-;;; epa-file.el --- the EasyPG Assistant, transparent file encryption
-;; Copyright (C) 2006, 2007, 2008 Free Software Foundation, Inc.
+;;; epa-file.el --- the EasyPG Assistant, transparent file encryption -*- lexical-binding: t -*-
+;; Copyright (C) 2006-2011 Free Software Foundation, Inc.
;; Author: Daiki Ueno <ueno@unixuser.org>
;; Keywords: PGP, GnuPG
+;; Package: epa
;; This file is part of GNU Emacs.
(require 'epa-hook)
(defcustom epa-file-cache-passphrase-for-symmetric-encryption nil
- "If non-nil, cache passphrase for symmetric encryption."
+ "If non-nil, cache passphrase for symmetric encryption.
+
+For security reasons, this option is turned off by default and
+not recommended to use. Instead, consider using public-key
+encryption with gpg-agent which does the same job in a safer
+way."
:type 'boolean
:group 'epa-file)
-(defcustom epa-file-select-keys nil
- "If non-nil, always asks user to select recipients."
- :type 'boolean
+(defcustom epa-file-select-keys 'silent
+ "Control whether or not to pop up the key selection dialog.
+
+If t, always asks user to select recipients.
+If nil, query user only when `epa-file-encrypt-to' is not set.
+If neither t nor nil, doesn't ask user. In this case, symmetric
+encryption is used."
+ :type '(choice (const :tag "Ask always" t)
+ (const :tag "Ask when recipients are not set" nil)
+ (const :tag "Don't ask" silent))
:group 'epa-file)
(defvar epa-file-passphrase-alist nil)
(cons entry
epa-file-passphrase-alist)))
(setq passphrase (epa-passphrase-callback-function context
- key-id nil))
+ key-id
+ file))
(setcdr entry (copy-sequence passphrase))
passphrase))))
- (epa-passphrase-callback-function context key-id nil)))
+ (epa-passphrase-callback-function context key-id file)))
;;;###autoload
(defun epa-file-handler (operation &rest args)
(if (fboundp 'decode-coding-inserted-region)
(save-restriction
(narrow-to-region (point) (point))
- (let ((multibyte enable-multibyte-characters))
- (set-buffer-multibyte nil)
- (insert string)
- (set-buffer-multibyte multibyte)
+ (insert (if enable-multibyte-characters
+ (string-to-multibyte string)
+ string))
(decode-coding-inserted-region
(point-min) (point-max)
(substring file 0 (string-match epa-file-name-regexp file))
- visit beg end replace)))
+ visit beg end replace))
(insert (epa-file--decode-coding-string string (or coding-system-for-read
'undecided)))))
+(defvar epa-file-error nil)
+(defun epa-file--find-file-not-found-function ()
+ (let ((error epa-file-error))
+ (save-window-excursion
+ (kill-buffer))
+ (signal 'file-error
+ (cons "Opening input file" (cdr error)))))
+
(defvar last-coding-system-used)
(defun epa-file-insert-file-contents (file &optional visit beg end replace)
(barf-if-buffer-read-only)
(local-file (or local-copy file))
(context (epg-make-context))
string length entry)
+ (if visit
+ (setq buffer-file-name file))
(epg-context-set-passphrase-callback
context
(cons #'epa-file-passphrase-callback-function
(error
(if (setq entry (assoc file epa-file-passphrase-alist))
(setcdr entry nil))
+ ;; Hack to prevent find-file from opening empty buffer
+ ;; when decryption failed (bug#6568). See the place
+ ;; where `find-file-not-found-functions' are called in
+ ;; `find-file-noselect-1'.
+ (when (file-exists-p local-file)
+ (make-local-variable 'epa-file-error)
+ (setq epa-file-error error)
+ (add-hook 'find-file-not-found-functions
+ 'epa-file--find-file-not-found-function
+ nil t))
(signal 'file-error
(cons "Opening input file" (cdr error)))))
(make-local-variable 'epa-file-encrypt-to)
(if (or beg end)
(setq string (substring string (or beg 0) end)))
(save-excursion
- (save-restriction
- (narrow-to-region (point) (point))
- (epa-file-decode-and-insert string file visit beg end replace)
- (setq length (- (point-max) (point-min))))
- (if replace
- (delete-region (point) (point-max)))
- (when visit
- (setq buffer-file-name file)
- (set-visited-file-modtime))))
+ ;; If visiting, bind off buffer-file-name so that
+ ;; file-locking will not ask whether we should
+ ;; really edit the buffer.
+ (let ((buffer-file-name
+ (if visit nil buffer-file-name)))
+ (save-restriction
+ (narrow-to-region (point) (point))
+ (epa-file-decode-and-insert string file visit beg end replace)
+ (setq length (- (point-max) (point-min))))
+ (if replace
+ (delete-region (point) (point-max))))
+ (if visit
+ (set-visited-file-modtime))))
(if (and local-copy
(file-exists-p local-copy))
(delete-file local-copy)))
(defun epa-file-write-region (start end file &optional append visit lockname
mustbenew)
(if append
- (error "Can't append to the file."))
+ (error "Can't append to the file"))
(setq file (expand-file-name file))
(let* ((coding-system (or coding-system-for-write
(if (fboundp 'select-safe-coding-system)
end (point-max)))
(epa-file--encode-coding-string (buffer-substring start end)
coding-system))
- (if (or epa-file-select-keys
- (not (local-variable-p 'epa-file-encrypt-to
- (current-buffer))))
+ (if (or (eq epa-file-select-keys t)
+ (and (null epa-file-select-keys)
+ (not (local-variable-p 'epa-file-encrypt-to
+ (current-buffer)))))
(epa-select-keys
context
"Select recipents for encryption.
(provide 'epa-file)
-;; arch-tag: 5715152f-0eb1-4dbc-9008-07098775314d
;;; epa-file.el ends here