresponding control-key on the -`allout-mode-map'.") +allout-mode-map.") (make-variable-buffer-local 'allout-post-goto-bullet) ;;;_ > allout-post-command-business () (defun allout-post-command-business () - "Outline `post-command-hook' function. - -- Null `allout-override-protect', so it's not left open. + "Outline post-command-hook function. -- Implement (and clear) `allout-post-goto-bullet', for hot-spot +- Implement (and clear) allout-post-goto-bullet, for hot-spot outline commands. -- Massages `buffer-undo-list' so successive, standard character self-inserts - are aggregated. This kludge compensates for lack of undo bunching when - `before-change-functions' is used." +- Decrypt topic currently being edited if it was encrypted for a save. + +- Massage buffer-undo-list so successive, standard character self-inserts are + aggregated. This kludge compensates for lack of undo bunching when + before-change-functions is used." ; Apply any external change func: (if (not (allout-mode-p)) ; In allout-mode. nil - (setq allout-override-protect nil) (if allout-isearch-dynamic-expose (allout-isearch-rectification)) - (if allout-during-write-cue - ;; Was used by allout-before-change-protect, done with it now: - (setq allout-during-write-cue nil)) ;; Undo bunching business: (if (and (listp buffer-undo-list) ; Undo history being kept. (equal this-command 'self-insert-command) @@ -2282,6 +2455,11 @@ (setq buffer-undo-list (cons (cons prev-from cur-to) (cdr (cdr (cdr buffer-undo-list)))))))) + + (if (and (boundp 'allout-after-save-decrypt) + allout-after-save-decrypt) + (allout-after-saves-handler)) + ;; Implement -post-goto-bullet, if set: (must be after undo business) (if (and allout-post-goto-bullet (allout-current-bullet-pos)) @@ -2304,8 +2482,9 @@ char. When in this mode you can use regular cursor-positioning command/keystrokes to relocate the cursor off of a bullet character to return to regular interpretation of self-insert characters." + (if (not (allout-mode-p)) - ;; Shouldn't be invoked if not in allout allout-mode, but just in case: + ;; Shouldn't be invoked if not in allout-mode, but just in case: nil ;; Register isearch status: (if (and (boundp 'isearch-mode) isearch-mode) @@ -2317,7 +2496,9 @@ (let* ((this-key-num (cond ((numberp last-command-char) last-command-char) - ((fboundp 'char-to-int) + ;; Only xemacs has characterp. + ((and (fboundp 'characterp) + (characterp last-command-char)) (char-to-int last-command-char)) (t 0))) mapped-binding) @@ -2340,7 +2521,7 @@ this-command mapped-binding))))))) ;;;_ > allout-find-file-hook () (defun allout-find-file-hook () - "Activate `allout-mode' when `allout-auto-activation' & `allout-layout' are non-nil. + "Activate `allout-mode' when `allout-auto-activation', `allout-layout' non-nil. See `allout-init' for setup instructions." (if (and allout-auto-activation @@ -2353,7 +2534,7 @@ Called as part of `allout-post-command-business'." - (let ((isearching isearch-mode)) + (let ((isearching (and (boundp 'isearch-mode) isearch-mode))) (cond ((and isearching (not allout-pre-was-isearching)) (allout-isearch-expose 'start)) ((and isearching allout-pre-was-isearching) @@ -2361,24 +2542,11 @@ ((and (not isearching) allout-pre-was-isearching) (allout-isearch-expose 'final)) ;; Not and wasn't isearching: - (t (setq allout-isearch-prior-pos nil))))) + (t (setq allout-isearch-prior-pos nil) + (setq allout-isearch-did-quit nil))))) ;;;_ = allout-isearch-was-font-lock (defvar allout-isearch-was-font-lock (and (boundp 'font-lock-mode) font-lock-mode)) - -;;;_ > allout-flag-region (from to flag) -(defmacro allout-flag-region (from to flag) - "Hide or show lines from FROM to TO, via Emacs `selective-display' FLAG char. -Ie, text following flag C-m \(carriage-return) is hidden until the -next C-j (newline) char. - -Returns the endpoint of the region." - `(let ((buffer-read-only nil) - (allout-override-protect t)) - (subst-char-in-region ,from ,to - (if (= ,flag ?\n) ?\r ?\n) - ,flag t))) - ;;;_ > allout-isearch-expose (mode) (defun allout-isearch-expose (mode) "MODE is either 'clear, 'start, 'continue, or 'final." @@ -2403,21 +2571,56 @@ (setq allout-isearch-prior-pos nil) (if (not (eq mode 'final)) (setq allout-isearch-prior-pos (cons (point) (allout-show-entry))) - (if isearch-mode-end-hook-quit + (if allout-isearch-did-quit nil (setq allout-isearch-prior-pos nil) - (allout-show-children))))) + (allout-show-children)))) + (setq allout-isearch-did-quit nil)) ;;;_ > allout-enwrap-isearch () (defun allout-enwrap-isearch () - "Impose `isearch-abort' wrapper for dynamic exposure in isearch. + "Impose `allout-mode' isearch-abort wrapper for dynamic exposure in isearch. The function checks to ensure that the rebinding is done only once." - (add-hook 'isearch-mode-end-hook 'allout-isearch-rectification)) + + (add-hook 'isearch-mode-end-hook 'allout-isearch-rectification) + (if (fboundp 'allout-real-isearch-abort) + ;; + nil + ; Ensure load of isearch-mode: + (if (or (and (fboundp 'isearch-mode) + (fboundp 'isearch-abort)) + (condition-case error + (load-library "isearch-mode") + ('file-error (message + "Skipping isearch-mode provisions - %s '%s'" + (car (cdr error)) + (car (cdr (cdr error)))) + (sit-for 1) + ;; Inhibit subsequent tries and return nil: + (setq allout-isearch-dynamic-expose nil)))) + ;; Isearch-mode loaded, encapsulate specific entry points for + ;; outline dynamic-exposure business: + (progn + ;; stash crucial isearch-mode funcs under known, private + ;; names, then register wrapper functions under the old + ;; names, in their stead: + (fset 'allout-real-isearch-abort (symbol-function 'isearch-abort)) + (fset 'isearch-abort 'allout-isearch-abort))))) +;;;_ > allout-isearch-abort () +(defun allout-isearch-abort () + "Wrapper for allout-real-isearch-abort \(which see), to register +actual quits." + (interactive) + (setq allout-isearch-did-quit nil) + (condition-case what + (allout-real-isearch-abort) + ('quit (setq allout-isearch-did-quit t) + (signal 'quit nil)))) ;;; Prevent unnecessary font-lock while isearching! (defvar isearch-was-font-locking nil) (defun isearch-inhibit-font-lock () - "Inhibit `font-lock-mode' while isearching - for use on `isearch-mode-hook'." + "Inhibit `font-lock' while isearching - for use on `isearch-mode-hook'." (if (and (allout-mode-p) (boundp 'font-lock-mode) font-lock-mode) (setq isearch-was-font-locking t font-lock-mode nil))) @@ -2465,6 +2668,14 @@ (if prefix (allout-get-prefix-bullet prefix) (allout-get-bullet))))) +;;;_ > allout-encrypted-type-prefix (&optional prefix) +(defun allout-encrypted-type-prefix (&optional prefix) + "True if current header prefix bullet is for an encrypted entry \(body)." + (and allout-topic-encryption-bullet + (string= allout-topic-encryption-bullet + (if prefix + (allout-get-prefix-bullet prefix) + (allout-get-bullet))))) ;;;_ > allout-bullet-for-depth (&optional depth) (defun allout-bullet-for-depth (&optional depth) "Return outline topic bullet suited to optional DEPTH, or current depth." @@ -2625,15 +2836,15 @@ ((allout-sibling-index)))))) ) ) -;;;_ > allout-open-topic (relative-depth &optional before use-sib-bullet) -(defun allout-open-topic (relative-depth &optional before use-sib-bullet) - "Open a new topic at depth RELATIVE-DEPTH. +;;;_ > allout-open-topic (relative-depth &optional before use_recent_bullet) +(defun allout-open-topic (relative-depth &optional before use_recent_bullet) + "Open a new topic at depth DEPTH. New topic is situated after current one, unless optional flag BEFORE is non-nil, or unless current line is complete empty (not even whitespace), in which case open is done on current line. -If USE-SIB-BULLET is true, use the bullet of the prior sibling. +If USE_RECENT_BULLET is true, offer to use the bullet of the prior sibling. Nuances: @@ -2660,9 +2871,11 @@ (let* ((depth (+ (allout-current-depth) relative-depth)) (opening-on-blank (if (looking-at "^\$") (not (setq before nil)))) - opening-numbered ; Will get while computing ref-topic, below - ref-depth ; Will get while computing ref-topic, below - ref-bullet ; Will get while computing ref-topic, next + ;; bunch o vars set while computing ref-topic + opening-numbered + opening-encrypted + ref-depth + ref-bullet (ref-topic (save-excursion (cond ((< relative-depth 0) (allout-ascend-to-depth depth)) @@ -2680,6 +2893,13 @@ (allout-descend-to-depth depth)) (if (allout-numbered-type-prefix) allout-numbered-bullet)))) + (setq opening-encrypted + (save-excursion + (and allout-topic-encryption-bullet + (or (<= relative-depth 0) + (allout-descend-to-depth depth)) + (if (allout-numbered-type-prefix) + allout-numbered-bullet)))) (point))) dbl-space doing-beginning) @@ -2718,19 +2938,24 @@ (if (not (bobp)) (allout-previous-heading))) (if (and before (bobp)) - (allout-unprotected (open-line 1)))) + (allout-unprotected (allout-open-line-not-read-only)))) (if (<= relative-depth 0) ;; Not going inwards, don't snug up: (if doing-beginning - (allout-unprotected (open-line (if dbl-space 2 1))) + (allout-unprotected + (if (not dbl-space) + (allout-open-line-not-read-only) + (allout-open-line-not-read-only) + (allout-open-line-not-read-only))) (if before (progn (end-of-line) (allout-pre-next-preface) (while (= ?\r (following-char)) (forward-char 1)) (if (not (looking-at "^$")) - (allout-unprotected (open-line 1)))) + (allout-unprotected + (allout-open-line-not-read-only)))) (allout-end-of-current-subtree))) ;; Going inwards - double-space if first offspring is, ;; otherwise snug up. @@ -2748,38 +2973,47 @@ (progn (forward-line -1) (looking-at "^\\s-*$")))) (progn (forward-line 1) - (allout-unprotected (open-line 1)))) + (allout-unprotected + (allout-open-line-not-read-only)) + (forward-line 1))) (end-of-line)) ;;(if doing-beginning (goto-char doing-beginning)) (if (not (bobp)) + ;; We insert a newline char rather than using open-line to + ;; avoid rear-stickiness inheritence of read-only property. (progn (if (and (not (> depth ref-depth)) (not before)) - (allout-unprotected (open-line 1)) + (allout-unprotected + (allout-open-line-not-read-only)) (if (> depth ref-depth) - (allout-unprotected (newline 1)) + (allout-unprotected + (allout-open-line-not-read-only)) (if dbl-space - (allout-unprotected (open-line 1)) + (allout-unprotected + (allout-open-line-not-read-only)) (if (not before) (allout-unprotected (newline 1)))))) (if dbl-space - (allout-unprotected (newline 1))) + (allout-unprotected (newline 1))) (if (and (not (eobp)) (not (bolp))) (forward-char 1)))) )) (insert (concat (allout-make-topic-prefix opening-numbered - t - depth) - " ")) + t + depth) + " ")) ;;(if doing-beginning (save-excursion (newline (if dbl-space 2 1)))) - (allout-rebullet-heading (and use-sib-bullet ref-bullet);;; solicit + (allout-rebullet-heading (and use_recent_bullet ;;; solicit + ref-bullet) depth ;;; depth nil ;;; number-control nil ;;; index - t) (end-of-line) + t) + (end-of-line) ) ) ;;;_ . open-topic contingencies @@ -2795,6 +3029,13 @@ ;;;_ ; buffer boundaries - special provisions for beginning and end ob ;;;_ ; level 1 topics have special provisions also - double space. ;;;_ ; location of new topic +;;;_ > allout-open-line-not-read-only () +(defun allout-open-line-not-read-only () + "Open line and remove inherited read-only text prop from new char, if any." + (open-line 1) + (if (plist-get (text-properties-at (point)) 'read-only) + (allout-unprotected + (remove-text-properties (point) (+ 1 (point)) '(read-only nil))))) ;;;_ > allout-open-subtopic (arg) (defun allout-open-subtopic (arg) "Open new topic header at deeper level than the current one. @@ -2802,7 +3043,7 @@ Negative universal arg means to open deeper, but place the new topic prior to the current one." (interactive "p") - (allout-open-topic 1 (> 0 arg))) + (allout-open-topic 1 (> 0 arg) (< 1 arg))) ;;;_ > allout-open-sibtopic (arg) (defun allout-open-sibtopic (arg) "Open new topic header at same level as the current one. @@ -2812,7 +3053,7 @@ Negative universal arg means to place the new topic prior to the current one." (interactive "p") - (allout-open-topic 0 (> 0 arg) (< 1 arg))) + (allout-open-topic 0 (> 0 arg) (not (= 1 arg)))) ;;;_ > allout-open-supertopic (arg) (defun allout-open-supertopic (arg) "Open new topic header at shallower level than the current one. @@ -2821,7 +3062,7 @@ topic prior to the current one." (interactive "p") - (allout-open-topic -1 (> 0 arg))) + (allout-open-topic -1 (> 0 arg) (< 1 arg))) ;;;_ - Outline Alteration ;;;_ : Topic Modification @@ -2877,15 +3118,15 @@ (setq old-indent-begin (match-beginning 1) old-indent-end (match-end 1)) (not (looking-at allout-regexp))) - (if (> 0 (setq excess (- (current-column) - old-margin))) + (if (> 0 (setq excess (- (- old-indent-end old-indent-begin) + old-margin))) ;; Text starts left of old margin - don't adjust: nil ;; Text was hanging at or right of old left margin - ;; reindent it, preserving its existing indentation ;; beyond the old margin: (delete-region old-indent-begin old-indent-end) - (indent-to (+ new-margin excess))))))))) + (indent-to (+ new-margin excess (current-column)))))))))) ;;;_ > allout-rebullet-current-heading (arg) (defun allout-rebullet-current-heading (arg) "Solicit new bullet for current visible heading." @@ -2922,28 +3163,30 @@ "Adjust bullet of current topic prefix. +All args are optional. + If SOLICIT is non-nil, then the choice of bullet is solicited from user. If it's a character, then that character is offered as the default, otherwise the one suited to the context \(according to distinction or depth) is offered. If non-nil, then the context-specific bullet is just used. -Second arg NEW-DEPTH forces the topic prefix to that depth, regardless +Second arg DEPTH forces the topic prefix to that depth, regardless of the topic's current depth. Third arg NUMBER-CONTROL can force the prefix to or away from numbered form. It has effect only if `allout-numbered-bullet' is non-nil and soliciting was not explicitly invoked (via first arg). Its effect, numbering or denumbering, then depends on the setting -of the fourth arg, INDEX. +of the forth arg, INDEX. -If NUMBER-CONTROL is non-nil and fourth arg INDEX is nil, then the +If NUMBER-CONTROL is non-nil and forth arg INDEX is nil, then the prefix of the topic is forced to be non-numbered. Null index and non-nil NUMBER-CONTROL forces denumbering. Non-nil INDEX (and non-nil NUMBER-CONTROL) forces a numbered-prefix form. If non-nil INDEX is a number, then that number is used for the numbered prefix. Non-nil and non-number means that the index for the -numbered prefix will be derived by `allout-make-topic-prefix'. +numbered prefix will be derived by allout-make-topic-prefix. Fifth arg DO-SUCCESSORS t means re-resolve count on succeeding siblings. @@ -2986,9 +3229,10 @@ ; Put in new prefix: (allout-unprotected (insert new-prefix)) - ;; Reindent the body if elected and margin changed: + ;; Reindent the body if elected, margin changed, and not encrypted body: (if (and allout-reindent-bodies - (not (= new-depth current-depth))) + (not (= new-depth current-depth)) + (not (allout-encrypted-topic-p))) (allout-reindent-body current-depth new-depth)) ;; Recursively rectify successive siblings of orig topic if @@ -3010,7 +3254,7 @@ ) ; defun ;;;_ > allout-rebullet-topic (arg) (defun allout-rebullet-topic (arg) - "Like `allout-rebullet-topic-grunt', but start from topic visible at point. + "Rebullet the visible topic containing point and all contained subtopics. Descends into invisible as well as visible topics, however. @@ -3036,18 +3280,18 @@ starting-point index do-successors) + "Like `allout-rebullet-topic', but on nearest containing topic +\(visible or not). - "Rebullet the topic at point, visible or invisible, and all -contained subtopics. See `allout-rebullet-heading' for rebulleting -behavior. +See `allout-rebullet-heading' for rebulleting behavior. -Arg RELATIVE-DEPTH means to shift the depth of the entire -topic that amount. +All arguments are optional. -\(fn &optional RELATIVE-DEPTH)" +First arg RELATIVE-DEPTH means to shift the depth of the entire +topic that amount. - ;; All args except the first one are for internal recursive use by the - ;; function itself. +The rest of the args are for internal recursive use by the function +itself. The are STARTING-DEPTH, STARTING-POINT, and INDEX." (let* ((relative-depth (or relative-depth 0)) (new-depth (allout-depth)) @@ -3177,13 +3421,42 @@ (setq more (allout-next-sibling depth nil)))))) ;;;_ > allout-shift-in (arg) (defun allout-shift-in (arg) - "Increase depth of current heading and any topics collapsed within it." + "Increase depth of current heading and any topics collapsed within it. + +We disallow shifts that would result in the topic having a depth more than +one level greater than the immediately previous topic, to avoid containment +discontinuity. The first topic in the file can be adjusted to any positive +depth, however." (interactive "p") + (if (> arg 0) + (save-excursion + (allout-back-to-current-heading) + (if (not (bobp)) + (let* ((current-depth (allout-recent-depth)) + (start-point (point)) + (predecessor-depth (progn + (forward-char -1) + (allout-goto-prefix) + (if (< (point) start-point) + (allout-recent-depth) + 0)))) + (if (and (> predecessor-depth 0) + (> (+ current-depth arg) + (1+ predecessor-depth))) + (error (concat "May not shift deeper than offspring depth" + " of previous topic"))))))) (allout-rebullet-topic arg)) ;;;_ > allout-shift-out (arg) (defun allout-shift-out (arg) - "Decrease depth of current heading and any topics collapsed within it." + "Decrease depth of current heading and any topics collapsed within it. + +We disallow shifts that would result in the topic having a depth more than +one level greater than the immediately previous topic, to avoid containment +discontinuity. The first topic in the file can be adjusted to any positive +depth, however." (interactive "p") + (if (< arg 0) + (allout-shift-in (* arg -1))) (allout-rebullet-topic (* arg -1))) ;;;_ : Surgery (kill-ring) functions with special provisions for outlines: ;;;_ > allout-kill-line (&optional arg) @@ -3191,24 +3464,56 @@ "Kill line, adjusting subsequent lines suitably for outline mode." (interactive "*P") - (if (not (and (allout-mode-p) ; active outline mode, - allout-numbered-bullet ; numbers may need adjustment, - (bolp) ; may be clipping topic head, - (looking-at allout-regexp))) ; are clipping topic head. - ;; Above conditions do not obtain - just do a regular kill: - (kill-line arg) - ;; Ah, have to watch out for adjustments: - (let* ((depth (allout-depth))) - ; Do the kill: - (kill-line arg) + + (let ((start-point (point)) + (leading-kill-ring-entry (car kill-ring)) + binding) + + (condition-case err + + (if (not (and (allout-mode-p) ; active outline mode, + allout-numbered-bullet ; numbers may need adjustment, + (bolp) ; may be clipping topic head, + (looking-at allout-regexp))) ; are clipping topic head. + ;; Above conditions do not obtain - just do a regular kill: + (kill-line arg) + ;; Ah, have to watch out for adjustments: + (let* ((depth (allout-depth)) + (start-point (point)) + binding) + ; Do the kill, presenting option + ; for read-only text: + (kill-line arg) ; Provide some feedback: - (sit-for 0) - (save-excursion + (sit-for 0) + (save-excursion ; Start with the topic ; following killed line: - (if (not (looking-at allout-regexp)) - (allout-next-heading)) - (allout-renumber-to-depth depth))))) + (if (not (looking-at allout-regexp)) + (allout-next-heading)) + (allout-renumber-to-depth depth)))) + ;; condition case handler: + (text-read-only + (goto-char start-point) + (setq binding (where-is-internal 'allout-kill-topic nil t)) + (cond ((not binding) (setq binding "")) + ((arrayp binding) + (setq binding (mapconcat 'key-description (list binding) ", "))) + (t (setq binding (format "%s" binding)))) + ;; ensure prior kill-ring leader is properly restored: + (if (eq leading-kill-ring-entry (cadr kill-ring)) + ;; Aborted kill got pushed on front - ditch it: + (pop kill-ring) + ;; Aborted kill got appended to prior - resurrect prior: + (setcar kill-ring leading-kill-ring-entry)) + ;; make last-command skip this failed command, so kill-appending + ;; conditions track: + (setq this-command last-command) + (error (concat "read-only text hit - use %s allout-kill-topic to" + " discard collapsed stuff") + binding))) + ) + ) ;;;_ > allout-kill-topic () (defun allout-kill-topic () "Kill topic together with subtopics. @@ -3236,14 +3541,14 @@ (>= (allout-recent-depth) depth)))) (forward-char 1))) - (kill-region beg (point)) + (allout-unprotected (kill-region beg (point))) (sit-for 0) (save-excursion (allout-renumber-to-depth depth)))) ;;;_ > allout-yank-processing () (defun allout-yank-processing (&optional arg) - "Incidental outline specific business to be done just after text yanks. + "Incidental outline-specific business to be done just after text yanks. Does depth adjustment of yanked topics, when: @@ -3259,7 +3564,7 @@ The point is left in front of yanked, adjusted topics, rather than at the end (and vice-versa with the mark). Non-adjusted yanks, -however, are left exactly like normal, not outline specific yanks." +however, are left exactly like normal, non-allout-specific yanks." (interactive "*P") ; Get to beginning, leaving @@ -3463,6 +3768,60 @@ ;;;_ #6 Exposure Control ;;;_ - Fundamental +;;;_ > allout-flag-region (from to flag) +(defun allout-flag-region (from to flag) + "Hide or show lines from FROM to TO, via Emacs selective-display FLAG char. +Ie, text following flag C-m \(carriage-return) is hidden until the +next C-j (newline) char. + +Returns the endpoint of the region." + ;; "OFR-" prefixes to avoid collisions with vars in code calling the macro. + ;; ie, elisp macro vars are not 'hygenic', so distinct names are necessary. + (let ((was-inhibit-r-o inhibit-read-only) + (was-undo-list buffer-undo-list) + (was-modified (buffer-modified-p)) + trans) + (unwind-protect + (save-excursion + (setq inhibit-read-only t) + (setq buffer-undo-list t) + (if (> from to) + (setq trans from from to to trans)) + (subst-char-in-region from to + (if (= flag ?\n) ?\r ?\n) + flag t) + ;; adjust character read-protection on all the affected lines. + ;; we handle the region line-by-line. + (goto-char to) + (end-of-line) + (setq to (min (+ 2 (point)) (point-max))) + (goto-char from) + (beginning-of-line) + (while (< (point) to) + ;; handle from start of exposed to beginning of hidden, or eol: + (remove-text-properties (point) + (progn (if (re-search-forward "[\r\n]" + nil t) + (forward-char -1)) + (point)) + '(read-only nil)) + ;; handle from start of hidden, if any, to eol: + (if (and (not (eobp)) (= (char-after (point)) ?\r)) + (put-text-property (point) (progn (end-of-line) (point)) + 'read-only t)) + ;; Handle the end-of-line to beginning of next line: + (if (not (eobp)) + (progn (forward-char 1) + (remove-text-properties (1- (point)) (point) + '(read-only nil))))) + ) + (if (not was-modified) + (set-buffer-modified-p nil)) + (setq inhibit-read-only was-inhibit-r-o) + (setq buffer-undo-list was-undo-list) + ) + ) + ) ;;;_ > allout-flag-current-subtree (flag) (defun allout-flag-current-subtree (flag) "Hide or show subtree of currently-visible topic. @@ -3471,9 +3830,9 @@ (save-excursion (allout-back-to-current-heading) - (allout-flag-region (point) - (progn (allout-end-of-current-subtree) (1- (point))) - flag))) + (let ((from (point)) + (to (progn (allout-end-of-current-subtree) (1- (point))))) + (allout-flag-region from to flag)))) ;;;_ - Topic-specific ;;;_ > allout-show-entry () @@ -3482,7 +3841,7 @@ This is a way to give restricted peek at a concealed locality without the expense of exposing its context, but can leave the outline with aberrant -exposure. `allout-hide-current-entry-completely' or `allout-show-to-offshoot' +exposure. `allout-hide-current-entry-completely' or `allout-show-offshoot' should be used after the peek to rectify the exposure." (interactive) @@ -3602,7 +3961,7 @@ (allout-back-to-current-heading) (save-excursion (allout-flag-region (point) - (progn (allout-end-of-current-entry) (point)) + (progn (allout-end-of-entry) (point)) ?\r))) ;;;_ > allout-show-current-entry (&optional arg) (defun allout-show-current-entry (&optional arg) @@ -3614,8 +3973,9 @@ (allout-hide-current-entry) (save-excursion (allout-flag-region (point) - (progn (allout-end-of-current-entry) (point)) - ?\n)))) + (progn (allout-end-of-entry) (point)) + ?\n) + ))) ;;;_ > allout-hide-current-entry-completely () ; ... allout-hide-current-entry-completely also for isearch dynamic exposure: (defun allout-hide-current-entry-completely () @@ -3846,7 +4206,11 @@ max-pos))) ;;;_ > allout-old-expose-topic (spec &rest followers) (defun allout-old-expose-topic (spec &rest followers) - "Dictate wholesale exposure scheme for current topic, according to SPEC. + + "Deprecated. Use `allout-expose-topic' \(with different schema +format) instead. + +Dictate wholesale exposure scheme for current topic, according to SPEC. SPEC is either a number or a list. Optional successive args dictate exposure for subsequent siblings of current topic. @@ -3918,9 +4282,6 @@ (allout-old-expose-topic (car followers)) (setq followers (cdr followers))) max-pos)) -(make-obsolete 'allout-old-expose-topic - "use `allout-expose-topic' (with different schema format) instead." - "19.23") ;;;_ > allout-new-exposure '() (defmacro allout-new-exposure (&rest spec) "Literal frontend for `allout-expose-topic', doesn't evaluate arguments. @@ -3929,6 +4290,8 @@ Cursor is left at start position. +Use this instead of obsolete `allout-exposure'. + Examples: \(allout-new-exposure (-1 () () () 1) 0) Close current topic at current level so only the immediate @@ -4151,13 +4514,20 @@ (cdr format))))))) ;; Put the list with first at front, to last at back: (nreverse result)))) +;;;_ > my-region-active-p () +(defmacro my-region-active-p () + (if (fboundp 'region-active-p) + '(region-active-p) + 'mark-active)) ;;;_ > allout-process-exposed (&optional func from to frombuf ;;; tobuf format) (defun allout-process-exposed (&optional func from to frombuf tobuf - format start-num) + format &optional start-num) "Map function on exposed parts of current topic; results to another buffer. -Apply FUNC to exposed portions FROM position TO position in buffer +All args are options; default values itemized below. + +Apply FUNCTION to exposed portions FROM position TO position in buffer FROMBUF to buffer TOBUF. Sixth optional arg, FORMAT, designates an alternate presentation form: @@ -4170,7 +4540,7 @@ except for distinctive bullets. Defaults: - FUNC: `allout-insert-listified' + FUNCTION: `allout-insert-listified' FROM: region start, if region active, else start of buffer TO: region end, if region active, else end of buffer FROMBUF: current buffer @@ -4219,9 +4589,7 @@ \`(depth prefix text)' -or - - \`(depth prefix text bullet-plus)' +or \`(depth prefix text bullet-plus)' If `bullet-plus' is specified, it is inserted just after the entire prefix." (setq listified (cdr listified)) @@ -4237,7 +4605,7 @@ (while text (insert (car text)) (if (setq text (cdr text)) - (insert "\n"))) + (insert-string "\n"))) (insert "\n"))) ;;;_ > allout-copy-exposed-to-buffer (&optional arg tobuf format) (defun allout-copy-exposed-to-buffer (&optional arg tobuf format) @@ -4440,14 +4808,14 @@ body-content bop) ; Do the head line: (insert (concat "\\OneHeadLine{\\verb\1 " - (allout-latex-verb-quote bullet) - "\1}{" - depth - "}{\\verb\1 " - (if head-line - (allout-latex-verb-quote head-line) - "") - "\1}\n")) + (allout-latex-verb-quote bullet) + "\1}{" + depth + "}{\\verb\1 " + (if head-line + (allout-latex-verb-quote head-line) + "") + "\1}\n")) (if (not body-lines) nil ;;(insert "\\beginlines\n") @@ -4509,7 +4877,614 @@ (pop-to-buffer buf) (goto-char start-pt))) -;;;_ #8 miscellaneous +;;;_ #8 Encryption +;;;_ > allout-toggle-current-subtree-encryption (&optional fetch-key) +(defun allout-toggle-current-subtree-encryption (&optional fetch-key) + "Encrypt clear text or decrypt encoded contents of a topic. + +Contents includes body and subtopics. + +Currently only GnuPG encryption is supported. + +\**NOTE WELL** that the encrypted text must be ascii-armored. For gnupg +encryption, include the option ``armor'' in your ~/.gnupg/gpg.conf file. + +Both symmetric-key and key-pair encryption is implemented. Symmetric is +the default, use a single \(x4) universal argument for keypair mode. + +Encrypted topic's bullet is set to a `~' to signal that the contents of the +topic \(body and subtopics, but not heading) is pending encryption or +encrypted. An `*' asterisk immediately after the bullet signals that the +body is encrypted, its absence means it's meant to be encrypted but is not +- it's \"disclosed\". When a file with disclosed topics is saved, the user +prompted for an ok to \(symmetric-key) encrypt the disclosed topics. NOTE +WELL that you must explicitly \(re)encrypt key-pair encrypted topics if you +want them to continue to be in key-pair mode. + +Level-1 topics, with prefix consisting solely of an `*' asterisk, cannot be +encrypted. If you want to encrypt the contents of a top-level topic, use +\\[allout-shift-in] to increase its depth. + +Failed transformation does not change the an entry being encrypted - +instead, the key is re-solicited and the transformation is retried. +\\[keyboard-quit] to abort. + +Decryption does symmetric or key-pair key mode depending on how the text +was encrypted. The encryption key is solicited if not currently available +from the key cache from a recent prior encryption action. + +Optional FETCH-KEY universal argument is used for two purposes - to provoke +key-pair instead of symmetric encryption, or to provoke clearing of the key +cache so keys are freshly fetched. + + - Without any universal arguments, then the appropriate key for the is + obtained from the cache, if available, else from the user. + + - If FETCH-KEY is the result of one universal argument - ie, equal to 4 - + then key-pair encryption is used. + + - With repeated universal argument - equal to 16 - then the key cache is + cleared before any encryption transformations, to force prompting of the + user for the key. + +The solicited key is retained for reuse in a buffer-specific cache for some +set period of time \(default, 60 seconds), after which the string is +nulled. `mailcrypt' provides the key caching functionality. You can +adjust the key cache timeout by ajdusting the setting of the elisp variable +`mc-passwd-timeout'. + +If the file previously had no associated key, or had a different key than +specified, the user is prompted to repeat the new one for corroboration. A +random string encrypted by the new key is set on the buffer-specific +variable `allout-key-verifier-string', for confirmation of the key when +next obtained, before encrypting or decrypting anything with it. This +helps avoid mistakenly shifting between keys. + +If allout customization var `allout-key-verifier-handling' is non-nil, an +entry for `allout-key-verifier-string' and its value is added to an Emacs +'local variables' section at the end of the file, which is created if +necessary. That setting is for retention of the key verifier across emacs +sessions. + +Similarly, `allout-key-hint-string' stores a user-provided reminder about +their key, and `allout-key-hint-handling' specifies when the hint is +presented, or if key hints are disabled. If enabled \(see the +`allout-key-hint-handling' docstring for details), the hint string is +stored in the local-variables section of the file, and solicited whenever +the key is changed." + +;;; This routine handles allout-specific business, dispatching +;;; encryption-specific business to allout-encrypt-string. + + (interactive "P") + (save-excursion + (allout-end-of-prefix t) + + (if (= (allout-recent-depth) 1) + (error (concat "Cannot encrypt or decrypt level 1 topics -" + " shift it in to make it encryptable"))) + + (if (and fetch-key + (not (equal fetch-key '(4)))) + (mc-deactivate-passwd)) + + (let* ((allout-buffer (current-buffer)) + ;; Asses location: + (after-bullet-pos (point)) + (was-encrypted + (progn (if (= (point-max) after-bullet-pos) + (error "no body to encrypt")) + (looking-at "\\*"))) + (was-collapsed (if (not (re-search-forward "[\n\r]" nil t)) + nil + (backward-char 1) + (looking-at "\r"))) + (subtree-beg (1+ (point))) + (subtree-end (allout-end-of-subtree)) + (subject-text (buffer-substring-no-properties subtree-beg + subtree-end)) + (subtree-end-char (char-after (1- subtree-end))) + (subtree-trailling-char (char-after subtree-end)) + (place-holder (if (or (string= "" subject-text) + (string= "\n" subject-text)) + (error "No topic contents to %scrypt" + (if was-encrypted "de" "en")))) + ;; Assess key parameters: + (key-type (or + ;; detect the type by which it is already encrypted + (and was-encrypted + (allout-encrypted-text-type subject-text)) + (and (member fetch-key '(4 (4))) + (yes-or-no-p "Use key-pair encryption instead? ") + 'keypair) + 'symmetric)) + (fetch-key (and fetch-key (not (member fetch-key '(16 (16)))))) + result-text) + + (setq result-text + (allout-encrypt-string subject-text was-encrypted + (current-buffer) key-type fetch-key)) + + ;; Replace the subtree with the processed product. + (allout-unprotected + (progn + (set-buffer allout-buffer) + (delete-region subtree-beg subtree-end) + (insert result-text) + (if was-collapsed + (allout-flag-region subtree-beg (1- (point)) ?\r)) + ;; adjust trailling-blank-lines to preserve topic spacing: + (if (not was-encrypted) + (if (and (member subtree-end-char '(?\r ?\n)) + (member subtree-trailling-char '(?\r ?\n))) + (insert subtree-trailling-char))) + ;; Ensure that the item has an encrypted-entry bullet: + (if (not (string= (buffer-substring-no-properties + (1- after-bullet-pos) after-bullet-pos) + allout-topic-encryption-bullet)) + (progn (goto-char (1- after-bullet-pos)) + (delete-char 1) + (insert allout-topic-encryption-bullet))) + (if was-encrypted + ;; Remove the is-encrypted bullet qualifier: + (progn (goto-char after-bullet-pos) + (delete-char 1)) + ;; Add the is-encrypted bullet qualifier: + (goto-char after-bullet-pos) + (insert "*")) + ) + ) + ) + ) + ) +;;;_ > allout-encrypt-string (text decrypt allout-buffer key-type rekey +;;; &optional retried verifying) +(defun allout-encrypt-string (text decrypt allout-buffer key-type rekey + &optional retried verifying) + "Encrypt or decrypt a string TEXT using KEY. + +If optional DECRYPT is true (default false), then decrypt instead of +encrypt. + +Optional REKEY (default false) provokes clearing of the key cache to force +fresh prompting for the key. + +Optional RETRIED is for internal use - conveys the number of failed keys have +been solicited in sequence leading to this current call. + +Optional VERIFYING is for internal use, signifying processing of text +solely for verification of the cached key. + +Returns the resulting string, or nil if the transformation fails." + + ;; Ensure that we have an alternate handle on the real mc-activate-passwd: + (if (not (fboundp 'real-mc-activate-passwd)) + ;; Force loads of the primary mailcrypt packages, so flet below holds. + (progn (require 'mailcrypt) + (load "mc-toplev") + (fset 'real-mc-activate-passwd + (symbol-function 'mc-activate-passwd)))) + + (if (and rekey (not verifying)) (mc-deactivate-passwd)) + + (catch 'encryption-failed + (save-excursion + + (let* ((mc-default-scheme (or allout-encryption-scheme + allout-default-encryption-scheme)) + (id (format "%s-%s" key-type + (or (buffer-file-name allout-buffer) + (buffer-name allout-buffer)))) + (cached (real-mc-activate-passwd id nil)) + (comment "Processed by allout driving mailcrypt") + key work-buffer result result-text encryption-process-status) + + (unwind-protect + + ;; Interject our mc-activate-passwd wrapper: + (flet ((mc-activate-passwd (id &optional prompt) + (allout-mc-activate-passwd id prompt))) + + (setq work-buffer + (set-buffer (allout-encryption-produce-work-buffer text))) + + (cond + + ;; symmetric: + ((equal key-type 'symmetric) + (setq key (if verifying + (real-mc-activate-passwd id nil) + (allout-mc-activate-passwd id))) + (setq encryption-process-status + (crypt-encrypt-buffer key decrypt)) + (if (zerop encryption-process-status) + t + (if verifying + (throw 'encryption-failed nil) + (mc-deactivate-passwd) + (error "Symmetric-key encryption failed (%s) - wrong key?" + encryption-process-status)))) + + ;; encrypt 'keypair: + ((not decrypt) + (condition-case result + (mailcrypt-encrypt 1) + (error (mc-deactivate-passwd) + (error "encryption failed: %s" + (cadr result))))) + + ;; decrypt 'keypair: + (t (condition-case result + (mc-decrypt) + (error (mc-deactivate-passwd) + (error "decryption failed: %s" + (cadr result)))))) + + (setq result-text (if (or (equal key-type 'keypair) + (not decrypt)) + (buffer-substring 1 (1- (point-max))) + (buffer-string))) + ;; validate result - non-empty + (cond ((not result-text) + (if verifying + nil + ;; Transformation was fruitless - retry with new key. + (mc-deactivate-passwd) + (allout-encrypt-string text allout-buffer decrypt nil + (if retried (1+ retried) 1) + verifying))) + + ;; Barf if encryption yields extraordinary control chars: + ((and (not decrypt) + (string-match "[\C-a\C-k\C-o-\C-z\C-@]" result-text)) + (error (concat "encryption produced unusable" + " non-armored text - reconfigure!"))) + + ;; valid result and just verifying or non-symmetric: + ((or verifying (not (equal key-type 'symmetric))) + result-text) + + ;; valid result and regular symmetric - situate validator: + (t + ;; valid result and verifier needs to be situated in + ;; allout-buffer: + (set-buffer allout-buffer) + (if (and (or rekey (not cached)) + (not (allout-verify-key key allout-buffer))) + (allout-situate-encryption-key-verifier key id)) + result-text) + ) + ) + + ;; unwind-protect emergence: + (if work-buffer + (kill-buffer work-buffer)) + ) + ) + ) + ) + ) +;;;_ > allout-mc-activate-passwd (id &optional prompt) +(defun allout-mc-activate-passwd (id &optional prompt) + "Substituted for mc-activate-passwd during allout outline encryption. + +We add key-verification to vanilla mc-activate-passwd. + +We depend in some cases on values of the following allout-encrypt-string +internal or prevailing variables: + - key-type - 'symmetric or 'keypair + - id - id associated with current key in key cache + - allout-buffer - where subject text resides + - retried - number of current attempts to obtain this key + - rekey - user asked to present a new key - needs to be confirmed" + +;; - if we're doing non-symmetric key, just do normal mc-activate-passwd +;; - otherwise, if we are have a cached version of the key, then assume +;; it's verified and return it +;; - otherwise, prompt for a key, and: +;; - if we have a key verifier \(a string value which should decrypt +;; against a symmetric key), validate against the verifier +;; - if successful, return the verified key +;; - if unsuccessful: +;; - offer to use the new key +;; - if accepted, do confirm process +;; - if refused, try again until we get a correctly spelled one or the +;; user quits +;; - if no key verifier, resolicit the key to get corroboration and return +;; the corroborated key if spelled identically, or error if not. + + (if (not (equal key-type 'symmetric)) + ;; do regular mc-activate-passwd on non-symmetric key + (real-mc-activate-passwd id prompt) + + ;; Symmetric hereon: + + (save-excursion + (set-buffer allout-buffer) + (let* ((hint (if (and (not (string= allout-key-hint-string "")) + (or (equal allout-key-hint-handling 'always) + (and (equal allout-key-hint-handling 'needed) + retried))) + (format " [%s]" allout-key-hint-string) + "")) + (retry-message (if retried (format " (%s retry)" retried) "")) + (prompt-sans-hint (format "'%s' symmetric key%s: " + (buffer-name allout-buffer) + retry-message)) + (full-prompt (format "'%s' symmetric key%s%s: " + (buffer-name allout-buffer) + hint retry-message)) + (prompt full-prompt) + (verifier-string (allout-get-encryption-key-verifier)) + ;; force retention of cached passwords for five minutes while + ;; we're in this particular routine: + (mc-passwd-timeout 300) + (cached (real-mc-activate-passwd id nil)) + (got (or cached (real-mc-activate-passwd id full-prompt))) + confirmation) + + (if (not got) + nil + + ;; Duplicate our handle on the key so it's not clobbered by + ;; deactivate-passwd memory clearing: + (setq got (format "%s" got)) + + (cond (verifier-string + (if (and (not (allout-encrypt-string + verifier-string 'decrypt allout-buffer + 'symmetric nil 0 'verifying)) + (if (yes-or-no-p + (concat "Key differs from established" + " - use new one instead? ")) + ;; deactivate password for subsequent + ;; confirmation: + (progn (mc-deactivate-passwd) + (setq prompt prompt-sans-hint) + nil) + t)) + (progn (mc-deactivate-passwd) + (error "Wrong key.")))) + ;; Force confirmation by repetition for new key: + ((or rekey (not cached)) (mc-deactivate-passwd)))) + ;; we have a key and it's either verified and cached. + ;; confirmation vs new input - doing mc-activate-passwd will do the + ;; right thing, in either case: + (setq confirmation + (real-mc-activate-passwd id (concat prompt + " ... confirm spelling: "))) + (prog1 + (if (equal got confirmation) + confirmation + (if (yes-or-no-p (concat "spelling of original and" + " confirmation differ - retry? ")) + (progn (setq retried (if retried (1+ retried) 1)) + (mc-deactivate-passwd) + ;; recurse to this routine: + (mc-activate-passwd id prompt-sans-hint)) + (mc-deactivate-passwd) + (error "Confirmation failed."))) + ;; reduce opportunity for memory cherry-picking by zeroing duplicate: + (dotimes (i (length got)) + (aset got i 0)) + ) + ) + ) + ) + ) +;;;_ > allout-encryption-produce-work-buffer (text) +(defun allout-encryption-produce-work-buffer (text) + "Establish a new buffer filled with TEXT, for outline encrypion processing. + +TEXT is massaged so outline collapsing, if any, is removed." + (let ((work-buffer (generate-new-buffer " *allout encryption*"))) + (save-excursion + (set-buffer work-buffer) + (insert (subst-char-in-string ?\r ?\n text))) + work-buffer)) +;;;_ > allout-encrypted-topic-p () +(defun allout-encrypted-topic-p () + "True if the current topic is encryptable and encrypted." + (save-excursion + (allout-end-of-prefix t) + (and (string= (buffer-substring-no-properties (1- (point)) (point)) + allout-topic-encryption-bullet) + (looking-at "\\*")) + ) + ) +;;;_ > allout-encrypted-text-type (text) +;;; XXX gpg-specific, not generic! +(defun allout-encrypted-text-type (text) + "For gpg encrypted text, return 'symmetric or 'keypair." + + ;; Ensure mc-gpg-path has a value: + (if (not (boundp 'mc-gpg-path)) + (load-library "mc-gpg")) + + (save-excursion + (let* ((work-buffer (set-buffer + (allout-encryption-produce-work-buffer text))) + (result (mc-gpg-process-region (point-min) (point-max) + nil mc-gpg-path + '("--batch" "--decrypt") + 'mc-gpg-decrypt-parser + work-buffer nil))) + (cond ((equal (nth 0 result) 'symmetric) + 'symmetric) + ((equal (nth 0 result) t) + 'keypair) + (t (error "Unrecognized/unsupported encryption type %S" + (nth 0 result)))) + ) + ) + ) +;;;_ > allout-create-encryption-key-verifier (key id) +(defun allout-create-encryption-key-verifier (key id) + "Encrypt a random message for later validation of symmetric key." + ;; use 20 random ascii characters, across the entire ascii range. + (random t) + (let ((spew (make-string 20 ?\0))) + (dotimes (i (length spew)) + (aset spew i (1+ (random 254)))) + (allout-encrypt-string spew nil nil 'symmetric nil nil t)) + ) +;;;_ > allout-situate-encryption-key-verifier (key id) +(defun allout-situate-encryption-key-verifier (key id) + "Establish key verifier string on file variable. + +We also prompt for and situate a new reminder, if reminders are enabled. + +We massage the string to simplify programmatic adjustment. File variable +is `allout-file-key-verifier-string'." + (let ((verifier-string + ;; Collapse to a single line and enclose in string quotes: + (subst-char-in-string ?\n ?\C-a + (allout-create-encryption-key-verifier + key id))) + (reminder (if (not (equal allout-key-hint-handling 'disabled)) + (read-from-minibuffer + "Key hint to jog your memory next time: " + allout-key-hint-string)))) + (setq allout-key-verifier-string verifier-string) + (allout-adjust-file-variable "allout-key-verifier-string" + verifier-string) + (cond ((equal allout-key-hint-handling 'disabled) + nil) + ((not (string= reminder allout-key-hint-string)) + (setq allout-key-hint-string reminder) + (allout-adjust-file-variable "allout-key-hint-string" + reminder))) + ) + ) +;;;_ > allout-get-encryption-key-verifier () +(defun allout-get-encryption-key-verifier () + "Return the text of the encrypt key verifier, unmassaged, or nil if none. + +Derived from value of `allout-file-key-verifier-string'." + + (let ((verifier-string (and (boundp 'allout-key-verifier-string) + allout-key-verifier-string))) + (if verifier-string + ;; Return it uncollapsed + (subst-char-in-string ?\C-a ?\n verifier-string) + nil) + ) + ) +;;;_ > allout-verify-key (key) +(defun allout-verify-key (key allout-buffer) + "True if key successfully decrypts key verifier, nil otherwise. + +\"Otherwise\" includes absence of key verifier." + (save-excursion + (set-buffer allout-buffer) + (and (boundp 'allout-key-verifier-string) + allout-key-verifier-string + (allout-encrypt-string (allout-get-encryption-key-verifier) + 'decrypt allout-buffer 'symmetric + nil nil 'verifying) + t))) +;;;_ > allout-next-topic-pending-encryption (&optional except-mark) +(defun allout-next-topic-pending-encryption (&optional except-mark) + "Return the point of the next topic pending encryption, or nil if none. + +EXCEPT-MARK identifies a point whose containing topics should be excluded +from encryption. This supports 'except-current mode of +`allout-encrypt-unencrypted-on-saves'. + +Such a topic has the allout-topic-encryption-bullet without an +immediately following '*' that would mark the topic as being encrypted. It +must also have content." + (let (done got content-beg) + (while (not done) + + (if (not (re-search-forward + (format "\\(\\`\\|[\n\r]\\)%s *%s[^*]" + (regexp-quote allout-header-prefix) + (regexp-quote allout-topic-encryption-bullet)) + nil t)) + (setq got nil + done t) + (goto-char (setq got (match-beginning 0))) + (if (looking-at "[\n\r]") + (forward-char 1)) + (setq got (point))) + + (cond ((not got) + (setq done t)) + + ((not (re-search-forward "[\n\r]")) + (setq got nil + done t)) + + ((eobp) + (setq got nil + done t)) + + (t + (setq content-beg (point)) + (backward-char 1) + (allout-end-of-subtree) + (if (or (<= (point) content-beg) + (and except-mark + (<= content-beg except-mark) + (>= (point) except-mark))) + ;; Continue looking + (setq got nil) + ;; Got it! + (setq done t))) + ) + ) + (if got + (goto-char got)) + ) + ) +;;;_ > allout-encrypt-decrypted (&optional except-mark) +(defun allout-encrypt-decrypted (&optional except-mark) + "Encrypt topics pending encryption except those containing exemption point. + +EXCEPT-MARK identifies a point whose containing topics should be excluded +from encryption. This supports 'except-current mode of +`allout-encrypt-unencrypted-on-saves'. + +If a topic that is currently being edited was encrypted, we return a list +containing the location of the topic and the location of the cursor just +before the topic was encrypted. This can be used, eg, to decrypt the topic +and exactly resituate the cursor if this is being done as part of a file +save. See `allout-encrypt-unencrypted-on-saves' for more info." + + (interactive "p") + (save-excursion + (let ((current-mark (point-marker)) + was-modified + editing-topic editing-point) + (goto-char (point-min)) + (while (allout-next-topic-pending-encryption except-mark) + (setq was-modified (buffer-modified-p)) + (if (save-excursion + (and (boundp 'allout-encrypt-unencrypted-on-saves) + allout-encrypt-unencrypted-on-saves + (setq bo-subtree (re-search-forward "[\n\r]")) + ;; Not collapsed: + (string= (match-string 0) "\n") + (>= current-mark (point)) + (allout-end-of-current-subtree) + (<= current-mark (point)))) + (setq editing-topic (point) + ;; we had to wait for this 'til now so prior topics are + ;; encrypted, any relevant text shifts are in place: + editing-point (marker-position current-mark))) + (allout-toggle-current-subtree-encryption) + (if (not was-modified) + (set-buffer-modified-p nil)) + ) + (if (not was-modified) + (set-buffer-modified-p nil)) + (if editing-topic (list editing-topic editing-point)) + ) + ) + ) + +;;;_ #9 miscellaneous ;;;_ > allout-mark-topic () (defun allout-mark-topic () "Put the region around topic currently containing point." @@ -4538,22 +5513,100 @@ t (allout-open-topic 2) (insert (concat "Dummy outline topic header - see" - "`allout-mode' docstring: `^Hm'.")) - (forward-line 1) + "`allout-mode' docstring: `^Hm'.")) + (allout-adjust-file-variable + "allout-layout" (format "%s" (or allout-layout '(-1 : 0))))))) +;;;_ > allout-file-vars-section-data () +(defun allout-file-vars-section-data () + "Return data identifying the file-vars section, or nil if none. + +Returns list `(beginning-point prefix-string suffix-string)'." + ;; minimally gleaned from emacs 21.4 files.el hack-local-variables function. + (let (beg prefix suffix) + (save-excursion (goto-char (point-max)) - (open-line 1) - (allout-open-topic 0) - (insert "Local emacs vars.\n") - (allout-open-topic 1) - (insert "(`allout-layout' is for allout.el allout-mode)\n") - (allout-open-topic 0) - (insert "Local variables:\n") - (allout-open-topic 0) - (insert (format "allout-layout: %s\n" - (or allout-layout - '(-1 : 0)))) - (allout-open-topic 0) - (insert "End:\n")))) + (search-backward "\n\^L" (max (- (point-max) 3000) (point-min)) 'move) + (if (let ((case-fold-search t)) + (not (search-forward "Local Variables:" nil t))) + nil + (setq beg (- (point) 16)) + (setq suffix (buffer-substring-no-properties + (point) + (progn (if (re-search-forward "[\n\r]" nil t) + (forward-char -1)) + (point)))) + (setq prefix (buffer-substring-no-properties + (progn (if (re-search-backward "[\n\r]" nil t) + (forward-char 1)) + (point)) + beg)) + (list beg prefix suffix)) + ) + ) + ) +;;;_ > allout-adjust-file-variable (varname value) +(defun allout-adjust-file-variable (varname value) + "Adjust the setting of an emacs file variable named VARNAME to VALUE. + +This activity is inhibited if either `enable-local-variables' +`allout-enable-file-variable-adjustment' are nil. + +When enabled, an entry for the variable is created if not already present, +or changed if established with a different value. The section for the file +variables, itself, is created if not already present. When created, the +section lines \(including the section line) exist as second-level topics in +a top-level topic at the end of the file. + +enable-local-variables must be true for any of this to happen." + (if (not (and enable-local-variables + allout-enable-file-variable-adjustment)) + nil + (save-excursion + (let ((section-data (allout-file-vars-section-data)) + beg prefix suffix) + (if section-data + (setq beg (car section-data) + prefix (cadr section-data) + suffix (car (cddr section-data))) + ;; create the section + (goto-char (point-max)) + (open-line 1) + (allout-open-topic 0) + (end-of-line) + (insert "Local emacs vars.\n") + (allout-open-topic 1) + (setq beg (point) + suffix "" + prefix (buffer-substring-no-properties (progn + (beginning-of-line) + (point)) + beg)) + (goto-char beg) + (insert "Local variables:\n") + (allout-open-topic 0) + (insert "End:\n") + ) + ;; look for existing entry or create one, leaving point for insertion + ;; of new value: + (goto-char beg) + (allout-show-to-offshoot) + (if (search-forward (concat "\n" prefix varname ":") nil t) + (let* ((value-beg (point)) + (line-end (progn (if (re-search-forward "[\n\r]" nil t) + (forward-char -1)) + (point))) + (value-end (- line-end (length suffix)))) + (if (> value-end value-beg) + (delete-region value-beg value-end))) + (end-of-line) + (open-line 1) + (forward-line 1) + (insert (concat prefix varname ":"))) + (insert (format " %S%s" value suffix)) + ) + ) + ) + ) ;;;_ > solicit-char-in-string (prompt string &optional do-defaulting) (defun solicit-char-in-string (prompt string &optional do-defaulting) "Solicit (with first arg PROMPT) choice of a character from string STRING. @@ -4594,8 +5647,7 @@ Representations of actual backslashes - '\\\\\\\\' - are left as a single backslash. -\(fn REGEXP)" -;; Optional arg SUCCESSIVE-BACKSLASHES is used internally for recursion. +Optional arg SUCCESSIVE-BACKSLASHES is used internally for recursion." (if (string= regexp "") "" @@ -4611,11 +5663,6 @@ (regexp-sans-escapes (substring regexp 1))) ;; Exclude first char, but maintain count: (regexp-sans-escapes (substring regexp 1) successive-backslashes)))) -;;;_ > my-region-active-p () -(defmacro my-region-active-p () - (if (fboundp 'region-active-p) - '(region-active-p) - 'mark-active)) ;;;_ - add-hook definition for divergent emacsen ;;;_ > add-hook (hook function &optional append) (if (not (fboundp 'add-hook)) @@ -4640,13 +5687,13 @@ (defun my-mark-marker (&optional force buffer) "Accommodate the different signature for `mark-marker' across Emacsen. -XEmacs takes two optional args, while GNU Emacs does not, +XEmacs takes two optional args, while mainline GNU Emacs does not, so pass them along when appropriate." - (if (featurep 'xemacs) + (if (string-match " XEmacs " emacs-version) (mark-marker force buffer) (mark-marker))) -;;;_ #9 Under development +;;;_ #10 Under development ;;;_ > allout-bullet-isearch (&optional bullet) (defun allout-bullet-isearch (&optional bullet) "Isearch \(regexp) for topic with bullet BULLET." @@ -4676,5 +5723,4 @@ ;;;allout-layout: (0 : -1 -1 0) ;;;End: -;;; arch-tag: cf38fbc3-c044-450f-8bff-afed8ba5681c ;;; allout.el ends here [-- Attachment #3: allout-ChangeLog.txt --] [-- Type: text/plain, Size: 3562 bytes --] 2005-09-30 Ken Manheimer <ken.manheimer@gmail.com> * allout.el: omnibus changes - new subsystem supporting easy gpg topic encryption/decryption. salient features: - both public- and symmetric-key modes are supported. - encryption being on a per-topic basis means you can intersperse encrypted and clear-text data in a single file to your heart's content. - user-provided symmetric-key hints, with consistency verification to help user avoid confusion - time-limited key reuse, a la (and using) mailcrypt's mc-passwd-timeout - write-file-hook and auto-save-hook activities to support auto encryption of pending topics on save; provision to skip currently-edited topic to avoid editing disturbance topic encryption functionality depends on both mailcrypt and crypt++ packages. (non-encryption allout functionality is not disrupted if either mailcrypt or crypt++ are absent.) `allout-toggle-current-subtree-encryption' is the central routine. there are a five new encryption customization variables: - allout-topic-encryption-bullet - allout-default-encryption-scheme - allout-key-verifier-handling - allout-key-hint-handling - allout-encrypt-unencrypted-on-saves topic encryption is included in mouse menu docstring for `allout-toggle-current-subtree-encryption' and customization variables provide detailed description. - repaired inhibition of concealed-text edits this helps preserve the structural integrity of outlines, as well as preventing insidiously invisible accidental edits (it also noticably slows massive exposure changes, but i consider the performance acceptable. eg, i have blanket auto-exposure set for my daily-notes log, which has real-world intricacy in a 1.1 Mb, 7000 topic outline, and have no problems working with it on a 200 MhZ windows laptop.) - disallow manually shifting a topic deeper than the offspring depth of the previous topic - avoiding confusing "containment discontinuities" - fixed retention of body relative hanging indent during promotion of collapsed bodies - made it easy to open new topic with same bullet as current topic - topic creation functions provided with any universal argument provokes now prompt for bullet, defaulting to the bullet of the previous topic. very ergonomic. - plain bullet alternates '.' period and ',' comma only. all other bullets are relegated to special status (but customizable) - comments and routine names better distinguish between: - topic body - the text contained after a header - topic header - the first line, before the body - topic entry - the header, body, and offspring - allout-beginning-of-current-entry now works as advertised - allout-end-of-current-entry relieved of superfluous allout-show-entry - reconciled with distributed allout.el 1.61 (current CVS version as of 09/30/2005), including interactive-p fixes, typo and coding style fixes, change of function prefix to "allout-", etc, and fixed problem created in outline yanking due to the interactive-p fixes - relocated some macros - refined many docstrings, including anything from correcting typos to conceptual clarification and correction - corrected commentary 'keywords' to legitimate ones - updated comentary author info (using my current email address, obscurified) [-- Attachment #4: Type: text/plain, Size: 142 bytes --] _______________________________________________ Emacs-devel mailing list Emacs-devel@gnu.org http://lists.gnu.org/mailman/listinfo/emacs-devel ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: new version of allout.el - patch and ChangeLog 2005-09-30 17:24 new version of allout.el - patch and ChangeLog Ken Manheimer @ 2005-09-30 21:06 ` Sascha Wilde 2005-09-30 21:52 ` Ken Manheimer [not found] ` <E1ELj0L-0000Pn-3T@fencepost.gnu.org> 1 sibling, 1 reply; 156+ messages in thread From: Sascha Wilde @ 2005-09-30 21:06 UTC (permalink / raw) Cc: emacs-devel [-- Attachment #1.1: Type: text/plain, Size: 1027 bytes --] On Fri, Sep 30, 2005 at 01:24:14PM -0400, Ken Manheimer wrote: > attached is a patch and ChangeLog for a substantial new version of > allout.el, emacs' alternative (and much more extensive) outliner. [...] > below is the synopsis of just the encryption features, from the ChangeLog entry. [...] > - both public- and symmetric-key modes are supported. > - encryption being on a per-topic basis means you can > intersperse encrypted and clear-text data in a single file > to your heart's content. I think this sounds great, but... > topic encryption functionality depends on both mailcrypt and > crypt++ packages. (non-encryption allout functionality is not > disrupted if either mailcrypt or crypt++ are absent.) why do you relay on these packages, which aren't part of gnu emacs, when we have pgg? cheers sascha -- Sascha Wilde -.-. ..- .-. .. --- ... .. - -.-- -.- .. .-.. .-.. . -.. - .... . -.-. .- - [-- Attachment #1.2: Type: application/pgp-signature, Size: 189 bytes --] [-- Attachment #2: Type: text/plain, Size: 142 bytes --] _______________________________________________ Emacs-devel mailing list Emacs-devel@gnu.org http://lists.gnu.org/mailman/listinfo/emacs-devel ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: new version of allout.el - patch and ChangeLog 2005-09-30 21:06 ` Sascha Wilde @ 2005-09-30 21:52 ` Ken Manheimer 2005-10-01 8:20 ` Andreas Schwab 2005-10-01 16:28 ` Ken Manheimer 0 siblings, 2 replies; 156+ messages in thread From: Ken Manheimer @ 2005-09-30 21:52 UTC (permalink / raw) On 9/30/05, Sascha Wilde <wilde@sha-bang.de> wrote: > On Fri, Sep 30, 2005 at 01:24:14PM -0400, Ken Manheimer wrote: > [...] > > - both public- and symmetric-key modes are supported. > > - encryption being on a per-topic basis means you can > > intersperse encrypted and clear-text data in a single file > > to your heart's content. > > I think this sounds great, but... > > > topic encryption functionality depends on both mailcrypt and > > crypt++ packages. (non-encryption allout functionality is not > > disrupted if either mailcrypt or crypt++ are absent.) > > why do you relay on these packages, which aren't part of gnu emacs, > when we have pgg? good question - i wasn't aware of pgg. can you tell me more about it? i'd be very happy to find a single package that cleanly provides the encryption interface that allout needs! gentoo has an ebuild for it, but it involves xemacs dependencies, making me think the build is xemacs-specific. i gather, since you're responding via the emacs-devel list, that it's available for the mainline emacs - is that right? google points me at only emacs-wiki stuff (for a search on "emacs gpp") or xemacs-related stuff (for "xemacs gpp")... ken ken.manheimer@gmail.com ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: new version of allout.el - patch and ChangeLog 2005-09-30 21:52 ` Ken Manheimer @ 2005-10-01 8:20 ` Andreas Schwab 2005-10-01 12:41 ` Reiner Steib 2005-10-01 16:28 ` Ken Manheimer 1 sibling, 1 reply; 156+ messages in thread From: Andreas Schwab @ 2005-10-01 8:20 UTC (permalink / raw) Cc: emacs-devel Ken Manheimer <ken.manheimer@gmail.com> writes: > good question - i wasn't aware of pgg. can you tell me more about it? pgg has been developed as part of Gnus. It hasn't been distributed as part of Emacs before, but Emacs 22 will contain it as part of the Gnus subsystem. > google points me at only emacs-wiki stuff (for a search on "emacs gpp") > or xemacs-related stuff (for "xemacs gpp")... http://www.gnupg.org/(en)/related_software/frontends.html#fend_mua-PGG Andreas. -- Andreas Schwab, SuSE Labs, schwab@suse.de SuSE Linux Products GmbH, Maxfeldstraße 5, 90409 Nürnberg, Germany Key fingerprint = 58CA 54C7 6D53 942B 1756 01D3 44D5 214B 8276 4ED5 "And now for something completely different." ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: new version of allout.el - patch and ChangeLog 2005-10-01 8:20 ` Andreas Schwab @ 2005-10-01 12:41 ` Reiner Steib 2005-10-01 23:54 ` James Cloos 0 siblings, 1 reply; 156+ messages in thread From: Reiner Steib @ 2005-10-01 12:41 UTC (permalink / raw) On Sat, Oct 01 2005, Andreas Schwab wrote: > Ken Manheimer <ken.manheimer@gmail.com> writes: > >> good question - i wasn't aware of pgg. can you tell me more about it? If you have Emacs 22 (CVS) or Gnus 5.10 installed, you should also have the manual: (info "(pgg)Top"). > pgg has been developed as part of Gnus. PGG has been developed as a separate package (by Daiki Ueno, AFAICS). It has later been include in Gnus (Gnus 5.10). > It hasn't been distributed as part of Emacs before, but Emacs 22 > will contain it as part of the Gnus subsystem. Bye, Reiner. -- ,,, (o o) ---ooO-(_)-Ooo--- | PGP key available | http://rsteib.home.pages.de/ ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: new version of allout.el - patch and ChangeLog 2005-10-01 12:41 ` Reiner Steib @ 2005-10-01 23:54 ` James Cloos 0 siblings, 0 replies; 156+ messages in thread From: James Cloos @ 2005-10-01 23:54 UTC (permalink / raw) Cc: Ken Manheimer >>>>> "Reiner" == Reiner Steib <reinersteib+gmane@imap.cc> writes: > good question - i wasn't aware of pgg. can you tell me more about it? Reiner> If you have Emacs 22 (CVS) or Gnus 5.10 installed, you should Reiner> also have the manual: (info "(pgg)Top"). For gentoo, that means any of the app-editors/emacs-cvs, app-emacs/gnus and/or app-emacs/gnus-cvs ebuilds should contain that info manual. -JimC -- James H. Cloos, Jr. <cloos@jhcloos.com> ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: new version of allout.el - patch and ChangeLog 2005-09-30 21:52 ` Ken Manheimer 2005-10-01 8:20 ` Andreas Schwab @ 2005-10-01 16:28 ` Ken Manheimer 2005-10-02 10:48 ` Sascha Wilde 2005-10-02 17:08 ` new version of allout.el - patch and ChangeLog Richard M. Stallman 1 sibling, 2 replies; 156+ messages in thread From: Ken Manheimer @ 2005-10-01 16:28 UTC (permalink / raw) Cc: Sascha Wilde, Andreas Schwab On 9/30/05, Ken Manheimer <ken.manheimer@gmail.com> wrote: > On 9/30/05, Sascha Wilde <wilde@sha-bang.de> wrote: > > On Fri, Sep 30, 2005 at 01:24:14PM -0400, Ken Manheimer wrote: > > [...] > > > topic encryption functionality depends on both mailcrypt and > > > crypt++ packages. (non-encryption allout functionality is not > > > disrupted if either mailcrypt or crypt++ are absent.) > > > > why do you relay on these packages, which aren't part of gnu emacs, > > when we have pgg? > > good question - i wasn't aware of pgg. can you tell me more about it? > i'd be very happy to find a single package that cleanly provides the > encryption interface that allout needs! andreas pointed me at pgg's bundling in gnus, for which gentoo has an ebuild. i emerged it and got access to gpp and the info file. it looks nice - clean - but appears to have the same drawback, for my purposes, as mailcrypt. it will decrypt messages encoded with a symmetric key, but provides no api for encrypting with a symmetric key. that lack is a show-stopper for my purposes. that mailcrypt and pgg would concentrate on public-key mode makes a lot of sense, considering the ultimate purpose is encryption and/or signing of messages to be exchanged between remote parties - email, news, software packaging, etc. my primary concern for encryption in allout is with conveniently securing notes for oneself. the lattitude of symmetric keys offers much better convenience in that context. i actually inquired on the mailcrypt developers list about the lack of provision for symmetric-key encryption, and the general concensus was that it just was an oversight, not a deliberate avoidance. i presume (as i suggest above) because it's not useful for the message-exchange realm. it may well be that pgg is preferable, somehow, to mailcrypt - they both offer similar functionality, including key caching, as well as the lack of an interface for encrypting with a symmetric key. but the changeover won't gain me anything i can yet see - i'll still need to also use crypt++ for the symmetric key encoding. and the cost in effort of switching from working code would not be trivial, so until/unless i see a compelling gain, or someone else does the integration (and convinces me that pgg is more widespread than mailcrypt), i'm think i'm fine with mailcrypt. ken ken.manheimer@gmail.com ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: new version of allout.el - patch and ChangeLog 2005-10-01 16:28 ` Ken Manheimer @ 2005-10-02 10:48 ` Sascha Wilde 2005-10-02 14:23 ` Ken Manheimer 2005-10-02 20:31 ` Richard M. Stallman 2005-10-02 17:08 ` new version of allout.el - patch and ChangeLog Richard M. Stallman 1 sibling, 2 replies; 156+ messages in thread From: Sascha Wilde @ 2005-10-02 10:48 UTC (permalink / raw) Cc: Andreas Schwab, emacs-devel [-- Attachment #1.1: Type: text/plain, Size: 1139 bytes --] On Sat, Oct 01, 2005 at 12:28:17PM -0400, Ken Manheimer wrote: > I emerged it and got access to gpp and the info file. it > looks nice - clean - but appears to have the same drawback, for my > purposes, as mailcrypt. it will decrypt messages encoded with a > symmetric key, but provides no api for encrypting with a symmetric > key. that lack is a show-stopper for my purposes. So you would consider switching to pgg, if it would provide an interface to symmetric encryption? > it may well be that pgg is preferable, somehow, to mailcrypt - they > both offer similar functionality, including key caching, as well as > the lack of an interface for encrypting with a symmetric key. but the > changeover won't gain me anything i can yet see - i'll still need to > also use crypt++ for the symmetric key encoding. The reason I asked is, that pgg is, just like allout, part of GNU Emacs 22 -- so IMO it would be desirable to have the howl functionality of allout "out of the box" with GNU emacs. cheers sascha -- Sascha Wilde Hi! I'm a .signature *virus*! Copy me into your ~/.signature to help me spread! [-- Attachment #1.2: Type: application/pgp-signature, Size: 189 bytes --] [-- Attachment #2: Type: text/plain, Size: 142 bytes --] _______________________________________________ Emacs-devel mailing list Emacs-devel@gnu.org http://lists.gnu.org/mailman/listinfo/emacs-devel ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: new version of allout.el - patch and ChangeLog 2005-10-02 10:48 ` Sascha Wilde @ 2005-10-02 14:23 ` Ken Manheimer 2005-10-02 20:31 ` Richard M. Stallman 1 sibling, 0 replies; 156+ messages in thread From: Ken Manheimer @ 2005-10-02 14:23 UTC (permalink / raw) On 10/2/05, Sascha Wilde <wilde@sha-bang.de> wrote: > On Sat, Oct 01, 2005 at 12:28:17PM -0400, Ken Manheimer wrote: > > > I emerged it and got access to gpp and the info file. it > > looks nice - clean - but appears to have the same drawback, for my > > purposes, as mailcrypt. it will decrypt messages encoded with a > > symmetric key, but provides no api for encrypting with a symmetric > > key. that lack is a show-stopper for my purposes. > > So you would consider switching to pgg, if it would provide an > interface to symmetric encryption? yes. it would probably be a relief - allout goes through different contortions to use crypt++ than it does for mailcrypt. i expect my code could simplify, overall, if it used a single, fairly clean encryption interface. > > it may well be that pgg is preferable, somehow, to mailcrypt - they > > both offer similar functionality, including key caching, as well as > > the lack of an interface for encrypting with a symmetric key. but the > > changeover won't gain me anything i can yet see - i'll still need to > > also use crypt++ for the symmetric key encoding. > > The reason I asked is, that pgg is, just like allout, part of GNU > Emacs 22 -- so IMO it would be desirable to have the howl > functionality of allout "out of the box" with GNU emacs. that would be a compelling reason. i could allocate some time to incorporate pgg into allout, ditching the dependencies on crypt++ and mailcrypt, if pgg provided for encrypting with symmetric keys. i don't think i have the time to develop that extension of pgg however. do you think someone else might do that? that would be cool... ken ken.manheimer@gmail.com ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: new version of allout.el - patch and ChangeLog 2005-10-02 10:48 ` Sascha Wilde 2005-10-02 14:23 ` Ken Manheimer @ 2005-10-02 20:31 ` Richard M. Stallman 2005-10-03 19:25 ` pgg symmetric encryption patch (was: new version of allout.el - patch and ChangeLog) Sascha Wilde 1 sibling, 1 reply; 156+ messages in thread From: Richard M. Stallman @ 2005-10-02 20:31 UTC (permalink / raw) Cc: schwab, ken.manheimer, emacs-devel So you would consider switching to pgg, if it would provide an interface to symmetric encryption? If someone wants to do it, and assuming the result is clean, it would be a good thing to do. ^ permalink raw reply [flat|nested] 156+ messages in thread
* pgg symmetric encryption patch (was: new version of allout.el - patch and ChangeLog) 2005-10-02 20:31 ` Richard M. Stallman @ 2005-10-03 19:25 ` Sascha Wilde 2005-10-03 19:50 ` Ken Manheimer 0 siblings, 1 reply; 156+ messages in thread From: Sascha Wilde @ 2005-10-03 19:25 UTC (permalink / raw) Cc: schwab, ken.manheimer, ueno, emacs-devel [-- Attachment #1.1: Type: text/plain, Size: 4341 bytes --] On Sun, Oct 02, 2005 at 04:31:10PM -0400, Richard M. Stallman wrote: > So you would consider switching to pgg, if it would provide an > interface to symmetric encryption? > > If someone wants to do it, and assuming the result is clean, it would > be a good thing to do. Enclosed you'll find my preliminary patch to make symmetric encryption possible with pgg. The new function pgg-encrypt-symmetric-region asks for a passphrase and uses it to symmetrically encrypt the given region. Please note, this is by no means complete, just a small proof of concept. Ken, would something along this lines be sufficient for use with allout? cheers sascha cvs server: Diffing . Index: pgg-gpg.el =================================================================== RCS file: /cvsroot/emacs/emacs/lisp/gnus/pgg-gpg.el,v retrieving revision 1.6 diff -u -r1.6 pgg-gpg.el --- pgg-gpg.el 6 Aug 2005 19:51:42 -0000 1.6 +++ pgg-gpg.el 3 Oct 2005 19:13:34 -0000 @@ -4,6 +4,7 @@ ;; 2005 Free Software Foundation, Inc. ;; Author: Daiki Ueno <ueno@unixuser.org> +;; Symmetric encryption added by: Sascha Wilde <wilde@sha-bang.de> ;; Created: 1999/10/28 ;; Keywords: PGP, OpenPGP, GnuPG @@ -141,24 +142,32 @@ (defun pgg-gpg-encrypt-region (start end recipients &optional sign) "Encrypt the current region between START and END. +If recipients is :symmetric do symmetric encryption If optional argument SIGN is non-nil, do a combined sign and encrypt." (let* ((pgg-gpg-user-id (or pgg-gpg-user-id pgg-default-user-id)) + (symmetric-encryption (eq recipients :symmetric)) (passphrase - (when sign - (pgg-read-passphrase - (format "GnuPG passphrase for %s: " pgg-gpg-user-id) - pgg-gpg-user-id))) + (if symmetric-encryption + (pgg-read-passphrase + "GnuPG passphrase for symmetric encryption: ") + (when sign + (pgg-read-passphrase + (format "GnuPG passphrase for %s: " pgg-gpg-user-id) + pgg-gpg-user-id)))) (args (append - (list "--batch" "--armor" "--always-trust" "--encrypt") + (list "--batch" "--armor" "--always-trust" + (if symmetric-encryption "--symmetric" "--encrypt")) (if sign (list "--sign" "--local-user" pgg-gpg-user-id)) - (if recipients - (apply #'nconc - (mapcar (lambda (rcpt) - (list pgg-gpg-recipient-argument rcpt)) - (append recipients - (if pgg-encrypt-for-me - (list pgg-gpg-user-id))))))))) + (if symmetric-encryption + nil + (if recipients + (apply #'nconc + (mapcar (lambda (rcpt) + (list pgg-gpg-recipient-argument rcpt)) + (append recipients + (if pgg-encrypt-for-me + (list pgg-gpg-user-id)))))))))) (pgg-as-lbt start end 'CRLF (pgg-gpg-process-region start end passphrase pgg-gpg-program args)) (when sign Index: pgg.el =================================================================== RCS file: /cvsroot/emacs/emacs/lisp/gnus/pgg.el,v retrieving revision 1.8 diff -u -r1.8 pgg.el --- pgg.el 26 Aug 2005 00:02:05 -0000 1.8 +++ pgg.el 3 Oct 2005 19:13:34 -0000 @@ -4,6 +4,7 @@ ;; 2005 Free Software Foundation, Inc. ;; Author: Daiki Ueno <ueno@unixuser.org> +;; Symmetric encryption added by: Sascha Wilde <wilde@sha-bang.de> ;; Created: 1999/10/28 ;; Keywords: PGP @@ -232,6 +233,18 @@ (pgg-save-coding-system start end (pgg-invoke "encrypt-region" (or pgg-scheme pgg-default-scheme) (point-min) (point-max) rcpts sign)))) + (when (interactive-p) + (pgg-display-output-buffer start end status)) + status)) + +;;;###autoload +(defun pgg-encrypt-symmetric-region (start end) + "Encrypt the current region between START and END symmetric with passphrase." + (interactive "r") + (let ((status + (pgg-save-coding-system start end + (pgg-invoke "encrypt-region" (or pgg-scheme pgg-default-scheme) + (point-min) (point-max) :symmetric)))) (when (interactive-p) (pgg-display-output-buffer start end status)) status)) -- Sascha Wilde : The most exciting phrase to hear in science, the one : that heralds new discoveries, is not "Eureka!" (I found : it!) but "That's funny ..." -- Isaac Asimov [-- Attachment #1.2: Type: application/pgp-signature, Size: 189 bytes --] [-- Attachment #2: Type: text/plain, Size: 142 bytes --] _______________________________________________ Emacs-devel mailing list Emacs-devel@gnu.org http://lists.gnu.org/mailman/listinfo/emacs-devel ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg symmetric encryption patch (was: new version of allout.el - patch and ChangeLog) 2005-10-03 19:25 ` pgg symmetric encryption patch (was: new version of allout.el - patch and ChangeLog) Sascha Wilde @ 2005-10-03 19:50 ` Ken Manheimer 2005-10-04 10:53 ` Sascha Wilde 0 siblings, 1 reply; 156+ messages in thread From: Ken Manheimer @ 2005-10-03 19:50 UTC (permalink / raw) On 10/3/05, Sascha Wilde <wilde@sha-bang.de> wrote: > On Sun, Oct 02, 2005 at 04:31:10PM -0400, Richard M. Stallman wrote: > > So you would consider switching to pgg, if it would provide an > > interface to symmetric encryption? > > > > If someone wants to do it, and assuming the result is clean, it would > > be a good thing to do. > > Enclosed you'll find my preliminary patch to make symmetric encryption > possible with pgg. > > The new function pgg-encrypt-symmetric-region asks for a passphrase > and uses it to symmetrically encrypt the given region. > > Please note, this is by no means complete, just a small proof of concept. > > Ken, would something along this lines be sufficient for use with allout? > [...] > Sascha Wilde : The most exciting phrase to hear in science, the one > : that heralds new discoveries, is not "Eureka!" (I found > : it!) but "That's funny ..." -- Isaac Asimov sounds like it, yes! i can't try it right now, but whether or not it works as is, if you're willing to continue ironing it out with me to get it working properly, i'll it to work with allout. (i hope to have some time this evening or else tomorrow afternoon to devote attention to it.) ! (as you may realize, i like the quote!-) ken ken.manheimer@gmail.com ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg symmetric encryption patch (was: new version of allout.el - patch and ChangeLog) 2005-10-03 19:50 ` Ken Manheimer @ 2005-10-04 10:53 ` Sascha Wilde 2005-10-04 12:46 ` pgg symmetric encryption patch Stefan Monnier 2005-10-05 16:19 ` Sascha Wilde 0 siblings, 2 replies; 156+ messages in thread From: Sascha Wilde @ 2005-10-04 10:53 UTC (permalink / raw) Cc: schwab, ueno, Richard M. Stallman, emacs-devel [-- Attachment #1.1: Type: text/plain, Size: 1287 bytes --] On Mon, Oct 03, 2005 at 03:50:25PM -0400, Ken Manheimer wrote: > On 10/3/05, Sascha Wilde <wilde@sha-bang.de> wrote: > > Enclosed you'll find my preliminary patch to make symmetric encryption > > possible with pgg. [...] > > Ken, would something along this lines be sufficient for use with allout? > > sounds like it, yes! i can't try it right now, but whether or not it > works as is, if you're willing to continue ironing it out with me to > get it working properly, i'll it to work with allout. I'll try to find the time to make this a proper feature of pgg. (I also added the original author to the cc, so he might add his thoughts) Ken, please let me know if it works for you, and what features you are missing. One problem, though: pgg supports, besides gnupg, pgp and pgp5 -- I don't have any version of pgp on my box, and I'm not willing to buy a proprietary product to write these patches. So, to make the symmetric encryption feature work with these backends, I would need help by people, who can tell me about the needed switches for pgp and test the patches with different versions of pgp... cheers sascha -- Sascha Wilde : "There are 10 types of people in the world. : Those who understand binary and those who don't." [-- Attachment #1.2: Type: application/pgp-signature, Size: 189 bytes --] [-- Attachment #2: Type: text/plain, Size: 142 bytes --] _______________________________________________ Emacs-devel mailing list Emacs-devel@gnu.org http://lists.gnu.org/mailman/listinfo/emacs-devel ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg symmetric encryption patch 2005-10-04 10:53 ` Sascha Wilde @ 2005-10-04 12:46 ` Stefan Monnier 2005-10-05 16:19 ` Sascha Wilde 1 sibling, 0 replies; 156+ messages in thread From: Stefan Monnier @ 2005-10-04 12:46 UTC (permalink / raw) Cc: schwab, ueno, Richard M. Stallman, emacs-devel > One problem, though: pgg supports, besides gnupg, pgp and pgp5 -- I > don't have any version of pgp on my box, and I'm not willing to buy a > proprietary product to write these patches. So, to make the symmetric > encryption feature work with these backends, I would need help by > people, who can tell me about the needed switches for pgp and test the > patches with different versions of pgp... I wouldn't worry about that: for non-gpg users it currently doesn't work either, so it's not like you're making life worse for them. If they want symmetric crypto to work for their product, they'll have to provide the patches themselves. Stefan ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg symmetric encryption patch 2005-10-04 10:53 ` Sascha Wilde 2005-10-04 12:46 ` pgg symmetric encryption patch Stefan Monnier @ 2005-10-05 16:19 ` Sascha Wilde 2005-10-05 19:16 ` Ken Manheimer 2005-10-06 2:18 ` Daiki Ueno 1 sibling, 2 replies; 156+ messages in thread From: Sascha Wilde @ 2005-10-05 16:19 UTC (permalink / raw) [-- Attachment #1.1.1: Type: text/plain, Size: 568 bytes --] On Tue, Oct 04, 2005 at 12:53:30PM +0200, Sascha Wilde wrote: > I'll try to find the time to make this a proper feature of pgg. (I > also added the original author to the cc, so he might add his > thoughts) I attached a more complete patch, including documentation and changelog entries. Any comments, bug-fixes, flames are highly appreciated. cheers sascha ps. I have no write access to CVS, so if there are no objections, please commit. -- Sascha Wilde "Liebet eure Feinde, vielleicht schadet das ihrem Ruf" (Stanislaw Jerzy Lec) [-- Attachment #1.1.2: emacs-pgg-symmetric.patch-02 --] [-- Type: text/plain, Size: 9344 bytes --] Index: man/pgg.texi =================================================================== RCS file: /cvsroot/emacs/emacs/man/pgg.texi,v retrieving revision 1.5 diff -u -r1.5 pgg.texi --- man/pgg.texi 16 Sep 2005 22:11:00 -0000 1.5 +++ man/pgg.texi 5 Oct 2005 16:09:13 -0000 @@ -98,6 +98,8 @@ @lisp (autoload 'pgg-encrypt-region "pgg" "Encrypt the current region." t) +(autoload 'pgg-encrypt-symmetric-region "pgg" + "Encrypt the current region with symmetric algorithm." t) (autoload 'pgg-decrypt-region "pgg" "Decrypt the current region." t) (autoload 'pgg-sign-region "pgg" @@ -140,6 +142,13 @@ with GnuPG. @end deffn +@deffn Command pgg-encrypt-symmetric-region start end +Encrypt the current region between @var{start} and @var{end} using a +symmetric cipher. After invocation you are asked for a passphrase. + +This is currently only implemented for GnuPG. +@end deffn + @deffn Command pgg-decrypt-region start end Decrypt the current region between @var{start} and @var{end}. If decryption is successful, it replaces the current region contents (in @@ -305,6 +314,10 @@ @var{recipients}. If @var{sign} is non-@code{nil}, do a combined sign and encrypt. If encryption is successful, it returns @code{t}, otherwise @code{nil}. + +If @var{recipients} equals @code{:symmetric} a symmetric cipher together +with a passphrase is used and @var{sign} is ignored. This feature is +currently only implemented for GnuPG. @end deffn @deffn Method pgg-scheme-decrypt-region scheme start end Index: man/ChangeLog =================================================================== RCS file: /cvsroot/emacs/emacs/man/ChangeLog,v retrieving revision 1.681 diff -u -r1.681 ChangeLog --- man/ChangeLog 4 Oct 2005 22:52:16 -0000 1.681 +++ man/ChangeLog 5 Oct 2005 16:09:16 -0000 @@ -1,3 +1,11 @@ +2005-10-05 Sascha Wilde <swilde@sha-bang.de> + + * pgg.texi (How to use): Added autoload line for + `pgg-encrypt-symmetric-region'. + (User Commands): Description of `pgg-encrypt-symmetric-region'. + (Backend methods): Describe new symmetric encryption feature in + `pgg-scheme-encrypt-region'. + 2005-10-05 Nick Roberts <nickrob@snap.net.nz> * speedbar.texi (GDB): Describe use of watch expressions. Index: lisp/gnus/pgg.el =================================================================== RCS file: /cvsroot/emacs/emacs/lisp/gnus/pgg.el,v retrieving revision 1.8 diff -u -r1.8 pgg.el --- lisp/gnus/pgg.el 26 Aug 2005 00:02:05 -0000 1.8 +++ lisp/gnus/pgg.el 5 Oct 2005 16:09:17 -0000 @@ -4,6 +4,7 @@ ;; 2005 Free Software Foundation, Inc. ;; Author: Daiki Ueno <ueno@unixuser.org> +;; Symmetric encryption added by: Sascha Wilde <wilde@sha-bang.de> ;; Created: 1999/10/28 ;; Keywords: PGP @@ -232,6 +233,34 @@ (pgg-save-coding-system start end (pgg-invoke "encrypt-region" (or pgg-scheme pgg-default-scheme) (point-min) (point-max) rcpts sign)))) + (when (interactive-p) + (pgg-display-output-buffer start end status)) + status)) + +;;;###autoload +(defun pgg-encrypt-symmetric-region (start end) + "Encrypt the current region between START and END symmetric with passphrase." + (interactive "r") + (when (not (member (or pgg-scheme pgg-default-scheme) + pgg-symmetric-encryption-schemes)) + (error "Symmetric encryption is not implemented for selected scheme.")) + (let ((status + (pgg-save-coding-system start end + (pgg-invoke "encrypt-region" (or pgg-scheme pgg-default-scheme) + (point-min) (point-max) :symmetric)))) + (when (interactive-p) + (pgg-display-output-buffer start end status)) + status)) + +;;;###autoload +(defun pgg-encrypt-symmetric (&optional start end) + "Encrypt the current buffer symmetric with passphrase. +If optional arguments START and END are specified, only encrypt within +the region." + (interactive) + (let* ((start (or start (point-min))) + (end (or end (point-max))) + (status (pgg-encrypt-symmetric-region start end))) (when (interactive-p) (pgg-display-output-buffer start end status)) status)) Index: lisp/gnus/pgg-gpg.el =================================================================== RCS file: /cvsroot/emacs/emacs/lisp/gnus/pgg-gpg.el,v retrieving revision 1.6 diff -u -r1.6 pgg-gpg.el --- lisp/gnus/pgg-gpg.el 6 Aug 2005 19:51:42 -0000 1.6 +++ lisp/gnus/pgg-gpg.el 5 Oct 2005 16:09:17 -0000 @@ -4,6 +4,7 @@ ;; 2005 Free Software Foundation, Inc. ;; Author: Daiki Ueno <ueno@unixuser.org> +;; Symmetric encryption added by: Sascha Wilde <wilde@sha-bang.de> ;; Created: 1999/10/28 ;; Keywords: PGP, OpenPGP, GnuPG @@ -141,24 +142,32 @@ (defun pgg-gpg-encrypt-region (start end recipients &optional sign) "Encrypt the current region between START and END. +If recipients is :symmetric do symmetric encryption If optional argument SIGN is non-nil, do a combined sign and encrypt." (let* ((pgg-gpg-user-id (or pgg-gpg-user-id pgg-default-user-id)) + (symmetric-encryption (eq recipients :symmetric)) (passphrase - (when sign - (pgg-read-passphrase - (format "GnuPG passphrase for %s: " pgg-gpg-user-id) - pgg-gpg-user-id))) + (if symmetric-encryption + (pgg-read-passphrase + "GnuPG passphrase for symmetric encryption: ") + (when sign + (pgg-read-passphrase + (format "GnuPG passphrase for %s: " pgg-gpg-user-id) + pgg-gpg-user-id)))) (args (append - (list "--batch" "--armor" "--always-trust" "--encrypt") + (list "--batch" "--armor" "--always-trust" + (if symmetric-encryption "--symmetric" "--encrypt")) (if sign (list "--sign" "--local-user" pgg-gpg-user-id)) - (if recipients - (apply #'nconc - (mapcar (lambda (rcpt) - (list pgg-gpg-recipient-argument rcpt)) - (append recipients - (if pgg-encrypt-for-me - (list pgg-gpg-user-id))))))))) + (if symmetric-encryption + nil + (if recipients + (apply #'nconc + (mapcar (lambda (rcpt) + (list pgg-gpg-recipient-argument rcpt)) + (append recipients + (if pgg-encrypt-for-me + (list pgg-gpg-user-id)))))))))) (pgg-as-lbt start end 'CRLF (pgg-gpg-process-region start end passphrase pgg-gpg-program args)) (when sign @@ -180,7 +189,10 @@ (pgg-gpg-user-id (or key pgg-gpg-user-id pgg-default-user-id)) (passphrase (pgg-read-passphrase - (format "GnuPG passphrase for %s: " pgg-gpg-user-id) + (format (if (pgg-gpg-symmetric-key-p message-keys) + "Passphrase for symmetric dencryption: " + "GnuPG passphrase for %s: ") + pgg-gpg-user-id) pgg-gpg-user-id)) (args '("--batch" "--decrypt"))) (pgg-gpg-process-region start end passphrase pgg-gpg-program args) @@ -188,6 +200,13 @@ (pgg-gpg-possibly-cache-passphrase passphrase pgg-gpg-user-id) (goto-char (point-min)) (re-search-forward "^\\[GNUPG:] DECRYPTION_OKAY\\>" nil t)))) + +(defun pgg-gpg-symmetric-key-p (message-keys) + "Check if MESSAGE-KEYS contains a symmetric encryption indicator." + (dolist (key message-keys result) + (when (and (eq (car key) 3) + (member '(symmetric-key-algorithm) key)) + (setq result key)))) (defun pgg-gpg-select-matching-key (message-keys secret-keys) "Choose a key from MESSAGE-KEYS that matches one of the keys in SECRET-KEYS." Index: lisp/gnus/pgg-def.el =================================================================== RCS file: /cvsroot/emacs/emacs/lisp/gnus/pgg-def.el,v retrieving revision 1.7 diff -u -r1.7 pgg-def.el --- lisp/gnus/pgg-def.el 6 Aug 2005 19:51:42 -0000 1.7 +++ lisp/gnus/pgg-def.el 5 Oct 2005 16:09:17 -0000 @@ -3,6 +3,7 @@ ;; Copyright (C) 1999, 2002, 2003, 2004, 2005 Free Software Foundation, Inc. ;; Author: Daiki Ueno <ueno@unixuser.org> +;; Symmetric encryption added by: Sascha Wilde <wilde@sha-bang.de> ;; Created: 1999/11/02 ;; Keywords: PGP, OpenPGP, GnuPG @@ -83,6 +84,9 @@ (defvar pgg-scheme nil "Current scheme of PGP implementation.") + +(defconst pgg-symmetric-encryption-schemes '(gpg) + "Schemes of PGP implementation for which symmetric encrypt is implemented.") (defmacro pgg-truncate-key-identifier (key) `(if (> (length ,key) 8) (substring ,key 8) ,key)) Index: lisp/gnus/ChangeLog =================================================================== RCS file: /cvsroot/emacs/emacs/lisp/gnus/ChangeLog,v retrieving revision 1.388 diff -u -r1.388 ChangeLog --- lisp/gnus/ChangeLog 4 Oct 2005 22:51:06 -0000 1.388 +++ lisp/gnus/ChangeLog 5 Oct 2005 16:09:19 -0000 @@ -1,3 +1,15 @@ +2005-10-05 Sascha Wilde <swilde@sha-bang.de> + + * pgg-def.el (pgg-symmetric-encryption-schemes): List of schemes + with symmetric encryption support. + + * pgg-gpg.el (pgg-gpg-encrypt-region): Added symmetric encryption. + (pgg-gpg-symmetric-key-p): New function to check for an symmetric + encrypted session key. + + * pgg.el (pgg-encrypt-symmetric,pgg-encrypt-symmetric-region): + New user commands for symmetric encryption. + 2005-10-04 Reiner Steib <Reiner.Steib@gmx.de> * mm-url.el (mm-url-predefined-programs): Add switches for curl. [-- Attachment #1.2: Type: application/pgp-signature, Size: 189 bytes --] [-- Attachment #2: Type: text/plain, Size: 142 bytes --] _______________________________________________ Emacs-devel mailing list Emacs-devel@gnu.org http://lists.gnu.org/mailman/listinfo/emacs-devel ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg symmetric encryption patch 2005-10-05 16:19 ` Sascha Wilde @ 2005-10-05 19:16 ` Ken Manheimer 2005-10-10 4:15 ` Richard M. Stallman 2005-10-06 2:18 ` Daiki Ueno 1 sibling, 1 reply; 156+ messages in thread From: Ken Manheimer @ 2005-10-05 19:16 UTC (permalink / raw) On 10/5/05, Sascha Wilde <wilde@sha-bang.de> wrote: > On Tue, Oct 04, 2005 at 12:53:30PM +0200, Sascha Wilde wrote: > > > I'll try to find the time to make this a proper feature of pgg. (I > > also added the original author to the cc, so he might add his > > thoughts) > > I attached a more complete patch, including documentation and > changelog entries. > > Any comments, bug-fixes, flames are highly appreciated. i have some questions regarding my switching allout over to use pgg. i've been looking over the impact, and it's complicated by the intricate way i use mailcrypt's key caching mechanism. i would have to change pgg's key caching stuff to enable me, for instance, to query for the presence of a key, and also change the encryption/decryption function signatures to take explictly passed-in keys. it will not be trivial, and i don't want to launch into the work if there's no chance the pgg changes will be accepted. i know there's no way in advance to know whether my changes will or won't be acceptible, but i would like to know whether there will be attention available to evaluate them and the possibility that they'll be accepted? my time frame is also a little daunting - i think i have at least a few days of work, and am going to be away for a week in the middle of next week, so may not have anything finished until a few weeks from now. any thoughts? ken manheimer ken.manheimer@gmail.com ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg symmetric encryption patch 2005-10-05 19:16 ` Ken Manheimer @ 2005-10-10 4:15 ` Richard M. Stallman 0 siblings, 0 replies; 156+ messages in thread From: Richard M. Stallman @ 2005-10-10 4:15 UTC (permalink / raw) Cc: schwab, ken.manheimer, ueno, emacs-devel i would have to change pgg's key caching stuff to enable me, for instance, to query for the presence of a key, and also change the encryption/decryption function signatures to take explictly passed-in keys. it will not be trivial, and i don't want to launch into the work if there's no chance the pgg changes will be accepted. I see no reason to reject them, assuming you do a good job writing them, provided you preserve upward-compatibility for the existing PGG interface functions. ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg symmetric encryption patch 2005-10-05 16:19 ` Sascha Wilde 2005-10-05 19:16 ` Ken Manheimer @ 2005-10-06 2:18 ` Daiki Ueno 2005-10-06 9:01 ` Sascha Wilde 1 sibling, 1 reply; 156+ messages in thread From: Daiki Ueno @ 2005-10-06 2:18 UTC (permalink / raw) Cc: schwab, Simon Josefsson, Richard M. Stallman, emacs-devel Hello Sascha, >>>>> In <20051005161905.GA6208@kenny.sha-bang.local> >>>>> Sascha Wilde <wilde@sha-bang.de> wrote: > I attached a more complete patch, including documentation and > changelog entries. > Any comments, bug-fixes, flames are highly appreciated. > +;;;###autoload > +(defun pgg-encrypt-symmetric-region (start end) > + "Encrypt the current region between START and END symmetric with passphrase." > + (interactive "r") > + (when (not (member (or pgg-scheme pgg-default-scheme) > + pgg-symmetric-encryption-schemes)) > + (error "Symmetric encryption is not implemented for selected scheme.")) It might be better to split pgg-gpg-encrypt-symmetric-region from pgg-gpg-encrypt-region rather than maintaining pgg-symmetric-encryption-schemes. When pgg-invoke calls "encrypt-symmetric-region" on pgp or pgp5 backend, a void-function error is signaled. Therefore, the user will see that "encrypt-symmetric-region" is not implemented. And also, is it still necessary to give special meaning to the 1st argument (recipients) of pgg-encrypt-region? > ps. I have no write access to CVS, so if there are no objections, > please commit. Currently, PGG in Emacs CVS is a part of Gnus. So I added Simon Josefsson to the Cc: list. He is one of Gnus maintainers and he has taken care of PGG in Gnus CVS. Regards, -- Daiki Ueno ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg symmetric encryption patch 2005-10-06 2:18 ` Daiki Ueno @ 2005-10-06 9:01 ` Sascha Wilde 2005-10-06 22:41 ` Ken Manheimer 0 siblings, 1 reply; 156+ messages in thread From: Sascha Wilde @ 2005-10-06 9:01 UTC (permalink / raw) Cc: schwab, Ken Manheimer, emacs-devel, Richard M. Stallman, Simon Josefsson [-- Attachment #1.1.1: Type: text/plain, Size: 1077 bytes --] On Thu, Oct 06, 2005 at 11:18:48AM +0900, Daiki Ueno wrote: > It might be better to split pgg-gpg-encrypt-symmetric-region from > pgg-gpg-encrypt-region rather than maintaining > pgg-symmetric-encryption-schemes. Yes, I think you are right, after in all this would be a cleaner approach. (I had reasons for my original design, but reconsidering them, they didn't hold...) > And also, is it still necessary to give special meaning to the 1st > argument (recipients) of pgg-encrypt-region? I guess you mean pgg-gpg-encrypt-region? No, after moving symmetric encryption in a dedicated function the special meaning of recipients is no longer needed. > > ps. I have no write access to CVS, so if there are no objections, > > please commit. > > Currently, PGG in Emacs CVS is a part of Gnus. So I added > Simon Josefsson to the Cc: list. He is one of Gnus maintainers and he > has taken care of PGG in Gnus CVS. Thanks. Attached you'll find a revised version of the patch. cheers -- Sascha Wilde To become a Jedi, use Emacs you have to. [-- Attachment #1.1.2: emacs-pgg-symmetric.patch-03 --] [-- Type: text/plain, Size: 7422 bytes --] Index: man/pgg.texi =================================================================== RCS file: /cvsroot/emacs/emacs/man/pgg.texi,v retrieving revision 1.5 diff -u -r1.5 pgg.texi --- man/pgg.texi 16 Sep 2005 22:11:00 -0000 1.5 +++ man/pgg.texi 6 Oct 2005 09:00:13 -0000 @@ -98,6 +98,8 @@ @lisp (autoload 'pgg-encrypt-region "pgg" "Encrypt the current region." t) +(autoload 'pgg-encrypt-symmetric-region "pgg" + "Encrypt the current region with symmetric algorithm." t) (autoload 'pgg-decrypt-region "pgg" "Decrypt the current region." t) (autoload 'pgg-sign-region "pgg" @@ -140,6 +142,13 @@ with GnuPG. @end deffn +@deffn Command pgg-encrypt-symmetric-region start end +Encrypt the current region between @var{start} and @var{end} using a +symmetric cipher. After invocation you are asked for a passphrase. + +This is currently only implemented for GnuPG. +@end deffn + @deffn Command pgg-decrypt-region start end Decrypt the current region between @var{start} and @var{end}. If decryption is successful, it replaces the current region contents (in @@ -305,6 +314,13 @@ @var{recipients}. If @var{sign} is non-@code{nil}, do a combined sign and encrypt. If encryption is successful, it returns @code{t}, otherwise @code{nil}. +@end deffn + +@deffn Method pgg-scheme-encrypt-symmetric-region scheme start end +Encrypt the current region between @var{start} and @var{end} using a +symmetric cipher and a passphrases. If encryption is successful, it +returns @code{t}, otherwise @code{nil}. This function is currently only +implemented for GnuPG. @end deffn @deffn Method pgg-scheme-decrypt-region scheme start end Index: man/ChangeLog =================================================================== RCS file: /cvsroot/emacs/emacs/man/ChangeLog,v retrieving revision 1.681 diff -u -r1.681 ChangeLog --- man/ChangeLog 4 Oct 2005 22:52:16 -0000 1.681 +++ man/ChangeLog 6 Oct 2005 09:00:16 -0000 @@ -1,3 +1,11 @@ +2005-10-06 Sascha Wilde <swilde@sha-bang.de> + + * pgg.texi (How to use): Added autoload line for + `pgg-encrypt-symmetric-region'. + (User Commands): Description of `pgg-encrypt-symmetric-region'. + (Backend methods): Describe new funktion + `pgg-scheme-encrypt-symmetric-region'. + 2005-10-05 Nick Roberts <nickrob@snap.net.nz> * speedbar.texi (GDB): Describe use of watch expressions. Index: lisp/gnus/pgg.el =================================================================== RCS file: /cvsroot/emacs/emacs/lisp/gnus/pgg.el,v retrieving revision 1.8 diff -u -r1.8 pgg.el --- lisp/gnus/pgg.el 26 Aug 2005 00:02:05 -0000 1.8 +++ lisp/gnus/pgg.el 6 Oct 2005 09:00:17 -0000 @@ -4,6 +4,7 @@ ;; 2005 Free Software Foundation, Inc. ;; Author: Daiki Ueno <ueno@unixuser.org> +;; Symmetric encryption added by: Sascha Wilde <wilde@sha-bang.de> ;; Created: 1999/10/28 ;; Keywords: PGP @@ -232,6 +233,32 @@ (pgg-save-coding-system start end (pgg-invoke "encrypt-region" (or pgg-scheme pgg-default-scheme) (point-min) (point-max) rcpts sign)))) + (when (interactive-p) + (pgg-display-output-buffer start end status)) + status)) + +;;;###autoload +(defun pgg-encrypt-symmetric-region (start end) + "Encrypt the current region between START and END symmetric with passphrase." + (interactive "r") + (let ((status + (pgg-save-coding-system start end + (pgg-invoke "encrypt-symmetric-region" + (or pgg-scheme pgg-default-scheme) + (point-min) (point-max))))) + (when (interactive-p) + (pgg-display-output-buffer start end status)) + status)) + +;;;###autoload +(defun pgg-encrypt-symmetric (&optional start end) + "Encrypt the current buffer symmetric with passphrase. +If optional arguments START and END are specified, only encrypt within +the region." + (interactive) + (let* ((start (or start (point-min))) + (end (or end (point-max))) + (status (pgg-encrypt-symmetric-region start end))) (when (interactive-p) (pgg-display-output-buffer start end status)) status)) Index: lisp/gnus/pgg-gpg.el =================================================================== RCS file: /cvsroot/emacs/emacs/lisp/gnus/pgg-gpg.el,v retrieving revision 1.6 diff -u -r1.6 pgg-gpg.el --- lisp/gnus/pgg-gpg.el 6 Aug 2005 19:51:42 -0000 1.6 +++ lisp/gnus/pgg-gpg.el 6 Oct 2005 09:00:17 -0000 @@ -4,6 +4,7 @@ ;; 2005 Free Software Foundation, Inc. ;; Author: Daiki Ueno <ueno@unixuser.org> +;; Symmetric encryption added by: Sascha Wilde <wilde@sha-bang.de> ;; Created: 1999/10/28 ;; Keywords: PGP, OpenPGP, GnuPG @@ -169,6 +170,16 @@ (pgg-gpg-possibly-cache-passphrase passphrase))) (pgg-process-when-success))) +(defun pgg-gpg-encrypt-symmetric-region (start end) + "Encrypt the current region between START and END with symmetric cipher." + (let* ((passphrase + (pgg-read-passphrase "GnuPG passphrase for symmetric encryption: ")) + (args + (append (list "--batch" "--armor" "--symmetric" )))) + (pgg-as-lbt start end 'CRLF + (pgg-gpg-process-region start end passphrase pgg-gpg-program args)) + (pgg-process-when-success))) + (defun pgg-gpg-decrypt-region (start end) "Decrypt the current region between START and END." (let* ((current-buffer (current-buffer)) @@ -180,7 +191,10 @@ (pgg-gpg-user-id (or key pgg-gpg-user-id pgg-default-user-id)) (passphrase (pgg-read-passphrase - (format "GnuPG passphrase for %s: " pgg-gpg-user-id) + (format (if (pgg-gpg-symmetric-key-p message-keys) + "Passphrase for symmetric dencryption: " + "GnuPG passphrase for %s: ") + pgg-gpg-user-id) pgg-gpg-user-id)) (args '("--batch" "--decrypt"))) (pgg-gpg-process-region start end passphrase pgg-gpg-program args) @@ -188,6 +202,13 @@ (pgg-gpg-possibly-cache-passphrase passphrase pgg-gpg-user-id) (goto-char (point-min)) (re-search-forward "^\\[GNUPG:] DECRYPTION_OKAY\\>" nil t)))) + +(defun pgg-gpg-symmetric-key-p (message-keys) + "Check if MESSAGE-KEYS contains a symmetric encryption indicator." + (dolist (key message-keys result) + (when (and (eq (car key) 3) + (member '(symmetric-key-algorithm) key)) + (setq result key)))) (defun pgg-gpg-select-matching-key (message-keys secret-keys) "Choose a key from MESSAGE-KEYS that matches one of the keys in SECRET-KEYS." Index: lisp/gnus/ChangeLog =================================================================== RCS file: /cvsroot/emacs/emacs/lisp/gnus/ChangeLog,v retrieving revision 1.388 diff -u -r1.388 ChangeLog --- lisp/gnus/ChangeLog 4 Oct 2005 22:51:06 -0000 1.388 +++ lisp/gnus/ChangeLog 6 Oct 2005 09:00:20 -0000 @@ -1,3 +1,15 @@ +2005-10-06 Sascha Wilde <swilde@sha-bang.de> + + * pgg-gpg.el (pgg-gpg-encrypt-symmetric-region): New function for + symmetric encryption. + (pgg-gpg-symmetric-key-p): New function to check for an symmetric + encrypted session key. + (pgg-gpg-decrypt-region): When decrypting a symmetric encrypted + message ask for the passphrase in a proper way. + + * pgg.el (pgg-encrypt-symmetric,pgg-encrypt-symmetric-region): + New user commands for symmetric encryption. + 2005-10-04 Reiner Steib <Reiner.Steib@gmx.de> * mm-url.el (mm-url-predefined-programs): Add switches for curl. [-- Attachment #1.2: Type: application/pgp-signature, Size: 189 bytes --] [-- Attachment #2: Type: text/plain, Size: 142 bytes --] _______________________________________________ Emacs-devel mailing list Emacs-devel@gnu.org http://lists.gnu.org/mailman/listinfo/emacs-devel ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg symmetric encryption patch 2005-10-06 9:01 ` Sascha Wilde @ 2005-10-06 22:41 ` Ken Manheimer 2005-10-07 10:00 ` Sascha Wilde 2005-12-09 15:43 ` pgg symmetric encryption patch Simon Josefsson 0 siblings, 2 replies; 156+ messages in thread From: Ken Manheimer @ 2005-10-06 22:41 UTC (permalink / raw) i'm attempting to incorporate sascha's modified pgg in allout, instead of using a combination of mailcrypt and crypt++, and encountering some serious problems. the problems include some fundamental problems with pgg operation, independent of the patch, that are show-stoppers for me. i'd like to run my assessment of these things by you all and see if you can help me understand them. it's possible i'm mistaken about some, i don't understand what appear to be the choices made. all of my experiments involve the current pgg code found in the gnu.org lisp/gnus CVS. some of them (i'll try to be clear about which) involve this pgg code with sascha's most recent symmetric-key extensions patch (emacs-pgg-symmetric.patch-03) applied (by hand - couldn't get it to work using 'patch'). 1. my most serious concern is with the unpatched pgg code. the text that it encrypts is altered from the original, in order to append \r carriage returns to the text (using pgg-as-lbt / pgg-convert-lbt). the problem with this is that decryption on unix-ish platforms with anything other than pgg will result in text that is different than the original. for example, text that is encrypted with pgg-gpg and then decrypted directly using the gpg program (using the command-line, for instance) will be distorted in this way. likewise if decrypted using mailcrypt in emacs, or pgp5 or pgp in any way, etc. this is not acceptable for my purposes (and i can't figure out where it would be acceptable, but i'm not familiar with the encryption concerns for message exchange, eg for email or news). 2. i also have some fundamental problems with the way unaltered pgg's passphrase caching system is wired. i am not sure about my analysis, and would love to be corrected, and filled in about how it actually does work. (the passphrase cache routines could really use some informative docstrings.) as far as i can tell, on decryption it keys on the value of pgg-default-user-id, rather than the actual recipients of the message. this is generally useless for any messages but those encrypted with the user's public-key. and it depends on the user having set pgg-default-user-id, which seems like an unnecessary and complicating limitation. 3. this key caching problem of #2 is compounded in the context of sascha's patches, because i really can't figure what the right thing is. plus, it's not hooked up quite right in the patches: - the patched version will use the prompt for the symmetric key even when doing a public-key decryption. - pgg-gpp-encrypt-symmetric-region does not do do any key caching. this is the right thing modulo the pgg-default-user-id misorientation of the caching mechanism - but is unacceptable for my purposes, where users can particularly need the convenience of key caching for symmetric-key operation, in order to encrypt and decrypt multiple entries. 4. in the patched version, the symmetric encryption does not replace the original text with the encrypted text - it's only available in the hidden " *PGG output*" buffer, but not put in place. 5. last, another small problem with the unaltered pgg code. i stumbled and was confused when pgg failed to do a public-key encryption due to the default value of pgg-default-user-id. only on reading the code did i learn i needed to set pgg-default-user-id to the identity of my primary key. it may be that i should use my user login for that key's identity, so the default would work, i dunno. it took me a while to unravel these problems, and i stopped at that point - i don't think i can use pgg, as it stands, according to this assessment. i don't understand the reasons for the choices - maybe just because i'm unfamiliar with the regular context where it's used. i may be mistaken about my assessment in some of these items, and would welcome correction and/or clarification! ken manheimer ken.manheimer@gmail.com ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg symmetric encryption patch 2005-10-06 22:41 ` Ken Manheimer @ 2005-10-07 10:00 ` Sascha Wilde 2005-10-07 18:06 ` Ken Manheimer 2005-12-09 15:43 ` pgg symmetric encryption patch Simon Josefsson 1 sibling, 1 reply; 156+ messages in thread From: Sascha Wilde @ 2005-10-07 10:00 UTC (permalink / raw) Cc: sascha schwab (symmetric encryption patches), Daiki Ueno (pgg author), emacs-devel, Richard M. Stallman, Simon Josefsson (gnus maintainer of pgg) [-- Attachment #1.1.1: Type: text/plain, Size: 2242 bytes --] On Thu, Oct 06, 2005 at 06:41:14PM -0400, Ken Manheimer wrote: > which) involve this pgg code with sascha's most recent symmetric-key > extensions patch (emacs-pgg-symmetric.patch-03) applied (by hand - > couldn't get it to work using 'patch'). hmm, strange, I just applied the patch to a fresh GNU emacs cvs checkout w/o any problems -- only one changelog hunk failed, no wonder, the changelogs are constantly changing... ;-) > 1. my most serious concern is with the unpatched pgg code. the text that > it encrypts is altered from the original, in order to append \r carriage > returns to the text (using pgg-as-lbt / pgg-convert-lbt). > > the problem with this is that decryption on unix-ish platforms with > anything other than pgg will result in text that is different than the > original. This is supposed to be a feature, not a bug. But read on, there actually _is_ a bug in PGG... Please note RfC 2440 5.9.: The last sentence gives a short summary on the subject Text data is stored with <CR><LF> text endings (i.e. network-normal line endings). These should be converted to native line endings by the receiving software. As PGG tries to implement RfC conform OpenPGP, and it handles is text, not binary data, this always applies. Please read also on the `--textmode' option of gpg. THE BUG: pgg does the newline conversion by it self (I'm not quite sure why) but fails to tell the backend (gpg) that it should operate in textmode, so the Data Packet is tagged as binary, not text data... Please try if the appended patch (only against pgg-gpg.el) fixes this issue. [passphrase caching] As I'm short of time, I'll look into this issues later, sorry... > 4. in the patched version, the symmetric encryption does not replace the > original text with the encrypted text - it's only available in the > hidden " *PGG output*" buffer, but not put in place. I think, you want to use `pgg-encrypt-symmetric-region', which encapsulates the backend function `pgg-gpg-encrypt-symmetric-region' and puts the encrypted text in place. cheers sascha -- Sascha Wilde A conclusion is simply the place where someone got tired of thinking. [-- Attachment #1.1.2: pgg-gpg_textmode.patch --] [-- Type: text/plain, Size: 3075 bytes --] *** pgg-gpg.el 09 Aug 2005 12:53:45 +0200 1.6 --- pgg-gpg.el 07 Okt 2005 11:47:44 +0200 *************** *** 4,9 **** --- 4,10 ---- ;; 2005 Free Software Foundation, Inc. ;; Author: Daiki Ueno <ueno@unixuser.org> + ;; Symmetric encryption added by: Sascha Wilde <wilde@sha-bang.de> ;; Created: 1999/10/28 ;; Keywords: PGP, OpenPGP, GnuPG *************** *** 150,156 **** pgg-gpg-user-id))) (args (append ! (list "--batch" "--armor" "--always-trust" "--encrypt") (if sign (list "--sign" "--local-user" pgg-gpg-user-id)) (if recipients (apply #'nconc --- 151,157 ---- pgg-gpg-user-id))) (args (append ! (list "--batch" "--textmode" "--armor" "--always-trust" "--encrypt") (if sign (list "--sign" "--local-user" pgg-gpg-user-id)) (if recipients (apply #'nconc *************** *** 169,174 **** --- 170,185 ---- (pgg-gpg-possibly-cache-passphrase passphrase))) (pgg-process-when-success))) + (defun pgg-gpg-encrypt-symmetric-region (start end) + "Encrypt the current region between START and END with symmetric cipher." + (let* ((passphrase + (pgg-read-passphrase "GnuPG passphrase for symmetric encryption: ")) + (args + (append (list "--batch" "--textmode" "--armor" "--symmetric" )))) + (pgg-as-lbt start end 'CRLF + (pgg-gpg-process-region start end passphrase pgg-gpg-program args)) + (pgg-process-when-success))) + (defun pgg-gpg-decrypt-region (start end) "Decrypt the current region between START and END." (let* ((current-buffer (current-buffer)) *************** *** 180,186 **** (pgg-gpg-user-id (or key pgg-gpg-user-id pgg-default-user-id)) (passphrase (pgg-read-passphrase ! (format "GnuPG passphrase for %s: " pgg-gpg-user-id) pgg-gpg-user-id)) (args '("--batch" "--decrypt"))) (pgg-gpg-process-region start end passphrase pgg-gpg-program args) --- 191,200 ---- (pgg-gpg-user-id (or key pgg-gpg-user-id pgg-default-user-id)) (passphrase (pgg-read-passphrase ! (format (if (pgg-gpg-symmetric-key-p message-keys) ! "Passphrase for symmetric dencryption: " ! "GnuPG passphrase for %s: ") ! pgg-gpg-user-id) pgg-gpg-user-id)) (args '("--batch" "--decrypt"))) (pgg-gpg-process-region start end passphrase pgg-gpg-program args) *************** *** 189,194 **** --- 203,215 ---- (goto-char (point-min)) (re-search-forward "^\\[GNUPG:] DECRYPTION_OKAY\\>" nil t)))) + (defun pgg-gpg-symmetric-key-p (message-keys) + "Check if MESSAGE-KEYS contains a symmetric encryption indicator." + (dolist (key message-keys result) + (when (and (eq (car key) 3) + (member '(symmetric-key-algorithm) key)) + (setq result key)))) + (defun pgg-gpg-select-matching-key (message-keys secret-keys) "Choose a key from MESSAGE-KEYS that matches one of the keys in SECRET-KEYS." (loop for message-key in message-keys [-- Attachment #1.2: Type: application/pgp-signature, Size: 189 bytes --] [-- Attachment #2: Type: text/plain, Size: 142 bytes --] _______________________________________________ Emacs-devel mailing list Emacs-devel@gnu.org http://lists.gnu.org/mailman/listinfo/emacs-devel ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg symmetric encryption patch 2005-10-07 10:00 ` Sascha Wilde @ 2005-10-07 18:06 ` Ken Manheimer 2005-10-07 21:49 ` Sascha Wilde 0 siblings, 1 reply; 156+ messages in thread From: Ken Manheimer @ 2005-10-07 18:06 UTC (permalink / raw) On 10/7/05, Sascha Wilde <wilde@sha-bang.de> wrote: > On Thu, Oct 06, 2005 at 06:41:14PM -0400, Ken Manheimer wrote: > > > which) involve this pgg code with sascha's most recent symmetric-key > > extensions patch (emacs-pgg-symmetric.patch-03) applied (by hand - > > couldn't get it to work using 'patch'). > > hmm, strange, I just applied the patch to a fresh GNU emacs cvs > checkout w/o any problems -- only one changelog hunk failed, no > wonder, the changelogs are constantly changing... ;-) ironically, this was a due to the patch file having DOS-style line endings. i didn't notice the "(DOS)" indicator on the emacs mode line - but did notice it when i just looked at the .rej files. i visited the file "literally" ('find-file-literally') and stripped the ^Ms, and the patch worked. (to complicate matters a little, 'patch' compensated for the ^M line endings in the new patch you sent (pgg-gpg_textmode.patch). i don't know why that compensation didn't happen with the other patch - maybe something to do with this one being for a single file and the other being multi? aargh.) > > 1. my most serious concern is with the unpatched pgg code. the text that > > it encrypts is altered from the original, in order to append \r carriage > > returns to the text (using pgg-as-lbt / pgg-convert-lbt). > > > > the problem with this is that decryption on unix-ish platforms with > > anything other than pgg will result in text that is different than the > > original. > > This is supposed to be a feature, not a bug. > But read on, there actually _is_ a bug in PGG... > > Please note RfC 2440 5.9.: > > The last sentence gives a short summary on the subject > > Text data is stored with <CR><LF> text endings (i.e. network-normal > line endings). These should be converted to native line endings by > the receiving software. > > As PGG tries to implement RfC conform OpenPGP, and it handles is text, > not binary data, this always applies. > > Please read also on the `--textmode' option of gpg. > > THE BUG: pgg does the newline conversion by it self (I'm not quite > sure why) but fails to tell the backend (gpg) that it should operate > in textmode, so the Data Packet is tagged as binary, not text data... pgg is definitely doing the wrong thing in converting the text to DOS format, itself. that requires that pgg be the decryption program used if the platform where the message is being decrypted does not use DOS file-encoding. > Please try if the appended patch (only against pgg-gpg.el) fixes this > issue. that didn't work, but lead me in the right direction to what looks like the fix. it does work if you also remove the invocation of the pgg-as-lbt macro which encloses the pgg-gpg-process-region call. i'm including a patch which does that for all of the pgg-gpg.el routines which use pgg-as-lbt. once again, i'm not *sure* that's the right thing, but i'm pretty sure that the way pgg-as-lbt is being used is the wrong thing. maybe that was done to try to provide for versions of gpg that lacked the --textmode option. i don't think that would be a good idea. (since pgg-as-lbt is a macro, its effect is a little beguiling. it does its processing _before_ the call to pgg-gpg-process-region, despite the fact that the latter is placed as an argument to the former, and in contrast to what would happen in regular functions, where the innermost call would be conducted first...) > [passphrase caching] > > As I'm short of time, I'll look into this issues later, sorry... i've resolved part of the problem in my patch, specifically: > > 3. this key caching problem of #2 is compounded in the context of sascha's > > [...] > > - the patched version will use the prompt for the symmetric key even when > > doing a public-key decryption. the problem was that the 'result' value in dolist was being setq'd, but not made local, so the previous result is used in the case that no new result is found. i added a '(let (result) ...)' around the dolist, and it's now behaving properly. that's in my version of your patch. caching of the symmetric passphrase is going to take some more thought. what i did in allout is to manipulate mailcrypt's caching mechanism to cache the symmetric key according to the file path, if any, else the buffer name. that way, there's one symmetric key cached per file. on top of that, there's allowance in the password reading mechanism for new or varying symmetric keys for a file, with provision for presenting a user-supplied key hint in the prompt, as well. i would like to refine pgg's password prompting mechanism to make it easy for allout to provide the prompt and other behaviors without making it too specialized and complicated. i'm going to leave that for a separate patch, once i get it done. finally (with regard to the passphrase stuff), pgg should be caching the key-pair mode passphrases according to the actual identity of the key being addressed, and not the default user id. that info is available explicitly when encrypting, and i suspect that your pgg-gpg-symmetric-key-p demonstrates that it's available (via pgg-decode-armor-region) when decrypting. the caching should discriminate, and the decryption prompt should indicate, on the basis of that info, but i'll leave it to someone else to make those refinements to the pgg code. i'm going to just try to make sure the caching and password reading mechanisms are general enough. > > 4. in the patched version, the symmetric encryption does not replace the > > original text with the encrypted text - it's only available in the > > hidden " *PGG output*" buffer, but not put in place. > > I think, you want to use `pgg-encrypt-symmetric-region', which > encapsulates the backend function `pgg-gpg-encrypt-symmetric-region' > and puts the encrypted text in place. you're correct, that was my mistake. we're making some good progress here. the --textmode fact was crucial - it's looking like the use of pgg-as-lbt is somehow misguided. i'm hoping that the major things are taken care of, and i can refine the passphrase caching mechanism as i see necessary. thanks for your help! ken manheimer ken.manheimer@gmail.com ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg symmetric encryption patch 2005-10-07 18:06 ` Ken Manheimer @ 2005-10-07 21:49 ` Sascha Wilde 2005-10-08 8:48 ` Simon Josefsson 0 siblings, 1 reply; 156+ messages in thread From: Sascha Wilde @ 2005-10-07 21:49 UTC (permalink / raw) Cc: sascha schwab (symmetric encryption patches), Daiki Ueno (pgg author), emacs-devel, Richard M. Stallman, Simon Josefsson (gnus maintainer of pgg) [-- Attachment #1.1.1: Type: text/plain, Size: 3118 bytes --] On Fri, Oct 07, 2005 at 02:06:55PM -0400, Ken Manheimer wrote: > On 10/7/05, Sascha Wilde <wilde@sha-bang.de> wrote: > > On Thu, Oct 06, 2005 at 06:41:14PM -0400, Ken Manheimer wrote: > > > 1. my most serious concern is with the unpatched pgg code. the text that > > > it encrypts is altered from the original, in order to append \r carriage > > > returns to the text (using pgg-as-lbt / pgg-convert-lbt). > > > > > > the problem with this is that decryption on unix-ish platforms with > > > anything other than pgg will result in text that is different than the > > > original. > > > > This is supposed to be a feature, not a bug. > > But read on, there actually _is_ a bug in PGG... [...] > > THE BUG: pgg does the newline conversion by it self (I'm not quite > > sure why) but fails to tell the backend (gpg) that it should operate > > in textmode, so the Data Packet is tagged as binary, not text data... > > pgg is definitely doing the wrong thing in converting the text to DOS > format, itself. that requires that pgg be the decryption program used > if the platform where the message is being decrypted does not use DOS > file-encoding. While I agree, that it is unnecessary (at least with gpg as backend) I wouldn't say, that it is wrong. When the content of the data packet is tag as text, _any_ decrypting application is required to convert the <CR><LF> to the type of linebreak matching the local system. > > Please try if the appended patch (only against pgg-gpg.el) fixes this > > issue. > > that didn't work, but lead me in the right direction to what looks > like the fix. > > it does work if you also remove the invocation of the pgg-as-lbt macro > which encloses the pgg-gpg-process-region call. As explained it shouldn't make any difference if the conversion is done by pgg or gpg, as long as the data is tagged as text. I tried it here with my latest patches and gpg and I was able to encrypt a text using pgg and decrypt it with gpg on the command line as well as with pgg within emacs and getting the right result (unix like linebreakes, that is) in both cases. What happens when you try it? > i'm including a patch which does that for all of the pgg-gpg.el > routines which use pgg-as-lbt. hmm, I don't think you did... ;-) And, as explained, I think this shouldn't be needed. Anyway I found another (unrelated) bug in my code, please see the attached patch. > the problem was that the 'result' value in dolist was being setq'd, > but not made local, so the previous result is used in the case that no > new result is found. i added a '(let (result) ...)' around the > dolist, and it's now behaving properly. that's in my version of your > patch. Yes, this was a bug. (Funny enough, I just found it m self) Everybody: please attache the provided patch... [...] > we're making some good progress here. yes, seems so! :-) Thanks for your work. cheers sascha -- Sascha Wilde : "Lies, was ich meine, nicht, was ich schreibe." : (Urs Traenkner in de.alt.admin) [-- Attachment #1.1.2: pgg-gpg_symmetric-key-p.patch --] [-- Type: text/plain, Size: 794 bytes --] --- /usr/share/emacs/22.0.50/lisp/gnus/pgg-gpg.el 2005-10-07 11:47:44.000000000 +0200 +++ /home/wilde/src/std-src/emacs/lisp/gnus/pgg-gpg.el 2005-10-07 23:29:57.000000000 +0200 @@ -205,10 +205,11 @@ (defun pgg-gpg-symmetric-key-p (message-keys) "Check if MESSAGE-KEYS contains a symmetric encryption indicator." - (dolist (key message-keys result) - (when (and (eq (car key) 3) - (member '(symmetric-key-algorithm) key)) - (setq result key)))) + (let ((result)) + (dolist (key message-keys result) + (when (and (eq (car key) 3) + (member '(symmetric-key-algorithm) key)) + (setq result key))))) (defun pgg-gpg-select-matching-key (message-keys secret-keys) "Choose a key from MESSAGE-KEYS that matches one of the keys in SECRET-KEYS." [-- Attachment #1.2: Type: application/pgp-signature, Size: 189 bytes --] [-- Attachment #2: Type: text/plain, Size: 142 bytes --] _______________________________________________ Emacs-devel mailing list Emacs-devel@gnu.org http://lists.gnu.org/mailman/listinfo/emacs-devel ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg symmetric encryption patch 2005-10-07 21:49 ` Sascha Wilde @ 2005-10-08 8:48 ` Simon Josefsson 2005-10-08 10:36 ` Sascha Wilde 0 siblings, 1 reply; 156+ messages in thread From: Simon Josefsson @ 2005-10-08 8:48 UTC (permalink / raw) Cc: sascha schwab (symmetric encryption patches), Daiki Ueno (pgg author), Richard M. Stallman, emacs-devel It seems you are making some progress here. For simplicity, could you post the complete patch (preferably in unified diff format) against Emacs CVS you want to have installed? Unless somebody else has already taken care of this... Btw, I have merged some bug fixes of PGG from No Gnus CVS into Emacs CVS. The changes between PGG in Emacs CVS and No Gnus are now only related to password.el, which I believe we agreed to not install in Emacs because it was too close to the release. ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg symmetric encryption patch 2005-10-08 8:48 ` Simon Josefsson @ 2005-10-08 10:36 ` Sascha Wilde 2005-10-08 11:14 ` Simon Josefsson 2005-10-08 18:31 ` Ken Manheimer 0 siblings, 2 replies; 156+ messages in thread From: Sascha Wilde @ 2005-10-08 10:36 UTC (permalink / raw) Cc: sascha schwab (symmetric encryption patches), Ken Manheimer, Daiki Ueno (pgg author), Richard M. Stallman, emacs-devel [-- Attachment #1.1.1: Type: text/plain, Size: 655 bytes --] On Sat, Oct 08, 2005 at 10:48:27AM +0200, Simon Josefsson wrote: > It seems you are making some progress here. For simplicity, could you > post the complete patch (preferably in unified diff format) against > Emacs CVS you want to have installed? Unless somebody else has > already taken care of this... I attached the complete patch against the latest cvs checkout. Thanks for your help. cheers sascha -- Sascha Wilde "Structure is _nothing_ if it is all you got. Skeletons _spook_ people if thwy try to walk around on their own. I really wonder why XML does not." -- Erik Naggum <erik@naggum.net> in comp.lang.lisp [-- Attachment #1.1.2: emacs-pgg-symmetric.patch-04 --] [-- Type: text/plain, Size: 7885 bytes --] Index: man/pgg.texi =================================================================== RCS file: /cvsroot/emacs/emacs/man/pgg.texi,v retrieving revision 1.5 diff -u -r1.5 pgg.texi --- man/pgg.texi 16 Sep 2005 22:11:00 -0000 1.5 +++ man/pgg.texi 8 Oct 2005 10:31:09 -0000 @@ -98,6 +98,8 @@ @lisp (autoload 'pgg-encrypt-region "pgg" "Encrypt the current region." t) +(autoload 'pgg-encrypt-symmetric-region "pgg" + "Encrypt the current region with symmetric algorithm." t) (autoload 'pgg-decrypt-region "pgg" "Decrypt the current region." t) (autoload 'pgg-sign-region "pgg" @@ -140,6 +142,13 @@ with GnuPG. @end deffn +@deffn Command pgg-encrypt-symmetric-region start end +Encrypt the current region between @var{start} and @var{end} using a +symmetric cipher. After invocation you are asked for a passphrase. + +This is currently only implemented for GnuPG. +@end deffn + @deffn Command pgg-decrypt-region start end Decrypt the current region between @var{start} and @var{end}. If decryption is successful, it replaces the current region contents (in @@ -305,6 +314,13 @@ @var{recipients}. If @var{sign} is non-@code{nil}, do a combined sign and encrypt. If encryption is successful, it returns @code{t}, otherwise @code{nil}. +@end deffn + +@deffn Method pgg-scheme-encrypt-symmetric-region scheme start end +Encrypt the current region between @var{start} and @var{end} using a +symmetric cipher and a passphrases. If encryption is successful, it +returns @code{t}, otherwise @code{nil}. This function is currently only +implemented for GnuPG. @end deffn @deffn Method pgg-scheme-decrypt-region scheme start end Index: man/ChangeLog =================================================================== RCS file: /cvsroot/emacs/emacs/man/ChangeLog,v retrieving revision 1.683 diff -u -r1.683 ChangeLog --- man/ChangeLog 8 Oct 2005 02:55:16 -0000 1.683 +++ man/ChangeLog 8 Oct 2005 10:31:12 -0000 @@ -10,6 +10,14 @@ * building.texi (GDB Graphical Interface): Add variables and functions to indices. Be more precise. +2005-10-06 Sascha Wilde <swilde@sha-bang.de> + + * pgg.texi (How to use): Added autoload line for + `pgg-encrypt-symmetric-region'. + (User Commands): Description of `pgg-encrypt-symmetric-region'. + (Backend methods): Describe new funktion + `pgg-scheme-encrypt-symmetric-region'. + 2005-10-05 Nick Roberts <nickrob@snap.net.nz> * speedbar.texi (GDB): Describe use of watch expressions. Index: lisp/gnus/pgg.el =================================================================== RCS file: /cvsroot/emacs/emacs/lisp/gnus/pgg.el,v retrieving revision 1.8 diff -u -r1.8 pgg.el --- lisp/gnus/pgg.el 26 Aug 2005 00:02:05 -0000 1.8 +++ lisp/gnus/pgg.el 8 Oct 2005 10:31:13 -0000 @@ -4,6 +4,7 @@ ;; 2005 Free Software Foundation, Inc. ;; Author: Daiki Ueno <ueno@unixuser.org> +;; Symmetric encryption added by: Sascha Wilde <wilde@sha-bang.de> ;; Created: 1999/10/28 ;; Keywords: PGP @@ -232,6 +233,32 @@ (pgg-save-coding-system start end (pgg-invoke "encrypt-region" (or pgg-scheme pgg-default-scheme) (point-min) (point-max) rcpts sign)))) + (when (interactive-p) + (pgg-display-output-buffer start end status)) + status)) + +;;;###autoload +(defun pgg-encrypt-symmetric-region (start end) + "Encrypt the current region between START and END symmetric with passphrase." + (interactive "r") + (let ((status + (pgg-save-coding-system start end + (pgg-invoke "encrypt-symmetric-region" + (or pgg-scheme pgg-default-scheme) + (point-min) (point-max))))) + (when (interactive-p) + (pgg-display-output-buffer start end status)) + status)) + +;;;###autoload +(defun pgg-encrypt-symmetric (&optional start end) + "Encrypt the current buffer symmetric with passphrase. +If optional arguments START and END are specified, only encrypt within +the region." + (interactive) + (let* ((start (or start (point-min))) + (end (or end (point-max))) + (status (pgg-encrypt-symmetric-region start end))) (when (interactive-p) (pgg-display-output-buffer start end status)) status)) Index: lisp/gnus/pgg-gpg.el =================================================================== RCS file: /cvsroot/emacs/emacs/lisp/gnus/pgg-gpg.el,v retrieving revision 1.7 diff -u -r1.7 pgg-gpg.el --- lisp/gnus/pgg-gpg.el 8 Oct 2005 08:43:33 -0000 1.7 +++ lisp/gnus/pgg-gpg.el 8 Oct 2005 10:31:14 -0000 @@ -4,6 +4,7 @@ ;; 2005 Free Software Foundation, Inc. ;; Author: Daiki Ueno <ueno@unixuser.org> +;; Symmetric encryption added by: Sascha Wilde <wilde@sha-bang.de> ;; Created: 1999/10/28 ;; Keywords: PGP, OpenPGP, GnuPG @@ -150,7 +151,7 @@ pgg-gpg-user-id))) (args (append - (list "--batch" "--armor" "--always-trust" "--encrypt") + (list "--batch" "--textmode" "--armor" "--always-trust" "--encrypt") (if sign (list "--sign" "--local-user" pgg-gpg-user-id)) (if recipients (apply #'nconc @@ -169,6 +170,16 @@ (pgg-gpg-possibly-cache-passphrase passphrase))) (pgg-process-when-success))) +(defun pgg-gpg-encrypt-symmetric-region (start end) + "Encrypt the current region between START and END with symmetric cipher." + (let* ((passphrase + (pgg-read-passphrase "GnuPG passphrase for symmetric encryption: ")) + (args + (append (list "--batch" "--textmode" "--armor" "--symmetric" )))) + (pgg-as-lbt start end 'CRLF + (pgg-gpg-process-region start end passphrase pgg-gpg-program args)) + (pgg-process-when-success))) + (defun pgg-gpg-decrypt-region (start end) "Decrypt the current region between START and END." (let* ((current-buffer (current-buffer)) @@ -180,7 +191,10 @@ (pgg-gpg-user-id (or key pgg-gpg-user-id pgg-default-user-id)) (passphrase (pgg-read-passphrase - (format "GnuPG passphrase for %s: " pgg-gpg-user-id) + (format (if (pgg-gpg-symmetric-key-p message-keys) + "Passphrase for symmetric dencryption: " + "GnuPG passphrase for %s: ") + pgg-gpg-user-id) pgg-gpg-user-id)) (args '("--batch" "--decrypt"))) (pgg-gpg-process-region start end passphrase pgg-gpg-program args) @@ -188,6 +202,14 @@ (pgg-gpg-possibly-cache-passphrase passphrase pgg-gpg-user-id) (goto-char (point-min)) (re-search-forward "^\\[GNUPG:] DECRYPTION_OKAY\\>" nil t)))) + +(defun pgg-gpg-symmetric-key-p (message-keys) + "Check if MESSAGE-KEYS contains a symmetric encryption indicator." + (let ((result)) + (dolist (key message-keys result) + (when (and (eq (car key) 3) + (member '(symmetric-key-algorithm) key)) + (setq result key))))) (defun pgg-gpg-select-matching-key (message-keys secret-keys) "Choose a key from MESSAGE-KEYS that matches one of the keys in SECRET-KEYS." Index: lisp/gnus/ChangeLog =================================================================== RCS file: /cvsroot/emacs/emacs/lisp/gnus/ChangeLog,v retrieving revision 1.392 diff -u -r1.392 ChangeLog --- lisp/gnus/ChangeLog 8 Oct 2005 08:45:31 -0000 1.392 +++ lisp/gnus/ChangeLog 8 Oct 2005 10:31:16 -0000 @@ -1,3 +1,15 @@ +2005-10-06 Sascha Wilde <swilde@sha-bang.de> + + * pgg-gpg.el (pgg-gpg-encrypt-symmetric-region): New function for + symmetric encryption. + (pgg-gpg-symmetric-key-p): New function to check for an symmetric + encrypted session key. + (pgg-gpg-decrypt-region): When decrypting a symmetric encrypted + message ask for the passphrase in a proper way. + + * pgg.el (pgg-encrypt-symmetric,pgg-encrypt-symmetric-region): + New user commands for symmetric encryption. + 2005-01-21 Derek Atkins <warlord@MIT.EDU> (tiny change) * pgg-pgp.el (pgg-pgp-decrypt-region): Use passphrase cache. [-- Attachment #1.2: Type: application/pgp-signature, Size: 189 bytes --] [-- Attachment #2: Type: text/plain, Size: 142 bytes --] _______________________________________________ Emacs-devel mailing list Emacs-devel@gnu.org http://lists.gnu.org/mailman/listinfo/emacs-devel ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg symmetric encryption patch 2005-10-08 10:36 ` Sascha Wilde @ 2005-10-08 11:14 ` Simon Josefsson 2005-10-08 12:56 ` Ken Manheimer 2005-10-08 13:43 ` Sascha Wilde 2005-10-08 18:31 ` Ken Manheimer 1 sibling, 2 replies; 156+ messages in thread From: Simon Josefsson @ 2005-10-08 11:14 UTC (permalink / raw) Cc: sascha schwab (symmetric encryption patches), Daiki Ueno (pgg author), Richard M. Stallman, emacs-devel Sascha Wilde <wilde@sha-bang.de> writes: > On Sat, Oct 08, 2005 at 10:48:27AM +0200, Simon Josefsson wrote: >> It seems you are making some progress here. For simplicity, could you >> post the complete patch (preferably in unified diff format) against >> Emacs CVS you want to have installed? Unless somebody else has >> already taken care of this... > > I attached the complete patch against the latest cvs checkout. > > Thanks for your help. Thanks! The patch looks good. I think this is a non-trivial change, though, so installing it would require signing papers to transfer the copyright to the FSF. Have all the authors done this? Would you be willing to do it? Thanks. ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg symmetric encryption patch 2005-10-08 11:14 ` Simon Josefsson @ 2005-10-08 12:56 ` Ken Manheimer 2005-10-08 22:56 ` Richard M. Stallman 2005-10-08 13:43 ` Sascha Wilde 1 sibling, 1 reply; 156+ messages in thread From: Ken Manheimer @ 2005-10-08 12:56 UTC (permalink / raw) Cc: sascha schwab (symmetric encryption patches), Daiki Ueno (pgg author), Richard M. Stallman, emacs-devel On 10/8/05, Simon Josefsson <jas@extundo.com> wrote: > Sascha Wilde <wilde@sha-bang.de> writes: > > > On Sat, Oct 08, 2005 at 10:48:27AM +0200, Simon Josefsson wrote: > >> It seems you are making some progress here. For simplicity, could you > >> post the complete patch (preferably in unified diff format) against > >> Emacs CVS you want to have installed? Unless somebody else has > >> already taken care of this... > > > > I attached the complete patch against the latest cvs checkout. > > > > Thanks for your help. > > Thanks! The patch looks good. I think this is a non-trivial change, > though, so installing it would require signing papers to transfer the > copyright to the FSF. Have all the authors done this? Would you be > willing to do it? Thanks. how imminent is the release? i have an initial revision of the code, on top of sascha's patches, to enable explicit management of passphrase caching by the calling code. that still might change as i develop my code that uses it, though. so i'm unsure whether i have toto post those revisions immediately, so i can get them into the release, or whether i have a few days to develop the other code and resolve the changes i'd ideally like in the pgg code. as for the copyright assignment, i have papers on file from a long time ago, for allout and icomplete, but i believe it covers whatever i want to contribute. all the lines in the current patch were written by sascha, anyway, my suggestions just motivated some of them. ken manheimer ken.manheimer@gmail.com ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg symmetric encryption patch 2005-10-08 12:56 ` Ken Manheimer @ 2005-10-08 22:56 ` Richard M. Stallman 2005-10-10 21:50 ` Ken Manheimer 0 siblings, 1 reply; 156+ messages in thread From: Richard M. Stallman @ 2005-10-08 22:56 UTC (permalink / raw) Cc: schwab, ueno, emacs-devel, jas Pretesting surely won't start in the next few weeks. Your papers cover only the specific files you assigned, but they do cover changes to those files. So if you change the code in allout.el to work with pgg, we will have no trouble using that change. But we do need papers from Sascha Wilde. I will start arranging that. ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg symmetric encryption patch 2005-10-08 22:56 ` Richard M. Stallman @ 2005-10-10 21:50 ` Ken Manheimer 2005-10-11 14:44 ` Richard M. Stallman 0 siblings, 1 reply; 156+ messages in thread From: Ken Manheimer @ 2005-10-10 21:50 UTC (permalink / raw) Cc: schwab, ueno, emacs-devel, jas On 10/8/05, Richard M. Stallman <rms@gnu.org> wrote: > Pretesting surely won't start in the next few weeks. i'll continue on, happy to have breathing room. > Your papers cover only the specific files you assigned, > but they do cover changes to those files. So if you change > the code in allout.el to work with pgg, we will have no trouble > using that change. in the pgg patchs i've sent so far, there's probably around 70 lines of mine in pgg.el and around 37 in pgg-gpe.el. i don't think there will be too many more changes, but these are essential. is that small enough that no copyright assignment is required? ken ken.manheimer@gmail.com ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg symmetric encryption patch 2005-10-10 21:50 ` Ken Manheimer @ 2005-10-11 14:44 ` Richard M. Stallman 0 siblings, 0 replies; 156+ messages in thread From: Richard M. Stallman @ 2005-10-11 14:44 UTC (permalink / raw) Cc: schwab, ueno, emacs-devel, jas in the pgg patchs i've sent so far, there's probably around 70 lines of mine in pgg.el and around 37 in pgg-gpe.el. i don't think there will be too many more changes, but these are essential. is that small enough that no copyright assignment is required? Over 10 to 15 lines needs papers. I will send you what you need. ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg symmetric encryption patch 2005-10-08 11:14 ` Simon Josefsson 2005-10-08 12:56 ` Ken Manheimer @ 2005-10-08 13:43 ` Sascha Wilde 1 sibling, 0 replies; 156+ messages in thread From: Sascha Wilde @ 2005-10-08 13:43 UTC (permalink / raw) Cc: sascha schwab (symmetric encryption patches), Ken Manheimer, Daiki Ueno (pgg author), Richard M. Stallman, emacs-devel [-- Attachment #1.1: Type: text/plain, Size: 830 bytes --] On Sat, Oct 08, 2005 at 01:14:59PM +0200, Simon Josefsson wrote: > Sascha Wilde <wilde@sha-bang.de> writes: > > > On Sat, Oct 08, 2005 at 10:48:27AM +0200, Simon Josefsson wrote: > > I attached the complete patch against the latest cvs checkout. > > > > Thanks for your help. > > Thanks! The patch looks good. I think this is a non-trivial > change, though, so installing it would require signing papers to > transfer the copyright to the FSF. Have all the authors done this? No, I haven't yet. > Would you be willing to do it? Thanks. Sure. Could you please guide me how to do this? cheers sascha -- Sascha Wilde : xedit? Das sieht zwar wie vi aus als könne es nix, aber im : Gegensatz zu vi kann es wirklich nix und nix ist noch geschönt! : (Michael Core in dafc) [-- Attachment #1.2: Type: application/pgp-signature, Size: 189 bytes --] [-- Attachment #2: Type: text/plain, Size: 142 bytes --] _______________________________________________ Emacs-devel mailing list Emacs-devel@gnu.org http://lists.gnu.org/mailman/listinfo/emacs-devel ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg symmetric encryption patch 2005-10-08 10:36 ` Sascha Wilde 2005-10-08 11:14 ` Simon Josefsson @ 2005-10-08 18:31 ` Ken Manheimer 2005-10-08 19:16 ` Ken Manheimer 2005-10-10 21:15 ` Ken Manheimer 1 sibling, 2 replies; 156+ messages in thread From: Ken Manheimer @ 2005-10-08 18:31 UTC (permalink / raw) On 10/8/05, Sascha Wilde <wilde@sha-bang.de> wrote: > On Sat, Oct 08, 2005 at 10:48:27AM +0200, Simon Josefsson wrote: > > It seems you are making some progress here. For simplicity, could you > > post the complete patch (preferably in unified diff format) against > > Emacs CVS you want to have installed? Unless somebody else has > > already taken care of this... > > I attached the complete patch against the latest cvs checkout. i've got another take on the cumulative patch, with the addition of some refinements i would like to add. the patch is against the gnu.org repository, and incorporates recent checkins there as of a few minutes ago. here are the details of my further refinements, which are included in this patch. their purpose is to enable external management of the passphrases, including prompting and caching, while still using the pgg encryption and cache mechanisms. the changes have two thrusts: - extend the (generic pgg and gpg scheme) encryption and decryption routines to take an optional passphrase argument, and when provided, use its value instead of prompting for the passphrase - extend the passphrase caching and prompting routines to take an optional 'notruncate' argument, to enable caching of passphrases for keys besides those that have the format of the short pgp packet key id. i think that these, together, will enable me to do the passphrase handling and extend it to symmetric keys, while still leveraging the features of the pgg mechanism (in particular, passphrase expiration). i am pretty sure it's all backwards compatible - all the additional functionality hinges on using the new optional arguments, there should be no operational changes if you don't use them. (i am very puzzled about why the passphrase cache was restricted to the length of the short pgp packet key ids. seems like you want to couple the passphrases with the user identity for which the message is being encoded, in the case of key-pair ciphers, or some arbitrary string for symmetric ciphers - eg, file name is what i want to use for symmetric keys in allout, since the symmetric keys are associated with the files. but once again i don't know the pgp territory well enough to wade in, and want to minimize the chance of inadvertantly breaking anything. if this approach is deemed to be fine, i can easily provide an additional patch to adjust the pgg-pgp and pgg-pgp5 modules similarly. ken ken.manheimer@gmail.com ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg symmetric encryption patch 2005-10-08 18:31 ` Ken Manheimer @ 2005-10-08 19:16 ` Ken Manheimer 2005-10-10 21:15 ` Ken Manheimer 1 sibling, 0 replies; 156+ messages in thread From: Ken Manheimer @ 2005-10-08 19:16 UTC (permalink / raw) [-- Attachment #1: Type: text/plain, Size: 3189 bytes --] damn! i'm absolutely sure i attached it that time. (i even ditched the first attachment and reattached a new copy, when i noticed a revision to add.) i'm going to try again as an attachment, and if it doesn't go through i'll send it inline. ---------- Forwarded message ---------- From: Ken Manheimer <ken.manheimer@gmail.com> Date: Oct 8, 2005 2:31 PM Subject: Re: pgg symmetric encryption patch To: Simon Josefsson <jas@extundo.com>, Ken Manheimer <ken.manheimer@gmail.com>, "sascha schwab (symmetric encryption patches)" <schwab@suse.de>, "Daiki Ueno (pgg author)" <ueno@unixuser.org>, "Richard M. Stallman" <rms@gnu.org>, emacs-devel@gnu.org On 10/8/05, Sascha Wilde <wilde@sha-bang.de> wrote: > On Sat, Oct 08, 2005 at 10:48:27AM +0200, Simon Josefsson wrote: > > It seems you are making some progress here. For simplicity, could you > > post the complete patch (preferably in unified diff format) against > > Emacs CVS you want to have installed? Unless somebody else has > > already taken care of this... > > I attached the complete patch against the latest cvs checkout. i've got another take on the cumulative patch, with the addition of some refinements i would like to add. the patch is against the gnu.org repository, and incorporates recent checkins there as of a few minutes ago. here are the details of my further refinements, which are included in this patch. their purpose is to enable external management of the passphrases, including prompting and caching, while still using the pgg encryption and cache mechanisms. the changes have two thrusts: - extend the (generic pgg and gpg scheme) encryption and decryption routines to take an optional passphrase argument, and when provided, use its value instead of prompting for the passphrase - extend the passphrase caching and prompting routines to take an optional 'notruncate' argument, to enable caching of passphrases for keys besides those that have the format of the short pgp packet key id. i think that these, together, will enable me to do the passphrase handling and extend it to symmetric keys, while still leveraging the features of the pgg mechanism (in particular, passphrase expiration). i am pretty sure it's all backwards compatible - all the additional functionality hinges on using the new optional arguments, there should be no operational changes if you don't use them. (i am very puzzled about why the passphrase cache was restricted to the length of the short pgp packet key ids. seems like you want to couple the passphrases with the user identity for which the message is being encoded, in the case of key-pair ciphers, or some arbitrary string for symmetric ciphers - eg, file name is what i want to use for symmetric keys in allout, since the symmetric keys are associated with the files. but once again i don't know the pgp territory well enough to wade in, and want to minimize the chance of inadvertantly breaking anything. if this approach is deemed to be fine, i can easily provide an additional patch to adjust the pgg-pgp and pgg-pgp5 modules similarly. ken ken.manheimer@gmail.com [-- Attachment #2: emacs-pgg-symmetric.patch-05 --] [-- Type: application/octet-stream, Size: 17286 bytes --] Index: man/pgg.texi =================================================================== RCS file: /cvsroot/emacs/emacs/man/pgg.texi,v retrieving revision 1.5 diff -u -r1.5 pgg.texi --- man/pgg.texi 16 Sep 2005 22:11:00 -0000 1.5 +++ man/pgg.texi 8 Oct 2005 10:31:09 -0000 @@ -98,6 +98,8 @@ @lisp (autoload 'pgg-encrypt-region "pgg" "Encrypt the current region." t) +(autoload 'pgg-encrypt-symmetric-region "pgg" + "Encrypt the current region with symmetric algorithm." t) (autoload 'pgg-decrypt-region "pgg" "Decrypt the current region." t) (autoload 'pgg-sign-region "pgg" @@ -140,6 +142,13 @@ with GnuPG. @end deffn +@deffn Command pgg-encrypt-symmetric-region start end +Encrypt the current region between @var{start} and @var{end} using a +symmetric cipher. After invocation you are asked for a passphrase. + +This is currently only implemented for GnuPG. +@end deffn + @deffn Command pgg-decrypt-region start end Decrypt the current region between @var{start} and @var{end}. If decryption is successful, it replaces the current region contents (in @@ -305,6 +314,13 @@ @var{recipients}. If @var{sign} is non-@code{nil}, do a combined sign and encrypt. If encryption is successful, it returns @code{t}, otherwise @code{nil}. +@end deffn + +@deffn Method pgg-scheme-encrypt-symmetric-region scheme start end +Encrypt the current region between @var{start} and @var{end} using a +symmetric cipher and a passphrases. If encryption is successful, it +returns @code{t}, otherwise @code{nil}. This function is currently only +implemented for GnuPG. @end deffn @deffn Method pgg-scheme-decrypt-region scheme start end Index: man/ChangeLog =================================================================== RCS file: /cvsroot/emacs/emacs/man/ChangeLog,v retrieving revision 1.683 diff -u -r1.683 ChangeLog --- man/ChangeLog 8 Oct 2005 02:55:16 -0000 1.683 +++ man/ChangeLog 8 Oct 2005 10:31:12 -0000 @@ -10,6 +10,14 @@ * building.texi (GDB Graphical Interface): Add variables and functions to indices. Be more precise. +2005-10-06 Sascha Wilde <swilde@sha-bang.de> + + * pgg.texi (How to use): Added autoload line for + `pgg-encrypt-symmetric-region'. + (User Commands): Description of `pgg-encrypt-symmetric-region'. + (Backend methods): Describe new funktion + `pgg-scheme-encrypt-symmetric-region'. + 2005-10-05 Nick Roberts <nickrob@snap.net.nz> * speedbar.texi (GDB): Describe use of watch expressions. Index: ChangeLog =================================================================== RCS file: /cvsroot/emacs/emacs/lisp/gnus/ChangeLog,v retrieving revision 1.392 diff -u -r1.392 ChangeLog --- ChangeLog 8 Oct 2005 08:45:31 -0000 1.392 +++ ChangeLog 8 Oct 2005 17:58:09 -0000 @@ -1,3 +1,41 @@ + +2005-10-08 Ken Manheimer <ken.manheimer+emacs@gmail.com> + + * pgg.el (pgg-encrypt-region, pgg-encrypt-symmetric-region, + pgg-encrypt-symmetric, pgg-encrypt, pgg-decrypt-region, + pgg-decrypt, pgg-sign-region, pgg-sign): + add optional 'passphrase' argument to all these routines, so the + passphrase can be managed externally and then passed in to the + system. + + * pgg.el (pgg-read-passphrase, pgg-add-passphrase-cache, + pgg-remove-passphrase-cache): add optional 'notruncate' argument, + so the passphrase cache can be used reliably with identifiers + besides a pgp packet's key id. + + * pgg-gpg.el (pgg-pgp-encrypt-region, + pgg-pgp-encrypt-symmetric-region, pgg-pgp-encrypt-symmetric, + pgg-pgp-encrypt, pgg-pgp-decrypt-region, pgg-pgp-decrypt, + pgg-pgp-sign-region, pgg-pgp-sign): add optional 'passphrase' + argument to all these routines, so the passphrase can be managed + externally and passed in to the system. + + * pgg-gpg.el (pgg-gpg-possibly-cache-passphrase): add optional + 'notruncate' argument, so the passphrase cache can be used + reliably with identifiers besides a pgp packet's key id. + +2005-10-06 Sascha Wilde <swilde@sha-bang.de> + + * pgg-gpg.el (pgg-gpg-encrypt-symmetric-region): New function for + symmetric encryption. + (pgg-gpg-symmetric-key-p): New function to check for an symmetric + encrypted session key. + (pgg-gpg-decrypt-region): When decrypting a symmetric encrypted + message ask for the passphrase in a proper way. + + * pgg.el (pgg-encrypt-symmetric,pgg-encrypt-symmetric-region): + New user commands for symmetric encryption. + 2005-01-21 Derek Atkins <warlord@MIT.EDU> (tiny change) * pgg-pgp.el (pgg-pgp-decrypt-region): Use passphrase cache. Index: pgg-gpg.el =================================================================== RCS file: /cvsroot/emacs/emacs/lisp/gnus/pgg-gpg.el,v retrieving revision 1.7 diff -u -r1.7 pgg-gpg.el --- pgg-gpg.el 8 Oct 2005 08:43:33 -0000 1.7 +++ pgg-gpg.el 8 Oct 2005 17:58:09 -0000 @@ -4,6 +4,7 @@ ;; 2005 Free Software Foundation, Inc. ;; Author: Daiki Ueno <ueno@unixuser.org> +;; Symmetric encryption added by: Sascha Wilde <wilde@sha-bang.de> ;; Created: 1999/10/28 ;; Keywords: PGP, OpenPGP, GnuPG @@ -96,7 +97,7 @@ (delete-file output-file-name)) (set-default-file-modes orig-mode)))) -(defun pgg-gpg-possibly-cache-passphrase (passphrase &optional key) +(defun pgg-gpg-possibly-cache-passphrase (passphrase &optional key notruncate) (if (and pgg-cache-passphrase (progn (goto-char (point-min)) @@ -108,7 +109,8 @@ (if (re-search-forward "^\\[GNUPG:] NEED_PASSPHRASE\\(_PIN\\)? \\w+ ?\\w*" nil t) (substring (match-string 0) -8)))) - passphrase))) + passphrase + notruncate))) (defvar pgg-gpg-all-secret-keys 'unknown) @@ -139,18 +141,23 @@ nil t) (substring (match-string 2) 8))))) -(defun pgg-gpg-encrypt-region (start end recipients &optional sign) +(defun pgg-gpg-encrypt-region (start end recipients &optional sign passphrase) "Encrypt the current region between START and END. -If optional argument SIGN is non-nil, do a combined sign and encrypt." + +If optional argument SIGN is non-nil, do a combined sign and encrypt. + +If optional PASSPHRASE is not specified, it will be obtained from the +passphrase cache or user." (let* ((pgg-gpg-user-id (or pgg-gpg-user-id pgg-default-user-id)) - (passphrase - (when sign - (pgg-read-passphrase - (format "GnuPG passphrase for %s: " pgg-gpg-user-id) - pgg-gpg-user-id))) + (passphrase (or passphrase + (when sign + (pgg-read-passphrase + (format "GnuPG passphrase for %s: " + pgg-gpg-user-id) + pgg-gpg-user-id)))) (args (append - (list "--batch" "--armor" "--always-trust" "--encrypt") + (list "--batch" "--textmode" "--armor" "--always-trust" "--encrypt") (if sign (list "--sign" "--local-user" pgg-gpg-user-id)) (if recipients (apply #'nconc @@ -169,8 +176,25 @@ (pgg-gpg-possibly-cache-passphrase passphrase))) (pgg-process-when-success))) -(defun pgg-gpg-decrypt-region (start end) - "Decrypt the current region between START and END." +(defun pgg-gpg-encrypt-symmetric-region (start end &optional passphrase) + "Encrypt the current region between START and END with symmetric cipher. + +If optional PASSPHRASE is not specified, it will be obtained from the +passphrase cache or user." + (let* ((passphrase (or passphrase + (pgg-read-passphrase + "GnuPG passphrase for symmetric encryption: "))) + (args + (append (list "--batch" "--textmode" "--armor" "--symmetric" )))) + (pgg-as-lbt start end 'CRLF + (pgg-gpg-process-region start end passphrase pgg-gpg-program args)) + (pgg-process-when-success))) + +(defun pgg-gpg-decrypt-region (start end &optional passphrase) + "Decrypt the current region between START and END. + +If optional PASSPHRASE is not specified, it will be obtained from the +passphrase cache or user." (let* ((current-buffer (current-buffer)) (message-keys (with-temp-buffer (insert-buffer-substring current-buffer) @@ -178,16 +202,27 @@ (secret-keys (pgg-gpg-lookup-all-secret-keys)) (key (pgg-gpg-select-matching-key message-keys secret-keys)) (pgg-gpg-user-id (or key pgg-gpg-user-id pgg-default-user-id)) - (passphrase - (pgg-read-passphrase - (format "GnuPG passphrase for %s: " pgg-gpg-user-id) - pgg-gpg-user-id)) + (passphrase (or passphrase + (pgg-read-passphrase + (format (if (pgg-gpg-symmetric-key-p message-keys) + "Passphrase for symmetric decryption: " + "GnuPG passphrase for %s: ") + pgg-gpg-user-id) + pgg-gpg-user-id))) (args '("--batch" "--decrypt"))) (pgg-gpg-process-region start end passphrase pgg-gpg-program args) (with-current-buffer pgg-errors-buffer (pgg-gpg-possibly-cache-passphrase passphrase pgg-gpg-user-id) (goto-char (point-min)) (re-search-forward "^\\[GNUPG:] DECRYPTION_OKAY\\>" nil t)))) + +(defun pgg-gpg-symmetric-key-p (message-keys) + "Check if MESSAGE-KEYS contains a symmetric encryption indicator." + (let (result) + (dolist (key message-keys result) + (when (and (eq (car key) 3) + (member '(symmetric-key-algorithm) key)) + (setq result key))))) (defun pgg-gpg-select-matching-key (message-keys secret-keys) "Choose a key from MESSAGE-KEYS that matches one of the keys in SECRET-KEYS." Index: pgg.el =================================================================== RCS file: /cvsroot/emacs/emacs/lisp/gnus/pgg.el,v retrieving revision 1.8 diff -u -r1.8 pgg.el --- pgg.el 26 Aug 2005 00:02:05 -0000 1.8 +++ pgg.el 8 Oct 2005 17:58:10 -0000 @@ -4,6 +4,7 @@ ;; 2005 Free Software Foundation, Inc. ;; Author: Daiki Ueno <ueno@unixuser.org> +;; Symmetric encryption added by: Sascha Wilde <wilde@sha-bang.de> ;; Created: 1999/10/28 ;; Keywords: PGP @@ -81,9 +82,10 @@ (defvar pgg-passphrase-cache (make-vector 7 0)) -(defun pgg-read-passphrase (prompt &optional key) +(defun pgg-read-passphrase (prompt &optional key notruncate) (or (and pgg-cache-passphrase - key (setq key (pgg-truncate-key-identifier key)) + key (or (not notruncate) + (setq key (pgg-truncate-key-identifier key))) (symbol-value (intern-soft key pgg-passphrase-cache))) (read-passwd prompt))) @@ -159,15 +161,15 @@ (pgg-run-at-time-1 time repeat function args)) (defalias 'pgg-run-at-time 'run-at-time))) -(defun pgg-add-passphrase-cache (key passphrase) - (setq key (pgg-truncate-key-identifier key)) +(defun pgg-add-passphrase-cache (key passphrase &optional notruncate) + (if (not notruncate) (setq key (pgg-truncate-key-identifier key))) (set (intern key pgg-passphrase-cache) passphrase) (pgg-run-at-time pgg-passphrase-cache-expiry nil #'pgg-remove-passphrase-cache key)) -(defun pgg-remove-passphrase-cache (key) +(defun pgg-remove-passphrase-cache (key &optional notruncate) (let ((passphrase (symbol-value (intern-soft key pgg-passphrase-cache)))) (when passphrase (fillarray passphrase ?_) @@ -222,52 +224,101 @@ ;;; ;;;###autoload -(defun pgg-encrypt-region (start end rcpts &optional sign) +(defun pgg-encrypt-region (start end rcpts &optional sign passphrase) "Encrypt the current region between START and END for RCPTS. -If optional argument SIGN is non-nil, do a combined sign and encrypt." + +If optional argument SIGN is non-nil, do a combined sign and encrypt. + +If optional PASSPHRASE is not specified, it will be obtained from the +passphrase cache or user." (interactive (list (region-beginning)(region-end) (split-string (read-string "Recipients: ") "[ \t,]+"))) (let ((status (pgg-save-coding-system start end (pgg-invoke "encrypt-region" (or pgg-scheme pgg-default-scheme) - (point-min) (point-max) rcpts sign)))) + (point-min) (point-max) rcpts sign passphrase)))) + (when (interactive-p) + (pgg-display-output-buffer start end status)) + status)) + +;;;###autoload +(defun pgg-encrypt-symmetric-region (start end &optional passphrase) + "Encrypt the current region between START and END symmetric with passphrase. + +If optional PASSPHRASE is not specified, it will be obtained from the +cache or user." + (interactive "r") + (let ((status + (pgg-save-coding-system start end + (pgg-invoke "encrypt-symmetric-region" + (or pgg-scheme pgg-default-scheme) + (point-min) (point-max) passphrase)))) + (when (interactive-p) + (pgg-display-output-buffer start end status)) + status)) + +;;;###autoload +(defun pgg-encrypt-symmetric (&optional start end passphrase) + "Encrypt the current buffer using a symmetric, rather than key-pair, cipher. + +If optional arguments START and END are specified, only encrypt within +the region. + +If optional PASSPHRASE is not specified, it will be obtained from the +passphrase cache or user." + (interactive) + (let* ((start (or start (point-min))) + (end (or end (point-max))) + (status (pgg-encrypt-symmetric-region start end passphrase))) (when (interactive-p) (pgg-display-output-buffer start end status)) status)) ;;;###autoload -(defun pgg-encrypt (rcpts &optional sign start end) +(defun pgg-encrypt (rcpts &optional sign start end passphrase) "Encrypt the current buffer for RCPTS. + If optional argument SIGN is non-nil, do a combined sign and encrypt. + If optional arguments START and END are specified, only encrypt within -the region." +the region. + +If optional PASSPHRASE is not specified, it will be obtained from the +passphrase cache or user." (interactive (list (split-string (read-string "Recipients: ") "[ \t,]+"))) (let* ((start (or start (point-min))) (end (or end (point-max))) - (status (pgg-encrypt-region start end rcpts sign))) + (status (pgg-encrypt-region start end rcpts sign passphrase))) (when (interactive-p) (pgg-display-output-buffer start end status)) status)) ;;;###autoload -(defun pgg-decrypt-region (start end) - "Decrypt the current region between START and END." +(defun pgg-decrypt-region (start end &optional passphrase) + "Decrypt the current region between START and END. + +If optional PASSPHRASE is not specified, it will be obtained from the +passphrase cache or user." (interactive "r") (let* ((buf (current-buffer)) (status (pgg-save-coding-system start end (pgg-invoke "decrypt-region" (or pgg-scheme pgg-default-scheme) - (point-min) (point-max))))) + (point-min) (point-max) passphrase)))) (when (interactive-p) (pgg-display-output-buffer start end status)) status)) ;;;###autoload -(defun pgg-decrypt (&optional start end) +(defun pgg-decrypt (&optional start end passphrase) "Decrypt the current buffer. + If optional arguments START and END are specified, only decrypt within -the region." +the region. + +If optional PASSPHRASE is not specified, it will be obtained from the +passphrase cache or user." (interactive "") (let* ((start (or start (point-min))) (end (or end (point-max))) @@ -277,38 +328,52 @@ status)) ;;;###autoload -(defun pgg-sign-region (start end &optional cleartext) +(defun pgg-sign-region (start end &optional cleartext passphrase) "Make the signature from text between START and END. + If the optional 3rd argument CLEARTEXT is non-nil, it does not create a detached signature. + If this function is called interactively, CLEARTEXT is enabled -and the the output is displayed." +and the the output is displayed. + +If optional PASSPHRASE is not specified, it will be obtained from the +passphrase cache or user." (interactive "r") (let ((status (pgg-save-coding-system start end (pgg-invoke "sign-region" (or pgg-scheme pgg-default-scheme) (point-min) (point-max) - (or (interactive-p) cleartext))))) + (or (interactive-p) cleartext) + passphrase)))) (when (interactive-p) (pgg-display-output-buffer start end status)) status)) ;;;###autoload -(defun pgg-sign (&optional cleartext start end) +(defun pgg-sign (&optional cleartext start end passphrase) "Sign the current buffer. + If the optional argument CLEARTEXT is non-nil, it does not create a detached signature. + If optional arguments START and END are specified, only sign data within the region. + If this function is called interactively, CLEARTEXT is enabled -and the the output is displayed." +and the the output is displayed. + +If optional PASSPHRASE is not specified, it will be obtained from the +passphrase cache or user." (interactive "") (let* ((start (or start (point-min))) (end (or end (point-max))) - (status (pgg-sign-region start end (or (interactive-p) cleartext)))) + (status (pgg-sign-region start end + (or (interactive-p) cleartext) + passphrase))) (when (interactive-p) (pgg-display-output-buffer start end status)) status)) - + ;;;###autoload (defun pgg-verify-region (start end &optional signature fetch) "Verify the current region between START and END. [-- Attachment #3: Type: text/plain, Size: 142 bytes --] _______________________________________________ Emacs-devel mailing list Emacs-devel@gnu.org http://lists.gnu.org/mailman/listinfo/emacs-devel ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg symmetric encryption patch 2005-10-08 18:31 ` Ken Manheimer 2005-10-08 19:16 ` Ken Manheimer @ 2005-10-10 21:15 ` Ken Manheimer 2005-10-10 21:16 ` Ken Manheimer 2005-10-12 23:47 ` Ken Manheimer 1 sibling, 2 replies; 156+ messages in thread From: Ken Manheimer @ 2005-10-10 21:15 UTC (permalink / raw) for those of you following the developments at home (:-), here's an incremental patch on top of what i sent out a few days ago. i fixed a small stack of bugs in pgg-gpg.el that settles my complaint about prompting with the secret key identity, and also filled in a small oversight in the changes i sent out a few days ago. while this could be the last pgg patch, i'm still developing, hence the incremental. i plan to send out a full patch when i've finished transitioning allout to pgg, at which point i expect my mucking with pgg to be settled. so, repository maintainers may want to wait for that, while i'm hoping those actively involved (eg, sascha) will scrutinize and, ideally, exercise these patches. we'll see if the attached patch makes it through this time. (i haven't re-attached it, which i think was the problem last time.) if not, look forward to a followup... thanks. ken ken.manheimer@gmail.com On 10/8/05, Ken Manheimer <ken.manheimer@gmail.com> wrote: > On 10/8/05, Sascha Wilde <wilde@sha-bang.de> wrote: > > On Sat, Oct 08, 2005 at 10:48:27AM +0200, Simon Josefsson wrote: > > > It seems you are making some progress here. For simplicity, could you > > > post the complete patch (preferably in unified diff format) against > > > Emacs CVS you want to have installed? Unless somebody else has > > > already taken care of this... > > > > I attached the complete patch against the latest cvs checkout. > > i've got another take on the cumulative patch, with the addition of > some refinements i would like to add. > > the patch is against the gnu.org repository, and incorporates recent > checkins there as of a few minutes ago. > > here are the details of my further refinements, which are included in > this patch. their purpose is to enable external management of the > passphrases, including prompting and caching, while still using the > pgg encryption and cache mechanisms. the changes have two thrusts: > > - extend the (generic pgg and gpg scheme) encryption and decryption > routines to take an optional passphrase argument, and when provided, > use its value instead of prompting for the passphrase > > - extend the passphrase caching and prompting routines to take an optional > 'notruncate' argument, to enable caching of passphrases for keys besides > those that have the format of the short pgp packet key id. > > i think that these, together, will enable me to do the passphrase > handling and extend it to symmetric keys, while still leveraging the > features of the pgg mechanism (in particular, passphrase expiration). > i am pretty sure it's all backwards compatible - all the additional > functionality hinges on using the new optional arguments, there should > be no operational changes if you don't use them. > > (i am very puzzled about why the passphrase cache was restricted to > the length of the short pgp packet key ids. seems like you want to > couple the passphrases with the user identity for which the message is > being encoded, in the case of key-pair ciphers, or some arbitrary > string for symmetric ciphers - eg, file name is what i want to use for > symmetric keys in allout, since the symmetric keys are associated with > the files. but once again i don't know the pgp territory well enough > to wade in, and want to minimize the chance of inadvertantly breaking > anything. > > if this approach is deemed to be fine, i can easily provide an > additional patch to adjust the pgg-pgp and pgg-pgp5 modules similarly. ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg symmetric encryption patch 2005-10-10 21:15 ` Ken Manheimer @ 2005-10-10 21:16 ` Ken Manheimer 2005-10-12 23:47 ` Ken Manheimer 1 sibling, 0 replies; 156+ messages in thread From: Ken Manheimer @ 2005-10-10 21:16 UTC (permalink / raw) [-- Attachment #1: Type: text/plain, Size: 3862 bytes --] shit. the attachment was dropped. shit. trying again. sorry about the clutter. On 10/10/05, Ken Manheimer <ken.manheimer@gmail.com> wrote: > for those of you following the developments at home (:-), here's an > incremental patch on top of what i sent out a few days ago. i fixed a > small stack of bugs in pgg-gpg.el that settles my complaint about > prompting with the secret key identity, and also filled in a small > oversight in the changes i sent out a few days ago. > > while this could be the last pgg patch, i'm still developing, hence > the incremental. i plan to send out a full patch when i've finished > transitioning allout to pgg, at which point i expect my mucking with > pgg to be settled. so, repository maintainers may want to wait for > that, while i'm hoping those actively involved (eg, sascha) will > scrutinize and, ideally, exercise these patches. > > we'll see if the attached patch makes it through this time. (i > haven't re-attached it, which i think was the problem last time.) if > not, look forward to a followup... > > thanks. > ken > ken.manheimer@gmail.com > > On 10/8/05, Ken Manheimer <ken.manheimer@gmail.com> wrote: > > On 10/8/05, Sascha Wilde <wilde@sha-bang.de> wrote: > > > On Sat, Oct 08, 2005 at 10:48:27AM +0200, Simon Josefsson wrote: > > > > It seems you are making some progress here. For simplicity, could you > > > > post the complete patch (preferably in unified diff format) against > > > > Emacs CVS you want to have installed? Unless somebody else has > > > > already taken care of this... > > > > > > I attached the complete patch against the latest cvs checkout. > > > > i've got another take on the cumulative patch, with the addition of > > some refinements i would like to add. > > > > the patch is against the gnu.org repository, and incorporates recent > > checkins there as of a few minutes ago. > > > > here are the details of my further refinements, which are included in > > this patch. their purpose is to enable external management of the > > passphrases, including prompting and caching, while still using the > > pgg encryption and cache mechanisms. the changes have two thrusts: > > > > - extend the (generic pgg and gpg scheme) encryption and decryption > > routines to take an optional passphrase argument, and when provided, > > use its value instead of prompting for the passphrase > > > > - extend the passphrase caching and prompting routines to take an optional > > 'notruncate' argument, to enable caching of passphrases for keys besides > > those that have the format of the short pgp packet key id. > > > > i think that these, together, will enable me to do the passphrase > > handling and extend it to symmetric keys, while still leveraging the > > features of the pgg mechanism (in particular, passphrase expiration). > > i am pretty sure it's all backwards compatible - all the additional > > functionality hinges on using the new optional arguments, there should > > be no operational changes if you don't use them. > > > > (i am very puzzled about why the passphrase cache was restricted to > > the length of the short pgp packet key ids. seems like you want to > > couple the passphrases with the user identity for which the message is > > being encoded, in the case of key-pair ciphers, or some arbitrary > > string for symmetric ciphers - eg, file name is what i want to use for > > symmetric keys in allout, since the symmetric keys are associated with > > the files. but once again i don't know the pgp territory well enough > > to wade in, and want to minimize the chance of inadvertantly breaking > > anything. > > > > if this approach is deemed to be fine, i can easily provide an > > additional patch to adjust the pgg-pgp and pgg-pgp5 modules similarly. > [-- Attachment #2: pgg-symmetric_incremental_05_1.patch --] [-- Type: application/octet-stream, Size: 3987 bytes --] Index: ChangeLog =================================================================== RCS file: /home/klm/.cvs/aside/src/gnus/ChangeLog,v retrieving revision 1.5 diff -u -r1.5 ChangeLog --- ChangeLog 8 Oct 2005 17:58:23 -0000 1.5 +++ ChangeLog 10 Oct 2005 20:56:06 -0000 @@ -1,3 +1,17 @@ +2005-10-15 Ken Manheimer <ken.manheimer@gmail.com> + + * pgg-gpe.el + (pgg-gpg-select-matching-key): fixed: look at the right part of the + decoded armor to find the key-identifier + (pgg-gpg-lookup-key-owner): new function to return the + human-readable identifier of a key owner. + (pgg-gpg-decrypt-region): prompt with the key owner (rather + than the key value) if we have a key and can match it against a + secret key. also, added an XXX note pointing out fact that the + prompt only indicates the first matching key. + + * pgg.el (pgg-decrypt): passing along 'passphrase' in call to + pgg-decrypt-region; i overlooked this one in my previous patch. 2005-10-08 Ken Manheimer <ken.manheimer+emacs@gmail.com> Index: pgg-gpg.el =================================================================== RCS file: /home/klm/.cvs/aside/src/gnus/pgg-gpg.el,v retrieving revision 1.6 diff -u -r1.6 pgg-gpg.el --- pgg-gpg.el 8 Oct 2005 17:36:41 -0000 1.6 +++ pgg-gpg.el 10 Oct 2005 20:56:06 -0000 @@ -141,6 +141,24 @@ nil t) (substring (match-string 2) 8))))) +(defun pgg-gpg-lookup-key-owner (string &optional all) + "Search keys associated with STRING and return owner of identified key. + +Optional ALL non-nil means search all keys, including secret keys." + (let ((args (list "--with-colons" "--no-greeting" "--batch" + (if all "--list-secret-keys" "--list-keys") + string)) + (key-regexp (concat "^\\(sec\\|pub\\)" + ":[^:]*:[^:]*:[^:]*:\\([^:]*\\):[^:]*" + ":[^:]*:[^:]*:[^:]*:\\([^:]*\\):")) + ) + (with-temp-buffer + (apply #'call-process pgg-gpg-program nil t nil args) + (goto-char (point-min)) + (if (re-search-forward key-regexp + nil t) + (match-string 3))))) + (defun pgg-gpg-encrypt-region (start end recipients &optional sign passphrase) "Encrypt the current region between START and END. @@ -200,8 +218,14 @@ (insert-buffer-substring current-buffer) (pgg-decode-armor-region (point-min) (point-max)))) (secret-keys (pgg-gpg-lookup-all-secret-keys)) + ;; XXX the user is stuck if they have the passphrase for the + ;; second or later secret key for which the message is + ;; encrypted. ideally, we would incrementally give them a + ;; chance with subsequent keys each time they fail with one. (key (pgg-gpg-select-matching-key message-keys secret-keys)) - (pgg-gpg-user-id (or key pgg-gpg-user-id pgg-default-user-id)) + (key-owner (and key (pgg-gpg-lookup-key-owner key t))) + (pgg-gpg-user-id (or key-owner key + pgg-gpg-user-id pgg-default-user-id)) (passphrase (or passphrase (pgg-read-passphrase (format (if (pgg-gpg-symmetric-key-p message-keys) @@ -217,7 +241,7 @@ (re-search-forward "^\\[GNUPG:] DECRYPTION_OKAY\\>" nil t)))) (defun pgg-gpg-symmetric-key-p (message-keys) - "Check if MESSAGE-KEYS contains a symmetric encryption indicator." + "True if decoded armor MESSAGE-KEYS has symmetric encryption indicator." (let (result) (dolist (key message-keys result) (when (and (eq (car key) 3) @@ -228,7 +252,8 @@ "Choose a key from MESSAGE-KEYS that matches one of the keys in SECRET-KEYS." (loop for message-key in message-keys for message-key-id = (and (equal (car message-key) 1) - (cdr (assq 'key-identifier message-key))) + (cdr (assq 'key-identifier + (cdr message-key)))) for key = (and message-key-id (pgg-lookup-key message-key-id 'encrypt)) when (and key (member key secret-keys)) return key)) [-- Attachment #3: Type: text/plain, Size: 142 bytes --] _______________________________________________ Emacs-devel mailing list Emacs-devel@gnu.org http://lists.gnu.org/mailman/listinfo/emacs-devel ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg symmetric encryption patch 2005-10-10 21:15 ` Ken Manheimer 2005-10-10 21:16 ` Ken Manheimer @ 2005-10-12 23:47 ` Ken Manheimer 2005-10-20 14:08 ` Ken Manheimer 1 sibling, 1 reply; 156+ messages in thread From: Ken Manheimer @ 2005-10-12 23:47 UTC (permalink / raw) [-- Attachment #1: Type: text/plain, Size: 2751 bytes --] as threatened, here is a complete patch against the current gnu.org lisp/gnus repository. i've migrated all the allout encryption functionality to pgg and exercised this stuff pretty substantially, and am very comfortable with the way it works. there are a bunch of fixes, as well as extensions so the passphrases can be managed by the calling functions, as well as refinement of the passphrase caching mechanism (so multiple timeouts don't pileup for a single passphrase - the last one replaces the prior ones). lotsa goodies. the patch includes sascha wilde's symmetric-encryption additions - basically, the whole deal. what it does not include is revision of the pgg-pgp.el and pgg-pgp5.el modules, to track changes to the pgg api. i started in on that, only to discover that they were already broken by the addition of a 'sign' parameter to some of the encryption functions. there's no way to repair that short of implementing the feature for the other packages, and i'm not in a position to do that. (plus, i'm not sure i am comfortable with the way it was done for pgg-gpg.) so it looks like pgg-pgp.el and pgg-pgp5.el are disfunctional already, without my changes. i'm hoping that's not going to prevent the introduction of my changes. i'm going to be heading offline for five days, starting tomorrow, so it'll be a bit before i can respond to questions. i hope the patch i'm sending (which includes detaild ChangeLog entries) will be helpful to anyone that wishes to navigate them. and once again, i'm not sure the attachment will be delivered this time. (it wasn't on a recent try, but then was on a subsequent message. this is the first awkward gmail bug i've hit...) ken ken.manheimer@gmail.com On 10/10/05, Ken Manheimer <ken.manheimer@gmail.com> wrote: > for those of you following the developments at home (:-), here's an > incremental patch on top of what i sent out a few days ago. i fixed a > small stack of bugs in pgg-gpg.el that settles my complaint about > prompting with the secret key identity, and also filled in a small > oversight in the changes i sent out a few days ago. > > while this could be the last pgg patch, i'm still developing, hence > the incremental. i plan to send out a full patch when i've finished > transitioning allout to pgg, at which point i expect my mucking with > pgg to be settled. so, repository maintainers may want to wait for > that, while i'm hoping those actively involved (eg, sascha) will > scrutinize and, ideally, exercise these patches. > > we'll see if the attached patch makes it through this time. (i > haven't re-attached it, which i think was the problem last time.) if > not, look forward to a followup... [-- Attachment #2: emacs-pgg-omnnibus.patch-06 --] [-- Type: application/octet-stream, Size: 24517 bytes --] Index: ChangeLog =================================================================== RCS file: /cvsroot/emacs/emacs/lisp/gnus/ChangeLog,v retrieving revision 1.393 diff -u -r1.393 ChangeLog --- ChangeLog 9 Oct 2005 15:39:09 -0000 1.393 +++ ChangeLog 12 Oct 2005 23:31:39 -0000 @@ -1,3 +1,78 @@ +2005-10-12 Ken Manheimer <ken.manheimer@gmail.com> + + * pgg-gpg.el + (pgg-gpg-select-matching-key): fixed: look at the right part of the + decoded armor to find the key-identifier + (pgg-gpg-lookup-key-owner): new function to return the + human-readable identifier of a key owner. + (pgg-gpg-lookup-id-from-key-owner): make it easy to identify the + key itself. + (pgg-gpg-decrypt-region): prompt with the key owner (rather + than the key value) if we have a key and can match it against a + secret key. also, added an XXX note pointing out fact that the + prompt only indicates the first matching key. + (pgg-add-passphrase-to-cache): <= pgg-add-passphrase-cache + (pgg-remove-passphrase-from-cache) <= pgg-remove-passphrase-cache + + * pgg.el (pgg-decrypt): passing along 'passphrase' in call to + pgg-decrypt-region; i overlooked this one in my previous patch. + (pgg-pending-timers): a new hash for tracking the passphrase cache + timers, so that new ones supercede old ones. + (pgg-add-passphrase-to-cache): renamed from + `pgg-add-passphrase-cache' to reduce confusion. and modified to + cancel old timers when new ones are added. + (pgg-remove-passphrase-from-cache): renamed from + `pgg-remove-passphrase-cache' to reduce confusion. and modified + to cancel old timers when their keys are removed from the cache. + (pgg-cancel-timer): in mainline gnu emacs, an alias for + cancel-timer; in xemacs, an indirection to delete-itimer. + (pgg-read-passphrase-from-cache, pgg-read-passphrase): extracted + pgg-read-passphrase-from-cache from pgg-read-passphrase so users + can only check cache without risk of prompting. corrected bug in + notruncate behavior. + (pgg-read-passphrase-from-cache, pgg-read-passphrase, + pgg-add-passphrase-cache, pgg-remove-passphrase-cache): added + informative docstrings. + (pgg-decrypt): convey provided passphrase in subordinate call to + pgg-decrypt-region (missed that in a prior patch) + +2005-10-08 Ken Manheimer <ken.manheimer+emacs@gmail.com> + + * pgg.el (pgg-encrypt-region, pgg-encrypt-symmetric-region, + pgg-encrypt-symmetric, pgg-encrypt, pgg-decrypt-region, + pgg-decrypt, pgg-sign-region, pgg-sign): + add optional 'passphrase' argument to all these routines, so the + passphrase can be managed externally and then passed in to the + system. + + * pgg.el (pgg-read-passphrase, pgg-add-passphrase-cache, + pgg-remove-passphrase-cache): add optional 'notruncate' argument, + so the passphrase cache can be used reliably with identifiers + besides a pgp packet's key id. + + * pgg-gpg.el (pgg-pgp-encrypt-region, + pgg-pgp-encrypt-symmetric-region, pgg-pgp-encrypt-symmetric, + pgg-pgp-encrypt, pgg-pgp-decrypt-region, pgg-pgp-decrypt, + pgg-pgp-sign-region, pgg-pgp-sign): add optional 'passphrase' + argument to all these routines, so the passphrase can be managed + externally and passed in to the system. + + * pgg-gpg.el (pgg-gpg-possibly-cache-passphrase): add optional + 'notruncate' argument, so the passphrase cache can be used + reliably with identifiers besides a pgp packet's key id. + +2005-10-06 Sascha Wilde <swilde@sha-bang.de> + + * pgg-gpg.el (pgg-gpg-encrypt-symmetric-region): New function for + symmetric encryption. + (pgg-gpg-symmetric-key-p): New function to check for an symmetric + encrypted session key. + (pgg-gpg-decrypt-region): When decrypting a symmetric encrypted + message ask for the passphrase in a proper way. + + * pgg.el (pgg-encrypt-symmetric,pgg-encrypt-symmetric-region): + New user commands for symmetric encryption. + 2005-10-09 Daniel Brockman <daniel@brockman.se> * format-spec.el (format-spec): Propagate text properties of % spec. Index: pgg.el =================================================================== RCS file: /cvsroot/emacs/emacs/lisp/gnus/pgg.el,v retrieving revision 1.8 diff -u -r1.8 pgg.el --- pgg.el 26 Aug 2005 00:02:05 -0000 1.8 +++ pgg.el 12 Oct 2005 23:31:39 -0000 @@ -4,6 +4,7 @@ ;; 2005 Free Software Foundation, Inc. ;; Author: Daiki Ueno <ueno@unixuser.org> +;; Symmetric encryption added by: Sascha Wilde <wilde@sha-bang.de> ;; Created: 1999/10/28 ;; Keywords: PGP @@ -67,26 +68,110 @@ (set-window-buffer window buffer) (shrink-window-if-larger-than-buffer window))) +;; XXX `pgg-display-output-buffer' is a horrible name for this function. +;; It should be something like `pgg-situate-output-or-display-error'. (defun pgg-display-output-buffer (start end status) + "Situate en/decryption results or pop up an error buffer. + +Text from START to END is replaced by contents of output buffer if STATUS +is true, or else the output buffer is displayed." (if status - (progn - (delete-region start end) - (insert-buffer-substring pgg-output-buffer) - (decode-coding-region start (point) buffer-file-coding-system)) - (let ((temp-buffer-show-function - (function pgg-temp-buffer-show-function))) - (with-output-to-temp-buffer pgg-echo-buffer - (set-buffer standard-output) - (insert-buffer-substring pgg-errors-buffer))))) + (pgg-situate-output start end) + (pgg-display-error-buffer))) + +(defun pgg-situate-output (start end) + "Place en/decryption result in place of current text from START to END." + (delete-region start end) + (insert-buffer-substring pgg-output-buffer) + (decode-coding-region start (point) buffer-file-coding-system)) + +(defun pgg-display-error-buffer () + "Pop up an error buffer indicating the reason for an en/decryption failure." + (let ((temp-buffer-show-function + (function pgg-temp-buffer-show-function))) + (with-output-to-temp-buffer pgg-echo-buffer + (set-buffer standard-output) + (insert-buffer-substring pgg-errors-buffer)))) (defvar pgg-passphrase-cache (make-vector 7 0)) -(defun pgg-read-passphrase (prompt &optional key) - (or (and pgg-cache-passphrase - key (setq key (pgg-truncate-key-identifier key)) - (symbol-value (intern-soft key pgg-passphrase-cache))) +(defvar pgg-pending-timers (make-vector 7 0) + "Hash table for managing scheduled pgg cache management timers. + +We associate key and timer, so the timer can be cancelled if a new +timeout for the key is set while an old one is still pending.") + +(defun pgg-read-passphrase (prompt &optional key notruncate) + "Using PROMPT, obtain passphrase for KEY from cache or user. + +Truncate the key to 8 trailing characters unless NOTRUNCATE is true +\(default false). + +Custom variables `pgg-cache-passphrase' and `pgg-passphrase-cache-expiry' +regulate cache behavior." + (or (pgg-read-passphrase-from-cache key notruncate) (read-passwd prompt))) +(defun pgg-read-passphrase-from-cache (key &optional notruncate) + "Obtain passphrase for KEY from time-limited passphrase cache. + +Truncate the key to 8 trailing characters unless NOTRUNCATE is true +\(default false). + +Custom variables `pgg-cache-passphrase' and `pgg-passphrase-cache-expiry' +regulate cache behavior." + (and pgg-cache-passphrase + key (or notruncate + (setq key (pgg-truncate-key-identifier key))) + (symbol-value (intern-soft key pgg-passphrase-cache)))) + +(defun pgg-add-passphrase-to-cache (key passphrase &optional notruncate) + "Associate KEY with PASSPHRASE in time-limited passphrase cache. + +Truncate the key to 8 trailing characters unless NOTRUNCATE is true +\(default false). + +Custom variables `pgg-cache-passphrase' and `pgg-passphrase-cache-expiry' +regulate cache behavior." + + (let* ((key (if notruncate key (pgg-truncate-key-identifier key))) + (interned-timer-key (intern-soft key pgg-pending-timers)) + (old-timer (symbol-value interned-timer-key)) + new-timer) + (when old-timer + (cancel-timer old-timer) + (unintern interned-timer-key pgg-pending-timers)) + (set (intern key pgg-passphrase-cache) + passphrase) + (set (intern key pgg-pending-timers) + (pgg-run-at-time pgg-passphrase-cache-expiry nil + #'pgg-remove-passphrase-from-cache + key notruncate)))) + +(defun pgg-remove-passphrase-from-cache (key &optional notruncate) + "Omit passphrase associated with KEY in time-limited passphrase cache. + +Truncate the key to 8 trailing characters unless NOTRUNCATE is true +\(default false). + +This is a no-op if there is not entry for KEY (eg, it's already expired. + +The memory for the passphrase is filled with underscores to clear any +references to it. + +Custom variables `pgg-cache-passphrase' and `pgg-passphrase-cache-expiry' +regulate cache behavior." + (let* ((passphrase (pgg-read-passphrase-from-cache key notruncate)) + (key (if notruncate key (pgg-truncate-key-identifier key))) + (interned-timer-key (intern-soft key pgg-pending-timers)) + (old-timer (symbol-value interned-timer-key))) + (when passphrase + (fillarray passphrase ?_) + (unintern key pgg-passphrase-cache)) + (when old-timer + (pgg-cancel-timer old-timer) + (unintern interned-timer-key pgg-pending-timers)))) + (eval-when-compile (defmacro pgg-run-at-time-1 (time repeat function args) (when (featurep 'xemacs) @@ -151,27 +236,19 @@ (eval-and-compile (if (featurep 'xemacs) - (defun pgg-run-at-time (time repeat function &rest args) - "Emulating function run as `run-at-time'. + (progn + (defun pgg-run-at-time (time repeat function &rest args) + "Emulating function run as `run-at-time'. TIME should be nil meaning now, or a number of seconds from now. Return an itimer object which can be used in either `delete-itimer' or `cancel-timer'." - (pgg-run-at-time-1 time repeat function args)) - (defalias 'pgg-run-at-time 'run-at-time))) - -(defun pgg-add-passphrase-cache (key passphrase) - (setq key (pgg-truncate-key-identifier key)) - (set (intern key pgg-passphrase-cache) - passphrase) - (pgg-run-at-time pgg-passphrase-cache-expiry nil - #'pgg-remove-passphrase-cache - key)) - -(defun pgg-remove-passphrase-cache (key) - (let ((passphrase (symbol-value (intern-soft key pgg-passphrase-cache)))) - (when passphrase - (fillarray passphrase ?_) - (unintern key pgg-passphrase-cache)))) + (pgg-run-at-time-1 time repeat function args)) + (defun pgg-cancel-timer (timer) + "Emulate cancel-timer for xemacs." + (delete-itimer timer)) + ) + (defalias 'pgg-run-at-time 'run-at-time) + (defalias 'pgg-cancel-timer 'cancel-timer))) (defmacro pgg-convert-lbt-region (start end lbt) `(let ((pgg-conversion-end (set-marker (make-marker) ,end))) @@ -222,93 +299,156 @@ ;;; ;;;###autoload -(defun pgg-encrypt-region (start end rcpts &optional sign) +(defun pgg-encrypt-region (start end rcpts &optional sign passphrase) "Encrypt the current region between START and END for RCPTS. -If optional argument SIGN is non-nil, do a combined sign and encrypt." + +If optional argument SIGN is non-nil, do a combined sign and encrypt. + +If optional PASSPHRASE is not specified, it will be obtained from the +passphrase cache or user." (interactive (list (region-beginning)(region-end) (split-string (read-string "Recipients: ") "[ \t,]+"))) (let ((status (pgg-save-coding-system start end (pgg-invoke "encrypt-region" (or pgg-scheme pgg-default-scheme) - (point-min) (point-max) rcpts sign)))) + (point-min) (point-max) rcpts sign passphrase)))) (when (interactive-p) (pgg-display-output-buffer start end status)) status)) ;;;###autoload -(defun pgg-encrypt (rcpts &optional sign start end) +(defun pgg-encrypt-symmetric-region (start end &optional passphrase) + "Encrypt the current region between START and END symmetric with passphrase. + +If optional PASSPHRASE is not specified, it will be obtained from the +cache or user." + (interactive "r") + (let ((status + (pgg-save-coding-system start end + (pgg-invoke "encrypt-symmetric-region" + (or pgg-scheme pgg-default-scheme) + (point-min) (point-max) passphrase)))) + (when (interactive-p) + (pgg-display-output-buffer start end status)) + status)) + +;;;###autoload +(defun pgg-encrypt-symmetric (&optional start end passphrase) + "Encrypt the current buffer using a symmetric, rather than key-pair, cipher. + +If optional arguments START and END are specified, only encrypt within +the region. + +If optional PASSPHRASE is not specified, it will be obtained from the +passphrase cache or user." + (interactive) + (let* ((start (or start (point-min))) + (end (or end (point-max))) + (status (pgg-encrypt-symmetric-region start end passphrase))) + (when (interactive-p) + (pgg-display-output-buffer start end status)) + status)) + +;;;###autoload +(defun pgg-encrypt (rcpts &optional sign start end passphrase) "Encrypt the current buffer for RCPTS. + If optional argument SIGN is non-nil, do a combined sign and encrypt. + If optional arguments START and END are specified, only encrypt within -the region." +the region. + +If optional PASSPHRASE is not specified, it will be obtained from the +passphrase cache or user." (interactive (list (split-string (read-string "Recipients: ") "[ \t,]+"))) (let* ((start (or start (point-min))) (end (or end (point-max))) - (status (pgg-encrypt-region start end rcpts sign))) + (status (pgg-encrypt-region start end rcpts sign passphrase))) (when (interactive-p) (pgg-display-output-buffer start end status)) status)) ;;;###autoload -(defun pgg-decrypt-region (start end) - "Decrypt the current region between START and END." +(defun pgg-decrypt-region (start end &optional passphrase) + "Decrypt the current region between START and END. + +If optional PASSPHRASE is not specified, it will be obtained from the +passphrase cache or user." (interactive "r") (let* ((buf (current-buffer)) (status (pgg-save-coding-system start end (pgg-invoke "decrypt-region" (or pgg-scheme pgg-default-scheme) - (point-min) (point-max))))) + (point-min) (point-max) passphrase)))) (when (interactive-p) (pgg-display-output-buffer start end status)) status)) ;;;###autoload -(defun pgg-decrypt (&optional start end) +(defun pgg-decrypt (&optional start end passphrase) "Decrypt the current buffer. + If optional arguments START and END are specified, only decrypt within -the region." +the region. + +If optional PASSPHRASE is not specified, it will be obtained from the +passphrase cache or user." (interactive "") (let* ((start (or start (point-min))) (end (or end (point-max))) - (status (pgg-decrypt-region start end))) + (status (pgg-decrypt-region start end passphrase))) (when (interactive-p) (pgg-display-output-buffer start end status)) status)) ;;;###autoload -(defun pgg-sign-region (start end &optional cleartext) +(defun pgg-sign-region (start end &optional cleartext passphrase) "Make the signature from text between START and END. + If the optional 3rd argument CLEARTEXT is non-nil, it does not create a detached signature. + If this function is called interactively, CLEARTEXT is enabled -and the the output is displayed." +and the the output is displayed. + +If optional PASSPHRASE is not specified, it will be obtained from the +passphrase cache or user." (interactive "r") (let ((status (pgg-save-coding-system start end (pgg-invoke "sign-region" (or pgg-scheme pgg-default-scheme) (point-min) (point-max) - (or (interactive-p) cleartext))))) + (or (interactive-p) cleartext) + passphrase)))) (when (interactive-p) (pgg-display-output-buffer start end status)) status)) ;;;###autoload -(defun pgg-sign (&optional cleartext start end) +(defun pgg-sign (&optional cleartext start end passphrase) "Sign the current buffer. + If the optional argument CLEARTEXT is non-nil, it does not create a detached signature. + If optional arguments START and END are specified, only sign data within the region. + If this function is called interactively, CLEARTEXT is enabled -and the the output is displayed." +and the the output is displayed. + +If optional PASSPHRASE is not specified, it will be obtained from the +passphrase cache or user." (interactive "") (let* ((start (or start (point-min))) (end (or end (point-max))) - (status (pgg-sign-region start end (or (interactive-p) cleartext)))) + (status (pgg-sign-region start end + (or (interactive-p) cleartext) + passphrase))) (when (interactive-p) (pgg-display-output-buffer start end status)) status)) - + ;;;###autoload (defun pgg-verify-region (start end &optional signature fetch) "Verify the current region between START and END. Index: pgg-gpg.el =================================================================== RCS file: /cvsroot/emacs/emacs/lisp/gnus/pgg-gpg.el,v retrieving revision 1.7 diff -u -r1.7 pgg-gpg.el --- pgg-gpg.el 8 Oct 2005 08:43:33 -0000 1.7 +++ pgg-gpg.el 12 Oct 2005 23:31:39 -0000 @@ -4,6 +4,7 @@ ;; 2005 Free Software Foundation, Inc. ;; Author: Daiki Ueno <ueno@unixuser.org> +;; Symmetric encryption added by: Sascha Wilde <wilde@sha-bang.de> ;; Created: 1999/10/28 ;; Keywords: PGP, OpenPGP, GnuPG @@ -96,19 +97,20 @@ (delete-file output-file-name)) (set-default-file-modes orig-mode)))) -(defun pgg-gpg-possibly-cache-passphrase (passphrase &optional key) +(defun pgg-gpg-possibly-cache-passphrase (passphrase &optional key notruncate) (if (and pgg-cache-passphrase (progn (goto-char (point-min)) (re-search-forward "^\\[GNUPG:] \\(GOOD_PASSPHRASE\\>\\)\\|\\(SIG_CREATED\\)" nil t))) - (pgg-add-passphrase-cache + (pgg-add-passphrase-to-cache (or key (progn (goto-char (point-min)) (if (re-search-forward "^\\[GNUPG:] NEED_PASSPHRASE\\(_PIN\\)? \\w+ ?\\w*" nil t) (substring (match-string 0) -8)))) - passphrase))) + passphrase + notruncate))) (defvar pgg-gpg-all-secret-keys 'unknown) @@ -139,18 +141,53 @@ nil t) (substring (match-string 2) 8))))) -(defun pgg-gpg-encrypt-region (start end recipients &optional sign) +(defun pgg-gpg-lookup-key-owner (string &optional all) + "Search keys associated with STRING and return owner of identified key. + +The value may be just the bare key id, or it may be a combination of the +user name associated with the key and the key id, with the key id enclosed +in \"<...>\" angle brackets. + +Optional ALL non-nil means search all keys, including secret keys." + (let ((args (list "--with-colons" "--no-greeting" "--batch" + (if all "--list-secret-keys" "--list-keys") + string)) + (key-regexp (concat "^\\(sec\\|pub\\)" + ":[^:]*:[^:]*:[^:]*:\\([^:]*\\):[^:]*" + ":[^:]*:[^:]*:[^:]*:\\([^:]*\\):")) + ) + (with-temp-buffer + (apply #'call-process pgg-gpg-program nil t nil args) + (goto-char (point-min)) + (if (re-search-forward key-regexp + nil t) + (match-string 3))))) + +(defun pgg-gpg-key-id-from-key-owner (key-owner) + (cond ((not key-owner) nil) + ;; Extract bare key id from outermost paired angle brackets, if any: + ((string-match "[^<]*<\\(.+\\)>[^>]*" key-owner) + (substring key-owner (match-beginning 1)(match-end 1))) + (key-owner)) + ) + +(defun pgg-gpg-encrypt-region (start end recipients &optional sign passphrase) "Encrypt the current region between START and END. -If optional argument SIGN is non-nil, do a combined sign and encrypt." + +If optional argument SIGN is non-nil, do a combined sign and encrypt. + +If optional PASSPHRASE is not specified, it will be obtained from the +passphrase cache or user." (let* ((pgg-gpg-user-id (or pgg-gpg-user-id pgg-default-user-id)) - (passphrase - (when sign - (pgg-read-passphrase - (format "GnuPG passphrase for %s: " pgg-gpg-user-id) - pgg-gpg-user-id))) + (passphrase (or passphrase + (when sign + (pgg-read-passphrase + (format "GnuPG passphrase for %s: " + pgg-gpg-user-id) + pgg-gpg-user-id)))) (args (append - (list "--batch" "--armor" "--always-trust" "--encrypt") + (list "--batch" "--textmode" "--armor" "--always-trust" "--encrypt") (if sign (list "--sign" "--local-user" pgg-gpg-user-id)) (if recipients (apply #'nconc @@ -169,19 +206,46 @@ (pgg-gpg-possibly-cache-passphrase passphrase))) (pgg-process-when-success))) -(defun pgg-gpg-decrypt-region (start end) - "Decrypt the current region between START and END." +(defun pgg-gpg-encrypt-symmetric-region (start end &optional passphrase) + "Encrypt the current region between START and END with symmetric cipher. + +If optional PASSPHRASE is not specified, it will be obtained from the +passphrase cache or user." + (let* ((passphrase (or passphrase + (pgg-read-passphrase + "GnuPG passphrase for symmetric encryption: "))) + (args + (append (list "--batch" "--textmode" "--armor" "--symmetric" )))) + (pgg-as-lbt start end 'CRLF + (pgg-gpg-process-region start end passphrase pgg-gpg-program args)) + (pgg-process-when-success))) + +(defun pgg-gpg-decrypt-region (start end &optional passphrase) + "Decrypt the current region between START and END. + +If optional PASSPHRASE is not specified, it will be obtained from the +passphrase cache or user." (let* ((current-buffer (current-buffer)) (message-keys (with-temp-buffer (insert-buffer-substring current-buffer) (pgg-decode-armor-region (point-min) (point-max)))) (secret-keys (pgg-gpg-lookup-all-secret-keys)) + ;; XXX the user is stuck if they need to use the passphrase for + ;; any but the first secret key for which the message is + ;; encrypted. ideally, we would incrementally give them a + ;; chance with subsequent keys each time they fail with one. (key (pgg-gpg-select-matching-key message-keys secret-keys)) - (pgg-gpg-user-id (or key pgg-gpg-user-id pgg-default-user-id)) - (passphrase - (pgg-read-passphrase - (format "GnuPG passphrase for %s: " pgg-gpg-user-id) - pgg-gpg-user-id)) + (key-owner (and key (pgg-gpg-lookup-key-owner key t))) + (key-id (pgg-gpg-key-id-from-key-owner key-owner)) + (pgg-gpg-user-id (or key-id key + pgg-gpg-user-id pgg-default-user-id)) + (passphrase (or passphrase + (pgg-read-passphrase + (format (if (pgg-gpg-symmetric-key-p message-keys) + "Passphrase for symmetric decryption: " + "GnuPG passphrase for %s: ") + (or key-owner "??")) + pgg-gpg-user-id))) (args '("--batch" "--decrypt"))) (pgg-gpg-process-region start end passphrase pgg-gpg-program args) (with-current-buffer pgg-errors-buffer @@ -189,11 +253,20 @@ (goto-char (point-min)) (re-search-forward "^\\[GNUPG:] DECRYPTION_OKAY\\>" nil t)))) +(defun pgg-gpg-symmetric-key-p (message-keys) + "True if decoded armor MESSAGE-KEYS has symmetric encryption indicator." + (let (result) + (dolist (key message-keys result) + (when (and (eq (car key) 3) + (member '(symmetric-key-algorithm) key)) + (setq result key))))) + (defun pgg-gpg-select-matching-key (message-keys secret-keys) "Choose a key from MESSAGE-KEYS that matches one of the keys in SECRET-KEYS." (loop for message-key in message-keys for message-key-id = (and (equal (car message-key) 1) - (cdr (assq 'key-identifier message-key))) + (cdr (assq 'key-identifier + (cdr message-key)))) for key = (and message-key-id (pgg-lookup-key message-key-id 'encrypt)) when (and key (member key secret-keys)) return key)) [-- Attachment #3: Type: text/plain, Size: 142 bytes --] _______________________________________________ Emacs-devel mailing list Emacs-devel@gnu.org http://lists.gnu.org/mailman/listinfo/emacs-devel ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg symmetric encryption patch 2005-10-12 23:47 ` Ken Manheimer @ 2005-10-20 14:08 ` Ken Manheimer 2005-10-20 14:12 ` Simon Josefsson 0 siblings, 1 reply; 156+ messages in thread From: Ken Manheimer @ 2005-10-20 14:08 UTC (permalink / raw) i just posted a new version of my allout patches which depend on the pgg revisions of sascha and mine, so i thought i'd post a query in this thread on the status of these patches - the new allout encryption features won't work without these pgg refinements in place. i also should mention rms' initiative to relocate pgg to the lisp/ directory, since pgg constitutes a facility in its own regard - i'm all for that. i'm not attaching the pgg changes to this message, but can easily do so if needed. ken ken.manheimer@gmail.com On 10/12/05, Ken Manheimer <ken.manheimer@gmail.com> wrote: > as threatened, here is a complete patch against the current gnu.org > lisp/gnus repository. i've migrated all the allout encryption > functionality to pgg and exercised this stuff pretty substantially, > and am very comfortable with the way it works. > > there are a bunch of fixes, as well as extensions so the passphrases > can be managed by the calling functions, as well as refinement of the > passphrase caching mechanism (so multiple timeouts don't pileup for a > single passphrase - the last one replaces the prior ones). lotsa > goodies. the patch includes sascha wilde's symmetric-encryption > additions - basically, the whole deal. > > what it does not include is revision of the pgg-pgp.el and pgg-pgp5.el > modules, to track changes to the pgg api. i started in on that, only > to discover that they were already broken by the addition of a 'sign' > parameter to some of the encryption functions. there's no way to > repair that short of implementing the feature for the other packages, > and i'm not in a position to do that. (plus, i'm not sure i am > comfortable with the way it was done for pgg-gpg.) > > so it looks like pgg-pgp.el and pgg-pgp5.el are disfunctional already, > without my changes. i'm hoping that's not going to prevent the > introduction of my changes. > > i'm going to be heading offline for five days, starting tomorrow, so > it'll be a bit before i can respond to questions. i hope the patch > i'm sending (which includes detaild ChangeLog entries) will be > helpful to anyone that wishes to navigate them. > > and once again, i'm not sure the attachment will be delivered this > time. (it wasn't on a recent try, but then was on a subsequent > message. this is the first awkward gmail bug i've hit...) > > ken > ken.manheimer@gmail.com > > On 10/10/05, Ken Manheimer <ken.manheimer@gmail.com> wrote: > > for those of you following the developments at home (:-), here's an > > incremental patch on top of what i sent out a few days ago. i fixed a > > small stack of bugs in pgg-gpg.el that settles my complaint about > > prompting with the secret key identity, and also filled in a small > > oversight in the changes i sent out a few days ago. > > > > while this could be the last pgg patch, i'm still developing, hence > > the incremental. i plan to send out a full patch when i've finished > > transitioning allout to pgg, at which point i expect my mucking with > > pgg to be settled. so, repository maintainers may want to wait for > > that, while i'm hoping those actively involved (eg, sascha) will > > scrutinize and, ideally, exercise these patches. > > > > we'll see if the attached patch makes it through this time. (i > > haven't re-attached it, which i think was the problem last time.) if > > not, look forward to a followup... ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg symmetric encryption patch 2005-10-20 14:08 ` Ken Manheimer @ 2005-10-20 14:12 ` Simon Josefsson 2005-10-20 14:30 ` Ken Manheimer ` (4 more replies) 0 siblings, 5 replies; 156+ messages in thread From: Simon Josefsson @ 2005-10-20 14:12 UTC (permalink / raw) Cc: sascha schwab (symmetric encryption patches), Daiki Ueno (pgg author), Richard M. Stallman, emacs-devel Hi. Thanks for reminding me. I thought we were waiting for copyright assignment papers? Have the FSF received papers for all authors? The best way to proceed is to wait for them to arrive, and then send me a complete patch against the then-current CVS that I can install. I can take care of installing it into Gnus CVS as well. I'm all for relocating pgg. However, I suggest lisp/pgg/ instead. The lisp/ directory is pretty large as it is. Ken Manheimer <ken.manheimer@gmail.com> writes: > i just posted a new version of my allout patches which depend on the > pgg revisions of sascha and mine, so i thought i'd post a query in > this thread on the status of these patches - the new allout encryption > features won't work without these pgg refinements in place. i also > should mention rms' initiative to relocate pgg to the lisp/ directory, > since pgg constitutes a facility in its own regard - i'm all for that. > > i'm not attaching the pgg changes to this message, but can easily do > so if needed. > > ken > ken.manheimer@gmail.com > > On 10/12/05, Ken Manheimer <ken.manheimer@gmail.com> wrote: >> as threatened, here is a complete patch against the current gnu.org >> lisp/gnus repository. i've migrated all the allout encryption >> functionality to pgg and exercised this stuff pretty substantially, >> and am very comfortable with the way it works. >> >> there are a bunch of fixes, as well as extensions so the passphrases >> can be managed by the calling functions, as well as refinement of the >> passphrase caching mechanism (so multiple timeouts don't pileup for a >> single passphrase - the last one replaces the prior ones). lotsa >> goodies. the patch includes sascha wilde's symmetric-encryption >> additions - basically, the whole deal. >> >> what it does not include is revision of the pgg-pgp.el and pgg-pgp5.el >> modules, to track changes to the pgg api. i started in on that, only >> to discover that they were already broken by the addition of a 'sign' >> parameter to some of the encryption functions. there's no way to >> repair that short of implementing the feature for the other packages, >> and i'm not in a position to do that. (plus, i'm not sure i am >> comfortable with the way it was done for pgg-gpg.) >> >> so it looks like pgg-pgp.el and pgg-pgp5.el are disfunctional already, >> without my changes. i'm hoping that's not going to prevent the >> introduction of my changes. >> >> i'm going to be heading offline for five days, starting tomorrow, so >> it'll be a bit before i can respond to questions. i hope the patch >> i'm sending (which includes detaild ChangeLog entries) will be >> helpful to anyone that wishes to navigate them. >> >> and once again, i'm not sure the attachment will be delivered this >> time. (it wasn't on a recent try, but then was on a subsequent >> message. this is the first awkward gmail bug i've hit...) >> >> ken >> ken.manheimer@gmail.com >> >> On 10/10/05, Ken Manheimer <ken.manheimer@gmail.com> wrote: >> > for those of you following the developments at home (:-), here's an >> > incremental patch on top of what i sent out a few days ago. i fixed a >> > small stack of bugs in pgg-gpg.el that settles my complaint about >> > prompting with the secret key identity, and also filled in a small >> > oversight in the changes i sent out a few days ago. >> > >> > while this could be the last pgg patch, i'm still developing, hence >> > the incremental. i plan to send out a full patch when i've finished >> > transitioning allout to pgg, at which point i expect my mucking with >> > pgg to be settled. so, repository maintainers may want to wait for >> > that, while i'm hoping those actively involved (eg, sascha) will >> > scrutinize and, ideally, exercise these patches. >> > >> > we'll see if the attached patch makes it through this time. (i >> > haven't re-attached it, which i think was the problem last time.) if >> > not, look forward to a followup... ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg symmetric encryption patch 2005-10-20 14:12 ` Simon Josefsson @ 2005-10-20 14:30 ` Ken Manheimer 2005-10-20 14:42 ` Sascha Wilde ` (3 subsequent siblings) 4 siblings, 0 replies; 156+ messages in thread From: Ken Manheimer @ 2005-10-20 14:30 UTC (permalink / raw) Cc: sascha schwab (symmetric encryption patches), Daiki Ueno (pgg author), Richard M. Stallman, emacs-devel On 10/20/05, Simon Josefsson <jas@extundo.com> wrote: > Hi. Thanks for reminding me. I thought we were waiting for copyright > assignment papers? Have the FSF received papers for all authors? The i'll send my pgg copyright assignment papers right now. (they came while i was away for a week.) my allout assignment has been on file for a while, happily. dunno about status of sascha's assignment. > best way to proceed is to wait for them to arrive, and then send me a > complete patch against the then-current CVS that I can install. I can > take care of installing it into Gnus CVS as well. > > I'm all for relocating pgg. However, I suggest lisp/pgg/ instead. > The lisp/ directory is pretty large as it is. lisp/pgg/ sounds like a good idea to me, too. ken ken.manheimer@gmail.com > Ken Manheimer <ken.manheimer@gmail.com> writes: > > > i just posted a new version of my allout patches which depend on the > > pgg revisions of sascha and mine, so i thought i'd post a query in > > this thread on the status of these patches - the new allout encryption > > features won't work without these pgg refinements in place. i also > > should mention rms' initiative to relocate pgg to the lisp/ directory, > > since pgg constitutes a facility in its own regard - i'm all for that. > > > > i'm not attaching the pgg changes to this message, but can easily do > > so if needed. > > > > ken > > ken.manheimer@gmail.com > > > > On 10/12/05, Ken Manheimer <ken.manheimer@gmail.com> wrote: > >> as threatened, here is a complete patch against the current gnu.org > >> lisp/gnus repository. i've migrated all the allout encryption > >> functionality to pgg and exercised this stuff pretty substantially, > >> and am very comfortable with the way it works. > >> > >> there are a bunch of fixes, as well as extensions so the passphrases > >> can be managed by the calling functions, as well as refinement of the > >> passphrase caching mechanism (so multiple timeouts don't pileup for a > >> single passphrase - the last one replaces the prior ones). lotsa > >> goodies. the patch includes sascha wilde's symmetric-encryption > >> additions - basically, the whole deal. > >> > >> what it does not include is revision of the pgg-pgp.el and pgg-pgp5.el > >> modules, to track changes to the pgg api. i started in on that, only > >> to discover that they were already broken by the addition of a 'sign' > >> parameter to some of the encryption functions. there's no way to > >> repair that short of implementing the feature for the other packages, > >> and i'm not in a position to do that. (plus, i'm not sure i am > >> comfortable with the way it was done for pgg-gpg.) > >> > >> so it looks like pgg-pgp.el and pgg-pgp5.el are disfunctional already, > >> without my changes. i'm hoping that's not going to prevent the > >> introduction of my changes. > >> > >> i'm going to be heading offline for five days, starting tomorrow, so > >> it'll be a bit before i can respond to questions. i hope the patch > >> i'm sending (which includes detaild ChangeLog entries) will be > >> helpful to anyone that wishes to navigate them. > >> > >> and once again, i'm not sure the attachment will be delivered this > >> time. (it wasn't on a recent try, but then was on a subsequent > >> message. this is the first awkward gmail bug i've hit...) > >> > >> ken > >> ken.manheimer@gmail.com > >> > >> On 10/10/05, Ken Manheimer <ken.manheimer@gmail.com> wrote: > >> > for those of you following the developments at home (:-), here's an > >> > incremental patch on top of what i sent out a few days ago. i fixed a > >> > small stack of bugs in pgg-gpg.el that settles my complaint about > >> > prompting with the secret key identity, and also filled in a small > >> > oversight in the changes i sent out a few days ago. > >> > > >> > while this could be the last pgg patch, i'm still developing, hence > >> > the incremental. i plan to send out a full patch when i've finished > >> > transitioning allout to pgg, at which point i expect my mucking with > >> > pgg to be settled. so, repository maintainers may want to wait for > >> > that, while i'm hoping those actively involved (eg, sascha) will > >> > scrutinize and, ideally, exercise these patches. > >> > > >> > we'll see if the attached patch makes it through this time. (i > >> > haven't re-attached it, which i think was the problem last time.) if > >> > not, look forward to a followup... > ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg symmetric encryption patch 2005-10-20 14:12 ` Simon Josefsson 2005-10-20 14:30 ` Ken Manheimer @ 2005-10-20 14:42 ` Sascha Wilde 2005-10-25 7:23 ` Sascha Wilde 2005-10-20 18:07 ` Relocating pgg*.el (was: pgg symmetric encryption patch) Reiner Steib ` (2 subsequent siblings) 4 siblings, 1 reply; 156+ messages in thread From: Sascha Wilde @ 2005-10-20 14:42 UTC (permalink / raw) Cc: sascha schwab (symmetric encryption patches), Ken Manheimer, Daiki Ueno (pgg author), Richard M. Stallman, emacs-devel [-- Attachment #1.1: Type: text/plain, Size: 567 bytes --] On Thu, Oct 20, 2005 at 04:12:58PM +0200, Simon Josefsson wrote: > Hi. Thanks for reminding me. I thought we were waiting for copyright > assignment papers? Have the FSF received papers for all authors? I signed papers and send them off by mail (from Germany) Saturday. I haven't got an answer by the fsf yet, but they should receive them at least quite soon. cheers sascha -- Sascha Wilde "Computers are good at following instructions, but not at reading your mind." D. E. Knuth, The TeXbook, Addison-Wesley 1984, 1986, 1996, p. 9 [-- Attachment #1.2: Type: application/pgp-signature, Size: 189 bytes --] [-- Attachment #2: Type: text/plain, Size: 142 bytes --] _______________________________________________ Emacs-devel mailing list Emacs-devel@gnu.org http://lists.gnu.org/mailman/listinfo/emacs-devel ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg symmetric encryption patch 2005-10-20 14:42 ` Sascha Wilde @ 2005-10-25 7:23 ` Sascha Wilde 2005-10-25 20:26 ` Ken Manheimer 0 siblings, 1 reply; 156+ messages in thread From: Sascha Wilde @ 2005-10-25 7:23 UTC (permalink / raw) Cc: sascha schwab (symmetric encryption patches), Ken Manheimer, Daiki Ueno (pgg author), Richard M. Stallman, emacs-devel [-- Attachment #1.1: Type: text/plain, Size: 759 bytes --] Sascha Wilde <wilde@sha-bang.de> wrote: > On Thu, Oct 20, 2005 at 04:12:58PM +0200, Simon Josefsson wrote: >> Hi. Thanks for reminding me. I thought we were waiting for copyright >> assignment papers? Have the FSF received papers for all authors? > > I signed papers and send them off by mail (from Germany) Saturday. Ok, papers are ready now, and the assignment process is complete. So feel free to commit the patches, including my pgg symmetric encryption stuff. cheers sascha -- Sascha Wilde : "The PROPER way to handle HTML postings is to cancel the article, then hire a hitman to kill the poster, his wife and kids, and fuck his dog and smash his computer into little bits. Anything more is just extremism." -- Paul Tomblin [-- Attachment #1.2: Type: application/pgp-signature, Size: 188 bytes --] [-- Attachment #2: Type: text/plain, Size: 142 bytes --] _______________________________________________ Emacs-devel mailing list Emacs-devel@gnu.org http://lists.gnu.org/mailman/listinfo/emacs-devel ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg symmetric encryption patch 2005-10-25 7:23 ` Sascha Wilde @ 2005-10-25 20:26 ` Ken Manheimer 2005-10-25 21:18 ` Sascha Wilde 0 siblings, 1 reply; 156+ messages in thread From: Ken Manheimer @ 2005-10-25 20:26 UTC (permalink / raw) Cc: sascha schwab, Daiki Ueno (pgg author), emacs-devel, Richard M. Stallman, Simon Josefsson On 10/25/05, Sascha Wilde <wilde@sha-bang.de> wrote: > Sascha Wilde <wilde@sha-bang.de> wrote: > > > On Thu, Oct 20, 2005 at 04:12:58PM +0200, Simon Josefsson wrote: > >> Hi. Thanks for reminding me. I thought we were waiting for copyright > >> assignment papers? Have the FSF received papers for all authors? > > > > I signed papers and send them off by mail (from Germany) Saturday. > > Ok, papers are ready now, and the assignment process is complete. So > feel free to commit the patches, including my pgg symmetric encryption > stuff. my papers are in, too. i'm attaching a cumulative patch, including sascha wilde's and my changes (which are built on top of sascha's) against the current CVS repository. it include the ChangeLog and changes of pgg.el and pgg-gpg.el. this patch has some slight changes from the previous "omnibus" patch i submitted on october 12, including a small fix and a change which mitigates a byte-compiler warning. caveats: - there is one remaining compiler warning which was already in pgg.el - i don't know the right way to mitigate it, so i'm leaving it as is. - these patches do not bring the pgp or pgp5 suppport in line ie, neither sascha's nor my patches provide for that, i don't have access to any pgp implementation in order to correct it. as far as i can tell, however, the pgp support was already broken before either of us touched the pgg stuff. ken ken.manheimer@gmail.com ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg symmetric encryption patch 2005-10-25 20:26 ` Ken Manheimer @ 2005-10-25 21:18 ` Sascha Wilde 2005-10-25 21:28 ` Ken Manheimer 0 siblings, 1 reply; 156+ messages in thread From: Sascha Wilde @ 2005-10-25 21:18 UTC (permalink / raw) Cc: Simon Josefsson, sascha schwab, Daiki Ueno (pgg author), Richard M. Stallman, emacs-devel Ken Manheimer <ken.manheimer@gmail.com> wrote: > On 10/25/05, Sascha Wilde <wilde@sha-bang.de> wrote: > i'm attaching a cumulative patch, no, you didn't... guess we have some kind of tradition here. ;-) cheers sascha -- "Anyone who slaps a 'this page is best viewed with Browser X' label on a Web page appears to be yearning for the bad old days, before the Web, when you had very little chance of reading a document written on another computer, another word processor, or another network." -- Tim Berners-Lee, July 1996 ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg symmetric encryption patch 2005-10-25 21:18 ` Sascha Wilde @ 2005-10-25 21:28 ` Ken Manheimer 2005-10-26 9:57 ` Sascha Wilde 0 siblings, 1 reply; 156+ messages in thread From: Ken Manheimer @ 2005-10-25 21:28 UTC (permalink / raw) Cc: Simon Josefsson, sascha schwab, Daiki Ueno (pgg author), Richard M. Stallman, emacs-devel [-- Attachment #1: Type: text/plain, Size: 713 bytes --] aargh - i'm attaching it now. (i simply forgot to do so, in my previous post.) On 10/25/05, Sascha Wilde <wilde@sha-bang.de> wrote: > Ken Manheimer <ken.manheimer@gmail.com> wrote: > > > On 10/25/05, Sascha Wilde <wilde@sha-bang.de> wrote: > > > i'm attaching a cumulative patch, > > no, you didn't... > > guess we have some kind of tradition here. ;-) > > cheers > sascha > -- > "Anyone who slaps a 'this page is best viewed with Browser X' label on a Web > page appears to be yearning for the bad old days, before the Web, when you had > very little chance of reading a document written on another computer, another > word processor, or another network." -- Tim Berners-Lee, July 1996 > [-- Attachment #2: pgg-symmetric-06.patch --] [-- Type: application/octet-stream, Size: 25376 bytes --] Index: ChangeLog =================================================================== RCS file: /cvsroot/emacs/emacs/lisp/ChangeLog,v retrieving revision 1.8455 diff -u -r1.8455 ChangeLog --- ChangeLog 25 Oct 2005 19:25:23 -0000 1.8455 +++ ChangeLog 25 Oct 2005 20:16:01 -0000 @@ -1,4 +1,79 @@ -2005-10-25 Romain Francoise <romain@orebokech.com> +2005-10-12 Ken Manheimer <ken.manheimer@gmail.com> + + * pgg-gpg.el + (pgg-gpg-select-matching-key): fixed: look at the right part of the + decoded armor to find the key-identifier + (pgg-gpg-lookup-key-owner): new function to return the + human-readable identifier of a key owner. + (pgg-gpg-lookup-id-from-key-owner): make it easy to identify the + key itself. + (pgg-gpg-decrypt-region): prompt with the key owner (rather + than the key value) if we have a key and can match it against a + secret key. also, added an XXX note pointing out fact that the + prompt only indicates the first matching key. + (pgg-add-passphrase-to-cache): <= pgg-add-passphrase-cache + (pgg-remove-passphrase-from-cache) <= pgg-remove-passphrase-cache + + * pgg.el (pgg-decrypt): passing along 'passphrase' in call to + pgg-decrypt-region; i overlooked this one in my previous patch. + (pgg-pending-timers): a new hash for tracking the passphrase cache + timers, so that new ones supercede old ones. + (pgg-add-passphrase-to-cache): renamed from + `pgg-add-passphrase-cache' to reduce confusion. and modified to + cancel old timers when new ones are added. + (pgg-remove-passphrase-from-cache): renamed from + `pgg-remove-passphrase-cache' to reduce confusion. and modified + to cancel old timers when their keys are removed from the cache. + (pgg-cancel-timer): in mainline gnu emacs, an alias for + cancel-timer; in xemacs, an indirection to delete-itimer. + (pgg-read-passphrase-from-cache, pgg-read-passphrase): extracted + pgg-read-passphrase-from-cache from pgg-read-passphrase so users + can only check cache without risk of prompting. corrected bug in + notruncate behavior. + (pgg-read-passphrase-from-cache, pgg-read-passphrase, + pgg-add-passphrase-cache, pgg-remove-passphrase-cache): added + informative docstrings. + (pgg-decrypt): convey provided passphrase in subordinate call to + pgg-decrypt-region (missed that in a prior patch) + +2005-10-08 Ken Manheimer <ken.manheimer+emacs@gmail.com> + + * pgg.el (pgg-encrypt-region, pgg-encrypt-symmetric-region, + pgg-encrypt-symmetric, pgg-encrypt, pgg-decrypt-region, + pgg-decrypt, pgg-sign-region, pgg-sign): + add optional 'passphrase' argument to all these routines, so the + passphrase can be managed externally and then passed in to the + system. + + * pgg.el (pgg-read-passphrase, pgg-add-passphrase-cache, + pgg-remove-passphrase-cache): add optional 'notruncate' argument, + so the passphrase cache can be used reliably with identifiers + besides a pgp packet's key id. + + * pgg-gpg.el (pgg-pgp-encrypt-region, + pgg-pgp-encrypt-symmetric-region, pgg-pgp-encrypt-symmetric, + pgg-pgp-encrypt, pgg-pgp-decrypt-region, pgg-pgp-decrypt, + pgg-pgp-sign-region, pgg-pgp-sign): add optional 'passphrase' + argument to all these routines, so the passphrase can be managed + externally and passed in to the system. + + * pgg-gpg.el (pgg-gpg-possibly-cache-passphrase): add optional + 'notruncate' argument, so the passphrase cache can be used + reliably with identifiers besides a pgp packet's key id. + +2005-10-06 Sascha Wilde <swilde@sha-bang.de> + + * pgg-gpg.el (pgg-gpg-encrypt-symmetric-region): New function for + symmetric encryption. + (pgg-gpg-symmetric-key-p): New function to check for an symmetric + encrypted session key. + (pgg-gpg-decrypt-region): When decrypting a symmetric encrypted + message ask for the passphrase in a proper way. + + * pgg.el (pgg-encrypt-symmetric,pgg-encrypt-symmetric-region): + New user commands for symmetric encryption. + +005-10-25 Romain Francoise <romain@orebokech.com> * emacs-lisp/find-func.el (find-library-name): Also strip extension if library name ends in .el, to take advantage of Index: pgg.el =================================================================== RCS file: /cvsroot/emacs/emacs/lisp/pgg.el,v retrieving revision 1.1 diff -u -r1.1 pgg.el --- pgg.el 24 Oct 2005 09:46:27 -0000 1.1 +++ pgg.el 25 Oct 2005 20:16:01 -0000 @@ -4,6 +4,7 @@ ;; 2005 Free Software Foundation, Inc. ;; Author: Daiki Ueno <ueno@unixuser.org> +;; Symmetric encryption added by: Sascha Wilde <wilde@sha-bang.de> ;; Created: 1999/10/28 ;; Keywords: PGP @@ -67,26 +68,110 @@ (set-window-buffer window buffer) (shrink-window-if-larger-than-buffer window))) +;; XXX `pgg-display-output-buffer' is a horrible name for this function. +;; It should be something like `pgg-situate-output-or-display-error'. (defun pgg-display-output-buffer (start end status) + "Situate en/decryption results or pop up an error buffer. + +Text from START to END is replaced by contents of output buffer if STATUS +is true, or else the output buffer is displayed." (if status - (progn - (delete-region start end) - (insert-buffer-substring pgg-output-buffer) - (decode-coding-region start (point) buffer-file-coding-system)) - (let ((temp-buffer-show-function - (function pgg-temp-buffer-show-function))) - (with-output-to-temp-buffer pgg-echo-buffer - (set-buffer standard-output) - (insert-buffer-substring pgg-errors-buffer))))) + (pgg-situate-output start end) + (pgg-display-error-buffer))) + +(defun pgg-situate-output (start end) + "Place en/decryption result in place of current text from START to END." + (delete-region start end) + (insert-buffer-substring pgg-output-buffer) + (decode-coding-region start (point) buffer-file-coding-system)) + +(defun pgg-display-error-buffer () + "Pop up an error buffer indicating the reason for an en/decryption failure." + (let ((temp-buffer-show-function + (function pgg-temp-buffer-show-function))) + (with-output-to-temp-buffer pgg-echo-buffer + (set-buffer standard-output) + (insert-buffer-substring pgg-errors-buffer)))) (defvar pgg-passphrase-cache (make-vector 7 0)) -(defun pgg-read-passphrase (prompt &optional key) - (or (and pgg-cache-passphrase - key (setq key (pgg-truncate-key-identifier key)) - (symbol-value (intern-soft key pgg-passphrase-cache))) +(defvar pgg-pending-timers (make-vector 7 0) + "Hash table for managing scheduled pgg cache management timers. + +We associate key and timer, so the timer can be cancelled if a new +timeout for the key is set while an old one is still pending.") + +(defun pgg-read-passphrase (prompt &optional key notruncate) + "Using PROMPT, obtain passphrase for KEY from cache or user. + +Truncate the key to 8 trailing characters unless NOTRUNCATE is true +\(default false). + +Custom variables `pgg-cache-passphrase' and `pgg-passphrase-cache-expiry' +regulate cache behavior." + (or (pgg-read-passphrase-from-cache key notruncate) (read-passwd prompt))) +(defun pgg-read-passphrase-from-cache (key &optional notruncate) + "Obtain passphrase for KEY from time-limited passphrase cache. + +Truncate the key to 8 trailing characters unless NOTRUNCATE is true +\(default false). + +Custom variables `pgg-cache-passphrase' and `pgg-passphrase-cache-expiry' +regulate cache behavior." + (and pgg-cache-passphrase + key (or notruncate + (setq key (pgg-truncate-key-identifier key))) + (symbol-value (intern-soft key pgg-passphrase-cache)))) + +(defun pgg-add-passphrase-to-cache (key passphrase &optional notruncate) + "Associate KEY with PASSPHRASE in time-limited passphrase cache. + +Truncate the key to 8 trailing characters unless NOTRUNCATE is true +\(default false). + +Custom variables `pgg-cache-passphrase' and `pgg-passphrase-cache-expiry' +regulate cache behavior." + + (let* ((key (if notruncate key (pgg-truncate-key-identifier key))) + (interned-timer-key (intern-soft key pgg-pending-timers)) + (old-timer (symbol-value interned-timer-key)) + new-timer) + (when old-timer + (cancel-timer old-timer) + (unintern interned-timer-key pgg-pending-timers)) + (set (intern key pgg-passphrase-cache) + passphrase) + (set (intern key pgg-pending-timers) + (pgg-run-at-time pgg-passphrase-cache-expiry nil + #'pgg-remove-passphrase-from-cache + key notruncate)))) + +(defun pgg-remove-passphrase-from-cache (key &optional notruncate) + "Omit passphrase associated with KEY in time-limited passphrase cache. + +Truncate the key to 8 trailing characters unless NOTRUNCATE is true +\(default false). + +This is a no-op if there is not entry for KEY (eg, it's already expired. + +The memory for the passphrase is filled with underscores to clear any +references to it. + +Custom variables `pgg-cache-passphrase' and `pgg-passphrase-cache-expiry' +regulate cache behavior." + (let* ((passphrase (pgg-read-passphrase-from-cache key notruncate)) + (key (if notruncate key (pgg-truncate-key-identifier key))) + (interned-timer-key (intern-soft key pgg-pending-timers)) + (old-timer (symbol-value interned-timer-key))) + (when passphrase + (fillarray passphrase ?_) + (unintern key pgg-passphrase-cache)) + (when old-timer + (pgg-cancel-timer old-timer) + (unintern interned-timer-key pgg-pending-timers)))) + (eval-when-compile (defmacro pgg-run-at-time-1 (time repeat function args) (when (featurep 'xemacs) @@ -151,27 +236,20 @@ (eval-and-compile (if (featurep 'xemacs) - (defun pgg-run-at-time (time repeat function &rest args) - "Emulating function run as `run-at-time'. + (progn + (defun pgg-run-at-time (time repeat function &rest args) + "Emulating function run as `run-at-time'. TIME should be nil meaning now, or a number of seconds from now. Return an itimer object which can be used in either `delete-itimer' or `cancel-timer'." - (pgg-run-at-time-1 time repeat function args)) - (defalias 'pgg-run-at-time 'run-at-time))) - -(defun pgg-add-passphrase-cache (key passphrase) - (setq key (pgg-truncate-key-identifier key)) - (set (intern key pgg-passphrase-cache) - passphrase) - (pgg-run-at-time pgg-passphrase-cache-expiry nil - #'pgg-remove-passphrase-cache - key)) - -(defun pgg-remove-passphrase-cache (key) - (let ((passphrase (symbol-value (intern-soft key pgg-passphrase-cache)))) - (when passphrase - (fillarray passphrase ?_) - (unintern key pgg-passphrase-cache)))) + (pgg-run-at-time-1 time repeat function args)) + (defun pgg-cancel-timer (timer) + "Emulate cancel-timer for xemacs." + (let ((delete-itimer 'delete-itimer)) + (funcall delete-itimer timer))) + ) + (defalias 'pgg-run-at-time 'run-at-time) + (defalias 'pgg-cancel-timer 'cancel-timer))) (defmacro pgg-convert-lbt-region (start end lbt) `(let ((pgg-conversion-end (set-marker (make-marker) ,end))) @@ -222,93 +300,156 @@ ;;; ;;;###autoload -(defun pgg-encrypt-region (start end rcpts &optional sign) +(defun pgg-encrypt-region (start end rcpts &optional sign passphrase) "Encrypt the current region between START and END for RCPTS. -If optional argument SIGN is non-nil, do a combined sign and encrypt." + +If optional argument SIGN is non-nil, do a combined sign and encrypt. + +If optional PASSPHRASE is not specified, it will be obtained from the +passphrase cache or user." (interactive (list (region-beginning)(region-end) (split-string (read-string "Recipients: ") "[ \t,]+"))) (let ((status (pgg-save-coding-system start end (pgg-invoke "encrypt-region" (or pgg-scheme pgg-default-scheme) - (point-min) (point-max) rcpts sign)))) + (point-min) (point-max) rcpts sign passphrase)))) (when (interactive-p) (pgg-display-output-buffer start end status)) status)) ;;;###autoload -(defun pgg-encrypt (rcpts &optional sign start end) +(defun pgg-encrypt-symmetric-region (start end &optional passphrase) + "Encrypt the current region between START and END symmetric with passphrase. + +If optional PASSPHRASE is not specified, it will be obtained from the +cache or user." + (interactive "r") + (let ((status + (pgg-save-coding-system start end + (pgg-invoke "encrypt-symmetric-region" + (or pgg-scheme pgg-default-scheme) + (point-min) (point-max) passphrase)))) + (when (interactive-p) + (pgg-display-output-buffer start end status)) + status)) + +;;;###autoload +(defun pgg-encrypt-symmetric (&optional start end passphrase) + "Encrypt the current buffer using a symmetric, rather than key-pair, cipher. + +If optional arguments START and END are specified, only encrypt within +the region. + +If optional PASSPHRASE is not specified, it will be obtained from the +passphrase cache or user." + (interactive) + (let* ((start (or start (point-min))) + (end (or end (point-max))) + (status (pgg-encrypt-symmetric-region start end passphrase))) + (when (interactive-p) + (pgg-display-output-buffer start end status)) + status)) + +;;;###autoload +(defun pgg-encrypt (rcpts &optional sign start end passphrase) "Encrypt the current buffer for RCPTS. + If optional argument SIGN is non-nil, do a combined sign and encrypt. + If optional arguments START and END are specified, only encrypt within -the region." +the region. + +If optional PASSPHRASE is not specified, it will be obtained from the +passphrase cache or user." (interactive (list (split-string (read-string "Recipients: ") "[ \t,]+"))) (let* ((start (or start (point-min))) (end (or end (point-max))) - (status (pgg-encrypt-region start end rcpts sign))) + (status (pgg-encrypt-region start end rcpts sign passphrase))) (when (interactive-p) (pgg-display-output-buffer start end status)) status)) ;;;###autoload -(defun pgg-decrypt-region (start end) - "Decrypt the current region between START and END." +(defun pgg-decrypt-region (start end &optional passphrase) + "Decrypt the current region between START and END. + +If optional PASSPHRASE is not specified, it will be obtained from the +passphrase cache or user." (interactive "r") (let* ((buf (current-buffer)) (status (pgg-save-coding-system start end (pgg-invoke "decrypt-region" (or pgg-scheme pgg-default-scheme) - (point-min) (point-max))))) + (point-min) (point-max) passphrase)))) (when (interactive-p) (pgg-display-output-buffer start end status)) status)) ;;;###autoload -(defun pgg-decrypt (&optional start end) +(defun pgg-decrypt (&optional start end passphrase) "Decrypt the current buffer. + If optional arguments START and END are specified, only decrypt within -the region." +the region. + +If optional PASSPHRASE is not specified, it will be obtained from the +passphrase cache or user." (interactive "") (let* ((start (or start (point-min))) (end (or end (point-max))) - (status (pgg-decrypt-region start end))) + (status (pgg-decrypt-region start end passphrase))) (when (interactive-p) (pgg-display-output-buffer start end status)) status)) ;;;###autoload -(defun pgg-sign-region (start end &optional cleartext) +(defun pgg-sign-region (start end &optional cleartext passphrase) "Make the signature from text between START and END. + If the optional 3rd argument CLEARTEXT is non-nil, it does not create a detached signature. + If this function is called interactively, CLEARTEXT is enabled -and the the output is displayed." +and the the output is displayed. + +If optional PASSPHRASE is not specified, it will be obtained from the +passphrase cache or user." (interactive "r") (let ((status (pgg-save-coding-system start end (pgg-invoke "sign-region" (or pgg-scheme pgg-default-scheme) (point-min) (point-max) - (or (interactive-p) cleartext))))) + (or (interactive-p) cleartext) + passphrase)))) (when (interactive-p) (pgg-display-output-buffer start end status)) status)) ;;;###autoload -(defun pgg-sign (&optional cleartext start end) +(defun pgg-sign (&optional cleartext start end passphrase) "Sign the current buffer. + If the optional argument CLEARTEXT is non-nil, it does not create a detached signature. + If optional arguments START and END are specified, only sign data within the region. + If this function is called interactively, CLEARTEXT is enabled -and the the output is displayed." +and the the output is displayed. + +If optional PASSPHRASE is not specified, it will be obtained from the +passphrase cache or user." (interactive "") (let* ((start (or start (point-min))) (end (or end (point-max))) - (status (pgg-sign-region start end (or (interactive-p) cleartext)))) + (status (pgg-sign-region start end + (or (interactive-p) cleartext) + passphrase))) (when (interactive-p) (pgg-display-output-buffer start end status)) status)) - + ;;;###autoload (defun pgg-verify-region (start end &optional signature fetch) "Verify the current region between START and END. Index: pgg-gpg.el =================================================================== RCS file: /cvsroot/emacs/emacs/lisp/pgg-gpg.el,v retrieving revision 1.1 diff -u -r1.1 pgg-gpg.el --- pgg-gpg.el 24 Oct 2005 09:46:27 -0000 1.1 +++ pgg-gpg.el 25 Oct 2005 20:16:01 -0000 @@ -4,6 +4,7 @@ ;; 2005 Free Software Foundation, Inc. ;; Author: Daiki Ueno <ueno@unixuser.org> +;; Symmetric encryption added by: Sascha Wilde <wilde@sha-bang.de> ;; Created: 1999/10/28 ;; Keywords: PGP, OpenPGP, GnuPG @@ -96,19 +97,20 @@ (delete-file output-file-name)) (set-default-file-modes orig-mode)))) -(defun pgg-gpg-possibly-cache-passphrase (passphrase &optional key) +(defun pgg-gpg-possibly-cache-passphrase (passphrase &optional key notruncate) (if (and pgg-cache-passphrase (progn (goto-char (point-min)) (re-search-forward "^\\[GNUPG:] \\(GOOD_PASSPHRASE\\>\\)\\|\\(SIG_CREATED\\)" nil t))) - (pgg-add-passphrase-cache + (pgg-add-passphrase-to-cache (or key (progn (goto-char (point-min)) (if (re-search-forward "^\\[GNUPG:] NEED_PASSPHRASE\\(_PIN\\)? \\w+ ?\\w*" nil t) (substring (match-string 0) -8)))) - passphrase))) + passphrase + notruncate))) (defvar pgg-gpg-all-secret-keys 'unknown) @@ -139,18 +141,53 @@ nil t) (substring (match-string 2) 8))))) -(defun pgg-gpg-encrypt-region (start end recipients &optional sign) +(defun pgg-gpg-lookup-key-owner (string &optional all) + "Search keys associated with STRING and return owner of identified key. + +The value may be just the bare key id, or it may be a combination of the +user name associated with the key and the key id, with the key id enclosed +in \"<...>\" angle brackets. + +Optional ALL non-nil means search all keys, including secret keys." + (let ((args (list "--with-colons" "--no-greeting" "--batch" + (if all "--list-secret-keys" "--list-keys") + string)) + (key-regexp (concat "^\\(sec\\|pub\\)" + ":[^:]*:[^:]*:[^:]*:\\([^:]*\\):[^:]*" + ":[^:]*:[^:]*:[^:]*:\\([^:]*\\):")) + ) + (with-temp-buffer + (apply #'call-process pgg-gpg-program nil t nil args) + (goto-char (point-min)) + (if (re-search-forward key-regexp + nil t) + (match-string 3))))) + +(defun pgg-gpg-key-id-from-key-owner (key-owner) + (cond ((not key-owner) nil) + ;; Extract bare key id from outermost paired angle brackets, if any: + ((string-match "[^<]*<\\(.+\\)>[^>]*" key-owner) + (substring key-owner (match-beginning 1)(match-end 1))) + (key-owner)) + ) + +(defun pgg-gpg-encrypt-region (start end recipients &optional sign passphrase) "Encrypt the current region between START and END. -If optional argument SIGN is non-nil, do a combined sign and encrypt." + +If optional argument SIGN is non-nil, do a combined sign and encrypt. + +If optional PASSPHRASE is not specified, it will be obtained from the +passphrase cache or user." (let* ((pgg-gpg-user-id (or pgg-gpg-user-id pgg-default-user-id)) - (passphrase - (when sign - (pgg-read-passphrase - (format "GnuPG passphrase for %s: " pgg-gpg-user-id) - pgg-gpg-user-id))) + (passphrase (or passphrase + (when sign + (pgg-read-passphrase + (format "GnuPG passphrase for %s: " + pgg-gpg-user-id) + pgg-gpg-user-id)))) (args (append - (list "--batch" "--armor" "--always-trust" "--encrypt") + (list "--batch" "--textmode" "--armor" "--always-trust" "--encrypt") (if sign (list "--sign" "--local-user" pgg-gpg-user-id)) (if recipients (apply #'nconc @@ -169,19 +206,46 @@ (pgg-gpg-possibly-cache-passphrase passphrase))) (pgg-process-when-success))) -(defun pgg-gpg-decrypt-region (start end) - "Decrypt the current region between START and END." +(defun pgg-gpg-encrypt-symmetric-region (start end &optional passphrase) + "Encrypt the current region between START and END with symmetric cipher. + +If optional PASSPHRASE is not specified, it will be obtained from the +passphrase cache or user." + (let* ((passphrase (or passphrase + (pgg-read-passphrase + "GnuPG passphrase for symmetric encryption: "))) + (args + (append (list "--batch" "--textmode" "--armor" "--symmetric" )))) + (pgg-as-lbt start end 'CRLF + (pgg-gpg-process-region start end passphrase pgg-gpg-program args)) + (pgg-process-when-success))) + +(defun pgg-gpg-decrypt-region (start end &optional passphrase) + "Decrypt the current region between START and END. + +If optional PASSPHRASE is not specified, it will be obtained from the +passphrase cache or user." (let* ((current-buffer (current-buffer)) (message-keys (with-temp-buffer (insert-buffer-substring current-buffer) (pgg-decode-armor-region (point-min) (point-max)))) (secret-keys (pgg-gpg-lookup-all-secret-keys)) + ;; XXX the user is stuck if they need to use the passphrase for + ;; any but the first secret key for which the message is + ;; encrypted. ideally, we would incrementally give them a + ;; chance with subsequent keys each time they fail with one. (key (pgg-gpg-select-matching-key message-keys secret-keys)) - (pgg-gpg-user-id (or key pgg-gpg-user-id pgg-default-user-id)) - (passphrase - (pgg-read-passphrase - (format "GnuPG passphrase for %s: " pgg-gpg-user-id) - pgg-gpg-user-id)) + (key-owner (and key (pgg-gpg-lookup-key-owner key t))) + (key-id (pgg-gpg-key-id-from-key-owner key-owner)) + (pgg-gpg-user-id (or key-id key + pgg-gpg-user-id pgg-default-user-id)) + (passphrase (or passphrase + (pgg-read-passphrase + (format (if (pgg-gpg-symmetric-key-p message-keys) + "Passphrase for symmetric decryption: " + "GnuPG passphrase for %s: ") + (or key-owner "??")) + pgg-gpg-user-id))) (args '("--batch" "--decrypt"))) (pgg-gpg-process-region start end passphrase pgg-gpg-program args) (with-current-buffer pgg-errors-buffer @@ -189,21 +253,31 @@ (goto-char (point-min)) (re-search-forward "^\\[GNUPG:] DECRYPTION_OKAY\\>" nil t)))) +;;;###autoload +(defun pgg-gpg-symmetric-key-p (message-keys) + "True if decoded armor MESSAGE-KEYS has symmetric encryption indicator." + (let (result) + (dolist (key message-keys result) + (when (and (eq (car key) 3) + (member '(symmetric-key-algorithm) key)) + (setq result key))))) + (defun pgg-gpg-select-matching-key (message-keys secret-keys) "Choose a key from MESSAGE-KEYS that matches one of the keys in SECRET-KEYS." (loop for message-key in message-keys for message-key-id = (and (equal (car message-key) 1) - (cdr (assq 'key-identifier message-key))) + (cdr (assq 'key-identifier + (cdr message-key)))) for key = (and message-key-id (pgg-lookup-key message-key-id 'encrypt)) when (and key (member key secret-keys)) return key)) -(defun pgg-gpg-sign-region (start end &optional cleartext) +(defun pgg-gpg-sign-region (start end &optional cleartext passphrase) "Make detached signature from text between START and END." (let* ((pgg-gpg-user-id (or pgg-gpg-user-id pgg-default-user-id)) - (passphrase - (pgg-read-passphrase - (format "GnuPG passphrase for %s: " pgg-gpg-user-id) - pgg-gpg-user-id)) + (passphrase (or passphrase + (pgg-read-passphrase + (format "GnuPG passphrase for %s: " pgg-gpg-user-id) + pgg-gpg-user-id))) (args (list (if cleartext "--clearsign" "--detach-sign") "--armor" "--batch" "--verbose" [-- Attachment #3: Type: text/plain, Size: 142 bytes --] _______________________________________________ Emacs-devel mailing list Emacs-devel@gnu.org http://lists.gnu.org/mailman/listinfo/emacs-devel ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg symmetric encryption patch 2005-10-25 21:28 ` Ken Manheimer @ 2005-10-26 9:57 ` Sascha Wilde 2005-10-26 15:45 ` Ken Manheimer 0 siblings, 1 reply; 156+ messages in thread From: Sascha Wilde @ 2005-10-26 9:57 UTC (permalink / raw) Cc: sascha schwab, Daiki Ueno (pgg author), emacs-devel, Richard M. Stallman, Simon Josefsson Thanks for the patch, but I'm missing the additions to the pgg documentation I made. cheers sascha -- Sascha Wilde Life's too short to read boring signatures ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg symmetric encryption patch 2005-10-26 9:57 ` Sascha Wilde @ 2005-10-26 15:45 ` Ken Manheimer 2005-10-27 7:37 ` Sascha Wilde 0 siblings, 1 reply; 156+ messages in thread From: Ken Manheimer @ 2005-10-26 15:45 UTC (permalink / raw) Cc: sascha schwab, Daiki Ueno (pgg author), emacs-devel, Richard M. Stallman, Simon Josefsson On 10/26/05, Sascha Wilde <wilde@sha-bang.de> wrote: > Thanks for the patch, but I'm missing the additions to the pgg > documentation I made. here is the texi part of your patch, exactly as it was in emacs-pgg-symmetric.patch-5 as you sent it. (i included your ChangeLog entry in the part of my patch for the ChangeLog, and similarly for the pgg.el and pgg-gpg.el source files, so i think it's now complete.) ken ken.manheimer@gmail.com Index: man/pgg.texi =================================================================== RCS file: /cvsroot/emacs/emacs/man/pgg.texi,v retrieving revision 1.5 diff -u -r1.5 pgg.texi --- man/pgg.texi 16 Sep 2005 22:11:00 -0000 1.5 +++ man/pgg.texi 8 Oct 2005 10:31:09 -0000 @@ -98,6 +98,8 @@ @lisp (autoload 'pgg-encrypt-region "pgg" "Encrypt the current region." t) +(autoload 'pgg-encrypt-symmetric-region "pgg" + "Encrypt the current region with symmetric algorithm." t) (autoload 'pgg-decrypt-region "pgg" "Decrypt the current region." t) (autoload 'pgg-sign-region "pgg" @@ -140,6 +142,13 @@ with GnuPG. @end deffn +@deffn Command pgg-encrypt-symmetric-region start end +Encrypt the current region between @var{start} and @var{end} using a +symmetric cipher. After invocation you are asked for a passphrase. + +This is currently only implemented for GnuPG. +@end deffn + @deffn Command pgg-decrypt-region start end Decrypt the current region between @var{start} and @var{end}. If decryption is successful, it replaces the current region contents (in @@ -305,6 +314,13 @@ @var{recipients}. If @var{sign} is non-@code{nil}, do a combined sign and encrypt. If encryption is successful, it returns @code{t}, otherwise @code{nil}. +@end deffn + +@deffn Method pgg-scheme-encrypt-symmetric-region scheme start end +Encrypt the current region between @var{start} and @var{end} using a +symmetric cipher and a passphrases. If encryption is successful, it +returns @code{t}, otherwise @code{nil}. This function is currently only +implemented for GnuPG. @end deffn @deffn Method pgg-scheme-decrypt-region scheme start end ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg symmetric encryption patch 2005-10-26 15:45 ` Ken Manheimer @ 2005-10-27 7:37 ` Sascha Wilde 2005-10-29 11:42 ` Eli Zaretskii 0 siblings, 1 reply; 156+ messages in thread From: Sascha Wilde @ 2005-10-27 7:37 UTC (permalink / raw) Cc: Simon Josefsson, sascha schwab, Daiki Ueno (pgg author), Richard M. Stallman, emacs-devel [-- Attachment #1.1: Type: text/plain, Size: 698 bytes --] Ken Manheimer <ken.manheimer@gmail.com> wrote: > On 10/26/05, Sascha Wilde <wilde@sha-bang.de> wrote: >> Thanks for the patch, but I'm missing the additions to the pgg >> documentation I made. > > here is the texi part of your patch, exactly as it was in > emacs-pgg-symmetric.patch-5 as you sent it. (i included your > ChangeLog entry in the part of my patch for the ChangeLog, and > similarly for the pgg.el and pgg-gpg.el source files, so i think it's > now complete.) Yes, thank you! Could someone with write access please commit these two patches? cheers sascha -- Sascha Wilde : The sum of intelligence on earth is a constant; : population is growing [-- Attachment #1.2: Type: application/pgp-signature, Size: 188 bytes --] [-- Attachment #2: Type: text/plain, Size: 142 bytes --] _______________________________________________ Emacs-devel mailing list Emacs-devel@gnu.org http://lists.gnu.org/mailman/listinfo/emacs-devel ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg symmetric encryption patch 2005-10-27 7:37 ` Sascha Wilde @ 2005-10-29 11:42 ` Eli Zaretskii 2005-10-29 19:50 ` Ken Manheimer 0 siblings, 1 reply; 156+ messages in thread From: Eli Zaretskii @ 2005-10-29 11:42 UTC (permalink / raw) Cc: rms, schwab, ueno, emacs-devel, ken.manheimer, jas > From: Sascha Wilde <wilde@sha-bang.de> > Date: Thu, 27 Oct 2005 09:37:58 +0200 > Cc: Simon Josefsson <jas@extundo.com>, sascha schwab <schwab@suse.de>, > "Daiki Ueno \(pgg author\)" <ueno@unixuser.org>, > "Richard M. Stallman" <rms@gnu.org>, emacs-devel@gnu.org > > Ken Manheimer <ken.manheimer@gmail.com> wrote: > > > On 10/26/05, Sascha Wilde <wilde@sha-bang.de> wrote: > >> Thanks for the patch, but I'm missing the additions to the pgg > >> documentation I made. > > > > here is the texi part of your patch, exactly as it was in > > emacs-pgg-symmetric.patch-5 as you sent it. (i included your > > ChangeLog entry in the part of my patch for the ChangeLog, and > > similarly for the pgg.el and pgg-gpg.el source files, so i think it's > > now complete.) > > Yes, thank you! > > Could someone with write access please commit these two patches? Done, thanks. ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg symmetric encryption patch 2005-10-29 11:42 ` Eli Zaretskii @ 2005-10-29 19:50 ` Ken Manheimer 2005-10-31 17:30 ` Ken Manheimer 0 siblings, 1 reply; 156+ messages in thread From: Ken Manheimer @ 2005-10-29 19:50 UTC (permalink / raw) Cc: rms, Sascha Wilde, schwab, ueno, emacs-devel, jas [-- Attachment #1: Type: text/plain, Size: 1834 bytes --] thanks for applying the patches. it looks all in place. i have a supplemental patch which reenables pgp and pgp5 operation, as well as rectifying the pgg.texi documentation with the changes (plus suitable entries for lisp/ChangeLog and man/ChangeLog). this patch is somewhat speculative because i am unable to test it, not having pgp or pgp5. most of the additional functionality is not specific to the encryption software implementation, and where it is (providing the right arguments for signing) i used a man page found on the web to try to do the right thing. one thing i know is that pgg-pgp5 and pgg-pgp would *not* work without this patch, because there would be calling mismatches from the pgg generic functions. i am fairly confident that the patched code will work well. ken ken.manheimer@gmail.com On 10/29/05, Eli Zaretskii <eliz@gnu.org> wrote: > > From: Sascha Wilde <wilde@sha-bang.de> > > Date: Thu, 27 Oct 2005 09:37:58 +0200 > > Cc: Simon Josefsson <jas@extundo.com>, sascha schwab <schwab@suse.de>, > > "Daiki Ueno \(pgg author\)" <ueno@unixuser.org>, > > "Richard M. Stallman" <rms@gnu.org>, emacs-devel@gnu.org > > > > Ken Manheimer <ken.manheimer@gmail.com> wrote: > > > > > On 10/26/05, Sascha Wilde <wilde@sha-bang.de> wrote: > > >> Thanks for the patch, but I'm missing the additions to the pgg > > >> documentation I made. > > > > > > here is the texi part of your patch, exactly as it was in > > > emacs-pgg-symmetric.patch-5 as you sent it. (i included your > > > ChangeLog entry in the part of my patch for the ChangeLog, and > > > similarly for the pgg.el and pgg-gpg.el source files, so i think it's > > > now complete.) > > > > Yes, thank you! > > > > Could someone with write access please commit these two patches? > > Done, thanks. > [-- Attachment #2: pgg-pgp-compat.patch --] [-- Type: application/octet-stream, Size: 14673 bytes --] Index: lisp/ChangeLog =================================================================== RCS file: /cvsroot/emacs/emacs/lisp/ChangeLog,v retrieving revision 1.8476 diff -u -r1.8476 ChangeLog --- lisp/ChangeLog 29 Oct 2005 16:02:05 -0000 1.8476 +++ lisp/ChangeLog 29 Oct 2005 19:32:47 -0000 @@ -1,3 +1,23 @@ +2005-10-29 Ken Manheimer <ken.manheimer@gmail.com> + + * pgg-pgp.el (pgg-pgp-encrypt-region, pgg-pgp-decrypt-region) + (pgg-pgp-encrypt-symmetric-region, pgg-pgp-encrypt-symmetric) + (pgg-pgp-encrypt, pgg-pgp-decrypt-region, pgg-pgp-decrypt) + (pgg-pgp-sign-region, pgg-pgp-sign): Add optional 'passphrase' + argument to all these routines, so the passphrase can be managed + externally and passed in to the system. + (pgg-pgp-decrypt-region, pgg-pgp-sign-region): Use new name for + pgg-add-passphrase-to-cache function. + + * pgg-pgp5.el (pgg-pgp5-encrypt-region, pgg-pgp5-decrypt-region) + (pgg-pgp5-encrypt-symmetric-region, pgg-pgp5-encrypt-symmetric) + (pgg-pgp5-encrypt, pgg-pgp5-decrypt-region, pgg-pgp5-decrypt) + (pgg-pgp5-sign-region, pgg-pgp5-sign): Add optional 'passphrase' + argument to all these routines, so the passphrase can be managed + externally and passed in to the system. + (pgg-pgp5-sign-region): Use new name of + pgg-add-passphrase-to-cache function. + 2005-10-29 Roland Winkler <roland.winkler@physik.uni-erlangen.de> * textmodes/conf-mode.el (conf-assignment-sign) @@ -63,10 +83,10 @@ so the passphrase cache can be used reliably with identifiers besides a pgp packet's key id. - * pgg-gpg.el (pgg-pgp-encrypt-region) - (pgg-pgp-encrypt-symmetric-region, pgg-pgp-encrypt-symmetric) - (pgg-pgp-encrypt, pgg-pgp-decrypt-region, pgg-pgp-decrypt) - (pgg-pgp-sign-region, pgg-pgp-sign): Add optional 'passphrase' + * pgg-gpg.el (pgg-gpg-encrypt-region) + (pgg-gpg-encrypt-symmetric-region, pgg-gpg-encrypt-symmetric) + (pgg-gpg-encrypt, pgg-gpg-decrypt-region, pgg-gpg-decrypt) + (pgg-gpg-sign-region, pgg-gpg-sign): Add optional 'passphrase' argument to all these routines, so the passphrase can be managed externally and passed in to the system. Index: lisp/pgg-pgp.el =================================================================== RCS file: /cvsroot/emacs/emacs/lisp/pgg-pgp.el,v retrieving revision 1.1 diff -u -r1.1 pgg-pgp.el --- lisp/pgg-pgp.el 24 Oct 2005 09:46:27 -0000 1.1 +++ lisp/pgg-pgp.el 29 Oct 2005 19:32:48 -0000 @@ -132,41 +132,57 @@ (buffer-substring (point)(progn (end-of-line) (point))))) 2)))))) -(defun pgg-pgp-encrypt-region (start end recipients) +(defun pgg-pgp-encrypt-region (start end recipients &optional sign passphrase) "Encrypt the current region between START and END." (let* ((pgg-pgp-user-id (or pgg-pgp-user-id pgg-default-user-id)) + (passphrase (or passphrase + (when sign + (pgg-read-passphrase + (format "PGP passphrase for %s: " + pgg-pgp-user-id) + pgg-gpg-user-id)))) (args - `("+encrypttoself=off +verbose=1" "+batchmode" - "+language=us" "-fate" - ,@(if recipients - (mapcar (lambda (rcpt) (concat "\"" rcpt "\"")) - (append recipients - (if pgg-encrypt-for-me - (list pgg-pgp-user-id)))))))) + (append + `("+encrypttoself=off +verbose=1" "+batchmode" + "+language=us" "-fate" + ,@(if recipients + (mapcar (lambda (rcpt) (concat "\"" rcpt "\"")) + (append recipients + (if pgg-encrypt-for-me + (list pgg-pgp-user-id)))))) + (if sign '("-s" "-u" pgg-pgp-user-id))))) (pgg-pgp-process-region start end nil pgg-pgp-program args) (pgg-process-when-success nil))) -(defun pgg-pgp-decrypt-region (start end) - "Decrypt the current region between START and END." +(defun pgg-pgp-decrypt-region (start end &optional passphrase) + "Decrypt the current region between START and END. + +If optional PASSPHRASE is not specified, it will be obtained from the +passphrase cache or user." (let* ((pgg-pgp-user-id (or pgg-pgp-user-id pgg-default-user-id)) (key (pgg-pgp-lookup-key pgg-pgp-user-id 'encrypt)) (passphrase - (pgg-read-passphrase - (format "PGP passphrase for %s: " pgg-pgp-user-id) key)) + (or passphrase + (pgg-read-passphrase + (format "PGP passphrase for %s: " pgg-pgp-user-id) key))) (args - '("+verbose=1" "+batchmode" "+language=us" "-f"))) + '("+verbose=1" "+batchmode" "+language=us" "-f"))) (pgg-pgp-process-region start end passphrase pgg-pgp-program args) (pgg-process-when-success (if pgg-cache-passphrase - (pgg-add-passphrase-cache key passphrase))))) + (pgg-add-passphrase-to-cache key passphrase))))) + +(defun pgg-pgp-sign-region (start end &optional clearsign passphrase) + "Make detached signature from text between START and END. -(defun pgg-pgp-sign-region (start end &optional clearsign) - "Make detached signature from text between START and END." +If optional PASSPHRASE is not specified, it will be obtained from the +passphrase cache or user." (let* ((pgg-pgp-user-id (or pgg-pgp-user-id pgg-default-user-id)) (passphrase - (pgg-read-passphrase - (format "PGP passphrase for %s: " pgg-pgp-user-id) - (pgg-pgp-lookup-key pgg-pgp-user-id 'sign))) + (or passphrase + (pgg-read-passphrase + (format "PGP passphrase for %s: " pgg-pgp-user-id) + (pgg-pgp-lookup-key pgg-pgp-user-id 'sign)))) (args (list (if clearsign "-fast" "-fbast") "+verbose=1" "+language=us" "+batchmode" @@ -181,7 +197,7 @@ (point)) (point-max)))))) (if pgg-cache-passphrase - (pgg-add-passphrase-cache + (pgg-add-passphrase-to-cache (cdr (assq 'key-identifier packet)) passphrase))))))) Index: lisp/pgg-pgp5.el =================================================================== RCS file: /cvsroot/emacs/emacs/lisp/pgg-pgp5.el,v retrieving revision 1.1 diff -u -r1.1 pgg-pgp5.el --- lisp/pgg-pgp5.el 24 Oct 2005 09:46:27 -0000 1.1 +++ lisp/pgg-pgp5.el 29 Oct 2005 19:32:48 -0000 @@ -143,41 +143,51 @@ (buffer-substring (match-end 0)(progn (end-of-line)(point))))) 2))))) -(defun pgg-pgp5-encrypt-region (start end recipients &optional sign) +(defun pgg-pgp5-encrypt-region (start end recipients &optional sign passphrase) "Encrypt the current region between START and END." (let* ((pgg-pgp5-user-id (or pgg-pgp5-user-id pgg-default-user-id)) + (passphrase (or passphrase + (when sign + (pgg-read-passphrase + (format "PGP passphrase for %s: " + pgg-pgp5-user-id) + pgg-pgp5-user-id)))) (args - `("+NoBatchInvalidKeys=off" "-fat" "+batchmode=1" - ,@(if recipients - (apply #'append - (mapcar (lambda (rcpt) - (list "-r" - (concat "\"" rcpt "\""))) - (append recipients - (if pgg-encrypt-for-me - (list pgg-pgp5-user-id))))))))) + (append + `("+NoBatchInvalidKeys=off" "-fat" "+batchmode=1" + ,@(if recipients + (apply #'append + (mapcar (lambda (rcpt) + (list "-r" + (concat "\"" rcpt "\""))) + (append recipients + (if pgg-encrypt-for-me + (list pgg-pgp5-user-id))))))) + (if sign '("-s" "-u" pgg-pgp5-user-id))))) (pgg-pgp5-process-region start end nil pgg-pgp5-pgpe-program args) (pgg-process-when-success nil))) -(defun pgg-pgp5-decrypt-region (start end) +(defun pgg-pgp5-decrypt-region (start end &optional passphrase) "Decrypt the current region between START and END." (let* ((pgg-pgp5-user-id (or pgg-pgp5-user-id pgg-default-user-id)) (passphrase - (pgg-read-passphrase - (format "PGP passphrase for %s: " pgg-pgp5-user-id) - (pgg-pgp5-lookup-key pgg-pgp5-user-id 'encrypt))) + (or passphrase + (pgg-read-passphrase + (format "PGP passphrase for %s: " pgg-pgp5-user-id) + (pgg-pgp5-lookup-key pgg-pgp5-user-id 'encrypt)))) (args '("+verbose=1" "+batchmode=1" "+language=us" "-f"))) (pgg-pgp5-process-region start end passphrase pgg-pgp5-pgpv-program args) (pgg-process-when-success nil))) -(defun pgg-pgp5-sign-region (start end &optional clearsign) +(defun pgg-pgp5-sign-region (start end &optional clearsign passphrase) "Make detached signature from text between START and END." (let* ((pgg-pgp5-user-id (or pgg-pgp5-user-id pgg-default-user-id)) (passphrase - (pgg-read-passphrase - (format "PGP passphrase for %s: " pgg-pgp5-user-id) - (pgg-pgp5-lookup-key pgg-pgp5-user-id 'sign))) + (or passphrase + (pgg-read-passphrase + (format "PGP passphrase for %s: " pgg-pgp5-user-id) + (pgg-pgp5-lookup-key pgg-pgp5-user-id 'sign)))) (args (list (if clearsign "-fat" "-fbat") "+verbose=1" "+language=us" "+batchmode=1" @@ -191,7 +201,7 @@ (point)) (point-max)))))) (if pgg-cache-passphrase - (pgg-add-passphrase-cache + (pgg-add-passphrase-to-cache (cdr (assq 'key-identifier packet)) passphrase))))))) Index: man/ChangeLog =================================================================== RCS file: /cvsroot/emacs/emacs/man/ChangeLog,v retrieving revision 1.715 diff -u -r1.715 ChangeLog --- man/ChangeLog 29 Oct 2005 11:40:18 -0000 1.715 +++ man/ChangeLog 29 Oct 2005 19:32:51 -0000 @@ -1,3 +1,9 @@ +2005-10-29 Ken Manheimer <ken.manheimer@gmail.com> + + * pgg.texi (User Commands): Document additional passphrase + argument for pgg-encrypt-*, pgg-decrypt-*, and pgg-sign-* functions. + (Backend methods): Likewise for corresponding pgg-scheme-* functions. + 2005-10-29 Sascha Wilde <wilde@sha-bang.de> * pgg.texi (How to use): Update the example to add autoload of Index: man/pgg.texi =================================================================== RCS file: /cvsroot/emacs/emacs/man/pgg.texi,v retrieving revision 1.6 diff -u -r1.6 pgg.texi --- man/pgg.texi 29 Oct 2005 11:39:49 -0000 1.6 +++ man/pgg.texi 29 Oct 2005 19:32:51 -0000 @@ -129,7 +129,7 @@ fails immediately, but if the function had been called interactively, it would ask you to retrieve the signer's public key from the server. -@deffn Command pgg-encrypt-region start end recipients &optional sign +@deffn Command pgg-encrypt-region start end recipients &optional sign passphrase Encrypt the current region between @var{start} and @var{end} for @var{recipients}. When the function were called interactively, you would be asked about the recipients. @@ -138,29 +138,41 @@ the accessible portion) with the resulting data. If optional argument @var{sign} is non-@code{nil}, the function is -request to do a combined sign and encrypt. This currently only work -with GnuPG. +request to do a combined sign and encrypt. This currently is +confirmed to work with GnuPG, but might not work with PGP or PGP5. + +If optional @var{passphrase} is @code{nil}, the passphrase will be +obtained from the passphrase cache or user. @end deffn -@deffn Command pgg-encrypt-symmetric-region start end +@deffn Command pgg-encrypt-symmetric-region &optional start end passphrase Encrypt the current region between @var{start} and @var{end} using a symmetric cipher. After invocation you are asked for a passphrase. -This is currently only implemented for GnuPG. +If optional @var{passphrase} is @code{nil}, the passphrase will be +obtained from the passphrase cache or user. + +symmetric-cipher encryption is currently only implemented for GnuPG. @end deffn -@deffn Command pgg-decrypt-region start end +@deffn Command pgg-decrypt-region start end &optional passphrase Decrypt the current region between @var{start} and @var{end}. If decryption is successful, it replaces the current region contents (in the accessible portion) with the resulting data. + +If optional @var{passphrase} is @code{nil}, the passphrase will be +obtained from the passphrase cache or user. @end deffn -@deffn Command pgg-sign-region start end &optional cleartext +@deffn Command pgg-sign-region start end &optional cleartext passphrase Make the signature from text between @var{start} and @var{end}. If the optional third argument @var{cleartext} is non-@code{nil}, or the function is called interactively, it does not create a detached signature. In such a case, it replaces the current region contents (in the accessible portion) with the resulting data. + +If optional @var{passphrase} is @code{nil}, the passphrase will be +obtained from the passphrase cache or user. @end deffn @deffn Command pgg-verify-region start end &optional signature fetch @@ -309,26 +321,26 @@ keyrings. @end deffn -@deffn Method pgg-scheme-encrypt-region scheme start end recipients &optional sign +@deffn Method pgg-scheme-encrypt-region scheme start end recipients &optional sign passphrase Encrypt the current region between @var{start} and @var{end} for @var{recipients}. If @var{sign} is non-@code{nil}, do a combined sign and encrypt. If encryption is successful, it returns @code{t}, otherwise @code{nil}. @end deffn -@deffn Method pgg-scheme-encrypt-symmetric-region scheme start end +@deffn Method pgg-scheme-encrypt-symmetric-region scheme start end &optional passphrase Encrypt the current region between @var{start} and @var{end} using a symmetric cipher and a passphrases. If encryption is successful, it returns @code{t}, otherwise @code{nil}. This function is currently only implemented for GnuPG. @end deffn -@deffn Method pgg-scheme-decrypt-region scheme start end +@deffn Method pgg-scheme-decrypt-region scheme start end &optional passphrase Decrypt the current region between @var{start} and @var{end}. If decryption is successful, it returns @code{t}, otherwise @code{nil}. @end deffn -@deffn Method pgg-scheme-sign-region scheme start end &optional cleartext +@deffn Method pgg-scheme-sign-region scheme start end &optional cleartext passphrase Make the signature from text between @var{start} and @var{end}. If the optional third argument @var{cleartext} is non-@code{nil}, it does not create a detached signature. If signing is successful, it returns [-- Attachment #3: Type: text/plain, Size: 142 bytes --] _______________________________________________ Emacs-devel mailing list Emacs-devel@gnu.org http://lists.gnu.org/mailman/listinfo/emacs-devel ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg symmetric encryption patch 2005-10-29 19:50 ` Ken Manheimer @ 2005-10-31 17:30 ` Ken Manheimer 2005-11-04 14:45 ` Eli Zaretskii 0 siblings, 1 reply; 156+ messages in thread From: Ken Manheimer @ 2005-10-31 17:30 UTC (permalink / raw) Cc: rms, Sascha Wilde, schwab, ueno, emacs-devel, jas [-- Attachment #1: Type: text/plain, Size: 2283 bytes --] as things approach release-readyness, i'm hoping that there's room to include this additional pgg patch i submitted. it brings the pgg-pgp and pgg-pgp5 support into line with the pgg scheme changes, and revises the pgg manual to track those changes as well. ken ken.manheimer@gmail.com On 10/29/05, Ken Manheimer <ken.manheimer@gmail.com> wrote: > thanks for applying the patches. it looks all in place. i have a > supplemental patch which reenables pgp and pgp5 operation, as well as > rectifying the pgg.texi documentation with the changes (plus suitable > entries for lisp/ChangeLog and man/ChangeLog). > > this patch is somewhat speculative because i am unable to test it, not > having pgp or pgp5. most of the additional functionality is not > specific to the encryption software implementation, and where it is > (providing the right arguments for signing) i used a man page found on > the web to try to do the right thing. one thing i know is that > pgg-pgp5 and pgg-pgp would *not* work without this patch, because > there would be calling mismatches from the pgg generic functions. i > am fairly confident that the patched code will work well. > > ken > ken.manheimer@gmail.com > > > On 10/29/05, Eli Zaretskii <eliz@gnu.org> wrote: > > > From: Sascha Wilde <wilde@sha-bang.de> > > > Date: Thu, 27 Oct 2005 09:37:58 +0200 > > > Cc: Simon Josefsson <jas@extundo.com>, sascha schwab <schwab@suse.de>, > > > "Daiki Ueno \(pgg author\)" <ueno@unixuser.org>, > > > "Richard M. Stallman" <rms@gnu.org>, emacs-devel@gnu.org > > > > > > Ken Manheimer <ken.manheimer@gmail.com> wrote: > > > > > > > On 10/26/05, Sascha Wilde <wilde@sha-bang.de> wrote: > > > >> Thanks for the patch, but I'm missing the additions to the pgg > > > >> documentation I made. > > > > > > > > here is the texi part of your patch, exactly as it was in > > > > emacs-pgg-symmetric.patch-5 as you sent it. (i included your > > > > ChangeLog entry in the part of my patch for the ChangeLog, and > > > > similarly for the pgg.el and pgg-gpg.el source files, so i think it's > > > > now complete.) > > > > > > Yes, thank you! > > > > > > Could someone with write access please commit these two patches? > > > > Done, thanks. > > > > > [-- Attachment #2: pgg-pgp-compat.patch --] [-- Type: application/octet-stream, Size: 14677 bytes --] Index: lisp/ChangeLog =================================================================== RCS file: /cvsroot/emacs/emacs/lisp/ChangeLog,v retrieving revision 1.8476 diff -u -r1.8476 ChangeLog --- lisp/ChangeLog 29 Oct 2005 16:02:05 -0000 1.8476 +++ lisp/ChangeLog 29 Oct 2005 19:32:47 -0000 @@ -1,3 +1,23 @@ +2005-10-29 Ken Manheimer <ken.manheimer@gmail.com> + + * pgg-pgp.el (pgg-pgp-encrypt-region, pgg-pgp-decrypt-region) + (pgg-pgp-encrypt-symmetric-region, pgg-pgp-encrypt-symmetric) + (pgg-pgp-encrypt, pgg-pgp-decrypt-region, pgg-pgp-decrypt) + (pgg-pgp-sign-region, pgg-pgp-sign): Add optional 'passphrase' + argument to all these routines, so the passphrase can be managed + externally and passed in to the system. + (pgg-pgp-decrypt-region, pgg-pgp-sign-region): Use new name for + pgg-add-passphrase-to-cache function. + + * pgg-pgp5.el (pgg-pgp5-encrypt-region, pgg-pgp5-decrypt-region) + (pgg-pgp5-encrypt-symmetric-region, pgg-pgp5-encrypt-symmetric) + (pgg-pgp5-encrypt, pgg-pgp5-decrypt-region, pgg-pgp5-decrypt) + (pgg-pgp5-sign-region, pgg-pgp5-sign): Add optional 'passphrase' + argument to all these routines, so the passphrase can be managed + externally and passed in to the system. + (pgg-pgp5-sign-region): Use new name of + pgg-add-passphrase-to-cache function. + 2005-10-29 Roland Winkler <roland.winkler@physik.uni-erlangen.de> * textmodes/conf-mode.el (conf-assignment-sign) @@ -63,10 +83,10 @@ so the passphrase cache can be used reliably with identifiers besides a pgp packet's key id. - * pgg-gpg.el (pgg-pgp-encrypt-region) - (pgg-pgp-encrypt-symmetric-region, pgg-pgp-encrypt-symmetric) - (pgg-pgp-encrypt, pgg-pgp-decrypt-region, pgg-pgp-decrypt) - (pgg-pgp-sign-region, pgg-pgp-sign): Add optional 'passphrase' + * pgg-gpg.el (pgg-gpg-encrypt-region) + (pgg-gpg-encrypt-symmetric-region, pgg-gpg-encrypt-symmetric) + (pgg-gpg-encrypt, pgg-gpg-decrypt-region, pgg-gpg-decrypt) + (pgg-gpg-sign-region, pgg-gpg-sign): Add optional 'passphrase' argument to all these routines, so the passphrase can be managed externally and passed in to the system. Index: lisp/pgg-pgp.el =================================================================== RCS file: /cvsroot/emacs/emacs/lisp/pgg-pgp.el,v retrieving revision 1.1 diff -u -r1.1 pgg-pgp.el --- lisp/pgg-pgp.el 24 Oct 2005 09:46:27 -0000 1.1 +++ lisp/pgg-pgp.el 29 Oct 2005 19:32:48 -0000 @@ -132,41 +132,57 @@ (buffer-substring (point)(progn (end-of-line) (point))))) 2)))))) -(defun pgg-pgp-encrypt-region (start end recipients) +(defun pgg-pgp-encrypt-region (start end recipients &optional sign passphrase) "Encrypt the current region between START and END." (let* ((pgg-pgp-user-id (or pgg-pgp-user-id pgg-default-user-id)) + (passphrase (or passphrase + (when sign + (pgg-read-passphrase + (format "PGP passphrase for %s: " + pgg-pgp-user-id) + pgg-gpg-user-id)))) (args - `("+encrypttoself=off +verbose=1" "+batchmode" - "+language=us" "-fate" - ,@(if recipients - (mapcar (lambda (rcpt) (concat "\"" rcpt "\"")) - (append recipients - (if pgg-encrypt-for-me - (list pgg-pgp-user-id)))))))) + (append + `("+encrypttoself=off +verbose=1" "+batchmode" + "+language=us" "-fate" + ,@(if recipients + (mapcar (lambda (rcpt) (concat "\"" rcpt "\"")) + (append recipients + (if pgg-encrypt-for-me + (list pgg-pgp-user-id)))))) + (if sign '("-s" "-u" pgg-pgp-user-id))))) (pgg-pgp-process-region start end nil pgg-pgp-program args) (pgg-process-when-success nil))) -(defun pgg-pgp-decrypt-region (start end) - "Decrypt the current region between START and END." +(defun pgg-pgp-decrypt-region (start end &optional passphrase) + "Decrypt the current region between START and END. + +If optional PASSPHRASE is not specified, it will be obtained from the +passphrase cache or user." (let* ((pgg-pgp-user-id (or pgg-pgp-user-id pgg-default-user-id)) (key (pgg-pgp-lookup-key pgg-pgp-user-id 'encrypt)) (passphrase - (pgg-read-passphrase - (format "PGP passphrase for %s: " pgg-pgp-user-id) key)) + (or passphrase + (pgg-read-passphrase + (format "PGP passphrase for %s: " pgg-pgp-user-id) key))) (args - '("+verbose=1" "+batchmode" "+language=us" "-f"))) + '("+verbose=1" "+batchmode" "+language=us" "-f"))) (pgg-pgp-process-region start end passphrase pgg-pgp-program args) (pgg-process-when-success (if pgg-cache-passphrase - (pgg-add-passphrase-cache key passphrase))))) + (pgg-add-passphrase-to-cache key passphrase))))) + +(defun pgg-pgp-sign-region (start end &optional clearsign passphrase) + "Make detached signature from text between START and END. -(defun pgg-pgp-sign-region (start end &optional clearsign) - "Make detached signature from text between START and END." +If optional PASSPHRASE is not specified, it will be obtained from the +passphrase cache or user." (let* ((pgg-pgp-user-id (or pgg-pgp-user-id pgg-default-user-id)) (passphrase - (pgg-read-passphrase - (format "PGP passphrase for %s: " pgg-pgp-user-id) - (pgg-pgp-lookup-key pgg-pgp-user-id 'sign))) + (or passphrase + (pgg-read-passphrase + (format "PGP passphrase for %s: " pgg-pgp-user-id) + (pgg-pgp-lookup-key pgg-pgp-user-id 'sign)))) (args (list (if clearsign "-fast" "-fbast") "+verbose=1" "+language=us" "+batchmode" @@ -181,7 +197,7 @@ (point)) (point-max)))))) (if pgg-cache-passphrase - (pgg-add-passphrase-cache + (pgg-add-passphrase-to-cache (cdr (assq 'key-identifier packet)) passphrase))))))) Index: lisp/pgg-pgp5.el =================================================================== RCS file: /cvsroot/emacs/emacs/lisp/pgg-pgp5.el,v retrieving revision 1.1 diff -u -r1.1 pgg-pgp5.el --- lisp/pgg-pgp5.el 24 Oct 2005 09:46:27 -0000 1.1 +++ lisp/pgg-pgp5.el 29 Oct 2005 19:32:48 -0000 @@ -143,41 +143,51 @@ (buffer-substring (match-end 0)(progn (end-of-line)(point))))) 2))))) -(defun pgg-pgp5-encrypt-region (start end recipients &optional sign) +(defun pgg-pgp5-encrypt-region (start end recipients &optional sign passphrase) "Encrypt the current region between START and END." (let* ((pgg-pgp5-user-id (or pgg-pgp5-user-id pgg-default-user-id)) + (passphrase (or passphrase + (when sign + (pgg-read-passphrase + (format "PGP passphrase for %s: " + pgg-pgp5-user-id) + pgg-pgp5-user-id)))) (args - `("+NoBatchInvalidKeys=off" "-fat" "+batchmode=1" - ,@(if recipients - (apply #'append - (mapcar (lambda (rcpt) - (list "-r" - (concat "\"" rcpt "\""))) - (append recipients - (if pgg-encrypt-for-me - (list pgg-pgp5-user-id))))))))) + (append + `("+NoBatchInvalidKeys=off" "-fat" "+batchmode=1" + ,@(if recipients + (apply #'append + (mapcar (lambda (rcpt) + (list "-r" + (concat "\"" rcpt "\""))) + (append recipients + (if pgg-encrypt-for-me + (list pgg-pgp5-user-id))))))) + (if sign '("-s" "-u" pgg-pgp5-user-id))))) (pgg-pgp5-process-region start end nil pgg-pgp5-pgpe-program args) (pgg-process-when-success nil))) -(defun pgg-pgp5-decrypt-region (start end) +(defun pgg-pgp5-decrypt-region (start end &optional passphrase) "Decrypt the current region between START and END." (let* ((pgg-pgp5-user-id (or pgg-pgp5-user-id pgg-default-user-id)) (passphrase - (pgg-read-passphrase - (format "PGP passphrase for %s: " pgg-pgp5-user-id) - (pgg-pgp5-lookup-key pgg-pgp5-user-id 'encrypt))) + (or passphrase + (pgg-read-passphrase + (format "PGP passphrase for %s: " pgg-pgp5-user-id) + (pgg-pgp5-lookup-key pgg-pgp5-user-id 'encrypt)))) (args '("+verbose=1" "+batchmode=1" "+language=us" "-f"))) (pgg-pgp5-process-region start end passphrase pgg-pgp5-pgpv-program args) (pgg-process-when-success nil))) -(defun pgg-pgp5-sign-region (start end &optional clearsign) +(defun pgg-pgp5-sign-region (start end &optional clearsign passphrase) "Make detached signature from text between START and END." (let* ((pgg-pgp5-user-id (or pgg-pgp5-user-id pgg-default-user-id)) (passphrase - (pgg-read-passphrase - (format "PGP passphrase for %s: " pgg-pgp5-user-id) - (pgg-pgp5-lookup-key pgg-pgp5-user-id 'sign))) + (or passphrase + (pgg-read-passphrase + (format "PGP passphrase for %s: " pgg-pgp5-user-id) + (pgg-pgp5-lookup-key pgg-pgp5-user-id 'sign)))) (args (list (if clearsign "-fat" "-fbat") "+verbose=1" "+language=us" "+batchmode=1" @@ -191,7 +201,7 @@ (point)) (point-max)))))) (if pgg-cache-passphrase - (pgg-add-passphrase-cache + (pgg-add-passphrase-to-cache (cdr (assq 'key-identifier packet)) passphrase))))))) Index: man/ChangeLog =================================================================== RCS file: /cvsroot/emacs/emacs/man/ChangeLog,v retrieving revision 1.715 diff -u -r1.715 ChangeLog --- man/ChangeLog 29 Oct 2005 11:40:18 -0000 1.715 +++ man/ChangeLog 29 Oct 2005 19:32:51 -0000 @@ -1,3 +1,9 @@ +2005-10-29 Ken Manheimer <ken.manheimer@gmail.com> + + * pgg.texi (User Commands): Document additional passphrase + argument for pgg-encrypt-*, pgg-decrypt-*, and pgg-sign-* functions. + (Backend methods): Likewise for corresponding pgg-scheme-* functions. + 2005-10-29 Sascha Wilde <wilde@sha-bang.de> * pgg.texi (How to use): Update the example to add autoload of Index: man/pgg.texi =================================================================== RCS file: /cvsroot/emacs/emacs/man/pgg.texi,v retrieving revision 1.6 diff -u -r1.6 pgg.texi --- man/pgg.texi 29 Oct 2005 11:39:49 -0000 1.6 +++ man/pgg.texi 29 Oct 2005 19:32:51 -0000 @@ -129,7 +129,7 @@ fails immediately, but if the function had been called interactively, it would ask you to retrieve the signer's public key from the server. -@deffn Command pgg-encrypt-region start end recipients &optional sign +@deffn Command pgg-encrypt-region start end recipients &optional sign passphrase Encrypt the current region between @var{start} and @var{end} for @var{recipients}. When the function were called interactively, you would be asked about the recipients. @@ -138,29 +138,41 @@ the accessible portion) with the resulting data. If optional argument @var{sign} is non-@code{nil}, the function is -request to do a combined sign and encrypt. This currently only work -with GnuPG. +request to do a combined sign and encrypt. This currently is +confirmed to work with GnuPG, but might not work with PGP or PGP5. + +If optional @var{passphrase} is @code{nil}, the passphrase will be +obtained from the passphrase cache or user. @end deffn -@deffn Command pgg-encrypt-symmetric-region start end +@deffn Command pgg-encrypt-symmetric-region &optional start end passphrase Encrypt the current region between @var{start} and @var{end} using a symmetric cipher. After invocation you are asked for a passphrase. -This is currently only implemented for GnuPG. +If optional @var{passphrase} is @code{nil}, the passphrase will be +obtained from the passphrase cache or user. + +symmetric-cipher encryption is currently only implemented for GnuPG. @end deffn -@deffn Command pgg-decrypt-region start end +@deffn Command pgg-decrypt-region start end &optional passphrase Decrypt the current region between @var{start} and @var{end}. If decryption is successful, it replaces the current region contents (in the accessible portion) with the resulting data. + +If optional @var{passphrase} is @code{nil}, the passphrase will be +obtained from the passphrase cache or user. @end deffn -@deffn Command pgg-sign-region start end &optional cleartext +@deffn Command pgg-sign-region start end &optional cleartext passphrase Make the signature from text between @var{start} and @var{end}. If the optional third argument @var{cleartext} is non-@code{nil}, or the function is called interactively, it does not create a detached signature. In such a case, it replaces the current region contents (in the accessible portion) with the resulting data. + +If optional @var{passphrase} is @code{nil}, the passphrase will be +obtained from the passphrase cache or user. @end deffn @deffn Command pgg-verify-region start end &optional signature fetch @@ -309,26 +321,26 @@ keyrings. @end deffn -@deffn Method pgg-scheme-encrypt-region scheme start end recipients &optional sign +@deffn Method pgg-scheme-encrypt-region scheme start end recipients &optional sign passphrase Encrypt the current region between @var{start} and @var{end} for @var{recipients}. If @var{sign} is non-@code{nil}, do a combined sign and encrypt. If encryption is successful, it returns @code{t}, otherwise @code{nil}. @end deffn -@deffn Method pgg-scheme-encrypt-symmetric-region scheme start end +@deffn Method pgg-scheme-encrypt-symmetric-region scheme start end &optional passphrase Encrypt the current region between @var{start} and @var{end} using a symmetric cipher and a passphrases. If encryption is successful, it returns @code{t}, otherwise @code{nil}. This function is currently only implemented for GnuPG. @end deffn -@deffn Method pgg-scheme-decrypt-region scheme start end +@deffn Method pgg-scheme-decrypt-region scheme start end &optional passphrase Decrypt the current region between @var{start} and @var{end}. If decryption is successful, it returns @code{t}, otherwise @code{nil}. @end deffn -@deffn Method pgg-scheme-sign-region scheme start end &optional cleartext +@deffn Method pgg-scheme-sign-region scheme start end &optional cleartext passphrase Make the signature from text between @var{start} and @var{end}. If the optional third argument @var{cleartext} is non-@code{nil}, it does not create a detached signature. If signing is successful, it returns [-- Attachment #3: Type: text/plain, Size: 142 bytes --] _______________________________________________ Emacs-devel mailing list Emacs-devel@gnu.org http://lists.gnu.org/mailman/listinfo/emacs-devel ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg symmetric encryption patch 2005-10-31 17:30 ` Ken Manheimer @ 2005-11-04 14:45 ` Eli Zaretskii 0 siblings, 0 replies; 156+ messages in thread From: Eli Zaretskii @ 2005-11-04 14:45 UTC (permalink / raw) Cc: wilde, schwab, ueno, emacs-devel, jas > Date: Mon, 31 Oct 2005 13:30:40 -0400 > From: Ken Manheimer <ken.manheimer@gmail.com> > Cc: Sascha Wilde <wilde@sha-bang.de>, jas@extundo.com, schwab@suse.de, > ueno@unixuser.org, rms@gnu.org, emacs-devel@gnu.org > > as things approach release-readyness, i'm hoping that there's room to > include this additional pgg patch i submitted. it brings the pgg-pgp > and pgg-pgp5 support into line with the pgg scheme changes, and > revises the pgg manual to track those changes as well. Thanks, I installed them. ^ permalink raw reply [flat|nested] 156+ messages in thread
* Relocating pgg*.el (was: pgg symmetric encryption patch) 2005-10-20 14:12 ` Simon Josefsson 2005-10-20 14:30 ` Ken Manheimer 2005-10-20 14:42 ` Sascha Wilde @ 2005-10-20 18:07 ` Reiner Steib 2005-10-20 22:22 ` Kim F. Storm 2005-10-20 23:38 ` pgg symmetric encryption patch Richard M. Stallman 2006-03-18 21:17 ` Small patch to enable use of gpg-agent with pgg Sascha Wilde 4 siblings, 1 reply; 156+ messages in thread From: Reiner Steib @ 2005-10-20 18:07 UTC (permalink / raw) On Thu, Oct 20 2005, Simon Josefsson wrote: > I'm all for relocating pgg. I wasn't sure about the "best practice" in order to keep CVS history when moving files around. > However, I suggest lisp/pgg/ instead. The lisp/ directory is pretty > large as it is. Shouldn't pgg*.el be put into a separate directory along with other security or cryptography related libraries (maybe lisp/security or lisp/crypto)? PGG files: gnus/pgg.el gnus/pgg-pgp5.el gnus/pgg-pgp.el gnus/pgg-parse.el gnus/pgg-gpg.el gnus/pgg-def.el Other files (used by Gnus): gnus/sha1.el gnus/starttls.el net/tls.el ... and maybe others like password.el and encrypt.el (only in Gnus CVS upto now). It has been discussed previously[1] that it would be useful to add password.el and encrypt.el to Emacs, but it wasn't done because of the feature freeze. I'd suggest to add those libraries. Unless we start to modify existing Emacs 22 packages to use them, it wouldn't destabilize anything. Bye, Reiner. [1] http://thread.gmane.org/gmane.emacs.gnus.general/58915 ,---- | From: "Ted Zlatanov" <tzz@lifelogs.com> | Subject: encrypt.el (was: pop3.el itegration with netrc.el) | To: ding@gnus.org | Cc: "emacs-devel" <emacs-devel@gnu.org> | Date: Fri, 15 Oct 2004 21:14:59 +0200 | Message-ID: <4nfz4f94jw.fsf_-_@lifelogs.com> `---- -- ,,, (o o) ---ooO-(_)-Ooo--- | PGP key available | http://rsteib.home.pages.de/ ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: Relocating pgg*.el (was: pgg symmetric encryption patch) 2005-10-20 18:07 ` Relocating pgg*.el (was: pgg symmetric encryption patch) Reiner Steib @ 2005-10-20 22:22 ` Kim F. Storm 2005-10-21 4:49 ` Richard M. Stallman 0 siblings, 1 reply; 156+ messages in thread From: Kim F. Storm @ 2005-10-20 22:22 UTC (permalink / raw) Reiner Steib <reinersteib+gmane@imap.cc> writes: > Shouldn't pgg*.el be put into a separate directory along with other > security or cryptography related libraries (maybe lisp/security or > lisp/crypto)? I was thinking about using lisp/net, but a separate lisp/crypto is a much better idea. -- Kim F. Storm <storm@cua.dk> http://www.cua.dk ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: Relocating pgg*.el (was: pgg symmetric encryption patch) 2005-10-20 22:22 ` Kim F. Storm @ 2005-10-21 4:49 ` Richard M. Stallman 0 siblings, 0 replies; 156+ messages in thread From: Richard M. Stallman @ 2005-10-21 4:49 UTC (permalink / raw) Cc: emacs-devel I was thinking about using lisp/net, but a separate lisp/crypto is a much better idea. It could be a good idea, if there are enough files that could be moved from the top level Lisp directory so as to justify having another subdirectory. So I suggest people look at which other files in `lisp' might belong there. It would be ok to move files from other subdirs if they fit better in the new subdir, but that isn't really making progress. gnus/pgg.el gnus/pgg-pgp5.el gnus/pgg-pgp.el gnus/pgg-parse.el gnus/pgg-gpg.el gnus/pgg-def.el gnus/sha1.el gnus/starttls.el net/tls.el That isn't enough files to justify a subdirectory. Also, the other three are not ones we plan to put in the top level directory, so they won't be reducing its size. ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg symmetric encryption patch 2005-10-20 14:12 ` Simon Josefsson ` (2 preceding siblings ...) 2005-10-20 18:07 ` Relocating pgg*.el (was: pgg symmetric encryption patch) Reiner Steib @ 2005-10-20 23:38 ` Richard M. Stallman 2005-10-21 7:07 ` Simon Josefsson 2006-03-18 21:17 ` Small patch to enable use of gpg-agent with pgg Sascha Wilde 4 siblings, 1 reply; 156+ messages in thread From: Richard M. Stallman @ 2005-10-20 23:38 UTC (permalink / raw) Cc: schwab, ken.manheimer, ueno, emacs-devel I'm all for relocating pgg. However, I suggest lisp/pgg/ instead. Please remember our policy not to have lots of small subdirectories. We do not create directories of `lisp' for less than around 20 source files. ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg symmetric encryption patch 2005-10-20 23:38 ` pgg symmetric encryption patch Richard M. Stallman @ 2005-10-21 7:07 ` Simon Josefsson 0 siblings, 0 replies; 156+ messages in thread From: Simon Josefsson @ 2005-10-21 7:07 UTC (permalink / raw) Cc: schwab, ken.manheimer, ueno, emacs-devel "Richard M. Stallman" <rms@gnu.org> writes: > I'm all for relocating pgg. However, I suggest lisp/pgg/ instead. > > Please remember our policy not to have lots of small subdirectories. > We do not create directories of `lisp' for less than around 20 source > files. Ok. ^ permalink raw reply [flat|nested] 156+ messages in thread
* Small patch to enable use of gpg-agent with pgg 2005-10-20 14:12 ` Simon Josefsson ` (3 preceding siblings ...) 2005-10-20 23:38 ` pgg symmetric encryption patch Richard M. Stallman @ 2006-03-18 21:17 ` Sascha Wilde 2006-03-18 23:30 ` Daniel Pittman 2006-03-21 14:32 ` Simon Josefsson 4 siblings, 2 replies; 156+ messages in thread From: Sascha Wilde @ 2006-03-18 21:17 UTC (permalink / raw) Cc: Daiki Ueno (pgg author), ding, Simon Josefsson [-- Attachment #1.1.1: Type: text/plain, Size: 387 bytes --] Hi, I wrote a small patch, which makes it possible to use the GnuPG agent (which is part of gpg 1.9 and considered ready to use by Werner) with the GnuPG backend of pgg. I have done very little testing yet, but it seems to work fine.[0] To test it: set up your gpg-agent as usual and set pgg-gpg-use-agent to t. cheers sascha [0] I signed this Mail using it... ;-) [-- Attachment #1.1.2: pgg-gpg-agent.patch --] [-- Type: text/x-patch, Size: 4943 bytes --] *** pgg-gpg.el 11 Feb 2006 17:01:56 +0100 1.4 --- pgg-gpg.el 18 Mär 2006 21:57:00 +0100 *************** *** 51,56 **** --- 51,61 ---- :type '(choice (const :tag "New `--recipient' option" "--recipient") (const :tag "Old `--remote-user' option" "--remote-user"))) + (defcustom pgg-gpg-use-agent nil + "Whether to use gnupg agent for key caching." + :group 'pgg-gpg + :type 'boolean) + (defvar pgg-gpg-user-id nil "GnuPG ID of your default identity.") *************** *** 58,64 **** (let* ((output-file-name (pgg-make-temp-file "pgg-output")) (args `("--status-fd" "2" ! ,@(if passphrase '("--passphrase-fd" "0")) "--yes" ; overwrite "--output" ,output-file-name ,@pgg-gpg-extra-args ,@args)) --- 63,71 ---- (let* ((output-file-name (pgg-make-temp-file "pgg-output")) (args `("--status-fd" "2" ! ,@(if (and passphrase (not pgg-gpg-use-agent)) ! '("--passphrase-fd" "0")) ! ,(if pgg-gpg-use-agent "--use-agent") "--yes" ; overwrite "--output" ,output-file-name ,@pgg-gpg-extra-args ,@args)) *************** *** 77,83 **** (input (buffer-substring-no-properties start end)) (default-enable-multibyte-characters nil)) (with-temp-buffer ! (when passphrase (insert passphrase "\n")) (insert input) (setq exit-status --- 84,90 ---- (input (buffer-substring-no-properties start end)) (default-enable-multibyte-characters nil)) (with-temp-buffer ! (when (and passphrase (not pgg-gpg-use-agent)) (insert passphrase "\n")) (insert input) (setq exit-status *************** *** 181,187 **** If optional PASSPHRASE is not specified, it will be obtained from the passphrase cache or user." (let* ((pgg-gpg-user-id (or pgg-gpg-user-id pgg-default-user-id)) ! (passphrase (or passphrase (when sign (pgg-read-passphrase (format "GnuPG passphrase for %s: " --- 188,195 ---- If optional PASSPHRASE is not specified, it will be obtained from the passphrase cache or user." (let* ((pgg-gpg-user-id (or pgg-gpg-user-id pgg-default-user-id)) ! (passphrase (or pgg-gpg-use-agent ! passphrase (when sign (pgg-read-passphrase (format "GnuPG passphrase for %s: " *************** *** 213,219 **** If optional PASSPHRASE is not specified, it will be obtained from the passphrase cache or user." ! (let* ((passphrase (or passphrase (pgg-read-passphrase "GnuPG passphrase for symmetric encryption: "))) (args --- 221,228 ---- If optional PASSPHRASE is not specified, it will be obtained from the passphrase cache or user." ! (let* ((passphrase (or pgg-gpg-use-agent ! passphrase (pgg-read-passphrase "GnuPG passphrase for symmetric encryption: "))) (args *************** *** 241,247 **** (key-id (pgg-gpg-key-id-from-key-owner key-owner)) (pgg-gpg-user-id (or key-id key pgg-gpg-user-id pgg-default-user-id)) ! (passphrase (or passphrase (pgg-read-passphrase (format (if (pgg-gpg-symmetric-key-p message-keys) "Passphrase for symmetric decryption: " --- 250,257 ---- (key-id (pgg-gpg-key-id-from-key-owner key-owner)) (pgg-gpg-user-id (or key-id key pgg-gpg-user-id pgg-default-user-id)) ! (passphrase (or pgg-gpg-use-agent ! passphrase (pgg-read-passphrase (format (if (pgg-gpg-symmetric-key-p message-keys) "Passphrase for symmetric decryption: " *************** *** 276,282 **** (defun pgg-gpg-sign-region (start end &optional cleartext passphrase) "Make detached signature from text between START and END." (let* ((pgg-gpg-user-id (or pgg-gpg-user-id pgg-default-user-id)) ! (passphrase (or passphrase (pgg-read-passphrase (format "GnuPG passphrase for %s: " pgg-gpg-user-id) pgg-gpg-user-id))) --- 286,293 ---- (defun pgg-gpg-sign-region (start end &optional cleartext passphrase) "Make detached signature from text between START and END." (let* ((pgg-gpg-user-id (or pgg-gpg-user-id pgg-default-user-id)) ! (passphrase (or pgg-gpg-use-agent ! passphrase (pgg-read-passphrase (format "GnuPG passphrase for %s: " pgg-gpg-user-id) pgg-gpg-user-id))) [-- Attachment #1.1.3: Type: text/plain, Size: 101 bytes --] -- Sascha Wilde Hi! I'm a .signature *virus*! Copy me into your ~/.signature to help me spread! [-- Attachment #1.2: Type: application/pgp-signature, Size: 190 bytes --] [-- Attachment #2: Type: text/plain, Size: 142 bytes --] _______________________________________________ Emacs-devel mailing list Emacs-devel@gnu.org http://lists.gnu.org/mailman/listinfo/emacs-devel ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: Small patch to enable use of gpg-agent with pgg 2006-03-18 21:17 ` Small patch to enable use of gpg-agent with pgg Sascha Wilde @ 2006-03-18 23:30 ` Daniel Pittman 2006-03-19 0:46 ` Miles Bader 2006-03-19 9:49 ` Sascha Wilde 2006-03-21 14:32 ` Simon Josefsson 1 sibling, 2 replies; 156+ messages in thread From: Daniel Pittman @ 2006-03-18 23:30 UTC (permalink / raw) Cc: emacs-devel [-- Attachment #1: Type: text/plain, Size: 1063 bytes --] Sascha Wilde <wilde@sha-bang.de> writes: > I wrote a small patch, which makes it possible to use the GnuPG agent > (which is part of gpg 1.9 and considered ready to use by Werner) with > the GnuPG backend of pgg. > > I have done very little testing yet, but it seems to work fine.[0] > > To test it: > set up your gpg-agent as usual and set pgg-gpg-use-agent to t. I am not convinced that this is the best idea -- so far as I can see, if I were to set `pgg-gpg-use-agent' to `t' then I *must* use the agent. Is it not possible to enable gpg to try the agent first, then to prompt for a passphrase? Also, is it possible to automatically detect support for using the agent so that it isn't necessary to manually enable this -- once a new enough version is available, support is enabled? Obviously, automatically enabling this is only useful if the first issue is resolved. :) Daniel -- Digital Infrastructure Solutions -- making IT simple, stable and secure Phone: 0401 155 707 email: contact@digital-infrastructure.com.au [-- Attachment #2: Type: application/pgp-signature, Size: 190 bytes --] ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: Small patch to enable use of gpg-agent with pgg 2006-03-18 23:30 ` Daniel Pittman @ 2006-03-19 0:46 ` Miles Bader 2006-03-19 3:45 ` Daniel Pittman 2006-03-19 9:49 ` Sascha Wilde 1 sibling, 1 reply; 156+ messages in thread From: Miles Bader @ 2006-03-19 0:46 UTC (permalink / raw) Cc: emacs-devel Daniel Pittman <daniel@rimspace.net> writes: > Is it not possible to enable gpg to try the agent first, then to prompt > for a passphrase? In my experience (trying to do the same thing outside of gnus), gpg is generally kind of stupid in this respect ... if you find a way to do it, let me know! -miles -- "I distrust a research person who is always obviously busy on a task." --Robert Frosch, VP, GM Research ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: Small patch to enable use of gpg-agent with pgg 2006-03-19 0:46 ` Miles Bader @ 2006-03-19 3:45 ` Daniel Pittman 2006-03-19 18:28 ` Miles Bader 0 siblings, 1 reply; 156+ messages in thread From: Daniel Pittman @ 2006-03-19 3:45 UTC (permalink / raw) Cc: emacs-devel Miles Bader <miles@gnu.org> writes: > Daniel Pittman <daniel@rimspace.net> writes: >> Is it not possible to enable gpg to try the agent first, then to prompt >> for a passphrase? > > In my experience (trying to do the same thing outside of gnus), gpg is > generally kind of stupid in this respect ... if you find a way to do > it, let me know! Hrm. According to the documentation I have here, '--use-agent' will first try to contact the agent, and will then ask for a passphrase if that fails. I don't have access to the agent to test, but it seems that it may be possible to have this accept a passphrase from Gnus as well as trying the agent. Just a simple matter of programming -- which is, of course, easy for me to volunteer the original poster. ;) Daniel -- Digital Infrastructure Solutions -- making IT simple, stable and secure Phone: 0401 155 707 email: contact@digital-infrastructure.com.au ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: Small patch to enable use of gpg-agent with pgg 2006-03-19 3:45 ` Daniel Pittman @ 2006-03-19 18:28 ` Miles Bader 0 siblings, 0 replies; 156+ messages in thread From: Miles Bader @ 2006-03-19 18:28 UTC (permalink / raw) Cc: emacs-devel Daniel Pittman <daniel@rimspace.net> writes: > Hrm. According to the documentation I have here, '--use-agent' will > first try to contact the agent, and will then ask for a passphrase if > that fails. It does, but it doesn't really work very well -- it must use some different mechanism than the ordinary (no agent specified at all) case because it only prompts once (doesn't re-prompt if you give a wrong password) and seems generally seems more flaky (fails in more cases, e.g., given other options that ordinarily don't preclude password entry). -Miles -- Love is a snowmobile racing across the tundra. Suddenly it flips over, pinning you underneath. At night the ice weasels come. --Nietzsche ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: Small patch to enable use of gpg-agent with pgg 2006-03-18 23:30 ` Daniel Pittman 2006-03-19 0:46 ` Miles Bader @ 2006-03-19 9:49 ` Sascha Wilde 2006-03-19 17:30 ` Sascha Wilde 1 sibling, 1 reply; 156+ messages in thread From: Sascha Wilde @ 2006-03-19 9:49 UTC (permalink / raw) Cc: ding, emacs-devel [-- Attachment #1.1: Type: text/plain, Size: 1364 bytes --] Daniel Pittman <daniel@rimspace.net> wrote: > Sascha Wilde <wilde@sha-bang.de> writes: > >> I wrote a small patch, which makes it possible to use the GnuPG agent >> (which is part of gpg 1.9 and considered ready to use by Werner) with >> the GnuPG backend of pgg. [...] > I am not convinced that this is the best idea -- so far as I can see, if > I were to set `pgg-gpg-use-agent' to `t' then I *must* use the agent. > > Is it not possible to enable gpg to try the agent first, then to prompt > for a passphrase? Yes, that would be good. I'll try to implement it. > Also, is it possible to automatically detect support for using the agent > so that it isn't necessary to manually enable this -- once a new enough > version is available, support is enabled? This would be very error prone. Even if a running gpg-agent is available there are certain conditions which could make using it impossible. For example: on an text console running the standard pin-entry program (which uses curses) from within emacs won't work. That's why I think that using an available agent should be enabled explicitly. cheers sascha -- Sascha Wilde Real programmers don't want "what you see is what you get", they want "you asked for it, you got it". They want editors that are terse, powerful, cryptic, and unforgiving. In a word, Teco. [-- Attachment #1.2: Type: application/pgp-signature, Size: 190 bytes --] [-- Attachment #2: Type: text/plain, Size: 142 bytes --] _______________________________________________ Emacs-devel mailing list Emacs-devel@gnu.org http://lists.gnu.org/mailman/listinfo/emacs-devel ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: Small patch to enable use of gpg-agent with pgg 2006-03-19 9:49 ` Sascha Wilde @ 2006-03-19 17:30 ` Sascha Wilde 0 siblings, 0 replies; 156+ messages in thread From: Sascha Wilde @ 2006-03-19 17:30 UTC (permalink / raw) Cc: ding, emacs-devel [-- Attachment #1.1.1: Type: text/plain, Size: 869 bytes --] Sascha Wilde <wilde@sha-bang.de> wrote: > Daniel Pittman <daniel@rimspace.net> wrote: >>> Sascha Wilde <wilde@sha-bang.de> writes: >> >>> I wrote a small patch, which makes it possible to use the GnuPG agent >>> (which is part of gpg 1.9 and considered ready to use by Werner) with >>> the GnuPG backend of pgg. > [...] >> I am not convinced that this is the best idea -- so far as I can see, if >> I were to set `pgg-gpg-use-agent' to `t' then I *must* use the agent. >> >> Is it not possible to enable gpg to try the agent first, then to prompt >> for a passphrase? > > Yes, that would be good. I'll try to implement it. I attached a patch which performs a test if gpg-agent is really available when pgg-gpg-use-agent is set to t. Please note, this new patch also fixees a bug, which was introduced by the original patch and broke non agent use... cheers sascha [-- Attachment #1.1.2: pgg-gpg-agent.patch --] [-- Type: text/x-patch, Size: 6832 bytes --] *** pgg-gpg.el 11 Feb 2006 17:01:56 +0100 1.4 --- pgg-gpg.el 19 Mär 2006 17:05:38 +0100 *************** *** 4,10 **** ;; 2005, 2006 Free Software Foundation, Inc. ;; Author: Daiki Ueno <ueno@unixuser.org> ! ;; Symmetric encryption added by: Sascha Wilde <wilde@sha-bang.de> ;; Created: 1999/10/28 ;; Keywords: PGP, OpenPGP, GnuPG --- 4,11 ---- ;; 2005, 2006 Free Software Foundation, Inc. ;; Author: Daiki Ueno <ueno@unixuser.org> ! ;; Symmetric encryption and gpg-agent support added by: ! ;; Sascha Wilde <wilde@sha-bang.de> ;; Created: 1999/10/28 ;; Keywords: PGP, OpenPGP, GnuPG *************** *** 51,64 **** :type '(choice (const :tag "New `--recipient' option" "--recipient") (const :tag "Old `--remote-user' option" "--remote-user"))) (defvar pgg-gpg-user-id nil "GnuPG ID of your default identity.") (defun pgg-gpg-process-region (start end passphrase program args) ! (let* ((output-file-name (pgg-make-temp-file "pgg-output")) (args `("--status-fd" "2" ! ,@(if passphrase '("--passphrase-fd" "0")) "--yes" ; overwrite "--output" ,output-file-name ,@pgg-gpg-extra-args ,@args)) --- 52,73 ---- :type '(choice (const :tag "New `--recipient' option" "--recipient") (const :tag "Old `--remote-user' option" "--remote-user"))) + (defcustom pgg-gpg-use-agent nil + "Whether to use gnupg agent for key caching." + :group 'pgg-gpg + :type 'boolean) + (defvar pgg-gpg-user-id nil "GnuPG ID of your default identity.") (defun pgg-gpg-process-region (start end passphrase program args) ! (let* ((use-agent (pgg-gpg-use-agent-p)) ! (output-file-name (pgg-make-temp-file "pgg-output")) (args `("--status-fd" "2" ! ,@(if (and passphrase (not use-agent)) ! '("--passphrase-fd" "0")) ! ,@(if use-agent '("--use-agent")) "--yes" ; overwrite "--output" ,output-file-name ,@pgg-gpg-extra-args ,@args)) *************** *** 77,83 **** (input (buffer-substring-no-properties start end)) (default-enable-multibyte-characters nil)) (with-temp-buffer ! (when passphrase (insert passphrase "\n")) (insert input) (setq exit-status --- 86,92 ---- (input (buffer-substring-no-properties start end)) (default-enable-multibyte-characters nil)) (with-temp-buffer ! (when (and passphrase (not (pgg-gpg-use-agent-p))) (insert passphrase "\n")) (insert input) (setq exit-status *************** *** 181,187 **** If optional PASSPHRASE is not specified, it will be obtained from the passphrase cache or user." (let* ((pgg-gpg-user-id (or pgg-gpg-user-id pgg-default-user-id)) ! (passphrase (or passphrase (when sign (pgg-read-passphrase (format "GnuPG passphrase for %s: " --- 190,197 ---- If optional PASSPHRASE is not specified, it will be obtained from the passphrase cache or user." (let* ((pgg-gpg-user-id (or pgg-gpg-user-id pgg-default-user-id)) ! (passphrase (or (pgg-gpg-use-agent-p) ! passphrase (when sign (pgg-read-passphrase (format "GnuPG passphrase for %s: " *************** *** 213,219 **** If optional PASSPHRASE is not specified, it will be obtained from the passphrase cache or user." ! (let* ((passphrase (or passphrase (pgg-read-passphrase "GnuPG passphrase for symmetric encryption: "))) (args --- 223,230 ---- If optional PASSPHRASE is not specified, it will be obtained from the passphrase cache or user." ! (let* ((passphrase (or (pgg-gpg-use-agent-p) ! passphrase (pgg-read-passphrase "GnuPG passphrase for symmetric encryption: "))) (args *************** *** 241,247 **** (key-id (pgg-gpg-key-id-from-key-owner key-owner)) (pgg-gpg-user-id (or key-id key pgg-gpg-user-id pgg-default-user-id)) ! (passphrase (or passphrase (pgg-read-passphrase (format (if (pgg-gpg-symmetric-key-p message-keys) "Passphrase for symmetric decryption: " --- 252,259 ---- (key-id (pgg-gpg-key-id-from-key-owner key-owner)) (pgg-gpg-user-id (or key-id key pgg-gpg-user-id pgg-default-user-id)) ! (passphrase (or (pgg-gpg-use-agent-p) ! passphrase (pgg-read-passphrase (format (if (pgg-gpg-symmetric-key-p message-keys) "Passphrase for symmetric decryption: " *************** *** 276,282 **** (defun pgg-gpg-sign-region (start end &optional cleartext passphrase) "Make detached signature from text between START and END." (let* ((pgg-gpg-user-id (or pgg-gpg-user-id pgg-default-user-id)) ! (passphrase (or passphrase (pgg-read-passphrase (format "GnuPG passphrase for %s: " pgg-gpg-user-id) pgg-gpg-user-id))) --- 288,295 ---- (defun pgg-gpg-sign-region (start end &optional cleartext passphrase) "Make detached signature from text between START and END." (let* ((pgg-gpg-user-id (or pgg-gpg-user-id pgg-default-user-id)) ! (passphrase (or (pgg-gpg-use-agent-p) ! passphrase (pgg-read-passphrase (format "GnuPG passphrase for %s: " pgg-gpg-user-id) pgg-gpg-user-id))) *************** *** 345,350 **** --- 358,382 ---- (append-to-buffer pgg-output-buffer (point-min)(point-max)) (pgg-process-when-success))) + (defun pgg-gpg-update-agent () + "Try to connet to gpg-agent and send UPDATESTARTUPTTY." + (let* ((agent-info (getenv "GPG_AGENT_INFO")) + (socket (and agent-info + (string-match "^\\([^:]*\\)" agent-info) + (match-string 1 agent-info))) + (conn (and socket + (make-network-process :name "gpg-agent-process" + :host 'local :family 'local + :service socket)))) + (when (and conn (eq (process-status conn) 'open)) + (process-send-string conn "UPDATESTARTUPTTY\n") + (delete-process conn) + t))) + + (defun pgg-gpg-use-agent-p () + "Return t if `pgg-gpg-use-agent' is t and gpg-agent is available." + (and pgg-gpg-use-agent (pgg-gpg-update-agent))) + (provide 'pgg-gpg) ;;; arch-tag: 2aa5d5d8-93a0-4865-9312-33e29830e000 [-- Attachment #1.1.3: Type: text/plain, Size: 174 bytes --] -- Sascha Wilde : VI is to EMACS as masturbation is to making love: : effective and always available but probably not your : first choice... [-- Attachment #1.2: Type: application/pgp-signature, Size: 190 bytes --] [-- Attachment #2: Type: text/plain, Size: 142 bytes --] _______________________________________________ Emacs-devel mailing list Emacs-devel@gnu.org http://lists.gnu.org/mailman/listinfo/emacs-devel ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: Small patch to enable use of gpg-agent with pgg 2006-03-18 21:17 ` Small patch to enable use of gpg-agent with pgg Sascha Wilde 2006-03-18 23:30 ` Daniel Pittman @ 2006-03-21 14:32 ` Simon Josefsson 2006-03-21 21:29 ` Reiner Steib 2006-03-22 8:36 ` Sascha Wilde 1 sibling, 2 replies; 156+ messages in thread From: Simon Josefsson @ 2006-03-21 14:32 UTC (permalink / raw) Cc: Daiki Ueno (pgg author), ding, emacs-devel Sascha Wilde <wilde@sha-bang.de> writes: > Hi, > > I wrote a small patch, which makes it possible to use the GnuPG agent > (which is part of gpg 1.9 and considered ready to use by Werner) with > the GnuPG backend of pgg. > > I have done very little testing yet, but it seems to work fine.[0] > > To test it: > set up your gpg-agent as usual and set pgg-gpg-use-agent to t. Your patch didn't work well for me: 1) Non-agent mode didn't work at all (the args list contained 'nil' so invoking gpg failed with a lisp error). 2) After fixing the above, the patch made the passphrase be 't', which broke the passphrase cache, causing a lisp error. How about this patch instead? It works for me. I've also improved the pgg-use-agent default value. I've installed this on Emacs CVS trunk, Gnus v5-10 and Gnus CVS. Thanks for working on this, it is quite useful. --- pgg-gpg.el 21 Mar 2006 14:53:00 +0100 1.4 +++ pgg-gpg.el 21 Mar 2006 15:22:38 +0100 @@ -51,6 +51,13 @@ :type '(choice (const :tag "New `--recipient' option" "--recipient") (const :tag "Old `--remote-user' option" "--remote-user"))) +(defcustom pgg-gpg-use-agent (if (getenv "GPG_AGENT_INFO") t nil) + "Whether to use gnupg agent for key caching. +By default, it will be enabled iff the environment variable +\"GPG_AGENT_INFO\" is set." + :group 'pgg-gpg + :type 'boolean) + (defvar pgg-gpg-user-id nil "GnuPG ID of your default identity.") @@ -58,7 +65,8 @@ (let* ((output-file-name (pgg-make-temp-file "pgg-output")) (args `("--status-fd" "2" - ,@(if passphrase '("--passphrase-fd" "0")) + ,@(if pgg-gpg-use-agent '("--use-agent") + (if passphrase '("--passphrase-fd" "0"))) "--yes" ; overwrite "--output" ,output-file-name ,@pgg-gpg-extra-args ,@args)) @@ -100,7 +108,8 @@ (set-default-file-modes orig-mode)))) (defun pgg-gpg-possibly-cache-passphrase (passphrase &optional key notruncate) - (if (and pgg-cache-passphrase + (if (and passphrase + pgg-cache-passphrase (progn (goto-char (point-min)) (re-search-forward "^\\[GNUPG:] \\(GOOD_PASSPHRASE\\>\\)\\|\\(SIG_CREATED\\)" nil t))) @@ -182,7 +191,7 @@ passphrase cache or user." (let* ((pgg-gpg-user-id (or pgg-gpg-user-id pgg-default-user-id)) (passphrase (or passphrase - (when sign + (when (and sign (not pgg-gpg-use-agent)) (pgg-read-passphrase (format "GnuPG passphrase for %s: " pgg-gpg-user-id) @@ -214,8 +223,9 @@ If optional PASSPHRASE is not specified, it will be obtained from the passphrase cache or user." (let* ((passphrase (or passphrase + (when (not pgg-gpg-use-agent) (pgg-read-passphrase - "GnuPG passphrase for symmetric encryption: "))) + "GnuPG passphrase for symmetric encryption: ")))) (args (append (list "--batch" "--armor" "--symmetric" ) (if pgg-text-mode (list "--textmode"))))) @@ -242,12 +252,13 @@ (pgg-gpg-user-id (or key-id key pgg-gpg-user-id pgg-default-user-id)) (passphrase (or passphrase + (when (not pgg-gpg-use-agent) (pgg-read-passphrase (format (if (pgg-gpg-symmetric-key-p message-keys) "Passphrase for symmetric decryption: " "GnuPG passphrase for %s: ") (or key-owner "??")) - pgg-gpg-user-id))) + pgg-gpg-user-id)))) (args '("--batch" "--decrypt"))) (pgg-gpg-process-region start end passphrase pgg-gpg-program args) (with-current-buffer pgg-errors-buffer @@ -277,9 +288,11 @@ "Make detached signature from text between START and END." (let* ((pgg-gpg-user-id (or pgg-gpg-user-id pgg-default-user-id)) (passphrase (or passphrase + (when (not pgg-gpg-use-agent) (pgg-read-passphrase - (format "GnuPG passphrase for %s: " pgg-gpg-user-id) - pgg-gpg-user-id))) + (format "GnuPG passphrase for %s: " + pgg-gpg-user-id) + pgg-gpg-user-id)))) (args (append (list (if cleartext "--clearsign" "--detach-sign") "--armor" "--batch" "--verbose" ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: Small patch to enable use of gpg-agent with pgg 2006-03-21 14:32 ` Simon Josefsson @ 2006-03-21 21:29 ` Reiner Steib 2006-03-22 9:49 ` Simon Josefsson 2006-03-22 8:36 ` Sascha Wilde 1 sibling, 1 reply; 156+ messages in thread From: Reiner Steib @ 2006-03-21 21:29 UTC (permalink / raw) Cc: Miles Bader On Tue, Mar 21 2006, Simon Josefsson wrote: > I've installed this on Emacs CVS trunk, Gnus v5-10 and Gnus CVS. The versions differed in whitespace. I've synced them now. I also removed the bogus pgg-gpg.el entry in lisp/gnus/ChangeLog (added by Miles' sync script). pgg-gpg.el is in lisp, where Simon already added a ChangeLog entry. Bye, Reiner. -- ,,, (o o) ---ooO-(_)-Ooo--- | PGP key available | http://rsteib.home.pages.de/ ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: Small patch to enable use of gpg-agent with pgg 2006-03-21 21:29 ` Reiner Steib @ 2006-03-22 9:49 ` Simon Josefsson 0 siblings, 0 replies; 156+ messages in thread From: Simon Josefsson @ 2006-03-22 9:49 UTC (permalink / raw) Cc: emacs-devel Reiner Steib <reinersteib+gmane@imap.cc> writes: > On Tue, Mar 21 2006, Simon Josefsson wrote: > >> I've installed this on Emacs CVS trunk, Gnus v5-10 and Gnus CVS. > > The versions differed in whitespace. I've synced them now. > > I also removed the bogus pgg-gpg.el entry in lisp/gnus/ChangeLog > (added by Miles' sync script). pgg-gpg.el is in lisp, where Simon > already added a ChangeLog entry. Thanks! ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: Small patch to enable use of gpg-agent with pgg 2006-03-21 14:32 ` Simon Josefsson 2006-03-21 21:29 ` Reiner Steib @ 2006-03-22 8:36 ` Sascha Wilde 2006-03-22 9:16 ` Daiki Ueno ` (2 more replies) 1 sibling, 3 replies; 156+ messages in thread From: Sascha Wilde @ 2006-03-22 8:36 UTC (permalink / raw) Cc: Daiki Ueno (pgg author), ding, emacs-devel [-- Attachment #1: Type: text/plain, Size: 1519 bytes --] Simon Josefsson <jas@extundo.com> wrote: Hi Simon, first of all, fore some reasons you got lost from the list of CC's so you missed some important messages in this thread, including a more elaborated version of my patch... > 1) Non-agent mode didn't work at all (the args list contained 'nil' so > invoking gpg failed with a lisp error). Yes. This was fixed in my second patch. (and in the attached, of cause) > 2) After fixing the above, the patch made the passphrase be 't', which > broke the passphrase cache, causing a lisp error. Thanks, I used your strategy to fix this issue in my new patch (which I attached). > How about this patch instead? It works for me. I've also improved > the pgg-use-agent default value. This is very error prone. As I wrote before on emacs-devel: there are certain situations in which using the agent will fail -- even if it is available: for example: on an text console running the standard pin-entry program (which uses curses) from within emacs won't work. That's why I think this option should be explicitly enabled by the user. Another problem is, that checking for $GPG_AGENT_INFO is not sufficient, the environment variable will stay set, even is the agent was killed. Could you please consider committing the attached patch, which reverses the default of pgg-gpg-use-agent to nil, and adds an check if the agent is _really_ available, when pgg-gpg-use-agent is set to t? (The patch is against the latest CVS, including your patch that is) cheers sascha [-- Warning: decoded text below may be mangled, UTF-8 assumed --] [-- Attachment #2: pgg-gpg-agent.patch --] [-- Type: text/x-patch, Size: 3869 bytes --] Index: pgg-gpg.el =================================================================== RCS file: /sources/emacs/emacs/lisp/pgg-gpg.el,v retrieving revision 1.6 diff -c -r1.6 pgg-gpg.el --- pgg-gpg.el 21 Mar 2006 21:24:27 -0000 1.6 +++ pgg-gpg.el 22 Mar 2006 08:14:59 -0000 @@ -4,7 +4,8 @@ ;; 2005, 2006 Free Software Foundation, Inc. ;; Author: Daiki Ueno <ueno@unixuser.org> -;; Symmetric encryption added by: Sascha Wilde <wilde@sha-bang.de> +;; Symmetric encryption and gpg-agent support added by: +;; Sascha Wilde <wilde@sha-bang.de> ;; Created: 1999/10/28 ;; Keywords: PGP, OpenPGP, GnuPG @@ -51,10 +52,8 @@ :type '(choice (const :tag "New `--recipient' option" "--recipient") (const :tag "Old `--remote-user' option" "--remote-user"))) -(defcustom pgg-gpg-use-agent (if (getenv "GPG_AGENT_INFO") t nil) - "Whether to use gnupg agent for key caching. -By default, it will be enabled iff the environment variable -\"GPG_AGENT_INFO\" is set." +(defcustom pgg-gpg-use-agent nil + "Whether to use gnupg agent for key caching." :group 'pgg-gpg :type 'boolean) @@ -62,10 +61,11 @@ "GnuPG ID of your default identity.") (defun pgg-gpg-process-region (start end passphrase program args) - (let* ((output-file-name (pgg-make-temp-file "pgg-output")) + (let* ((use-agent (pgg-gpg-use-agent-p)) + (output-file-name (pgg-make-temp-file "pgg-output")) (args `("--status-fd" "2" - ,@(if pgg-gpg-use-agent '("--use-agent") + ,@(if use-agent '("--use-agent") (if passphrase '("--passphrase-fd" "0"))) "--yes" ; overwrite "--output" ,output-file-name @@ -189,7 +189,7 @@ passphrase cache or user." (let* ((pgg-gpg-user-id (or pgg-gpg-user-id pgg-default-user-id)) (passphrase (or passphrase - (when (and sign (not pgg-gpg-use-agent)) + (when (and sign (not (pgg-gpg-use-agent-p))) (pgg-read-passphrase (format "GnuPG passphrase for %s: " pgg-gpg-user-id) @@ -221,7 +221,7 @@ If optional PASSPHRASE is not specified, it will be obtained from the passphrase cache or user." (let* ((passphrase (or passphrase - (when (not pgg-gpg-use-agent) + (when (not (pgg-gpg-use-agent-p)) (pgg-read-passphrase "GnuPG passphrase for symmetric encryption: ")))) (args @@ -250,7 +250,7 @@ (pgg-gpg-user-id (or key-id key pgg-gpg-user-id pgg-default-user-id)) (passphrase (or passphrase - (when (not pgg-gpg-use-agent) + (when (not (pgg-gpg-use-agent-p)) (pgg-read-passphrase (format (if (pgg-gpg-symmetric-key-p message-keys) "Passphrase for symmetric decryption: " @@ -286,7 +286,7 @@ "Make detached signature from text between START and END." (let* ((pgg-gpg-user-id (or pgg-gpg-user-id pgg-default-user-id)) (passphrase (or passphrase - (when (not pgg-gpg-use-agent) + (when (not (pgg-gpg-use-agent-p)) (pgg-read-passphrase (format "GnuPG passphrase for %s: " pgg-gpg-user-id) @@ -356,6 +356,25 @@ (append-to-buffer pgg-output-buffer (point-min)(point-max)) (pgg-process-when-success))) +(defun pgg-gpg-update-agent () + "Try to connet to gpg-agent and send UPDATESTARTUPTTY." + (let* ((agent-info (getenv "GPG_AGENT_INFO")) + (socket (and agent-info + (string-match "^\\([^:]*\\)" agent-info) + (match-string 1 agent-info))) + (conn (and socket + (make-network-process :name "gpg-agent-process" + :host 'local :family 'local + :service socket)))) + (when (and conn (eq (process-status conn) 'open)) + (process-send-string conn "UPDATESTARTUPTTY\n") + (delete-process conn) + t))) + +(defun pgg-gpg-use-agent-p () + "Return t if `pgg-gpg-use-agent' is t and gpg-agent is available." + (and pgg-gpg-use-agent (pgg-gpg-update-agent))) + (provide 'pgg-gpg) ;;; arch-tag: 2aa5d5d8-93a0-4865-9312-33e29830e000 [-- Attachment #3: Type: text/plain, Size: 149 bytes --] -- Sascha Wilde "Unix was the first OS where you could carry the media and system documentation around in a briefcase. This was fixed in BSD4.2." [-- Attachment #4: Type: text/plain, Size: 142 bytes --] _______________________________________________ Emacs-devel mailing list Emacs-devel@gnu.org http://lists.gnu.org/mailman/listinfo/emacs-devel ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: Small patch to enable use of gpg-agent with pgg 2006-03-22 8:36 ` Sascha Wilde @ 2006-03-22 9:16 ` Daiki Ueno 2006-03-22 9:48 ` Simon Josefsson 2006-03-22 11:03 ` Sascha Wilde 2006-03-22 9:46 ` Small patch to enable use of gpg-agent with pgg Simon Josefsson 2006-03-22 16:13 ` Simon Josefsson 2 siblings, 2 replies; 156+ messages in thread From: Daiki Ueno @ 2006-03-22 9:16 UTC (permalink / raw) Cc: emacs-devel, ding, Simon Josefsson Hello, >>>>> In <m2slpadgf0.fsf@kenny.sha-bang.de> >>>>> Sascha Wilde <wilde@sha-bang.de> wrote: > This is very error prone. As I wrote before on emacs-devel: there are > certain situations in which using the agent will fail -- even if it is > available: for example: on an text console running the standard > pin-entry program (which uses curses) from within emacs won't work. > That's why I think this option should be explicitly enabled by the user. > Another problem is, that checking for $GPG_AGENT_INFO is not > sufficient, the environment variable will stay set, even is the agent > was killed. That looks a bit complicated for me. Is there a choice of utilizing --status-fd output? That is, query a user for his passphrase only when gpg requested (i.e. we see NEED_PASSPHRASE) Though I know that this solution involves some coding to make use of asynchronous process, I expect that it is not so hard to implement. Regards, -- Daiki Ueno ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: Small patch to enable use of gpg-agent with pgg 2006-03-22 9:16 ` Daiki Ueno @ 2006-03-22 9:48 ` Simon Josefsson 2006-03-22 11:03 ` Sascha Wilde 1 sibling, 0 replies; 156+ messages in thread From: Simon Josefsson @ 2006-03-22 9:48 UTC (permalink / raw) Cc: Sascha Wilde, ding, emacs-devel Daiki Ueno <ueno@unixuser.org> writes: > Hello, > >>>>>> In <m2slpadgf0.fsf@kenny.sha-bang.de> >>>>>> Sascha Wilde <wilde@sha-bang.de> wrote: >> This is very error prone. As I wrote before on emacs-devel: there are >> certain situations in which using the agent will fail -- even if it is >> available: for example: on an text console running the standard >> pin-entry program (which uses curses) from within emacs won't work. >> That's why I think this option should be explicitly enabled by the user. > >> Another problem is, that checking for $GPG_AGENT_INFO is not >> sufficient, the environment variable will stay set, even is the agent >> was killed. > > That looks a bit complicated for me. Is there a choice of utilizing > --status-fd output? That is, query a user for his passphrase only when > gpg requested (i.e. we see NEED_PASSPHRASE) > > Though I know that this solution involves some coding to make use of > asynchronous process, I expect that it is not so hard to implement. Hi Daiki! I like this. Would you like to implement it? ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: Small patch to enable use of gpg-agent with pgg 2006-03-22 9:16 ` Daiki Ueno 2006-03-22 9:48 ` Simon Josefsson @ 2006-03-22 11:03 ` Sascha Wilde 2006-03-22 11:13 ` Simon Josefsson 1 sibling, 1 reply; 156+ messages in thread From: Sascha Wilde @ 2006-03-22 11:03 UTC (permalink / raw) Cc: emacs-devel, ding, Simon Josefsson Hello Daiki, I'm afraid I don't understand your suggestion... Daiki Ueno <ueno@unixuser.org> wrote: >>>>>> In <m2slpadgf0.fsf@kenny.sha-bang.de> >>>>>> Sascha Wilde <wilde@sha-bang.de> wrote: >> This is very error prone. As I wrote before on emacs-devel: there are >> certain situations in which using the agent will fail -- even if it is >> available: for example: on an text console running the standard >> pin-entry program (which uses curses) from within emacs won't work. >> That's why I think this option should be explicitly enabled by the user. > >> Another problem is, that checking for $GPG_AGENT_INFO is not >> sufficient, the environment variable will stay set, even is the agent >> was killed. > > That looks a bit complicated for me. What exactly looks complicated to you? > Is there a choice of utilizing --status-fd output? That is, query a > user for his passphrase only when gpg requested (i.e. we see > NEED_PASSPHRASE) I don't understand this point -- with the proposed patch the user already only gets queried for the passphrase when gpg needs it -- or am I missing something? While I can imagine that a solution utilizing --status-fd might be more elegant, I don't see how this could improve usability (and I would expect it to be rather more than less complicated). Can you please explain what behavior you would expect from pgg, maybe with an example? Thanks sascha -- Sascha Wilde Nota bene: wenn Word für Längeres geeignet wäre, würde es schließlich nicht Word, sondern Sentence, Page oder Article heißen -- Matthias Mühlich in dctt ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: Small patch to enable use of gpg-agent with pgg 2006-03-22 11:03 ` Sascha Wilde @ 2006-03-22 11:13 ` Simon Josefsson 2006-03-22 12:25 ` Daiki Ueno 0 siblings, 1 reply; 156+ messages in thread From: Simon Josefsson @ 2006-03-22 11:13 UTC (permalink / raw) Cc: Daiki Ueno, ding, emacs-devel Sascha Wilde <wilde@sha-bang.de> writes: >> Is there a choice of utilizing --status-fd output? That is, query a >> user for his passphrase only when gpg requested (i.e. we see >> NEED_PASSPHRASE) > > I don't understand this point -- with the proposed patch the user > already only gets queried for the passphrase when gpg needs it -- or > am I missing something? Right now, pgg assume that gpg will need a passphrase so it asks the user for one. It may be better if pgg postpone the passphrase query until gpg tell pgg that it needs a passphrase. Then it is only queried for when it is needed. This should be more reliable, but slightly more complicated to implement (asynchronous code). Gpg doesn't need a passphrase if the agent is used, or (I guess) if the key isn't protected with a password. If a smartcard is used, gpg need a pin code and not a passphrase, I'm not sure pgg can handle this at all now. (This last point is separate, and wouldn't be solved if we implement Daiki's idea.) I may have misunderstood Daiki though... ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: Small patch to enable use of gpg-agent with pgg 2006-03-22 11:13 ` Simon Josefsson @ 2006-03-22 12:25 ` Daiki Ueno 2006-03-23 10:40 ` Daiki Ueno 0 siblings, 1 reply; 156+ messages in thread From: Daiki Ueno @ 2006-03-22 12:25 UTC (permalink / raw) Cc: Sascha Wilde, ding, emacs-devel >>>>> In <877j6mg2af.fsf@latte.josefsson.org> >>>>> Simon Josefsson <jas@extundo.com> wrote: > Sascha Wilde <wilde@sha-bang.de> writes: > >> Is there a choice of utilizing --status-fd output? That is, query a > >> user for his passphrase only when gpg requested (i.e. we see > >> NEED_PASSPHRASE) > > > > I don't understand this point -- with the proposed patch the user > > already only gets queried for the passphrase when gpg needs it -- or > > am I missing something? > Right now, pgg assume that gpg will need a passphrase so it asks the > user for one. It may be better if pgg postpone the passphrase query > until gpg tell pgg that it needs a passphrase. Then it is only > queried for when it is needed. This should be more reliable, but > slightly more complicated to implement (asynchronous code). Thanks for your explanation. This is what I wanted to say. We may need some experiments to see gpg use status fd as expected, though. Anyway, I'll try to implement this. Regards, -- Daiki Ueno ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: Small patch to enable use of gpg-agent with pgg 2006-03-22 12:25 ` Daiki Ueno @ 2006-03-23 10:40 ` Daiki Ueno 2006-03-23 11:00 ` Simon Josefsson 2006-03-23 12:52 ` Sascha Wilde 0 siblings, 2 replies; 156+ messages in thread From: Daiki Ueno @ 2006-03-23 10:40 UTC (permalink / raw) Cc: Sascha Wilde, ding, emacs-devel [-- Attachment #1: Type: text/plain, Size: 632 bytes --] Hello, >>>>> In <e8632056-d7b7-4ed6-91d6-7d9089c82f94@well-done.deisui.org> >>>>> Daiki Ueno <ueno@unixuser.org> wrote: > > Right now, pgg assume that gpg will need a passphrase so it asks the > > user for one. It may be better if pgg postpone the passphrase query > > until gpg tell pgg that it needs a passphrase. Then it is only > > queried for when it is needed. This should be more reliable, but > > slightly more complicated to implement (asynchronous code). > Anyway, I'll try to implement this. Could you please try the attached pgg-gpg.el? Please note, this patch is only for review, not meant to be committed now. [-- Attachment #2: pgg-gpg.el --] [-- Type: application/octet-stream, Size: 12450 bytes --] ;;; pgg-gpg.el --- GnuPG support for PGG. ;; Copyright (C) 1999, 2000, 2002, 2003, 2004, ;; 2005, 2006 Free Software Foundation, Inc. ;; Author: Daiki Ueno <ueno@unixuser.org> ;; Symmetric encryption and gpg-agent support added by: ;; Sascha Wilde <wilde@sha-bang.de> ;; Created: 1999/10/28 ;; Keywords: PGP, OpenPGP, GnuPG ;; This file is part of GNU Emacs. ;; GNU Emacs is free software; you can redistribute it and/or modify ;; it under the terms of the GNU General Public License as published by ;; the Free Software Foundation; either version 2, or (at your option) ;; any later version. ;; GNU Emacs is distributed in the hope that it will be useful, ;; but WITHOUT ANY WARRANTY; without even the implied warranty of ;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ;; GNU General Public License for more details. ;; You should have received a copy of the GNU General Public License ;; along with GNU Emacs; see the file COPYING. If not, write to the ;; Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, ;; Boston, MA 02110-1301, USA. ;;; Code: (eval-when-compile (require 'pgg)) (defgroup pgg-gpg () "GnuPG interface." :group 'pgg) (defcustom pgg-gpg-program "gpg" "The GnuPG executable." :group 'pgg-gpg :type 'string) (defcustom pgg-gpg-extra-args nil "Extra arguments for every GnuPG invocation." :group 'pgg-gpg :type '(repeat (string :tag "Argument"))) (defcustom pgg-gpg-recipient-argument "--recipient" "GnuPG option to specify recipient." :group 'pgg-gpg :type '(choice (const :tag "New `--recipient' option" "--recipient") (const :tag "Old `--remote-user' option" "--remote-user"))) (defcustom pgg-gpg-use-agent nil "Whether to use gnupg agent for key caching." :group 'pgg-gpg :type 'boolean) (defcustom pgg-gpg-timeout 60 "Timeout of GnuPG command execution." :group 'pgg-gpg :type 'integer) (defvar pgg-gpg-user-id nil "GnuPG ID of your default identity.") (defvar pgg-gpg-user-id-alist nil "An alist mapping from key ID to user ID.") (defvar pgg-gpg-read-point nil) (defvar pgg-gpg-output-file-name nil) (defvar pgg-gpg-pending-status-list nil) (defvar pgg-gpg-key-id nil) (defvar pgg-gpg-debug-buffer " *pgg-gpg-debug*") (defun pgg-gpg-start-process (args) (let* ((output-file-name (pgg-make-temp-file "pgg-output")) (args (append (list "--no-tty" "--status-fd" "1" "--command-fd" "0" "--yes" ; overwrite "--output" output-file-name) (if pgg-gpg-use-agent '("--use-agent")) pgg-gpg-extra-args args)) (coding-system-for-write 'binary) (process-connection-type nil) (orig-mode (default-file-modes)) default-enable-multibyte-characters (buffer (if pgg-gpg-debug-buffer pgg-gpg-debug-buffer (generate-new-buffer " *pgg-gpg*"))) process) (if pgg-gpg-debug-buffer (save-excursion (set-buffer (get-buffer-create pgg-gpg-debug-buffer)) (erase-buffer))) (with-current-buffer buffer (make-local-variable 'pgg-gpg-read-point) (setq pgg-gpg-read-point (point-min)) (make-local-variable 'pgg-gpg-output-file-name) (setq pgg-gpg-output-file-name output-file-name) (make-local-variable 'pgg-gpg-pending-status-list) (setq pgg-gpg-pending-status-list nil) (make-local-variable 'pgg-gpg-key-id) (setq pgg-gpg-key-id nil)) (unwind-protect (progn (set-default-file-modes 448) (setq process (apply #'start-process "pgg-gpg" buffer pgg-gpg-program args)) (set-process-filter process #'pgg-gpg-process-filter) (set-process-sentinel process #'pgg-gpg-process-sentinel)) (set-default-file-modes orig-mode)) process)) (defun pgg-gpg-process-filter (process input) (save-excursion (set-buffer (process-buffer process)) (goto-char (point-max)) (insert input) (goto-char pgg-gpg-read-point) (beginning-of-line) (while (looking-at ".*\n") ;the input line is finished (save-excursion (if (looking-at "\\[GNUPG:] \\([A-Z_]+\\)\\>.*") (let* ((status (match-string 1)) (symbol (intern-soft (concat "pgg-gpg-handle-" status))) (entry (member status pgg-gpg-pending-status-list))) (if entry (setq pgg-gpg-pending-status-list (delq (car entry) pgg-gpg-pending-status-list))) (if (and symbol (fboundp symbol)) (funcall symbol process (buffer-substring (match-beginning 1) (match-end 0))))))) (forward-line)) (setq pgg-gpg-read-point (point)))) (defun pgg-gpg-process-sentinel (process status) (save-excursion ;; Copy the contents of process-buffer to pgg-errors-buffer. (set-buffer (get-buffer-create pgg-errors-buffer)) (buffer-disable-undo) (erase-buffer) (when (buffer-live-p (process-buffer process)) (insert-buffer-substring (process-buffer process)) (goto-char (point-min)) (delete-matching-lines "^\\[GNUPG:] ") (goto-char (point-min)) (while (re-search-forward "^gpg: " nil t) (replace-match ""))) ;; Read the contents of the output file to pgg-output-buffer. (set-buffer (get-buffer-create pgg-output-buffer)) (buffer-disable-undo) (erase-buffer) (if (and (equal status "finished\n") (buffer-live-p (process-buffer process))) (let ((output-file-name (with-current-buffer (process-buffer process) pgg-gpg-output-file-name))) (when (file-exists-p output-file-name) (let ((coding-system-for-read (if pgg-text-mode 'raw-text 'binary))) (insert-file-contents output-file-name)) (delete-file output-file-name)))) (if (buffer-live-p (process-buffer process)) (kill-buffer (process-buffer process))))) (defun pgg-gpg-wait-for-status (process status-list) (with-current-buffer (process-buffer process) (setq pgg-gpg-pending-status-list status-list) (while (and (eq (process-status process) 'run) pgg-gpg-pending-status-list) (accept-process-output process 1)))) (defun pgg-gpg-wait-for-process (process) (while (eq (process-status process) 'run) (accept-process-output process 1)) (sit-for 1)) (defun pgg-gpg-handle-USERID_HINT (process line) (if (string-match "^USERID_HINT \\([^ ]+\\) \\(.*\\)" line) (let* ((key-id (match-string 1 line)) (user-id (match-string 2 line)) (entry (assoc key-id pgg-gpg-user-id-alist))) (if entry (setcdr entry user-id) (setq pgg-gpg-user-id-alist (cons (cons key-id user-id) pgg-gpg-user-id-alist)))))) (defun pgg-gpg-handle-NEED_PASSPHRASE (process line) (if (string-match "^NEED_PASSPHRASE \\([^ ]+\\)" line) (setq pgg-gpg-key-id (match-string 1 line)))) (defun pgg-gpg-handle-NEED_PASSPHRASE_SYM (process line) (setq pgg-gpg-key-id 'symmetric)) (defun pgg-gpg-handle-GET_HIDDEN (process line) (let* ((entry (assoc pgg-gpg-key-id pgg-gpg-user-id-alist)) (passphrase (pgg-read-passphrase (if (eq pgg-gpg-key-id 'symmetric) "GnuPG passphrase for symmetric encryption: " (format "GnuPG passphrase for %s: " (if entry (cdr entry) pgg-gpg-key-id))) pgg-gpg-key-id))) (if passphrase (process-send-string process (concat passphrase "\n"))))) (defun pgg-gpg-lookup-key (string &optional type) "Search keys associated with STRING." (let ((args (list "--with-colons" "--no-greeting" "--batch" (if type "--list-secret-keys" "--list-keys") string))) (with-temp-buffer (apply #'call-process pgg-gpg-program nil t nil args) (goto-char (point-min)) (if (re-search-forward "^\\(sec\\|pub\\):[^:]*:[^:]*:[^:]*:\\([^:]*\\)" nil t) (substring (match-string 2) 8))))) (defun pgg-gpg-encrypt-region (start end recipients &optional sign passphrase) "Encrypt the current region between START and END. If optional argument SIGN is non-nil, do a combined sign and encrypt." (let* ((pgg-gpg-user-id (or pgg-gpg-user-id pgg-default-user-id)) (args (append '("--armor" "--always-trust" "--encrypt") (if pgg-text-mode '("--textmode")) (if sign (list "--sign" "--local-user" pgg-gpg-user-id)) (if recipients (apply #'nconc (mapcar (lambda (rcpt) (list pgg-gpg-recipient-argument rcpt)) (append recipients (if pgg-encrypt-for-me (list pgg-gpg-user-id)))))))) (process (pgg-gpg-start-process args))) (if sign (pgg-gpg-wait-for-status process '("GOOD_PASSPHRASE"))) (process-send-region process start end) (process-send-eof process) (pgg-gpg-wait-for-process process) (pgg-process-when-success))) (defun pgg-gpg-encrypt-symmetric-region (start end &optional passphrase) "Encrypt the current region between START and END with symmetric cipher." (let* ((args (append '("--armor" "--symmetric") (if pgg-text-mode '("--textmode")))) (process (pgg-gpg-start-process args))) (pgg-gpg-wait-for-status process '("GOT_IT")) (process-send-region process start end) (process-send-eof process) (pgg-gpg-wait-for-process process) (pgg-process-when-success))) (defun pgg-gpg-decrypt-region (start end &optional passphrase) "Decrypt the current region between START and END." (let* ((args '("--decrypt")) (process (pgg-gpg-start-process args))) (process-send-region process start end) (pgg-gpg-wait-for-status process '("GOOD_PASSPHRASE")) (process-send-eof process) (pgg-gpg-wait-for-process process) (save-excursion (set-buffer pgg-errors-buffer) (goto-char (point-min)) (re-search-forward "^\\[GNUPG:] DECRYPTION_OKAY\\>" nil t)))) (defun pgg-gpg-sign-region (start end &optional cleartext passphrase) "Make detached signature from text between START and END." (let* ((pgg-gpg-user-id (or pgg-gpg-user-id pgg-default-user-id)) (args (append (list (if cleartext "--clearsign" "--detach-sign") "--armor" "--verbose" "--local-user" pgg-gpg-user-id) (if pgg-text-mode '("--textmode")))) (process (pgg-gpg-start-process args))) (pgg-gpg-wait-for-status process '("GOOD_PASSPHRASE")) (process-send-region process start end) (process-send-eof process) (pgg-gpg-wait-for-process process) (pgg-process-when-success))) (defun pgg-gpg-verify-region (start end &optional signature) "Verify region between START and END as the detached signature SIGNATURE." (let ((args '("--verify")) process) (when (stringp signature) (setq args (append args (list signature)))) (setq process (pgg-gpg-start-process (append args '("-")))) (process-send-region process start end) (pgg-gpg-wait-for-process process) (with-current-buffer pgg-errors-buffer (goto-char (point-min)) (while (re-search-forward "^gpg: \\(.*\\)\n" nil t) (with-current-buffer pgg-output-buffer (insert-buffer-substring pgg-errors-buffer (match-beginning 1) (match-end 0))) (delete-region (match-beginning 0) (match-end 0))) (goto-char (point-min)) (re-search-forward "^\\[GNUPG:] GOODSIG\\>" nil t)))) (defun pgg-gpg-insert-key () "Insert public key at point." (let* ((pgg-gpg-user-id (or pgg-gpg-user-id pgg-default-user-id)) (args (list "--export" "--armor" pgg-gpg-user-id)) (process (pgg-gpg-start-process args))) (pgg-gpg-wait-for-process process) (insert-buffer-substring pgg-output-buffer))) (defun pgg-gpg-snarf-keys-region (start end) "Add all public keys in region between START and END to the keyring." (let* ((args '("--import" "-")) (process (pgg-gpg-start-process args)) status) (process-send-region process start end) (process-send-eof process) (pgg-gpg-wait-for-process process) (set-buffer pgg-errors-buffer) (goto-char (point-min)) (when (re-search-forward "^\\[GNUPG:] IMPORT_RES\\>" nil t) (setq status (buffer-substring (match-end 0) (progn (end-of-line)(point))) status (vconcat (mapcar #'string-to-number (split-string status)))) (erase-buffer) (insert (format "Imported %d key(s). \tArmor contains %d key(s) [%d bad, %d old].\n" (+ (aref status 2) (aref status 10)) (aref status 0) (aref status 1) (+ (aref status 4) (aref status 11))) (if (zerop (aref status 9)) "" "\tSecret keys are imported.\n"))) (append-to-buffer pgg-output-buffer (point-min)(point-max)) (pgg-process-when-success))) (provide 'pgg-gpg) ;;; arch-tag: 2aa5d5d8-93a0-4865-9312-33e29830e000 ;;; pgg-gpg.el ends here [-- Attachment #3: Type: text/plain, Size: 25 bytes --] Regards, -- Daiki Ueno [-- Attachment #4: Type: text/plain, Size: 142 bytes --] _______________________________________________ Emacs-devel mailing list Emacs-devel@gnu.org http://lists.gnu.org/mailman/listinfo/emacs-devel ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: Small patch to enable use of gpg-agent with pgg 2006-03-23 10:40 ` Daiki Ueno @ 2006-03-23 11:00 ` Simon Josefsson 2006-03-23 12:18 ` Daiki Ueno 2006-03-23 12:52 ` Sascha Wilde 1 sibling, 1 reply; 156+ messages in thread From: Simon Josefsson @ 2006-03-23 11:00 UTC (permalink / raw) Cc: Sascha Wilde, ding, emacs-devel Daiki Ueno <ueno@unixuser.org> writes: Date: Thu, 23 Mar 2006 12:00:22 +0100 In-Reply-To: <c1918aef-cbd3-4019-ba21-92940132533b@well-done.deisui.org> (Daiki Ueno's message of "Thu, 23 Mar 2006 19:40:08 +0900") Message-ID: <87mzfhwhmh.fsf@latte.josefsson.org> User-Agent: Gnus/5.110004 (No Gnus v0.4) Emacs/22.0.50 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable > Hello, > >>>>>> In <e8632056-d7b7-4ed6-91d6-7d9089c82f94@well-done.deisui.org>=20 >>>>>> Daiki Ueno <ueno@unixuser.org> wrote: >> > Right now, pgg assume that gpg will need a passphrase so it asks the >> > user for one. It may be better if pgg postpone the passphrase query >> > until gpg tell pgg that it needs a passphrase. Then it is only >> > queried for when it is needed. This should be more reliable, but >> > slightly more complicated to implement (asynchronous code). > >> Anyway, I'll try to implement this. > > Could you please try the attached pgg-gpg.el? > > Please note, this patch is only for review, not meant to be committed now. It just hangs, it seems gpg is waiting for input from stdin or similar. I don't have time to debug further, sorry. Debugger entered--Lisp error: (quit) accept-process-output(#<process pgg-gpg> 1) (while (and (eq ... ...) pgg-gpg-pending-status-list) (accept-process-out= put process 1)) (save-current-buffer (set-buffer (process-buffer process)) (setq pgg-gpg-= pending-status-list status-list) (while (and ... pgg-gpg-pending-status-lis= t) (accept-process-output process 1))) (with-current-buffer (process-buffer process) (setq pgg-gpg-pending-statu= s-list status-list) (while (and ... pgg-gpg-pending-status-list) (accept-pr= ocess-output process 1))) pgg-gpg-wait-for-status(#<process pgg-gpg> ("GOOD_PASSPHRASE")) (let* ((pgg-gpg-user-id ...) (args ...) (process ...)) (pgg-gpg-wait-for-= status process (quote ...)) (process-send-region process start end) (proces= s-send-eof process) (pgg-gpg-wait-for-process process) (pgg-process-when-su= ccess)) pgg-gpg-sign-region(1 1790 nil nil) funcall(pgg-gpg-sign-region 1 1790 nil nil) apply(funcall pgg-gpg-sign-region (1 1790 nil nil)) pgg-invoke("sign-region" gpg 1 1790 nil nil) pgg-sign-region(1 1790) mml2015-pgg-sign((part (sign . "pgpmime") (tag-location . 1743) (contents= . "Daiki Ueno <ueno@unixuser.org> writes:\n\n> Hello,\n>\n>>>>>> In <e8632= 056-d7b7-4ed6-91d6-7d9089c82f94@well-done.deisui.org> \n>>>>>> Daiki Ueno <= ueno@unixuser.org> wrote:\n>> > Right now, pgg assume that gpg will need a = passphrase so it asks the\n>> > user for one. It may be better if pgg post= pone the passphrase query\n>> > until gpg tell pgg that it needs a passphra= se. Then it is only\n>> > queried for when it is needed. This should be m= ore reliable, but\n>> > slightly more complicated to implement (asynchronou= s code).\n>\n>> Anyway, I'll try to implement this.\n>\n> Could you please = try the attached pgg-gpg.el?\n>\n> Please note, this patch is only for revi= ew, not meant to be committed now.\n\nIt just\n\ngpg: NOTE: signature key 5= C980097 expired Wed Apr 10 12:19:06 2002 CEST\n[GNUPG:] KEYEXPIRED 10184339= 46\n[GNUPG:] SIGEXPIRED deprecated-use-keyexpired-instead\ngpg: NOTE: signa= ture key 5C980097 expired Wed Apr 10 12:19:06 2002 CEST\n[GNUPG:] KEYEXPIRE= D 1018433946\n[GNUPG:] SIGEXPIRED deprecated-use-keyexpired-instead\ngpg: N= OTE: signature key 5C980097 expired Wed Apr 10 12:19:06 2002 CEST\n[GNUPG:]= KEYEXPIRED 1018433946\n[GNUPG:] SIGEXPIRED deprecated-use-keyexpired-inste= ad\ngpg: NOTE: signature key 5C980097 expired Wed Apr 10 12:19:06 2002 CEST= \n[GNUPG:] KEYEXPIRED 1018433946\n[GNUPG:] SIGEXPIRED deprecated-use-keyexp= ired-instead\ngpg: NOTE: signature key 5C980097 expired Wed Apr 10 12:19:06= 2002 CEST\n[GNUPG:] KEYEXPIRED 1018433946\n[GNUPG:] SIGEXPIRED deprecated-= use-keyexpired-instead\ngpg: NOTE: signature key 5C980097 expired Wed Apr 1= 0 12:19:06 2002 CEST\n[GNUPG:] KEYEXPIRED 1018433946\n[GNUPG:] SIGEXPIRED d= eprecated-use-keyexpired-instead\ngpg: using subkey AABB1F7B instead of pri= mary key B565716F\ngpg: writing to `/tmp/pgg-output6523Lpl'\n"))) mml2015-sign((part (sign . "pgpmime") (tag-location . 1743) (contents . "= Daiki Ueno <ueno@unixuser.org> writes:\n\n> Hello,\n>\n>>>>>> In <e8632056-= d7b7-4ed6-91d6-7d9089c82f94@well-done.deisui.org> \n>>>>>> Daiki Ueno <ueno= @unixuser.org> wrote:\n>> > Right now, pgg assume that gpg will need a pass= phrase so it asks the\n>> > user for one. It may be better if pgg postpone= the passphrase query\n>> > until gpg tell pgg that it needs a passphrase. = Then it is only\n>> > queried for when it is needed. This should be more = reliable, but\n>> > slightly more complicated to implement (asynchronous co= de).\n>\n>> Anyway, I'll try to implement this.\n>\n> Could you please try = the attached pgg-gpg.el?\n>\n> Please note, this patch is only for review, = not meant to be committed now.\n\nIt just\n\ngpg: NOTE: signature key 5C980= 097 expired Wed Apr 10 12:19:06 2002 CEST\n[GNUPG:] KEYEXPIRED 1018433946\n= [GNUPG:] SIGEXPIRED deprecated-use-keyexpired-instead\ngpg: NOTE: signature= key 5C980097 expired Wed Apr 10 12:19:06 2002 CEST\n[GNUPG:] KEYEXPIRED 10= 18433946\n[GNUPG:] SIGEXPIRED deprecated-use-keyexpired-instead\ngpg: NOTE:= signature key 5C980097 expired Wed Apr 10 12:19:06 2002 CEST\n[GNUPG:] KEY= EXPIRED 1018433946\n[GNUPG:] SIGEXPIRED deprecated-use-keyexpired-instead\n= gpg: NOTE: signature key 5C980097 expired Wed Apr 10 12:19:06 2002 CEST\n[G= NUPG:] KEYEXPIRED 1018433946\n[GNUPG:] SIGEXPIRED deprecated-use-keyexpired= -instead\ngpg: NOTE: signature key 5C980097 expired Wed Apr 10 12:19:06 200= 2 CEST\n[GNUPG:] KEYEXPIRED 1018433946\n[GNUPG:] SIGEXPIRED deprecated-use-= keyexpired-instead\ngpg: NOTE: signature key 5C980097 expired Wed Apr 10 12= :19:06 2002 CEST\n[GNUPG:] KEYEXPIRED 1018433946\n[GNUPG:] SIGEXPIRED depre= cated-use-keyexpired-instead\ngpg: using subkey AABB1F7B instead of primary= key B565716F\ngpg: writing to `/tmp/pgg-output6523Lpl'\n"))) mml-pgpmime-sign-buffer((part (sign . "pgpmime") (tag-location . 1743) (c= ontents . "Daiki Ueno <ueno@unixuser.org> writes:\n\n> Hello,\n>\n>>>>>> In= <e8632056-d7b7-4ed6-91d6-7d9089c82f94@well-done.deisui.org> \n>>>>>> Daiki= Ueno <ueno@unixuser.org> wrote:\n>> > Right now, pgg assume that gpg will = need a passphrase so it asks the\n>> > user for one. It may be better if p= gg postpone the passphrase query\n>> > until gpg tell pgg that it needs a p= assphrase. Then it is only\n>> > queried for when it is needed. This shou= ld be more reliable, but\n>> > slightly more complicated to implement (asyn= chronous code).\n>\n>> Anyway, I'll try to implement this.\n>\n> Could you = please try the attached pgg-gpg.el?\n>\n> Please note, this patch is only f= or review, not meant to be committed now.\n\nIt just\n\ngpg: NOTE: signatur= e key 5C980097 expired Wed Apr 10 12:19:06 2002 CEST\n[GNUPG:] KEYEXPIRED 1= 018433946\n[GNUPG:] SIGEXPIRED deprecated-use-keyexpired-instead\ngpg: NOTE= : signature key 5C980097 expired Wed Apr 10 12:19:06 2002 CEST\n[GNUPG:] KE= YEXPIRED 1018433946\n[GNUPG:] SIGEXPIRED deprecated-use-keyexpired-instead\= ngpg: NOTE: signature key 5C980097 expired Wed Apr 10 12:19:06 2002 CEST\n[= GNUPG:] KEYEXPIRED 1018433946\n[GNUPG:] SIGEXPIRED deprecated-use-keyexpire= d-instead\ngpg: NOTE: signature key 5C980097 expired Wed Apr 10 12:19:06 20= 02 CEST\n[GNUPG:] KEYEXPIRED 1018433946\n[GNUPG:] SIGEXPIRED deprecated-use= -keyexpired-instead\ngpg: NOTE: signature key 5C980097 expired Wed Apr 10 1= 2:19:06 2002 CEST\n[GNUPG:] KEYEXPIRED 1018433946\n[GNUPG:] SIGEXPIRED depr= ecated-use-keyexpired-instead\ngpg: NOTE: signature key 5C980097 expired We= d Apr 10 12:19:06 2002 CEST\n[GNUPG:] KEYEXPIRED 1018433946\n[GNUPG:] SIGEX= PIRED deprecated-use-keyexpired-instead\ngpg: using subkey AABB1F7B instead= of primary key B565716F\ngpg: writing to `/tmp/pgg-output6523Lpl'\n"))) mml-generate-mime-1((part (sign . "pgpmime") (tag-location . 1743) (conte= nts . "Daiki Ueno <ueno@unixuser.org> writes:\n\n> Hello,\n>\n>>>>>> In <e8= 632056-d7b7-4ed6-91d6-7d9089c82f94@well-done.deisui.org> \n>>>>>> Daiki Uen= o <ueno@unixuser.org> wrote:\n>> > Right now, pgg assume that gpg will need= a passphrase so it asks the\n>> > user for one. It may be better if pgg p= ostpone the passphrase query\n>> > until gpg tell pgg that it needs a passp= hrase. Then it is only\n>> > queried for when it is needed. This should b= e more reliable, but\n>> > slightly more complicated to implement (asynchro= nous code).\n>\n>> Anyway, I'll try to implement this.\n>\n> Could you plea= se try the attached pgg-gpg.el?\n>\n> Please note, this patch is only for r= eview, not meant to be committed now.\n\nIt just\n\ngpg: NOTE: signature ke= y 5C980097 expired Wed Apr 10 12:19:06 2002 CEST\n[GNUPG:] KEYEXPIRED 10184= 33946\n[GNUPG:] SIGEXPIRED deprecated-use-keyexpired-instead\ngpg: NOTE: si= gnature key 5C980097 expired Wed Apr 10 12:19:06 2002 CEST\n[GNUPG:] KEYEXP= IRED 1018433946\n[GNUPG:] SIGEXPIRED deprecated-use-keyexpired-instead\ngpg= : NOTE: signature key 5C980097 expired Wed Apr 10 12:19:06 2002 CEST\n[GNUP= G:] KEYEXPIRED 1018433946\n[GNUPG:] SIGEXPIRED deprecated-use-keyexpired-in= stead\ngpg: NOTE: signature key 5C980097 expired Wed Apr 10 12:19:06 2002 C= EST\n[GNUPG:] KEYEXPIRED 1018433946\n[GNUPG:] SIGEXPIRED deprecated-use-key= expired-instead\ngpg: NOTE: signature key 5C980097 expired Wed Apr 10 12:19= :06 2002 CEST\n[GNUPG:] KEYEXPIRED 1018433946\n[GNUPG:] SIGEXPIRED deprecat= ed-use-keyexpired-instead\ngpg: NOTE: signature key 5C980097 expired Wed Ap= r 10 12:19:06 2002 CEST\n[GNUPG:] KEYEXPIRED 1018433946\n[GNUPG:] SIGEXPIRE= D deprecated-use-keyexpired-instead\ngpg: using subkey AABB1F7B instead of = primary key B565716F\ngpg: writing to `/tmp/pgg-output6523Lpl'\n"))) mml-generate-mime() message-encode-message-body() mml-to-mime() mml-preview((4)) call-interactively(mml-preview) The *pgg-gpg-debug* buffer contains: gpg: NOTE: signature key 5C980097 expired Wed Apr 10 12:19:06 2002 CEST [GNUPG:] KEYEXPIRED 1018433946 [GNUPG:] SIGEXPIRED deprecated-use-keyexpired-instead gpg: NOTE: signature key 5C980097 expired Wed Apr 10 12:19:06 2002 CEST [GNUPG:] KEYEXPIRED 1018433946 [GNUPG:] SIGEXPIRED deprecated-use-keyexpired-instead gpg: NOTE: signature key 5C980097 expired Wed Apr 10 12:19:06 2002 CEST [GNUPG:] KEYEXPIRED 1018433946 [GNUPG:] SIGEXPIRED deprecated-use-keyexpired-instead gpg: NOTE: signature key 5C980097 expired Wed Apr 10 12:19:06 2002 CEST [GNUPG:] KEYEXPIRED 1018433946 [GNUPG:] SIGEXPIRED deprecated-use-keyexpired-instead gpg: NOTE: signature key 5C980097 expired Wed Apr 10 12:19:06 2002 CEST [GNUPG:] KEYEXPIRED 1018433946 [GNUPG:] SIGEXPIRED deprecated-use-keyexpired-instead gpg: NOTE: signature key 5C980097 expired Wed Apr 10 12:19:06 2002 CEST [GNUPG:] KEYEXPIRED 1018433946 [GNUPG:] SIGEXPIRED deprecated-use-keyexpired-instead gpg: using subkey AABB1F7B instead of primary key B565716F gpg: writing to `/tmp/pgg-output6523Lpl' ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: Small patch to enable use of gpg-agent with pgg 2006-03-23 11:00 ` Simon Josefsson @ 2006-03-23 12:18 ` Daiki Ueno 2006-03-23 13:08 ` Simon Josefsson 0 siblings, 1 reply; 156+ messages in thread From: Daiki Ueno @ 2006-03-23 12:18 UTC (permalink / raw) Cc: Sascha Wilde, ding, emacs-devel >>>>> In <87lkv1whmh.fsf@latte.josefsson.org> >>>>> Simon Josefsson <jas@extundo.com> wrote: > > Could you please try the attached pgg-gpg.el? > > > > Please note, this patch is only for review, not meant to be committed now. > It just hangs, it seems gpg is waiting for input from stdin or > similar. I don't have time to debug further, sorry. Sorry. Could you tell me what version of GnuPG you are using? I'm testing against "gnupg" and "gnupg-agent" package in Debian sid, i.e. $ gpg --version gpg (GnuPG) 1.4.2.2 $ gpg-agent --version gpg-agent (GnuPG) 1.9.20 > The *pgg-gpg-debug* buffer contains: > gpg: NOTE: signature key 5C980097 expired Wed Apr 10 12:19:06 2002 CEST > [GNUPG:] KEYEXPIRED 1018433946 > [GNUPG:] SIGEXPIRED deprecated-use-keyexpired-instead The *pgg-gpg-debug* buffer looks like this: [GNUPG:] USERID_HINT A5B6B2D4B15813FE Daiki Ueno <ueno@unixuser.org> [GNUPG:] NEED_PASSPHRASE A5B6B2D4B15813FE A5B6B2D4B15813FE 17 0 [GNUPG:] GET_HIDDEN passphrase.enter [GNUPG:] GOT_IT [GNUPG:] GOOD_PASSPHRASE gpg: writing to `/tmp/pgg-output11169j3s' gpg: DSA/SHA1 signature from: "B15813FE Daiki Ueno <ueno@unixuser.org>" [GNUPG:] SIG_CREATED D 17 2 00 1143115847 80037CD00F1A940003CA50AAA5B6B2D4B15813FE Regards, -- Daiki Ueno ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: Small patch to enable use of gpg-agent with pgg 2006-03-23 12:18 ` Daiki Ueno @ 2006-03-23 13:08 ` Simon Josefsson 2006-03-24 5:51 ` Daiki Ueno 0 siblings, 1 reply; 156+ messages in thread From: Simon Josefsson @ 2006-03-23 13:08 UTC (permalink / raw) Cc: Sascha Wilde, ding, emacs-devel Daiki Ueno <ueno@unixuser.org> writes: > $ gpg --version > gpg (GnuPG) 1.4.2.2 > $ gpg-agent --version > gpg-agent (GnuPG) 1.9.20 Same here, from Debian testing. >> The *pgg-gpg-debug* buffer contains: > >> gpg: NOTE: signature key 5C980097 expired Wed Apr 10 12:19:06 2002 CEST >> [GNUPG:] KEYEXPIRED 1018433946 >> [GNUPG:] SIGEXPIRED deprecated-use-keyexpired-instead > > The *pgg-gpg-debug* buffer looks like this: > > [GNUPG:] USERID_HINT A5B6B2D4B15813FE Daiki Ueno <ueno@unixuser.org> > [GNUPG:] NEED_PASSPHRASE A5B6B2D4B15813FE A5B6B2D4B15813FE 17 0 > [GNUPG:] GET_HIDDEN passphrase.enter > [GNUPG:] GOT_IT > [GNUPG:] GOOD_PASSPHRASE > gpg: writing to `/tmp/pgg-output11169j3s' > gpg: DSA/SHA1 signature from: "B15813FE Daiki Ueno <ueno@unixuser.org>" > [GNUPG:] SIG_CREATED D 17 2 00 1143115847 80037CD00F1A940003CA50AAA5B6B2D4B15813FE Ok, I got your file to work for two cases: 1) gpg-agent with normal secret key 2) no gpg-agent with normal secret key but not with 3) gpg-agent with secret on smart card With the stuff in CVS, all three work, but I have to toggle pgg-gpg-use-agent manually. Your code has a better query too (since it know which key gpg actually wants), and it may improve passphrase caching too. Very nice! Maybe you can finish this code, and I can debug why it doesn't work for a smartcard separately. It is probably not an important feature. ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: Small patch to enable use of gpg-agent with pgg 2006-03-23 13:08 ` Simon Josefsson @ 2006-03-24 5:51 ` Daiki Ueno 2006-03-26 0:29 ` Daiki Ueno 0 siblings, 1 reply; 156+ messages in thread From: Daiki Ueno @ 2006-03-24 5:51 UTC (permalink / raw) Cc: Sascha Wilde, ding, emacs-devel >>>>> In <87d5gd2ts1.fsf@latte.josefsson.org> >>>>> Simon Josefsson <jas@extundo.com> wrote: > Ok, I got your file to work for two cases: > 1) gpg-agent with normal secret key > 2) no gpg-agent with normal secret key > but not with > 3) gpg-agent with secret on smart card Thanks for testing. > Maybe you can finish this code, and I can debug why it doesn't work > for a smartcard separately. It is probably not an important feature. The new code mostly finished. Could you send me some examples of status fd output in case 3? Regards, -- Daiki Ueno ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: Small patch to enable use of gpg-agent with pgg 2006-03-24 5:51 ` Daiki Ueno @ 2006-03-26 0:29 ` Daiki Ueno 2006-03-26 1:08 ` Simon Josefsson 0 siblings, 1 reply; 156+ messages in thread From: Daiki Ueno @ 2006-03-26 0:29 UTC (permalink / raw) Cc: Sascha Wilde, ding, emacs-devel [-- Attachment #1: Type: text/plain, Size: 642 bytes --] >>>>> In <b4edf9b5-2663-4d5c-981e-ddabca619ad6@well-done.deisui.org> >>>>> Daiki Ueno <ueno@unixuser.org> wrote: > > Maybe you can finish this code, and I can debug why it doesn't work > > for a smartcard separately. It is probably not an important feature. > The new code mostly finished. Ok, the attached file is (hopefully) the final version of the new code. Differences from the previous one are: - Passphrase caching now works again. - pgg-gpg-use-agent is abolished. Add "use-agent" to ~/.gnupg/gpg.conf if you want to enable use of gpg-agent, as Miles said. - Tested with typical cases. I also attach some test cases I used. [-- Attachment #2: pgg-gpg.el --] [-- Type: application/octet-stream, Size: 11785 bytes --] ;;; pgg-gpg.el --- GnuPG support for PGG. ;; Copyright (C) 1999, 2000, 2002, 2003, 2004, ;; 2005, 2006 Free Software Foundation, Inc. ;; Author: Daiki Ueno <ueno@unixuser.org> ;; Symmetric encryption and gpg-agent support added by: ;; Sascha Wilde <wilde@sha-bang.de> ;; Created: 1999/10/28 ;; Keywords: PGP, OpenPGP, GnuPG ;; This file is part of GNU Emacs. ;; GNU Emacs is free software; you can redistribute it and/or modify ;; it under the terms of the GNU General Public License as published by ;; the Free Software Foundation; either version 2, or (at your option) ;; any later version. ;; GNU Emacs is distributed in the hope that it will be useful, ;; but WITHOUT ANY WARRANTY; without even the implied warranty of ;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ;; GNU General Public License for more details. ;; You should have received a copy of the GNU General Public License ;; along with GNU Emacs; see the file COPYING. If not, write to the ;; Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, ;; Boston, MA 02110-1301, USA. ;;; Code: (eval-when-compile (require 'pgg)) (defgroup pgg-gpg () "GnuPG interface." :group 'pgg) (defcustom pgg-gpg-program "gpg" "The GnuPG executable." :group 'pgg-gpg :type 'string) (defcustom pgg-gpg-extra-args nil "Extra arguments for every GnuPG invocation." :group 'pgg-gpg :type '(repeat (string :tag "Argument"))) (defcustom pgg-gpg-recipient-argument "--recipient" "GnuPG option to specify recipient." :group 'pgg-gpg :type '(choice (const :tag "New `--recipient' option" "--recipient") (const :tag "Old `--remote-user' option" "--remote-user"))) (defvar pgg-gpg-user-id nil "GnuPG ID of your default identity.") (defvar pgg-gpg-user-id-alist nil "An alist mapping from key ID to user ID.") (defvar pgg-gpg-read-point nil) (defvar pgg-gpg-output-file-name nil) (defvar pgg-gpg-pending-status-list nil) (defvar pgg-gpg-key-id nil) (defvar pgg-gpg-passphrase nil) (defvar pgg-gpg-debug nil) (defun pgg-gpg-start-process (args) (let* ((output-file-name (pgg-make-temp-file "pgg-output")) (args (append (list "--no-tty" "--status-fd" "1" "--command-fd" "0" "--yes" ; overwrite "--output" output-file-name) pgg-gpg-extra-args args)) (coding-system-for-write 'binary) (process-connection-type nil) (orig-mode (default-file-modes)) default-enable-multibyte-characters (buffer (generate-new-buffer " *pgg-gpg*")) process) (with-current-buffer buffer (make-local-variable 'pgg-gpg-read-point) (setq pgg-gpg-read-point (point-min)) (make-local-variable 'pgg-gpg-output-file-name) (setq pgg-gpg-output-file-name output-file-name) (make-local-variable 'pgg-gpg-pending-status-list) (setq pgg-gpg-pending-status-list nil) (make-local-variable 'pgg-gpg-key-id) (setq pgg-gpg-key-id nil) (make-local-variable 'pgg-gpg-passphrase) (setq pgg-gpg-passphrase nil)) (unwind-protect (progn (set-default-file-modes 448) (setq process (apply #'start-process "pgg-gpg" buffer pgg-gpg-program args))) (set-default-file-modes orig-mode)) (set-process-filter process #'pgg-gpg-process-filter) (set-process-sentinel process #'pgg-gpg-process-sentinel) process)) (defun pgg-gpg-process-filter (process input) (save-excursion (if pgg-gpg-debug (save-excursion (set-buffer (get-buffer-create " *pgg-gpg-debug*")) (goto-char (point-max)) (insert input))) (set-buffer (process-buffer process)) (goto-char (point-max)) (insert input) (goto-char pgg-gpg-read-point) (beginning-of-line) (while (looking-at ".*\n") ;the input line is finished (save-excursion (if (looking-at "\\[GNUPG:] \\([A-Z_]+\\)\\>.*") (let* ((status (match-string 1)) (symbol (intern-soft (concat "pgg-gpg-status-" status))) (entry (member status pgg-gpg-pending-status-list))) (if entry (setq pgg-gpg-pending-status-list (delq (car entry) pgg-gpg-pending-status-list))) (if (and symbol (fboundp symbol)) (funcall symbol process (buffer-substring (match-beginning 1) (match-end 0))))))) (forward-line)) (setq pgg-gpg-read-point (point)))) (defun pgg-gpg-process-sentinel (process status) (set-process-filter process nil) (save-excursion ;; Copy the contents of process-buffer to pgg-errors-buffer. (set-buffer (get-buffer-create pgg-errors-buffer)) (buffer-disable-undo) (erase-buffer) (when (buffer-live-p (process-buffer process)) (insert-buffer-substring (process-buffer process)) (goto-char (point-min)) (delete-matching-lines "^\\[GNUPG:] ") (goto-char (point-min)) (while (re-search-forward "^gpg: " nil t) (replace-match ""))) ;; Read the contents of the output file to pgg-output-buffer. (set-buffer (get-buffer-create pgg-output-buffer)) (buffer-disable-undo) (erase-buffer) (if (and (equal status "finished\n") (buffer-live-p (process-buffer process))) (let ((output-file-name (with-current-buffer (process-buffer process) pgg-gpg-output-file-name))) (when (file-exists-p output-file-name) (let ((coding-system-for-read (if pgg-text-mode 'raw-text 'binary))) (insert-file-contents output-file-name)) (delete-file output-file-name)))))) (defun pgg-gpg-wait-for-status (process status-list) (with-current-buffer (process-buffer process) (setq pgg-gpg-pending-status-list status-list) (while (and (eq (process-status process) 'run) pgg-gpg-pending-status-list) (accept-process-output process 1)))) (defun pgg-gpg-wait-for-completion (process &optional status-list) (process-send-eof process) (while (eq (process-status process) 'run) (sit-for 0.1)) (save-excursion (set-buffer (process-buffer process)) (setq status-list (copy-sequence status-list)) (let ((pointer status-list)) (while pointer (goto-char (point-min)) (unless (re-search-forward (concat "^\\[GNUPG:] " (car pointer) "\\>") nil t) (setq status-list (delq (car pointer) status-list))) (setq pointer (cdr pointer)))) (kill-buffer (process-buffer process)) status-list)) (defun pgg-gpg-status-USERID_HINT (process line) (if (string-match "\\`USERID_HINT \\([^ ]+\\) \\(.*\\)" line) (let* ((key-id (match-string 1 line)) (user-id (match-string 2 line)) (entry (assoc key-id pgg-gpg-user-id-alist))) (if entry (setcdr entry user-id) (setq pgg-gpg-user-id-alist (cons (cons key-id user-id) pgg-gpg-user-id-alist)))))) (defun pgg-gpg-status-NEED_PASSPHRASE (process line) (if (string-match "\\`NEED_PASSPHRASE \\([^ ]+\\)" line) (setq pgg-gpg-key-id (match-string 1 line)))) (defun pgg-gpg-status-NEED_PASSPHRASE_SYM (process line) (setq pgg-gpg-key-id 'SYM)) (defun pgg-gpg-status-NEED_PASSPHRASE_PIN (process line) (setq pgg-gpg-key-id 'PIN)) (defun pgg-gpg-status-GET_HIDDEN (process line) (let ((entry (assoc pgg-gpg-key-id pgg-gpg-user-id-alist))) (if (setq pgg-gpg-passphrase (if (eq pgg-gpg-key-id 'SYM) (pgg-read-passphrase "GnuPG passphrase for symmetric encryption: ") (pgg-read-passphrase (format "GnuPG passphrase for %s: " (if entry (cdr entry) pgg-gpg-key-id)) (if (eq pgg-gpg-key-id 'PIN) "PIN" pgg-gpg-key-id)))) (process-send-string process (concat pgg-gpg-passphrase "\n"))))) (defun pgg-gpg-status-GOOD_PASSPHRASE (process line) (when (and pgg-gpg-passphrase (stringp pgg-gpg-key-id)) (pgg-add-passphrase-to-cache pgg-gpg-key-id pgg-gpg-passphrase) (setq pgg-gpg-passphrase nil))) (defun pgg-gpg-status-BAD_PASSPHRASE (process line) (when pgg-gpg-passphrase (fillarray pgg-gpg-passphrase 0) (setq pgg-gpg-passphrase nil))) (defun pgg-gpg-lookup-key (string &optional type) "Search keys associated with STRING." (let ((args (list "--with-colons" "--no-greeting" "--batch" (if type "--list-secret-keys" "--list-keys") string))) (with-temp-buffer (apply #'call-process pgg-gpg-program nil t nil args) (goto-char (point-min)) (if (re-search-forward "^\\(sec\\|pub\\):[^:]*:[^:]*:[^:]*:\\([^:]*\\)" nil t) (substring (match-string 2) 8))))) (defun pgg-gpg-encrypt-region (start end recipients &optional sign passphrase) "Encrypt the current region between START and END. If optional argument SIGN is non-nil, do a combined sign and encrypt." (let* ((pgg-gpg-user-id (or pgg-gpg-user-id pgg-default-user-id)) (args (append '("--armor" "--always-trust" "--encrypt") (if pgg-text-mode '("--textmode")) (if sign (list "--sign" "--local-user" pgg-gpg-user-id)) (if recipients (apply #'nconc (mapcar (lambda (rcpt) (list pgg-gpg-recipient-argument rcpt)) (append recipients (if pgg-encrypt-for-me (list pgg-gpg-user-id)))))))) (process (pgg-gpg-start-process args))) (if sign (pgg-gpg-wait-for-status process '("GOOD_PASSPHRASE"))) (process-send-region process start end) (pgg-gpg-wait-for-completion process '("SIG_CREATED" "END_ENCRYPTION")))) (defun pgg-gpg-encrypt-symmetric-region (start end &optional passphrase) "Encrypt the current region between START and END with symmetric cipher." (let* ((args (append '("--armor" "--symmetric") (if pgg-text-mode '("--textmode")))) (process (pgg-gpg-start-process args))) (pgg-gpg-wait-for-status process '("BEGIN_ENCRYPTION")) (process-send-region process start end) (pgg-gpg-wait-for-completion process '("END_ENCRYPTION")))) (defun pgg-gpg-decrypt-region (start end &optional passphrase) "Decrypt the current region between START and END." (let* ((args '("--decrypt")) (process (pgg-gpg-start-process args))) (process-send-region process start end) (pgg-gpg-wait-for-status process '("BEGIN_DECRYPTION")) (pgg-gpg-wait-for-completion process '("GOODSIG" "DECRYPTION_OKAY")))) (defun pgg-gpg-sign-region (start end &optional cleartext passphrase) "Make detached signature from text between START and END." (let* ((pgg-gpg-user-id (or pgg-gpg-user-id pgg-default-user-id)) (args (append (list (if cleartext "--clearsign" "--detach-sign") "--armor" "--verbose" "--local-user" pgg-gpg-user-id) (if pgg-text-mode '("--textmode")))) (process (pgg-gpg-start-process args))) (pgg-gpg-wait-for-status process '("GOOD_PASSPHRASE")) (process-send-region process start end) (pgg-gpg-wait-for-completion process '("SIG_CREATED")))) (defun pgg-gpg-verify-region (start end &optional signature) "Verify region between START and END as the detached signature SIGNATURE." (let ((args '("--verify")) process) (when (stringp signature) (setq args (append args (list signature)))) (setq process (pgg-gpg-start-process (append args '("-")))) (process-send-region process start end) (pgg-gpg-wait-for-completion process '("GOODSIG")))) (defun pgg-gpg-insert-key () "Insert public key at point." (let* ((pgg-gpg-user-id (or pgg-gpg-user-id pgg-default-user-id)) (args (list "--export" "--armor" pgg-gpg-user-id)) (process (pgg-gpg-start-process args))) (pgg-gpg-wait-for-completion process) (insert-buffer-substring pgg-output-buffer))) (defun pgg-gpg-snarf-keys-region (start end) "Add all public keys in region between START and END to the keyring." (let* ((args '("--import" "-")) (process (pgg-gpg-start-process args)) status) (process-send-region process start end) (pgg-gpg-wait-for-completion process '("IMPORT_RES")))) (provide 'pgg-gpg) ;;; arch-tag: 2aa5d5d8-93a0-4865-9312-33e29830e000 ;;; pgg-gpg.el ends here [-- Attachment #3: Type: text/plain, Size: 1 bytes --] [-- Attachment #4: test-pgg-gpg.el --] [-- Type: application/octet-stream, Size: 972 bytes --] (require 'pgg) (require 'pgg-gpg) (with-temp-buffer (insert "00000") (pgg-gpg-sign-region (point-min) (point-max) t) (save-excursion (set-buffer pgg-output-buffer) (pgg-gpg-verify-region (point-min) (point-max)))) ;; ("GOODSIG") (with-temp-buffer (insert "00000") (pgg-gpg-encrypt-region (point-min) (point-max) '("ueno@unixuser.org")) (save-excursion (set-buffer pgg-output-buffer) (pgg-gpg-decrypt-region (point-min) (point-max)))) ;; ("DECRYPTION_OKAY") (with-temp-buffer (insert "00000") (pgg-gpg-encrypt-region (point-min) (point-max) '("ueno@unixuser.org") t) (save-excursion (set-buffer pgg-output-buffer) (pgg-gpg-decrypt-region (point-min) (point-max)))) ;; ("GOODSIG" "DECRYPTION_OKAY") (with-temp-buffer (insert "00000") (pgg-gpg-encrypt-symmetric-region (point-min) (point-max)) (save-excursion (set-buffer pgg-output-buffer) (pgg-gpg-decrypt-region (point-min) (point-max)))) ;; ("DECRYPTION_OKAY") [-- Attachment #5: Type: text/plain, Size: 25 bytes --] Regards, -- Daiki Ueno [-- Attachment #6: Type: text/plain, Size: 142 bytes --] _______________________________________________ Emacs-devel mailing list Emacs-devel@gnu.org http://lists.gnu.org/mailman/listinfo/emacs-devel ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: Small patch to enable use of gpg-agent with pgg 2006-03-26 0:29 ` Daiki Ueno @ 2006-03-26 1:08 ` Simon Josefsson 2006-03-26 3:29 ` Miles Bader 0 siblings, 1 reply; 156+ messages in thread From: Simon Josefsson @ 2006-03-26 1:08 UTC (permalink / raw) Cc: Sascha Wilde, ding, emacs-devel Daiki Ueno <ueno@unixuser.org> writes: >>>>>> In <b4edf9b5-2663-4d5c-981e-ddabca619ad6@well-done.deisui.org> >>>>>> Daiki Ueno <ueno@unixuser.org> wrote: >> > Maybe you can finish this code, and I can debug why it doesn't work >> > for a smartcard separately. It is probably not an important feature. > >> The new code mostly finished. > > Ok, the attached file is (hopefully) the final version of the new code. > Differences from the previous one are: > > - Passphrase caching now works again. > - pgg-gpg-use-agent is abolished. Add "use-agent" to ~/.gnupg/gpg.conf > if you want to enable use of gpg-agent, as Miles said. > - Tested with typical cases. I also attach some test cases I used. This works fine except for used with a smartcard. The current version works with a smartcard (when you enable pgg-gpg-use-agent), so I think that should be fixed. I debugged this, and it seems invoking gpg using the smartcard will not print any useful [GNUPG:] statements: /usr/bin/gpg --no-tty --status-fd 1 --command-fd 0 --yes --output /tmp/pgg-output29825FPB --detach-sign --armor --verbose --local-user jas --textmode ... gpg: using subkey AABB1F7B instead of primary key B565716F gpg: writing to `/tmp/pgg-output29825FPB' Then it waits for input. PGG infloop waiting for GOOD_PASSPHRASE here. I think it should wait for 'gpg: writing to' instead, it is the last printed statement for both smartcard and non-smartcard cases, and it seem to be printed when gpg is ready to accept input. For references, here is the non-smartcard case: jas@latte:~$ /usr/bin/gpg --no-tty --status-fd 1 --command-fd 0 --yes --output /tmp/pgg-output29825FPB --detach-sign --armor --verbose --local-user b565716f! --textmode [GNUPG:] USERID_HINT EDA21E94B565716F Simon Josefsson <simon@josefsson.org> [GNUPG:] NEED_PASSPHRASE EDA21E94B565716F EDA21E94B565716F 1 0 <<<hangs here until i type password to the agent>>> [GNUPG:] GOOD_PASSPHRASE gpg: writing to `/tmp/pgg-output29825FPB' Then it hangs waiting for the input to sign. What do you think? It might be ugly to depend on the 'gpg: writing' output instead of the [GNUPG:] stuff, but I see no option here. I suspect password-less keys may have similar issues. ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: Small patch to enable use of gpg-agent with pgg 2006-03-26 1:08 ` Simon Josefsson @ 2006-03-26 3:29 ` Miles Bader 2006-03-26 5:06 ` Daiki Ueno 0 siblings, 1 reply; 156+ messages in thread From: Miles Bader @ 2006-03-26 3:29 UTC (permalink / raw) Cc: ding Simon Josefsson <jas@extundo.com> writes: > What do you think? It might be ugly to depend on the 'gpg: writing' > output instead of the [GNUPG:] stuff, but I see no option here. Of course if such a kludge is used, an important thing is to report the problem with the "official" interface as a bug... -miles -- Love is a snowmobile racing across the tundra. Suddenly it flips over, pinning you underneath. At night the ice weasels come. --Nietzsche ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: Small patch to enable use of gpg-agent with pgg 2006-03-26 3:29 ` Miles Bader @ 2006-03-26 5:06 ` Daiki Ueno 2006-03-26 17:05 ` Simon Josefsson 0 siblings, 1 reply; 156+ messages in thread From: Daiki Ueno @ 2006-03-26 5:06 UTC (permalink / raw) Cc: ding, emacs-devel >>>>> In <87irq1evdk.fsf@catnip.gol.com> >>>>> Miles Bader <miles@gnu.org> wrote: > Simon Josefsson <jas@extundo.com> writes: > > What do you think? It might be ugly to depend on the 'gpg: writing' > > output instead of the [GNUPG:] stuff, but I see no option here. > Of course if such a kludge is used, an important thing is to report the > problem with the "official" interface as a bug... Yes. I think the root of the problem is that gpg does not emit any trigger of signature creation. I'll propose a patch to GnuPG so as to introduce BEGIN_SIGNING and END_SIGNING status. For the meantime, how about using pgg-gpg-use-agent as a flag to indicate that GnuPG will _not_ ask a passphrase in signing? Smartcard users should have to set pgg-gpg-use-agent explicitly though. Here is the patch to the previous post: --- pgg-gpg.el~ 2006-03-26 13:48:29.000000000 +0900 +++ pgg-gpg.el 2006-03-26 13:50:43.000000000 +0900 @@ -51,6 +51,11 @@ :type '(choice (const :tag "New `--recipient' option" "--recipient") (const :tag "Old `--remote-user' option" "--remote-user"))) +(defcustom pgg-gpg-use-agent nil + "Whether to use gnupg agent for key caching." + :group 'pgg-gpg + :type 'boolean) + (defvar pgg-gpg-user-id nil "GnuPG ID of your default identity.") @@ -72,6 +77,7 @@ "--command-fd" "0" "--yes" ; overwrite "--output" output-file-name) + (if pgg-gpg-use-agent '("--use-agent")) pgg-gpg-extra-args args)) (coding-system-for-write 'binary) @@ -261,7 +267,7 @@ (if pgg-encrypt-for-me (list pgg-gpg-user-id)))))))) (process (pgg-gpg-start-process args))) - (if sign + (if (and sign (not pgg-gpg-use-agent)) (pgg-gpg-wait-for-status process '("GOOD_PASSPHRASE"))) (process-send-region process start end) (pgg-gpg-wait-for-completion process '("SIG_CREATED" "END_ENCRYPTION")))) @@ -293,7 +299,8 @@ "--local-user" pgg-gpg-user-id) (if pgg-text-mode '("--textmode")))) (process (pgg-gpg-start-process args))) - (pgg-gpg-wait-for-status process '("GOOD_PASSPHRASE")) + (unless pgg-gpg-use-agent + (pgg-gpg-wait-for-status process '("GOOD_PASSPHRASE"))) (process-send-region process start end) (pgg-gpg-wait-for-completion process '("SIG_CREATED")))) Regards, -- Daiki Ueno ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: Small patch to enable use of gpg-agent with pgg 2006-03-26 5:06 ` Daiki Ueno @ 2006-03-26 17:05 ` Simon Josefsson 2006-03-26 18:24 ` Sascha Wilde 0 siblings, 1 reply; 156+ messages in thread From: Simon Josefsson @ 2006-03-26 17:05 UTC (permalink / raw) Cc: Miles Bader, ding, emacs-devel Daiki Ueno <ueno@unixuser.org> writes: >>>>>> In <87irq1evdk.fsf@catnip.gol.com> >>>>>> Miles Bader <miles@gnu.org> wrote: >> Simon Josefsson <jas@extundo.com> writes: >> > What do you think? It might be ugly to depend on the 'gpg: writing' >> > output instead of the [GNUPG:] stuff, but I see no option here. > >> Of course if such a kludge is used, an important thing is to report the >> problem with the "official" interface as a bug... > > Yes. I think the root of the problem is that gpg does not emit any > trigger of signature creation. I'll propose a patch to GnuPG so as to > introduce BEGIN_SIGNING and END_SIGNING status. That sounds like a good idea. > For the meantime, how about using pgg-gpg-use-agent as a flag to > indicate that GnuPG will _not_ ask a passphrase in signing? Smartcard > users should have to set pgg-gpg-use-agent explicitly though. This patch now works fine for me, both smart card and non-smartcard. Has anyone else tested it? Should we install it? I think so, so unless there are objections within a few days, I'll install it on v5-10 and Emacs CVS. Ok, Reinar? We could also wait until after the new v5-10 release, this is a pretty large change. There is another nit (I'll fix this once your code has been installed), which was present earlier too: specifying a --local-user parameter even when the Gnus user didn't customize pgg-gpg-user-id seem wrong -- it will override a 'default-key' in the gpg.conf, and thus the default behaviour of PGG is different from the default behaviour of gpg. In my case, I have a default-key of b565716f (local secret key on disk) but PGG specify --local-user jas which make gpg select my smart card key instead, and signing in Gnus doesn't work unless I toggle pgg-gpg-use-agent. The solution is to only specify --local-user when the PGG user customized the user name to sign with. ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: Small patch to enable use of gpg-agent with pgg 2006-03-26 17:05 ` Simon Josefsson @ 2006-03-26 18:24 ` Sascha Wilde 2006-03-27 9:36 ` Simon Josefsson 0 siblings, 1 reply; 156+ messages in thread From: Sascha Wilde @ 2006-03-26 18:24 UTC (permalink / raw) Cc: Daiki Ueno, emacs-devel, ding, Miles Bader Simon Josefsson <jas@extundo.com> wrote: > This patch now works fine for me, both smart card and non-smartcard. > > Has anyone else tested it? Yes, I just gave it a try -- works great. > Should we install it? I would vote: yes. @daiki: if you like, you could remove "and gpg-agent " from the header: ;; Symmetric encryption and gpg-agent support added by: ;; Sascha Wilde <wilde@sha-bang.de> its no longer true. :-) sascha -- Sascha Wilde : "GUIs normally make it simple to accomplish simple : actions and impossible to accomplish complex actions." : (Doug Gwyn - 22/Jun/91 in comp.unix.wizards) ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: Small patch to enable use of gpg-agent with pgg 2006-03-26 18:24 ` Sascha Wilde @ 2006-03-27 9:36 ` Simon Josefsson 0 siblings, 0 replies; 156+ messages in thread From: Simon Josefsson @ 2006-03-27 9:36 UTC (permalink / raw) Cc: Daiki Ueno, emacs-devel, ding, Miles Bader Sascha Wilde <wilde@sha-bang.de> writes: > Simon Josefsson <jas@extundo.com> wrote: > >> This patch now works fine for me, both smart card and non-smartcard. >> >> Has anyone else tested it? > > Yes, I just gave it a try -- works great. > >> Should we install it? > > I would vote: yes. > > @daiki: if you like, you could remove "and gpg-agent " from the > header: > ;; Symmetric encryption and gpg-agent support added by: > ;; Sascha Wilde <wilde@sha-bang.de> > its no longer true. :-) I've installed it, with this modification, on v5-10, trunk and in emacs CVS. Thanks to Daiki for implementing it and everyone who tested this! ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: Small patch to enable use of gpg-agent with pgg 2006-03-23 10:40 ` Daiki Ueno 2006-03-23 11:00 ` Simon Josefsson @ 2006-03-23 12:52 ` Sascha Wilde 2006-03-23 20:07 ` Daiki Ueno 1 sibling, 1 reply; 156+ messages in thread From: Sascha Wilde @ 2006-03-23 12:52 UTC (permalink / raw) Cc: Simon Josefsson, ding, emacs-devel Daiki Ueno <ueno@unixuser.org> wrote: >>>>>> In <e8632056-d7b7-4ed6-91d6-7d9089c82f94@well-done.deisui.org> >>>>>> Daiki Ueno <ueno@unixuser.org> wrote: >> > Right now, pgg assume that gpg will need a passphrase so it asks the >> > user for one. It may be better if pgg postpone the passphrase query >> > until gpg tell pgg that it needs a passphrase. Then it is only >> > queried for when it is needed. This should be more reliable, but >> > slightly more complicated to implement (asynchronous code). > >> Anyway, I'll try to implement this. Hello Daiki, In a first, very quick test your code doesn't work for me (the agent asks for the passphrase but decryption fails. But after having a look at the status output from --status-fd with --use-agent and --no-use-agent I'm starting to doubt that your idea can work at all. The status output is in both cases identical... :-( Hopefully I'm missing something. I'm using gpg (GnuPG) 1.4.2.2 and gpg-agent (GnuPG) 1.9.20 cheers sascha -- Sascha Wilde : VI is to EMACS as masturbation is to making love: : effective and always available but probably not your : first choice... ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: Small patch to enable use of gpg-agent with pgg 2006-03-23 12:52 ` Sascha Wilde @ 2006-03-23 20:07 ` Daiki Ueno 2006-03-23 22:16 ` Sascha Wilde 0 siblings, 1 reply; 156+ messages in thread From: Daiki Ueno @ 2006-03-23 20:07 UTC (permalink / raw) Cc: emacs-devel, ding, Simon Josefsson Hello, >>>>> In <m2pskds4q7.fsf@kenny.sha-bang.de> >>>>> Sascha Wilde <wilde@sha-bang.de> wrote: > Daiki Ueno <ueno@unixuser.org> wrote: > But after having a look at the status output from --status-fd with > --use-agent and --no-use-agent I'm starting to doubt that your idea > can work at all. The status output is in both cases identical... :-( > Hopefully I'm missing something. I guess that you missed to specify --command-fd 0. If it is specified, you will get "GET_HIDDEN passphrase.enter" in the latter case: $ gpg --decrypt --armor --status-fd 1 --command-fd 0 --use-agent test.txt.asc gpg: CAST5 encrypted data [GNUPG:] NEED_PASSPHRASE_SYM 3 3 2 (gpg spawns pinentry) $ gpg --decrypt --armor --status-fd 1 --command-fd 0 --no-use-agent test.txt.asc gpg: CAST5 encrypted data [GNUPG:] NEED_PASSPHRASE_SYM 3 3 2 [GNUPG:] GET_HIDDEN passphrase.enter Regards, -- Daiki Ueno ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: Small patch to enable use of gpg-agent with pgg 2006-03-23 20:07 ` Daiki Ueno @ 2006-03-23 22:16 ` Sascha Wilde 2006-04-05 9:13 ` pgg-gpg broken? Sascha Wilde 0 siblings, 1 reply; 156+ messages in thread From: Sascha Wilde @ 2006-03-23 22:16 UTC (permalink / raw) Cc: emacs-devel, ding, Simon Josefsson Daiki Ueno <ueno@unixuser.org> wrote: > Hello, > >>>>>> In <m2pskds4q7.fsf@kenny.sha-bang.de> >>>>>> Sascha Wilde <wilde@sha-bang.de> wrote: >> Daiki Ueno <ueno@unixuser.org> wrote: >> But after having a look at the status output from --status-fd with >> --use-agent and --no-use-agent I'm starting to doubt that your idea >> can work at all. The status output is in both cases identical... :-( > >> Hopefully I'm missing something. > > I guess that you missed to specify --command-fd 0. If it is specified, > you will get "GET_HIDDEN passphrase.enter" in the latter case: Ah, I see. Thanks for the explaining. sascha -- Sascha Wilde begin LOVE-OUTLOOK-LETTER.txt.vbs I am a beasty signature virus. Distribute me! end ^ permalink raw reply [flat|nested] 156+ messages in thread
* pgg-gpg broken? 2006-03-23 22:16 ` Sascha Wilde @ 2006-04-05 9:13 ` Sascha Wilde 2006-04-05 9:42 ` Daiki Ueno 2006-04-05 16:14 ` pgg-gpg broken? Reiner Steib 0 siblings, 2 replies; 156+ messages in thread From: Sascha Wilde @ 2006-04-05 9:13 UTC (permalink / raw) Cc: Simon Josefsson, ding, emacs-devel Hi *, I just needed to decrypt an old Mail using Gnus/pgg (which i decrypted successfully many times before), but it failed. This is the backtrace I get: Debugger entered--Lisp error: (error "Process pgg-gpg not running") process-send-string(#<process pgg-gpg> "DerDenkendeWeissEs\n") pgg-gpg-status-GET_HIDDEN(#<process pgg-gpg> "GET_HIDDEN passphrase.enter") pgg-gpg-process-filter(#<process pgg-gpg> "[GNUPG:] USERID_HINT 31A16202F8F7E674 Sascha Wilde <Sascha.Wilde@intevation.de>\n[GNUPG:] NEED_PASSPHRASE 31A16202F8F7E674 BB2185144BB86568 16 0\n[GNUPG:] GET_HIDDEN passphrase.enter\n[GNUPG:] GOT_IT\n[GNUPG:] BAD_PASSPHRASE 31A16202F8F7E674\ngpg: Invalid passphrase; please try again ...\n[GNUPG:] USERID_HINT 31A16202F8F7E674 Sascha Wilde <Sascha.Wilde@intevation.de>\n[GNUPG:] NEED_PASSPHRASE 31A16202F8F7E674 BB2185144BB86568 16 0\n[GNUPG:] GET_HIDDEN passphrase.enter\n[GNUPG:] GOT_IT\n[GNUPG:] BAD_PASSPHRASE 31A16202F8F7E674\ngpg: Invalid passphrase; please try again ...\n[GNUPG:] USERID_HINT 31A16202F8F7E674 Sascha Wilde <Sascha.Wilde@intevation.de>\n[GNUPG:] NEED_PASSPHRASE 31A16202F8F7E674 BB2185144BB86568 16 0\n[GNUPG:] GET_HIDDEN passphrase.enter\n[GNUPG:] GOT_IT\n[GNUPG:] BAD_PASSPHRASE 31A16202F8F7E674\n[GNUPG:] ENC_TO xxxxxxxxxxxxxxxx 16 0\ngpg: encrypted with 1024-bit ELG-E key, ID xxxxxxxx, created 2003-06-24\n \"xxxxxx xxxxxxxx xxxx <xxxxxx@intevation.de>\"\n[GNUPG:] NO_SECKEY xxxxxxxxxxxxxxxx\ngpg: encrypted with 2048-bit ELG-E key, ID F8F7E674, created 2004-11-15\n \"Sascha Wilde <Sascha.Wilde@intevation.de>\"\ngpg: public key decryption failed: bad passphrase\n[GNUPG:] BEGIN_DECRYPTION\n[GNUPG:] DECRYPTION_FAILED\ngpg: decryption failed: secret key not available\ngpg: CRC error; 3CB1DD - 15B95A\n[GNUPG:] END_DECRYPTION\n") Signing mails works (including querying the passphrase). Might this be related to the latest changes by Daiki? Sorry I don't have time to investigate this any further right now... cheers sascha -- Sascha Wilde : "Der Nicht-Denkende glaubt, dass niemand denkt, : der Denkende weiss es!" : (Gabriel Laub) ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg-gpg broken? 2006-04-05 9:13 ` pgg-gpg broken? Sascha Wilde @ 2006-04-05 9:42 ` Daiki Ueno 2006-04-05 10:18 ` Sascha Wilde 2006-04-05 16:14 ` pgg-gpg broken? Reiner Steib 1 sibling, 1 reply; 156+ messages in thread From: Daiki Ueno @ 2006-04-05 9:42 UTC (permalink / raw) Cc: Simon Josefsson, ding, emacs-devel >>>>> In <m2k6a4z8or.fsf_-_@kenny.sha-bang.de> >>>>> Sascha Wilde <wilde@sha-bang.de> wrote: > I just needed to decrypt an old Mail using Gnus/pgg (which i decrypted > successfully many times before), but it failed. > This is the backtrace I get: > Debugger entered--Lisp error: (error "Process pgg-gpg not running") > process-send-string(#<process pgg-gpg> "DerDenkendeWeissEs\n") > pgg-gpg-status-GET_HIDDEN(#<process pgg-gpg> "GET_HIDDEN > passphrase.enter") > pgg-gpg-process-filter(#<process pgg-gpg> "[GNUPG:] USERID_HINT > 31A16202F8F7E674 Sascha Wilde <Sascha.Wilde@intevation.de>\n[GNUPG:] > NEED_PASSPHRASE 31A16202F8F7E674 BB2185144BB86568 16 0\n[GNUPG:] > GET_HIDDEN passphrase.enter\n[GNUPG:] GOT_IT\n[GNUPG:] > BAD_PASSPHRASE 31A16202F8F7E674\ngpg: Invalid passphrase; please try > again ...\n[GNUPG:] USERID_HINT 31A16202F8F7E674 Sascha Wilde > Might this be related to the latest changes by Daiki? The problem might be related to the default-enable-multibyte-characters issue: http://article.gmane.org/gmane.emacs.gnus.general/62428 if you are using non-ASCII characters in your passphrase. Regards, -- Daiki Ueno ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg-gpg broken? 2006-04-05 9:42 ` Daiki Ueno @ 2006-04-05 10:18 ` Sascha Wilde 2006-04-05 21:33 ` Daiki Ueno 0 siblings, 1 reply; 156+ messages in thread From: Sascha Wilde @ 2006-04-05 10:18 UTC (permalink / raw) Cc: Simon Josefsson, ding, emacs-devel Daiki Ueno <ueno@unixuser.org> wrote: >>>>>> In <m2k6a4z8or.fsf_-_@kenny.sha-bang.de> >>>>>> Sascha Wilde <wilde@sha-bang.de> wrote: >> I just needed to decrypt an old Mail using Gnus/pgg (which i decrypted >> successfully many times before), but it failed. > >> This is the backtrace I get: > >> Debugger entered--Lisp error: (error "Process pgg-gpg not running") >> process-send-string(#<process pgg-gpg> "DerDenkendeWeissEs\n") >> pgg-gpg-status-GET_HIDDEN(#<process pgg-gpg> "GET_HIDDEN >> passphrase.enter") >> pgg-gpg-process-filter(#<process pgg-gpg> "[GNUPG:] USERID_HINT >> 31A16202F8F7E674 Sascha Wilde <Sascha.Wilde@intevation.de>\n[GNUPG:] >> NEED_PASSPHRASE 31A16202F8F7E674 BB2185144BB86568 16 0\n[GNUPG:] >> GET_HIDDEN passphrase.enter\n[GNUPG:] GOT_IT\n[GNUPG:] >> BAD_PASSPHRASE 31A16202F8F7E674\ngpg: Invalid passphrase; please try >> again ...\n[GNUPG:] USERID_HINT 31A16202F8F7E674 Sascha Wilde > >> Might this be related to the latest changes by Daiki? > > The problem might be related to the default-enable-multibyte-characters > issue: > http://article.gmane.org/gmane.emacs.gnus.general/62428 > if you are using non-ASCII characters in your passphrase. No, only plain ASCII. sascha -- Sascha Wilde : "Ist es nicht schon schlimm genug, dass ICH hier rumtrolle?" : (Henning Leise in d.o.c.) ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg-gpg broken? 2006-04-05 10:18 ` Sascha Wilde @ 2006-04-05 21:33 ` Daiki Ueno 2006-04-06 9:00 ` Sascha Wilde 0 siblings, 1 reply; 156+ messages in thread From: Daiki Ueno @ 2006-04-05 21:33 UTC (permalink / raw) Cc: Simon Josefsson, ding, emacs-devel >>>>> In <m2zmj0xr4x.fsf@kenny.sha-bang.de> >>>>> Sascha Wilde <wilde@sha-bang.de> wrote: > Daiki Ueno <ueno@unixuser.org> wrote: > >>>>>> In <m2k6a4z8or.fsf_-_@kenny.sha-bang.de> > >>>>>> Sascha Wilde <wilde@sha-bang.de> wrote: > >> I just needed to decrypt an old Mail using Gnus/pgg (which i decrypted > >> successfully many times before), but it failed. > > > >> This is the backtrace I get: > > > >> Debugger entered--Lisp error: (error "Process pgg-gpg not running") > >> process-send-string(#<process pgg-gpg> "DerDenkendeWeissEs\n") > >> pgg-gpg-status-GET_HIDDEN(#<process pgg-gpg> "GET_HIDDEN > >> passphrase.enter") > >> BAD_PASSPHRASE 31A16202F8F7E674\ngpg: Invalid passphrase; please try > >> again ...\n[GNUPG:] USERID_HINT 31A16202F8F7E674 Sascha Wilde > > > >> Might this be related to the latest changes by Daiki? > > > > The problem might be related to the default-enable-multibyte-characters > > issue: > > http://article.gmane.org/gmane.emacs.gnus.general/62428 > > if you are using non-ASCII characters in your passphrase. > No, only plain ASCII. Two more questions: 1. The passphrase you entered was correct? 2. How many times were you queried your passphrase? A straightforward way to investigate this problem is decrypting the mail from the command line as pgg-gpg does. Could you try the following? $ cat input.txt | gpg --no-tty --status-fd 1 --command-fd 0 --yes \ --output output.txt --decrypt Regards, -- Daiki Ueno ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg-gpg broken? 2006-04-05 21:33 ` Daiki Ueno @ 2006-04-06 9:00 ` Sascha Wilde 2006-04-06 9:21 ` Daiki Ueno 0 siblings, 1 reply; 156+ messages in thread From: Sascha Wilde @ 2006-04-06 9:00 UTC (permalink / raw) Cc: emacs-devel, ding, Simon Josefsson Daiki Ueno <ueno@unixuser.org> wrote: >>>>>> In <m2zmj0xr4x.fsf@kenny.sha-bang.de> >>>>>> Sascha Wilde <wilde@sha-bang.de> wrote: >> Daiki Ueno <ueno@unixuser.org> wrote: > >> >>>>>> In <m2k6a4z8or.fsf_-_@kenny.sha-bang.de> >> >>>>>> Sascha Wilde <wilde@sha-bang.de> wrote: >> >> I just needed to decrypt an old Mail using Gnus/pgg (which i decrypted >> >> successfully many times before), but it failed. >> > >> >> This is the backtrace I get: >> > >> >> Debugger entered--Lisp error: (error "Process pgg-gpg not running") >> >> process-send-string(#<process pgg-gpg> "DerDenkendeWeissEs\n") >> >> pgg-gpg-status-GET_HIDDEN(#<process pgg-gpg> "GET_HIDDEN >> >> passphrase.enter") >> >> BAD_PASSPHRASE 31A16202F8F7E674\ngpg: Invalid passphrase; please try >> >> again ...\n[GNUPG:] USERID_HINT 31A16202F8F7E674 Sascha Wilde >> > >> >> Might this be related to the latest changes by Daiki? >> > >> > The problem might be related to the default-enable-multibyte-characters >> > issue: >> > http://article.gmane.org/gmane.emacs.gnus.general/62428 >> > if you are using non-ASCII characters in your passphrase. > >> No, only plain ASCII. > > Two more questions: > > 1. The passphrase you entered was correct? Yes. I tried this _many_ times, and only this mail fails (and only with your new code). > 2. How many times were you queried your passphrase? Once. If the passphrase is already cached (I'm _not_ using the agent on this system): none. I also encountered the situation of getting asked over and over again, but I can't reproduce that... > A straightforward way to investigate this problem is decrypting the mail > from the command line as pgg-gpg does. Could you try the following? > > $ cat input.txt | gpg --no-tty --status-fd 1 --command-fd 0 --yes \ > --output output.txt --decrypt This doesn't work (it tries to read the passphrase from the pipe, too. But this works: gpg --no-tty --status-fd 1 --command-fd 0 --yes \ --output output.txt --decrypt test.msg Here is the Output: [GNUPG:] ENC_TO 31A16202F8F7E674 16 0 [GNUPG:] USERID_HINT 31A16202F8F7E674 Sascha Wilde <Sascha.Wilde@intevation.de> [GNUPG:] NEED_PASSPHRASE 31A16202F8F7E674 BB2185144BB86568 16 0 [GNUPG:] GET_HIDDEN passphrase.enter *********************** [GNUPG:] GOT_IT [GNUPG:] GOOD_PASSPHRASE [GNUPG:] ENC_TO **************** 16 0 gpg: encrypted with 1024-bit ELG-E key, ID C42134DD, created 2003-06-24 "******** **** <*******@intevation.de>" [GNUPG:] NO_SECKEY **************** gpg: encrypted with 2048-bit ELG-E key, ID F8F7E674, created 2004-11-15 "Sascha Wilde <Sascha.Wilde@intevation.de>" [GNUPG:] BEGIN_DECRYPTION [GNUPG:] PLAINTEXT 74 1143202578 mutt-eukrante-10004-12773-1220 gpg: Signature made Fre 24 Mr 2006 13:16:19 CET using DSA key ID ******** [GNUPG:] SIG_ID AfiFfg5+XNFF741BR7ts3MOF6ds 2006-03-24 1143202579 [GNUPG:] GOODSIG **************** ******** **** <******@intevation.de> gpg: Good signature from "******** **** <*******@intevation.de>" gpg: aka "******** **** ***** <*******.********@intevation.de>" [GNUPG:] VALIDSIG 53D27A45B9AD27915EE44EDE5BB3F5195816791A 2006-03-24 1143202579 0 3 0 17 2 01 53D27A45B9AD27915EE44EDE5BB3F5195816791A [GNUPG:] TRUST_FULLY [GNUPG:] DECRYPTION_OKAY [GNUPG:] GOODMDC [GNUPG:] END_DECRYPTION As you can see: everything worked well... BUT, doing more tests, things became more and more strange: I tried gpg --no-tty --status-fd 1 --command-fd 0 --yes \ --output output.txt --decrypt And pasted in the message using copy and paste, then I got this error: gpg: CRC error; 6E24DE - 15B95A [GNUPG:] END_DECRYPTION So I set pgg-gpg-debug to t and found the same error. Even more strange, when using the gpg-agent gpg --no-tty --status-fd 1 --command-fd 0 --yes \ --output output.txt --decrypt <test.msg works fine, while decryption using the agent + pgg-gpg just hangs... cheers sascha -- Sascha Wilde : "Der Nicht-Denkende glaubt, dass niemand denkt, : der Denkende weiss es!" : (Gabriel Laub) ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg-gpg broken? 2006-04-06 9:00 ` Sascha Wilde @ 2006-04-06 9:21 ` Daiki Ueno 2006-04-06 9:58 ` Sascha Wilde 0 siblings, 1 reply; 156+ messages in thread From: Daiki Ueno @ 2006-04-06 9:21 UTC (permalink / raw) Cc: Simon Josefsson, ding, emacs-devel >>>>> In <m21wwbcc46.fsf@kenny.sha-bang.de> >>>>> Sascha Wilde <wilde@sha-bang.de> wrote: > > A straightforward way to investigate this problem is decrypting the mail > > from the command line as pgg-gpg does. Could you try the following? > > > > $ cat input.txt | gpg --no-tty --status-fd 1 --command-fd 0 --yes \ > > --output output.txt --decrypt > This doesn't work (it tries to read the passphrase from the pipe, too. As I said in the private mail, this is because the pipe is closed after cat exits. Could you try this one and see if gpg waits after "[GNUPG:] GET_HIDDEN passphrase.enter"? $ (cat test.msg; sleep 10) | gpg --no-tty --status-fd 1 --command-fd 0 --yes \ --output output.txt --decrypt Regards, -- Daiki Ueno ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg-gpg broken? 2006-04-06 9:21 ` Daiki Ueno @ 2006-04-06 9:58 ` Sascha Wilde 2006-04-06 10:13 ` Daiki Ueno 2006-04-07 10:32 ` gpg-agent support removed?! (was: pgg-gpg broken?) Sascha Wilde 0 siblings, 2 replies; 156+ messages in thread From: Sascha Wilde @ 2006-04-06 9:58 UTC (permalink / raw) Cc: Simon Josefsson, ding, emacs-devel Daiki Ueno <ueno@unixuser.org> wrote: >>>>>> In <m21wwbcc46.fsf@kenny.sha-bang.de> >>>>>> Sascha Wilde <wilde@sha-bang.de> wrote: >> > A straightforward way to investigate this problem is decrypting the mail >> > from the command line as pgg-gpg does. Could you try the following? >> > >> > $ cat input.txt | gpg --no-tty --status-fd 1 --command-fd 0 --yes \ >> > --output output.txt --decrypt > >> This doesn't work (it tries to read the passphrase from the pipe, too. > > As I said in the private mail, this is because the pipe is closed after > cat exits. Could you try this one and see if gpg waits after "[GNUPG:] > GET_HIDDEN passphrase.enter"? > > $ (cat test.msg; sleep 10) | gpg --no-tty --status-fd 1 --command-fd 0 --yes \ > --output output.txt --decrypt No, it doesn't -- here is what happens (thomas agreed with posting this information, so no more '*'s): (cat test.msg; sleep 10) | gpg --no-tty --status-fd 1 --command-fd 0 --yes \ --output output.txt --decrypt [GNUPG:] ENC_TO 31A16202F8F7E674 16 0 [GNUPG:] USERID_HINT 31A16202F8F7E674 Sascha Wilde <Sascha.Wilde@intevation.de> [GNUPG:] NEED_PASSPHRASE 31A16202F8F7E674 BB2185144BB86568 16 0 [GNUPG:] GET_HIDDEN passphrase.enter [GNUPG:] GOT_IT [GNUPG:] BAD_PASSPHRASE 31A16202F8F7E674 gpg: Invalid passphrase; please try again ... [GNUPG:] USERID_HINT 31A16202F8F7E674 Sascha Wilde <Sascha.Wilde@intevation.de> [GNUPG:] NEED_PASSPHRASE 31A16202F8F7E674 BB2185144BB86568 16 0 [GNUPG:] GET_HIDDEN passphrase.enter [GNUPG:] GOT_IT [GNUPG:] BAD_PASSPHRASE 31A16202F8F7E674 gpg: Invalid passphrase; please try again ... [GNUPG:] USERID_HINT 31A16202F8F7E674 Sascha Wilde <Sascha.Wilde@intevation.de> [GNUPG:] NEED_PASSPHRASE 31A16202F8F7E674 BB2185144BB86568 16 0 [GNUPG:] GET_HIDDEN passphrase.enter [GNUPG:] GOT_IT [GNUPG:] BAD_PASSPHRASE 31A16202F8F7E674 [GNUPG:] ENC_TO 8699BF5FC42134DD 16 0 gpg: encrypted with 1024-bit ELG-E key, ID C42134DD, created 2003-06-24 "Thomas Arendsen Hein <thomas@intevation.de>" [GNUPG:] NO_SECKEY 8699BF5FC42134DD gpg: encrypted with 2048-bit ELG-E key, ID F8F7E674, created 2004-11-15 "Sascha Wilde <Sascha.Wilde@intevation.de>" gpg: public key decryption failed: bad passphrase [GNUPG:] BEGIN_DECRYPTION [GNUPG:] DECRYPTION_FAILED gpg: decryption failed: secret key not available gpg: CRC error; 474D93 - 15B95A [GNUPG:] END_DECRYPTION is seems that gpg detects the end early and uses the rest of the message as passphrase, which of cause fails... So either the PGP Message is malformed, or that there is a bug in gpg. In either case, I don't understand why gpg --no-tty --status-fd 1 --command-fd 0 --yes \ --output output.txt --decrypt test.msg works without any error: [GNUPG:] ENC_TO 31A16202F8F7E674 16 0 [GNUPG:] USERID_HINT 31A16202F8F7E674 Sascha Wilde <Sascha.Wilde@intevation.de> [GNUPG:] NEED_PASSPHRASE 31A16202F8F7E674 BB2185144BB86568 16 0 [GNUPG:] GET_HIDDEN passphrase.enter ************************* [GNUPG:] GOT_IT [GNUPG:] GOOD_PASSPHRASE [GNUPG:] ENC_TO 8699BF5FC42134DD 16 0 gpg: encrypted with 1024-bit ELG-E key, ID C42134DD, created 2003-06-24 "Thomas Arendsen Hein <thomas@intevation.de>" [GNUPG:] NO_SECKEY 8699BF5FC42134DD gpg: encrypted with 2048-bit ELG-E key, ID F8F7E674, created 2004-11-15 "Sascha Wilde <Sascha.Wilde@intevation.de>" [GNUPG:] BEGIN_DECRYPTION [GNUPG:] PLAINTEXT 74 1143202578 mutt-eukrante-10004-12773-1220 gpg: Signature made Fre 24 Mr 2006 13:16:19 CET using DSA key ID 5816791A [GNUPG:] SIG_ID AfiFfg5+XNFF741BR7ts3MOF6ds 2006-03-24 1143202579 [GNUPG:] GOODSIG 5BB3F5195816791A Thomas Arendsen Hein <thomas@intevation.de> gpg: Good signature from "Thomas Arendsen Hein <thomas@intevation.de>" gpg: aka "Thomas Arendsen Hein (private) <thomas@jtah.de>" gpg: aka "Thomas Arendsen Hein <Thomas.Arendsen.Hein@intevation. de>" [GNUPG:] VALIDSIG 53D27A45B9AD27915EE44EDE5BB3F5195816791A 2006-03-24 1143202579 0 3 0 17 2 01 53D27A45B9AD27915EE44EDE5BB3F5195816791A [GNUPG:] TRUST_FULLY [GNUPG:] DECRYPTION_OKAY [GNUPG:] GOODMDC [GNUPG:] END_DECRYPTION cheers -- Sascha Wilde A conclusion is simply the place where someone got tired of thinking. ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg-gpg broken? 2006-04-06 9:58 ` Sascha Wilde @ 2006-04-06 10:13 ` Daiki Ueno 2006-04-07 10:32 ` gpg-agent support removed?! (was: pgg-gpg broken?) Sascha Wilde 1 sibling, 0 replies; 156+ messages in thread From: Daiki Ueno @ 2006-04-06 10:13 UTC (permalink / raw) Cc: emacs-devel, ding, Simon Josefsson >>>>> In <m2y7yjdo02.fsf@kenny.sha-bang.de> >>>>> Sascha Wilde <wilde@sha-bang.de> wrote: > Daiki Ueno <ueno@unixuser.org> wrote: > > As I said in the private mail, this is because the pipe is closed after > > cat exits. Could you try this one and see if gpg waits after "[GNUPG:] > > GET_HIDDEN passphrase.enter"? > > > > $ (cat test.msg; sleep 10) | gpg --no-tty --status-fd 1 --command-fd 0 --yes \ > > --output output.txt --decrypt > No, it doesn't -- here is what happens > is seems that gpg detects the end early and uses the rest of the > message as passphrase, which of cause fails... If you have pgpdump installed, you will see what packets are read from the message. Anyway, I'll try to change pgg-gpg-decrypt-region to read a PGP message from a temporary file. Thanks for testing! Regards, -- Daiki Ueno ^ permalink raw reply [flat|nested] 156+ messages in thread
* gpg-agent support removed?! (was: pgg-gpg broken?) 2006-04-06 9:58 ` Sascha Wilde 2006-04-06 10:13 ` Daiki Ueno @ 2006-04-07 10:32 ` Sascha Wilde 2006-04-07 12:11 ` Simon Josefsson ` (2 more replies) 1 sibling, 3 replies; 156+ messages in thread From: Sascha Wilde @ 2006-04-07 10:32 UTC (permalink / raw) Cc: Daiki Ueno, emacs-devel, Reiner Steib, ding, Simon Josefsson Hi *, after noticing, that the broken mail con suddenly be decrypted again I checked the changelog and found this entry: 2006-04-06 Romain Francoise <romain@orebokech.com> * pgg-gpg.el: Sync back with Gnus 5.10, reverting changes that add symmetric encryption features and a new asynchronous interface to GnuPG. This new version is version 1.4, plus whitespace changes. why was that done?! And why was it done without any discussion or even informing the people involved?!? sascha -- Sascha Wilde : "I heard that if you play the Windows CD backward, you : get a satanic message. But that's nothing compared to : when you play it forward: It installs Windows...." : -- G. R. Gaudreau ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: gpg-agent support removed?! (was: pgg-gpg broken?) 2006-04-07 10:32 ` gpg-agent support removed?! (was: pgg-gpg broken?) Sascha Wilde @ 2006-04-07 12:11 ` Simon Josefsson 2006-04-07 12:14 ` gpg-agent support removed?! Romain Francoise 2006-04-07 12:35 ` Reiner Steib 2 siblings, 0 replies; 156+ messages in thread From: Simon Josefsson @ 2006-04-07 12:11 UTC (permalink / raw) Cc: Daiki Ueno, romain, Reiner Steib, ding, emacs-devel > Hi *, > > after noticing, that the broken mail con suddenly be decrypted again I > checked the changelog and found this entry: > > 2006-04-06 Romain Francoise <romain@orebokech.com> > > * pgg-gpg.el: Sync back with Gnus 5.10, reverting changes that > add > symmetric encryption features and a new asynchronous interface to > GnuPG. This new version is version 1.4, plus whitespace changes. > > why was that done?! And why was it done without any discussion or > even informing the people involved?!? I thought all discussions about this were kept on the mailing list? Maybe check the ding list, perhaps emacs-devel was removed at some point. I think we decided to back out Daiki's asynchronous interface, because it is too much new code and we need to have people use it for a while and work out the problems (on the Gnus CVS trunk). Perhaps Romain backed out more than that? I think we should revert to the pgg-gpg.el right before adding Daiki's partial rewrite. The symmetric stuff, and the more recent addition of the pgg-gpg-use-agent variable should be fine. I don't have a workable internet connection, and I'm going away on holiday tomorrow, so I hope others can help work out the details, or wait 10 days. ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: gpg-agent support removed?! 2006-04-07 10:32 ` gpg-agent support removed?! (was: pgg-gpg broken?) Sascha Wilde 2006-04-07 12:11 ` Simon Josefsson @ 2006-04-07 12:14 ` Romain Francoise 2006-04-07 13:00 ` Sascha Wilde 2006-04-07 12:35 ` Reiner Steib 2 siblings, 1 reply; 156+ messages in thread From: Romain Francoise @ 2006-04-07 12:14 UTC (permalink / raw) Cc: Daiki Ueno, emacs-devel, Reiner Steib, ding, Simon Josefsson Sascha Wilde <wilde@sha-bang.de> writes: > And why was it done without any discussion or even informing the > people involved?!? Since PGG is historically a Gnus package, it was discussed on the ding mailing-list, which you obviously don't read... :-) The relevant sub-thread starts here: <URL: http://article.gmane.org/gmane.emacs.gnus.general/62545> The reasons why this was done are: 1) The new code has bugs and is a major rewrite from previous versions; it isn't yet very stable, at least not enough for a stable Gnus release. 2) A new Gnus v5.10 release is due out this week-end, so there wasn't enough time to fix the bugs in the new code, hence the decision to revert it in Gnus 5.10. Since Emacs 22 is supposed to have Gnus 5.10, I reverted the changes in Emacs CVS in order to keep the upcoming Gnus release and Emacs in sync. 3) The changes broke allout.el's encryption features, and require a transition to ensure that allout and PGG can work correctly together without breakage. 4) We're trying to get Emacs to a releasable state, and introducing new features right now might not be the best idea, depending on how seriously you take the feature freeze. At the moment, the plan is to let the new code mature in the Gnus trunk (not the Emacs trunk), and then sync it back in Gnus' v5-10 branch and the Emacs trunk once things have settled down. I realize that part of the problem is that PGG is maintained as a Gnus package in Gnus, and as a general-purpose package in Emacs... Hoping this clarifies the situation, -- Romain Francoise <romain@orebokech.com> | The sea! the sea! the open it's a miracle -- http://orebokech.com/ | sea! The blue, the fresh, the | ever free! --Bryan W. Procter ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: gpg-agent support removed?! 2006-04-07 12:14 ` gpg-agent support removed?! Romain Francoise @ 2006-04-07 13:00 ` Sascha Wilde 2006-04-07 13:30 ` Simon Josefsson 2006-04-08 9:36 ` Romain Francoise 0 siblings, 2 replies; 156+ messages in thread From: Sascha Wilde @ 2006-04-07 13:00 UTC (permalink / raw) Cc: Daiki Ueno, emacs-devel, Reiner Steib, ding, Simon Josefsson Romain Francoise <romain@orebokech.com> wrote: > Sascha Wilde <wilde@sha-bang.de> writes: > >> And why was it done without any discussion or even informing the >> people involved?!? > > Since PGG is historically a Gnus package, it was discussed on the ding > mailing-list, which you obviously don't read... :-) That's true, so please CC me at any response. (at least if it doesn't go too emacs-devel, too). Thanks to everybody for summarizing the discussion. May I suggest to revert the code to version 1.8 from GNU Emacs CVS instead? This version includes my original agent support code and Reiners small compatibility fix. I would prefer this version because it: - allow using the agent - but only if enabled explicitly by the user, so the default behavior is completely unchanged compared to the old code - introduces only very few code changes, with no known bugs - has none of the problems of Daikis code regarding robustness or api changes IIRC this version was already discussed and accepted for 5.10. cheers sascha -- Sascha Wilde Well, *my* brain likes to think it's vastly more powerful than any finite Turing machine but it hasn't proven that to me... -- Christopher Koppler in comp.lang.lisp ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: gpg-agent support removed?! 2006-04-07 13:00 ` Sascha Wilde @ 2006-04-07 13:30 ` Simon Josefsson 2006-04-07 20:59 ` Reiner Steib 2006-04-08 9:36 ` Romain Francoise 1 sibling, 1 reply; 156+ messages in thread From: Simon Josefsson @ 2006-04-07 13:30 UTC (permalink / raw) Cc: Daiki Ueno, Romain Francoise, Reiner Steib, ding, emacs-devel > May I suggest to revert the code to version 1.8 from GNU Emacs CVS > instead? > > This version includes my original agent support code and Reiners small > compatibility fix. > > I would prefer this version because it: > - allow using the agent > - but only if enabled explicitly by the user, so the default behavior > is completely unchanged compared to the old code > - introduces only very few code changes, with no known bugs > - has none of the problems of Daikis code regarding robustness > or api changes > > IIRC this version was already discussed and accepted for 5.10. I agree, we shouldn't revert more than Daiki's asynchronous stuff in v5-10/Emacs CVS. ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: gpg-agent support removed?! 2006-04-07 13:30 ` Simon Josefsson @ 2006-04-07 20:59 ` Reiner Steib 0 siblings, 0 replies; 156+ messages in thread From: Reiner Steib @ 2006-04-07 20:59 UTC (permalink / raw) Cc: Romain Francoise, Reiner Steib, Sascha Wilde, Daiki Ueno, ding, emacs-devel On Fri, Apr 07 2006, Simon Josefsson wrote: >> May I suggest to revert the code to version 1.8 from GNU Emacs CVS >> instead? >> >> This version includes my original agent support code and Reiners small >> compatibility fix. >> >> I would prefer this version because it: >> - allow using the agent >> - but only if enabled explicitly by the user, so the default behavior >> is completely unchanged compared to the old code >> - introduces only very few code changes, with no known bugs >> - has none of the problems of Daikis code regarding robustness >> or api changes >> >> IIRC this version was already discussed and accepted for 5.10. > > I agree, we shouldn't revert more than Daiki's asynchronous stuff in > v5-10/Emacs CVS. Okay, I'll do this (revision 7.15 in Gnus). Bye, Reiner. -- ,,, (o o) ---ooO-(_)-Ooo--- | PGP key available | http://rsteib.home.pages.de/ ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: gpg-agent support removed?! 2006-04-07 13:00 ` Sascha Wilde 2006-04-07 13:30 ` Simon Josefsson @ 2006-04-08 9:36 ` Romain Francoise 2006-04-08 10:05 ` Sascha Wilde 1 sibling, 1 reply; 156+ messages in thread From: Romain Francoise @ 2006-04-08 9:36 UTC (permalink / raw) Cc: Daiki Ueno, emacs-devel, Reiner Steib, ding, Simon Josefsson Sascha Wilde <wilde@sha-bang.de> writes: > May I suggest to revert the code to version 1.8 from GNU Emacs CVS > instead? Reiner has now done that, in Gnus and Emacs. -- Romain Francoise <romain@orebokech.com> | The sea! the sea! the open it's a miracle -- http://orebokech.com/ | sea! The blue, the fresh, the | ever free! --Bryan W. Procter ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: gpg-agent support removed?! 2006-04-08 9:36 ` Romain Francoise @ 2006-04-08 10:05 ` Sascha Wilde 0 siblings, 0 replies; 156+ messages in thread From: Sascha Wilde @ 2006-04-08 10:05 UTC (permalink / raw) Cc: Daiki Ueno, emacs-devel, Reiner Steib, ding, Simon Josefsson Romain Francoise <romain@orebokech.com> wrote: > Sascha Wilde <wilde@sha-bang.de> writes: > >> May I suggest to revert the code to version 1.8 from GNU Emacs CVS >> instead? > > Reiner has now done that, in Gnus and Emacs. Thanks. sascha -- Sascha Wilde Nothing is fool-proof to a sufficiently talented fool. ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: gpg-agent support removed?! 2006-04-07 10:32 ` gpg-agent support removed?! (was: pgg-gpg broken?) Sascha Wilde 2006-04-07 12:11 ` Simon Josefsson 2006-04-07 12:14 ` gpg-agent support removed?! Romain Francoise @ 2006-04-07 12:35 ` Reiner Steib 2006-04-07 13:02 ` Daiki Ueno 2006-04-07 21:36 ` Richard Stallman 2 siblings, 2 replies; 156+ messages in thread From: Reiner Steib @ 2006-04-07 12:35 UTC (permalink / raw) Cc: Simon Josefsson, Daiki Ueno, romain, ding, emacs-devel On Fri, Apr 07 2006, Sascha Wilde wrote: > 2006-04-06 Romain Francoise <romain@orebokech.com> > > * pgg-gpg.el: Sync back with Gnus 5.10, reverting changes that add > symmetric encryption features and a new asynchronous interface to > GnuPG. This new version is version 1.4, plus whitespace changes. > > why was that done?! And why was it done without any discussion or > even informing the people involved?!? Let me try to summarize (CMIIW): There were several unresolved serious problems¹ (including your report) with the new code. So for the upcoming release of Gnus 5.10.8 we (Simon and me) agreed to revert `pgg-gpg.el' in the stable Gnus branch (v5-10). Simon's advised on keeping the new code in the Gnus trunk, so I followed his suggestion. I didn't have a strong option on what is best for the version² in Emacs CVS, so I didn't touch it. IIRC Simon didn't express an opinion concerning this version neither. Probably Romain thought that the problems with the new code are too serious also for Emacs CVS. After the Gnus 5.10.8 release (which should be this week-end unless Lars needs to shift it) we can put the new code plus Daiki's fixes posted today back in all three branches. Bye, Reiner. ¹ Unresolved serious problems with the new code in `pgg-gpg.el': http://article.gmane.org/gmane.emacs.pretest.bugs/11591 http://article.gmane.org/gmane.emacs.devel/52450 http://article.gmane.org/gmane.emacs.gnus.general/62567 Maybe more? I don't remember exactly. ² Normally the version in Emacs CVS and Gnus stable (v5-10) are and should be synched (semi-)automatically by Miles Bader. Because of the upcoming stable Gnus release, I asked Miles suspend it until Gnus 5.10.8 is released. -- ,,, (o o) ---ooO-(_)-Ooo--- | PGP key available | http://rsteib.home.pages.de/ ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: gpg-agent support removed?! 2006-04-07 12:35 ` Reiner Steib @ 2006-04-07 13:02 ` Daiki Ueno 2006-04-07 13:08 ` Sascha Wilde 2006-04-07 14:05 ` Thomas Baumann 2006-04-07 21:36 ` Richard Stallman 1 sibling, 2 replies; 156+ messages in thread From: Daiki Ueno @ 2006-04-07 13:02 UTC (permalink / raw) Cc: Sascha Wilde, Simon Josefsson, romain, ding, emacs-devel >>>>> In <v9lkuhd0mv.fsf@marauder.physik.uni-ulm.de> >>>>> Reiner Steib <reinersteib+gmane@imap.cc> wrote: > ¹ Unresolved serious problems with the new code in `pgg-gpg.el': > http://article.gmane.org/gmane.emacs.pretest.bugs/11591 Sorry, I didn't read emacs-pretest-bug. Thomas, could you tell me what happened more precisely? i.e. (setq debug-on-error t) and (setq pgg-gpg-debug t) > http://article.gmane.org/gmane.emacs.devel/52450 I think this is fixed by the patch I posted some time ago. http://article.gmane.org/gmane.emacs.gnus.general/62571 > http://article.gmane.org/gmane.emacs.gnus.general/62567 I hope that this should be fixed in the right way, not in the way such as just reversion. So to say, this is a bug of *allout.el* and not of PGG, I think. Regards, -- Daiki Ueno ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: gpg-agent support removed?! 2006-04-07 13:02 ` Daiki Ueno @ 2006-04-07 13:08 ` Sascha Wilde 2006-04-07 13:26 ` Daiki Ueno 2006-04-07 13:40 ` Reiner Steib 2006-04-07 14:05 ` Thomas Baumann 1 sibling, 2 replies; 156+ messages in thread From: Sascha Wilde @ 2006-04-07 13:08 UTC (permalink / raw) Cc: Reiner Steib, Thomas Baumann, romain, emacs-devel, ding, Simon Josefsson Daiki Ueno <ueno@unixuser.org> wrote: >>>>>> In <v9lkuhd0mv.fsf@marauder.physik.uni-ulm.de> >>>>>> Reiner Steib <reinersteib+gmane@imap.cc> wrote: >> http://article.gmane.org/gmane.emacs.devel/52450 > > I think this is fixed by the patch I posted some time ago. > http://article.gmane.org/gmane.emacs.gnus.general/62571 This sounds interesting -- where can I get this version for testing? -- Sascha Wilde We're Germans and we use Unix. That's a combination of two demographic groups known to have no sense of humour whatsoever. -- Hanno Mueller in de.comp.os.unix.programming ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: gpg-agent support removed?! 2006-04-07 13:08 ` Sascha Wilde @ 2006-04-07 13:26 ` Daiki Ueno 2006-04-09 16:04 ` Sascha Wilde 2006-04-07 13:40 ` Reiner Steib 1 sibling, 1 reply; 156+ messages in thread From: Daiki Ueno @ 2006-04-07 13:26 UTC (permalink / raw) Cc: Reiner Steib, Thomas Baumann, romain, emacs-devel, ding, Simon Josefsson >>>>> In <m2lkuhcz2y.fsf@kenny.sha-bang.de> >>>>> Sascha Wilde <wilde@sha-bang.de> wrote: > >> http://article.gmane.org/gmane.emacs.devel/52450 > > > > I think this is fixed by the patch I posted some time ago. > > http://article.gmane.org/gmane.emacs.gnus.general/62571 > This sounds interesting -- where can I get this version for testing? I put the tarball which contains the current pgg*.el at http://www.unixuser.org/~ueno/pgg-20060407.tar.gz Regards, -- Daiki Ueno ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: gpg-agent support removed?! 2006-04-07 13:26 ` Daiki Ueno @ 2006-04-09 16:04 ` Sascha Wilde 2006-04-10 18:04 ` Reiner Steib 0 siblings, 1 reply; 156+ messages in thread From: Sascha Wilde @ 2006-04-09 16:04 UTC (permalink / raw) Cc: Reiner Steib, Thomas Baumann, romain, ding, emacs-devel, Simon Josefsson Daiki Ueno <ueno@unixuser.org> wrote: >>>>>> In <m2lkuhcz2y.fsf@kenny.sha-bang.de> >>>>>> Sascha Wilde <wilde@sha-bang.de> wrote: >> >> http://article.gmane.org/gmane.emacs.devel/52450 >> > >> > I think this is fixed by the patch I posted some time ago. >> > http://article.gmane.org/gmane.emacs.gnus.general/62571 > >> This sounds interesting -- where can I get this version for testing? > > I put the tarball which contains the current pgg*.el at > > http://www.unixuser.org/~ueno/pgg-20060407.tar.gz Thanks. I finally found the time to give it a try -- and it seems to solve my problem. cheers sascha -- Sascha Wilde : "I heard that if you play the Windows CD backward, you : get a satanic message. But that's nothing compared to : when you play it forward: It installs Windows...." : -- G. R. Gaudreau ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: gpg-agent support removed?! 2006-04-09 16:04 ` Sascha Wilde @ 2006-04-10 18:04 ` Reiner Steib 0 siblings, 0 replies; 156+ messages in thread From: Reiner Steib @ 2006-04-10 18:04 UTC (permalink / raw) Cc: romain, Thomas Baumann, Daiki Ueno, ding, emacs-devel, Simon Josefsson On Sun, Apr 09 2006, Sascha Wilde wrote: > Daiki Ueno <ueno@unixuser.org> wrote: >> I put the tarball which contains the current pgg*.el at >> >> http://www.unixuser.org/~ueno/pgg-20060407.tar.gz > > Thanks. I finally found the time to give it a try -- and it seems to > solve my problem. Daiki, should this version be installed in Gnus trunk? Could you provide ChangeLog entries (compared to the version in Gnus CVS trunk), please? Bye, Reiner. -- ,,, (o o) ---ooO-(_)-Ooo--- | PGP key available | http://rsteib.home.pages.de/ ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: gpg-agent support removed?! 2006-04-07 13:08 ` Sascha Wilde 2006-04-07 13:26 ` Daiki Ueno @ 2006-04-07 13:40 ` Reiner Steib 1 sibling, 0 replies; 156+ messages in thread From: Reiner Steib @ 2006-04-07 13:40 UTC (permalink / raw) Cc: Daiki Ueno, ding, emacs-devel [-- Attachment #1.1: Type: text/plain, Size: 1115 bytes --] [ Reducing Cc list ] On Fri, Apr 07 2006, Sascha Wilde wrote: > Daiki Ueno <ueno@unixuser.org> wrote: > >>>>>>> In <v9lkuhd0mv.fsf@marauder.physik.uni-ulm.de> >>>>>>> Reiner Steib <reinersteib+gmane@imap.cc> wrote: > >>> http://article.gmane.org/gmane.emacs.devel/52450 >> >> I think this is fixed by the patch I posted some time ago. >> http://article.gmane.org/gmane.emacs.gnus.general/62571 ,---- | RCS file: /usr/local/cvsroot/gnus/lisp/pgg-gpg.el,v | retrieving revision 7.22 | diff -u -r7.22 pgg-gpg.el | --- lisp/pgg-gpg.el 5 Apr 2006 12:57:22 -0000 7.22 | +++ lisp/pgg-gpg.el 7 Apr 2006 08:07:26 -0000 `---- So this is a patch against the Gnus trunk (revision 7.22) > This sounds interesting -- where can I get this version for testing? $ cvs -d :pserver:gnus@cvs.gnus.org:/usr/local/cvsroot login CVS password: gnus $ cvs -d :pserver:gnus@cvs.gnus.org:/usr/local/cvsroot checkout gnus/lisp/pgg-gpg.el (cf. http://www.gnus.org/distribution.html) Bye, Reiner. -- ,,, (o o) ---ooO-(_)-Ooo--- | PGP key available | http://rsteib.home.pages.de/ [-- Attachment #1.2: Type: application/pgp-signature, Size: 188 bytes --] [-- Attachment #2: Type: text/plain, Size: 142 bytes --] _______________________________________________ Emacs-devel mailing list Emacs-devel@gnu.org http://lists.gnu.org/mailman/listinfo/emacs-devel ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: gpg-agent support removed?! 2006-04-07 13:02 ` Daiki Ueno 2006-04-07 13:08 ` Sascha Wilde @ 2006-04-07 14:05 ` Thomas Baumann 2006-04-07 14:40 ` Daiki Ueno 1 sibling, 1 reply; 156+ messages in thread From: Thomas Baumann @ 2006-04-07 14:05 UTC (permalink / raw) Cc: Reiner Steib, Sascha Wilde, romain, emacs-devel, ding, Simon Josefsson GNU Emacs 22.0.50.1 (i686-suse-linux-gnu, X toolkit, Xaw3d scroll bars) of 2006-04-05 on norvel gpg (GnuPG) 1.4.2 Description: I write an email to be signed. From: Thomas Baumann <thomas.baumann@ch.tum.de> To: tb cc: Subject: sign X-Mailer: MH-E 7.93+cvs; nmh 1.2; GNU Emacs 22.0.50.1 Reply-To: thomas.baumann@ch.tum.de -------- <#secure method=pgpmime mode=sign sender=AE757F32> Test after C-cC-c emacs waits for something endlessly.... backtrace Debugger entered--Lisp error: (quit) accept-process-output(#<process pgg-gpg<4>> 1) pgg-gpg-wait-for-status(#<process pgg-gpg<4>> ("BEGIN_SIGNING")) pgg-gpg-sign-region(1 7 nil nil) funcall(pgg-gpg-sign-region 1 7 nil nil) apply(funcall pgg-gpg-sign-region (1 7 nil nil)) pgg-invoke("sign-region" gpg 1 7 nil nil) pgg-sign-region(1 7) mml2015-pgg-sign((part (sign . "pgpmime") (sender . "AE757F32") (tag-location . 173) (contents . "Test\n"))) mml2015-sign((part (sign . "pgpmime") (sender . "AE757F32") (tag-location . 173) (contents . "Test\n"))) mml-pgpmime-sign-buffer((part (sign . "pgpmime") (sender . "AE757F32") (tag-location . 173) (contents . "Test\n"))) mml-generate-mime-1((part (sign . "pgpmime") (sender . "AE757F32") (tag-location . 173) (contents . "Test\n"))) mml-generate-mime() message-encode-message-body() mml-to-mime() (condition-case err (mml-to-mime) (error (with-current-buffer buffer ... ... ...) (error ...))) (let ((saved-text ...) (buffer ...) (modified-flag ...)) (condition-case err (mml-to-mime) (error ... ...))) mh-mml-to-mime() mh-send-letter(nil) call-interactively(mh-send-letter) Things are ok if I the following version of pgg-gpg.el -rw-r--r-- 1 tb users 13819 Feb 10 07:33 pgg-gpg.el With todays cvs signing does work, but checking the signatures won't work any more. open an email with signature [mouse-1] on [[PGP Signed Part:Undecided]] = everything between [[PGP Signed Part:Undecided]] and [[End of PGP Signed Part]] disappears and there is no change to the buttons.... again this works with pgg-gpg from February... Thomas ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: gpg-agent support removed?! 2006-04-07 14:05 ` Thomas Baumann @ 2006-04-07 14:40 ` Daiki Ueno 2006-04-07 15:45 ` Reiner Steib 0 siblings, 1 reply; 156+ messages in thread From: Daiki Ueno @ 2006-04-07 14:40 UTC (permalink / raw) Cc: Reiner Steib, Sascha Wilde, romain, ding, emacs-devel, Simon Josefsson >>>>> In <25746.1144418743@norvel.baumann-gauting.site> >>>>> Thomas Baumann <thomas.baumann@ch.tum.de> wrote: Thanks for testing again, Thomas. > Debugger entered--Lisp error: (quit) > accept-process-output(#<process pgg-gpg<4>> 1) > pgg-gpg-wait-for-status(#<process pgg-gpg<4>> ("BEGIN_SIGNING")) Looks odd. I think that the code which waits only for "BEGIN_SIGNING" has not ever been incorporated in Gnus CVS. > Things are ok if I the following version of pgg-gpg.el > -rw-r--r-- 1 tb users 13819 Feb 10 07:33 pgg-gpg.el Could you tell me what version did you test the above? Regards, -- Daiki Ueno ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: gpg-agent support removed?! 2006-04-07 14:40 ` Daiki Ueno @ 2006-04-07 15:45 ` Reiner Steib 2006-04-07 20:55 ` Daiki Ueno 0 siblings, 1 reply; 156+ messages in thread From: Reiner Steib @ 2006-04-07 15:45 UTC (permalink / raw) Cc: thomas.baumann, ding, emacs-devel [ Reducing Cc list ] On Fri, Apr 07 2006, Daiki Ueno wrote: >>>>>> In <25746.1144418743@norvel.baumann-gauting.site> >>>>>> Thomas Baumann <thomas.baumann@ch.tum.de> wrote: >> Debugger entered--Lisp error: (quit) >> accept-process-output(#<process pgg-gpg<4>> 1) >> pgg-gpg-wait-for-status(#<process pgg-gpg<4>> ("BEGIN_SIGNING")) > > Looks odd. I think that the code which waits only for "BEGIN_SIGNING" > has not ever been incorporated in Gnus CVS. | X-Mailer: MH-E 7.93+cvs; nmh 1.2; GNU Emacs 22.0.50.1 MH-E uses the MIME stuff from Gnus, but Thomas is using MH-E from Emacs CVS. Bye, Reiner. -- ,,, (o o) ---ooO-(_)-Ooo--- | PGP key available | http://rsteib.home.pages.de/ ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: gpg-agent support removed?! 2006-04-07 15:45 ` Reiner Steib @ 2006-04-07 20:55 ` Daiki Ueno 2006-04-07 21:22 ` Reiner Steib 0 siblings, 1 reply; 156+ messages in thread From: Daiki Ueno @ 2006-04-07 20:55 UTC (permalink / raw) Cc: thomas.baumann, ding, emacs-devel >>>>> In <v97j61crtc.fsf@marauder.physik.uni-ulm.de> >>>>> Reiner Steib <reinersteib+gmane@imap.cc> wrote: > >>>>>> In <25746.1144418743@norvel.baumann-gauting.site> > >>>>>> Thomas Baumann <thomas.baumann@ch.tum.de> wrote: > >> Debugger entered--Lisp error: (quit) > >> accept-process-output(#<process pgg-gpg<4>> 1) > >> pgg-gpg-wait-for-status(#<process pgg-gpg<4>> ("BEGIN_SIGNING")) > > > > Looks odd. I think that the code which waits only for "BEGIN_SIGNING" > > has not ever been incorporated in Gnus CVS. > | X-Mailer: MH-E 7.93+cvs; nmh 1.2; GNU Emacs 22.0.50.1 > MH-E uses the MIME stuff from Gnus, but Thomas is using MH-E from > Emacs CVS. Did someone mistakenly installed the first BEGIN_SIGNING patch to Emacs CVS, while it has not been commited in Gnus CVS? Simon vetoed it because it does _not_ work with the earlier GnuPG versions than 1.4.3. http://article.gmane.org/gmane.emacs.gnus.general/62513 http://article.gmane.org/gmane.emacs.gnus.general/62514 Regards, -- Daiki Ueno ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: gpg-agent support removed?! 2006-04-07 20:55 ` Daiki Ueno @ 2006-04-07 21:22 ` Reiner Steib 2006-04-08 7:03 ` Thomas Baumann 2006-04-08 10:18 ` Daiki Ueno 0 siblings, 2 replies; 156+ messages in thread From: Reiner Steib @ 2006-04-07 21:22 UTC (permalink / raw) Cc: thomas.baumann, ding, emacs-devel On Fri, Apr 07 2006, Daiki Ueno wrote: >>>>>> Reiner Steib <reinersteib+gmane@imap.cc> wrote: >> > Looks odd. I think that the code which waits only for "BEGIN_SIGNING" >> > has not ever been incorporated in Gnus CVS. > >> | X-Mailer: MH-E 7.93+cvs; nmh 1.2; GNU Emacs 22.0.50.1 > >> MH-E uses the MIME stuff from Gnus, but Thomas is using MH-E from >> Emacs CVS. > > Did someone mistakenly installed the first BEGIN_SIGNING patch to Emacs > CVS, while it has not been commited in Gnus CVS? ---------------------------- revision 1.13 date: 2006-04-05 11:00:11 +0000; author: jas; state: Exp; lines: +2 -2 2006-04-05 Daiki Ueno <ueno@unixuser.org> * pgg-gpg.el (pgg-gpg-encrypt-region, pgg-gpg-sign-region): Wait for BEGIN_SIGNING too, new in GnuPG 1.4.3. ---------------------------- > Simon vetoed it because it does _not_ work with the earlier GnuPG > versions than 1.4.3. AFAICS, Simon installed a modified version: --8<---------------cut here---------------start------------->8--- --- pgg-gpg.el 4 Apr 2006 23:30:02 -0000 1.12 +++ pgg-gpg.el 5 Apr 2006 11:00:11 -0000 1.13 @@ -256,7 +256,7 @@ (list pgg-gpg-user-id)))))))) (process (pgg-gpg-start-process args))) (if (and sign (not pgg-gpg-use-agent)) - (pgg-gpg-wait-for-status process '("GOOD_PASSPHRASE"))) + (pgg-gpg-wait-for-status process '("BEGIN_SIGNING" "GOOD_PASSPHRASE"))) (process-send-region process start end) (pgg-gpg-wait-for-completion process) (save-excursion @@ -303,7 +303,7 @@ (if pgg-text-mode '("--textmode")))) (process (pgg-gpg-start-process args))) (unless pgg-gpg-use-agent - (pgg-gpg-wait-for-status process '("GOOD_PASSPHRASE"))) + (pgg-gpg-wait-for-status process '("BEGIN_SIGNING" "GOOD_PASSPHRASE"))) (process-send-region process start end) (pgg-gpg-wait-for-completion process) (save-excursion --8<---------------cut here---------------end--------------->8--- Thomas should update from CVS (I have reverted to revision 1.8, i.e. before your asynchronous gpg call, after adding gpg-agent support from Sascha) and check again, I think. Or test your version. Bye, Reiner. -- ,,, (o o) ---ooO-(_)-Ooo--- | PGP key available | http://rsteib.home.pages.de/ ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: gpg-agent support removed?! 2006-04-07 21:22 ` Reiner Steib @ 2006-04-08 7:03 ` Thomas Baumann 2006-04-08 10:18 ` Daiki Ueno 1 sibling, 0 replies; 156+ messages in thread From: Thomas Baumann @ 2006-04-08 7:03 UTC (permalink / raw) Reiner Steib <reinersteib+gmane@imap.cc> wrote: > On Fri, Apr 07 2006, Daiki Ueno wrote: > > >>>>>> Reiner Steib <reinersteib+gmane@imap.cc> wrote: > >> > Looks odd. I think that the code which waits only for "BEGIN_SIGNING" > >> > has not ever been incorporated in Gnus CVS. > > > >> | X-Mailer: MH-E 7.93+cvs; nmh 1.2; GNU Emacs 22.0.50.1 > > > >> MH-E uses the MIME stuff from Gnus, but Thomas is using MH-E from > >> Emacs CVS. > > > > Did someone mistakenly installed the first BEGIN_SIGNING patch to Emacs > > CVS, while it has not been commited in Gnus CVS? > > ---------------------------- > revision 1.13 > date: 2006-04-05 11:00:11 +0000; author: jas; state: Exp; lines: +2 -2 > 2006-04-05 Daiki Ueno <ueno@unixuser.org> > > * pgg-gpg.el (pgg-gpg-encrypt-region, pgg-gpg-sign-region): Wait > for BEGIN_SIGNING too, new in GnuPG 1.4.3. > ---------------------------- > > > Simon vetoed it because it does _not_ work with the earlier GnuPG > > versions than 1.4.3. > > AFAICS, Simon installed a modified version: > > --8<---------------cut here---------------start------------->8--- > --- pgg-gpg.el 4 Apr 2006 23:30:02 -0000 1.12 > +++ pgg-gpg.el 5 Apr 2006 11:00:11 -0000 1.13 > @@ -256,7 +256,7 @@ > (list pgg-gpg-user-id)))))))) > (process (pgg-gpg-start-process args))) > (if (and sign (not pgg-gpg-use-agent)) > - (pgg-gpg-wait-for-status process '("GOOD_PASSPHRASE"))) > + (pgg-gpg-wait-for-status process '("BEGIN_SIGNING" "GOOD_PASSPHRASE"))) > (process-send-region process start end) > (pgg-gpg-wait-for-completion process) > (save-excursion > @@ -303,7 +303,7 @@ > (if pgg-text-mode '("--textmode")))) > (process (pgg-gpg-start-process args))) > (unless pgg-gpg-use-agent > - (pgg-gpg-wait-for-status process '("GOOD_PASSPHRASE"))) > + (pgg-gpg-wait-for-status process '("BEGIN_SIGNING" "GOOD_PASSPHRASE"))) > (process-send-region process start end) > (pgg-gpg-wait-for-completion process) > (save-excursion > --8<---------------cut here---------------end--------------->8--- > > Thomas should update from CVS (I have reverted to revision 1.8, > i.e. before your asynchronous gpg call, after adding gpg-agent support > from Sascha) and check again, I think. Or test your version. > > Bye, Reiner. > -- > ,,, > (o o) > ---ooO-(_)-Ooo--- | PGP key available | http://rsteib.home.pages.de/ > Everything back to normal with this mornings CVS, at least for the pgg-gpg.el, thanks Thomas ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: gpg-agent support removed?! 2006-04-07 21:22 ` Reiner Steib 2006-04-08 7:03 ` Thomas Baumann @ 2006-04-08 10:18 ` Daiki Ueno 1 sibling, 0 replies; 156+ messages in thread From: Daiki Ueno @ 2006-04-08 10:18 UTC (permalink / raw) Cc: thomas.baumann, ding, emacs-devel >>>>> In <v9acaxw05w.fsf@marauder.physik.uni-ulm.de> >>>>> Reiner Steib <reinersteib+gmane@imap.cc> wrote: > AFAICS, Simon installed a modified version: > --- pgg-gpg.el 4 Apr 2006 23:30:02 -0000 1.12 > +++ pgg-gpg.el 5 Apr 2006 11:00:11 -0000 1.13 This patch had a bug, and I posted the fix just after. However, I don't see the reason, Simon didn't commit the fix to Emacs CVS. http://article.gmane.org/gmane.emacs.gnus.general/62522 So, this bug is fixed in the current PGG code http://www.unixuser.org/~ueno/pgg-20060407.tar.gz Thomas, could you test this? Regards, -- Daiki Ueno ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: gpg-agent support removed?! 2006-04-07 12:35 ` Reiner Steib 2006-04-07 13:02 ` Daiki Ueno @ 2006-04-07 21:36 ` Richard Stallman 2006-04-08 9:45 ` Romain Francoise 1 sibling, 1 reply; 156+ messages in thread From: Richard Stallman @ 2006-04-07 21:36 UTC (permalink / raw) Cc: wilde, jas, ueno, Reiner Steib, emacs-devel Simon's advised on keeping the new code in the Gnus trunk, so I followed his suggestion. I didn't have a strong option on what is best for the version² in Emacs CVS, so I didn't touch it. IIRC Simon didn't express an opinion concerning this version neither. Probably Romain thought that the problems with the new code are too serious also for Emacs CVS. Romain, would you please explain to me why you removed the code in Emacs CVS? Why not install Daiki's fixes instead? ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: gpg-agent support removed?! 2006-04-07 21:36 ` Richard Stallman @ 2006-04-08 9:45 ` Romain Francoise 2006-04-08 10:11 ` Daiki Ueno 2006-04-08 22:34 ` Richard Stallman 0 siblings, 2 replies; 156+ messages in thread From: Romain Francoise @ 2006-04-08 9:45 UTC (permalink / raw) Cc: wilde, jas, ueno, Reiner Steib, emacs-devel Richard Stallman <rms@gnu.org> writes: > Romain, would you please explain to me why you removed the code in > Emacs CVS? To keep it level with the same code in Gnus, which we planned to include in a new Gnus stable release this week-end. > Why not install Daiki's fixes instead? Because they weren't available at the time, and because we had agreed to test this new code in the Gnus trunk. Anyway, Reiner has now changed it again in Gnus and Emacs to a later version that satisfies everyone, I think (revision 1.8 vs. 1.4). -- Romain Francoise <romain@orebokech.com> | The sea! the sea! the open it's a miracle -- http://orebokech.com/ | sea! The blue, the fresh, the | ever free! --Bryan W. Procter ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: gpg-agent support removed?! 2006-04-08 9:45 ` Romain Francoise @ 2006-04-08 10:11 ` Daiki Ueno 2006-04-08 11:30 ` Romain Francoise 2006-04-10 22:40 ` gpg-agent support removed?! Ken Manheimer 2006-04-08 22:34 ` Richard Stallman 1 sibling, 2 replies; 156+ messages in thread From: Daiki Ueno @ 2006-04-08 10:11 UTC (permalink / raw) Cc: wilde, jas, rms, Reiner Steib, emacs-devel >>>>> In <873bgo4d0e.fsf@pacem.orebokech.com> >>>>> Romain Francoise <romain@orebokech.com> wrote: > Richard Stallman <rms@gnu.org> writes: > > Romain, would you please explain to me why you removed the code in > > Emacs CVS? > To keep it level with the same code in Gnus, which we planned to include > in a new Gnus stable release this week-end. > > Why not install Daiki's fixes instead? > Because they weren't available at the time, As I said yesterday, the current version is at http://www.unixuser.org/~ueno/pgg-20060407.tar.gz This code should be fairly stable. > and because we had agreed to test this new code in the Gnus trunk. I agreeded to revert the code from v5-10 branch of Gnus because the release of Gnus v5.10.8 is so imminent. However, I didn't think the release of Emacs is as well. > Anyway, Reiner has now changed it again in Gnus and Emacs to a later > version that satisfies everyone, I think (revision 1.8 vs. 1.4). No, I wasn't satisfied with your decision at all. Though allout.el appearantly has a bug, i.e. allout.el uses PGG in a bad way, it works as expected by Ken (the author of allout.el), so it won't be fixed. On the other hand, I have many enhancement plans of PGG based on the new code such as keysigning features, string-based interface, etc. I think it should be tested not only by the Gnus people but also by Emacs people. Regards, -- Daiki Ueno ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: gpg-agent support removed?! 2006-04-08 10:11 ` Daiki Ueno @ 2006-04-08 11:30 ` Romain Francoise 2006-04-08 11:58 ` Daiki Ueno 2006-04-10 22:40 ` gpg-agent support removed?! Ken Manheimer 1 sibling, 1 reply; 156+ messages in thread From: Romain Francoise @ 2006-04-08 11:30 UTC (permalink / raw) Cc: rms, emacs-devel Daiki Ueno <ueno@unixuser.org> writes: > I agreeded to revert the code from v5-10 branch of Gnus because the > release of Gnus v5.10.8 is so imminent. However, I didn't think the > release of Emacs is as well. The release isn't imminent partly because people keep adding new features which, inevitably, introduce new bugs. > On the other hand, I have many enhancement plans of PGG based on the > new code such as keysigning features, string-based interface, etc. That sounds great, and I look forward to having these new features. However, I think the Emacs trunk isn't the place to test them, at least at the moment. -- Romain Francoise <romain@orebokech.com> | The sea! the sea! the open it's a miracle -- http://orebokech.com/ | sea! The blue, the fresh, the | ever free! --Bryan W. Procter ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: gpg-agent support removed?! 2006-04-08 11:30 ` Romain Francoise @ 2006-04-08 11:58 ` Daiki Ueno 2006-04-10 18:04 ` PGG maintainance (was: gpg-agent support removed?!) Reiner Steib 0 siblings, 1 reply; 156+ messages in thread From: Daiki Ueno @ 2006-04-08 11:58 UTC (permalink / raw) Cc: rms, emacs-devel >>>>> In <87r7482tjt.fsf@pacem.orebokech.com> >>>>> Romain Francoise <romain@orebokech.com> wrote: > > On the other hand, I have many enhancement plans of PGG based on the > > new code such as keysigning features, string-based interface, etc. > However, I think the Emacs trunk isn't the place to test them, at least > at the moment. Yes, I know. However, I'm beginning to think that Gnus CVS is also not the right place to do this because PGG is now used by programs other than Gnus and I have no CVS write access to Gnus CVS. Even for a tiny fix I have to explain the reason and wait for Simon to commit. Regards, -- Daiki Ueno ^ permalink raw reply [flat|nested] 156+ messages in thread
* PGG maintainance (was: gpg-agent support removed?!) 2006-04-08 11:58 ` Daiki Ueno @ 2006-04-10 18:04 ` Reiner Steib 0 siblings, 0 replies; 156+ messages in thread From: Reiner Steib @ 2006-04-10 18:04 UTC (permalink / raw) Cc: Simon Josefsson, ding, emacs-devel On Sat, Apr 08 2006, Daiki Ueno wrote: >>>>>> In <87r7482tjt.fsf@pacem.orebokech.com> >>>>>> Romain Francoise <romain@orebokech.com> wrote: >> However, I think the Emacs trunk isn't the place to test them, at least >> at the moment. > > Yes, I know. However, I'm beginning to think that Gnus CVS is also not > the right place to do this because PGG is now used by programs other > than Gnus and I have no CVS write access to Gnus CVS. Even for a tiny > fix I have to explain the reason and wait for Simon to commit. If you'd like to maintain pgg*.el in Gnus' repository, you could ask Lars for write access. Bye, Reiner. -- ,,, (o o) ---ooO-(_)-Ooo--- | PGP key available | http://rsteib.home.pages.de/ ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: gpg-agent support removed?! 2006-04-08 10:11 ` Daiki Ueno 2006-04-08 11:30 ` Romain Francoise @ 2006-04-10 22:40 ` Ken Manheimer 1 sibling, 0 replies; 156+ messages in thread From: Ken Manheimer @ 2006-04-10 22:40 UTC (permalink / raw) Cc: rms, Reiner Steib, wilde, Romain Francoise, emacs-devel, jas daiki, i still have some problems with your patch, and the changes you're suggesting for allout, and i think you've oversimplified the problems allout has having with your patches. details interspersed with the cited text. On 4/8/06, Daiki Ueno <ueno@unixuser.org> wrote: > >>>>> In <873bgo4d0e.fsf@pacem.orebokech.com> > >>>>> Romain Francoise <romain@orebokech.com> wrote: > > Richard Stallman <rms@gnu.org> writes: > > > > Romain, would you please explain to me why you removed the code in > > > Emacs CVS? > > > To keep it level with the same code in Gnus, which we planned to include > > in a new Gnus stable release this week-end. > > > > Why not install Daiki's fixes instead? > > > Because they weren't available at the time, > > As I said yesterday, the current version is at > http://www.unixuser.org/~ueno/pgg-20060407.tar.gz > This code should be fairly stable. > > > and because we had agreed to test this new code in the Gnus trunk. > > I agreeded to revert the code from v5-10 branch of Gnus because the > release of Gnus v5.10.8 is so imminent. However, I didn't think the > release of Emacs is as well. > > > Anyway, Reiner has now changed it again in Gnus and Emacs to a later > > version that satisfies everyone, I think (revision 1.8 vs. 1.4). > > No, I wasn't satisfied with your decision at all. Though allout.el > appearantly has a bug, i.e. allout.el uses PGG in a bad way, it works as you characterized it that way because allout uses some internal pgg functions. that was not complete, nor did your suggested remedy solve that problem, though it would allow the removal of those functions from pgg-gpg. first, your initial patch crippled allout's passphrase provisions because the pgg-gpg functions which took an optional passphrase argument were not respecting it. i mentioned that, and you seem to have fixed it - that problem no longer exists with your more recent patch. that's very important to allout's encryption operations, and i'm glad it's resolved - thanks! second, you suggest fixing some of the cases where allout uses internal functions by having allout implement its own version of those functions, allowing you to eliminate the versions of those functions in pgg-gpg. that mostly works, but it amounts to allout's versions of those functions depending on internal data structures in pgg-gpg, leading to a yet more brittle situation than depending on internal functions. i think a better fix would be to provide the functionality, or some equivalent, at the generic pgg level. i did not do so because i had limited time and no access to the other backends, in order to establish that the functionality would be available with them. it also so happens that there is at least one other function from pgg-gpg which allout depends on and which is missing from your revised pgg-gpg: `pgg-gpg-lookup-all-secret-keys'. this one calls out to pgg, and so does not even remotely belong in allout. perhaps it was renamed or the functionality is available in another way, and i'm not opposed to tracking that, but i cannot do so immediately, and would need time and justification to do so. > expected by Ken (the author of allout.el), so it won't be fixed. On the now i'm confused. what gave you the idea that it won't be fixed? i never said i wouldn't consider what you suggested, and in fact have been planning to do so but haven't had the time until now. i think the approach is flawed, for the reason i mentioned above, but you may be able to convince me otherwise - i'm willing to talk about it. > other hand, I have many enhancement plans of PGG based on the new code > such as keysigning features, string-based interface, etc. I think it > should be tested not only by the Gnus people but also by Emacs people. i think pgg could stand some attention, and am glad you're willing to do so. the thing is, taking it may require some consolidation before extending it - it has grown a bit unordered, and probably needs some attention to rationalizing it against existing consumer's requirements, including those of allout. for now, i have a branch version of allout that does as you suggested and works partly against your pgg-20060407.tar.gz patch, except that key-pair encryption fails for lack of pgg-gpg-lookup-all-secret-keys, as mentioned above. i am going to be going away for a week, starting tomorrow evening, so i'm hoping that there will not be a migration to your new version until this is resolved. i ultimately would prefer that the problems be resolved in a better way, along the lines mentioned above, but am willing to go with a partial solution if some provision for its stability can be made. i do want to see pgg continue to ripen. -- ken manheimer ken.manheimer@gmail.com http://myriadicity.net ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: gpg-agent support removed?! 2006-04-08 9:45 ` Romain Francoise 2006-04-08 10:11 ` Daiki Ueno @ 2006-04-08 22:34 ` Richard Stallman 1 sibling, 0 replies; 156+ messages in thread From: Richard Stallman @ 2006-04-08 22:34 UTC (permalink / raw) Cc: wilde, jas, ueno, Reiner.Steib, emacs-devel Anyway, Reiner has now changed it again in Gnus and Emacs to a later version that satisfies everyone, I think (revision 1.8 vs. 1.4). Ok, thanks. ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg-gpg broken? 2006-04-05 9:13 ` pgg-gpg broken? Sascha Wilde 2006-04-05 9:42 ` Daiki Ueno @ 2006-04-05 16:14 ` Reiner Steib 2006-04-05 19:22 ` Sascha Wilde 1 sibling, 1 reply; 156+ messages in thread From: Reiner Steib @ 2006-04-05 16:14 UTC (permalink / raw) Cc: Daiki Ueno, emacs-devel, ding, Simon Josefsson On Wed, Apr 05 2006, Sascha Wilde wrote: > I just needed to decrypt an old Mail using Gnus/pgg (which i decrypted > successfully many times before), but it failed. [...] > Signing mails works (including querying the passphrase). > > Might this be related to the latest changes by Daiki? Could you test with `pgg-gpg.el' revision 1.4 from Emacs CVS or revision 7.11 from Gnus CVS, please? Bye, Reiner. -- ,,, (o o) ---ooO-(_)-Ooo--- | PGP key available | http://rsteib.home.pages.de/ ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg-gpg broken? 2006-04-05 16:14 ` pgg-gpg broken? Reiner Steib @ 2006-04-05 19:22 ` Sascha Wilde 0 siblings, 0 replies; 156+ messages in thread From: Sascha Wilde @ 2006-04-05 19:22 UTC (permalink / raw) Cc: emacs-devel, ding, Simon Josefsson Reiner Steib <reinersteib+gmane@imap.cc> wrote: > On Wed, Apr 05 2006, Sascha Wilde wrote: > >> I just needed to decrypt an old Mail using Gnus/pgg (which i decrypted >> successfully many times before), but it failed. > [...] >> Signing mails works (including querying the passphrase). >> >> Might this be related to the latest changes by Daiki? > > Could you test with `pgg-gpg.el' revision 1.4 from Emacs CVS or > revision 7.11 from Gnus CVS, please? I fetched 1.4 from Emacs CVS and it works perfectly well with the mail in question. Same holds true for 1.8 from Emacs CVS, which includes my original version of gpg-agent support, but it stops working with 1.9 -- so it seems the problem lies withing Daiki's new code... Some more revelations regarding the problem: It is somewhat more specific: while I can't decrypt the old mail with the current pgg-gpg code, I actually can decrypt an fresh test Mail, which I just send to myself for testing. This matches my observations about the different versions. I have no idea whats so special about this one mail (it's encrypted for more than one key, but this is no problem in other cases...). cheers sascha -- Sascha Wilde : xedit? Das sieht zwar wie vi aus als könne es nix, aber im : Gegensatz zu vi kann es wirklich nix und nix ist noch geschönt! : (Michael Core in dafc) ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: Small patch to enable use of gpg-agent with pgg 2006-03-22 8:36 ` Sascha Wilde 2006-03-22 9:16 ` Daiki Ueno @ 2006-03-22 9:46 ` Simon Josefsson 2006-03-22 16:13 ` Simon Josefsson 2 siblings, 0 replies; 156+ messages in thread From: Simon Josefsson @ 2006-03-22 9:46 UTC (permalink / raw) Cc: Daiki Ueno (pgg author), ding, emacs-devel Sascha Wilde <wilde@sha-bang.de> writes: > Simon Josefsson <jas@extundo.com> wrote: > > Hi Simon, > > first of all, fore some reasons you got lost from the list of CC's so > you missed some important messages in this thread, including a more > elaborated version of my patch... Hi Sascha. Oops! >> 1) Non-agent mode didn't work at all (the args list contained 'nil' so >> invoking gpg failed with a lisp error). > > Yes. This was fixed in my second patch. (and in the attached, of cause) > >> 2) After fixing the above, the patch made the passphrase be 't', which >> broke the passphrase cache, causing a lisp error. > > Thanks, I used your strategy to fix this issue in my new patch (which > I attached). Your patch look good, although Daiki's idea of querying for the passphrase only when it is needed seem better. I don't have time to implement that though. If you or Daiki have time, I'd prefer that solution, but if there isn't a patch to commit within a few days, I'll install your patch so we don't get stuck. What do you think? >> How about this patch instead? It works for me. I've also improved >> the pgg-use-agent default value. > > This is very error prone. As I wrote before on emacs-devel: there are > certain situations in which using the agent will fail -- even if it is > available: for example: on an text console running the standard > pin-entry program (which uses curses) from within emacs won't work. > That's why I think this option should be explicitly enabled by the user. > > Another problem is, that checking for $GPG_AGENT_INFO is not > sufficient, the environment variable will stay set, even is the agent > was killed. Ah, I see. > Could you please consider committing the attached patch, which > reverses the default of pgg-gpg-use-agent to nil, and adds an check if > the agent is _really_ available, when pgg-gpg-use-agent is set to t? > > (The patch is against the latest CVS, including your patch that is) Seems fine, although I'll wait a day or so until I see if we can get Daiki's idea implemented. Thanks! ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: Small patch to enable use of gpg-agent with pgg 2006-03-22 8:36 ` Sascha Wilde 2006-03-22 9:16 ` Daiki Ueno 2006-03-22 9:46 ` Small patch to enable use of gpg-agent with pgg Simon Josefsson @ 2006-03-22 16:13 ` Simon Josefsson 2006-03-22 23:01 ` Katsumi Yamaoka 2 siblings, 1 reply; 156+ messages in thread From: Simon Josefsson @ 2006-03-22 16:13 UTC (permalink / raw) Cc: emacs-devel, Daiki Ueno (pgg author), ding Sascha Wilde <wilde@sha-bang.de> writes: > Could you please consider committing the attached patch, which > reverses the default of pgg-gpg-use-agent to nil, and adds an check if > the agent is _really_ available, when pgg-gpg-use-agent is set to t? > > (The patch is against the latest CVS, including your patch that is) Given the pending 5.10.x release, I installed it. Installing Daiki's work would come later, and would slightly improve the user experience here (i.e., not having to set pgg-gpg-use-agent manually). ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: Small patch to enable use of gpg-agent with pgg 2006-03-22 16:13 ` Simon Josefsson @ 2006-03-22 23:01 ` Katsumi Yamaoka 2006-03-22 23:45 ` Simon Josefsson 0 siblings, 1 reply; 156+ messages in thread From: Katsumi Yamaoka @ 2006-03-22 23:01 UTC (permalink / raw) Cc: Sascha Wilde, Daiki Ueno (pgg author), ding, emacs-devel >>>>> In <87zmjicv9d.fsf@latte.josefsson.org> Simon Josefsson wrote: > Given the pending 5.10.x release, I installed it. Emacs 20, 21 and XEmacs complain to use of make-network-process which isn't available. To solve the problem, we may want to introduce it as dns.el does. ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: Small patch to enable use of gpg-agent with pgg 2006-03-22 23:01 ` Katsumi Yamaoka @ 2006-03-22 23:45 ` Simon Josefsson 2006-03-23 0:58 ` Katsumi Yamaoka 0 siblings, 1 reply; 156+ messages in thread From: Simon Josefsson @ 2006-03-22 23:45 UTC (permalink / raw) Cc: Sascha Wilde, Daiki Ueno (pgg author), ding, emacs-devel Katsumi Yamaoka <yamaoka@jpl.org> writes: >>>>>> In <87zmjicv9d.fsf@latte.josefsson.org> Simon Josefsson wrote: > >> Given the pending 5.10.x release, I installed it. > > Emacs 20, 21 and XEmacs complain to use of make-network-process > which isn't available. To solve the problem, we may want to > introduce it as dns.el does. Do those emacsen support socket processes? If not, maybe we should remove pgg-gpg-update-agent. ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: Small patch to enable use of gpg-agent with pgg 2006-03-22 23:45 ` Simon Josefsson @ 2006-03-23 0:58 ` Katsumi Yamaoka 2006-03-23 9:12 ` Simon Josefsson 0 siblings, 1 reply; 156+ messages in thread From: Katsumi Yamaoka @ 2006-03-23 0:58 UTC (permalink / raw) Cc: Sascha Wilde, emacs-devel, Daiki Ueno (pgg author), ding >>>>> In <87irq6yrfo.fsf@latte.josefsson.org> Simon Josefsson wrote: > Katsumi Yamaoka <yamaoka@jpl.org> writes: >> Emacs 20, 21 and XEmacs complain to use of make-network-process >> which isn't available. To solve the problem, we may want to >> introduce it as dns.el does. > Do those emacsen support socket processes? If not, maybe we should > remove pgg-gpg-update-agent. Oops. ISHIKAWA Mutsumi wrote (in Japanese) in http://lists.debian.or.jp/debian-devel/200502/msg00007.html that Emacs 21 doesn't support the communication passing the UNIX domain socket. If we need to use it at all costs, we will have to use an external program which communicates with the agent process by way of the socket. ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: Small patch to enable use of gpg-agent with pgg 2006-03-23 0:58 ` Katsumi Yamaoka @ 2006-03-23 9:12 ` Simon Josefsson 2006-03-23 10:26 ` Sascha Wilde 0 siblings, 1 reply; 156+ messages in thread From: Simon Josefsson @ 2006-03-23 9:12 UTC (permalink / raw) Cc: Sascha Wilde, Daiki Ueno (pgg author), ding, emacs-devel Katsumi Yamaoka <yamaoka@jpl.org> writes: >>>>>> In <87irq6yrfo.fsf@latte.josefsson.org> Simon Josefsson wrote: > >> Katsumi Yamaoka <yamaoka@jpl.org> writes: > >>> Emacs 20, 21 and XEmacs complain to use of make-network-process >>> which isn't available. To solve the problem, we may want to >>> introduce it as dns.el does. > >> Do those emacsen support socket processes? If not, maybe we should >> remove pgg-gpg-update-agent. > > Oops. ISHIKAWA Mutsumi wrote (in Japanese) in > > http://lists.debian.or.jp/debian-devel/200502/msg00007.html > > that Emacs 21 doesn't support the communication passing the UNIX > domain socket. If we need to use it at all costs, we will have > to use an external program which communicates with the agent > process by way of the socket. I think it is too complicated. It is simpler to remove the function. Sascha, what do you think? People who enable pgg-gpg-use-agent manually might be expected to make sure the agent really is running. ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: Small patch to enable use of gpg-agent with pgg 2006-03-23 9:12 ` Simon Josefsson @ 2006-03-23 10:26 ` Sascha Wilde 2006-03-23 10:54 ` Simon Josefsson 0 siblings, 1 reply; 156+ messages in thread From: Sascha Wilde @ 2006-03-23 10:26 UTC (permalink / raw) Cc: Katsumi Yamaoka, emacs-devel, Daiki Ueno (pgg author), ding Simon Josefsson <jas@extundo.com> wrote: > Katsumi Yamaoka <yamaoka@jpl.org> writes: > >>>>>>> In <87irq6yrfo.fsf@latte.josefsson.org> Simon Josefsson wrote: >> >>> Katsumi Yamaoka <yamaoka@jpl.org> writes: >> >>>> Emacs 20, 21 and XEmacs complain to use of make-network-process >>>> which isn't available. To solve the problem, we may want to >>>> introduce it as dns.el does. >> >>> Do those emacsen support socket processes? If not, maybe we should >>> remove pgg-gpg-update-agent. >> >> Oops. ISHIKAWA Mutsumi wrote (in Japanese) in >> >> http://lists.debian.or.jp/debian-devel/200502/msg00007.html >> >> that Emacs 21 doesn't support the communication passing the UNIX >> domain socket. If we need to use it at all costs, we will have >> to use an external program which communicates with the agent >> process by way of the socket. > > I think it is too complicated. It is simpler to remove the function. > Sascha, what do you think? People who enable pgg-gpg-use-agent > manually might be expected to make sure the agent really is running. I would like to see pgg do the right think when ever it can -- could we keep it for emacs 22 and just not use it if its not available? How about testing for the emacs version, or availability of make-network-process? I'll purpose a more compatible patch later -- but I don't have the time right now, sorry. cheers sascha -- Sascha Wilde A conclusion is simply the place where someone got tired of thinking. ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: Small patch to enable use of gpg-agent with pgg 2006-03-23 10:26 ` Sascha Wilde @ 2006-03-23 10:54 ` Simon Josefsson 2006-03-23 11:12 ` Simon Josefsson 0 siblings, 1 reply; 156+ messages in thread From: Simon Josefsson @ 2006-03-23 10:54 UTC (permalink / raw) Cc: Katsumi Yamaoka, Daiki Ueno (pgg author), ding, emacs-devel Sascha Wilde <wilde@sha-bang.de> writes: > Simon Josefsson <jas@extundo.com> wrote: > >> Katsumi Yamaoka <yamaoka@jpl.org> writes: >> >>>>>>>> In <87irq6yrfo.fsf@latte.josefsson.org> Simon Josefsson wrote: >>> >>>> Katsumi Yamaoka <yamaoka@jpl.org> writes: >>> >>>>> Emacs 20, 21 and XEmacs complain to use of make-network-process >>>>> which isn't available. To solve the problem, we may want to >>>>> introduce it as dns.el does. >>> >>>> Do those emacsen support socket processes? If not, maybe we should >>>> remove pgg-gpg-update-agent. >>> >>> Oops. ISHIKAWA Mutsumi wrote (in Japanese) in >>> >>> http://lists.debian.or.jp/debian-devel/200502/msg00007.html >>> >>> that Emacs 21 doesn't support the communication passing the UNIX >>> domain socket. If we need to use it at all costs, we will have >>> to use an external program which communicates with the agent >>> process by way of the socket. >> >> I think it is too complicated. It is simpler to remove the function. >> Sascha, what do you think? People who enable pgg-gpg-use-agent >> manually might be expected to make sure the agent really is running. > > I would like to see pgg do the right think when ever it can -- could > we keep it for emacs 22 and just not use it if its not available? > > How about testing for the emacs version, or availability of > make-network-process? > > I'll purpose a more compatible patch later -- but I don't have the > time right now, sorry. Given that this function probably won't be used at all if Daiki's idea is implemented, I think we should remove the function for now. Daiki's approach (if I understand it correctly) of not second-guessing what parameters gpg will need is more reliable than this approach, even if this approach would work fine on all emacsen. ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: Small patch to enable use of gpg-agent with pgg 2006-03-23 10:54 ` Simon Josefsson @ 2006-03-23 11:12 ` Simon Josefsson 2006-03-23 11:16 ` Simon Josefsson ` (2 more replies) 0 siblings, 3 replies; 156+ messages in thread From: Simon Josefsson @ 2006-03-23 11:12 UTC (permalink / raw) Cc: Sascha Wilde, Katsumi Yamaoka, Daiki Ueno (pgg author), ding, emacs-devel Reinar, I think pgg is ready for v5-10 now. I am sorry for all these rapid changes. Simon Josefsson <jas@extundo.com> writes: >>> I think it is too complicated. It is simpler to remove the function. >>> Sascha, what do you think? People who enable pgg-gpg-use-agent >>> manually might be expected to make sure the agent really is running. >> >> I would like to see pgg do the right think when ever it can -- could >> we keep it for emacs 22 and just not use it if its not available? >> >> How about testing for the emacs version, or availability of >> make-network-process? >> >> I'll purpose a more compatible patch later -- but I don't have the >> time right now, sorry. > > Given that this function probably won't be used at all if Daiki's idea > is implemented, I think we should remove the function for now. > Daiki's approach (if I understand it correctly) of not second-guessing > what parameters gpg will need is more reliable than this approach, > even if this approach would work fine on all emacsen. I removed the function. The end result is this: 1) People who don't use the agent don't have to do anything, this is as before. 2) People who use the agent must enable pgg-gpg-use-agent manually. This is better than before, because the agent didn't work at all with pgg then. 3) People who use the agent must make sure the agent is still running (or disable the variable temporarily, or re-start the agent and fixing the environment variable using M-x setenv). If/when Daiki's idea (as I understand it) is implemented, the end result will be: *) Pgg will invoke gpg and then figure out whether a passphrase is needed and only at that point query for it. This will work regardless of whether the agent is used, whether a passphrase is required or not, or whether a pin code is required. The user doesn't have to fiddle with any variable. /Simon ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: Small patch to enable use of gpg-agent with pgg 2006-03-23 11:12 ` Simon Josefsson @ 2006-03-23 11:16 ` Simon Josefsson 2006-03-23 12:51 ` Reiner Steib 2006-03-23 12:00 ` Sascha Wilde [not found] ` <m2wtels74l.fsf@kenny.sha-bang .de> 2 siblings, 1 reply; 156+ messages in thread From: Simon Josefsson @ 2006-03-23 11:16 UTC (permalink / raw) Cc: Katsumi Yamaoka, Daiki Ueno (pgg author), Reiner Steib, ding, emacs-devel Simon Josefsson <jas@extundo.com> writes: > I removed the function. The end result is this: To clarify: I removed it in v5-10 only. For Emacs CVS, Sascha's patch work fine so it can stay (although perhaps should be removed there too, to simplify syncing?). For Gnus CVS trunk, I don't know whether it works or not (does it work on the XEmacs version Gnus CVS require?). ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: Small patch to enable use of gpg-agent with pgg 2006-03-23 11:16 ` Simon Josefsson @ 2006-03-23 12:51 ` Reiner Steib 2006-03-23 13:07 ` Sascha Wilde 0 siblings, 1 reply; 156+ messages in thread From: Reiner Steib @ 2006-03-23 12:51 UTC (permalink / raw) Cc: Sascha Wilde, Daiki Ueno (pgg author), ding, emacs-devel, Katsumi Yamaoka, Miles Bader On Thu, Mar 23 2006, Simon Josefsson wrote: > To clarify: I removed it in v5-10 only. For Emacs CVS, Sascha's patch > work fine so it can stay (although perhaps should be removed there > too, to simplify syncing?). It would be very much preferable to have the same code at least in Emacs CVS and Gnus v5-10 branch. (-> Cc-ing Miles.) > For Gnus CVS trunk, I don't know whether it works or not (does it > work on the XEmacs version Gnus CVS require?). Given that Emacs 21 and XEmacs also complain (see Katsumi's message <news:b4m3bha6kon.fsf@jpl.org>), we also need a fix for the Gnus trunk. Couldn't we let `pgg-gpg-update-agent' simply return `t' if `make-network-process' isn't available? (Or check for `make-network-process' directly in `pgg-gpg-use-agent-p'?) (defun pgg-gpg-update-agent () "Try to connet to gpg-agent and send UPDATESTARTUPTTY." (if (fboundp 'make-network-process) (let* ((agent-info (getenv "GPG_AGENT_INFO")) (socket (and agent-info (string-match "^\\([^:]*\\)" agent-info) (match-string 1 agent-info))) (conn (and socket (make-network-process :name "gpg-agent-process" :host 'local :family 'local :service socket)))) (when (and conn (eq (process-status conn) 'open)) (process-send-string conn "UPDATESTARTUPTTY\n") (delete-process conn) t)) ;; We can't check, so assume gpg-agent is up. t)) Bye, Reiner. -- ,,, (o o) ---ooO-(_)-Ooo--- | PGP key available | http://rsteib.home.pages.de/ ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: Small patch to enable use of gpg-agent with pgg 2006-03-23 12:51 ` Reiner Steib @ 2006-03-23 13:07 ` Sascha Wilde 2006-03-23 13:10 ` Simon Josefsson 0 siblings, 1 reply; 156+ messages in thread From: Sascha Wilde @ 2006-03-23 13:07 UTC (permalink / raw) Cc: Daiki Ueno (pgg author), ding, emacs-devel, Katsumi Yamaoka, Simon Josefsson, Miles Bader Reiner Steib <reinersteib+gmane@imap.cc> wrote: > Couldn't we let `pgg-gpg-update-agent' simply return `t' if > `make-network-process' isn't available? (Or check for > `make-network-process' directly in `pgg-gpg-use-agent-p'?) That's what I had in mind, so I like it... ;-) cheers sascha -- Sascha Wilde To become a Jedi, use Emacs you have to. ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: Small patch to enable use of gpg-agent with pgg 2006-03-23 13:07 ` Sascha Wilde @ 2006-03-23 13:10 ` Simon Josefsson 0 siblings, 0 replies; 156+ messages in thread From: Simon Josefsson @ 2006-03-23 13:10 UTC (permalink / raw) Cc: Reiner Steib, Katsumi Yamaoka, Daiki Ueno (pgg author), ding, emacs-devel, Miles Bader Sascha Wilde <wilde@sha-bang.de> writes: > Reiner Steib <reinersteib+gmane@imap.cc> wrote: > >> Couldn't we let `pgg-gpg-update-agent' simply return `t' if >> `make-network-process' isn't available? (Or check for >> `make-network-process' directly in `pgg-gpg-use-agent-p'?) > > That's what I had in mind, so I like it... ;-) Yes, this sounds like a good idea, and then we can have all code in sync again (except the password.el stuff of course...). I'll install this modification now. ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: Small patch to enable use of gpg-agent with pgg 2006-03-23 11:12 ` Simon Josefsson 2006-03-23 11:16 ` Simon Josefsson @ 2006-03-23 12:00 ` Sascha Wilde 2006-03-23 13:00 ` Simon Josefsson [not found] ` <m2wtels74l.fsf@kenny.sha-bang .de> 2 siblings, 1 reply; 156+ messages in thread From: Sascha Wilde @ 2006-03-23 12:00 UTC (permalink / raw) Cc: Katsumi Yamaoka, Daiki Ueno (pgg author), emacs-devel, ding, Reiner Steib Simon Josefsson <jas@extundo.com> wrote: [pgg-gpg-update-agent won't work on pre 22 emacsen] >> Given that this function probably won't be used at all if Daiki's idea >> is implemented, I think we should remove the function for now. >> Daiki's approach (if I understand it correctly) of not second-guessing >> what parameters gpg will need is more reliable than this approach, >> even if this approach would work fine on all emacsen. > > I removed the function. The end result is this: > > 1) People who don't use the agent don't have to do anything, this is > as before. > > 2) People who use the agent must enable pgg-gpg-use-agent manually. > This is better than before, because the agent didn't work at all > with pgg then. > > 3) People who use the agent must make sure the agent is still running > (or disable the variable temporarily, or re-start the agent and > fixing the environment variable using M-x setenv). Could you please leave it in the GNU Emacs CVS, where it actually works as intended? > If/when Daiki's idea (as I understand it) is implemented, the end > result will be: > > *) Pgg will invoke gpg and then figure out whether a passphrase is > needed and only at that point query for it. This will work > regardless of whether the agent is used, whether a passphrase is > required or not, or whether a pin code is required. The user > doesn't have to fiddle with any variable. I don't think so. While I'm sure, that Daiki's idea -- once it works -- will handle certain situations better than mine, there will still be the need for an variable enabling the user to turn of any use of the agent. Here is an example[0] from my own experience: - A user logs in on machine 'A' and starts the gpg-agent. - He leaves the machine, but stays logged in... - Now he uses machine 'B' to log in on machine 'A': the environment is setup to use the already running gpg-agent (automatically, in an login script) - He starts Emacs/Gnus and tries to sign, decrypt whatever... - The agent runs and is working, everything seems fine, but the user isn't queried for the passphrase ... what happened? - The User _is_ actually queried, but the pinentry program is started on the X11 Display or tty of machine 'A'. I think this is a design problem of the gpg-agent. And yes, there are several ways to circumvent this problem, but I think it would be very convenient, if I could tell pgg to just ignore any agent and ask for the passphrase. Even gpg itself doesn't use an available agent automatically, but only when it's asked to (by setting --use-agent) and I think this is a good decision. cheers sascha [0] actually, the simple example of emacs running an a text console which I used before, was totally wrong -- it works just fine as I tested a few minutes ago... :-) -- Sascha Wilde Wer HTML postet oder gepostetes HTML quotet oder sich gepostetes oder gequotetes HTML beschafft, um es in Verkehr zu bringen, wird geplonkt. ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: Small patch to enable use of gpg-agent with pgg 2006-03-23 12:00 ` Sascha Wilde @ 2006-03-23 13:00 ` Simon Josefsson 2006-03-26 18:11 ` Sascha Wilde 0 siblings, 1 reply; 156+ messages in thread From: Simon Josefsson @ 2006-03-23 13:00 UTC (permalink / raw) Cc: Reiner Steib, Katsumi Yamaoka, Daiki Ueno (pgg author), ding, emacs-devel Sascha Wilde <wilde@sha-bang.de> writes: > Could you please leave it in the GNU Emacs CVS, where it actually > works as intended? Yep, done. It complicate syncing a bit, though. >> If/when Daiki's idea (as I understand it) is implemented, the end >> result will be: >> >> *) Pgg will invoke gpg and then figure out whether a passphrase is >> needed and only at that point query for it. This will work >> regardless of whether the agent is used, whether a passphrase is >> required or not, or whether a pin code is required. The user >> doesn't have to fiddle with any variable. > > I don't think so. While I'm sure, that Daiki's idea -- once it > works -- will handle certain situations better than mine, there will > still be the need for an variable enabling the user to turn of any use > of the agent. > > Here is an example[0] from my own experience: > > - A user logs in on machine 'A' and starts the gpg-agent. > - He leaves the machine, but stays logged in... > - Now he uses machine 'B' to log in on machine 'A': > the environment is setup to use the already running gpg-agent > (automatically, in an login script) > - He starts Emacs/Gnus and tries to sign, decrypt whatever... > - The agent runs and is working, everything seems fine, but the user > isn't queried for the passphrase ... what happened? > - The User _is_ actually queried, but the pinentry program is started > on the X11 Display or tty of machine 'A'. > > I think this is a design problem of the gpg-agent. And yes, there are > several ways to circumvent this problem, but I think it would be very > convenient, if I could tell pgg to just ignore any agent and ask for > the passphrase. This example seems strange. How would the user's second session get the GPG_AGENT_INFO environment variable that points to the gpg-agent running in the user's first session? Without that, I don't think it will work as you describe. I think the user should start another gpg-agent for his new session. I'm not sure I see any disadvantage (except code complexity) with Daiki's approach. Maybe you can expand on the above, or think of more problems, and we can see whether maybe we should use some other approach. Perhaps move that discussion to the ding list only. Daiki's approach is also arguable more correct if you don't have a passphrase at all. The Gnus query for a passphrase would be quite confusing in that case. > Even gpg itself doesn't use an available agent automatically, but only > when it's asked to (by setting --use-agent) and I think this is a good > decision. I have 'use-agent' in my gpg.conf. If the agent isn't available, gpg will fall back to querying to user interactively. That seem to give the best user experience for gpg, so I think we should support it. Further, if you use a smartcard (like an OpenPGP card), it seems you _must_ use the agent for things to work at all. (I can't get gpg to sign anything using my smartcard if I disable the agent.) ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: Small patch to enable use of gpg-agent with pgg 2006-03-23 13:00 ` Simon Josefsson @ 2006-03-26 18:11 ` Sascha Wilde 0 siblings, 0 replies; 156+ messages in thread From: Sascha Wilde @ 2006-03-26 18:11 UTC (permalink / raw) Cc: Katsumi Yamaoka, Daiki Ueno (pgg author), Reiner Steib, ding, emacs-devel Simon Josefsson <jas@extundo.com> wrote: > Sascha Wilde <wilde@sha-bang.de> writes: >> Here is an example[0] from my own experience: >> >> - A user logs in on machine 'A' and starts the gpg-agent. >> - He leaves the machine, but stays logged in... >> - Now he uses machine 'B' to log in on machine 'A': >> the environment is setup to use the already running gpg-agent >> (automatically, in an login script) >> - He starts Emacs/Gnus and tries to sign, decrypt whatever... >> - The agent runs and is working, everything seems fine, but the user >> isn't queried for the passphrase ... what happened? >> - The User _is_ actually queried, but the pinentry program is started >> on the X11 Display or tty of machine 'A'. >> >> I think this is a design problem of the gpg-agent. And yes, there are >> several ways to circumvent this problem, but I think it would be very >> convenient, if I could tell pgg to just ignore any agent and ask for >> the passphrase. > > This example seems strange. How would the user's second session get > the GPG_AGENT_INFO environment variable that points to the gpg-agent > running in the user's first session? Without that, I don't think it > will work as you describe. You are right, but that is the way things work, when you follow the official gpg-agent documentation: | [...] If you don't use an X server, you can also put this into your | regular startup file `~/.profile' or `.bash_profile'. It is best | not to run multiple instance of the `gpg-agent', so you should make | sure that only one is running: `gpg-agent' uses an environment | variable to inform clients about the communication parameters. You | can write the content of this environment variable to a file so that | you can test for a running agent. [...] > I'm not sure I see any disadvantage (except code complexity) with > Daiki's approach. Having a second thought on the subject I agree. The problem exists (even in simpler use cases: when you login on the text console and start an X server from there, the pinentry will always appear on the console) but it is only related to gpg-agent design and the documented use pattern -- so the place where this problems should be discussed and solved is gnupg development. I'll write the gnupg developers on this subject. cheers sascha -- Sascha Wilde - no sig today... sorry! ^ permalink raw reply [flat|nested] 156+ messages in thread
[parent not found: <m2wtels74l.fsf@kenny.sha-bang .de>]
* Re: Small patch to enable use of gpg-agent with pgg [not found] ` <m2wtels74l.fsf@kenny.sha-bang .de> @ 2006-03-23 23:09 ` Miles Bader 2006-04-02 0:30 ` Ken Manheimer 0 siblings, 1 reply; 156+ messages in thread From: Miles Bader @ 2006-03-23 23:09 UTC (permalink / raw) Cc: emacs-devel Sascha Wilde <wilde@sha-bang.de> writes: > Even gpg itself doesn't use an available agent automatically, but only > when it's asked to (by setting --use-agent) and I think this is a good > decision. You can enable it globally with the "use-agent" option in the ~/.gnupg/gpg.conf file -- and I expect many people do this, as it's just too huge a pain in the ass otherwise. -miles -- Any man who is a triangle, has thee right, when in Cartesian Space, to have angles, which when summed, come to know more, nor no less, than nine score degrees, should he so wish. [TEMPLE OV THEE LEMUR] ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: Small patch to enable use of gpg-agent with pgg 2006-03-23 23:09 ` Miles Bader @ 2006-04-02 0:30 ` Ken Manheimer 2006-04-02 8:28 ` Daiki Ueno 0 siblings, 1 reply; 156+ messages in thread From: Ken Manheimer @ 2006-04-02 0:30 UTC (permalink / raw) Cc: ding, emacs-devel hi, all. i'm just catching up on this development - partly spurred by breakage of some of my code (allout's encryption stuff) which depends on functions that have been removed from pgg-gpg, pgg-gpg-symmetric-key-p and pgg-gpg-select-matching-key. on looking at the pgg-gpg, i noticed that some other convenience functions on which i depend have been removed, as well: pgg-gpg-lookup-key-owner and pgg-gpg-key-id-from-key-owner, and i suppose others. unless replaced with something equivalent, i think that the removal of these functions means that application code can not anticipate the kind of key to request from the user. am i missing something here? the ChangeLog says nothing about these changes... -- ken manheimer ken.manheimer@gmail.com http://myriadicity.net ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: Small patch to enable use of gpg-agent with pgg 2006-04-02 0:30 ` Ken Manheimer @ 2006-04-02 8:28 ` Daiki Ueno 0 siblings, 0 replies; 156+ messages in thread From: Daiki Ueno @ 2006-04-02 8:28 UTC (permalink / raw) Cc: emacs-devel, ding, Miles Bader Hello Ken, >>>>> In <2cd46e7f0604011630r6388edackc4c7ef21b92ecaa7@mail.gmail.com> >>>>> "Ken Manheimer" <ken.manheimer@gmail.com> wrote: > hi, all. i'm just catching up on this development - partly spurred by > breakage of some of my code (allout's encryption stuff) which depends > on functions that have been removed from pgg-gpg, > pgg-gpg-symmetric-key-p and pgg-gpg-select-matching-key. I'm sorry I missed that. However, pgg-gpg is one of backend modules of pgg and it should not provide its own API. If we revive these functions, we should add them to pgg.el instead of pgg-gpg.el. I'll read allout's encryption stuff and try to prepare a fix. Regards, -- Daiki Ueno ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg symmetric encryption patch 2005-10-06 22:41 ` Ken Manheimer 2005-10-07 10:00 ` Sascha Wilde @ 2005-12-09 15:43 ` Simon Josefsson 2005-12-09 20:30 ` Stefan Monnier ` (2 more replies) 1 sibling, 3 replies; 156+ messages in thread From: Simon Josefsson @ 2005-12-09 15:43 UTC (permalink / raw) Cc: sascha schwab (symmetric encryption patches), Daiki Ueno (pgg author), emacs-devel Hi. I'm belatedly looking into your PGG patches. The reason is that the we want to synchronize them with Gnus CVS, because that is the origin of the files. If Gnus CVS is later synched with Emacs CVS, your patches would conflict, and it will be time consuming to sort out the mess. So I want the files to be in sync. Ken Manheimer <ken.manheimer@gmail.com> writes: > all of my experiments involve the current pgg code found in the > gnu.org lisp/gnus CVS. You may also check with the files in Gnus CVS. The Gnus 5.10.x branch is automatically synched to Emacs HEAD CVS, so it now has your patches, but Gnus CVS HEAD is developed concurrently, and fixes to PGG are installed there first. I try to keep Gnus CVS HEAD and Emacs CVS HEAD in sync. If you are contributing more patches, this may be useful to know. > 2. i also have some fundamental problems with the way unaltered pgg's > passphrase caching system is wired. i am not sure about my analysis, > and would love to be corrected, and filled in about how it actually does > work. (the passphrase cache routines could really use some informative > docstrings.) Right. Gnus CVS HEAD is using password.el for this purpose. I proposed earlier to make Emacs CVS HEAD also use it, but it was then considered too late before the Emacs release to make any feature additions, so I didn't install it. However, your changes are much larger than mine, and I believe if PGG used password, it would be much cleaner. So I'm proposing to add password.el to Emacs CVS HEAD now. This would clean up PGG and enable the general password infrastructure that Gnus CVS HEAD uses. I will now compare Emacs CVS HEAD pgg with Gnus CVS HEAD pgg to see which patches have been applied, and which should be synchronized in either direction. Thanks. ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg symmetric encryption patch 2005-12-09 15:43 ` pgg symmetric encryption patch Simon Josefsson @ 2005-12-09 20:30 ` Stefan Monnier 2005-12-09 20:31 ` Stefan Monnier 2005-12-10 4:13 ` Richard M. Stallman 2 siblings, 0 replies; 156+ messages in thread From: Stefan Monnier @ 2005-12-09 20:30 UTC (permalink / raw) Cc: sascha schwab (symmetric encryption patches), Daiki Ueno (pgg author), emacs-devel > You may also check with the files in Gnus CVS. The Gnus 5.10.x branch > is automatically synched to Emacs HEAD CVS, so it now has your > patches, but Gnus CVS HEAD is developed concurrently, and fixes to PGG Nitpick: you probably meant "CVS trunk" since every branch has a HEAD. Stefan ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg symmetric encryption patch 2005-12-09 15:43 ` pgg symmetric encryption patch Simon Josefsson 2005-12-09 20:30 ` Stefan Monnier @ 2005-12-09 20:31 ` Stefan Monnier 2005-12-10 4:13 ` Richard M. Stallman 2 siblings, 0 replies; 156+ messages in thread From: Stefan Monnier @ 2005-12-09 20:31 UTC (permalink / raw) Cc: sascha schwab (symmetric encryption patches), Daiki Ueno (pgg author), emacs-devel > So I'm proposing to add password.el to Emacs CVS HEAD now. This would > clean up PGG and enable the general password infrastructure that Gnus > CVS HEAD uses. Sounds like a good idea to me, Stefan ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg symmetric encryption patch 2005-12-09 15:43 ` pgg symmetric encryption patch Simon Josefsson 2005-12-09 20:30 ` Stefan Monnier 2005-12-09 20:31 ` Stefan Monnier @ 2005-12-10 4:13 ` Richard M. Stallman 2005-12-10 10:50 ` Simon Josefsson 2 siblings, 1 reply; 156+ messages in thread From: Richard M. Stallman @ 2005-12-10 4:13 UTC (permalink / raw) Cc: schwab, ken.manheimer, ueno, emacs-devel So I'm proposing to add password.el to Emacs CVS HEAD now. This would clean up PGG and enable the general password infrastructure that Gnus CVS HEAD uses. It is worrisome to make these large changes now, but in this case I think we are stuck with doing it, so as to make the other code work. ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg symmetric encryption patch 2005-12-10 4:13 ` Richard M. Stallman @ 2005-12-10 10:50 ` Simon Josefsson 2005-12-11 13:32 ` Sascha Wilde 0 siblings, 1 reply; 156+ messages in thread From: Simon Josefsson @ 2005-12-10 10:50 UTC (permalink / raw) Cc: schwab, ken.manheimer, ueno, emacs-devel "Richard M. Stallman" <rms@gnu.org> writes: > So I'm proposing to add password.el to Emacs CVS HEAD now. This would > clean up PGG and enable the general password infrastructure that Gnus > CVS HEAD uses. > > It is worrisome to make these large changes now, but in this case I > think we are stuck with doing it, so as to make the other code work. I will only do this if Ken and/or Sascha can test the resulting code for their application. Ken/Sascha, are you listening? Do you have time to test my patches now? I haven't written them yet, but will soon. ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg symmetric encryption patch 2005-12-10 10:50 ` Simon Josefsson @ 2005-12-11 13:32 ` Sascha Wilde 2005-12-11 13:42 ` Simon Josefsson 0 siblings, 1 reply; 156+ messages in thread From: Sascha Wilde @ 2005-12-11 13:32 UTC (permalink / raw) Cc: schwab, ken.manheimer, ueno, rms, emacs-devel Simon Josefsson <jas@extundo.com> wrote: > "Richard M. Stallman" <rms@gnu.org> writes: > >> So I'm proposing to add password.el to Emacs CVS HEAD now. This would >> clean up PGG and enable the general password infrastructure that Gnus >> CVS HEAD uses. >> >> It is worrisome to make these large changes now, but in this case I >> think we are stuck with doing it, so as to make the other code work. > > I will only do this if Ken and/or Sascha can test the resulting code > for their application. Ken/Sascha, are you listening? Do you have > time to test my patches now? I haven't written them yet, but will > soon. Yes, I'm listening and willing to test your patches. The main work and application however was done by ken, so he will have to test, if his latest allout-mode features still work with your patches... cheers sascha -- Sascha Wilde : "Der Nicht-Denkende glaubt, dass niemand denkt, : der Denkende weiss es!" : (Gabriel Laub) ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: pgg symmetric encryption patch 2005-12-11 13:32 ` Sascha Wilde @ 2005-12-11 13:42 ` Simon Josefsson 0 siblings, 0 replies; 156+ messages in thread From: Simon Josefsson @ 2005-12-11 13:42 UTC (permalink / raw) Cc: schwab, ken.manheimer, ueno, rms, emacs-devel Sascha Wilde <wilde@sha-bang.de> writes: > Simon Josefsson <jas@extundo.com> wrote: > >> "Richard M. Stallman" <rms@gnu.org> writes: >> >>> So I'm proposing to add password.el to Emacs CVS HEAD now. This would >>> clean up PGG and enable the general password infrastructure that Gnus >>> CVS HEAD uses. >>> >>> It is worrisome to make these large changes now, but in this case I >>> think we are stuck with doing it, so as to make the other code work. >> >> I will only do this if Ken and/or Sascha can test the resulting code >> for their application. Ken/Sascha, are you listening? Do you have >> time to test my patches now? I haven't written them yet, but will >> soon. > > Yes, I'm listening and willing to test your patches. The main work > and application however was done by ken, so he will have to test, if > his latest allout-mode features still work with your patches... I've been talking with Ken offline. I will try to propose a complete set of patches soon, the extensions he needed in password.el are implemented. ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: new version of allout.el - patch and ChangeLog 2005-10-01 16:28 ` Ken Manheimer 2005-10-02 10:48 ` Sascha Wilde @ 2005-10-02 17:08 ` Richard M. Stallman 1 sibling, 0 replies; 156+ messages in thread From: Richard M. Stallman @ 2005-10-02 17:08 UTC (permalink / raw) Cc: wilde, schwab, emacs-devel PGG is a good thing, but it doesn't replace Mailcrypt, not by itself, because its interface is designed for Lisp programs instead of for users. I think we should do two things: 1. Move PGG out of Gnus and into the rest of Emacs. 2. Write a user-level interface to PGG which can be used instead of Mailcrypt. #1 is simple and harmless; let's do that now. Would anyone like to do #2? We would install it after the coming release. ^ permalink raw reply [flat|nested] 156+ messages in thread
[parent not found: <E1ELj0L-0000Pn-3T@fencepost.gnu.org>]
* Re: new version of allout.el - patch and ChangeLog [not found] ` <E1ELj0L-0000Pn-3T@fencepost.gnu.org> @ 2005-10-01 22:33 ` Ken Manheimer 2005-10-20 13:57 ` Ken Manheimer 0 siblings, 1 reply; 156+ messages in thread From: Ken Manheimer @ 2005-10-01 22:33 UTC (permalink / raw) Cc: emacs-devel [-- Attachment #1: Type: text/plain, Size: 988 bytes --] On 10/1/05, Richard M. Stallman <rms@gnu.org> wrote: > Thanks very much for sending this update. Now is a good time to > install it. great! i'll be glad to see these improvements out there in the world... > Could you be so kind as to itemize the change log, describing which > functions/defuns have been changed, and how? We need that in order > to install the change. > > Also, we need to have an item for etc/NEWS. Would you please write one? i've attached new versions of the patch and ChangeLog, and an etc/NEWS snippet. please use the new version of the patch, rather than the one i sent yesterday. it includes an xemacs compatibility provision for a problem i hadn't noticed until after i sent the patch out yesterday. it also includes several small adjustments i noticed while doing the detailed enumeration of the functions that were changed. i'm cc'ing emacs-devel, figuring that's where the material will be used. ken ken.manheimer@gmail.com [-- Attachment #2: allout-patch.txt --] [-- Type: text/plain, Size: 113749 bytes --] --- allout.el.~1.61.~ 2005-08-06 18:13:41.000000000 -0400 +++ allout.el 2005-10-01 17:47:12.000000000 -0400 @@ -3,10 +3,11 @@ ;; Copyright (C) 1992, 1993, 1994, 2001, 2002, 2003, 2004, ;; 2005 Free Software Foundation, Inc. -;; Author: Ken Manheimer <klm@zope.com> -;; Maintainer: Ken Manheimer <klm@zope.com> +;; Author: Ken Manheimer <ken dot manheimer at gmail dot com> +;; Maintainer: Ken Manheimer <ken dot manheimer at gmail dot com> ;; Created: Dec 1991 - first release to usenet -;; Keywords: outlines mode wp languages +;; Version: $Id: allout.el,v 1.68 2005/09/30 19:48:25 klm Exp $|| +;; Keywords: outlines wp languages ;; This file is part of GNU Emacs. @@ -34,43 +35,68 @@ ;; programming languages. (For an example, see the allout code ;; itself, which is organized in ;; an outline framework.) ;; -;; In addition to outline navigation and exposure, allout includes: +;; Some features: ;; -;; - topic-oriented repositioning, cut, and paste -;; - integral outline exposure-layout -;; - incremental search with dynamic exposure and reconcealment of hidden text +;; - classic outline-mode topic-oriented navigation and exposure adjustment +;; - topic-oriented editing including coherent topic and subtopic +;; creation, promotion, demotion, cut/paste across depths, etc +;; - incremental search with dynamic exposure and reconcealment of text +;; - customizable bullet format enbles programming-language specific +;; outlining, for ultimate code-folding editing. (allout code itself is +;; formatted as an outline - do ESC-x eval-current-buffer in allout.el +;; to try it out.) +;; - configurable per-file initial exposure settings +;; - symmetric-key and key-pair topic encryption, plus reliable key +;; verification and user-supplied hint maintenance. (see +;; allout-toggle-current-subtree-encryption docstring.) ;; - automatic topic-number maintenance -;; - "Hot-spot" operation, for single-keystroke maneuvering and -;; exposure control. (See the `allout-mode' docstring.) +;; - "hot-spot" operation, for single-keystroke maneuvering and +;; exposure control (see the allout-mode docstring) +;; - easy rendering of exposed portions into numbered, latex, indented, etc +;; outline styles ;; -;; and many other features. +;; and more. ;; ;; The outline menubar additions provide quick reference to many of -;; the features, and see the docstring of the function `allout-init' -;; for instructions on priming your Emacs session for automatic -;; activation of `allout-mode'. +;; the features, and see the docstring of the variable `allout-init' +;; for instructions on priming your emacs session for automatic +;; activation of allout-mode. ;; ;; See the docstring of the variables `allout-layout' and ;; `allout-auto-activation' for details on automatic activation of -;; allout `allout-mode' as a minor mode. (It has changed since allout +;; `allout-mode' as a minor mode. (It has changed since allout ;; 3.x, for those of you that depend on the old method.) ;; ;; Note - the lines beginning with `;;;_' are outline topic headers. ;; Just `ESC-x eval-current-buffer' to give it a whirl. -;; Ken Manheimer klm@zope.com +;; ken manheimer (ken dot manheimer at gmail dot com) ;;; Code: ;;;_* Provide +;(provide 'outline) (provide 'allout) +;;;_* Dependency autoloads +(eval-when-compile 'cl) ; otherwise, flet compilation fouls +(autoload 'crypt-encrypt-buffer "crypt++") +(setq-default crypt-encryption-type 'gpg) + +(autoload 'mc-encrypt "mailcrypt" + "*Encrypt the current buffer") +(autoload 'mc-activate-passwd "mailcrypt" + "Activate the passphrase matching ID, using PROMPT for a prompt. +Return the passphrase. If PROMPT is nil, only return value if cached.") +(autoload 'mc-gpg-process-region "mc-gpg") +(autoload 'mc-dectivate-passwd "mailcrypt" + "*Deactivate the passphrase cache.") + ;;;_* USER CUSTOMIZATION VARIABLES: (defgroup allout nil "Extensive outline mode for use alone and with other modes." :prefix "allout-" - :group 'editing - :version "22.1") + :group 'outlines) ;;;_ + Layout, Mode, and Topic Header Configuration @@ -111,8 +137,8 @@ A list value specifies a default layout for the current buffer, to be applied upon activation of `allout-mode'. Any non-nil value will -automatically trigger `allout-mode', provided `allout-init' -has been called to enable it. +automatically trigger `allout-mode' \(provided `allout-init' has been called +to enable this behavior). See the docstring for `allout-init' for details on setting up for auto-mode-activation, and for `allout-expose-topic' for the format of @@ -171,7 +197,7 @@ :group 'allout) (make-variable-buffer-local 'allout-primary-bullet) ;;;_ = allout-plain-bullets-string -(defcustom allout-plain-bullets-string ".:,;" +(defcustom allout-plain-bullets-string ".," "*The bullets normally used in outline topic prefixes. See `allout-distinctive-bullets-string' for the other kind of @@ -185,7 +211,7 @@ :group 'allout) (make-variable-buffer-local 'allout-plain-bullets-string) ;;;_ = allout-distinctive-bullets-string -(defcustom allout-distinctive-bullets-string "*+-=>([{}&!?#%\"X@$~_\\" +(defcustom allout-distinctive-bullets-string "*+-=>()[{}&!?#%\"X@$~_\\:;^" "*Persistent outline header bullets used to distinguish special topics. These bullets are used to distinguish topics from the run-of-the-mill @@ -198,12 +224,13 @@ `?' question topics `\(' parenthetic comment \(with a matching close paren inside) `[' meta-note \(with a matching close ] inside) - `\"' a quote + `\"' a quotation `=' value settings `~' \"more or less\" + `^' see above -... just for example. (`#' typically has a special meaning to the -software, according to the value of `allout-numbered-bullet'.) + ... for example. (`#' typically has a special meaning to the software, +according to the value of `allout-numbered-bullet'.) See `allout-plain-bullets-string' for the selection of alternating bullets. @@ -337,7 +364,6 @@ Set this var to the bullet you want to use for file cross-references." :type '(choice (const nil) string) :group 'allout) - ;;;_ = allout-presentation-padding (defcustom allout-presentation-padding 2 "*Presentation-format white-space padding factor, for greater indent." @@ -381,7 +407,7 @@ :type 'string :group 'allout) ;;;_ - allout-title -(defcustom allout-title '(or buffer-file-name (current-buffer-name)) +(defcustom allout-title '(or buffer-file-name (buffer-name)) "*Expression to be evaluated to determine the title for LaTeX formatted copy." :type 'sexp @@ -397,6 +423,94 @@ :type 'string :group 'allout) +;;;_ + Topic encryption +;;;_ = allout-topic-encryption-bullet +(defcustom allout-topic-encryption-bullet "~" + "*Bullet signifying encryption of the entry's body." + :type '(choice (const nil) string) + :group 'allout) +;;;_ = allout-default-encryption-scheme +(defcustom allout-default-encryption-scheme 'mc-scheme-gpg + "*Default allout outline topic encryption mode. + +See mailcrypt variable `mc-schemes' and mailcrypt docs for encryption schemes." + :type 'symbol + :group 'allout) +;;;_ = allout-key-verifier-handling +(defcustom allout-key-verifier-handling 'situate + "*Dictate outline encryption key verifier handling. + +The key verifier is string associated with a file that is encrypted with +the file's current symmetric encryption key. It is used, if present, to +confirm that the key entered by the user is the same as the established +one, or explicitly presenting the user with the choice to go with a +new key when a difference is encountered. + +The range of values are: + + situate - include key verifier string as text in the file's local-vars + section + transient - establish the value as a variable in the file's buffer, but + don't preserve it as a file variable. + disabled - don't establish or do verification. + +See the docstring for the `allout-enable-file-variable-adjustment' +variable for details about allout ajustment of file variables." + :type '(choice (const situate) + (const transient) + (const disabled)) + :group 'allout) +(make-variable-buffer-local 'allout-key-verifier-handling) +;;;_ = allout-key-hint-handling +(defcustom allout-key-hint-handling 'always + "*Dictate outline encryption key reminder handling: + + always - always show reminder when prompting + needed - show reminder on key entry failure + manage - never present reminder, but still manage a file-var entry for it + disabled - don't even manage the file variable entry + +See the docstring for the `allout-enable-file-variable-adjustment' +variable for details about allout ajustment of file variables." + :type '(choice (const always) + (const needed) + (const manage) + (const disabled)) + :group 'allout) +(make-variable-buffer-local 'allout-key-hint-handling) +;;;_ = allout-encrypt-unencrypted-on-saves +(defcustom allout-encrypt-unencrypted-on-saves 'except-current + "*When saving, should topics pending encryption be encrypted? + +The idea is to prevent file-system exposure of any un-encrypted stuff, and +mostly covers both deliberate file writes and auto-saves. + + - Yes: encrypt all topics pending encryption, even if it's the one + currently being edited. \(In that case, the currently edited topic + will be automatically decrypted before any user interaction, so they + can continue editing but the copy on the file system will be + encrypted.) + Auto-saves will use the \"All except current topic\" mode if this + one is selected, to avoid practical difficulties - see below. + - All except current topic: skip the topic currently being edited, even if + it's pending encryption. This may expose the current topic on the + file sytem, but avoids the nuisance of prompts for the encryption + key in the middle of editing for, eg, autosaves. + This mode is used for auto-saves for both this option and \"Yes\". + - No: leave it to the user to encrypt any unencrypted topics. + +For practical reasons, auto-saves always use the 'except-current policy +when auto-encryption is enabled. \(Otherwise, spurious key prompts and +unavoidable timing collisions are too disruptive.) If security for a file +requires that even the current topic is never auto-saved in the clear, +disable auto-saves for that file." + + :type '(choice (const :tag "Yes" t) + (const :tag "All except current topic" except-current) + (const :tag "No" nil)) + :group 'allout) +(make-variable-buffer-local 'allout-encrypt-unencrypted-on-saves) + ;;;_ + Miscellaneous customization ;;;_ = allout-command-prefix @@ -422,13 +536,15 @@ ("\C-f" allout-forward-current-level) ("\C-b" allout-backward-current-level) ("\C-a" allout-beginning-of-current-entry) - ("\C-e" allout-end-of-current-entry) + ("\C-e" allout-end-of-entry) ; Exposure commands: ("\C-i" allout-show-children) ("\C-s" allout-show-current-subtree) ("\C-h" allout-hide-current-subtree) + ("h" allout-hide-current-subtree) ("\C-o" allout-show-current-entry) ("!" allout-show-all) + ("x" allout-toggle-current-subtree-encryption) ; Alteration commands: (" " allout-open-sibtopic) ("." allout-open-subtopic) @@ -489,19 +605,22 @@ (make-variable-buffer-local 'allout-reindent-bodies) -;;;_ = allout-inhibit-protection -(defcustom allout-inhibit-protection nil - "*Non-nil disables warnings and confirmation-checks for concealed-text edits. - -Outline mode uses Emacs change-triggered functions to detect unruly -changes to concealed regions. Set this var non-nil to disable the -protection, potentially increasing text-entry responsiveness a bit. - -This var takes effect at `allout-mode' activation, so you may have to -deactivate and then reactivate the mode if you want to toggle the -behavior." +;;;_ = allout-enable-file-variable-adjustment +(defcustom allout-enable-file-variable-adjustment t + "*If non-nil, some allout outline actions can edit Emacs file variables text. + +This can range from changes to existing entries, addition of new ones, +and creation of a new local variables section when necessary. + +Emacs file variables adjustments are also inhibited if `enable-local-variables' +is nil. + +Operations potentially causing edits include allout encryption routines. +See the docstring for `allout-toggle-current-subtree-encryption' for +details." :type 'boolean :group 'allout) +(make-variable-buffer-local 'allout-enable-file-variable-adjustment) ;;;_* CODE - no user customizations below. @@ -509,7 +628,7 @@ ;;;_ : Version ;;;_ = allout-version (defvar allout-version - (let ((rcs-rev "$Revision$")) + (let ((rcs-rev "$Revision: 1.68 $")) (condition-case err (save-match-data (string-match "Revision: \\([0-9]+\\.[0-9]+\\)" rcs-rev) @@ -728,7 +847,16 @@ (car (cdr cell))))))) keymap-list) map)) - +;;;_ = allout-prior-bindings - being deprecated. +(defvar allout-prior-bindings nil + "Variable for use in V18, with allout-added-bindings, for +resurrecting, on mode deactivation, bindings that existed before +activation. Being deprecated.") +;;;_ = allout-added-bindings - being deprecated +(defvar allout-added-bindings nil + "Variable for use in V18, with allout-prior-bindings, for +resurrecting, on mode deactivation, bindings that existed before +activation. Being deprecated.") ;;;_ : Menu bar (defvar allout-mode-exposure-menu) (defvar allout-mode-editing-menu) @@ -759,7 +887,11 @@ ["Shift Topic Out" allout-shift-out t] ["Rebullet Topic" allout-rebullet-topic t] ["Rebullet Heading" allout-rebullet-current-heading t] - ["Number Siblings" allout-number-siblings t])) + ["Number Siblings" allout-number-siblings t] + "----" + ["Toggle Topic Encryption" + allout-toggle-current-subtree-encryption + (> (allout-current-depth) 1)])) (easy-menu-define allout-mode-navigation-menu allout-mode-map "Allout outline navigation menu." @@ -775,7 +907,7 @@ "----" ["Beginning of Entry" allout-beginning-of-current-entry t] - ["End of Entry" allout-end-of-current-entry t] + ["End of Entry" allout-end-of-entry t] ["End of Subtree" allout-end-of-current-subtree t])) (easy-menu-define allout-mode-misc-menu allout-mode-map @@ -855,13 +987,6 @@ (setq allout-mode-prior-settings rebuild))))) ) ;;;_ : Mode-specific incidentals -;;;_ = allout-during-write-cue nil -(defvar allout-during-write-cue nil - "Used to inhibit outline change-protection during file write. - -See also `allout-post-command-business', `allout-write-file-hook', -`allout-before-change-protect', and `allout-post-command-business' -functions.") ;;;_ = allout-pre-was-isearching nil (defvar allout-pre-was-isearching nil "Cue for isearch-dynamic-exposure mechanism, implemented in @@ -869,22 +994,28 @@ (make-variable-buffer-local 'allout-pre-was-isearching) ;;;_ = allout-isearch-prior-pos nil (defvar allout-isearch-prior-pos nil - "Cue for isearch-dynamic-exposure tracking, used by `allout-isearch-expose'.") + "Cue for isearch-dynamic-exposure tracking, used by +`allout-isearch-expose'.") (make-variable-buffer-local 'allout-isearch-prior-pos) -;;;_ = allout-override-protect nil -(defvar allout-override-protect nil - "Used in `allout-mode' for regulate of concealed-text protection mechanism. - -Allout outline mode regulates alteration of concealed text to protect -against inadvertent, unnoticed changes. This is for use by specific, -native outline functions to temporarily override that protection. -It's automatically reset to nil after every buffer modification.") -(make-variable-buffer-local 'allout-override-protect) +;;;_ = allout-isearch-did-quit +(defvar allout-isearch-did-quit nil + "Distinguishes isearch conclusion and cancellation. + +Maintained by allout-isearch-abort \(which is wrapped around the real +isearch-abort), and monitored by allout-isearch-expose for action.") +(make-variable-buffer-local 'allout-isearch-did-quit) ;;;_ > allout-unprotected (expr) -(defmacro allout-unprotected (expression) - "Evaluate EXPRESSION with `allout-override-protect' let-bound to t." - `(let ((allout-override-protect t)) - ,expression)) +(defmacro allout-unprotected (expr) + "Enable internal outline operations to alter read-only text." + `(let ((was-inhibit-r-o inhibit-read-only)) + (unwind-protect + (progn + (setq inhibit-read-only t) + ,expr) + (setq inhibit-read-only was-inhibit-r-o) + ) + ) + ) ;;;_ = allout-undo-aggregation (defvar allout-undo-aggregation 30 "Amount of successive self-insert actions to bunch together per undo. @@ -897,14 +1028,109 @@ "Horrible hack used to prevent invalid multiple triggering of outline mode from prop-line file-var activation. Used by `allout-mode' function to track repeats.") -;;;_ > allout-write-file-hook () -(defun allout-write-file-hook () - "In `allout-mode', run as a `write-contents-functions' activity. - -Currently just sets `allout-during-write-cue', so outline change-protection -knows to keep inactive during file write." - (setq allout-during-write-cue t) - nil) +;;;_ = allout-file-key-verifier-string +(defvar allout-file-key-verifier-string nil + "Name for use as a file variable for verifying encryption key across +sessions.") +(make-variable-buffer-local 'allout-file-key-verifier-string) +;;;_ = allout-encryption-scheme +(defvar allout-encryption-scheme nil + "*Allout outline topic encryption scheme pending for the current buffer. + +Intended as a file-specific (buffer local) setting, it defaults to the +value of allout-default-encryption-scheme if nil.") +(make-variable-buffer-local 'allout-encryption-scheme) +;;;_ = allout-key-verifier-string +(defvar allout-key-verifier-string nil + "Setting used to test solicited encryption keys against that already +associated with a file. + +It consists of an encrypted random string useful only to verify that a key +entered by the user is effective for decryption. The key itself is \*not* +recorded in the file anywhere, and the encrypted contents are random binary +characters to avoid exposing greater susceptibility to search attacks. + +The verifier string is retained as an Emacs file variable, as well as in +the emacs buffer state, if file variable adjustments are enabled. See +`allout-enable-file-variable-adjustment' for details about that.") +(make-variable-buffer-local 'allout-key-verifier-string) +(setq-default allout-key-verifier-string nil) +;;;_ = allout-key-hint-string +(defvar allout-key-hint-string "" + "Variable used to retain a reminder string for a file's encryption key. + +See the description of `allout-key-hint-handling' for details about how +the reminder is deployed. + +The hint is retained as an Emacs file variable, as well as in the emacs buffer +state, if file variable adjustments are enabled. See +`allout-enable-file-variable-adjustment' for details about that.") +(make-variable-buffer-local 'allout-key-hint-string) +(setq-default allout-key-hint-string "") +;;;_ = allout-after-save-decrypt +(defvar allout-after-save-decrypt nil + "Internal variable, is nil or has the value of two points: + + - the location of a topic to be decrypted after saving is done + - where to situate the cursor after the decryption is performed + +This is used to decrypt the topic that was currently being edited, if it +was encrypted automatically as part of a file write or autosave.") +(make-variable-buffer-local 'allout-after-save-decrypt) +;;;_ > allout-write-file-hook-handler () +(defun allout-write-file-hook-handler () + "Implement `allout-encrypt-unencrypted-on-saves' policy for file writes." + + (if (or (not (boundp 'allout-encrypt-unencrypted-on-saves)) + (not allout-encrypt-unencrypted-on-saves)) + nil + (let ((except-mark (and (equal allout-encrypt-unencrypted-on-saves + 'except-current) + (point-marker)))) + (if (save-excursion (goto-char (point-min)) + (allout-next-topic-pending-encryption except-mark)) + (progn + (message "auto-encrypting pending topics") + (sit-for 2) + (condition-case failure + (setq allout-after-save-decrypt + (allout-encrypt-decrypted except-mark)) + (error (progn + (message + "allout-write-file-hook-handler suppressing error %s" + failure) + (sit-for 2)))))) + )) + nil) +;;;_ > allout-auto-save-hook-handler () +(defun allout-auto-save-hook-handler () + "Implement `allout-encrypt-unencrypted-on-saves' policy for auto saves." + + (if allout-encrypt-unencrypted-on-saves + ;; Always implement 'except-current policy when enabled. + (let ((allout-encrypt-unencrypted-on-saves 'except-current)) + (allout-write-file-hook-handler)))) +;;;_ > allout-after-saves-handler () +(defun allout-after-saves-handler () + "Decrypt topic encrypted for save, if it's currently being edited. + +Ie, if it was pending encryption and contained the point in its body before +the save. + +We use values stored in `allout-after-save-decrypt' to locate the topic +and the place for the cursor after the decryption is done." + (if (not (and (allout-mode-p) + (boundp 'allout-after-save-decrypt) + allout-after-save-decrypt)) + t + (goto-char (car allout-after-save-decrypt)) + (let ((was-modified (buffer-modified-p))) + (allout-toggle-current-subtree-encryption) + (if (not was-modified) + (set-buffer-modified-p nil))) + (goto-char (cadr allout-after-save-decrypt)) + (setq allout-after-save-decrypt nil)) + ) ;;;_ #2 Mode activation ;;;_ = allout-mode @@ -916,11 +1142,10 @@ 'allout-mode) ;;;_ = allout-explicitly-deactivated (defvar allout-explicitly-deactivated nil - "Non-nil if `allout-mode' was last deliberately deactivated. + "If t, `allout-mode's last deactivation was deliberate. So `allout-post-command-business' should not reactivate it...") (make-variable-buffer-local 'allout-explicitly-deactivated) ;;;_ > allout-init (&optional mode) -;;;###autoload (defun allout-init (&optional mode) "Prime `allout-mode' to enable/disable auto-activation, wrt `allout-layout'. @@ -939,9 +1164,9 @@ the `allout-layout' variable. (See `allout-layout' and `allout-expose-topic' docstrings for more details on auto layout). -`allout-init' works by setting up (or removing) -`allout-find-file-hook' in `find-file-hook', and giving -`allout-auto-activation' a suitable setting. +`allout-init' works by setting up (or removing) the `allout-mode' +find-file-hook, and giving `allout-auto-activation' a suitable +setting. To prime your Emacs session for full auto-outline operation, include the following two lines in your Emacs init file: @@ -949,32 +1174,35 @@ \(require 'allout) \(allout-init t)" - (interactive - (let ((m (completing-read - (concat "Select outline auto setup mode " - "(empty for report, ? for options) ") - '(("nil")("full")("activate")("deactivate") - ("ask") ("report") ("")) - nil - t))) - (if (string= m "") 'report - (intern-soft m)))) + (interactive) + (if (interactive-p) + (progn + (setq mode + (completing-read + (concat "Select outline auto setup mode " + "(empty for report, ? for options) ") + '(("nil")("full")("activate")("deactivate") + ("ask") ("report") ("")) + nil + t)) + (if (string= mode "") + (setq mode 'report) + (setq mode (intern-soft mode))))) (let ;; convenience aliases, for consistent ref to respective vars: ((hook 'allout-find-file-hook) (curr-mode 'allout-auto-activation)) (cond ((not mode) - (setq find-file-hook (delq hook find-file-hook)) + (setq find-file-hooks (delq hook find-file-hooks)) (if (interactive-p) (message "Allout outline mode auto-activation inhibited."))) ((eq mode 'report) - (if (memq hook find-file-hook) - ;; Just punt and use the reports from each of the modes: - (allout-init (symbol-value curr-mode)) - (allout-init nil) - (message "Allout outline mode auto-activation inhibited."))) - (t (add-hook 'find-file-hook hook) + (if (not (memq hook find-file-hooks)) + (allout-init nil) + ;; Just punt and use the reports from each of the modes: + (allout-init (symbol-value curr-mode)))) + (t (add-hook 'find-file-hooks hook) (set curr-mode ; `set', not `setq'! (cond ((eq mode 'activate) (message @@ -1022,10 +1250,11 @@ In addition to outline navigation and exposure, allout includes: - - topic-oriented repositioning, cut, and paste + - topic-oriented repositioning, promotion/demotion, cut, and paste - integral outline exposure-layout - incremental search with dynamic exposure and reconcealment of hidden text - automatic topic-number maintenance + - easy topic encryption and decryption - \"Hot-spot\" operation, for single-keystroke maneuvering and exposure control. \(See the allout-mode docstring.) @@ -1035,7 +1264,7 @@ special `allout-mode' features and terminology. See also the outline menubar additions for quick reference to many of the features, and see the docstring of the function `allout-init' for instructions on -priming your Emacs session for automatic activation of `allout-mode'. +priming your emacs session for automatic activation of `allout-mode'. The bindings are dictated by the `allout-keybindings-list' and @@ -1048,7 +1277,7 @@ C-c C-u allout-up-current-level | C-c C-s allout-show-current-subtree C-c C-f allout-forward-current-level | C-c C-o allout-show-current-entry C-c C-b allout-backward-current-level | ^U C-c C-s allout-show-all -C-c C-e allout-end-of-current-entry | allout-hide-current-leaves +C-c C-e allout-end-of-entry | allout-hide-current-leaves C-c C-a allout-beginning-of-current-entry, alternately, goes to hot-spot Topic Header Production: @@ -1064,7 +1293,7 @@ C-c<CR> allout-rebullet-topic Reconcile bullets of topic and its offspring - distinctive bullets are not changed, others alternated according to nesting depth. -C-c * allout-rebullet-current-heading Prompt for alternate bullet for +C-c b allout-rebullet-current-heading Prompt for alternate bullet for current topic. C-c # allout-number-siblings Number bullets of topic and siblings - the offspring are not affected. With repeat @@ -1087,8 +1316,8 @@ C-c C-SPC allout-mark-topic C-c = c allout-copy-exposed-to-buffer Duplicate outline, sans concealed text, to - buffer with name derived from derived from - that of current buffer - \"*XXX exposed*\". + buffer with name derived from derived from that + of current buffer - \"*BUFFERNAME exposed*\". C-c = p allout-flatten-exposed-to-buffer Like above 'copy-exposed', but convert topic prefixes to section.subsection... numeric @@ -1096,6 +1325,19 @@ ESC ESC (allout-init t) Setup Emacs session for outline mode auto-activation. + Encrypted Entries + +Outline mode supports easily togglable gpg encryption of topics, with +niceities like support for symmetric and key-pair modes, key timeout, key +consistency checking, user-provided hinting for symmetric key mode, and +auto-encryption of topics pending encryption on save. The aim is to enable +reliable topic privacy while preventing accidents like neglected +encryption, encryption with a mistaken key, forgetting which key was used, +and other practical pitfalls. + +See the `allout-toggle-current-subtree-encryption' function and +`allout-encrypt-unencrypted-on-saves' customization variable for details. + HOT-SPOT Operation Hot-spot operation provides a means for easy, single-keystroke outline @@ -1148,11 +1390,11 @@ HEADER: The first line of a topic, include the topic PREFIX and header text. -PREFIX: The leading text of a topic which distinguishes it from - normal text. It has a strict form, which consists of a - prefix-lead string, padding, and a bullet. The bullet may be - followed by a number, indicating the ordinal number of the - topic among its siblings, a space, and then the header text. +PREFIX: The leading text of a topic which distinguishes it from normal + text. It has a strict form, which consists of a prefix-lead + string, padding, and a bullet. The bullet may be followed by a + number, indicating the ordinal number of the topic among its + siblings, a space, and then the header text. The relative length of the PREFIX determines the nesting depth of the topic. @@ -1223,7 +1465,7 @@ ;; off on second invocation, so we detect it as best we can, and ;; skip everything. ((and same-complex-command ; Still in same complex command - ; as last time `allout-mode' invoked. + ; as last time `allout-mode' invoked. active ; Already activated. (not explicit-activation) ; Prop-line file-vars don't have args. (string-match "^19.1[89]" ; Bug only known to be in v19.18 and @@ -1238,6 +1480,19 @@ ; active state or *de*activation ; specifically requested: (setq allout-explicitly-deactivated t) + (if (string-match "^18\." emacs-version) + ; Revoke those keys that remain + ; as we set them: + (let ((curr-loc (current-local-map))) + (mapcar (function + (lambda (cell) + (if (eq (lookup-key curr-loc (car cell)) + (car (cdr cell))) + (define-key curr-loc (car cell) + (assq (car cell) allout-prior-bindings))))) + allout-added-bindings) + (allout-resumptions 'allout-added-bindings) + (allout-resumptions 'allout-prior-bindings))) (if allout-old-style-prefixes (progn @@ -1246,9 +1501,12 @@ (allout-resumptions 'selective-display) (if (and (boundp 'before-change-functions) before-change-functions) (allout-resumptions 'before-change-functions)) - (setq write-contents-functions - (delq 'allout-write-file-hook - write-contents-functions)) + (setq local-write-file-hooks + (delq 'allout-write-file-hook-handler + local-write-file-hooks)) + (setq auto-save-hook + (delq 'allout-auto-save-hook-handler + auto-save-hook)) (allout-resumptions 'paragraph-start) (allout-resumptions 'paragraph-separate) (allout-resumptions (if (string-match "^18" emacs-version) @@ -1288,25 +1546,27 @@ (cons '(allout-mode . allout-mode-map) minor-mode-map-alist)))) + ; V18 minor-mode key bindings: + ; Stash record of added bindings + ; for later revocation: + (allout-resumptions 'allout-added-bindings + (list allout-keybindings-list)) + (allout-resumptions 'allout-prior-bindings + (list (current-local-map))) ; and add them: (use-local-map (produce-allout-mode-map allout-keybindings-list (current-local-map))) ) ; selective-display is the - ; Emacs conditional exposure + ; emacs conditional exposure ; mechanism: (allout-resumptions 'selective-display '(t)) - (if allout-inhibit-protection - t - (allout-resumptions 'before-change-functions - '(allout-before-change-protect))) (add-hook 'pre-command-hook 'allout-pre-command-business) (add-hook 'post-command-hook 'allout-post-command-business) - ; Temporarily set by any outline - ; functions that can be trusted to - ; deal properly with concealed text. - (add-hook 'write-contents-functions 'allout-write-file-hook) + (add-hook 'local-write-file-hooks 'allout-write-file-hook-handler) + (make-variable-buffer-local 'auto-save-hook) + (add-hook 'auto-save-hook 'allout-auto-save-hook-handler) ; Custom auto-fill func, to support ; respect for topic headline, ; hanging-indents, etc: @@ -1337,7 +1597,8 @@ (if allout-layout (setq do-layout t)) - (if allout-isearch-dynamic-expose + (if (and allout-isearch-dynamic-expose + (not (fboundp 'allout-real-isearch-abort))) (allout-enwrap-isearch)) (run-hooks 'allout-mode-hook) @@ -1376,7 +1637,6 @@ ) ; let* ) ; defun ;;;_ > allout-minor-mode -;;; XXX released verion doesn't do this? (defalias 'allout-minor-mode 'allout-mode) ;;;_ #3 Internal Position State-Tracking - "allout-recent-*" funcs @@ -1400,12 +1660,12 @@ "Buffer point last returned by `allout-end-of-current-subtree'.") (make-variable-buffer-local 'allout-recent-end-of-subtree) ;;;_ > allout-prefix-data (beg end) -(defmacro allout-prefix-data (beginning end) +(defmacro allout-prefix-data (beg end) "Register allout-prefix state data - BEGINNING and END of prefix. For reference by `allout-recent' funcs. Returns BEGINNING." `(setq allout-recent-prefix-end ,end - allout-recent-prefix-beginning ,beginning)) + allout-recent-prefix-beginning ,beg)) ;;;_ > allout-recent-depth () (defmacro allout-recent-depth () "Return depth of last heading encountered by an outline maneuvering function. @@ -1612,9 +1872,12 @@ "Produce a location \"chart\" of subtopics of the containing topic. Optional argument LEVELS specifies the depth \(relative to start -depth) for the chart. +depth) for the chart. Subsequent optional args are not for public +use. + +Point is left at the end of the subtree. -Charts are used to capture outline structure, so that outline altering +Charts are used to capture outline structure, so that outline-altering routines need assess the structure only once, and then use the chart for their elaborate manipulations. @@ -1625,11 +1888,9 @@ The chart for a topics' offspring precedes the entry for the topic itself. -\(fn &optional LEVELS)" - - ;; The other function parameters are for internal recursion, and should - ;; not be specified by external callers. ORIG-DEPTH is depth of topic at - ;; starting point, and PREV-DEPTH is depth of prior topic." +The other function parameters are for internal recursion, and should +not be specified by external callers. ORIG-DEPTH is depth of topic at +starting point, and PREV-DEPTH is depth of prior topic." (let ((original (not orig-depth)) ; `orig-depth' set only in recursion. chart curr-depth) @@ -1835,11 +2096,18 @@ (if (re-search-forward allout-line-boundary-regexp nil 'move) (prog1 (goto-char (match-beginning 0)) (allout-prefix-data (match-beginning 2)(match-end 2))))) -;;;_ > allout-end-of-current-subtree () -(defun allout-end-of-current-subtree () - "Put point at the end of the last leaf in the currently visible topic." - (interactive) - (allout-back-to-current-heading) +;;;_ > allout-end-of-subtree (&optional current) +(defun allout-end-of-subtree (&optional current) + "Put point at the end of the last leaf in the containing topic. + +If optional CURRENT is true (default false), then put point at the end of +the containing visible topic. + +Returns the value of point." + (interactive "P") + (if current + (allout-back-to-current-heading) + (allout-goto-prefix)) (let ((level (allout-recent-depth))) (allout-next-heading) (while (and (not (eobp)) @@ -1851,9 +2119,16 @@ '(?\n ?\r)) (forward-char -1)) (setq allout-recent-end-of-subtree (point)))) +;;;_ > allout-end-of-current-subtree () +(defun allout-end-of-current-subtree () + "Put point at end of last leaf in currently visible containing topic. + +Returns the value of point." + (interactive) + (allout-end-of-subtree t)) ;;;_ > allout-beginning-of-current-entry () (defun allout-beginning-of-current-entry () - "When not already there, position point at beginning of current topic's body. + "When not already there, position point at beginning of current topic header. If already there, move cursor to bullet for hot-spot operation. \(See `allout-mode' doc string for details on hot-spot operation.)" @@ -1863,11 +2138,10 @@ (if (and (interactive-p) (= (point) start-point)) (goto-char (allout-current-bullet-pos))))) -;;;_ > allout-end-of-current-entry () -(defun allout-end-of-current-entry () +;;;_ > allout-end-of-entry () +(defun allout-end-of-entry () "Position the point at the end of the current topics' entry." (interactive) - (allout-show-entry) (prog1 (allout-pre-next-preface) (if (and (not (bobp))(looking-at "^$")) (forward-char -1)))) @@ -1875,9 +2149,27 @@ (defun allout-end-of-current-heading () (interactive) (allout-beginning-of-current-entry) - (forward-line -1) - (end-of-line)) + (re-search-forward "[\n\r]" nil t) + (forward-char -1)) (defalias 'allout-end-of-heading 'allout-end-of-current-heading) +;;;_ > allout-get-body-text () +(defun allout-get-body-text () + "Return the unmangled body text of the topic immediately containing point." + (save-excursion + (allout-end-of-prefix) + (if (not (re-search-forward "[\n\r]" nil t)) + nil + (backward-char 1) + (let ((pre-body (point))) + (if (not pre-body) + nil + (allout-end-of-entry) + (if (not (= pre-body (point))) + (buffer-substring-no-properties (1+ pre-body) (point)))) + ) + ) + ) + ) ;;;_ - Depth-wise ;;;_ > allout-ascend-to-depth (depth) @@ -1892,12 +2184,16 @@ (if (= (allout-recent-depth) depth) (progn (goto-char allout-recent-prefix-beginning) depth) - (goto-char last-good))))) + (goto-char last-good) + nil)) + (if (interactive-p) (allout-end-of-prefix)))) ;;;_ > allout-ascend () (defun allout-ascend () "Ascend one level, returning t if successful, nil if not." - (if (allout-beginning-of-level) - (allout-previous-heading))) + (prog1 + (if (allout-beginning-of-level) + (allout-previous-heading)) + (if (interactive-p) (allout-end-of-prefix)))) ;;;_ > allout-descend-to-depth (depth) (defun allout-descend-to-depth (depth) "Descend to depth DEPTH within current topic. @@ -1917,13 +2213,13 @@ nil)) ) ;;;_ > allout-up-current-level (arg &optional dont-complain) -(defun allout-up-current-level (arg &optional dont-complain interactive) +(defun allout-up-current-level (arg &optional dont-complain) "Move out ARG levels from current visible topic. Positions on heading line of containing topic. Error if unable to ascend that far, or nil if unable to ascend but optional arg DONT-COMPLAIN is non-nil." - (interactive "p\np") + (interactive "p") (allout-back-to-current-heading) (let ((present-level (allout-recent-depth)) (last-good (point)) @@ -1944,12 +2240,12 @@ (if (or failed (> arg 0)) (progn (goto-char last-good) - (if interactive (allout-end-of-prefix)) + (if (interactive-p) (allout-end-of-prefix)) (if (not dont-complain) (error "Can't ascend past outermost level") - (if interactive (allout-end-of-prefix)) + (if (interactive-p) (allout-end-of-prefix)) nil)) - (if interactive (allout-end-of-prefix)) + (if (interactive-p) (allout-end-of-prefix)) allout-recent-prefix-beginning))) ;;;_ - Linear @@ -1981,7 +2277,7 @@ nil)))) ;;;_ > allout-previous-sibling (&optional depth backward) (defun allout-previous-sibling (&optional depth backward) - "Like `allout-forward-current-level', but backwards & respect invisible topics. + "Like `allout-forward-current-level' backwards, respecting invisible topics. Optional DEPTH specifies depth to traverse, default current depth. @@ -2015,7 +2311,7 @@ (let ((depth (allout-depth))) (while (allout-previous-sibling depth nil)) (prog1 (allout-recent-depth) - (allout-end-of-prefix)))) + (if (interactive-p) (allout-end-of-prefix))))) ;;;_ > allout-next-visible-heading (arg) (defun allout-next-visible-heading (arg) "Move to the next ARG'th visible heading line, backward if arg is negative. @@ -2053,13 +2349,13 @@ (interactive "p") (allout-next-visible-heading (- arg))) ;;;_ > allout-forward-current-level (arg) -(defun allout-forward-current-level (arg &optional interactive) +(defun allout-forward-current-level (arg) "Position point at the next heading of the same level. Takes optional repeat-count, goes backward if count is negative. Returns resulting position, else nil if none found." - (interactive "p\np") + (interactive "p") (let ((start-depth (allout-current-depth)) (start-point (point)) (start-arg arg) @@ -2087,7 +2383,7 @@ (= (allout-recent-depth) start-depth))) allout-recent-prefix-beginning (goto-char last-good) - (if (not interactive) + (if (not (interactive-p)) nil (allout-end-of-prefix) (error "Hit %s level %d topic, traversed %d of %d requested" @@ -2096,10 +2392,10 @@ (- (abs start-arg) arg) (abs start-arg)))))) ;;;_ > allout-backward-current-level (arg) -(defun allout-backward-current-level (arg &optional interactive) +(defun allout-backward-current-level (arg) "Inverse of `allout-forward-current-level'." - (interactive "p\np") - (if interactive + (interactive "p") + (if (interactive-p) (let ((current-prefix-arg (* -1 arg))) (call-interactively 'allout-forward-current-level)) (allout-forward-current-level (* -1 arg)))) @@ -2107,121 +2403,6 @@ ;;;_ #5 Alteration ;;;_ - Fundamental -;;;_ > allout-before-change-protect (beg end) -(defun allout-before-change-protect (beg end) - "Outline before-change hook, regulates changes to concealed text. - -Reveal concealed text that would be changed by current command, and -offer user choice to commit or forego the change. Unchanged text is -reconcealed. User has option to have changed text reconcealed. - -Undo commands are specially treated - the user is not prompted for -choice, the undoes are always committed (based on presumption that the -things being undone were already subject to this regulation routine), -and undoes always leave the changed stuff exposed. - -Changes to concealed regions are ignored while file is being written. -\(This is for the sake of functions that do change the file during -writes, like crypt and zip modes.) - -Locally bound in outline buffers to `before-change-functions', which -in Emacs 19 is run before any change to the buffer. - -Any functions which set [`this-command' to `undo', or which set] -`allout-override-protect' non-nil (as does, eg, allout-flag-chars) -are exempt from this restriction." - (if (and (allout-mode-p) - ; allout-override-protect - ; set by functions that know what - ; they're doing, eg outline internals: - (not allout-override-protect) - (not allout-during-write-cue) - (save-match-data ; Preserve operation position state. - ; Both beginning and end chars must - ; be exposed: - (save-excursion (if (memq this-command '(newline open-line)) - ;; Compensate for stupid Emacs {new, - ;; open-}line display optimization: - (setq beg (1+ beg) - end (1+ end))) - (goto-char beg) - (or (allout-hidden-p) - (and (not (= beg end)) - (goto-char end) - (allout-hidden-p)))))) - (save-match-data - (if (equal this-command 'undo) - ;; Allow undo without inhibition. - ;; - Undoing new and open-line hits stupid Emacs redisplay - ;; optimization (em 19 cmds.c, ~ line 200). - ;; - Presumably, undoing what was properly protected when - ;; done. - ;; - Undo may be users' only recourse in protection faults. - ;; So, expose what getting changed: - (progn (message "Undo! - exposing concealed target...") - (if (allout-hidden-p) - (allout-show-children)) - (message "Undo!")) - (let (response - (rehide-completely (save-excursion (allout-goto-prefix) - (allout-hidden-p))) - rehide-place) - - (save-excursion - (if (condition-case err - ;; Condition case to catch keyboard quits during reads. - (progn - ; Give them a peek where - (save-excursion - (if (eolp) (setq rehide-place - (allout-goto-prefix))) - (allout-show-entry)) - ; Present the message, but... - ; leave the cursor at the location - ; until they respond: - ; Then interpret the response: - (while - (progn - (message (concat "Change inside concealed" - " region - do it? " - "(n or 'y'/'r'eclose)")) - (setq response (read-char)) - (not - (cond ((memq response '(?r ?R)) - (setq response 'reclose)) - ((memq response '(?y ?Y ? )) - (setq response t)) - ((memq response '(?n ?N 127)) - (setq response nil) - t) - ((eq response ??) - (message - "`r' means `yes, then reclose'") - nil) - (t (message "Please answer y, n, or r") - (sit-for 1) - nil))))) - response) - ('quit nil)) - ; Continue: - (if (eq response 'reclose) - (save-excursion - (if rehide-place (goto-char rehide-place)) - (if rehide-completely - (allout-hide-current-entry-completely) - (allout-hide-current-entry))) - (if (allout-ascend-to-depth (1- (allout-recent-depth))) - (allout-show-children) - (allout-show-to-offshoot))) - ; Prevent: - (if rehide-completely - (save-excursion - (if rehide-place (goto-char rehide-place)) - (allout-hide-current-entry-completely)) - (allout-hide-current-entry)) - (error "Change within concealed region prevented")))))) - ) ; if - ) ; defun ;;;_ = allout-post-goto-bullet (defvar allout-post-goto-bullet nil "Outline internal var, for `allout-pre-command-business' hot-spot operation. @@ -2236,24 +2417,20 @@ (defun allout-post-command-business () "Outline `post-command-hook' function. -- Null `allout-override-protect', so it's not left open. - - Implement (and clear) `allout-post-goto-bullet', for hot-spot outline commands. -- Massages `buffer-undo-list' so successive, standard character self-inserts - are aggregated. This kludge compensates for lack of undo bunching when - `before-change-functions' is used." +- Decrypt topic currently being edited if it was encrypted for a save. + +- Massage buffer-undo-list so successive, standard character self-inserts are + aggregated. This kludge compensates for lack of undo bunching when + before-change-functions is used." ; Apply any external change func: (if (not (allout-mode-p)) ; In allout-mode. nil - (setq allout-override-protect nil) (if allout-isearch-dynamic-expose (allout-isearch-rectification)) - (if allout-during-write-cue - ;; Was used by allout-before-change-protect, done with it now: - (setq allout-during-write-cue nil)) ;; Undo bunching business: (if (and (listp buffer-undo-list) ; Undo history being kept. (equal this-command 'self-insert-command) @@ -2282,6 +2459,11 @@ (setq buffer-undo-list (cons (cons prev-from cur-to) (cdr (cdr (cdr buffer-undo-list)))))))) + + (if (and (boundp 'allout-after-save-decrypt) + allout-after-save-decrypt) + (allout-after-saves-handler)) + ;; Implement -post-goto-bullet, if set: (must be after undo business) (if (and allout-post-goto-bullet (allout-current-bullet-pos)) @@ -2304,8 +2486,9 @@ char. When in this mode you can use regular cursor-positioning command/keystrokes to relocate the cursor off of a bullet character to return to regular interpretation of self-insert characters." + (if (not (allout-mode-p)) - ;; Shouldn't be invoked if not in allout allout-mode, but just in case: + ;; Shouldn't be invoked if not in allout-mode, but just in case: nil ;; Register isearch status: (if (and (boundp 'isearch-mode) isearch-mode) @@ -2317,7 +2500,9 @@ (let* ((this-key-num (cond ((numberp last-command-char) last-command-char) - ((fboundp 'char-to-int) + ;; Only xemacs has characterp. + ((and (fboundp 'characterp) + (characterp last-command-char)) (char-to-int last-command-char)) (t 0))) mapped-binding) @@ -2340,7 +2525,7 @@ this-command mapped-binding))))))) ;;;_ > allout-find-file-hook () (defun allout-find-file-hook () - "Activate `allout-mode' when `allout-auto-activation' & `allout-layout' are non-nil. + "Activate `allout-mode' when `allout-auto-activation', `allout-layout' non-nil. See `allout-init' for setup instructions." (if (and allout-auto-activation @@ -2353,7 +2538,7 @@ Called as part of `allout-post-command-business'." - (let ((isearching isearch-mode)) + (let ((isearching (and (boundp 'isearch-mode) isearch-mode))) (cond ((and isearching (not allout-pre-was-isearching)) (allout-isearch-expose 'start)) ((and isearching allout-pre-was-isearching) @@ -2361,24 +2546,11 @@ ((and (not isearching) allout-pre-was-isearching) (allout-isearch-expose 'final)) ;; Not and wasn't isearching: - (t (setq allout-isearch-prior-pos nil))))) + (t (setq allout-isearch-prior-pos nil) + (setq allout-isearch-did-quit nil))))) ;;;_ = allout-isearch-was-font-lock (defvar allout-isearch-was-font-lock (and (boundp 'font-lock-mode) font-lock-mode)) - -;;;_ > allout-flag-region (from to flag) -(defmacro allout-flag-region (from to flag) - "Hide or show lines from FROM to TO, via Emacs `selective-display' FLAG char. -Ie, text following flag C-m \(carriage-return) is hidden until the -next C-j (newline) char. - -Returns the endpoint of the region." - `(let ((buffer-read-only nil) - (allout-override-protect t)) - (subst-char-in-region ,from ,to - (if (= ,flag ?\n) ?\r ?\n) - ,flag t))) - ;;;_ > allout-isearch-expose (mode) (defun allout-isearch-expose (mode) "MODE is either 'clear, 'start, 'continue, or 'final." @@ -2403,21 +2575,56 @@ (setq allout-isearch-prior-pos nil) (if (not (eq mode 'final)) (setq allout-isearch-prior-pos (cons (point) (allout-show-entry))) - (if isearch-mode-end-hook-quit + (if allout-isearch-did-quit nil (setq allout-isearch-prior-pos nil) - (allout-show-children))))) + (allout-show-children)))) + (setq allout-isearch-did-quit nil)) ;;;_ > allout-enwrap-isearch () (defun allout-enwrap-isearch () - "Impose `isearch-abort' wrapper for dynamic exposure in isearch. + "Impose `allout-mode' isearch-abort wrapper for dynamic exposure in isearch. The function checks to ensure that the rebinding is done only once." - (add-hook 'isearch-mode-end-hook 'allout-isearch-rectification)) + + (add-hook 'isearch-mode-end-hook 'allout-isearch-rectification) + (if (fboundp 'allout-real-isearch-abort) + ;; + nil + ; Ensure load of isearch-mode: + (if (or (and (fboundp 'isearch-mode) + (fboundp 'isearch-abort)) + (condition-case error + (load-library "isearch-mode") + ('file-error (message + "Skipping isearch-mode provisions - %s '%s'" + (car (cdr error)) + (car (cdr (cdr error)))) + (sit-for 1) + ;; Inhibit subsequent tries and return nil: + (setq allout-isearch-dynamic-expose nil)))) + ;; Isearch-mode loaded, encapsulate specific entry points for + ;; outline dynamic-exposure business: + (progn + ;; stash crucial isearch-mode funcs under known, private + ;; names, then register wrapper functions under the old + ;; names, in their stead: + (fset 'allout-real-isearch-abort (symbol-function 'isearch-abort)) + (fset 'isearch-abort 'allout-isearch-abort))))) +;;;_ > allout-isearch-abort () +(defun allout-isearch-abort () + "Wrapper for allout-real-isearch-abort \(which see), to register +actual quits." + (interactive) + (setq allout-isearch-did-quit nil) + (condition-case what + (allout-real-isearch-abort) + ('quit (setq allout-isearch-did-quit t) + (signal 'quit nil)))) ;;; Prevent unnecessary font-lock while isearching! (defvar isearch-was-font-locking nil) (defun isearch-inhibit-font-lock () - "Inhibit `font-lock-mode' while isearching - for use on `isearch-mode-hook'." + "Inhibit `font-lock' while isearching - for use on `isearch-mode-hook'." (if (and (allout-mode-p) (boundp 'font-lock-mode) font-lock-mode) (setq isearch-was-font-locking t font-lock-mode nil))) @@ -2465,6 +2672,14 @@ (if prefix (allout-get-prefix-bullet prefix) (allout-get-bullet))))) +;;;_ > allout-encrypted-type-prefix (&optional prefix) +(defun allout-encrypted-type-prefix (&optional prefix) + "True if current header prefix bullet is for an encrypted entry \(body)." + (and allout-topic-encryption-bullet + (string= allout-topic-encryption-bullet + (if prefix + (allout-get-prefix-bullet prefix) + (allout-get-bullet))))) ;;;_ > allout-bullet-for-depth (&optional depth) (defun allout-bullet-for-depth (&optional depth) "Return outline topic bullet suited to optional DEPTH, or current depth." @@ -2625,15 +2840,15 @@ ((allout-sibling-index)))))) ) ) -;;;_ > allout-open-topic (relative-depth &optional before use-sib-bullet) -(defun allout-open-topic (relative-depth &optional before use-sib-bullet) - "Open a new topic at depth RELATIVE-DEPTH. +;;;_ > allout-open-topic (relative-depth &optional before use_recent_bullet) +(defun allout-open-topic (relative-depth &optional before use_recent_bullet) + "Open a new topic at depth DEPTH. New topic is situated after current one, unless optional flag BEFORE is non-nil, or unless current line is complete empty (not even whitespace), in which case open is done on current line. -If USE-SIB-BULLET is true, use the bullet of the prior sibling. +If USE_RECENT_BULLET is true, offer to use the bullet of the prior sibling. Nuances: @@ -2660,9 +2875,11 @@ (let* ((depth (+ (allout-current-depth) relative-depth)) (opening-on-blank (if (looking-at "^\$") (not (setq before nil)))) - opening-numbered ; Will get while computing ref-topic, below - ref-depth ; Will get while computing ref-topic, below - ref-bullet ; Will get while computing ref-topic, next + ;; bunch o vars set while computing ref-topic + opening-numbered + opening-encrypted + ref-depth + ref-bullet (ref-topic (save-excursion (cond ((< relative-depth 0) (allout-ascend-to-depth depth)) @@ -2680,6 +2897,13 @@ (allout-descend-to-depth depth)) (if (allout-numbered-type-prefix) allout-numbered-bullet)))) + (setq opening-encrypted + (save-excursion + (and allout-topic-encryption-bullet + (or (<= relative-depth 0) + (allout-descend-to-depth depth)) + (if (allout-numbered-type-prefix) + allout-numbered-bullet)))) (point))) dbl-space doing-beginning) @@ -2718,19 +2942,24 @@ (if (not (bobp)) (allout-previous-heading))) (if (and before (bobp)) - (allout-unprotected (open-line 1)))) + (allout-unprotected (allout-open-line-not-read-only)))) (if (<= relative-depth 0) ;; Not going inwards, don't snug up: (if doing-beginning - (allout-unprotected (open-line (if dbl-space 2 1))) + (allout-unprotected + (if (not dbl-space) + (allout-open-line-not-read-only) + (allout-open-line-not-read-only) + (allout-open-line-not-read-only))) (if before (progn (end-of-line) (allout-pre-next-preface) (while (= ?\r (following-char)) (forward-char 1)) (if (not (looking-at "^$")) - (allout-unprotected (open-line 1)))) + (allout-unprotected + (allout-open-line-not-read-only)))) (allout-end-of-current-subtree))) ;; Going inwards - double-space if first offspring is, ;; otherwise snug up. @@ -2748,38 +2977,47 @@ (progn (forward-line -1) (looking-at "^\\s-*$")))) (progn (forward-line 1) - (allout-unprotected (open-line 1)))) + (allout-unprotected + (allout-open-line-not-read-only)) + (forward-line 1))) (end-of-line)) ;;(if doing-beginning (goto-char doing-beginning)) (if (not (bobp)) + ;; We insert a newline char rather than using open-line to + ;; avoid rear-stickiness inheritence of read-only property. (progn (if (and (not (> depth ref-depth)) (not before)) - (allout-unprotected (open-line 1)) + (allout-unprotected + (allout-open-line-not-read-only)) (if (> depth ref-depth) - (allout-unprotected (newline 1)) + (allout-unprotected + (allout-open-line-not-read-only)) (if dbl-space - (allout-unprotected (open-line 1)) + (allout-unprotected + (allout-open-line-not-read-only)) (if (not before) (allout-unprotected (newline 1)))))) (if dbl-space - (allout-unprotected (newline 1))) + (allout-unprotected (newline 1))) (if (and (not (eobp)) (not (bolp))) (forward-char 1)))) )) (insert (concat (allout-make-topic-prefix opening-numbered - t - depth) - " ")) + t + depth) + " ")) ;;(if doing-beginning (save-excursion (newline (if dbl-space 2 1)))) - (allout-rebullet-heading (and use-sib-bullet ref-bullet);;; solicit + (allout-rebullet-heading (and use_recent_bullet ;;; solicit + ref-bullet) depth ;;; depth nil ;;; number-control nil ;;; index - t) (end-of-line) + t) + (end-of-line) ) ) ;;;_ . open-topic contingencies @@ -2795,6 +3033,13 @@ ;;;_ ; buffer boundaries - special provisions for beginning and end ob ;;;_ ; level 1 topics have special provisions also - double space. ;;;_ ; location of new topic +;;;_ > allout-open-line-not-read-only () +(defun allout-open-line-not-read-only () + "Open line and remove inherited read-only text prop from new char, if any." + (open-line 1) + (if (plist-get (text-properties-at (point)) 'read-only) + (allout-unprotected + (remove-text-properties (point) (+ 1 (point)) '(read-only nil))))) ;;;_ > allout-open-subtopic (arg) (defun allout-open-subtopic (arg) "Open new topic header at deeper level than the current one. @@ -2802,7 +3047,7 @@ Negative universal arg means to open deeper, but place the new topic prior to the current one." (interactive "p") - (allout-open-topic 1 (> 0 arg))) + (allout-open-topic 1 (> 0 arg) (< 1 arg))) ;;;_ > allout-open-sibtopic (arg) (defun allout-open-sibtopic (arg) "Open new topic header at same level as the current one. @@ -2812,7 +3057,7 @@ Negative universal arg means to place the new topic prior to the current one." (interactive "p") - (allout-open-topic 0 (> 0 arg) (< 1 arg))) + (allout-open-topic 0 (> 0 arg) (not (= 1 arg)))) ;;;_ > allout-open-supertopic (arg) (defun allout-open-supertopic (arg) "Open new topic header at shallower level than the current one. @@ -2821,7 +3066,7 @@ topic prior to the current one." (interactive "p") - (allout-open-topic -1 (> 0 arg))) + (allout-open-topic -1 (> 0 arg) (< 1 arg))) ;;;_ - Outline Alteration ;;;_ : Topic Modification @@ -2877,15 +3122,15 @@ (setq old-indent-begin (match-beginning 1) old-indent-end (match-end 1)) (not (looking-at allout-regexp))) - (if (> 0 (setq excess (- (current-column) - old-margin))) + (if (> 0 (setq excess (- (- old-indent-end old-indent-begin) + old-margin))) ;; Text starts left of old margin - don't adjust: nil ;; Text was hanging at or right of old left margin - ;; reindent it, preserving its existing indentation ;; beyond the old margin: (delete-region old-indent-begin old-indent-end) - (indent-to (+ new-margin excess))))))))) + (indent-to (+ new-margin excess (current-column)))))))))) ;;;_ > allout-rebullet-current-heading (arg) (defun allout-rebullet-current-heading (arg) "Solicit new bullet for current visible heading." @@ -2922,28 +3167,30 @@ "Adjust bullet of current topic prefix. +All args are optional. + If SOLICIT is non-nil, then the choice of bullet is solicited from user. If it's a character, then that character is offered as the default, otherwise the one suited to the context \(according to distinction or depth) is offered. If non-nil, then the context-specific bullet is just used. -Second arg NEW-DEPTH forces the topic prefix to that depth, regardless +Second arg DEPTH forces the topic prefix to that depth, regardless of the topic's current depth. Third arg NUMBER-CONTROL can force the prefix to or away from numbered form. It has effect only if `allout-numbered-bullet' is non-nil and soliciting was not explicitly invoked (via first arg). Its effect, numbering or denumbering, then depends on the setting -of the fourth arg, INDEX. +of the forth arg, INDEX. -If NUMBER-CONTROL is non-nil and fourth arg INDEX is nil, then the +If NUMBER-CONTROL is non-nil and forth arg INDEX is nil, then the prefix of the topic is forced to be non-numbered. Null index and non-nil NUMBER-CONTROL forces denumbering. Non-nil INDEX (and non-nil NUMBER-CONTROL) forces a numbered-prefix form. If non-nil INDEX is a number, then that number is used for the numbered prefix. Non-nil and non-number means that the index for the -numbered prefix will be derived by `allout-make-topic-prefix'. +numbered prefix will be derived by allout-make-topic-prefix. Fifth arg DO-SUCCESSORS t means re-resolve count on succeeding siblings. @@ -2986,9 +3233,10 @@ ; Put in new prefix: (allout-unprotected (insert new-prefix)) - ;; Reindent the body if elected and margin changed: + ;; Reindent the body if elected, margin changed, and not encrypted body: (if (and allout-reindent-bodies - (not (= new-depth current-depth))) + (not (= new-depth current-depth)) + (not (allout-encrypted-topic-p))) (allout-reindent-body current-depth new-depth)) ;; Recursively rectify successive siblings of orig topic if @@ -3010,7 +3258,7 @@ ) ; defun ;;;_ > allout-rebullet-topic (arg) (defun allout-rebullet-topic (arg) - "Like `allout-rebullet-topic-grunt', but start from topic visible at point. + "Rebullet the visible topic containing point and all contained subtopics. Descends into invisible as well as visible topics, however. @@ -3036,18 +3284,18 @@ starting-point index do-successors) + "Like `allout-rebullet-topic', but on nearest containing topic +\(visible or not). - "Rebullet the topic at point, visible or invisible, and all -contained subtopics. See `allout-rebullet-heading' for rebulleting -behavior. +See `allout-rebullet-heading' for rebulleting behavior. -Arg RELATIVE-DEPTH means to shift the depth of the entire -topic that amount. +All arguments are optional. -\(fn &optional RELATIVE-DEPTH)" +First arg RELATIVE-DEPTH means to shift the depth of the entire +topic that amount. - ;; All args except the first one are for internal recursive use by the - ;; function itself. +The rest of the args are for internal recursive use by the function +itself. The are STARTING-DEPTH, STARTING-POINT, and INDEX." (let* ((relative-depth (or relative-depth 0)) (new-depth (allout-depth)) @@ -3177,13 +3425,42 @@ (setq more (allout-next-sibling depth nil)))))) ;;;_ > allout-shift-in (arg) (defun allout-shift-in (arg) - "Increase depth of current heading and any topics collapsed within it." + "Increase depth of current heading and any topics collapsed within it. + +We disallow shifts that would result in the topic having a depth more than +one level greater than the immediately previous topic, to avoid containment +discontinuity. The first topic in the file can be adjusted to any positive +depth, however." (interactive "p") + (if (> arg 0) + (save-excursion + (allout-back-to-current-heading) + (if (not (bobp)) + (let* ((current-depth (allout-recent-depth)) + (start-point (point)) + (predecessor-depth (progn + (forward-char -1) + (allout-goto-prefix) + (if (< (point) start-point) + (allout-recent-depth) + 0)))) + (if (and (> predecessor-depth 0) + (> (+ current-depth arg) + (1+ predecessor-depth))) + (error (concat "May not shift deeper than offspring depth" + " of previous topic"))))))) (allout-rebullet-topic arg)) ;;;_ > allout-shift-out (arg) (defun allout-shift-out (arg) - "Decrease depth of current heading and any topics collapsed within it." + "Decrease depth of current heading and any topics collapsed within it. + +We disallow shifts that would result in the topic having a depth more than +one level greater than the immediately previous topic, to avoid containment +discontinuity. The first topic in the file can be adjusted to any positive +depth, however." (interactive "p") + (if (< arg 0) + (allout-shift-in (* arg -1))) (allout-rebullet-topic (* arg -1))) ;;;_ : Surgery (kill-ring) functions with special provisions for outlines: ;;;_ > allout-kill-line (&optional arg) @@ -3191,24 +3468,56 @@ "Kill line, adjusting subsequent lines suitably for outline mode." (interactive "*P") - (if (not (and (allout-mode-p) ; active outline mode, - allout-numbered-bullet ; numbers may need adjustment, - (bolp) ; may be clipping topic head, - (looking-at allout-regexp))) ; are clipping topic head. - ;; Above conditions do not obtain - just do a regular kill: - (kill-line arg) - ;; Ah, have to watch out for adjustments: - (let* ((depth (allout-depth))) - ; Do the kill: - (kill-line arg) + + (let ((start-point (point)) + (leading-kill-ring-entry (car kill-ring)) + binding) + + (condition-case err + + (if (not (and (allout-mode-p) ; active outline mode, + allout-numbered-bullet ; numbers may need adjustment, + (bolp) ; may be clipping topic head, + (looking-at allout-regexp))) ; are clipping topic head. + ;; Above conditions do not obtain - just do a regular kill: + (kill-line arg) + ;; Ah, have to watch out for adjustments: + (let* ((depth (allout-depth)) + (start-point (point)) + binding) + ; Do the kill, presenting option + ; for read-only text: + (kill-line arg) ; Provide some feedback: - (sit-for 0) - (save-excursion + (sit-for 0) + (save-excursion ; Start with the topic ; following killed line: - (if (not (looking-at allout-regexp)) - (allout-next-heading)) - (allout-renumber-to-depth depth))))) + (if (not (looking-at allout-regexp)) + (allout-next-heading)) + (allout-renumber-to-depth depth)))) + ;; condition case handler: + (text-read-only + (goto-char start-point) + (setq binding (where-is-internal 'allout-kill-topic nil t)) + (cond ((not binding) (setq binding "")) + ((arrayp binding) + (setq binding (mapconcat 'key-description (list binding) ", "))) + (t (setq binding (format "%s" binding)))) + ;; ensure prior kill-ring leader is properly restored: + (if (eq leading-kill-ring-entry (cadr kill-ring)) + ;; Aborted kill got pushed on front - ditch it: + (pop kill-ring) + ;; Aborted kill got appended to prior - resurrect prior: + (setcar kill-ring leading-kill-ring-entry)) + ;; make last-command skip this failed command, so kill-appending + ;; conditions track: + (setq this-command last-command) + (error (concat "read-only text hit - use %s allout-kill-topic to" + " discard collapsed stuff") + binding))) + ) + ) ;;;_ > allout-kill-topic () (defun allout-kill-topic () "Kill topic together with subtopics. @@ -3236,14 +3545,14 @@ (>= (allout-recent-depth) depth)))) (forward-char 1))) - (kill-region beg (point)) + (allout-unprotected (kill-region beg (point))) (sit-for 0) (save-excursion (allout-renumber-to-depth depth)))) ;;;_ > allout-yank-processing () (defun allout-yank-processing (&optional arg) - "Incidental outline specific business to be done just after text yanks. + "Incidental outline-specific business to be done just after text yanks. Does depth adjustment of yanked topics, when: @@ -3259,7 +3568,7 @@ The point is left in front of yanked, adjusted topics, rather than at the end (and vice-versa with the mark). Non-adjusted yanks, -however, are left exactly like normal, not outline specific yanks." +however, are left exactly like normal, non-allout-specific yanks." (interactive "*P") ; Get to beginning, leaving @@ -3463,6 +3772,60 @@ ;;;_ #6 Exposure Control ;;;_ - Fundamental +;;;_ > allout-flag-region (from to flag) +(defun allout-flag-region (from to flag) + "Hide or show lines from FROM to TO, via Emacs selective-display FLAG char. +Ie, text following flag C-m \(carriage-return) is hidden until the +next C-j (newline) char. + +Returns the endpoint of the region." + ;; "OFR-" prefixes to avoid collisions with vars in code calling the macro. + ;; ie, elisp macro vars are not 'hygenic', so distinct names are necessary. + (let ((was-inhibit-r-o inhibit-read-only) + (was-undo-list buffer-undo-list) + (was-modified (buffer-modified-p)) + trans) + (unwind-protect + (save-excursion + (setq inhibit-read-only t) + (setq buffer-undo-list t) + (if (> from to) + (setq trans from from to to trans)) + (subst-char-in-region from to + (if (= flag ?\n) ?\r ?\n) + flag t) + ;; adjust character read-protection on all the affected lines. + ;; we handle the region line-by-line. + (goto-char to) + (end-of-line) + (setq to (min (+ 2 (point)) (point-max))) + (goto-char from) + (beginning-of-line) + (while (< (point) to) + ;; handle from start of exposed to beginning of hidden, or eol: + (remove-text-properties (point) + (progn (if (re-search-forward "[\r\n]" + nil t) + (forward-char -1)) + (point)) + '(read-only nil)) + ;; handle from start of hidden, if any, to eol: + (if (and (not (eobp)) (= (char-after (point)) ?\r)) + (put-text-property (point) (progn (end-of-line) (point)) + 'read-only t)) + ;; Handle the end-of-line to beginning of next line: + (if (not (eobp)) + (progn (forward-char 1) + (remove-text-properties (1- (point)) (point) + '(read-only nil))))) + ) + (if (not was-modified) + (set-buffer-modified-p nil)) + (setq inhibit-read-only was-inhibit-r-o) + (setq buffer-undo-list was-undo-list) + ) + ) + ) ;;;_ > allout-flag-current-subtree (flag) (defun allout-flag-current-subtree (flag) "Hide or show subtree of currently-visible topic. @@ -3471,9 +3834,9 @@ (save-excursion (allout-back-to-current-heading) - (allout-flag-region (point) - (progn (allout-end-of-current-subtree) (1- (point))) - flag))) + (let ((from (point)) + (to (progn (allout-end-of-current-subtree) (1- (point))))) + (allout-flag-region from to flag)))) ;;;_ - Topic-specific ;;;_ > allout-show-entry () @@ -3482,7 +3845,7 @@ This is a way to give restricted peek at a concealed locality without the expense of exposing its context, but can leave the outline with aberrant -exposure. `allout-hide-current-entry-completely' or `allout-show-to-offshoot' +exposure. `allout-hide-current-entry-completely' or `allout-show-offshoot' should be used after the peek to rectify the exposure." (interactive) @@ -3602,7 +3965,7 @@ (allout-back-to-current-heading) (save-excursion (allout-flag-region (point) - (progn (allout-end-of-current-entry) (point)) + (progn (allout-end-of-entry) (point)) ?\r))) ;;;_ > allout-show-current-entry (&optional arg) (defun allout-show-current-entry (&optional arg) @@ -3614,8 +3977,9 @@ (allout-hide-current-entry) (save-excursion (allout-flag-region (point) - (progn (allout-end-of-current-entry) (point)) - ?\n)))) + (progn (allout-end-of-entry) (point)) + ?\n) + ))) ;;;_ > allout-hide-current-entry-completely () ; ... allout-hide-current-entry-completely also for isearch dynamic exposure: (defun allout-hide-current-entry-completely () @@ -3846,7 +4210,11 @@ max-pos))) ;;;_ > allout-old-expose-topic (spec &rest followers) (defun allout-old-expose-topic (spec &rest followers) - "Dictate wholesale exposure scheme for current topic, according to SPEC. + + "Deprecated. Use `allout-expose-topic' \(with different schema +format) instead. + +Dictate wholesale exposure scheme for current topic, according to SPEC. SPEC is either a number or a list. Optional successive args dictate exposure for subsequent siblings of current topic. @@ -3918,9 +4286,6 @@ (allout-old-expose-topic (car followers)) (setq followers (cdr followers))) max-pos)) -(make-obsolete 'allout-old-expose-topic - "use `allout-expose-topic' (with different schema format) instead." - "19.23") ;;;_ > allout-new-exposure '() (defmacro allout-new-exposure (&rest spec) "Literal frontend for `allout-expose-topic', doesn't evaluate arguments. @@ -3929,6 +4294,8 @@ Cursor is left at start position. +Use this instead of obsolete `allout-exposure'. + Examples: \(allout-new-exposure (-1 () () () 1) 0) Close current topic at current level so only the immediate @@ -4151,13 +4518,20 @@ (cdr format))))))) ;; Put the list with first at front, to last at back: (nreverse result)))) +;;;_ > my-region-active-p () +(defmacro my-region-active-p () + (if (fboundp 'region-active-p) + '(region-active-p) + 'mark-active)) ;;;_ > allout-process-exposed (&optional func from to frombuf ;;; tobuf format) (defun allout-process-exposed (&optional func from to frombuf tobuf - format start-num) + format &optional start-num) "Map function on exposed parts of current topic; results to another buffer. -Apply FUNC to exposed portions FROM position TO position in buffer +All args are options; default values itemized below. + +Apply FUNCTION to exposed portions FROM position TO position in buffer FROMBUF to buffer TOBUF. Sixth optional arg, FORMAT, designates an alternate presentation form: @@ -4170,7 +4544,7 @@ except for distinctive bullets. Defaults: - FUNC: `allout-insert-listified' + FUNCTION: `allout-insert-listified' FROM: region start, if region active, else start of buffer TO: region end, if region active, else end of buffer FROMBUF: current buffer @@ -4219,9 +4593,7 @@ \`(depth prefix text)' -or - - \`(depth prefix text bullet-plus)' +or \`(depth prefix text bullet-plus)' If `bullet-plus' is specified, it is inserted just after the entire prefix." (setq listified (cdr listified)) @@ -4237,7 +4609,7 @@ (while text (insert (car text)) (if (setq text (cdr text)) - (insert "\n"))) + (insert-string "\n"))) (insert "\n"))) ;;;_ > allout-copy-exposed-to-buffer (&optional arg tobuf format) (defun allout-copy-exposed-to-buffer (&optional arg tobuf format) @@ -4440,14 +4812,14 @@ body-content bop) ; Do the head line: (insert (concat "\\OneHeadLine{\\verb\1 " - (allout-latex-verb-quote bullet) - "\1}{" - depth - "}{\\verb\1 " - (if head-line - (allout-latex-verb-quote head-line) - "") - "\1}\n")) + (allout-latex-verb-quote bullet) + "\1}{" + depth + "}{\\verb\1 " + (if head-line + (allout-latex-verb-quote head-line) + "") + "\1}\n")) (if (not body-lines) nil ;;(insert "\\beginlines\n") @@ -4509,7 +4881,615 @@ (pop-to-buffer buf) (goto-char start-pt))) -;;;_ #8 miscellaneous +;;;_ #8 Encryption +;;;_ > allout-toggle-current-subtree-encryption (&optional fetch-key) +(defun allout-toggle-current-subtree-encryption (&optional fetch-key) + "Encrypt clear text or decrypt encoded contents of a topic. + +Contents includes body and subtopics. + +Currently only GnuPG encryption is supported. + +\**NOTE WELL** that the encrypted text must be ascii-armored. For gnupg +encryption, include the option ``armor'' in your ~/.gnupg/gpg.conf file. + +Both symmetric-key and key-pair encryption is implemented. Symmetric is +the default, use a single \(x4) universal argument for keypair mode. + +Encrypted topic's bullet is set to a `~' to signal that the contents of the +topic \(body and subtopics, but not heading) is pending encryption or +encrypted. An `*' asterisk immediately after the bullet signals that the +body is encrypted, its absence means it's meant to be encrypted but is not +- it's \"disclosed\". When a file with disclosed topics is saved, the user +prompted for an ok to \(symmetric-key) encrypt the disclosed topics. NOTE +WELL that you must explicitly \(re)encrypt key-pair encrypted topics if you +want them to continue to be in key-pair mode. + +Level-1 topics, with prefix consisting solely of an `*' asterisk, cannot be +encrypted. If you want to encrypt the contents of a top-level topic, use +\\[allout-shift-in] to increase its depth. + +Failed transformation does not change the an entry being encrypted - +instead, the key is re-solicited and the transformation is retried. +\\[keyboard-quit] to abort. + +Decryption does symmetric or key-pair key mode depending on how the text +was encrypted. The encryption key is solicited if not currently available +from the key cache from a recent prior encryption action. + +Optional FETCH-KEY universal argument is used for two purposes - to provoke +key-pair instead of symmetric encryption, or to provoke clearing of the key +cache so keys are freshly fetched. + + - Without any universal arguments, then the appropriate key for the is + obtained from the cache, if available, else from the user. + + - If FETCH-KEY is the result of one universal argument - ie, equal to 4 - + then key-pair encryption is used. + + - With repeated universal argument - equal to 16 - then the key cache is + cleared before any encryption transformations, to force prompting of the + user for the key. + +The solicited key is retained for reuse in a buffer-specific cache for some +set period of time \(default, 60 seconds), after which the string is +nulled. `mailcrypt' provides the key caching functionality. You can +adjust the key cache timeout by ajdusting the setting of the elisp variable +`mc-passwd-timeout'. + +If the file previously had no associated key, or had a different key than +specified, the user is prompted to repeat the new one for corroboration. A +random string encrypted by the new key is set on the buffer-specific +variable `allout-key-verifier-string', for confirmation of the key when +next obtained, before encrypting or decrypting anything with it. This +helps avoid mistakenly shifting between keys. + +If allout customization var `allout-key-verifier-handling' is non-nil, an +entry for `allout-key-verifier-string' and its value is added to an Emacs +'local variables' section at the end of the file, which is created if +necessary. That setting is for retention of the key verifier across emacs +sessions. + +Similarly, `allout-key-hint-string' stores a user-provided reminder about +their key, and `allout-key-hint-handling' specifies when the hint is +presented, or if key hints are disabled. If enabled \(see the +`allout-key-hint-handling' docstring for details), the hint string is +stored in the local-variables section of the file, and solicited whenever +the key is changed." + +;;; This routine handles allout-specific business, dispatching +;;; encryption-specific business to allout-encrypt-string. + + (interactive "P") + (save-excursion + (allout-end-of-prefix t) + + (if (= (allout-recent-depth) 1) + (error (concat "Cannot encrypt or decrypt level 1 topics -" + " shift it in to make it encryptable"))) + + (if (and fetch-key + (not (equal fetch-key '(4)))) + (mc-deactivate-passwd)) + + (let* ((allout-buffer (current-buffer)) + ;; Asses location: + (after-bullet-pos (point)) + (was-encrypted + (progn (if (= (point-max) after-bullet-pos) + (error "no body to encrypt")) + (looking-at "\\*"))) + (was-collapsed (if (not (re-search-forward "[\n\r]" nil t)) + nil + (backward-char 1) + (looking-at "\r"))) + (subtree-beg (1+ (point))) + (subtree-end (allout-end-of-subtree)) + (subject-text (buffer-substring-no-properties subtree-beg + subtree-end)) + (subtree-end-char (char-after (1- subtree-end))) + (subtree-trailling-char (char-after subtree-end)) + (place-holder (if (or (string= "" subject-text) + (string= "\n" subject-text)) + (error "No topic contents to %scrypt" + (if was-encrypted "de" "en")))) + ;; Assess key parameters: + (key-type (or + ;; detect the type by which it is already encrypted + (and was-encrypted + (allout-encrypted-text-type subject-text)) + (and (member fetch-key '(4 (4))) + (yes-or-no-p "Use key-pair encryption instead? ") + 'keypair) + 'symmetric)) + (fetch-key (and fetch-key (not (member fetch-key '(16 (16)))))) + result-text) + + (setq result-text + (allout-encrypt-string subject-text was-encrypted + (current-buffer) key-type fetch-key)) + + ;; Replace the subtree with the processed product. + (allout-unprotected + (progn + (set-buffer allout-buffer) + (delete-region subtree-beg subtree-end) + (insert result-text) + (if was-collapsed + (allout-flag-region subtree-beg (1- (point)) ?\r)) + ;; adjust trailling-blank-lines to preserve topic spacing: + (if (not was-encrypted) + (if (and (member subtree-end-char '(?\r ?\n)) + (member subtree-trailling-char '(?\r ?\n))) + (insert subtree-trailling-char))) + ;; Ensure that the item has an encrypted-entry bullet: + (if (not (string= (buffer-substring-no-properties + (1- after-bullet-pos) after-bullet-pos) + allout-topic-encryption-bullet)) + (progn (goto-char (1- after-bullet-pos)) + (delete-char 1) + (insert allout-topic-encryption-bullet))) + (if was-encrypted + ;; Remove the is-encrypted bullet qualifier: + (progn (goto-char after-bullet-pos) + (delete-char 1)) + ;; Add the is-encrypted bullet qualifier: + (goto-char after-bullet-pos) + (insert "*")) + ) + ) + ) + ) + ) +;;;_ > allout-encrypt-string (text decrypt allout-buffer key-type rekey +;;; &optional retried verifying) +(defun allout-encrypt-string (text decrypt allout-buffer key-type rekey + &optional retried verifying) + "Encrypt or decrypt a string TEXT using KEY. + +If optional DECRYPT is true (default false), then decrypt instead of +encrypt. + +Optional REKEY (default false) provokes clearing of the key cache to force +fresh prompting for the key. + +Optional RETRIED is for internal use - conveys the number of failed keys have +been solicited in sequence leading to this current call. + +Optional VERIFYING is for internal use, signifying processing of text +solely for verification of the cached key. + +Returns the resulting string, or nil if the transformation fails." + + ;; Ensure that we have an alternate handle on the real mc-activate-passwd: + (if (not (fboundp 'real-mc-activate-passwd)) + ;; Force loads of the primary mailcrypt packages, so flet below holds. + (progn (require 'mailcrypt) + (load "mc-toplev") + (fset 'real-mc-activate-passwd + (symbol-function 'mc-activate-passwd)))) + + (if (and rekey (not verifying)) (mc-deactivate-passwd)) + + (catch 'encryption-failed + (save-excursion + + (let* ((mc-default-scheme (or allout-encryption-scheme + allout-default-encryption-scheme)) + (id (format "%s-%s" key-type + (or (buffer-file-name allout-buffer) + (buffer-name allout-buffer)))) + (cached (real-mc-activate-passwd id nil)) + (comment "Processed by allout driving mailcrypt") + key work-buffer result result-text encryption-process-status) + + (unwind-protect + + ;; Interject our mc-activate-passwd wrapper: + (flet ((mc-activate-passwd (id &optional prompt) + (allout-mc-activate-passwd id prompt))) + + (setq work-buffer + (set-buffer (allout-encryption-produce-work-buffer text))) + + (cond + + ;; symmetric: + ((equal key-type 'symmetric) + (setq key (if verifying + (real-mc-activate-passwd id nil) + (allout-mc-activate-passwd id))) + (setq encryption-process-status + (crypt-encrypt-buffer key decrypt)) + (if (zerop encryption-process-status) + t + (if verifying + (throw 'encryption-failed nil) + (mc-deactivate-passwd) + (error "Symmetric-key encryption failed (%s) - wrong key?" + encryption-process-status)))) + + ;; encrypt 'keypair: + ((not decrypt) + (condition-case result + (mailcrypt-encrypt 1) + (error (mc-deactivate-passwd) + (error "encryption failed: %s" + (cadr result))))) + + ;; decrypt 'keypair: + (t (condition-case result + (mc-decrypt) + (error (mc-deactivate-passwd) + (error "decryption failed: %s" + (cadr result)))))) + + (setq result-text (if (or (equal key-type 'keypair) + (not decrypt)) + (buffer-substring 1 (1- (point-max))) + (buffer-string))) + ;; validate result - non-empty + (cond ((not result-text) + (if verifying + nil + ;; Transformation was fruitless - retry with new key. + (mc-deactivate-passwd) + (allout-encrypt-string text allout-buffer decrypt nil + (if retried (1+ retried) 1) + verifying))) + + ;; Barf if encryption yields extraordinary control chars: + ((and (not decrypt) + (string-match "[\C-a\C-k\C-o-\C-z\C-@]" result-text)) + (error (concat "encryption produced unusable" + " non-armored text - reconfigure!"))) + + ;; valid result and just verifying or non-symmetric: + ((or verifying (not (equal key-type 'symmetric))) + result-text) + + ;; valid result and regular symmetric - situate validator: + (t + ;; valid result and verifier needs to be situated in + ;; allout-buffer: + (set-buffer allout-buffer) + (if (and (or rekey (not cached)) + (not (allout-verify-key key allout-buffer))) + (allout-situate-encryption-key-verifier key id)) + result-text) + ) + ) + + ;; unwind-protect emergence: + (if work-buffer + (kill-buffer work-buffer)) + ) + ) + ) + ) + ) +;;;_ > allout-mc-activate-passwd (id &optional prompt) +(defun allout-mc-activate-passwd (id &optional prompt) + "Substituted for mc-activate-passwd during allout outline encryption. + +We add key-verification to vanilla mc-activate-passwd. + +We depend in some cases on values of the following allout-encrypt-string +internal or prevailing variables: + - key-type - 'symmetric or 'keypair + - id - id associated with current key in key cache + - allout-buffer - where subject text resides + - retried - number of current attempts to obtain this key + - rekey - user asked to present a new key - needs to be confirmed" + +;; - if we're doing non-symmetric key, just do normal mc-activate-passwd +;; - otherwise, if we are have a cached version of the key, then assume +;; it's verified and return it +;; - otherwise, prompt for a key, and: +;; - if we have a key verifier \(a string value which should decrypt +;; against a symmetric key), validate against the verifier +;; - if successful, return the verified key +;; - if unsuccessful: +;; - offer to use the new key +;; - if accepted, do confirm process +;; - if refused, try again until we get a correctly spelled one or the +;; user quits +;; - if no key verifier, resolicit the key to get corroboration and return +;; the corroborated key if spelled identically, or error if not. + + (if (not (equal key-type 'symmetric)) + ;; do regular mc-activate-passwd on non-symmetric key + (real-mc-activate-passwd id prompt) + + ;; Symmetric hereon: + + (save-excursion + (set-buffer allout-buffer) + (let* ((hint (if (and (not (string= allout-key-hint-string "")) + (or (equal allout-key-hint-handling 'always) + (and (equal allout-key-hint-handling 'needed) + retried))) + (format " [%s]" allout-key-hint-string) + "")) + (retry-message (if retried (format " (%s retry)" retried) "")) + (prompt-sans-hint (format "'%s' symmetric key%s: " + (buffer-name allout-buffer) + retry-message)) + (full-prompt (format "'%s' symmetric key%s%s: " + (buffer-name allout-buffer) + hint retry-message)) + (prompt full-prompt) + (verifier-string (allout-get-encryption-key-verifier)) + ;; force retention of cached passwords for five minutes while + ;; we're in this particular routine: + (mc-passwd-timeout 300) + (cached (real-mc-activate-passwd id nil)) + (got (or cached (real-mc-activate-passwd id full-prompt))) + confirmation) + + (if (not got) + nil + + ;; Duplicate our handle on the key so it's not clobbered by + ;; deactivate-passwd memory clearing: + (setq got (format "%s" got)) + + (cond (verifier-string + (if (and (not (allout-encrypt-string + verifier-string 'decrypt allout-buffer + 'symmetric nil 0 'verifying)) + (if (yes-or-no-p + (concat "Key differs from established" + " - use new one instead? ")) + ;; deactivate password for subsequent + ;; confirmation: + (progn (mc-deactivate-passwd) + (setq prompt prompt-sans-hint) + nil) + t)) + (progn (mc-deactivate-passwd) + (error "Wrong key.")))) + ;; Force confirmation by repetition for new key: + ((or rekey (not cached)) (mc-deactivate-passwd)))) + ;; we have a key and it's either verified and cached. + ;; confirmation vs new input - doing mc-activate-passwd will do the + ;; right thing, in either case: + (setq confirmation + (real-mc-activate-passwd id (concat prompt + " ... confirm spelling: "))) + (prog1 + (if (equal got confirmation) + confirmation + (if (yes-or-no-p (concat "spelling of original and" + " confirmation differ - retry? ")) + (progn (setq retried (if retried (1+ retried) 1)) + (mc-deactivate-passwd) + ;; recurse to this routine: + (mc-activate-passwd id prompt-sans-hint)) + (mc-deactivate-passwd) + (error "Confirmation failed."))) + ;; reduce opportunity for memory cherry-picking by zeroing duplicate: + (dotimes (i (length got)) + (aset got i 0)) + ) + ) + ) + ) + ) +;;;_ > allout-encryption-produce-work-buffer (text) +(defun allout-encryption-produce-work-buffer (text) + "Establish a new buffer filled with TEXT, for outline encrypion processing. + +TEXT is massaged so outline collapsing, if any, is removed." + (let ((work-buffer (generate-new-buffer " *allout encryption*"))) + (save-excursion + (set-buffer work-buffer) + (insert (subst-char-in-string ?\r ?\n text))) + work-buffer)) +;;;_ > allout-encrypted-topic-p () +(defun allout-encrypted-topic-p () + "True if the current topic is encryptable and encrypted." + (save-excursion + (allout-end-of-prefix t) + (and (string= (buffer-substring-no-properties (1- (point)) (point)) + allout-topic-encryption-bullet) + (looking-at "\\*")) + ) + ) +;;;_ > allout-encrypted-text-type (text) +;;; XXX gpg-specific, not generic! +(defun allout-encrypted-text-type (text) + "For gpg encrypted text, return 'symmetric or 'keypair." + + ;; Ensure mc-gpg-path has a value: + (if (not (boundp 'mc-gpg-path)) + (load-library "mc-gpg")) + + (save-excursion + (let* ((work-buffer (set-buffer + (allout-encryption-produce-work-buffer text))) + (result (mc-gpg-process-region (point-min) (point-max) + nil mc-gpg-path + '("--batch" "--decrypt") + 'mc-gpg-decrypt-parser + work-buffer nil))) + (cond ((equal (nth 0 result) 'symmetric) + 'symmetric) + ((equal (nth 0 result) t) + 'keypair) + (t (error "Unrecognized/unsupported encryption type %S" + (nth 0 result)))) + ) + ) + ) +;;;_ > allout-create-encryption-key-verifier (key id) +(defun allout-create-encryption-key-verifier (key id) + "Encrypt a random message for later validation of symmetric key." + ;; use 20 random ascii characters, across the entire ascii range. + (random t) + (let ((spew (make-string 20 ?\0))) + (dotimes (i (length spew)) + (aset spew i (1+ (random 254)))) + (allout-encrypt-string spew nil nil 'symmetric nil nil t)) + ) +;;;_ > allout-situate-encryption-key-verifier (key id) +(defun allout-situate-encryption-key-verifier (key id) + "Establish key verifier string on file variable. + +We also prompt for and situate a new reminder, if reminders are enabled. + +We massage the string to simplify programmatic adjustment. File variable +is `allout-file-key-verifier-string'." + (let ((verifier-string + ;; Collapse to a single line and enclose in string quotes: + (subst-char-in-string ?\n ?\C-a + (allout-create-encryption-key-verifier + key id))) + (reminder (if (not (equal allout-key-hint-handling 'disabled)) + (read-from-minibuffer + "Key hint to jog your memory next time: " + allout-key-hint-string)))) + (setq allout-key-verifier-string verifier-string) + (allout-adjust-file-variable "allout-key-verifier-string" + verifier-string) + (cond ((equal allout-key-hint-handling 'disabled) + nil) + ((not (string= reminder allout-key-hint-string)) + (setq allout-key-hint-string reminder) + (allout-adjust-file-variable "allout-key-hint-string" + reminder))) + ) + ) +;;;_ > allout-get-encryption-key-verifier () +(defun allout-get-encryption-key-verifier () + "Return the text of the encrypt key verifier, unmassaged, or nil if none. + +Derived from value of `allout-file-key-verifier-string'." + + (let ((verifier-string (and (boundp 'allout-key-verifier-string) + allout-key-verifier-string))) + (if verifier-string + ;; Return it uncollapsed + (subst-char-in-string ?\C-a ?\n verifier-string) + nil) + ) + ) +;;;_ > allout-verify-key (key) +(defun allout-verify-key (key allout-buffer) + "True if key successfully decrypts key verifier, nil otherwise. + +\"Otherwise\" includes absence of key verifier." + (save-excursion + (set-buffer allout-buffer) + (and (boundp 'allout-key-verifier-string) + allout-key-verifier-string + (allout-encrypt-string (allout-get-encryption-key-verifier) + 'decrypt allout-buffer 'symmetric + nil nil 'verifying) + t))) +;;;_ > allout-next-topic-pending-encryption (&optional except-mark) +(defun allout-next-topic-pending-encryption (&optional except-mark) + "Return the point of the next topic pending encryption, or nil if none. + +EXCEPT-MARK identifies a point whose containing topics should be excluded +from encryption. This supports 'except-current mode of +`allout-encrypt-unencrypted-on-saves'. + +Such a topic has the allout-topic-encryption-bullet without an +immediately following '*' that would mark the topic as being encrypted. It +must also have content." + (let (done got content-beg) + (while (not done) + + (if (not (re-search-forward + (format "\\(\\`\\|[\n\r]\\)%s *%s[^*]" + (regexp-quote allout-header-prefix) + (regexp-quote allout-topic-encryption-bullet)) + nil t)) + (setq got nil + done t) + (goto-char (setq got (match-beginning 0))) + (if (looking-at "[\n\r]") + (forward-char 1)) + (setq got (point))) + + (cond ((not got) + (setq done t)) + + ((not (re-search-forward "[\n\r]")) + (setq got nil + done t)) + + ((eobp) + (setq got nil + done t)) + + (t + (setq content-beg (point)) + (backward-char 1) + (allout-end-of-subtree) + (if (or (<= (point) content-beg) + (and except-mark + (<= content-beg except-mark) + (>= (point) except-mark))) + ;; Continue looking + (setq got nil) + ;; Got it! + (setq done t))) + ) + ) + (if got + (goto-char got)) + ) + ) +;;;_ > allout-encrypt-decrypted (&optional except-mark) +(defun allout-encrypt-decrypted (&optional except-mark) + "Encrypt topics pending encryption except those containing exemption point. + +EXCEPT-MARK identifies a point whose containing topics should be excluded +from encryption. This supports 'except-current mode of +`allout-encrypt-unencrypted-on-saves'. + +If a topic that is currently being edited was encrypted, we return a list +containing the location of the topic and the location of the cursor just +before the topic was encrypted. This can be used, eg, to decrypt the topic +and exactly resituate the cursor if this is being done as part of a file +save. See `allout-encrypt-unencrypted-on-saves' for more info." + + (interactive "p") + (save-excursion + (let ((current-mark (point-marker)) + was-modified + bo-subtree + editing-topic editing-point) + (goto-char (point-min)) + (while (allout-next-topic-pending-encryption except-mark) + (setq was-modified (buffer-modified-p)) + (if (save-excursion + (and (boundp 'allout-encrypt-unencrypted-on-saves) + allout-encrypt-unencrypted-on-saves + (setq bo-subtree (re-search-forward "[\n\r]")) + ;; Not collapsed: + (string= (match-string 0) "\n") + (>= current-mark (point)) + (allout-end-of-current-subtree) + (<= current-mark (point)))) + (setq editing-topic (point) + ;; we had to wait for this 'til now so prior topics are + ;; encrypted, any relevant text shifts are in place: + editing-point (marker-position current-mark))) + (allout-toggle-current-subtree-encryption) + (if (not was-modified) + (set-buffer-modified-p nil)) + ) + (if (not was-modified) + (set-buffer-modified-p nil)) + (if editing-topic (list editing-topic editing-point)) + ) + ) + ) + +;;;_ #9 miscellaneous ;;;_ > allout-mark-topic () (defun allout-mark-topic () "Put the region around topic currently containing point." @@ -4538,22 +5518,100 @@ t (allout-open-topic 2) (insert (concat "Dummy outline topic header - see" - "`allout-mode' docstring: `^Hm'.")) - (forward-line 1) + "`allout-mode' docstring: `^Hm'.")) + (allout-adjust-file-variable + "allout-layout" (format "%s" (or allout-layout '(-1 : 0))))))) +;;;_ > allout-file-vars-section-data () +(defun allout-file-vars-section-data () + "Return data identifying the file-vars section, or nil if none. + +Returns list `(beginning-point prefix-string suffix-string)'." + ;; minimally gleaned from emacs 21.4 files.el hack-local-variables function. + (let (beg prefix suffix) + (save-excursion (goto-char (point-max)) - (open-line 1) - (allout-open-topic 0) - (insert "Local emacs vars.\n") - (allout-open-topic 1) - (insert "(`allout-layout' is for allout.el allout-mode)\n") - (allout-open-topic 0) - (insert "Local variables:\n") - (allout-open-topic 0) - (insert (format "allout-layout: %s\n" - (or allout-layout - '(-1 : 0)))) - (allout-open-topic 0) - (insert "End:\n")))) + (search-backward "\n\^L" (max (- (point-max) 3000) (point-min)) 'move) + (if (let ((case-fold-search t)) + (not (search-forward "Local Variables:" nil t))) + nil + (setq beg (- (point) 16)) + (setq suffix (buffer-substring-no-properties + (point) + (progn (if (re-search-forward "[\n\r]" nil t) + (forward-char -1)) + (point)))) + (setq prefix (buffer-substring-no-properties + (progn (if (re-search-backward "[\n\r]" nil t) + (forward-char 1)) + (point)) + beg)) + (list beg prefix suffix)) + ) + ) + ) +;;;_ > allout-adjust-file-variable (varname value) +(defun allout-adjust-file-variable (varname value) + "Adjust the setting of an emacs file variable named VARNAME to VALUE. + +This activity is inhibited if either `enable-local-variables' +`allout-enable-file-variable-adjustment' are nil. + +When enabled, an entry for the variable is created if not already present, +or changed if established with a different value. The section for the file +variables, itself, is created if not already present. When created, the +section lines \(including the section line) exist as second-level topics in +a top-level topic at the end of the file. + +enable-local-variables must be true for any of this to happen." + (if (not (and enable-local-variables + allout-enable-file-variable-adjustment)) + nil + (save-excursion + (let ((section-data (allout-file-vars-section-data)) + beg prefix suffix) + (if section-data + (setq beg (car section-data) + prefix (cadr section-data) + suffix (car (cddr section-data))) + ;; create the section + (goto-char (point-max)) + (open-line 1) + (allout-open-topic 0) + (end-of-line) + (insert "Local emacs vars.\n") + (allout-open-topic 1) + (setq beg (point) + suffix "" + prefix (buffer-substring-no-properties (progn + (beginning-of-line) + (point)) + beg)) + (goto-char beg) + (insert "Local variables:\n") + (allout-open-topic 0) + (insert "End:\n") + ) + ;; look for existing entry or create one, leaving point for insertion + ;; of new value: + (goto-char beg) + (allout-show-to-offshoot) + (if (search-forward (concat "\n" prefix varname ":") nil t) + (let* ((value-beg (point)) + (line-end (progn (if (re-search-forward "[\n\r]" nil t) + (forward-char -1)) + (point))) + (value-end (- line-end (length suffix)))) + (if (> value-end value-beg) + (delete-region value-beg value-end))) + (end-of-line) + (open-line 1) + (forward-line 1) + (insert (concat prefix varname ":"))) + (insert (format " %S%s" value suffix)) + ) + ) + ) + ) ;;;_ > solicit-char-in-string (prompt string &optional do-defaulting) (defun solicit-char-in-string (prompt string &optional do-defaulting) "Solicit (with first arg PROMPT) choice of a character from string STRING. @@ -4594,8 +5652,7 @@ Representations of actual backslashes - '\\\\\\\\' - are left as a single backslash. -\(fn REGEXP)" -;; Optional arg SUCCESSIVE-BACKSLASHES is used internally for recursion. +Optional arg SUCCESSIVE-BACKSLASHES is used internally for recursion." (if (string= regexp "") "" @@ -4611,11 +5668,6 @@ (regexp-sans-escapes (substring regexp 1))) ;; Exclude first char, but maintain count: (regexp-sans-escapes (substring regexp 1) successive-backslashes)))) -;;;_ > my-region-active-p () -(defmacro my-region-active-p () - (if (fboundp 'region-active-p) - '(region-active-p) - 'mark-active)) ;;;_ - add-hook definition for divergent emacsen ;;;_ > add-hook (hook function &optional append) (if (not (fboundp 'add-hook)) @@ -4636,17 +5688,30 @@ (if append (nconc (symbol-value hook) (list function)) (cons function (symbol-value hook))))))) +;;;_ > subst-char-in-string if necessary +(if (not (fboundp 'subst-char-in-string)) + (defun subst-char-in-string (fromchar tochar string &optional inplace) + "Replace FROMCHAR with TOCHAR in STRING each time it occurs. +Unless optional argument INPLACE is non-nil, return a new string." + (let ((i (length string)) + (newstr (if inplace string (copy-sequence string)))) + (while (> i 0) + (setq i (1- i)) + (if (eq (aref newstr i) fromchar) + (aset newstr i tochar))) + newstr))) + ;;;_ : my-mark-marker to accommodate divergent emacsen: (defun my-mark-marker (&optional force buffer) "Accommodate the different signature for `mark-marker' across Emacsen. -XEmacs takes two optional args, while GNU Emacs does not, +XEmacs takes two optional args, while mainline GNU Emacs does not, so pass them along when appropriate." - (if (featurep 'xemacs) + (if (string-match " XEmacs " emacs-version) (mark-marker force buffer) (mark-marker))) -;;;_ #9 Under development +;;;_ #10 Under development ;;;_ > allout-bullet-isearch (&optional bullet) (defun allout-bullet-isearch (&optional bullet) "Isearch \(regexp) for topic with bullet BULLET." [-- Attachment #3: allout-ChangeLog.txt --] [-- Type: text/plain, Size: 6893 bytes --] 2005-09-30 Ken Manheimer <ken.manheimer@gmail.com> * allout.el: omnibus changes - new subsystem supporting easy gpg topic encryption/decryption. salient features: - both public- and symmetric-key modes are supported. - encryption being on a per-topic basis means you can intersperse encrypted and clear-text data in a single file to your heart's content. - user-provided symmetric-key hints, with consistency verification to help user avoid confusion - time-limited key reuse, a la (and using) mailcrypt's mc-passwd-timeout - write-file-hook and auto-save-hook activities to support auto encryption of pending topics on save; provision to skip currently-edited topic to avoid editing disturbance topic encryption functionality depends on both mailcrypt and crypt++ packages. (non-encryption allout functionality is not disrupted if either mailcrypt or crypt++ are absent.) docstring for `allout-toggle-current-subtree-encryption' and customization variables provide detailed description. code changes: new autoloads of crypt++ and mailcrypt routines, all for encryption functionality. 'allout customization subgroup now positioned in 'outlines group (instead of prior 'editing group) central topic-encryption entry point: (outline-toggle-current-subtree-encryption) other new encryption routines: (allout-encrypt-string, allout-encryption-produce-work-buffer, allout-encrypted-topic-p, allout-encrypted-text-type, allout-mc-activate-passwd, allout-create-encryption-key-verifier, allout-situate-encryption-key-verifier, allout-get-encryption-key-verifier, allout-verify-key, allout-next-topic-pending-encryption, allout-encrypt-decrypted, allout-encrypted-type-prefix) new customization variables: (outline-topic-encryption-bullet, outline-default-encryption-scheme, outline-key-verifier-handling, outline-key-hint-handling, outline-encrypt-unencrypted-on-saves) new operational variables: (allout-file-key-verifier-string, allout-encryption-scheme, allout-key-verifier-string, allout-key-hint-string, allout-after-save-decrypt) new hook functions for auto-encryption of pending topics: (allout-write-file-hook-handler, allout-auto-save-hook-handler, allout-after-saves-handler) (allout-post-command-business): do allout-after-save-decrypt - added mechanism for adding and adjusting settings of Emacs file variables. (allout-enable-file-variable-adjustment): custom var to enable mechanism (allout-adjust-file-variable, allout-file-vars-section-data): mechanism implementation (outlineify-sticky): use file vars mechanism - replaced broken mechanism for inhibition of concealed-text edits using read-only text instead of before-change-functions, because the latter can no longer veto the changes without being disabled. read-only text is more suitable and less complicated, anyway. (it also noticably slows massive exposure changes, but i consider the performance acceptable. eg, i have blanket auto-exposure set for my daily-notes log, which has real-world intricacy in a 1.1 Mb, 7000 topic outline, and have no problems working with it on a 200 MhZ windows laptop.) (allout-inhibit-protection, allout-during-write-cue, allout-override-protect, allout-before-change-protect): removed (allout-flag-region, allout-open-topic): revised to adjust read-only text (allout-open-line-not-read-only): added to facilitate read-only text based protection (allout-kill-line): revised to adjust read-only text, clue the user about the inhibition - (allout-unprotected): robustified with an unwind-protect - disallow manually shifting a topic deeper than the offspring depth of the previous topic - avoiding confusing "containment discontinuities" (allout-shift-in, allout-shift-out) - fixed retention of body relative hanging indent during promotion of collapsed bodies (allout-reindent-bodies) - made it easy to open new topic with same bullet as current topic - topic creation functions provided with any universal argument provokes now prompt for bullet, defaulting to the bullet of the previous topic. very ergonomic. (allout-open-topic) - (allout-plain-bullets-string, allout-distinctive-bullets-string): plain bullet alternates '.' period and ',' comma only. all other bullets are relegated to special status (but customizable) - (allout-end-of-entry): renamed from 'allout-end-of-current-entry since it actually operates w.r.t. most immediately containing entry, visible or not (allout-hide-current-entry, allout-show-current-entry): use the revised version - (allout-old-expose-topic): solidify deprecation. - (allout-end-of-subtree): added, so we can span concealed as well as visible topics. (allout-end-of-current-subtree): use `allout-end-of-subtree'. - (allout-end-of-current-heading): tweaked to just respect the first line - (allout-get-body-text): added - (allout-ascend-to-depth, allout-ascend): position at end of prefix when invoked interactively - (allout-up-current-level): use `interactive-p' - (allout-mode, allout-init): miscellaneous docstring and operational refinements, as well as hookups of new encryption stuff - comments and routine names better distinguish between: - topic body - the text contained after a header - topic header - the first line, before the body - topic entry - the header, body, and offspring - (allout-beginning-of-current-entry): now works as advertised - (allout-end-of-current-entry): relieved of superfluous allout-show-entry - (allout-isearch-rectification): refine condition for isearching (allout-isearch-abort, allout-enwrap-isearch) - reconciled with distributed allout.el 1.61 (current CVS version as of 09/30/2005), including interactive-p fixes, typo and coding style fixes, change of function prefix to "allout-", etc, and fixed problem created in outline yanking due to the interactive-p fixes - relocated some macros (allout-flag-region, my-region-active-p) - refined many docstrings, including anything from correcting typos to conceptual clarification and correction - (allout-title): fallback title is '(buffer-name)', not non-existing '(current-buffer-name)' - (subst-char-in-string): define if absent (for some xemacs versions) - corrected commentary 'keywords' to legitimate ones - updated comentary author info (using my current email address, obscurified) [-- Attachment #4: allout-news.txt --] [-- Type: text/plain, Size: 1154 bytes --] ** allout (extensive outline navigation and authoring mode), significantly updated: - topic cryptography added, enabling easy gpg topic encryption and decryption. per-topic basis enables interspersing encrypted-text and clear-text within a single file to your hearts content, using symmetric and/or public key modes. time-limited key caching, user-provided symmetric key hinting and consitency verification, auto-encryption of pending topics on save, and more, make it easy to use encryption in powerful ways. - many substantial fixes and refinements, including: - repaired inhibition of inadvertant edits to concealed text - repaired retention of topic body hanging indent upon topic depth shifts - prevent "containment discontinuities" where a topic is shifted deeper than the offspring-depth of its' container - easy to adopt the distinctive bullet of a topic in a topic created relative to it, or select a new one, or use the common topic bullet - plain bullets, by default, now alternate between only two characters ('.' and ','), yielding less cluttered outlines. - many internal fixes. [-- Attachment #5: Type: text/plain, Size: 142 bytes --] _______________________________________________ Emacs-devel mailing list Emacs-devel@gnu.org http://lists.gnu.org/mailman/listinfo/emacs-devel ^ permalink raw reply [flat|nested] 156+ messages in thread
* Re: new version of allout.el - patch and ChangeLog 2005-10-01 22:33 ` Ken Manheimer @ 2005-10-20 13:57 ` Ken Manheimer 0 siblings, 0 replies; 156+ messages in thread From: Ken Manheimer @ 2005-10-20 13:57 UTC (permalink / raw) Cc: rms [-- Attachment #1: Type: text/plain, Size: 612 bytes --] This is a patch, ChangeLog, and NEWS file for a new version of allout. the allout version differs from the version i submitted recently in that it bases it's new encryption features on pgg instead of mailcrypt/crypt++ - mailcrypt/crypt++ are out of the picture. the new encryption features depend on the new pgg version of my recent pgg patches, also posted here. i'm hoping the upgrades can be coordinated so it all comes out harmoniously with the next release. (i'm going to post something in the pgg thread asking about the disposition of those patches.) tnx! ken ken.manheimer@gmail.com [-- Attachment #2: allout-news.txt --] [-- Type: text/plain, Size: 1176 bytes --] ** allout (extensive outline navigation and authoring mode), significantly updated: - topic cryptography added, enabling easy gpg topic encryption and decryption. per-topic basis enables interspersing encrypted-text and clear-text within a single file to your hearts content, using symmetric and/or public key modes. time-limited key caching, user-provided symmetric key hinting and consitency verification, auto-encryption of pending topics on save, and more, make it easy to use encryption in powerful ways. - many substantial fixes and refinements, including: - repaired inhibition of inadvertant edits to concealed text - repaired retention of topic body hanging indent upon topic depth shifts - prevent "containment discontinuities" where a topic is shifted deeper than the offspring-depth of its' container - easy to adopt the distinctive bullet of a topic in a topic created relative to it, or else select a new one, or else use the common topic bullet - plain bullets, by default, now alternate between only two characters ('.' and ','), yielding less cluttered outlines. - many internal fixes. [-- Attachment #3: allout-ChangeLog.txt --] [-- Type: text/plain, Size: 6996 bytes --] 2005-09-30 Ken Manheimer <ken.manheimer@gmail.com> * allout.el: omnibus changes - new subsystem supporting easy gpg topic encryption/decryption. (function-specific change details are below the following synopsis) salient features: - both public- and symmetric-key modes are supported. - encryption being on a per-topic basis means you can intersperse encrypted and clear-text data in a single file to your heart's content. - user-provided symmetric-key hints, with consistency verification to help user avoid confusion - time-limited passphrase reuse, a la (and using) pgg's passphrase cache - write-file-hook and auto-save-hook activities to support auto encryption of pending topics on save; provision to skip currently-edited topic to avoid editing disturbance topic encryption functionality depends on the latst verion of pgg. (non-encryption allout functionality does not depend on them.) docstring for `allout-toggle-current-subtree-encryption' and customization variables provide detailed description. code changes: 'allout customization subgroup now positioned in 'outlines group (instead of prior 'editing group) central topic-encryption entry point: (outline-toggle-current-subtree-encryption) other new encryption routines: (allout-encrypt-string, allout-encrypted-topic-p, allout-encrypted-text-type, allout-obtain-passphrase, allout-create-encryption-passphrase-verifier, allout-update-passphrase-mnemonic-aids, allout-get-encryption-passphrase-verifier, allout-verify-passphrase, allout-next-topic-pending-encryption, allout-encrypt-decrypted, allout-encrypted-type-prefix) new customization variables: (outline-topic-encryption-bullet, outline-passphrase-verifier-handling, outline-passphrase-hint-handling, outline-encrypt-unencrypted-on-saves) new operational variables: (allout-file-passphrase-verifier-string, allout-encryption-scheme, allout-passphrase-verifier-string, allout-passphrase-hint-string, allout-after-save-decrypt) new hook functions for auto-encryption of pending topics: (allout-write-file-hook-handler, allout-auto-save-hook-handler, allout-after-saves-handler) (allout-post-command-business): do allout-after-save-decrypt - added mechanism for adding and adjusting settings of Emacs file variables. (allout-enable-file-variable-adjustment): custom var to enable mechanism (allout-adjust-file-variable, allout-file-vars-section-data): mechanism implementation (outlineify-sticky): use file vars mechanism - replaced broken mechanism for inhibition of concealed-text edits using read-only text instead of before-change-functions, because the latter can no longer veto the changes without being disabled. read-only text is more suitable and less complicated, anyway. (it also noticably slows massive exposure changes, but i consider the performance acceptable. eg, i have blanket auto-exposure set for my daily-notes log, which has real-world intricacy in a 1.1 Mb, 7000 topic outline, and have no problems working with it on a 200 MhZ windows laptop.) (allout-inhibit-protection, allout-during-write-cue, allout-override-protect, allout-before-change-protect): removed (allout-flag-region, allout-open-topic): revised to adjust read-only text (allout-open-line-not-read-only): added to facilitate read-only text based protection (allout-kill-line): revised to adjust read-only text, clue the user about the inhibition - (allout-unprotected): robustified with an unwind-protect - disallow manually shifting a topic deeper than the offspring depth of the previous topic - avoiding confusing "containment discontinuities" (allout-shift-in, allout-shift-out) - fixed retention of body relative hanging indent during promotion of collapsed bodies (allout-reindent-bodies) - made it easy to open new topic with same bullet as current topic - topic creation functions provided with any universal argument provokes now prompt for bullet, defaulting to the bullet of the previous topic. very ergonomic. (allout-open-topic) - (allout-plain-bullets-string, allout-distinctive-bullets-string): plain bullet alternates '.' period and ',' comma only. all other bullets are relegated to special status (but customizable) - (allout-end-of-entry): renamed from 'allout-end-of-current-entry since it actually operates w.r.t. most immediately containing entry, visible or not (allout-hide-current-entry, allout-show-current-entry): use the revised version - (allout-old-expose-topic): solidify deprecation. - (allout-end-of-subtree): added, so we can span concealed as well as visible topics. (allout-end-of-current-subtree): use `allout-end-of-subtree'. - (allout-end-of-current-heading): tweaked to just respect the first line - (allout-get-body-text): added - (allout-ascend-to-depth, allout-ascend): position at end of prefix when invoked interactively - (allout-up-current-level): use `interactive-p' - (allout-mode, allout-init): miscellaneous docstring and operational refinements, as well as hookups of new encryption stuff - comments and routine names better distinguish between: - topic body - the text contained after a header - topic header - the first line, before the body - topic entry - the header, body, and offspring - (allout-beginning-of-current-entry): now works as advertised - (allout-end-of-current-entry): relieved of superfluous allout-show-entry - (allout-isearch-rectification): refine condition for isearching (allout-isearch-abort, allout-enwrap-isearch) - reconciled with distributed allout.el 1.61 (current CVS version as of 09/30/2005), including interactive-p fixes, typo and coding style fixes, change of function prefix to "allout-", etc, and fixed problem created in outline yanking due to the interactive-p fixes - using key substitution placeholders in allout-mode decstring. - relocated some macros (allout-flag-region, my-region-active-p) - refined many docstrings, including anything from correcting typos to conceptual clarification and correction - (allout-title): fallback title is '(buffer-name)', not non-existing '(current-buffer-name)' - (subst-char-in-string): define if absent (for some xemacs versions) - using `(featurep 'xemacs)' to distinguish between emacs and xemacs. - corrected commentary 'keywords' to legitimate ones - updated comentary author info (using my current email address, obscurified) [-- Attachment #4: allout.el-patch --] [-- Type: application/octet-stream, Size: 119044 bytes --] Index: allout.el =================================================================== RCS file: /cvsroot/emacs/emacs/lisp/allout.el,v retrieving revision 1.61 diff -u -r1.61 allout.el --- allout.el 6 Aug 2005 22:13:41 -0000 1.61 +++ allout.el 20 Oct 2005 13:47:00 -0000 @@ -3,10 +3,11 @@ ;; Copyright (C) 1992, 1993, 1994, 2001, 2002, 2003, 2004, ;; 2005 Free Software Foundation, Inc. -;; Author: Ken Manheimer <klm@zope.com> -;; Maintainer: Ken Manheimer <klm@zope.com> +;; Author: Ken Manheimer <ken dot manheimer at gmail dot com> +;; Maintainer: Ken Manheimer <ken dot manheimer at gmail dot com> ;; Created: Dec 1991 - first release to usenet -;; Keywords: outlines mode wp languages +;; Version: $Id: allout.el,v 1.76 2005/10/20 05:26:32 klm Exp $|| +;; Keywords: outlines wp languages ;; This file is part of GNU Emacs. @@ -34,43 +35,60 @@ ;; programming languages. (For an example, see the allout code ;; itself, which is organized in ;; an outline framework.) ;; -;; In addition to outline navigation and exposure, allout includes: +;; Some features: ;; -;; - topic-oriented repositioning, cut, and paste -;; - integral outline exposure-layout -;; - incremental search with dynamic exposure and reconcealment of hidden text +;; - classic outline-mode topic-oriented navigation and exposure adjustment +;; - topic-oriented editing including coherent topic and subtopic +;; creation, promotion, demotion, cut/paste across depths, etc +;; - incremental search with dynamic exposure and reconcealment of text +;; - customizable bullet format enbles programming-language specific +;; outlining, for ultimate code-folding editing. (allout code itself is +;; formatted as an outline - do ESC-x eval-current-buffer in allout.el +;; to try it out.) +;; - configurable per-file initial exposure settings +;; - symmetric-key and key-pair topic encryption, plus symmetric passphrase +;; mnemonic support, with verification against an established passphrase +;; (using a stashed encrypted dummy string) and user-supplied hint +;; maintenance. (see allout-toggle-current-subtree-encryption docstring.) ;; - automatic topic-number maintenance -;; - "Hot-spot" operation, for single-keystroke maneuvering and -;; exposure control. (See the `allout-mode' docstring.) +;; - "hot-spot" operation, for single-keystroke maneuvering and +;; exposure control (see the allout-mode docstring) +;; - easy rendering of exposed portions into numbered, latex, indented, etc +;; outline styles ;; -;; and many other features. +;; and more. ;; ;; The outline menubar additions provide quick reference to many of -;; the features, and see the docstring of the function `allout-init' -;; for instructions on priming your Emacs session for automatic -;; activation of `allout-mode'. +;; the features, and see the docstring of the variable `allout-init' +;; for instructions on priming your emacs session for automatic +;; activation of allout-mode. ;; ;; See the docstring of the variables `allout-layout' and ;; `allout-auto-activation' for details on automatic activation of -;; allout `allout-mode' as a minor mode. (It has changed since allout +;; `allout-mode' as a minor mode. (It has changed since allout ;; 3.x, for those of you that depend on the old method.) ;; ;; Note - the lines beginning with `;;;_' are outline topic headers. ;; Just `ESC-x eval-current-buffer' to give it a whirl. -;; Ken Manheimer klm@zope.com +;; ken manheimer (ken dot manheimer at gmail dot com) ;;; Code: ;;;_* Provide +;(provide 'outline) (provide 'allout) +;;;_* Dependency autoloads +(eval-when-compile 'cl) ; otherwise, flet compilation fouls +(autoload 'pgg-gpg-symmetric-key-p "pgg-gpg" + "True if decoded armor MESSAGE-KEYS has symmetric encryption indicator.") + ;;;_* USER CUSTOMIZATION VARIABLES: (defgroup allout nil "Extensive outline mode for use alone and with other modes." :prefix "allout-" - :group 'editing - :version "22.1") + :group 'outlines) ;;;_ + Layout, Mode, and Topic Header Configuration @@ -111,8 +129,8 @@ A list value specifies a default layout for the current buffer, to be applied upon activation of `allout-mode'. Any non-nil value will -automatically trigger `allout-mode', provided `allout-init' -has been called to enable it. +automatically trigger `allout-mode' \(provided `allout-init' has been called +to enable this behavior). See the docstring for `allout-init' for details on setting up for auto-mode-activation, and for `allout-expose-topic' for the format of @@ -171,7 +189,7 @@ :group 'allout) (make-variable-buffer-local 'allout-primary-bullet) ;;;_ = allout-plain-bullets-string -(defcustom allout-plain-bullets-string ".:,;" +(defcustom allout-plain-bullets-string ".," "*The bullets normally used in outline topic prefixes. See `allout-distinctive-bullets-string' for the other kind of @@ -185,7 +203,7 @@ :group 'allout) (make-variable-buffer-local 'allout-plain-bullets-string) ;;;_ = allout-distinctive-bullets-string -(defcustom allout-distinctive-bullets-string "*+-=>([{}&!?#%\"X@$~_\\" +(defcustom allout-distinctive-bullets-string "*+-=>()[{}&!?#%\"X@$~_\\:;^" "*Persistent outline header bullets used to distinguish special topics. These bullets are used to distinguish topics from the run-of-the-mill @@ -198,12 +216,13 @@ `?' question topics `\(' parenthetic comment \(with a matching close paren inside) `[' meta-note \(with a matching close ] inside) - `\"' a quote + `\"' a quotation `=' value settings `~' \"more or less\" + `^' see above -... just for example. (`#' typically has a special meaning to the -software, according to the value of `allout-numbered-bullet'.) + ... for example. (`#' typically has a special meaning to the software, +according to the value of `allout-numbered-bullet'.) See `allout-plain-bullets-string' for the selection of alternating bullets. @@ -337,7 +356,6 @@ Set this var to the bullet you want to use for file cross-references." :type '(choice (const nil) string) :group 'allout) - ;;;_ = allout-presentation-padding (defcustom allout-presentation-padding 2 "*Presentation-format white-space padding factor, for greater indent." @@ -381,7 +399,7 @@ :type 'string :group 'allout) ;;;_ - allout-title -(defcustom allout-title '(or buffer-file-name (current-buffer-name)) +(defcustom allout-title '(or buffer-file-name (buffer-name)) "*Expression to be evaluated to determine the title for LaTeX formatted copy." :type 'sexp @@ -397,6 +415,69 @@ :type 'string :group 'allout) +;;;_ + Topic encryption +;;;_ = allout-topic-encryption-bullet +(defcustom allout-topic-encryption-bullet "~" + "*Bullet signifying encryption of the entry's body." + :type '(choice (const nil) string) + :group 'allout) +;;;_ = allout-passphrase-verifier-handling +(defcustom allout-passphrase-verifier-handling t + "*Enable use of symmetric encryption passphrase verifier if non-nil. + +See the docstring for the `allout-enable-file-variable-adjustment' +variable for details about allout ajustment of file variables." + :type 'boolean + :group 'allout) +(make-variable-buffer-local 'allout-passphrase-verifier-handling) +;;;_ = allout-passphrase-hint-handling +(defcustom allout-passphrase-hint-handling 'always + "*Dictate outline encryption passphrase reminder handling: + + always - always show reminder when prompting + needed - show reminder on passphrase entry failure + disabled - never present or adjust reminder + +See the docstring for the `allout-enable-file-variable-adjustment' +variable for details about allout ajustment of file variables." + :type '(choice (const always) + (const needed) + (const disabled)) + :group 'allout) +(make-variable-buffer-local 'allout-passphrase-hint-handling) +;;;_ = allout-encrypt-unencrypted-on-saves +(defcustom allout-encrypt-unencrypted-on-saves 'except-current + "*When saving, should topics pending encryption be encrypted? + +The idea is to prevent file-system exposure of any un-encrypted stuff, and +mostly covers both deliberate file writes and auto-saves. + + - Yes: encrypt all topics pending encryption, even if it's the one + currently being edited. \(In that case, the currently edited topic + will be automatically decrypted before any user interaction, so they + can continue editing but the copy on the file system will be + encrypted.) + Auto-saves will use the \"All except current topic\" mode if this + one is selected, to avoid practical difficulties - see below. + - All except current topic: skip the topic currently being edited, even if + it's pending encryption. This may expose the current topic on the + file sytem, but avoids the nuisance of prompts for the encryption + passphrase in the middle of editing for, eg, autosaves. + This mode is used for auto-saves for both this option and \"Yes\". + - No: leave it to the user to encrypt any unencrypted topics. + +For practical reasons, auto-saves always use the 'except-current policy +when auto-encryption is enabled. \(Otherwise, spurious passphrase prompts +and unavoidable timing collisions are too disruptive.) If security for a +file requires that even the current topic is never auto-saved in the clear, +disable auto-saves for that file." + + :type '(choice (const :tag "Yes" t) + (const :tag "All except current topic" except-current) + (const :tag "No" nil)) + :group 'allout) +(make-variable-buffer-local 'allout-encrypt-unencrypted-on-saves) + ;;;_ + Miscellaneous customization ;;;_ = allout-command-prefix @@ -422,13 +503,15 @@ ("\C-f" allout-forward-current-level) ("\C-b" allout-backward-current-level) ("\C-a" allout-beginning-of-current-entry) - ("\C-e" allout-end-of-current-entry) + ("\C-e" allout-end-of-entry) ; Exposure commands: ("\C-i" allout-show-children) ("\C-s" allout-show-current-subtree) ("\C-h" allout-hide-current-subtree) + ("h" allout-hide-current-subtree) ("\C-o" allout-show-current-entry) ("!" allout-show-all) + ("x" allout-toggle-current-subtree-encryption) ; Alteration commands: (" " allout-open-sibtopic) ("." allout-open-subtopic) @@ -489,19 +572,22 @@ (make-variable-buffer-local 'allout-reindent-bodies) -;;;_ = allout-inhibit-protection -(defcustom allout-inhibit-protection nil - "*Non-nil disables warnings and confirmation-checks for concealed-text edits. - -Outline mode uses Emacs change-triggered functions to detect unruly -changes to concealed regions. Set this var non-nil to disable the -protection, potentially increasing text-entry responsiveness a bit. - -This var takes effect at `allout-mode' activation, so you may have to -deactivate and then reactivate the mode if you want to toggle the -behavior." +;;;_ = allout-enable-file-variable-adjustment +(defcustom allout-enable-file-variable-adjustment t + "*If non-nil, some allout outline actions edit Emacs local file var text. + +This can range from changes to existing entries, addition of new ones, +and creation of a new local variables section when necessary. + +Emacs file variables adjustments are also inhibited if `enable-local-variables' +is nil. + +Operations potentially causing edits include allout encryption routines. +See the docstring for `allout-toggle-current-subtree-encryption' for +details." :type 'boolean :group 'allout) +(make-variable-buffer-local 'allout-enable-file-variable-adjustment) ;;;_* CODE - no user customizations below. @@ -509,7 +595,7 @@ ;;;_ : Version ;;;_ = allout-version (defvar allout-version - (let ((rcs-rev "$Revision$")) + (let ((rcs-rev "$Revision: 1.76 $")) (condition-case err (save-match-data (string-match "Revision: \\([0-9]+\\.[0-9]+\\)" rcs-rev) @@ -728,7 +814,16 @@ (car (cdr cell))))))) keymap-list) map)) - +;;;_ = allout-prior-bindings - being deprecated. +(defvar allout-prior-bindings nil + "Variable for use in V18, with allout-added-bindings, for +resurrecting, on mode deactivation, bindings that existed before +activation. Being deprecated.") +;;;_ = allout-added-bindings - being deprecated +(defvar allout-added-bindings nil + "Variable for use in V18, with allout-prior-bindings, for +resurrecting, on mode deactivation, bindings that existed before +activation. Being deprecated.") ;;;_ : Menu bar (defvar allout-mode-exposure-menu) (defvar allout-mode-editing-menu) @@ -759,7 +854,11 @@ ["Shift Topic Out" allout-shift-out t] ["Rebullet Topic" allout-rebullet-topic t] ["Rebullet Heading" allout-rebullet-current-heading t] - ["Number Siblings" allout-number-siblings t])) + ["Number Siblings" allout-number-siblings t] + "----" + ["Toggle Topic Encryption" + allout-toggle-current-subtree-encryption + (> (allout-current-depth) 1)])) (easy-menu-define allout-mode-navigation-menu allout-mode-map "Allout outline navigation menu." @@ -775,7 +874,7 @@ "----" ["Beginning of Entry" allout-beginning-of-current-entry t] - ["End of Entry" allout-end-of-current-entry t] + ["End of Entry" allout-end-of-entry t] ["End of Subtree" allout-end-of-current-subtree t])) (easy-menu-define allout-mode-misc-menu allout-mode-map @@ -855,13 +954,6 @@ (setq allout-mode-prior-settings rebuild))))) ) ;;;_ : Mode-specific incidentals -;;;_ = allout-during-write-cue nil -(defvar allout-during-write-cue nil - "Used to inhibit outline change-protection during file write. - -See also `allout-post-command-business', `allout-write-file-hook', -`allout-before-change-protect', and `allout-post-command-business' -functions.") ;;;_ = allout-pre-was-isearching nil (defvar allout-pre-was-isearching nil "Cue for isearch-dynamic-exposure mechanism, implemented in @@ -869,22 +961,28 @@ (make-variable-buffer-local 'allout-pre-was-isearching) ;;;_ = allout-isearch-prior-pos nil (defvar allout-isearch-prior-pos nil - "Cue for isearch-dynamic-exposure tracking, used by `allout-isearch-expose'.") + "Cue for isearch-dynamic-exposure tracking, used by +`allout-isearch-expose'.") (make-variable-buffer-local 'allout-isearch-prior-pos) -;;;_ = allout-override-protect nil -(defvar allout-override-protect nil - "Used in `allout-mode' for regulate of concealed-text protection mechanism. - -Allout outline mode regulates alteration of concealed text to protect -against inadvertent, unnoticed changes. This is for use by specific, -native outline functions to temporarily override that protection. -It's automatically reset to nil after every buffer modification.") -(make-variable-buffer-local 'allout-override-protect) +;;;_ = allout-isearch-did-quit +(defvar allout-isearch-did-quit nil + "Distinguishes isearch conclusion and cancellation. + +Maintained by allout-isearch-abort \(which is wrapped around the real +isearch-abort), and monitored by allout-isearch-expose for action.") +(make-variable-buffer-local 'allout-isearch-did-quit) ;;;_ > allout-unprotected (expr) -(defmacro allout-unprotected (expression) - "Evaluate EXPRESSION with `allout-override-protect' let-bound to t." - `(let ((allout-override-protect t)) - ,expression)) +(defmacro allout-unprotected (expr) + "Enable internal outline operations to alter read-only text." + `(let ((was-inhibit-r-o inhibit-read-only)) + (unwind-protect + (progn + (setq inhibit-read-only t) + ,expr) + (setq inhibit-read-only was-inhibit-r-o) + ) + ) + ) ;;;_ = allout-undo-aggregation (defvar allout-undo-aggregation 30 "Amount of successive self-insert actions to bunch together per undo. @@ -897,14 +995,102 @@ "Horrible hack used to prevent invalid multiple triggering of outline mode from prop-line file-var activation. Used by `allout-mode' function to track repeats.") -;;;_ > allout-write-file-hook () -(defun allout-write-file-hook () - "In `allout-mode', run as a `write-contents-functions' activity. - -Currently just sets `allout-during-write-cue', so outline change-protection -knows to keep inactive during file write." - (setq allout-during-write-cue t) - nil) +;;;_ = allout-file-passphrase-verifier-string +(defvar allout-file-passphrase-verifier-string nil + "Name for use as a file variable for verifying encryption passphrase +across sessions.") +(make-variable-buffer-local 'allout-file-passphrase-verifier-string) +;;;_ = allout-passphrase-verifier-string +(defvar allout-passphrase-verifier-string nil + "Setting used to test solicited encryption passphrases against the one +already associated with a file. + +It consists of an encrypted random string useful only to verify that a +passphrase entered by the user is effective for decryption. The passphrase +itself is \*not* recorded in the file anywhere, and the encrypted contents +are random binary characters to avoid exposing greater susceptibility to +search attacks. + +The verifier string is retained as an Emacs file variable, as well as in +the emacs buffer state, if file variable adjustments are enabled. See +`allout-enable-file-variable-adjustment' for details about that.") +(make-variable-buffer-local 'allout-passphrase-verifier-string) +;;;_ = allout-passphrase-hint-string +(defvar allout-passphrase-hint-string "" + "Variable used to retain reminder string for file's encryption passphrase. + +See the description of `allout-passphrase-hint-handling' for details about how +the reminder is deployed. + +The hint is retained as an Emacs file variable, as well as in the emacs buffer +state, if file variable adjustments are enabled. See +`allout-enable-file-variable-adjustment' for details about that.") +(make-variable-buffer-local 'allout-passphrase-hint-string) +(setq-default allout-passphrase-hint-string "") +;;;_ = allout-after-save-decrypt +(defvar allout-after-save-decrypt nil + "Internal variable, is nil or has the value of two points: + + - the location of a topic to be decrypted after saving is done + - where to situate the cursor after the decryption is performed + +This is used to decrypt the topic that was currently being edited, if it +was encrypted automatically as part of a file write or autosave.") +(make-variable-buffer-local 'allout-after-save-decrypt) +;;;_ > allout-write-file-hook-handler () +(defun allout-write-file-hook-handler () + "Implement `allout-encrypt-unencrypted-on-saves' policy for file writes." + + (if (or (not (boundp 'allout-encrypt-unencrypted-on-saves)) + (not allout-encrypt-unencrypted-on-saves)) + nil + (let ((except-mark (and (equal allout-encrypt-unencrypted-on-saves + 'except-current) + (point-marker)))) + (if (save-excursion (goto-char (point-min)) + (allout-next-topic-pending-encryption except-mark)) + (progn + (message "auto-encrypting pending topics") + (sit-for 2) + (condition-case failure + (setq allout-after-save-decrypt + (allout-encrypt-decrypted except-mark)) + (error (progn + (message + "allout-write-file-hook-handler suppressing error %s" + failure) + (sit-for 2)))))) + )) + nil) +;;;_ > allout-auto-save-hook-handler () +(defun allout-auto-save-hook-handler () + "Implement `allout-encrypt-unencrypted-on-saves' policy for auto saves." + + (if allout-encrypt-unencrypted-on-saves + ;; Always implement 'except-current policy when enabled. + (let ((allout-encrypt-unencrypted-on-saves 'except-current)) + (allout-write-file-hook-handler)))) +;;;_ > allout-after-saves-handler () +(defun allout-after-saves-handler () + "Decrypt topic encrypted for save, if it's currently being edited. + +Ie, if it was pending encryption and contained the point in its body before +the save. + +We use values stored in `allout-after-save-decrypt' to locate the topic +and the place for the cursor after the decryption is done." + (if (not (and (allout-mode-p) + (boundp 'allout-after-save-decrypt) + allout-after-save-decrypt)) + t + (goto-char (car allout-after-save-decrypt)) + (let ((was-modified (buffer-modified-p))) + (allout-toggle-current-subtree-encryption) + (if (not was-modified) + (set-buffer-modified-p nil))) + (goto-char (cadr allout-after-save-decrypt)) + (setq allout-after-save-decrypt nil)) + ) ;;;_ #2 Mode activation ;;;_ = allout-mode @@ -916,11 +1102,10 @@ 'allout-mode) ;;;_ = allout-explicitly-deactivated (defvar allout-explicitly-deactivated nil - "Non-nil if `allout-mode' was last deliberately deactivated. + "If t, `allout-mode's last deactivation was deliberate. So `allout-post-command-business' should not reactivate it...") (make-variable-buffer-local 'allout-explicitly-deactivated) ;;;_ > allout-init (&optional mode) -;;;###autoload (defun allout-init (&optional mode) "Prime `allout-mode' to enable/disable auto-activation, wrt `allout-layout'. @@ -939,9 +1124,9 @@ the `allout-layout' variable. (See `allout-layout' and `allout-expose-topic' docstrings for more details on auto layout). -`allout-init' works by setting up (or removing) -`allout-find-file-hook' in `find-file-hook', and giving -`allout-auto-activation' a suitable setting. +`allout-init' works by setting up (or removing) the `allout-mode' +find-file-hook, and giving `allout-auto-activation' a suitable +setting. To prime your Emacs session for full auto-outline operation, include the following two lines in your Emacs init file: @@ -949,32 +1134,35 @@ \(require 'allout) \(allout-init t)" - (interactive - (let ((m (completing-read - (concat "Select outline auto setup mode " - "(empty for report, ? for options) ") - '(("nil")("full")("activate")("deactivate") - ("ask") ("report") ("")) - nil - t))) - (if (string= m "") 'report - (intern-soft m)))) + (interactive) + (if (interactive-p) + (progn + (setq mode + (completing-read + (concat "Select outline auto setup mode " + "(empty for report, ? for options) ") + '(("nil")("full")("activate")("deactivate") + ("ask") ("report") ("")) + nil + t)) + (if (string= mode "") + (setq mode 'report) + (setq mode (intern-soft mode))))) (let ;; convenience aliases, for consistent ref to respective vars: ((hook 'allout-find-file-hook) (curr-mode 'allout-auto-activation)) (cond ((not mode) - (setq find-file-hook (delq hook find-file-hook)) + (setq find-file-hooks (delq hook find-file-hooks)) (if (interactive-p) (message "Allout outline mode auto-activation inhibited."))) ((eq mode 'report) - (if (memq hook find-file-hook) - ;; Just punt and use the reports from each of the modes: - (allout-init (symbol-value curr-mode)) - (allout-init nil) - (message "Allout outline mode auto-activation inhibited."))) - (t (add-hook 'find-file-hook hook) + (if (not (memq hook find-file-hooks)) + (allout-init nil) + ;; Just punt and use the reports from each of the modes: + (allout-init (symbol-value curr-mode)))) + (t (add-hook 'find-file-hooks hook) (set curr-mode ; `set', not `setq'! (cond ((eq mode 'activate) (message @@ -1006,6 +1194,7 @@ (easy-menu-add cur)))) ;;;_ > allout-mode (&optional toggle) ;;;_ : Defun: +;;;###autoload (defun allout-mode (&optional toggle) ;;;_ . Doc string: "Toggle minor mode for controlling exposure and editing of text outlines. @@ -1022,10 +1211,11 @@ In addition to outline navigation and exposure, allout includes: - - topic-oriented repositioning, cut, and paste + - topic-oriented repositioning, promotion/demotion, cut, and paste - integral outline exposure-layout - incremental search with dynamic exposure and reconcealment of hidden text - automatic topic-number maintenance + - easy topic encryption and decryption - \"Hot-spot\" operation, for single-keystroke maneuvering and exposure control. \(See the allout-mode docstring.) @@ -1035,7 +1225,7 @@ special `allout-mode' features and terminology. See also the outline menubar additions for quick reference to many of the features, and see the docstring of the function `allout-init' for instructions on -priming your Emacs session for automatic activation of `allout-mode'. +priming your emacs session for automatic activation of `allout-mode'. The bindings are dictated by the `allout-keybindings-list' and @@ -1043,59 +1233,72 @@ Navigation: Exposure Control: ---------- ---------------- -C-c C-n allout-next-visible-heading | C-c C-h allout-hide-current-subtree -C-c C-p allout-previous-visible-heading | C-c C-i allout-show-children -C-c C-u allout-up-current-level | C-c C-s allout-show-current-subtree -C-c C-f allout-forward-current-level | C-c C-o allout-show-current-entry -C-c C-b allout-backward-current-level | ^U C-c C-s allout-show-all -C-c C-e allout-end-of-current-entry | allout-hide-current-leaves -C-c C-a allout-beginning-of-current-entry, alternately, goes to hot-spot +\\[allout-next-visible-heading] allout-next-visible-heading | \\[allout-hide-current-subtree] allout-hide-current-subtree +\\[allout-previous-visible-heading] allout-previous-visible-heading | \\[allout-show-children] allout-show-children +\\[allout-up-current-level] allout-up-current-level | \\[allout-show-current-subtree] allout-show-current-subtree +\\[allout-forward-current-level] allout-forward-current-level | \\[allout-show-current-entry] allout-show-current-entry +\\[allout-backward-current-level] allout-backward-current-level | \\[allout-show-all] allout-show-all +\\[allout-end-of-entry] allout-end-of-entry +\\[allout-beginning-of-current-entry,] allout-beginning-of-current-entry, alternately, goes to hot-spot Topic Header Production: ----------------------- -C-c<SP> allout-open-sibtopic Create a new sibling after current topic. -C-c . allout-open-subtopic ... an offspring of current topic. -C-c , allout-open-supertopic ... a sibling of the current topic's parent. +\\[allout-open-sibtopic] allout-open-sibtopic Create a new sibling after current topic. +\\[allout-open-subtopic] allout-open-subtopic ... an offspring of current topic. +\\[allout-open-supertopic] allout-open-supertopic ... a sibling of the current topic's parent. Topic Level and Prefix Adjustment: --------------------------------- -C-c > allout-shift-in Shift current topic and all offspring deeper. -C-c < allout-shift-out ... less deep. -C-c<CR> allout-rebullet-topic Reconcile bullets of topic and its offspring +\\[allout-shift-in] allout-shift-in Shift current topic and all offspring deeper. +\\[allout-shift-out] allout-shift-out ... less deep. +\\[allout-rebullet-current-heading] allout-rebullet-current-heading Prompt for alternate bullet for + current topic. +\\[allout-rebullet-topic] allout-rebullet-topic Reconcile bullets of topic and its offspring - distinctive bullets are not changed, others alternated according to nesting depth. -C-c * allout-rebullet-current-heading Prompt for alternate bullet for - current topic. -C-c # allout-number-siblings Number bullets of topic and siblings - the +\\[allout-number-siblings] allout-number-siblings Number bullets of topic and siblings - the offspring are not affected. With repeat count, revoke numbering. Topic-oriented Killing and Yanking: ---------------------------------- -C-c C-k allout-kill-topic Kill current topic, including offspring. -C-k allout-kill-line Like kill-line, but reconciles numbering, etc. -C-y allout-yank Yank, adjusting depth of yanked topic to +\\[allout-kill-topic] allout-kill-topic Kill current topic, including offspring. +\\[allout-kill-line] allout-kill-line Like kill-line, but reconciles numbering, etc. +\\[allout-yank] allout-yank Yank, adjusting depth of yanked topic to depth of heading if yanking into bare topic heading (ie, prefix sans text). -M-y allout-yank-pop Is to allout-yank as yank-pop is to yank +\\[allout-yank-pop] allout-yank-pop Is to allout-yank as yank-pop is to yank Misc commands: ------------- M-x outlineify-sticky Activate outline mode for current buffer, and establish a default file-var setting for `allout-layout'. -C-c C-SPC allout-mark-topic -C-c = c allout-copy-exposed-to-buffer +\\[allout-mark-topic] allout-mark-topic +\\[allout-copy-exposed-to-buffer] allout-copy-exposed-to-buffer Duplicate outline, sans concealed text, to - buffer with name derived from derived from - that of current buffer - \"*XXX exposed*\". -C-c = p allout-flatten-exposed-to-buffer + buffer with name derived from derived from that + of current buffer - \"*BUFFERNAME exposed*\". +\\[allout-flatten-exposed-to-buffer] allout-flatten-exposed-to-buffer Like above 'copy-exposed', but convert topic prefixes to section.subsection... numeric format. ESC ESC (allout-init t) Setup Emacs session for outline mode auto-activation. + Encrypted Entries + +Outline mode supports easily togglable gpg encryption of topics, with +niceties like support for symmetric and key-pair modes, passphrase timeout, +passphrase consistency checking, user-provided hinting for symmetric key +mode, and auto-encryption of topics pending encryption on save. The aim is +to enable reliable topic privacy while preventing accidents like neglected +encryption, encryption with a mistaken passphrase, forgetting which +passphrase was used, and other practical pitfalls. + +See the `allout-toggle-current-subtree-encryption' function and +`allout-encrypt-unencrypted-on-saves' customization variable for details. + HOT-SPOT Operation Hot-spot operation provides a means for easy, single-keystroke outline @@ -1148,11 +1351,11 @@ HEADER: The first line of a topic, include the topic PREFIX and header text. -PREFIX: The leading text of a topic which distinguishes it from - normal text. It has a strict form, which consists of a - prefix-lead string, padding, and a bullet. The bullet may be - followed by a number, indicating the ordinal number of the - topic among its siblings, a space, and then the header text. +PREFIX: The leading text of a topic which distinguishes it from normal + text. It has a strict form, which consists of a prefix-lead + string, padding, and a bullet. The bullet may be followed by a + number, indicating the ordinal number of the topic among its + siblings, a space, and then the header text. The relative length of the PREFIX determines the nesting depth of the topic. @@ -1223,7 +1426,7 @@ ;; off on second invocation, so we detect it as best we can, and ;; skip everything. ((and same-complex-command ; Still in same complex command - ; as last time `allout-mode' invoked. + ; as last time `allout-mode' invoked. active ; Already activated. (not explicit-activation) ; Prop-line file-vars don't have args. (string-match "^19.1[89]" ; Bug only known to be in v19.18 and @@ -1238,6 +1441,19 @@ ; active state or *de*activation ; specifically requested: (setq allout-explicitly-deactivated t) + (if (string-match "^18\." emacs-version) + ; Revoke those keys that remain + ; as we set them: + (let ((curr-loc (current-local-map))) + (mapcar (function + (lambda (cell) + (if (eq (lookup-key curr-loc (car cell)) + (car (cdr cell))) + (define-key curr-loc (car cell) + (assq (car cell) allout-prior-bindings))))) + allout-added-bindings) + (allout-resumptions 'allout-added-bindings) + (allout-resumptions 'allout-prior-bindings))) (if allout-old-style-prefixes (progn @@ -1246,9 +1462,12 @@ (allout-resumptions 'selective-display) (if (and (boundp 'before-change-functions) before-change-functions) (allout-resumptions 'before-change-functions)) - (setq write-contents-functions - (delq 'allout-write-file-hook - write-contents-functions)) + (setq local-write-file-hooks + (delq 'allout-write-file-hook-handler + local-write-file-hooks)) + (setq auto-save-hook + (delq 'allout-auto-save-hook-handler + auto-save-hook)) (allout-resumptions 'paragraph-start) (allout-resumptions 'paragraph-separate) (allout-resumptions (if (string-match "^18" emacs-version) @@ -1288,25 +1507,27 @@ (cons '(allout-mode . allout-mode-map) minor-mode-map-alist)))) + ; V18 minor-mode key bindings: + ; Stash record of added bindings + ; for later revocation: + (allout-resumptions 'allout-added-bindings + (list allout-keybindings-list)) + (allout-resumptions 'allout-prior-bindings + (list (current-local-map))) ; and add them: (use-local-map (produce-allout-mode-map allout-keybindings-list (current-local-map))) ) ; selective-display is the - ; Emacs conditional exposure + ; emacs conditional exposure ; mechanism: (allout-resumptions 'selective-display '(t)) - (if allout-inhibit-protection - t - (allout-resumptions 'before-change-functions - '(allout-before-change-protect))) (add-hook 'pre-command-hook 'allout-pre-command-business) (add-hook 'post-command-hook 'allout-post-command-business) - ; Temporarily set by any outline - ; functions that can be trusted to - ; deal properly with concealed text. - (add-hook 'write-contents-functions 'allout-write-file-hook) + (add-hook 'local-write-file-hooks 'allout-write-file-hook-handler) + (make-variable-buffer-local 'auto-save-hook) + (add-hook 'auto-save-hook 'allout-auto-save-hook-handler) ; Custom auto-fill func, to support ; respect for topic headline, ; hanging-indents, etc: @@ -1337,7 +1558,8 @@ (if allout-layout (setq do-layout t)) - (if allout-isearch-dynamic-expose + (if (and allout-isearch-dynamic-expose + (not (fboundp 'allout-real-isearch-abort))) (allout-enwrap-isearch)) (run-hooks 'allout-mode-hook) @@ -1376,7 +1598,6 @@ ) ; let* ) ; defun ;;;_ > allout-minor-mode -;;; XXX released verion doesn't do this? (defalias 'allout-minor-mode 'allout-mode) ;;;_ #3 Internal Position State-Tracking - "allout-recent-*" funcs @@ -1400,12 +1621,12 @@ "Buffer point last returned by `allout-end-of-current-subtree'.") (make-variable-buffer-local 'allout-recent-end-of-subtree) ;;;_ > allout-prefix-data (beg end) -(defmacro allout-prefix-data (beginning end) +(defmacro allout-prefix-data (beg end) "Register allout-prefix state data - BEGINNING and END of prefix. For reference by `allout-recent' funcs. Returns BEGINNING." `(setq allout-recent-prefix-end ,end - allout-recent-prefix-beginning ,beginning)) + allout-recent-prefix-beginning ,beg)) ;;;_ > allout-recent-depth () (defmacro allout-recent-depth () "Return depth of last heading encountered by an outline maneuvering function. @@ -1612,9 +1833,12 @@ "Produce a location \"chart\" of subtopics of the containing topic. Optional argument LEVELS specifies the depth \(relative to start -depth) for the chart. +depth) for the chart. Subsequent optional args are not for public +use. + +Point is left at the end of the subtree. -Charts are used to capture outline structure, so that outline altering +Charts are used to capture outline structure, so that outline-altering routines need assess the structure only once, and then use the chart for their elaborate manipulations. @@ -1625,11 +1849,9 @@ The chart for a topics' offspring precedes the entry for the topic itself. -\(fn &optional LEVELS)" - - ;; The other function parameters are for internal recursion, and should - ;; not be specified by external callers. ORIG-DEPTH is depth of topic at - ;; starting point, and PREV-DEPTH is depth of prior topic." +The other function parameters are for internal recursion, and should +not be specified by external callers. ORIG-DEPTH is depth of topic at +starting point, and PREV-DEPTH is depth of prior topic." (let ((original (not orig-depth)) ; `orig-depth' set only in recursion. chart curr-depth) @@ -1835,11 +2057,18 @@ (if (re-search-forward allout-line-boundary-regexp nil 'move) (prog1 (goto-char (match-beginning 0)) (allout-prefix-data (match-beginning 2)(match-end 2))))) -;;;_ > allout-end-of-current-subtree () -(defun allout-end-of-current-subtree () - "Put point at the end of the last leaf in the currently visible topic." - (interactive) - (allout-back-to-current-heading) +;;;_ > allout-end-of-subtree (&optional current) +(defun allout-end-of-subtree (&optional current) + "Put point at the end of the last leaf in the containing topic. + +If optional CURRENT is true (default false), then put point at the end of +the containing visible topic. + +Returns the value of point." + (interactive "P") + (if current + (allout-back-to-current-heading) + (allout-goto-prefix)) (let ((level (allout-recent-depth))) (allout-next-heading) (while (and (not (eobp)) @@ -1851,9 +2080,16 @@ '(?\n ?\r)) (forward-char -1)) (setq allout-recent-end-of-subtree (point)))) +;;;_ > allout-end-of-current-subtree () +(defun allout-end-of-current-subtree () + "Put point at end of last leaf in currently visible containing topic. + +Returns the value of point." + (interactive) + (allout-end-of-subtree t)) ;;;_ > allout-beginning-of-current-entry () (defun allout-beginning-of-current-entry () - "When not already there, position point at beginning of current topic's body. + "When not already there, position point at beginning of current topic header. If already there, move cursor to bullet for hot-spot operation. \(See `allout-mode' doc string for details on hot-spot operation.)" @@ -1863,11 +2099,10 @@ (if (and (interactive-p) (= (point) start-point)) (goto-char (allout-current-bullet-pos))))) -;;;_ > allout-end-of-current-entry () -(defun allout-end-of-current-entry () +;;;_ > allout-end-of-entry () +(defun allout-end-of-entry () "Position the point at the end of the current topics' entry." (interactive) - (allout-show-entry) (prog1 (allout-pre-next-preface) (if (and (not (bobp))(looking-at "^$")) (forward-char -1)))) @@ -1875,9 +2110,27 @@ (defun allout-end-of-current-heading () (interactive) (allout-beginning-of-current-entry) - (forward-line -1) - (end-of-line)) + (re-search-forward "[\n\r]" nil t) + (forward-char -1)) (defalias 'allout-end-of-heading 'allout-end-of-current-heading) +;;;_ > allout-get-body-text () +(defun allout-get-body-text () + "Return the unmangled body text of the topic immediately containing point." + (save-excursion + (allout-end-of-prefix) + (if (not (re-search-forward "[\n\r]" nil t)) + nil + (backward-char 1) + (let ((pre-body (point))) + (if (not pre-body) + nil + (allout-end-of-entry) + (if (not (= pre-body (point))) + (buffer-substring-no-properties (1+ pre-body) (point)))) + ) + ) + ) + ) ;;;_ - Depth-wise ;;;_ > allout-ascend-to-depth (depth) @@ -1892,12 +2145,16 @@ (if (= (allout-recent-depth) depth) (progn (goto-char allout-recent-prefix-beginning) depth) - (goto-char last-good))))) + (goto-char last-good) + nil)) + (if (interactive-p) (allout-end-of-prefix)))) ;;;_ > allout-ascend () (defun allout-ascend () "Ascend one level, returning t if successful, nil if not." - (if (allout-beginning-of-level) - (allout-previous-heading))) + (prog1 + (if (allout-beginning-of-level) + (allout-previous-heading)) + (if (interactive-p) (allout-end-of-prefix)))) ;;;_ > allout-descend-to-depth (depth) (defun allout-descend-to-depth (depth) "Descend to depth DEPTH within current topic. @@ -1917,13 +2174,13 @@ nil)) ) ;;;_ > allout-up-current-level (arg &optional dont-complain) -(defun allout-up-current-level (arg &optional dont-complain interactive) +(defun allout-up-current-level (arg &optional dont-complain) "Move out ARG levels from current visible topic. Positions on heading line of containing topic. Error if unable to ascend that far, or nil if unable to ascend but optional arg DONT-COMPLAIN is non-nil." - (interactive "p\np") + (interactive "p") (allout-back-to-current-heading) (let ((present-level (allout-recent-depth)) (last-good (point)) @@ -1944,12 +2201,12 @@ (if (or failed (> arg 0)) (progn (goto-char last-good) - (if interactive (allout-end-of-prefix)) + (if (interactive-p) (allout-end-of-prefix)) (if (not dont-complain) (error "Can't ascend past outermost level") - (if interactive (allout-end-of-prefix)) + (if (interactive-p) (allout-end-of-prefix)) nil)) - (if interactive (allout-end-of-prefix)) + (if (interactive-p) (allout-end-of-prefix)) allout-recent-prefix-beginning))) ;;;_ - Linear @@ -1981,7 +2238,7 @@ nil)))) ;;;_ > allout-previous-sibling (&optional depth backward) (defun allout-previous-sibling (&optional depth backward) - "Like `allout-forward-current-level', but backwards & respect invisible topics. + "Like `allout-forward-current-level' backwards, respecting invisible topics. Optional DEPTH specifies depth to traverse, default current depth. @@ -2015,7 +2272,7 @@ (let ((depth (allout-depth))) (while (allout-previous-sibling depth nil)) (prog1 (allout-recent-depth) - (allout-end-of-prefix)))) + (if (interactive-p) (allout-end-of-prefix))))) ;;;_ > allout-next-visible-heading (arg) (defun allout-next-visible-heading (arg) "Move to the next ARG'th visible heading line, backward if arg is negative. @@ -2053,13 +2310,13 @@ (interactive "p") (allout-next-visible-heading (- arg))) ;;;_ > allout-forward-current-level (arg) -(defun allout-forward-current-level (arg &optional interactive) +(defun allout-forward-current-level (arg) "Position point at the next heading of the same level. Takes optional repeat-count, goes backward if count is negative. Returns resulting position, else nil if none found." - (interactive "p\np") + (interactive "p") (let ((start-depth (allout-current-depth)) (start-point (point)) (start-arg arg) @@ -2087,7 +2344,7 @@ (= (allout-recent-depth) start-depth))) allout-recent-prefix-beginning (goto-char last-good) - (if (not interactive) + (if (not (interactive-p)) nil (allout-end-of-prefix) (error "Hit %s level %d topic, traversed %d of %d requested" @@ -2096,10 +2353,10 @@ (- (abs start-arg) arg) (abs start-arg)))))) ;;;_ > allout-backward-current-level (arg) -(defun allout-backward-current-level (arg &optional interactive) +(defun allout-backward-current-level (arg) "Inverse of `allout-forward-current-level'." - (interactive "p\np") - (if interactive + (interactive "p") + (if (interactive-p) (let ((current-prefix-arg (* -1 arg))) (call-interactively 'allout-forward-current-level)) (allout-forward-current-level (* -1 arg)))) @@ -2107,121 +2364,6 @@ ;;;_ #5 Alteration ;;;_ - Fundamental -;;;_ > allout-before-change-protect (beg end) -(defun allout-before-change-protect (beg end) - "Outline before-change hook, regulates changes to concealed text. - -Reveal concealed text that would be changed by current command, and -offer user choice to commit or forego the change. Unchanged text is -reconcealed. User has option to have changed text reconcealed. - -Undo commands are specially treated - the user is not prompted for -choice, the undoes are always committed (based on presumption that the -things being undone were already subject to this regulation routine), -and undoes always leave the changed stuff exposed. - -Changes to concealed regions are ignored while file is being written. -\(This is for the sake of functions that do change the file during -writes, like crypt and zip modes.) - -Locally bound in outline buffers to `before-change-functions', which -in Emacs 19 is run before any change to the buffer. - -Any functions which set [`this-command' to `undo', or which set] -`allout-override-protect' non-nil (as does, eg, allout-flag-chars) -are exempt from this restriction." - (if (and (allout-mode-p) - ; allout-override-protect - ; set by functions that know what - ; they're doing, eg outline internals: - (not allout-override-protect) - (not allout-during-write-cue) - (save-match-data ; Preserve operation position state. - ; Both beginning and end chars must - ; be exposed: - (save-excursion (if (memq this-command '(newline open-line)) - ;; Compensate for stupid Emacs {new, - ;; open-}line display optimization: - (setq beg (1+ beg) - end (1+ end))) - (goto-char beg) - (or (allout-hidden-p) - (and (not (= beg end)) - (goto-char end) - (allout-hidden-p)))))) - (save-match-data - (if (equal this-command 'undo) - ;; Allow undo without inhibition. - ;; - Undoing new and open-line hits stupid Emacs redisplay - ;; optimization (em 19 cmds.c, ~ line 200). - ;; - Presumably, undoing what was properly protected when - ;; done. - ;; - Undo may be users' only recourse in protection faults. - ;; So, expose what getting changed: - (progn (message "Undo! - exposing concealed target...") - (if (allout-hidden-p) - (allout-show-children)) - (message "Undo!")) - (let (response - (rehide-completely (save-excursion (allout-goto-prefix) - (allout-hidden-p))) - rehide-place) - - (save-excursion - (if (condition-case err - ;; Condition case to catch keyboard quits during reads. - (progn - ; Give them a peek where - (save-excursion - (if (eolp) (setq rehide-place - (allout-goto-prefix))) - (allout-show-entry)) - ; Present the message, but... - ; leave the cursor at the location - ; until they respond: - ; Then interpret the response: - (while - (progn - (message (concat "Change inside concealed" - " region - do it? " - "(n or 'y'/'r'eclose)")) - (setq response (read-char)) - (not - (cond ((memq response '(?r ?R)) - (setq response 'reclose)) - ((memq response '(?y ?Y ? )) - (setq response t)) - ((memq response '(?n ?N 127)) - (setq response nil) - t) - ((eq response ??) - (message - "`r' means `yes, then reclose'") - nil) - (t (message "Please answer y, n, or r") - (sit-for 1) - nil))))) - response) - ('quit nil)) - ; Continue: - (if (eq response 'reclose) - (save-excursion - (if rehide-place (goto-char rehide-place)) - (if rehide-completely - (allout-hide-current-entry-completely) - (allout-hide-current-entry))) - (if (allout-ascend-to-depth (1- (allout-recent-depth))) - (allout-show-children) - (allout-show-to-offshoot))) - ; Prevent: - (if rehide-completely - (save-excursion - (if rehide-place (goto-char rehide-place)) - (allout-hide-current-entry-completely)) - (allout-hide-current-entry)) - (error "Change within concealed region prevented")))))) - ) ; if - ) ; defun ;;;_ = allout-post-goto-bullet (defvar allout-post-goto-bullet nil "Outline internal var, for `allout-pre-command-business' hot-spot operation. @@ -2236,24 +2378,20 @@ (defun allout-post-command-business () "Outline `post-command-hook' function. -- Null `allout-override-protect', so it's not left open. - - Implement (and clear) `allout-post-goto-bullet', for hot-spot outline commands. -- Massages `buffer-undo-list' so successive, standard character self-inserts - are aggregated. This kludge compensates for lack of undo bunching when - `before-change-functions' is used." +- Decrypt topic currently being edited if it was encrypted for a save. + +- Massage buffer-undo-list so successive, standard character self-inserts are + aggregated. This kludge compensates for lack of undo bunching when + before-change-functions is used." ; Apply any external change func: (if (not (allout-mode-p)) ; In allout-mode. nil - (setq allout-override-protect nil) (if allout-isearch-dynamic-expose (allout-isearch-rectification)) - (if allout-during-write-cue - ;; Was used by allout-before-change-protect, done with it now: - (setq allout-during-write-cue nil)) ;; Undo bunching business: (if (and (listp buffer-undo-list) ; Undo history being kept. (equal this-command 'self-insert-command) @@ -2282,6 +2420,11 @@ (setq buffer-undo-list (cons (cons prev-from cur-to) (cdr (cdr (cdr buffer-undo-list)))))))) + + (if (and (boundp 'allout-after-save-decrypt) + allout-after-save-decrypt) + (allout-after-saves-handler)) + ;; Implement -post-goto-bullet, if set: (must be after undo business) (if (and allout-post-goto-bullet (allout-current-bullet-pos)) @@ -2304,8 +2447,9 @@ char. When in this mode you can use regular cursor-positioning command/keystrokes to relocate the cursor off of a bullet character to return to regular interpretation of self-insert characters." + (if (not (allout-mode-p)) - ;; Shouldn't be invoked if not in allout allout-mode, but just in case: + ;; Shouldn't be invoked if not in allout-mode, but just in case: nil ;; Register isearch status: (if (and (boundp 'isearch-mode) isearch-mode) @@ -2317,8 +2461,11 @@ (let* ((this-key-num (cond ((numberp last-command-char) last-command-char) - ((fboundp 'char-to-int) - (char-to-int last-command-char)) + ;; Only xemacs has characterp. + ((and (fboundp 'characterp) + (apply 'characterp + (list last-command-char))) + (apply 'char-to-int (list last-command-char))) (t 0))) mapped-binding) (if (zerop this-key-num) @@ -2340,7 +2487,7 @@ this-command mapped-binding))))))) ;;;_ > allout-find-file-hook () (defun allout-find-file-hook () - "Activate `allout-mode' when `allout-auto-activation' & `allout-layout' are non-nil. + "Activate `allout-mode' when `allout-auto-activation', `allout-layout' non-nil. See `allout-init' for setup instructions." (if (and allout-auto-activation @@ -2353,7 +2500,7 @@ Called as part of `allout-post-command-business'." - (let ((isearching isearch-mode)) + (let ((isearching (and (boundp 'isearch-mode) isearch-mode))) (cond ((and isearching (not allout-pre-was-isearching)) (allout-isearch-expose 'start)) ((and isearching allout-pre-was-isearching) @@ -2361,24 +2508,11 @@ ((and (not isearching) allout-pre-was-isearching) (allout-isearch-expose 'final)) ;; Not and wasn't isearching: - (t (setq allout-isearch-prior-pos nil))))) + (t (setq allout-isearch-prior-pos nil) + (setq allout-isearch-did-quit nil))))) ;;;_ = allout-isearch-was-font-lock (defvar allout-isearch-was-font-lock (and (boundp 'font-lock-mode) font-lock-mode)) - -;;;_ > allout-flag-region (from to flag) -(defmacro allout-flag-region (from to flag) - "Hide or show lines from FROM to TO, via Emacs `selective-display' FLAG char. -Ie, text following flag C-m \(carriage-return) is hidden until the -next C-j (newline) char. - -Returns the endpoint of the region." - `(let ((buffer-read-only nil) - (allout-override-protect t)) - (subst-char-in-region ,from ,to - (if (= ,flag ?\n) ?\r ?\n) - ,flag t))) - ;;;_ > allout-isearch-expose (mode) (defun allout-isearch-expose (mode) "MODE is either 'clear, 'start, 'continue, or 'final." @@ -2403,21 +2537,56 @@ (setq allout-isearch-prior-pos nil) (if (not (eq mode 'final)) (setq allout-isearch-prior-pos (cons (point) (allout-show-entry))) - (if isearch-mode-end-hook-quit + (if allout-isearch-did-quit nil (setq allout-isearch-prior-pos nil) - (allout-show-children))))) + (allout-show-children)))) + (setq allout-isearch-did-quit nil)) ;;;_ > allout-enwrap-isearch () (defun allout-enwrap-isearch () - "Impose `isearch-abort' wrapper for dynamic exposure in isearch. + "Impose `allout-mode' isearch-abort wrapper for dynamic exposure in isearch. The function checks to ensure that the rebinding is done only once." - (add-hook 'isearch-mode-end-hook 'allout-isearch-rectification)) + + (add-hook 'isearch-mode-end-hook 'allout-isearch-rectification) + (if (fboundp 'allout-real-isearch-abort) + ;; + nil + ; Ensure load of isearch-mode: + (if (or (and (fboundp 'isearch-mode) + (fboundp 'isearch-abort)) + (condition-case error + (load-library "isearch-mode") + ('file-error (message + "Skipping isearch-mode provisions - %s '%s'" + (car (cdr error)) + (car (cdr (cdr error)))) + (sit-for 1) + ;; Inhibit subsequent tries and return nil: + (setq allout-isearch-dynamic-expose nil)))) + ;; Isearch-mode loaded, encapsulate specific entry points for + ;; outline dynamic-exposure business: + (progn + ;; stash crucial isearch-mode funcs under known, private + ;; names, then register wrapper functions under the old + ;; names, in their stead: + (fset 'allout-real-isearch-abort (symbol-function 'isearch-abort)) + (fset 'isearch-abort 'allout-isearch-abort))))) +;;;_ > allout-isearch-abort () +(defun allout-isearch-abort () + "Wrapper for allout-real-isearch-abort \(which see), to register +actual quits." + (interactive) + (setq allout-isearch-did-quit nil) + (condition-case what + (allout-real-isearch-abort) + ('quit (setq allout-isearch-did-quit t) + (signal 'quit nil)))) ;;; Prevent unnecessary font-lock while isearching! (defvar isearch-was-font-locking nil) (defun isearch-inhibit-font-lock () - "Inhibit `font-lock-mode' while isearching - for use on `isearch-mode-hook'." + "Inhibit `font-lock' while isearching - for use on `isearch-mode-hook'." (if (and (allout-mode-p) (boundp 'font-lock-mode) font-lock-mode) (setq isearch-was-font-locking t font-lock-mode nil))) @@ -2465,6 +2634,14 @@ (if prefix (allout-get-prefix-bullet prefix) (allout-get-bullet))))) +;;;_ > allout-encrypted-type-prefix (&optional prefix) +(defun allout-encrypted-type-prefix (&optional prefix) + "True if current header prefix bullet is for an encrypted entry \(body)." + (and allout-topic-encryption-bullet + (string= allout-topic-encryption-bullet + (if prefix + (allout-get-prefix-bullet prefix) + (allout-get-bullet))))) ;;;_ > allout-bullet-for-depth (&optional depth) (defun allout-bullet-for-depth (&optional depth) "Return outline topic bullet suited to optional DEPTH, or current depth." @@ -2625,15 +2802,15 @@ ((allout-sibling-index)))))) ) ) -;;;_ > allout-open-topic (relative-depth &optional before use-sib-bullet) -(defun allout-open-topic (relative-depth &optional before use-sib-bullet) - "Open a new topic at depth RELATIVE-DEPTH. +;;;_ > allout-open-topic (relative-depth &optional before use_recent_bullet) +(defun allout-open-topic (relative-depth &optional before use_recent_bullet) + "Open a new topic at depth DEPTH. New topic is situated after current one, unless optional flag BEFORE is non-nil, or unless current line is complete empty (not even whitespace), in which case open is done on current line. -If USE-SIB-BULLET is true, use the bullet of the prior sibling. +If USE_RECENT_BULLET is true, offer to use the bullet of the prior sibling. Nuances: @@ -2660,9 +2837,11 @@ (let* ((depth (+ (allout-current-depth) relative-depth)) (opening-on-blank (if (looking-at "^\$") (not (setq before nil)))) - opening-numbered ; Will get while computing ref-topic, below - ref-depth ; Will get while computing ref-topic, below - ref-bullet ; Will get while computing ref-topic, next + ;; bunch o vars set while computing ref-topic + opening-numbered + opening-encrypted + ref-depth + ref-bullet (ref-topic (save-excursion (cond ((< relative-depth 0) (allout-ascend-to-depth depth)) @@ -2680,6 +2859,13 @@ (allout-descend-to-depth depth)) (if (allout-numbered-type-prefix) allout-numbered-bullet)))) + (setq opening-encrypted + (save-excursion + (and allout-topic-encryption-bullet + (or (<= relative-depth 0) + (allout-descend-to-depth depth)) + (if (allout-numbered-type-prefix) + allout-numbered-bullet)))) (point))) dbl-space doing-beginning) @@ -2718,19 +2904,24 @@ (if (not (bobp)) (allout-previous-heading))) (if (and before (bobp)) - (allout-unprotected (open-line 1)))) + (allout-unprotected (allout-open-line-not-read-only)))) (if (<= relative-depth 0) ;; Not going inwards, don't snug up: (if doing-beginning - (allout-unprotected (open-line (if dbl-space 2 1))) + (allout-unprotected + (if (not dbl-space) + (allout-open-line-not-read-only) + (allout-open-line-not-read-only) + (allout-open-line-not-read-only))) (if before (progn (end-of-line) (allout-pre-next-preface) (while (= ?\r (following-char)) (forward-char 1)) (if (not (looking-at "^$")) - (allout-unprotected (open-line 1)))) + (allout-unprotected + (allout-open-line-not-read-only)))) (allout-end-of-current-subtree))) ;; Going inwards - double-space if first offspring is, ;; otherwise snug up. @@ -2748,38 +2939,47 @@ (progn (forward-line -1) (looking-at "^\\s-*$")))) (progn (forward-line 1) - (allout-unprotected (open-line 1)))) + (allout-unprotected + (allout-open-line-not-read-only)) + (forward-line 1))) (end-of-line)) ;;(if doing-beginning (goto-char doing-beginning)) (if (not (bobp)) + ;; We insert a newline char rather than using open-line to + ;; avoid rear-stickiness inheritence of read-only property. (progn (if (and (not (> depth ref-depth)) (not before)) - (allout-unprotected (open-line 1)) + (allout-unprotected + (allout-open-line-not-read-only)) (if (> depth ref-depth) - (allout-unprotected (newline 1)) + (allout-unprotected + (allout-open-line-not-read-only)) (if dbl-space - (allout-unprotected (open-line 1)) + (allout-unprotected + (allout-open-line-not-read-only)) (if (not before) (allout-unprotected (newline 1)))))) (if dbl-space - (allout-unprotected (newline 1))) + (allout-unprotected (newline 1))) (if (and (not (eobp)) (not (bolp))) (forward-char 1)))) )) (insert (concat (allout-make-topic-prefix opening-numbered - t - depth) - " ")) + t + depth) + " ")) ;;(if doing-beginning (save-excursion (newline (if dbl-space 2 1)))) - (allout-rebullet-heading (and use-sib-bullet ref-bullet);;; solicit + (allout-rebullet-heading (and use_recent_bullet ;;; solicit + ref-bullet) depth ;;; depth nil ;;; number-control nil ;;; index - t) (end-of-line) + t) + (end-of-line) ) ) ;;;_ . open-topic contingencies @@ -2795,6 +2995,13 @@ ;;;_ ; buffer boundaries - special provisions for beginning and end ob ;;;_ ; level 1 topics have special provisions also - double space. ;;;_ ; location of new topic +;;;_ > allout-open-line-not-read-only () +(defun allout-open-line-not-read-only () + "Open line and remove inherited read-only text prop from new char, if any." + (open-line 1) + (if (plist-get (text-properties-at (point)) 'read-only) + (allout-unprotected + (remove-text-properties (point) (+ 1 (point)) '(read-only nil))))) ;;;_ > allout-open-subtopic (arg) (defun allout-open-subtopic (arg) "Open new topic header at deeper level than the current one. @@ -2802,7 +3009,7 @@ Negative universal arg means to open deeper, but place the new topic prior to the current one." (interactive "p") - (allout-open-topic 1 (> 0 arg))) + (allout-open-topic 1 (> 0 arg) (< 1 arg))) ;;;_ > allout-open-sibtopic (arg) (defun allout-open-sibtopic (arg) "Open new topic header at same level as the current one. @@ -2812,7 +3019,7 @@ Negative universal arg means to place the new topic prior to the current one." (interactive "p") - (allout-open-topic 0 (> 0 arg) (< 1 arg))) + (allout-open-topic 0 (> 0 arg) (not (= 1 arg)))) ;;;_ > allout-open-supertopic (arg) (defun allout-open-supertopic (arg) "Open new topic header at shallower level than the current one. @@ -2821,7 +3028,7 @@ topic prior to the current one." (interactive "p") - (allout-open-topic -1 (> 0 arg))) + (allout-open-topic -1 (> 0 arg) (< 1 arg))) ;;;_ - Outline Alteration ;;;_ : Topic Modification @@ -2877,15 +3084,15 @@ (setq old-indent-begin (match-beginning 1) old-indent-end (match-end 1)) (not (looking-at allout-regexp))) - (if (> 0 (setq excess (- (current-column) - old-margin))) + (if (> 0 (setq excess (- (- old-indent-end old-indent-begin) + old-margin))) ;; Text starts left of old margin - don't adjust: nil ;; Text was hanging at or right of old left margin - ;; reindent it, preserving its existing indentation ;; beyond the old margin: (delete-region old-indent-begin old-indent-end) - (indent-to (+ new-margin excess))))))))) + (indent-to (+ new-margin excess (current-column)))))))))) ;;;_ > allout-rebullet-current-heading (arg) (defun allout-rebullet-current-heading (arg) "Solicit new bullet for current visible heading." @@ -2922,28 +3129,30 @@ "Adjust bullet of current topic prefix. +All args are optional. + If SOLICIT is non-nil, then the choice of bullet is solicited from user. If it's a character, then that character is offered as the default, otherwise the one suited to the context \(according to distinction or depth) is offered. If non-nil, then the context-specific bullet is just used. -Second arg NEW-DEPTH forces the topic prefix to that depth, regardless +Second arg DEPTH forces the topic prefix to that depth, regardless of the topic's current depth. Third arg NUMBER-CONTROL can force the prefix to or away from numbered form. It has effect only if `allout-numbered-bullet' is non-nil and soliciting was not explicitly invoked (via first arg). Its effect, numbering or denumbering, then depends on the setting -of the fourth arg, INDEX. +of the forth arg, INDEX. -If NUMBER-CONTROL is non-nil and fourth arg INDEX is nil, then the +If NUMBER-CONTROL is non-nil and forth arg INDEX is nil, then the prefix of the topic is forced to be non-numbered. Null index and non-nil NUMBER-CONTROL forces denumbering. Non-nil INDEX (and non-nil NUMBER-CONTROL) forces a numbered-prefix form. If non-nil INDEX is a number, then that number is used for the numbered prefix. Non-nil and non-number means that the index for the -numbered prefix will be derived by `allout-make-topic-prefix'. +numbered prefix will be derived by allout-make-topic-prefix. Fifth arg DO-SUCCESSORS t means re-resolve count on succeeding siblings. @@ -2986,9 +3195,10 @@ ; Put in new prefix: (allout-unprotected (insert new-prefix)) - ;; Reindent the body if elected and margin changed: + ;; Reindent the body if elected, margin changed, and not encrypted body: (if (and allout-reindent-bodies - (not (= new-depth current-depth))) + (not (= new-depth current-depth)) + (not (allout-encrypted-topic-p))) (allout-reindent-body current-depth new-depth)) ;; Recursively rectify successive siblings of orig topic if @@ -3010,7 +3220,7 @@ ) ; defun ;;;_ > allout-rebullet-topic (arg) (defun allout-rebullet-topic (arg) - "Like `allout-rebullet-topic-grunt', but start from topic visible at point. + "Rebullet the visible topic containing point and all contained subtopics. Descends into invisible as well as visible topics, however. @@ -3036,18 +3246,18 @@ starting-point index do-successors) + "Like `allout-rebullet-topic', but on nearest containing topic +\(visible or not). - "Rebullet the topic at point, visible or invisible, and all -contained subtopics. See `allout-rebullet-heading' for rebulleting -behavior. +See `allout-rebullet-heading' for rebulleting behavior. -Arg RELATIVE-DEPTH means to shift the depth of the entire -topic that amount. +All arguments are optional. -\(fn &optional RELATIVE-DEPTH)" +First arg RELATIVE-DEPTH means to shift the depth of the entire +topic that amount. - ;; All args except the first one are for internal recursive use by the - ;; function itself. +The rest of the args are for internal recursive use by the function +itself. The are STARTING-DEPTH, STARTING-POINT, and INDEX." (let* ((relative-depth (or relative-depth 0)) (new-depth (allout-depth)) @@ -3177,13 +3387,42 @@ (setq more (allout-next-sibling depth nil)))))) ;;;_ > allout-shift-in (arg) (defun allout-shift-in (arg) - "Increase depth of current heading and any topics collapsed within it." + "Increase depth of current heading and any topics collapsed within it. + +We disallow shifts that would result in the topic having a depth more than +one level greater than the immediately previous topic, to avoid containment +discontinuity. The first topic in the file can be adjusted to any positive +depth, however." (interactive "p") + (if (> arg 0) + (save-excursion + (allout-back-to-current-heading) + (if (not (bobp)) + (let* ((current-depth (allout-recent-depth)) + (start-point (point)) + (predecessor-depth (progn + (forward-char -1) + (allout-goto-prefix) + (if (< (point) start-point) + (allout-recent-depth) + 0)))) + (if (and (> predecessor-depth 0) + (> (+ current-depth arg) + (1+ predecessor-depth))) + (error (concat "May not shift deeper than offspring depth" + " of previous topic"))))))) (allout-rebullet-topic arg)) ;;;_ > allout-shift-out (arg) (defun allout-shift-out (arg) - "Decrease depth of current heading and any topics collapsed within it." + "Decrease depth of current heading and any topics collapsed within it. + +We disallow shifts that would result in the topic having a depth more than +one level greater than the immediately previous topic, to avoid containment +discontinuity. The first topic in the file can be adjusted to any positive +depth, however." (interactive "p") + (if (< arg 0) + (allout-shift-in (* arg -1))) (allout-rebullet-topic (* arg -1))) ;;;_ : Surgery (kill-ring) functions with special provisions for outlines: ;;;_ > allout-kill-line (&optional arg) @@ -3191,24 +3430,58 @@ "Kill line, adjusting subsequent lines suitably for outline mode." (interactive "*P") - (if (not (and (allout-mode-p) ; active outline mode, - allout-numbered-bullet ; numbers may need adjustment, - (bolp) ; may be clipping topic head, - (looking-at allout-regexp))) ; are clipping topic head. - ;; Above conditions do not obtain - just do a regular kill: - (kill-line arg) - ;; Ah, have to watch out for adjustments: - (let* ((depth (allout-depth))) - ; Do the kill: - (kill-line arg) + + (let ((start-point (point)) + (leading-kill-ring-entry (car kill-ring)) + binding) + + (condition-case err + + (if (not (and (allout-mode-p) ; active outline mode, + allout-numbered-bullet ; numbers may need adjustment, + (bolp) ; may be clipping topic head, + (looking-at allout-regexp))) ; are clipping topic head. + ;; Above conditions do not obtain - just do a regular kill: + (kill-line arg) + ;; Ah, have to watch out for adjustments: + (let* ((depth (allout-depth)) + (start-point (point)) + binding) + ; Do the kill, presenting option + ; for read-only text: + (kill-line arg) ; Provide some feedback: - (sit-for 0) - (save-excursion + (sit-for 0) + (save-excursion ; Start with the topic ; following killed line: - (if (not (looking-at allout-regexp)) - (allout-next-heading)) - (allout-renumber-to-depth depth))))) + (if (not (looking-at allout-regexp)) + (allout-next-heading)) + (allout-renumber-to-depth depth)))) + ;; condition case handler: + (text-read-only + (goto-char start-point) + (setq binding (where-is-internal 'allout-kill-topic nil t)) + (cond ((not binding) (setq binding "")) + ((arrayp binding) + (setq binding (mapconcat 'key-description (list binding) ", "))) + (t (setq binding (format "%s" binding)))) + ;; ensure prior kill-ring leader is properly restored: + (if (eq leading-kill-ring-entry (cadr kill-ring)) + ;; Aborted kill got pushed on front - ditch it: + (let ((got (car kill-ring))) + (setq kill-ring (cdr kill-ring)) + got) + ;; Aborted kill got appended to prior - resurrect prior: + (setcar kill-ring leading-kill-ring-entry)) + ;; make last-command skip this failed command, so kill-appending + ;; conditions track: + (setq this-command last-command) + (error (concat "read-only text hit - use %s allout-kill-topic to" + " discard collapsed stuff") + binding))) + ) + ) ;;;_ > allout-kill-topic () (defun allout-kill-topic () "Kill topic together with subtopics. @@ -3236,14 +3509,14 @@ (>= (allout-recent-depth) depth)))) (forward-char 1))) - (kill-region beg (point)) + (allout-unprotected (kill-region beg (point))) (sit-for 0) (save-excursion (allout-renumber-to-depth depth)))) ;;;_ > allout-yank-processing () (defun allout-yank-processing (&optional arg) - "Incidental outline specific business to be done just after text yanks. + "Incidental outline-specific business to be done just after text yanks. Does depth adjustment of yanked topics, when: @@ -3259,7 +3532,7 @@ The point is left in front of yanked, adjusted topics, rather than at the end (and vice-versa with the mark). Non-adjusted yanks, -however, are left exactly like normal, not outline specific yanks." +however, are left exactly like normal, non-allout-specific yanks." (interactive "*P") ; Get to beginning, leaving @@ -3463,6 +3736,60 @@ ;;;_ #6 Exposure Control ;;;_ - Fundamental +;;;_ > allout-flag-region (from to flag) +(defun allout-flag-region (from to flag) + "Hide or show lines from FROM to TO, via Emacs selective-display FLAG char. +Ie, text following flag C-m \(carriage-return) is hidden until the +next C-j (newline) char. + +Returns the endpoint of the region." + ;; "OFR-" prefixes to avoid collisions with vars in code calling the macro. + ;; ie, elisp macro vars are not 'hygenic', so distinct names are necessary. + (let ((was-inhibit-r-o inhibit-read-only) + (was-undo-list buffer-undo-list) + (was-modified (buffer-modified-p)) + trans) + (unwind-protect + (save-excursion + (setq inhibit-read-only t) + (setq buffer-undo-list t) + (if (> from to) + (setq trans from from to to trans)) + (subst-char-in-region from to + (if (= flag ?\n) ?\r ?\n) + flag t) + ;; adjust character read-protection on all the affected lines. + ;; we handle the region line-by-line. + (goto-char to) + (end-of-line) + (setq to (min (+ 2 (point)) (point-max))) + (goto-char from) + (beginning-of-line) + (while (< (point) to) + ;; handle from start of exposed to beginning of hidden, or eol: + (remove-text-properties (point) + (progn (if (re-search-forward "[\r\n]" + nil t) + (forward-char -1)) + (point)) + '(read-only nil)) + ;; handle from start of hidden, if any, to eol: + (if (and (not (eobp)) (= (char-after (point)) ?\r)) + (put-text-property (point) (progn (end-of-line) (point)) + 'read-only t)) + ;; Handle the end-of-line to beginning of next line: + (if (not (eobp)) + (progn (forward-char 1) + (remove-text-properties (1- (point)) (point) + '(read-only nil))))) + ) + (if (not was-modified) + (set-buffer-modified-p nil)) + (setq inhibit-read-only was-inhibit-r-o) + (setq buffer-undo-list was-undo-list) + ) + ) + ) ;;;_ > allout-flag-current-subtree (flag) (defun allout-flag-current-subtree (flag) "Hide or show subtree of currently-visible topic. @@ -3471,9 +3798,9 @@ (save-excursion (allout-back-to-current-heading) - (allout-flag-region (point) - (progn (allout-end-of-current-subtree) (1- (point))) - flag))) + (let ((from (point)) + (to (progn (allout-end-of-current-subtree) (1- (point))))) + (allout-flag-region from to flag)))) ;;;_ - Topic-specific ;;;_ > allout-show-entry () @@ -3482,7 +3809,7 @@ This is a way to give restricted peek at a concealed locality without the expense of exposing its context, but can leave the outline with aberrant -exposure. `allout-hide-current-entry-completely' or `allout-show-to-offshoot' +exposure. `allout-hide-current-entry-completely' or `allout-show-offshoot' should be used after the peek to rectify the exposure." (interactive) @@ -3602,7 +3929,7 @@ (allout-back-to-current-heading) (save-excursion (allout-flag-region (point) - (progn (allout-end-of-current-entry) (point)) + (progn (allout-end-of-entry) (point)) ?\r))) ;;;_ > allout-show-current-entry (&optional arg) (defun allout-show-current-entry (&optional arg) @@ -3614,8 +3941,9 @@ (allout-hide-current-entry) (save-excursion (allout-flag-region (point) - (progn (allout-end-of-current-entry) (point)) - ?\n)))) + (progn (allout-end-of-entry) (point)) + ?\n) + ))) ;;;_ > allout-hide-current-entry-completely () ; ... allout-hide-current-entry-completely also for isearch dynamic exposure: (defun allout-hide-current-entry-completely () @@ -3846,7 +4174,11 @@ max-pos))) ;;;_ > allout-old-expose-topic (spec &rest followers) (defun allout-old-expose-topic (spec &rest followers) - "Dictate wholesale exposure scheme for current topic, according to SPEC. + + "Deprecated. Use `allout-expose-topic' \(with different schema +format) instead. + +Dictate wholesale exposure scheme for current topic, according to SPEC. SPEC is either a number or a list. Optional successive args dictate exposure for subsequent siblings of current topic. @@ -3918,9 +4250,6 @@ (allout-old-expose-topic (car followers)) (setq followers (cdr followers))) max-pos)) -(make-obsolete 'allout-old-expose-topic - "use `allout-expose-topic' (with different schema format) instead." - "19.23") ;;;_ > allout-new-exposure '() (defmacro allout-new-exposure (&rest spec) "Literal frontend for `allout-expose-topic', doesn't evaluate arguments. @@ -3929,6 +4258,8 @@ Cursor is left at start position. +Use this instead of obsolete `allout-exposure'. + Examples: \(allout-new-exposure (-1 () () () 1) 0) Close current topic at current level so only the immediate @@ -4151,13 +4482,20 @@ (cdr format))))))) ;; Put the list with first at front, to last at back: (nreverse result)))) +;;;_ > my-region-active-p () +(defmacro my-region-active-p () + (if (fboundp 'region-active-p) + '(region-active-p) + 'mark-active)) ;;;_ > allout-process-exposed (&optional func from to frombuf ;;; tobuf format) (defun allout-process-exposed (&optional func from to frombuf tobuf - format start-num) + format &optional start-num) "Map function on exposed parts of current topic; results to another buffer. -Apply FUNC to exposed portions FROM position TO position in buffer +All args are options; default values itemized below. + +Apply FUNCTION to exposed portions FROM position TO position in buffer FROMBUF to buffer TOBUF. Sixth optional arg, FORMAT, designates an alternate presentation form: @@ -4170,7 +4508,7 @@ except for distinctive bullets. Defaults: - FUNC: `allout-insert-listified' + FUNCTION: `allout-insert-listified' FROM: region start, if region active, else start of buffer TO: region end, if region active, else end of buffer FROMBUF: current buffer @@ -4219,9 +4557,7 @@ \`(depth prefix text)' -or - - \`(depth prefix text bullet-plus)' +or \`(depth prefix text bullet-plus)' If `bullet-plus' is specified, it is inserted just after the entire prefix." (setq listified (cdr listified)) @@ -4237,7 +4573,7 @@ (while text (insert (car text)) (if (setq text (cdr text)) - (insert "\n"))) + (insert-string "\n"))) (insert "\n"))) ;;;_ > allout-copy-exposed-to-buffer (&optional arg tobuf format) (defun allout-copy-exposed-to-buffer (&optional arg tobuf format) @@ -4440,14 +4776,14 @@ body-content bop) ; Do the head line: (insert (concat "\\OneHeadLine{\\verb\1 " - (allout-latex-verb-quote bullet) - "\1}{" - depth - "}{\\verb\1 " - (if head-line - (allout-latex-verb-quote head-line) - "") - "\1}\n")) + (allout-latex-verb-quote bullet) + "\1}{" + depth + "}{\\verb\1 " + (if head-line + (allout-latex-verb-quote head-line) + "") + "\1}\n")) (if (not body-lines) nil ;;(insert "\\beginlines\n") @@ -4509,7 +4845,668 @@ (pop-to-buffer buf) (goto-char start-pt))) -;;;_ #8 miscellaneous +;;;_ #8 Encryption +;;;_ > allout-toggle-current-subtree-encryption (&optional fetch-pass) +(defun allout-toggle-current-subtree-encryption (&optional fetch-pass) + "Encrypt clear text or decrypt encoded topic contents \(body and subtopics.) + +Optional FETCH-PASS universal argument provokes key-pair encryption with +single universal argument. With doubled universal argument \(value = 16), +it forces prompting for the passphrase regardless of availability from the +passphrase cache. With no universal argument, the appropriate passphrase +for the is obtained from the cache, if available, else from the user. + +Currently only GnuPG encryption is supported. + +\**NOTE WELL** that the encrypted text must be ascii-armored. For gnupg +encryption, include the option ``armor'' in your ~/.gnupg/gpg.conf file. + +Both symmetric-key and key-pair encryption is implemented. Symmetric is +the default, use a single \(x4) universal argument for keypair mode. + +Encrypted topic's bullet is set to a `~' to signal that the contents of the +topic \(body and subtopics, but not heading) is pending encryption or +encrypted. `*' asterisk immediately after the bullet signals that the body +is encrypted, its' absence means the topic is meant to be encrypted but is +not. When a file with topics pending encryption is saved, topics pending +encryption are encrypted. See allout-encrypt-unencrypted-on-saves for +auto-encryption specifics. + +\**NOTE WELL** that automatic encryption that happens during saves will +default to symmetric encryption - you must manually \(re)encrypt key-pair +encrypted topics if you want them to continue to use the key-pair cipher. + +Level-1 topics, with prefix consisting solely of an `*' asterisk, cannot be +encrypted. If you want to encrypt the contents of a top-level topic, use +\\[allout-shift-in] to increase its depth. + + Passphrase Caching + +The encryption passphrase is solicited if not currently available in the +passphrase cache from a recent encryption action. + +The solicited passphrase is retained for reuse in a buffer-specific cache +for some set period of time \(default, 60 seconds), after which the string +is nulled. The passphrase cache timeout is customized by setting +`pgg-passphrase-cache-expiry'. + + Symmetric Passphrase Hinting and Verification + +If the file previously had no associated passphrase, or had a different +passphrase than specified, the user is prompted to repeat the new one for +corroboration. A random string encrypted by the new passphrase is set on +the buffer-specific variable `allout-passphrase-verifier-string', for +confirmation of the passphrase when next obtained, before encrypting or +decrypting anything with it. This helps avoid mistakenly shifting between +keys. + +If allout customization var `allout-passphrase-verifier-handling' is +non-nil, an entry for `allout-passphrase-verifier-string' and its value is +added to an Emacs 'local variables' section at the end of the file, which +is created if necessary. That setting is for retention of the passphrase +verifier across emacs sessions. + +Similarly, `allout-passphrase-hint-string' stores a user-provided reminder +about their passphrase, and `allout-passphrase-hint-handling' specifies +when the hint is presented, or if passphrase hints are disabled. If +enabled \(see the `allout-passphrase-hint-handling' docstring for details), +the hint string is stored in the local-variables section of the file, and +solicited whenever the passphrase is changed." + + (interactive "P") + (save-excursion + (allout-end-of-prefix t) + + (if (= (allout-recent-depth) 1) + (error (concat "Cannot encrypt or decrypt level 1 topics -" + " shift it in to make it encryptable"))) + + (let* ((allout-buffer (current-buffer)) + ;; Asses location: + (after-bullet-pos (point)) + (was-encrypted + (progn (if (= (point-max) after-bullet-pos) + (error "no body to encrypt")) + (allout-encrypted-topic-p))) + (was-collapsed (if (not (re-search-forward "[\n\r]" nil t)) + nil + (backward-char 1) + (looking-at "\r"))) + (subtree-beg (1+ (point))) + (subtree-end (allout-end-of-subtree)) + (subject-text (buffer-substring-no-properties subtree-beg + subtree-end)) + (subtree-end-char (char-after (1- subtree-end))) + (subtree-trailling-char (char-after subtree-end)) + (place-holder (if (or (string= "" subject-text) + (string= "\n" subject-text)) + (error "No topic contents to %scrypt" + (if was-encrypted "de" "en")))) + ;; Assess key parameters: + (key-info (or + ;; detect the type by which it is already encrypted + (and was-encrypted + (allout-encrypted-key-info subject-text)) + (and (member fetch-pass '(4 (4))) + '(keypair nil)) + '(symmetric nil))) + (for-key-type (car key-info)) + (for-key-identity (cadr key-info)) + (fetch-pass (and fetch-pass (member fetch-pass '(16 (16))))) + result-text) + + (setq result-text + (allout-encrypt-string subject-text was-encrypted + (current-buffer) + for-key-type for-key-identity fetch-pass)) + + ;; Replace the subtree with the processed product. + (allout-unprotected + (progn + (set-buffer allout-buffer) + (delete-region subtree-beg subtree-end) + (insert result-text) + (if was-collapsed + (allout-flag-region subtree-beg (1- (point)) ?\r)) + ;; adjust trailling-blank-lines to preserve topic spacing: + (if (not was-encrypted) + (if (and (member subtree-end-char '(?\r ?\n)) + (member subtree-trailling-char '(?\r ?\n))) + (insert subtree-trailling-char))) + ;; Ensure that the item has an encrypted-entry bullet: + (if (not (string= (buffer-substring-no-properties + (1- after-bullet-pos) after-bullet-pos) + allout-topic-encryption-bullet)) + (progn (goto-char (1- after-bullet-pos)) + (delete-char 1) + (insert allout-topic-encryption-bullet))) + (if was-encrypted + ;; Remove the is-encrypted bullet qualifier: + (progn (goto-char after-bullet-pos) + (delete-char 1)) + ;; Add the is-encrypted bullet qualifier: + (goto-char after-bullet-pos) + (insert "*")) + ) + ) + ) + ) + ) +;;;_ > allout-encrypt-string (text decrypt allout-buffer key-type for-key +;;; fetch-pass &optional retried verifying +;;; passphrase) +(defun allout-encrypt-string (text decrypt allout-buffer key-type for-key + fetch-pass &optional retried verifying + passphrase) + "Encrypt or decrypt message TEXT. + +If DECRYPT is true (default false), then decrypt instead of encrypt. + +FETCH-PASS (default false) forces fresh prompting for the passphrase. + +KEY-TYPE indicates whether to use a 'symmetric or 'keypair cipher. + +FOR-KEY is human readable identification of the first of the user's +eligible secret keys a keypair decryption targets, or else nil. + +Optional RETRIED is for internal use - conveys the number of failed keys +that have been solicited in sequence leading to this current call. + +Optional PASSPHRASE enables explicit delivery of the decryption passphrase, +for verification purposes. + +Returns the resulting string, or nil if the transformation fails." + + (require 'pgg) + + (let* ((scheme (upcase + (format "%s" (or pgg-scheme pgg-default-scheme "GPG")))) + (for-key (and (equal key-type 'keypair) + (or for-key + (split-string (read-string + (format "%s message recipients: " + scheme)) + "[ \t,]+")))) + (target-prompt-id (if (equal key-type 'keypair) + (if (= (length for-key) 1) + (car for-key) for-key) + (buffer-name allout-buffer))) + (target-cache-id (format "%s-%s" + key-type + (if (equal key-type 'keypair) + target-prompt-id + (or (buffer-file-name allout-buffer) + target-prompt-id)))) + (comment "Processed by allout driving pgg") + work-buffer result result-text status) + + (if (and fetch-pass (not passphrase)) + ;; Force later fetch by evicting passphrase from the cache. + (pgg-remove-passphrase-from-cache target-cache-id t)) + + (catch 'encryption-failed + + ;; Obtain the passphrase if we don't already have one and we're not + ;; doing a keypair encryption: + (if (not (or passphrase + (and (equal key-type 'keypair) + (not decrypt)))) + + (setq passphrase (allout-obtain-passphrase for-key + target-cache-id + target-prompt-id + key-type + allout-buffer + retried fetch-pass))) + (with-temp-buffer + + (insert (subst-char-in-string ?\r ?\n text)) + + (cond + + ;; symmetric: + ((equal key-type 'symmetric) + (setq status + (if decrypt + + (pgg-decrypt (point-min) (point-max) passphrase) + + (pgg-encrypt-symmetric (point-min) (point-max) + passphrase))) + + (if status + (pgg-situate-output (point-min) (point-max)) + ;; failed - handle passphrase caching + (if verifying + (throw 'encryption-failed nil) + (pgg-remove-passphrase-from-cache target-cache-id t) + (error "Symmetric-cipher encryption failed - %s" + "try again with different passphrase.")))) + + ;; encrypt 'keypair: + ((not decrypt) + + (setq status + + (pgg-encrypt for-key + nil (point-min) (point-max) passphrase)) + + (if status + (pgg-situate-output (point-min) (point-max)) + (error (pgg-remove-passphrase-from-cache target-cache-id t) + (error "encryption failed")))) + + ;; decrypt 'keypair: + (t + + (setq status + (pgg-decrypt (point-min) (point-max) passphrase)) + + (if status + (pgg-situate-output (point-min) (point-max)) + (error (pgg-remove-passphrase-from-cache target-cache-id t) + (error "decryption failed")))) + ) + + (setq result-text + (buffer-substring 1 (- (point-max) (if decrypt 0 1)))) + + ;; validate result - non-empty + (cond ((not result-text) + (if verifying + nil + ;; transform was fruitless, retry w/new passphrase. + (pgg-remove-passphrase-from-cache target-cache-id t) + (allout-encrypt-string text allout-buffer decrypt nil + (if retried (1+ retried) 1) + passphrase))) + + ;; Barf if encryption yields extraordinary control chars: + ((and (not decrypt) + (string-match "[\C-a\C-k\C-o-\C-z\C-@]" + result-text)) + (error (concat "encryption produced unusable" + " non-armored text - reconfigure!"))) + + ;; valid result and just verifying or non-symmetric: + ((or verifying (not (equal key-type 'symmetric))) + (if (or verifying decrypt) + (pgg-add-passphrase-to-cache target-cache-id + passphrase t)) + result-text) + + ;; valid result and regular symmetric - "register" + ;; passphrase with mnemonic aids/cache. + (t + (set-buffer allout-buffer) + (if passphrase + (pgg-add-passphrase-to-cache target-cache-id + passphrase t)) + (allout-update-passphrase-mnemonic-aids for-key passphrase + allout-buffer) + result-text) + ) + ) + ) + ) + ) +;;;_ > allout-obtain-passphrase (for-key cache-id prompt-id key-type +;;; allout-buffer retried fetch-pass) +(defun allout-obtain-passphrase (for-key cache-id prompt-id key-type + allout-buffer retried fetch-pass) + "Obtain passphrase for a key from the cache or else from the user. + +When obtaining from the user, symmetric-cipher passphrases are verified +against either, if available and enabled, a random string that was +encrypted against the passphrase, or else against repeated entry by the +user for corroboration. + +FOR-KEY is the key for which the passphrase is being obtained. + +CACHE-ID is the cache id of the key for the passphrase. + +PROMPT-ID is the id for use when prompting the user. + +KEY-TYPE is either 'symmetric or 'keypair. + +ALLOUT-BUFFER is the buffer containing the entry being en/decrypted. + +RETRIED is the number of this attempt to obtain this passphrase. + +FETCH-PASS causes the passphrase to be solicited from the user, regardless +of the availability of a cached copy." + + (if (not (equal key-type 'symmetric)) + ;; do regular passphrase read on non-symmetric passphrase: + (pgg-read-passphrase (format "%s passphrase%s: " + (upcase (format "%s" (or pgg-scheme + pgg-default-scheme + "GPG"))) + (if prompt-id + (format " for %s" prompt-id) + "")) + cache-id t) + + ;; Symmetric hereon: + + (save-excursion + (set-buffer allout-buffer) + (let* ((hint (if (and (not (string= allout-passphrase-hint-string "")) + (or (equal allout-passphrase-hint-handling 'always) + (and (equal allout-passphrase-hint-handling + 'needed) + retried))) + (format " [%s]" allout-passphrase-hint-string) + "")) + (retry-message (if retried (format " (%s retry)" retried) "")) + (prompt-sans-hint (format "'%s' symmetric passphrase%s: " + prompt-id retry-message)) + (full-prompt (format "'%s' symmetric passphrase%s%s: " + prompt-id hint retry-message)) + (prompt full-prompt) + (verifier-string (allout-get-encryption-passphrase-verifier)) + + (cached (and (not fetch-pass) + (pgg-read-passphrase-from-cache cache-id t))) + (got-pass (or cached + (pgg-read-passphrase full-prompt cache-id t))) + + confirmation) + + (if (not got-pass) + nil + + ;; Duplicate our handle on the passphrase so it's not clobbered by + ;; deactivate-passwd memory clearing: + (setq got-pass (format "%s" got-pass)) + + (cond (verifier-string + (save-window-excursion + (if (allout-encrypt-string verifier-string 'decrypt + allout-buffer 'symmetric + for-key nil 0 'verifying + got-pass) + (setq confirmation (format "%s" got-pass)))) + + (if (and (not confirmation) + (if (yes-or-no-p + (concat "Passphrase differs from established" + " - use new one instead? ")) + ;; deactivate password for subsequent + ;; confirmation: + (progn + (pgg-remove-passphrase-from-cache cache-id t) + (setq prompt prompt-sans-hint) + nil) + t)) + (progn (pgg-remove-passphrase-from-cache cache-id t) + (error "Wrong passphrase.")))) + ;; No verifier string - force confirmation by repetition of + ;; (new) passphrase: + ((or fetch-pass (not cached)) + (pgg-remove-passphrase-from-cache cache-id t)))) + ;; confirmation vs new input - doing pgg-read-passphrase will do the + ;; right thing, in either case: + (if (not confirmation) + (setq confirmation + (pgg-read-passphrase (concat prompt + " ... confirm spelling: ") + cache-id t))) + (prog1 + (if (equal got-pass confirmation) + confirmation + (if (yes-or-no-p (concat "spelling of original and" + " confirmation differ - retry? ")) + (progn (setq retried (if retried (1+ retried) 1)) + (pgg-remove-passphrase-from-cache cache-id t) + ;; recurse to this routine: + (pgg-read-passphrase prompt-sans-hint cache-id t)) + (pgg-remove-passphrase-from-cache cache-id t) + (error "Confirmation failed."))) + ;; reduce opportunity for memory cherry-picking by zeroing duplicate: + (dotimes (i (length got-pass)) + (aset got-pass i 0)) + ) + ) + ) + ) + ) +;;;_ > allout-encrypted-topic-p () +(defun allout-encrypted-topic-p () + "True if the current topic is encryptable and encrypted." + (save-excursion + (allout-end-of-prefix t) + (and (string= (buffer-substring-no-properties (1- (point)) (point)) + allout-topic-encryption-bullet) + (looking-at "\\*")) + ) + ) +;;;_ > allout-encrypted-key-info (text) +;; XXX gpg-specific, alas +(defun allout-encrypted-key-info (text) + "Return a pair of the key type and identity of a recipient's secret key. + +The key type is one of 'symmetric or 'keypair. + +if 'keypair, and some of the user's secret keys are among those for which +the message was encoded, return the identity of the first. otherwise, +return nil for the second item of the pair. + +An error is raised if the text is not encrypted." + (require 'pgg-parse) + (save-excursion + (with-temp-buffer + (insert (subst-char-in-string ?\r ?\n text)) + (let* ((parsed-armor (pgg-parse-armor-region (point-min) (point-max))) + (type (if (pgg-gpg-symmetric-key-p parsed-armor) + 'symmetric + 'keypair)) + secret-keys first-secret-key for-key-owner) + (if (equal type 'keypair) + (setq secret-keys (pgg-gpg-lookup-all-secret-keys) + first-secret-key (pgg-gpg-select-matching-key parsed-armor + secret-keys) + for-key-owner (and first-secret-key + (pgg-gpg-lookup-key-owner + first-secret-key)))) + (list type (pgg-gpg-key-id-from-key-owner for-key-owner)) + ) + ) + ) + ) +;;;_ > allout-create-encryption-passphrase-verifier (passphrase) +(defun allout-create-encryption-passphrase-verifier (passphrase) + "Encrypt random message for later validation of symmetric key's passphrase." + ;; use 20 random ascii characters, across the entire ascii range. + (random t) + (let ((spew (make-string 20 ?\0))) + (dotimes (i (length spew)) + (aset spew i (1+ (random 254)))) + (allout-encrypt-string spew nil (current-buffer) 'symmetric + nil nil 0 passphrase)) + ) +;;;_ > allout-update-passphrase-mnemonic-aids (for-key passphrase +;;; outline-buffer) +(defun allout-update-passphrase-mnemonic-aids (for-key passphrase + outline-buffer) + "Update passphrase verifier and hint strings if necessary. + +See `allout-passphrase-verifier-string' and `allout-passphrase-hint-string' +settings. + +PASSPHRASE is the passphrase being mnemonicized + +OUTLINE-BUFFER is the buffer of the outline being adjusted. + +These are used to help the user keep track of the passphrase they use for +symmetric encryption in the file. + +Behavior is governed by `allout-passphrase-verifier-handling', +`allout-passphrase-hint-handling', and also, controlling whether the values +are preserved on Emacs local file variables, +`allout-enable-file-variable-adjustment'." + + ;; If passphrase doesn't agree with current verifier: + ;; - adjust the verifier + ;; - if passphrase hint handling is enabled, adjust the passphrase hint + ;; - if file var settings are enabled, adjust the file vars + + (let* ((new-verifier-needed (not (allout-verify-passphrase + for-key passphrase outline-buffer))) + (new-verifier-string + (if new-verifier-needed + ;; Collapse to a single line and enclose in string quotes: + (subst-char-in-string + ?\n ?\C-a (allout-create-encryption-passphrase-verifier + passphrase)))) + new-hint) + (when new-verifier-string + ;; do the passphrase hint first, since it's interactive + (when (and allout-passphrase-hint-handling + (not (equal allout-passphrase-hint-handling 'disabled))) + (setq new-hint + (read-from-minibuffer "Passphrase hint to jog your memory: " + allout-passphrase-hint-string)) + (when (not (string= new-hint allout-passphrase-hint-string)) + (setq allout-passphrase-hint-string new-hint) + (allout-adjust-file-variable "allout-passphrase-hint-string" + allout-passphrase-hint-string))) + (when allout-passphrase-verifier-handling + (setq allout-passphrase-verifier-string new-verifier-string) + (allout-adjust-file-variable "allout-passphrase-verifier-string" + allout-passphrase-verifier-string)) + ) + ) + ) +;;;_ > allout-get-encryption-passphrase-verifier () +(defun allout-get-encryption-passphrase-verifier () + "Return text of the encrypt passphrase verifier, unmassaged, or nil if none. + +Derived from value of `allout-file-passphrase-verifier-string'." + + (let ((verifier-string (and (boundp 'allout-passphrase-verifier-string) + allout-passphrase-verifier-string))) + (if verifier-string + ;; Return it uncollapsed + (subst-char-in-string ?\C-a ?\n verifier-string)) + ) + ) +;;;_ > allout-verify-passphrase (key passphrase allout-buffer) +(defun allout-verify-passphrase (key passphrase allout-buffer) + "True if passphrase successfully decrypts verifier, nil otherwise. + +\"Otherwise\" includes absence of passphrase verifier." + (save-excursion + (set-buffer allout-buffer) + (and (boundp 'allout-passphrase-verifier-string) + allout-passphrase-verifier-string + (allout-encrypt-string (allout-get-encryption-passphrase-verifier) + 'decrypt allout-buffer 'symmetric + key nil 0 'verifying passphrase) + t))) +;;;_ > allout-next-topic-pending-encryption (&optional except-mark) +(defun allout-next-topic-pending-encryption (&optional except-mark) + "Return the point of the next topic pending encryption, or nil if none. + +EXCEPT-MARK identifies a point whose containing topics should be excluded +from encryption. This supports 'except-current mode of +`allout-encrypt-unencrypted-on-saves'. + +Such a topic has the allout-topic-encryption-bullet without an +immediately following '*' that would mark the topic as being encrypted. It +must also have content." + (let (done got content-beg) + (while (not done) + + (if (not (re-search-forward + (format "\\(\\`\\|[\n\r]\\)%s *%s[^*]" + (regexp-quote allout-header-prefix) + (regexp-quote allout-topic-encryption-bullet)) + nil t)) + (setq got nil + done t) + (goto-char (setq got (match-beginning 0))) + (if (looking-at "[\n\r]") + (forward-char 1)) + (setq got (point))) + + (cond ((not got) + (setq done t)) + + ((not (re-search-forward "[\n\r]")) + (setq got nil + done t)) + + ((eobp) + (setq got nil + done t)) + + (t + (setq content-beg (point)) + (backward-char 1) + (allout-end-of-subtree) + (if (or (<= (point) content-beg) + (and except-mark + (<= content-beg except-mark) + (>= (point) except-mark))) + ;; Continue looking + (setq got nil) + ;; Got it! + (setq done t))) + ) + ) + (if got + (goto-char got)) + ) + ) +;;;_ > allout-encrypt-decrypted (&optional except-mark) +(defun allout-encrypt-decrypted (&optional except-mark) + "Encrypt topics pending encryption except those containing exemption point. + +EXCEPT-MARK identifies a point whose containing topics should be excluded +from encryption. This supports 'except-current mode of +`allout-encrypt-unencrypted-on-saves'. + +If a topic that is currently being edited was encrypted, we return a list +containing the location of the topic and the location of the cursor just +before the topic was encrypted. This can be used, eg, to decrypt the topic +and exactly resituate the cursor if this is being done as part of a file +save. See `allout-encrypt-unencrypted-on-saves' for more info." + + (interactive "p") + (save-excursion + (let ((current-mark (point-marker)) + was-modified + bo-subtree + editing-topic editing-point) + (goto-char (point-min)) + (while (allout-next-topic-pending-encryption except-mark) + (setq was-modified (buffer-modified-p)) + (if (save-excursion + (and (boundp 'allout-encrypt-unencrypted-on-saves) + allout-encrypt-unencrypted-on-saves + (setq bo-subtree (re-search-forward "[\n\r]")) + ;; Not collapsed: + (string= (match-string 0) "\n") + (>= current-mark (point)) + (allout-end-of-current-subtree) + (<= current-mark (point)))) + (setq editing-topic (point) + ;; we had to wait for this 'til now so prior topics are + ;; encrypted, any relevant text shifts are in place: + editing-point (marker-position current-mark))) + (allout-toggle-current-subtree-encryption) + (if (not was-modified) + (set-buffer-modified-p nil)) + ) + (if (not was-modified) + (set-buffer-modified-p nil)) + (if editing-topic (list editing-topic editing-point)) + ) + ) + ) + +;;;_ #9 miscellaneous ;;;_ > allout-mark-topic () (defun allout-mark-topic () "Put the region around topic currently containing point." @@ -4521,7 +5518,9 @@ (exchange-point-and-mark)) ;;;_ > outlineify-sticky () ;; outlinify-sticky is correct spelling; provide this alias for sticklers: +;;;###autoload (defalias 'outlinify-sticky 'outlineify-sticky) +;;;###autoload (defun outlineify-sticky (&optional arg) "Activate outline mode and establish file var so it is started subsequently. @@ -4538,22 +5537,100 @@ t (allout-open-topic 2) (insert (concat "Dummy outline topic header - see" - "`allout-mode' docstring: `^Hm'.")) - (forward-line 1) + "`allout-mode' docstring: `^Hm'.")) + (allout-adjust-file-variable + "allout-layout" (format "%s" (or allout-layout '(-1 : 0))))))) +;;;_ > allout-file-vars-section-data () +(defun allout-file-vars-section-data () + "Return data identifying the file-vars section, or nil if none. + +Returns list `(beginning-point prefix-string suffix-string)'." + ;; minimally gleaned from emacs 21.4 files.el hack-local-variables function. + (let (beg prefix suffix) + (save-excursion (goto-char (point-max)) - (open-line 1) - (allout-open-topic 0) - (insert "Local emacs vars.\n") - (allout-open-topic 1) - (insert "(`allout-layout' is for allout.el allout-mode)\n") - (allout-open-topic 0) - (insert "Local variables:\n") - (allout-open-topic 0) - (insert (format "allout-layout: %s\n" - (or allout-layout - '(-1 : 0)))) - (allout-open-topic 0) - (insert "End:\n")))) + (search-backward "\n\^L" (max (- (point-max) 3000) (point-min)) 'move) + (if (let ((case-fold-search t)) + (not (search-forward "Local Variables:" nil t))) + nil + (setq beg (- (point) 16)) + (setq suffix (buffer-substring-no-properties + (point) + (progn (if (re-search-forward "[\n\r]" nil t) + (forward-char -1)) + (point)))) + (setq prefix (buffer-substring-no-properties + (progn (if (re-search-backward "[\n\r]" nil t) + (forward-char 1)) + (point)) + beg)) + (list beg prefix suffix)) + ) + ) + ) +;;;_ > allout-adjust-file-variable (varname value) +(defun allout-adjust-file-variable (varname value) + "Adjust the setting of an emacs file variable named VARNAME to VALUE. + +This activity is inhibited if either `enable-local-variables' +`allout-enable-file-variable-adjustment' are nil. + +When enabled, an entry for the variable is created if not already present, +or changed if established with a different value. The section for the file +variables, itself, is created if not already present. When created, the +section lines \(including the section line) exist as second-level topics in +a top-level topic at the end of the file. + +enable-local-variables must be true for any of this to happen." + (if (not (and enable-local-variables + allout-enable-file-variable-adjustment)) + nil + (save-excursion + (let ((section-data (allout-file-vars-section-data)) + beg prefix suffix) + (if section-data + (setq beg (car section-data) + prefix (cadr section-data) + suffix (car (cddr section-data))) + ;; create the section + (goto-char (point-max)) + (open-line 1) + (allout-open-topic 0) + (end-of-line) + (insert "Local emacs vars.\n") + (allout-open-topic 1) + (setq beg (point) + suffix "" + prefix (buffer-substring-no-properties (progn + (beginning-of-line) + (point)) + beg)) + (goto-char beg) + (insert "Local variables:\n") + (allout-open-topic 0) + (insert "End:\n") + ) + ;; look for existing entry or create one, leaving point for insertion + ;; of new value: + (goto-char beg) + (allout-show-to-offshoot) + (if (search-forward (concat "\n" prefix varname ":") nil t) + (let* ((value-beg (point)) + (line-end (progn (if (re-search-forward "[\n\r]" nil t) + (forward-char -1)) + (point))) + (value-end (- line-end (length suffix)))) + (if (> value-end value-beg) + (delete-region value-beg value-end))) + (end-of-line) + (open-line 1) + (forward-line 1) + (insert (concat prefix varname ":"))) + (insert (format " %S%s" value suffix)) + ) + ) + ) + ) ;;;_ > solicit-char-in-string (prompt string &optional do-defaulting) (defun solicit-char-in-string (prompt string &optional do-defaulting) "Solicit (with first arg PROMPT) choice of a character from string STRING. @@ -4594,8 +5671,7 @@ Representations of actual backslashes - '\\\\\\\\' - are left as a single backslash. -\(fn REGEXP)" -;; Optional arg SUCCESSIVE-BACKSLASHES is used internally for recursion. +Optional arg SUCCESSIVE-BACKSLASHES is used internally for recursion." (if (string= regexp "") "" @@ -4611,11 +5687,6 @@ (regexp-sans-escapes (substring regexp 1))) ;; Exclude first char, but maintain count: (regexp-sans-escapes (substring regexp 1) successive-backslashes)))) -;;;_ > my-region-active-p () -(defmacro my-region-active-p () - (if (fboundp 'region-active-p) - '(region-active-p) - 'mark-active)) ;;;_ - add-hook definition for divergent emacsen ;;;_ > add-hook (hook function &optional append) (if (not (fboundp 'add-hook)) @@ -4636,17 +5707,29 @@ (if append (nconc (symbol-value hook) (list function)) (cons function (symbol-value hook))))))) +;;;_ > subst-char-in-string if necessary +(if (not (fboundp 'subst-char-in-string)) + (defun subst-char-in-string (fromchar tochar string &optional inplace) + "Replace FROMCHAR with TOCHAR in STRING each time it occurs. +Unless optional argument INPLACE is non-nil, return a new string." + (let ((i (length string)) + (newstr (if inplace string (copy-sequence string)))) + (while (> i 0) + (setq i (1- i)) + (if (eq (aref newstr i) fromchar) + (aset newstr i tochar))) + newstr))) ;;;_ : my-mark-marker to accommodate divergent emacsen: (defun my-mark-marker (&optional force buffer) "Accommodate the different signature for `mark-marker' across Emacsen. -XEmacs takes two optional args, while GNU Emacs does not, +XEmacs takes two optional args, while mainline GNU Emacs does not, so pass them along when appropriate." (if (featurep 'xemacs) - (mark-marker force buffer) + (apply 'mark-marker force buffer) (mark-marker))) -;;;_ #9 Under development +;;;_ #10 Under development ;;;_ > allout-bullet-isearch (&optional bullet) (defun allout-bullet-isearch (&optional bullet) "Isearch \(regexp) for topic with bullet BULLET." [-- Attachment #5: Type: text/plain, Size: 142 bytes --] _______________________________________________ Emacs-devel mailing list Emacs-devel@gnu.org http://lists.gnu.org/mailman/listinfo/emacs-devel ^ permalink raw reply [flat|nested] 156+ messages in thread
end of thread, other threads:[~2006-04-10 22:40 UTC | newest] Thread overview: 156+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2005-09-30 17:24 new version of allout.el - patch and ChangeLog Ken Manheimer 2005-09-30 21:06 ` Sascha Wilde 2005-09-30 21:52 ` Ken Manheimer 2005-10-01 8:20 ` Andreas Schwab 2005-10-01 12:41 ` Reiner Steib 2005-10-01 23:54 ` James Cloos 2005-10-01 16:28 ` Ken Manheimer 2005-10-02 10:48 ` Sascha Wilde 2005-10-02 14:23 ` Ken Manheimer 2005-10-02 20:31 ` Richard M. Stallman 2005-10-03 19:25 ` pgg symmetric encryption patch (was: new version of allout.el - patch and ChangeLog) Sascha Wilde 2005-10-03 19:50 ` Ken Manheimer 2005-10-04 10:53 ` Sascha Wilde 2005-10-04 12:46 ` pgg symmetric encryption patch Stefan Monnier 2005-10-05 16:19 ` Sascha Wilde 2005-10-05 19:16 ` Ken Manheimer 2005-10-10 4:15 ` Richard M. Stallman 2005-10-06 2:18 ` Daiki Ueno 2005-10-06 9:01 ` Sascha Wilde 2005-10-06 22:41 ` Ken Manheimer 2005-10-07 10:00 ` Sascha Wilde 2005-10-07 18:06 ` Ken Manheimer 2005-10-07 21:49 ` Sascha Wilde 2005-10-08 8:48 ` Simon Josefsson 2005-10-08 10:36 ` Sascha Wilde 2005-10-08 11:14 ` Simon Josefsson 2005-10-08 12:56 ` Ken Manheimer 2005-10-08 22:56 ` Richard M. Stallman 2005-10-10 21:50 ` Ken Manheimer 2005-10-11 14:44 ` Richard M. Stallman 2005-10-08 13:43 ` Sascha Wilde 2005-10-08 18:31 ` Ken Manheimer 2005-10-08 19:16 ` Ken Manheimer 2005-10-10 21:15 ` Ken Manheimer 2005-10-10 21:16 ` Ken Manheimer 2005-10-12 23:47 ` Ken Manheimer 2005-10-20 14:08 ` Ken Manheimer 2005-10-20 14:12 ` Simon Josefsson 2005-10-20 14:30 ` Ken Manheimer 2005-10-20 14:42 ` Sascha Wilde 2005-10-25 7:23 ` Sascha Wilde 2005-10-25 20:26 ` Ken Manheimer 2005-10-25 21:18 ` Sascha Wilde 2005-10-25 21:28 ` Ken Manheimer 2005-10-26 9:57 ` Sascha Wilde 2005-10-26 15:45 ` Ken Manheimer 2005-10-27 7:37 ` Sascha Wilde 2005-10-29 11:42 ` Eli Zaretskii 2005-10-29 19:50 ` Ken Manheimer 2005-10-31 17:30 ` Ken Manheimer 2005-11-04 14:45 ` Eli Zaretskii 2005-10-20 18:07 ` Relocating pgg*.el (was: pgg symmetric encryption patch) Reiner Steib 2005-10-20 22:22 ` Kim F. Storm 2005-10-21 4:49 ` Richard M. Stallman 2005-10-20 23:38 ` pgg symmetric encryption patch Richard M. Stallman 2005-10-21 7:07 ` Simon Josefsson 2006-03-18 21:17 ` Small patch to enable use of gpg-agent with pgg Sascha Wilde 2006-03-18 23:30 ` Daniel Pittman 2006-03-19 0:46 ` Miles Bader 2006-03-19 3:45 ` Daniel Pittman 2006-03-19 18:28 ` Miles Bader 2006-03-19 9:49 ` Sascha Wilde 2006-03-19 17:30 ` Sascha Wilde 2006-03-21 14:32 ` Simon Josefsson 2006-03-21 21:29 ` Reiner Steib 2006-03-22 9:49 ` Simon Josefsson 2006-03-22 8:36 ` Sascha Wilde 2006-03-22 9:16 ` Daiki Ueno 2006-03-22 9:48 ` Simon Josefsson 2006-03-22 11:03 ` Sascha Wilde 2006-03-22 11:13 ` Simon Josefsson 2006-03-22 12:25 ` Daiki Ueno 2006-03-23 10:40 ` Daiki Ueno 2006-03-23 11:00 ` Simon Josefsson 2006-03-23 12:18 ` Daiki Ueno 2006-03-23 13:08 ` Simon Josefsson 2006-03-24 5:51 ` Daiki Ueno 2006-03-26 0:29 ` Daiki Ueno 2006-03-26 1:08 ` Simon Josefsson 2006-03-26 3:29 ` Miles Bader 2006-03-26 5:06 ` Daiki Ueno 2006-03-26 17:05 ` Simon Josefsson 2006-03-26 18:24 ` Sascha Wilde 2006-03-27 9:36 ` Simon Josefsson 2006-03-23 12:52 ` Sascha Wilde 2006-03-23 20:07 ` Daiki Ueno 2006-03-23 22:16 ` Sascha Wilde 2006-04-05 9:13 ` pgg-gpg broken? Sascha Wilde 2006-04-05 9:42 ` Daiki Ueno 2006-04-05 10:18 ` Sascha Wilde 2006-04-05 21:33 ` Daiki Ueno 2006-04-06 9:00 ` Sascha Wilde 2006-04-06 9:21 ` Daiki Ueno 2006-04-06 9:58 ` Sascha Wilde 2006-04-06 10:13 ` Daiki Ueno 2006-04-07 10:32 ` gpg-agent support removed?! (was: pgg-gpg broken?) Sascha Wilde 2006-04-07 12:11 ` Simon Josefsson 2006-04-07 12:14 ` gpg-agent support removed?! Romain Francoise 2006-04-07 13:00 ` Sascha Wilde 2006-04-07 13:30 ` Simon Josefsson 2006-04-07 20:59 ` Reiner Steib 2006-04-08 9:36 ` Romain Francoise 2006-04-08 10:05 ` Sascha Wilde 2006-04-07 12:35 ` Reiner Steib 2006-04-07 13:02 ` Daiki Ueno 2006-04-07 13:08 ` Sascha Wilde 2006-04-07 13:26 ` Daiki Ueno 2006-04-09 16:04 ` Sascha Wilde 2006-04-10 18:04 ` Reiner Steib 2006-04-07 13:40 ` Reiner Steib 2006-04-07 14:05 ` Thomas Baumann 2006-04-07 14:40 ` Daiki Ueno 2006-04-07 15:45 ` Reiner Steib 2006-04-07 20:55 ` Daiki Ueno 2006-04-07 21:22 ` Reiner Steib 2006-04-08 7:03 ` Thomas Baumann 2006-04-08 10:18 ` Daiki Ueno 2006-04-07 21:36 ` Richard Stallman 2006-04-08 9:45 ` Romain Francoise 2006-04-08 10:11 ` Daiki Ueno 2006-04-08 11:30 ` Romain Francoise 2006-04-08 11:58 ` Daiki Ueno 2006-04-10 18:04 ` PGG maintainance (was: gpg-agent support removed?!) Reiner Steib 2006-04-10 22:40 ` gpg-agent support removed?! Ken Manheimer 2006-04-08 22:34 ` Richard Stallman 2006-04-05 16:14 ` pgg-gpg broken? Reiner Steib 2006-04-05 19:22 ` Sascha Wilde 2006-03-22 9:46 ` Small patch to enable use of gpg-agent with pgg Simon Josefsson 2006-03-22 16:13 ` Simon Josefsson 2006-03-22 23:01 ` Katsumi Yamaoka 2006-03-22 23:45 ` Simon Josefsson 2006-03-23 0:58 ` Katsumi Yamaoka 2006-03-23 9:12 ` Simon Josefsson 2006-03-23 10:26 ` Sascha Wilde 2006-03-23 10:54 ` Simon Josefsson 2006-03-23 11:12 ` Simon Josefsson 2006-03-23 11:16 ` Simon Josefsson 2006-03-23 12:51 ` Reiner Steib 2006-03-23 13:07 ` Sascha Wilde 2006-03-23 13:10 ` Simon Josefsson 2006-03-23 12:00 ` Sascha Wilde 2006-03-23 13:00 ` Simon Josefsson 2006-03-26 18:11 ` Sascha Wilde [not found] ` <m2wtels74l.fsf@kenny.sha-bang .de> 2006-03-23 23:09 ` Miles Bader 2006-04-02 0:30 ` Ken Manheimer 2006-04-02 8:28 ` Daiki Ueno 2005-12-09 15:43 ` pgg symmetric encryption patch Simon Josefsson 2005-12-09 20:30 ` Stefan Monnier 2005-12-09 20:31 ` Stefan Monnier 2005-12-10 4:13 ` Richard M. Stallman 2005-12-10 10:50 ` Simon Josefsson 2005-12-11 13:32 ` Sascha Wilde 2005-12-11 13:42 ` Simon Josefsson 2005-10-02 17:08 ` new version of allout.el - patch and ChangeLog Richard M. Stallman [not found] ` <E1ELj0L-0000Pn-3T@fencepost.gnu.org> 2005-10-01 22:33 ` Ken Manheimer 2005-10-20 13:57 ` Ken Manheimer
Code repositories for project(s) associated with this external index https://git.savannah.gnu.org/cgit/emacs.git https://git.savannah.gnu.org/cgit/emacs/org-mode.git This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.