Merge from gnus--rel--5.10

Patches applied:

 * emacs--devo--0  (patch 658)

   - Merge from gnus--rel--5.10

 * gnus--rel--5.10  (patch 206)

   - Merge from emacs--devo--0

2007-02-24  Chris Moore  <dooglus@gmail.com>

   * lisp/pgg-pgp5.el (pgg-pgp5-encrypt-region):
   * lisp/pgg-pgp.el (pgg-pgp-encrypt-region):
   * lisp/pgg-gpg.el (pgg-gpg-encrypt-region):
   Check pgg-encrypt-for-me if no other recipients.

2007-02-24  John Paul Wallington  <jpw@pobox.com>

   * lisp/net/tls.el (tls-certtool-program): Fix custom type.

2007-02-27  Chong Yidong  <cyd@stupidchicken.com>

   * texi/pgg.texi (Caching passphrase): Document gpg-agent usage, gpg-agent
   problems on the console, and security risk in not using gpg-agent.

Revision: emacs@sv.gnu.org/gnus--devo--0--patch-297

diff --git a/lisp/ChangeLog b/lisp/ChangeLog
index d48081c..1faf249 100644 (file)
--- a/lisp/ChangeLog
+++ b/lisp/ChangeLog
@@ -1,3 +1,14 @@
+2007-02-24  Chris Moore  <dooglus@gmail.com>
+
+       * pgg-pgp5.el (pgg-pgp5-encrypt-region):
+       * pgg-pgp.el (pgg-pgp-encrypt-region):
+       * pgg-gpg.el (pgg-gpg-encrypt-region):
+       Check pgg-encrypt-for-me if no other recipients.
+
+2007-02-24  John Paul Wallington  <jpw@pobox.com>
+
+       * net/tls.el (tls-certtool-program): Fix custom type.
+
 2007-02-28  Katsumi Yamaoka  <yamaoka@jpl.org>
 
        * gnus-cite.el (gnus-message-search-citation-line): Use point-at-bol

diff --git a/lisp/pgg-gpg.el b/lisp/pgg-gpg.el
index 3393e00..d34ee2d 100644 (file)
--- a/lisp/pgg-gpg.el
+++ b/lisp/pgg-gpg.el
@@ -245,7 +245,7 @@ If optional argument SIGN is non-nil, do a combined sign and encrypt."
           '("--armor" "--always-trust" "--encrypt")
           (if pgg-text-mode '("--textmode"))
           (if sign (list "--sign" "--local-user" pgg-gpg-user-id))
-          (if recipients
+          (if (or recipients pgg-encrypt-for-me)
               (apply #'nconc
                      (mapcar (lambda (rcpt)
                                (list pgg-gpg-recipient-argument rcpt))

diff --git a/lisp/pgg-pgp.el b/lisp/pgg-pgp.el
index 1e1bd6d..9bc494a 100644 (file)
--- a/lisp/pgg-pgp.el
+++ b/lisp/pgg-pgp.el
@@ -143,7 +143,7 @@ Bourne shell or its equivalent \(not tcsh) is needed for \"2>\"."
         (args
          (concat
           "+encrypttoself=off +verbose=1 +batchmode +language=us -fate "
-           (if recipients
+           (if (or recipients pgg-encrypt-for-me)
                (mapconcat 'shell-quote-argument
                           (append recipients
                                   (if pgg-encrypt-for-me

diff --git a/lisp/pgg-pgp5.el b/lisp/pgg-pgp5.el
index b438843..7525ee3 100644 (file)
--- a/lisp/pgg-pgp5.el
+++ b/lisp/pgg-pgp5.el
@@ -155,7 +155,7 @@ Bourne shell or its equivalent \(not tcsh) is needed for \"2>\"."
         (args
          (append
           `("+NoBatchInvalidKeys=off" "-fat" "+batchmode=1"
-            ,@(if recipients
+            ,@(if (or recipients pgg-encrypt-for-me)
                   (apply #'append
                          (mapcar (lambda (rcpt)
                                    (list "-r"

diff --git a/lisp/tls.el b/lisp/tls.el
index 0f4b1e5..3a9f19c 100644 (file)
--- a/lisp/tls.el
+++ b/lisp/tls.el
@@ -86,7 +86,7 @@ The default is what GNUTLS's \"gnutls-cli\" or OpenSSL's
   "Name of  GnuTLS certtool.
 Used by `tls-certificate-information'."
   :version "22.1"
-  :type '(repeat string)
+  :type 'string
   :group 'tls)
 
 (defun tls-certificate-information (der)

diff --git a/texi/ChangeLog b/texi/ChangeLog
index ac5c746..722de6c 100644 (file)
--- a/texi/ChangeLog
+++ b/texi/ChangeLog
@@ -1,3 +1,8 @@
+2007-02-27  Chong Yidong  <cyd@stupidchicken.com>
+
+       * pgg.texi (Caching passphrase): Document gpg-agent usage, gpg-agent
+       problems on the console, and security risk in not using gpg-agent.
+
 2007-02-27  Katsumi Yamaoka  <yamaoka@jpl.org>
 
        * gnus.texi (NNTP): Mention nntp-never-echoes-commands and

diff --git a/texi/pgg.texi b/texi/pgg.texi
index a578e49..f87a38c 100644 (file)
--- a/texi/pgg.texi
+++ b/texi/pgg.texi
@@ -229,8 +229,61 @@ The default scheme of PGP implementation.  The value should be one of
 @node Caching passphrase
 @section Caching passphrase
 
-PGG uses a simple passphrase caching mechanism, which is enabled by
-default.
+When using GnuPG (gpg) as the PGP scheme, we recommend using a program
+called @code{gpg-agent} for entering and caching
+passphrases@footnote{Actually, @code{gpg-agent} does not cache
+passphrases but private keys.  On the other hand, from a user's point
+of view, this technical difference isn't visible.}.
+
+@defvar pgg-gpg-use-agent
+If non-@code{nil}, attempt to use @code{gpg-agent} whenever possible.
+The default is @code{t}.  If @code{gpg-agent} is not running, or GnuPG
+is not the current PGP scheme, PGG's own passphrase-caching mechanism
+is used (see below).
+@end defvar
+
+To use @code{gpg-agent} with PGG, you must first ensure that
+@code{gpg-agent} is running.  For example, if you are running in the X
+Window System, you can do this by putting the following line in your
+@file{.xsession} file:
+
+@smallexample
+eval "$(gpg-agent --daemon)"
+@end smallexample
+
+For more details on invoking @code{gpg-agent}, @xref{Invoking
+GPG-AGENT,,,gnupg,Using the GNU Privacy Guard}.
+
+Whenever you perform a PGG operation that requires a GnuPG passphrase,
+GnuPG will contact @code{gpg-agent}, which prompts you for the
+passphrase.  Furthermore, @code{gpg-agent} ``caches'' the result, so
+that subsequent uses will not require you to enter the passphrase
+again.  (This cache usually expires after a certain time has passed;
+you can change this using the @code{--default-cache-ttl} option when
+invoking @code{gpg-agent}.)
+
+If you are running in a X Window System environment, @code{gpg-agent}
+prompts for a passphrase by opening a graphical window.  However, if
+you are running Emacs on a text terminal, @code{gpg-agent} has trouble
+receiving input from the terminal, since it is being sent to Emacs.
+One workaround for this problem is to run @code{gpg-agent} on a
+different terminal from Emacs, with the @code{--keep-tty} option; this
+tells @code{gpg-agent} use its own terminal to prompt for passphrases.
+
+When @code{gpg-agent} is not being used, PGG prompts for a passphrase
+through Emacs.  It also has its own passphrase caching mechanism,
+which is controlled by the variable @code{pgg-read-passphrase} (see
+below).
+
+There is a security risk in handling passphrases through PGG rather
+than @code{gpg-agent}.  When you enter your passphrase into an Emacs
+prompt, it is temporarily stored as a cleartext string in the memory
+of the Emacs executable.  If the executable memory is swapped to disk,
+the root user can, in theory, extract the passphrase from the
+swapfile.  Furthermore, the swapfile containing the cleartext
+passphrase might remain on the disk after the system is discarded or
+stolen.  @code{gpg-agent} avoids this problem by using certain tricks,
+such as memory locking, which have not been implemented in Emacs.
 
 @defvar pgg-cache-passphrase
 If non-@code{nil}, store passphrases.  The default value of this
@@ -243,14 +296,6 @@ variable to @code{nil}.
 Elapsed time for expiration in seconds.
 @end defvar
 
-@defvar pgg-gpg-use-agent
-When using GnuPG (gpg) as PGP scheme you can use @code{gpg-agent} for
-caching@footnote{Actually @code{gpg-agent} does not cache passphrases
-but private keys.  On the other hand, from a users point of view this
-technical difference isn't visible.}.  It defaults to @code{t}.
-Setting this to @code{nil} is not recommended.
-@end defvar
-
 @node Default user identity
 @section Default user identity