Mercurial > emacs
view lisp/gnus/canlock.el @ 67418:28264c86d408
Revision: miles@gnu.org--gnu-2005/emacs--cvs-trunk--0--patch-668
Merge from gnus--rel--5.10
Patches applied:
* gnus--rel--5.10 (patch 157-168)
- Merge from emacs--cvs-trunk--0
- Update from CVS
- Update from CVS: texi/message.texi: Fix default values.
2005-12-08 Reiner Steib <Reiner.Steib@gmx.de>
* lisp/gnus/mm-decode.el (mm-discouraged-alternatives): Fix custom type.
Suggest image/.* in the doc string.
2005-12-07 Katsumi Yamaoka <yamaoka@jpl.org>
* lisp/gnus/mm-decode.el (mm-display-external): Use nametemplate (defined in
RFC1524) if it is in mailcap or add a suffix according to
mailcap-mime-extensions when generating a temp filename; postpone
deleting a temp file for 2 seconds for some wrappers, shell
scripts, and so on, which might exit right after having started a
viewer command as a background job.
2005-12-06 Reiner Steib <Reiner.Steib@gmx.de>
* lisp/gnus/gnus-art.el (gnus-default-article-saver): Add user-defined
`function' to custom type.
2005-12-02 ARISAWA Akihiro <ari@mbf.ocn.ne.jp> (tiny change)
* lisp/gnus/mm-view.el (mm-inline-text-html-render-with-w3m): Fix misplaced
parens.
2005-11-29 Reiner Steib <Reiner.Steib@gmx.de>
* lisp/gnus/gnus-cache.el (gnus-cache-rename-group): Wrap doc strings and
long lines.
(gnus-cache-delete-group): Wrap doc strings.
* lisp/gnus/gnus-agent.el (gnus-agent-rename-group)
(gnus-agent-delete-group): Wrap doc strings.
2005-11-24 Pascal Rigaux <pixel@mandriva.com> (tiny change)
* lisp/gnus/rfc2231.el (rfc2231-parse-string): Support non-ascii chars.
2005-11-22 Katsumi Yamaoka <yamaoka@jpl.org>
* lisp/gnus/nnmail.el (nnmail-fancy-expiry-target): Use current-time instead
of current-time-string.
2005-11-20 Stefan Schimanski <schimmi@debian.org> (tiny change)
* lisp/gnus/nnmail.el (nnmail-fancy-expiry-target): Protect against invalid
date header.
2005-11-16 Boris Samorodov <bsam@ipt.ru> (tiny patch)
* lisp/gnus/imap.el (imap-kerberos4-open): Ignore SSL stuff.
2005-11-14 Kevin Greiner <kevin.greiner@compsol.cc>
* lisp/gnus/gnus-agent.el (gnus-agent-article-alist-save-format): Changed
internal variable to a custom variable. Changed default value
from compressed(2) to uncompressed(1).
(gnus-agent-read-agentview): Reversed revision 7.8 to restore
support for uncompressed agentview files. Taken together, reading
the agentview file should now be 6-7 times faster.
(gnus-agent-long-article,
gnus-agent-short-article, gnus-agent-score): Renamed category
keywords to match gnus-cus.
(gnus-agent-summary-fetch-series): Modified to protect against
gnus-agent-summary-fetch-group clearing processable flags.
(gnus-agent-synchronize-group-flags): Update live group buffer as
synchronization may occur due to the user toggling the plugged
status.
(gnus-agent-braid-nov): Now tests new nov entries
for duplicates which are removed. The invalid sort check then
triggers a rescan after the sort as sorting may have moved
duplicate entries such that they can be cheaply detected.
(gnus-agent-read-local): Trivial fix to format of
error message to display actual error condition.
(gnus-agent-save-local): Avoid saving symbols that are bound to
nil as they simply result in a warning message in
gnus-agent-read-local.
(gnus-agent-fetch-group-1): Clear downloadable flag when article
successfully downloaded.
(gnus-agent-regenerate-group): Use
gnus-agent-synchronize-group-flags to reset read status in both
gnus and server.
* lisp/gnus/nntp.el (nntp-end-of-line): Doc fix.
(nntp-authinfo-rejected): New error condition.
(nntp-wait-for): Use new error condition to signal authentication
error.
(nntp-retrieve-data): Rethrow new error condition to break out of
recursive call to nntp-send-authinfo.
2005-11-13 Katsumi Yamaoka <yamaoka@jpl.org>
* lisp/gnus/gnus-start.el (gnus-dribble-read-file): Use make-local-variable
rather than make-variable-buffer-local for file-precious-flag.
2005-11-13 Katsumi Yamaoka <yamaoka@jpl.org>
* lisp/gnus/gnus-start.el (gnus-dribble-read-file): Quote file-precious-flag.
2005-11-11 Jan Nieuwenhuizen <janneke@gnu.org>
* lisp/gnus/gnus-start.el (gnus-dribble-read-file): Set file-precious-flag,
as a buffer-local variable. This avoids creating truncated
dribble files as a result of a hang up, eg.
2005-11-04 Ken Manheimer <ken.manheimer@gmail.com>
* lisp/gnus/pgg-pgp.el (pgg-pgp-encrypt-region, pgg-pgp-decrypt-region)
(pgg-pgp-encrypt-symmetric-region, pgg-pgp-encrypt-symmetric)
(pgg-pgp-encrypt, pgg-pgp-decrypt-region, pgg-pgp-decrypt)
(pgg-pgp-sign-region, pgg-pgp-sign): Add optional 'passphrase'
argument to all these routines, so the passphrase can be managed
externally and passed in to the system.
(pgg-pgp-decrypt-region, pgg-pgp-sign-region): Use new name for
pgg-add-passphrase-to-cache function.
* lisp/gnus/pgg-pgp5.el (pgg-pgp5-encrypt-region, pgg-pgp5-decrypt-region)
(pgg-pgp5-encrypt-symmetric-region, pgg-pgp5-encrypt-symmetric)
(pgg-pgp5-encrypt, pgg-pgp5-decrypt-region, pgg-pgp5-decrypt)
(pgg-pgp5-sign-region, pgg-pgp5-sign): Add optional 'passphrase'
argument to all these routines, so the passphrase can be managed
externally and passed in to the system.
(pgg-pgp5-sign-region): Use new name of pgg-add-passphrase-to-cache
function.
2005-10-30 Chong Yidong <cyd@stupidchicken.com>
* lisp/gnus/imap.el (imap-open): Handle case where buffer is a buffer
object.
2005-10-29 Ken Manheimer <ken.manheimer@gmail.com>
* lisp/gnus/pgg-gpg.el (pgg-gpg-select-matching-key): Fix: look at the right
part of the decoded armor to find the key-identifier.
(pgg-gpg-lookup-key-owner): New function to return the
human-readable identifier of a key owner.
(pgg-gpg-lookup-id-from-key-owner): Make it easy to identify the
key itself.
(pgg-gpg-decrypt-region): Prompt with the key owner (rather than
the key value) if we have a key and can match it against a secret
key. Also, added a note pointing out fact that the prompt only
indicates the first matching key.
* lisp/gnus/pgg.el (pgg-decrypt): Passing along 'passphrase' in call to
pgg-decrypt-region.
(pgg-pending-timers): A new hash for tracking the passphrase cache
timers, so that new ones supercede old ones.
(pgg-add-passphrase-to-cache): Rename from
`pgg-add-passphrase-cache' to reduce confusion (all callers
changed). Modified to cancel old timers when new ones are added.
(pgg-remove-passphrase-from-cache): Rename from
`pgg-remove-passphrase-cache' to reduce confusion (all callers
changed). Modified to cancel old timers when their keys are
removed from the cache.
(pgg-cancel-timer): In Emacs, an alias for cancel-timer; in
XEmacs, an indirection to delete-itimer.
(pgg-read-passphrase-from-cache, pgg-read-passphrase):
Extract pgg-read-passphrase-from-cache from pgg-read-passphrase so
users can only check cache without risk of prompting. Correct bug in
notruncate behavior.
(pgg-read-passphrase-from-cache, pgg-read-passphrase)
(pgg-add-passphrase-cache, pgg-remove-passphrase-cache):
Add informative docstrings.
(pgg-decrypt): Convey provided passphrase in subordinate call to
pgg-decrypt-region.
2005-10-20 Ken Manheimer <ken.manheimer+emacs@gmail.com>
* lisp/gnus/pgg.el (pgg-encrypt-region, pgg-encrypt-symmetric-region)
(pgg-encrypt-symmetric, pgg-encrypt, pgg-decrypt-region)
(pgg-decrypt, pgg-sign-region, pgg-sign): Add optional
'passphrase' argument, so the passphrase can be managed externally
and then passed in to the system.
* lisp/gnus/pgg.el (pgg-read-passphrase, pgg-add-passphrase-cache)
(pgg-remove-passphrase-cache): Add optional 'notruncate' argument,
so the passphrase cache can be used reliably with identifiers
besides a pgp packet's key id.
* lisp/gnus/pgg-gpg.el (pgg-pgp-encrypt-region)
(pgg-pgp-encrypt-symmetric-region, pgg-pgp-encrypt-symmetric)
(pgg-pgp-encrypt, pgg-pgp-decrypt-region, pgg-pgp-decrypt)
(pgg-pgp-sign-region, pgg-pgp-sign): Add optional 'passphrase'
argument to all these routines, so the passphrase can be managed
externally and passed in to the system.
* lisp/gnus/pgg-gpg.el (pgg-gpg-possibly-cache-passphrase): Add optional
'notruncate' argument, so the passphrase cache can be used
reliably with identifiers besides a pgp packet's key id.
2005-10-29 Sascha Wilde <swilde@sha-bang.de>
* lisp/gnus/pgg-gpg.el (pgg-gpg-encrypt-symmetric-region): New function for
symmetric encryption.
(pgg-gpg-symmetric-key-p): New function to check for an symmetric
encrypted session key.
(pgg-gpg-decrypt-region): When decrypting a symmetric encrypted
message ask for the passphrase in a proper way.
* lisp/gnus/pgg.el (pgg-encrypt-symmetric, pgg-encrypt-symmetric-region):
New user commands for symmetric encryption.
2005-12-05 Katsumi Yamaoka <yamaoka@jpl.org>
* man/pgg.texi (User Commands): Fix description of pgg-verify-region.
(Selecting an implementation): Fix descriptions.
2005-11-30 Katsumi Yamaoka <yamaoka@jpl.org>
* man/message.texi (Various Message Variables): Addition.
2005-11-29 Katsumi Yamaoka <yamaoka@jpl.org>
* man/message.texi: Fix default values.
2005-11-25 Katsumi Yamaoka <yamaoka@jpl.org>
* man/message.texi (Header Commands): Clarify descriptions of
message-cross-post-followup-to, message-reduce-to-to-cc, and
message-insert-wide-reply.
(Various Commands): Fix kindex for message-kill-to-signature;
clarify description of message-tab.
2005-11-22 Katsumi Yamaoka <yamaoka@jpl.org>
* man/message.texi (Mailing Lists): Fix description about MFT.
* man/gnus.texi (Emacs Lisp): Use ~/.gnus.el instead of ~/.emacs.
2005-11-17 Katsumi Yamaoka <yamaoka@jpl.org>
* man/gnus.texi (Slow Terminal Connection): Replace old description
with new one.
2005-11-16 Katsumi Yamaoka <yamaoka@jpl.org>
* man/gnus.texi (Oort Gnus): Use ~/.gnus.el instead of ~/.emacs;
replace X-Draft-Headers with X-Draft-From.
2005-11-14 Katsumi Yamaoka <yamaoka@jpl.org>
* man/gnus.texi (Various Various): Fix the default value of
nnheader-max-head-length.
(Gnus Versions): Fix typo.
| author | Miles Bader <miles@gnu.org> |
|---|---|
| date | Fri, 09 Dec 2005 08:57:58 +0000 |
| parents | fafd692d1e40 |
| children | 1077b8039c32 |
line wrap: on
line source
;;; canlock.el --- functions for Cancel-Lock feature ;; Copyright (C) 1998, 1999, 2001, 2002, 2003, 2004, ;; 2005 Free Software Foundation, Inc. ;; Author: Katsumi Yamaoka <yamaoka@jpl.org> ;; Keywords: news, cancel-lock, hmac, sha1, rfc2104 ;; This program is free software; you can redistribute it and/or modify ;; it under the terms of the GNU General Public License as published by ;; the Free Software Foundation; either version 2, or (at your option) ;; any later version. ;; This program is distributed in the hope that it will be useful, ;; but WITHOUT ANY WARRANTY; without even the implied warranty of ;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ;; GNU General Public License for more details. ;; You should have received a copy of the GNU General Public License ;; along with this program; see the file COPYING. If not, write to the ;; Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, ;; Boston, MA 02110-1301, USA. ;;; Commentary: ;; Canlock is a library for generating and verifying Cancel-Lock and/or ;; Cancel-Key header in news articles. This is used to protect articles ;; from rogue cancel, supersede or replace attacks. The method is based ;; on draft-ietf-usefor-cancel-lock-01.txt which was released on November ;; 3rd 1998. For instance, you can add Cancel-Lock (and possibly Cancel- ;; Key) header in a news article by using a hook which will be evaluated ;; just before sending an article as follows: ;; ;; (add-hook '*e**a*e-header-hook 'canlock-insert-header t) ;; ;; Verifying Cancel-Lock is mainly a function of news servers, however, ;; you can verify your own article using the command `canlock-verify' in ;; the (raw) article buffer. You will be prompted for the password for ;; each time if the option `canlock-password' or `canlock-password-for- ;; verify' is nil. Note that setting these options is a bit unsafe. ;;; Code: (eval-when-compile (require 'cl)) (require 'sha1) (defvar mail-header-separator) (defgroup canlock nil "The Cancel-Lock feature." :group 'news) (defcustom canlock-password nil "Password to use when signing a Cancel-Lock or a Cancel-Key header." :type '(radio (const :format "Not specified " nil) (string :tag "Password")) :group 'canlock) (defcustom canlock-password-for-verify canlock-password "Password to use when verifying a Cancel-Lock or a Cancel-Key header." :type '(radio (const :format "Not specified " nil) (string :tag "Password")) :group 'canlock) (defcustom canlock-force-insert-header nil "If non-nil, insert a Cancel-Lock or a Cancel-Key header even if the buffer does not look like a news message." :type 'boolean :group 'canlock) (eval-when-compile (defmacro canlock-string-as-unibyte (string) "Return a unibyte string with the same individual bytes as STRING." (if (fboundp 'string-as-unibyte) (list 'string-as-unibyte string) string))) (defun canlock-sha1 (message) "Make a SHA-1 digest of MESSAGE as a unibyte string of length 20 bytes." (let (sha1-maximum-internal-length) (sha1 message nil nil 'binary))) (defun canlock-make-cancel-key (message-id password) "Make a Cancel-Key header." (when (> (length password) 20) (setq password (canlock-sha1 password))) (setq password (concat password (make-string (- 64 (length password)) 0))) (let ((ipad (mapconcat (lambda (byte) (char-to-string (logxor 54 byte))) password "")) (opad (mapconcat (lambda (byte) (char-to-string (logxor 92 byte))) password ""))) (base64-encode-string (canlock-sha1 (concat opad (canlock-sha1 (concat ipad (canlock-string-as-unibyte message-id)))))))) (defun canlock-narrow-to-header () "Narrow the buffer to the head of the message." (let (case-fold-search) (narrow-to-region (goto-char (point-min)) (goto-char (if (re-search-forward (format "^$\\|^%s$" (regexp-quote mail-header-separator)) nil t) (match-beginning 0) (point-max)))))) (defun canlock-delete-headers () "Delete Cancel-Key or Cancel-Lock headers in the narrowed buffer." (let ((case-fold-search t)) (goto-char (point-min)) (while (re-search-forward "^Cancel-\\(Key\\|Lock\\):" nil t) (delete-region (match-beginning 0) (if (re-search-forward "^[^\t ]" nil t) (goto-char (match-beginning 0)) (point-max)))))) (defun canlock-fetch-fields (&optional key) "Return a list of the values of Cancel-Lock header. If KEY is non-nil, look for a Cancel-Key header instead. The buffer is expected to be narrowed to just the headers of the message." (let ((field (mail-fetch-field (if key "Cancel-Key" "Cancel-Lock"))) fields rest (case-fold-search t)) (when field (setq fields (split-string field "[\t\n\r ,]+")) (while fields (when (string-match "^sha1:" (setq field (pop fields))) (push (substring field 5) rest))) (nreverse rest)))) (defun canlock-fetch-id-for-key () "Return a Message-ID in Cancel, Supersedes or Replaces header. The buffer is expected to be narrowed to just the headers of the message." (or (let ((cancel (mail-fetch-field "Control"))) (and cancel (string-match "^cancel[\t ]+\\(<[^\t\n @<>]+@[^\t\n @<>]+>\\)" cancel) (match-string 1 cancel))) (mail-fetch-field "Supersedes") (mail-fetch-field "Replaces"))) ;;;###autoload (defun canlock-insert-header (&optional id-for-key id-for-lock password) "Insert a Cancel-Key and/or a Cancel-Lock header if possible." (let (news control key-for-key key-for-lock) (save-excursion (save-restriction (canlock-narrow-to-header) (when (setq news (or canlock-force-insert-header (mail-fetch-field "Newsgroups"))) (unless id-for-key (setq id-for-key (canlock-fetch-id-for-key))) (if (and (setq control (mail-fetch-field "Control")) (string-match "^cancel[\t ]+<[^\t\n @<>]+@[^\t\n @<>]+>" control)) (setq id-for-lock nil) (unless id-for-lock (setq id-for-lock (mail-fetch-field "Message-ID")))) (canlock-delete-headers) (goto-char (point-max)))) (when news (if (not (or id-for-key id-for-lock)) (message "There are no Message-ID(s)") (unless password (setq password (or canlock-password (read-passwd "Password for Canlock: ")))) (if (or (not (stringp password)) (zerop (length password))) (message "Password for Canlock is bad") (setq key-for-key (when id-for-key (canlock-make-cancel-key id-for-key password)) key-for-lock (when id-for-lock (canlock-make-cancel-key id-for-lock password))) (if (not (or key-for-key key-for-lock)) (message "Couldn't insert Canlock header") (when key-for-key (insert "Cancel-Key: sha1:" key-for-key "\n")) (when key-for-lock (insert "Cancel-Lock: sha1:" (base64-encode-string (canlock-sha1 key-for-lock)) "\n"))))))))) ;;;###autoload (defun canlock-verify (&optional buffer) "Verify Cancel-Lock or Cancel-Key in BUFFER. If BUFFER is nil, the current buffer is assumed. Signal an error if it fails." (interactive) (let (keys locks errmsg id-for-key id-for-lock password key-for-key key-for-lock match) (save-excursion (when buffer (set-buffer buffer)) (save-restriction (widen) (canlock-narrow-to-header) (setq keys (canlock-fetch-fields 'key) locks (canlock-fetch-fields)) (if (not (or keys locks)) (setq errmsg "There are neither Cancel-Lock nor Cancel-Key headers") (setq id-for-key (canlock-fetch-id-for-key) id-for-lock (mail-fetch-field "Message-ID")) (or id-for-key id-for-lock (setq errmsg "There are no Message-ID(s)"))))) (if errmsg (error "%s" errmsg) (setq password (or canlock-password-for-verify (read-passwd "Password for Canlock: "))) (if (or (not (stringp password)) (zerop (length password))) (error "Password for Canlock is bad") (when keys (when id-for-key (setq key-for-key (canlock-make-cancel-key id-for-key password)) (while (and keys (not match)) (setq match (string-equal key-for-key (pop keys))))) (setq keys (if match "good" "bad"))) (setq match nil) (when locks (when id-for-lock (setq key-for-lock (base64-encode-string (canlock-sha1 (canlock-make-cancel-key id-for-lock password)))) (when (and locks (not match)) (setq match (string-equal key-for-lock (pop locks))))) (setq locks (if match "good" "bad"))) (prog1 (when (member "bad" (list keys locks)) "bad") (cond ((and keys locks) (message "Cancel-Key is %s, Cancel-Lock is %s" keys locks)) (locks (message "Cancel-Lock is %s" locks)) (keys (message "Cancel-Key is %s" keys)))))))) (provide 'canlock) ;;; arch-tag: 033c4f09-b9f1-459d-bd0d-254430283f78 ;;; canlock.el ends here