+2003-07-24 Jesper Harder <harder@ifa.au.dk>
+
+ * pgg-gpg.el (pgg-gpg-process-region): Add "--yes" to options.
+
+ * pgg-gpg.el, pgg-pgp.el, pgg-pgp5.el, pgg.el: Reapply changes
+ from 2003-04-03 to fix security problem. See
+ http://www.debian.org/security/2003/dsa-339
+
2003-07-23 Teodor Zlatanov <tzz@lifelogs.com>
* gnus.el (gnus-install-group-spam-parameters): add the
"GnuPG ID of your default identity.")
(defun pgg-gpg-process-region (start end passphrase program args)
- (let* ((output-file-name
- (expand-file-name (make-temp-name "pgg-output")
- pgg-temporary-file-directory))
+ (let* ((output-file-name (pgg-make-temp-file "pgg-output"))
(args
`("--status-fd" "2"
,@(if passphrase '("--passphrase-fd" "0"))
+ "--yes" ; overwrite
"--output" ,output-file-name
,@pgg-gpg-extra-args ,@args))
(output-buffer pgg-output-buffer)
"PGP ID of your default identity.")
(defun pgg-pgp-process-region (start end passphrase program args)
- (let* ((errors-file-name
- (expand-file-name (make-temp-name "pgg-errors")
- pgg-temporary-file-directory))
+ (let* ((errors-file-name (pgg-make-temp-file "pgg-errors"))
(args
(append args
pgg-pgp-extra-args
(defun pgg-pgp-verify-region (start end &optional signature)
"Verify region between START and END as the detached signature SIGNATURE."
- (let* ((basename (expand-file-name "pgg" temporary-file-directory))
- (orig-file (make-temp-name basename))
+ (let* ((orig-file (pgg-make-temp-file "pgg"))
(args '("+verbose=1" "+batchmode" "+language=us"))
(orig-mode (default-file-modes)))
(unwind-protect
(defun pgg-pgp-snarf-keys-region (start end)
"Add all public keys in region between START and END to the keyring."
(let* ((pgg-pgp-user-id (or pgg-pgp-user-id pgg-default-user-id))
- (basename (expand-file-name "pgg" temporary-file-directory))
- (key-file (make-temp-name basename))
+ (key-file (pgg-make-temp-file "pgg"))
(args
(list "+verbose=1" "+batchmode" "+language=us" "-kaf"
key-file)))
"PGP 5.* ID of your default identity.")
(defun pgg-pgp5-process-region (start end passphrase program args)
- (let* ((errors-file-name
- (expand-file-name (make-temp-name "pgg-errors")
- pgg-temporary-file-directory))
+ (let* ((errors-file-name (pgg-make-temp-file "pgg-errors"))
(args
(append args
pgg-pgp5-extra-args
(defun pgg-pgp5-verify-region (start end &optional signature)
"Verify region between START and END as the detached signature SIGNATURE."
- (let* ((basename (expand-file-name "pgg" pgg-temporary-file-directory))
- (orig-file (make-temp-name basename))
- (args '("+verbose=1" "+batchmode=1" "+language=us"))
- (orig-mode (default-file-modes)))
+ (let ((orig-file (pgg-make-temp-file "pgg"))
+ (args '("+verbose=1" "+batchmode=1" "+language=us"))
+ (orig-mode (default-file-modes)))
(unwind-protect
(progn
(set-default-file-modes 448)
(defun pgg-pgp5-snarf-keys-region (start end)
"Add all public keys in region between START and END to the keyring."
(let* ((pgg-pgp5-user-id (or pgg-pgp5-user-id pgg-default-user-id))
- (basename (expand-file-name "pgg" pgg-temporary-file-directory))
- (key-file (make-temp-name basename))
+ (key-file (pgg-make-temp-file "pgg"))
(args
(list "+verbose=1" "+batchmode=1" "+language=us" "-a"
key-file)))
(require 'w3)
(require 'url)))
-;; Fixme: Avoid this and use mm-make-temp-file (especially for
-;; something sensitive like pgp).
-(defvar pgg-temporary-file-directory
- (cond ((fboundp 'temp-directory) (temp-directory))
- ((boundp 'temporary-file-directory) temporary-file-directory)
- ("/tmp/")))
-
;;; @ utility functions
;;;
`(with-current-buffer pgg-output-buffer
(if (zerop (buffer-size)) nil ,@body t)))
+(defalias 'pgg-make-temp-file
+ (if (fboundp 'make-temp-file)
+ 'make-temp-file
+ (lambda (prefix &optional dir-flag)
+ (let ((file (expand-file-name
+ (make-temp-name prefix)
+ (if (fboundp 'temp-directory)
+ (temp-directory)
+ temporary-file-directory))))
+ (if dir-flag
+ (make-directory file))
+ file))))
+
;;; @ interface functions
;;;