[vim-scripts] 07/11: Updated gnupg to 2.5

James McCoy jamessan at debian.org
Thu Aug 15 04:03:11 UTC 2013


This is an automated email from the git hooks/post-receive script.

jamessan pushed a commit to branch master
in repository vim-scripts.

commit 2499fb1fac0207a079cde824bdd238698066429b
Author: James McCoy <jamessan at debian.org>
Date:   Wed Aug 14 22:56:11 2013 -0400

    Updated gnupg to 2.5
    
    Signed-off-by: James McCoy <jamessan at debian.org>
---
 debian/changelog           |    1 +
 debian/vim-scripts.status  |    4 +-
 html/index.html            |    2 +-
 html/plugin_gnupg.vim.html |   68 +++++++----
 plugin/gnupg.vim           |  286 +++++++++++++++++++++++++++++---------------
 5 files changed, 242 insertions(+), 119 deletions(-)

diff --git a/debian/changelog b/debian/changelog
index 3a00272..d1b27fb 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -5,6 +5,7 @@ vim-scripts (20121008) UNRELEASED; urgency=low
       + Remove patch disabledby-supertab.diff, merged upstream.
     - surround: Updated to 2.0
     - bufexplorer: Updated to 7.3.6
+    - gnupg: Update to 2.5  (Closes: #717049)
   * Add po-escape.diff to properly escape filenames when calling msgfmt.
     (Closes: #697135)
   * debian/vim-scripts.pl: Remove logged ip address from downloaded
diff --git a/debian/vim-scripts.status b/debian/vim-scripts.status
index b258403..457f355 100644
--- a/debian/vim-scripts.status
+++ b/debian/vim-scripts.status
@@ -64,12 +64,12 @@ script_name: plugin/gnupg.vim
 addon:       gnupg
 description: transparent editing of gpg encrypted files
 script_url:  http://www.vim.org/scripts/script.php?script_id=3645
-author:      James Vega
+author:      James McCoy
 author_url:  http://www.vim.org/account/profile.php?user_id=5603
 email:       vega.james at gmail.com
 license:     GNU GPL, see /usr/share/common-licenses/GPL-2
 disabledby:  let loaded_gnupg = 1
-version:     2.2
+version:     2.5
 
 script_name: plugin/taglist.vim
 addon:       taglist
diff --git a/html/index.html b/html/index.html
index 74ccc20..e9a77de 100644
--- a/html/index.html
+++ b/html/index.html
@@ -49,7 +49,7 @@
    <li><a href="syntax_CVSAnnotate.vim.html">syntax/CVSAnnotate.vim.html</a></li>
   </ul>
   <p>
-  Page generated on Wed, 14 Aug 2013 22:42:44 -0400
+  Page generated on Wed, 14 Aug 2013 22:52:33 -0400
 .
   </p>
  </body>
diff --git a/html/plugin_gnupg.vim.html b/html/plugin_gnupg.vim.html
index 2da5f33..aa0cce9 100644
--- a/html/plugin_gnupg.vim.html
+++ b/html/plugin_gnupg.vim.html
@@ -102,7 +102,7 @@
             <td class="sidebarheader"><a href="/docs.php">Documentation</a></td>
         </tr>
         <tr>
-            <td class="sidebarheader"><a href="/download.php">Download</a></td>
+            <td class="sidebarheader download"><a href="/download.php">Download</a></td>
         </tr>
     <tr>
         <td><img src="/images/spacer.gif" alt="" border="0" width="1" height="7"></td>
@@ -168,8 +168,8 @@
 <tr>
   <td class="lightbg"><b> script karma </b></td>
   <td>
-    Rating <b>9/3</b>,
-    Downloaded by 188     
+    Rating <b>196/62</b>,
+    Downloaded by 3150     
     <g:plusone></g:plusone>
   </td>
   <td class="lightbg">
@@ -184,13 +184,13 @@
 
 <table cellspacing="0" cellpadding="0" border="0">
 <tr><td class="prompt">created by</td></tr>
-<tr><td><a href="/account/profile.php?user_id=5603">James Vega</a></td></tr>
+<tr><td><a href="/account/profile.php?user_id=5603">James McCoy</a></td></tr>
 <tr><td> </td></tr>
 <tr><td class="prompt">script type</td></tr>
 <tr><td>utility</td></tr>
 <tr><td> </td></tr>
 <tr><td class="prompt">description</td></tr>
-<tr><td>This script implements transparent editing of gpg encrypted files. The filename must have a ".gpg", ".pgp" or ".asc" suffix. When opening such a file the content is decrypted, when opening a new file the script will ask for the recipients of the encrypted file. The file content will be encrypted to all recipients before it is written. The script turns off viminfo and swapfile to increase security.
<br>
<br>This is a continuation of the work initially done by Markus Braun in <a href="/scripts/script.php?script_id=661">vimscript #661</a>.  Development takes place at <a target="_blank" href="http://gitorious.org/vim-gnupg">http://gitorious.org/vim-gnupg</A>.
<br>
<br>Commands: 
<br>
<br>  :GPGEditRecipients 
<br>    Opens a scratch buffer to change the list of recipients. Recipients that 
<br>    are unknown (not in your public key) are highlighted and have 
<br>    a prepended "!". Closing the buffer makes the changes permanent. 
<br>
<br>  :GPGViewRecipients 
<br>    Prints the list of recipients. 
<br>
<br>  :GPGEditOptions 
<br>    Opens a scratch buffer to change the options for encryption (symmetric, 
<br>    asymmetric, signing). Closing the buffer makes the changes permanent. 
<br>    WARNING: There is no check of the entered options, so you need to know 
<br>    what you are doing. 
<br>
<br>  :GPGViewOptions 
<br>    Prints the list of options. 
<br>
<br>Variables: 
<br>
<br>  g:GPGExecutable 
<br>    If set used as gpg executable, otherwise the system chooses what is run 
<br>    when "gpg" is called. Defaults to "gpg". 
<br>
<br>  g:GPGUseAgent 
<br>    If set to 0 a possible available gpg-agent won't be used. Defaults to 1. 
<br>
<br>  g:GPGPreferSymmetric 
<br>    If set to 1 symmetric encryption is preferred for new files. Defaults to 0. 
<br>
<br>  g:GPGPreferArmor 
<br>    If set to 1 armored data is preferred for new files. Defaults to 0. 
<br>
<br>  g:GPGPreferSign 
<br>    If set to 1 signed data is preferred for new files. Defaults to 0. 
<br>
<br>  g:GPGDefaultRecipients 
<br>    If set, these recipients are used as defaults when no other recipient is 
<br>    defined. This variable is a Vim list. Default is unset. 
<br>
<br>  g:GPGUsePipes
<br>    If set to 1, use pipes instead of temporary files when interacting with
<br>    gnupg.  When set to 1, this can cause terminal-based gpg agents to not
<br>    display correctly when prompting for passwords.  Defaults to 0.
<br>
<br>Known Issues: 
<br>
<br>  In some cases gvim can't decrypt files 
<br>
<br>  This is caused by the fact that a running gvim has no TTY and thus gpg is 
<br>  not able to ask for the passphrase by itself. This is a problem for Windows 
<br>  and Linux versions of gvim and could not be solved unless a "terminal 
<br>  emulation" is implemented for gvim. To circumvent this you have to use any 
<br>  combination of gpg-agent and a graphical pinentry program: 
<br>
<br>    - gpg-agent only: 
<br>        you need to provide the passphrase for the needed key to gpg-agent 
<br>        in a terminal before you open files with gvim which require this key. 
<br>
<br>    - pinentry only: 
<br>        you will get a popup window every time you open a file that needs to 
<br>        be decrypted. 
<br>
<br>    - gpgagent and pinentry: 
<br>        you will get a popup window the first time you open a file that 
<br>        needs to be decrypted. </td></tr>
+<tr><td>This script implements transparent editing of gpg encrypted files. The filename must have a ".gpg", ".pgp" or ".asc" suffix. When opening such a file the content is decrypted, when opening a new file the script will ask for the recipients of the encrypted file. The file content will be encrypted to all recipients before it is written. The script turns off viminfo and swapfile to increase security.
<br>
<br>This is a continuation of the work initially done by Markus Braun in <a href="/scripts/script.php?script_id=661">vimscript #661</a>.  Development takes place at <a target="_blank" href="https://github.com/jamessan/vim-gnupg">https://github.com/jamessan/vim-gnupg</A>.
<br>
<br>Commands: 
<br>
<br>  :GPGEditRecipients 
<br>    Opens a scratch buffer to change the list of recipients. Recipients that 
<br>    are unknown (not in your public key) are highlighted and have 
<br>    a prepended "!". Closing the buffer makes the changes permanent. 
<br>
<br>  :GPGViewRecipients 
<br>    Prints the list of recipients. 
<br>
<br>  :GPGEditOptions 
<br>    Opens a scratch buffer to change the options for encryption (symmetric, 
<br>    asymmetric, signing). Closing the buffer makes the changes permanent. 
<br>    WARNING: There is no check of the entered options, so you need to know 
<br>    what you are doing. 
<br>
<br>  :GPGViewOptions 
<br>    Prints the list of options. 
<br>
<br>Variables: 
<br>
<br>  g:GPGExecutable 
<br>    If set used as gpg executable, otherwise the system chooses what is run 
<br>    when "gpg" is called. Defaults to "gpg". 
<br>
<br>  g:GPGUseAgent 
<br>    If set to 0 a possible available gpg-agent won't be used. Defaults to 1. 
<br>
<br>  g:GPGPreferSymmetric 
<br>    If set to 1 symmetric encryption is preferred for new files. Defaults to 0. 
<br>
<br>  g:GPGPreferArmor 
<br>    If set to 1 armored data is preferred for new files. Defaults to 0. 
<br>
<br>  g:GPGPreferSign 
<br>    If set to 1 signed data is preferred for new files. Defaults to 0. 
<br>
<br>  g:GPGDefaultRecipients 
<br>    If set, these recipients are used as defaults when no other recipient is 
<br>    defined. This variable is a Vim list. Default is unset. 
<br>
<br>  g:GPGUsePipes
<br>    If set to 1, use pipes instead of temporary files when interacting with
<br>    gnupg.  When set to 1, this can cause terminal-based gpg agents to not
<br>    display correctly when prompting for passwords.  Defaults to 0.
<br>
<br>  g:GPGHomedir
<br>    If set, specifies the directory that will be used for GPG's homedir.  This
<br>    corresponds to gpg's --homedir option.  This variable is a Vim string.
<br>
<br>Known Issues: 
<br>
<br>  In some cases gvim can't decrypt files 
<br>
<br>  This is caused by the fact that a running gvim has no TTY and thus gpg is 
<br>  not able to ask for the passphrase by itself. This is a problem for Windows 
<br>  and Linux versions of gvim and could not be solved unless a "terminal 
<br>  emulation" is implemented for gvim. To circumvent this you have to use any 
<br>  combination of gpg-agent and a graphical pinentry program: 
<br>
<br>    - gpg-agent only: 
<br>        you need to provide the passphrase for the needed key to gpg-agent 
<br>        in a terminal before you open files with gvim which require this key. 
<br>
<br>    - pinentry only: 
<br>        you will get a popup window every time you open a file that needs to 
<br>        be decrypted. 
<br>
<br>    - gpgagent and pinentry: 
<br>        you will get a popup window the first time you open a file that 
<br>        needs to be decrypted. </td></tr>
 <tr><td> </td></tr>
 <tr><td class="prompt">install details</td></tr>
 <tr><td>Copy the gnupg.vim file to the $HOME/.vim/plugin directory. Refer to ':help add-plugin', ':help add-global-plugin' and ':help runtimepath' for more details about Vim plugins. 
<br>
<br>From "man 1 gpg-agent": 
<br>... 
<br>You should always add the following lines to your .bashrc or whatever initialization file is used for all shell invocations: 
<br>
<br>     GPG_TTY=`tty` 
<br>     export GPG_TTY 
<br>
<br>It is important that this environment variable always reflects the output of the tty command. For W32 systems this option is not required. 
<br>... 
<br>
<br>Most distributions provide software to ease handling of gpg and gpg-agent. Examples are keychain or seahorse.</td></tr>
@@ -198,7 +198,7 @@
 </table>
 
 <!-- rating table -->
-<form name="rating">
+<form name="rating" method="post">
 <input type="hidden" name="script_id" value="3645">
 <table cellpadding="4" cellspacing="0" border="1" bordercolor="#000066">
 <tr>
@@ -227,28 +227,52 @@ Click on the package to download.
     <th valign="top">release notes</th>
 </tr>
 <tr>
-        <td class="rowodd" valign="top" nowrap><a href="download_script.php?src_id=16256">gnupg.vim</a></td>
-    <td class="rowodd" valign="top" nowrap><b>2.2</b></td>
-    <td class="rowodd" valign="top" nowrap><i>2011-08-13</i></td>
-    <td class="rowodd" valign="top" nowrap>7.0</td>
-    <td class="rowodd" valign="top"><i><a href="/account/profile.php?user_id=5603">James Vega</a></i></td>
-    <td class="rowodd" valign="top" width="2000">Correctly handle the different keyid-format options</td>
+        <td class="rowodd" valign="top" nowrap><a href="download_script.php?src_id=18070">gnupg.vim</a></td>
+    <td class="rowodd" valign="top" nowrap><b>2.5</b></td>
+    <td class="rowodd" valign="top" nowrap><i>2012-06-01</i></td>
+    <td class="rowodd" valign="top" nowrap>7.2</td>
+    <td class="rowodd" valign="top"><i><a href="/account/profile.php?user_id=5603">James McCoy</a></i></td>
+    <td class="rowodd" valign="top" width="2000">* Ignore keys that aren't usable for encryption instead of simply ones that are expired</td>
 </tr>
 <tr>
-        <td class="roweven" valign="top" nowrap><a href="download_script.php?src_id=16225">gnupg.vim</a></td>
-    <td class="roweven" valign="top" nowrap><b>2.1</b></td>
-    <td class="roweven" valign="top" nowrap><i>2011-08-10</i></td>
+        <td class="roweven" valign="top" nowrap><a href="download_script.php?src_id=18068">gnupg.vim</a></td>
+    <td class="roweven" valign="top" nowrap><b>2.4</b></td>
+    <td class="roweven" valign="top" nowrap><i>2012-05-31</i></td>
     <td class="roweven" valign="top" nowrap>7.2</td>
-    <td class="roweven" valign="top"><i><a href="/account/profile.php?user_id=5603">James Vega</a></i></td>
-    <td class="roweven" valign="top" width="2000">Add g:GPGUsePipes variable to avoid saving unencrypted data to tempfiles (in a private directory)</td>
+    <td class="roweven" valign="top"><i><a href="/account/profile.php?user_id=5603">James McCoy</a></i></td>
+    <td class="roweven" valign="top" width="2000">* Improvements when an encrypted file is being '":read" into another buffer.
<br>** Don't wipeout the current buffer if decryption fails.
<br>** Use the current buffer's settings for 'swapfile' and 'undofile' instead of disabling them.
<br>* Make 'u' a no-op immediately after loading the file, just like with normal files.
<br>* Avoid prompting for disambiguation of keys once the user has selected which one to use.
<br>* Ignore expired keys when trying to find a matching key for an id entered in ":GPGEditRecipients"</td>
 </tr>
 <tr>
-        <td class="rowodd" valign="top" nowrap><a href="download_script.php?src_id=15987">gnupg.vim</a></td>
-    <td class="rowodd" valign="top" nowrap><b>2.0</b></td>
-    <td class="rowodd" valign="top" nowrap><i>2011-06-26</i></td>
+        <td class="rowodd" valign="top" nowrap><a href="download_script.php?src_id=16952">gnupg.vim</a></td>
+    <td class="rowodd" valign="top" nowrap><b>2.3</b></td>
+    <td class="rowodd" valign="top" nowrap><i>2011-11-23</i></td>
     <td class="rowodd" valign="top" nowrap>7.2</td>
-    <td class="rowodd" valign="top"><i><a href="/account/profile.php?user_id=5603">James Vega</a></i></td>
-    <td class="rowodd" valign="top" width="2000">Initial upload</td>
+    <td class="rowodd" valign="top"><i><a href="/account/profile.php?user_id=5603">James McCoy</a></i></td>
+    <td class="rowodd" valign="top" width="2000">* Resolve the filename when saving to follow symlinks.
<br>* Add support for specifying an alternate --homedir, using the g:GPGHomedir variable</td>
+</tr>
+<tr>
+        <td class="roweven" valign="top" nowrap><a href="download_script.php?src_id=16256">gnupg.vim</a></td>
+    <td class="roweven" valign="top" nowrap><b>2.2</b></td>
+    <td class="roweven" valign="top" nowrap><i>2011-08-13</i></td>
+    <td class="roweven" valign="top" nowrap>7.0</td>
+    <td class="roweven" valign="top"><i><a href="/account/profile.php?user_id=5603">James McCoy</a></i></td>
+    <td class="roweven" valign="top" width="2000">Correctly handle the different keyid-format options</td>
+</tr>
+<tr>
+        <td class="rowodd" valign="top" nowrap><a href="download_script.php?src_id=16225">gnupg.vim</a></td>
+    <td class="rowodd" valign="top" nowrap><b>2.1</b></td>
+    <td class="rowodd" valign="top" nowrap><i>2011-08-10</i></td>
+    <td class="rowodd" valign="top" nowrap>7.2</td>
+    <td class="rowodd" valign="top"><i><a href="/account/profile.php?user_id=5603">James McCoy</a></i></td>
+    <td class="rowodd" valign="top" width="2000">Add g:GPGUsePipes variable to avoid saving unencrypted data to tempfiles (in a private directory)</td>
+</tr>
+<tr>
+        <td class="roweven" valign="top" nowrap><a href="download_script.php?src_id=15987">gnupg.vim</a></td>
+    <td class="roweven" valign="top" nowrap><b>2.0</b></td>
+    <td class="roweven" valign="top" nowrap><i>2011-06-26</i></td>
+    <td class="roweven" valign="top" nowrap>7.2</td>
+    <td class="roweven" valign="top"><i><a href="/account/profile.php?user_id=5603">James McCoy</a></i></td>
+    <td class="roweven" valign="top" width="2000">Initial upload</td>
 </tr>
 </table>
 <!-- finish off the framework -->
diff --git a/plugin/gnupg.vim b/plugin/gnupg.vim
index 81cda0d..97539c5 100644
--- a/plugin/gnupg.vim
+++ b/plugin/gnupg.vim
@@ -1,6 +1,6 @@
 " Name:    gnupg.vim
-" Last Change: 2011 Aug 13
-" Maintainer:  James Vega <vega.james at gmail.com>
+" Last Change: 2012 May 31
+" Maintainer:  James McCoy <vega.james at gmail.com>
 " Original Author:  Markus Braun <markus.braun at krawel.de>
 " Summary: Vim plugin for transparent editing of gpg encrypted files.
 " License: This program is free software; you can redistribute it and/or
@@ -18,7 +18,7 @@
 "   a file the content is decrypted, when opening a new file the script will
 "   ask for the recipients of the encrypted file. The file content will be
 "   encrypted to all recipients before it is written. The script turns off
-"   viminfo and swapfile to increase security.
+"   viminfo, swapfile, and undofile to increase security.
 "
 " Installation: {{{2
 "
@@ -89,6 +89,11 @@
 "     gnupg.  When set to 1, this can cause terminal-based gpg agents to not
 "     display correctly when prompting for passwords.  Defaults to 0.
 "
+"   g:GPGHomedir
+"     If set, specifies the directory that will be used for GPG's homedir.
+"     This corresponds to gpg's --homedir option.  This variable is a Vim
+"     string.
+"
 " Known Issues: {{{2
 "
 "   In some cases gvim can't decrypt files
@@ -131,10 +136,10 @@
 " Section: Plugin header {{{1
 
 " guard against multiple loads {{{2
-if (exists("g:loaded_gnupg") || &cp || exists("#BufReadCmd*.\(gpg\|asc\|pgp\)"))
+if (exists("g:loaded_gnupg") || &cp || exists("#GnuPG"))
   finish
 endif
-let g:loaded_gnupg = '2.2'
+let g:loaded_gnupg = '2.5'
 let s:GPGInitRun = 0
 
 " check for correct vim version {{{2
@@ -149,12 +154,15 @@ augroup GnuPG
   autocmd!
 
   " do the decryption
-  autocmd BufReadCmd,FileReadCmd                 *.\(gpg\|asc\|pgp\) call s:GPGInit()
-  autocmd BufReadCmd,FileReadCmd                 *.\(gpg\|asc\|pgp\) call s:GPGDecrypt()
+  autocmd BufReadCmd                             *.\(gpg\|asc\|pgp\) call s:GPGInit(1)
+  autocmd BufReadCmd                             *.\(gpg\|asc\|pgp\) call s:GPGDecrypt(1)
   autocmd BufReadCmd                             *.\(gpg\|asc\|pgp\) call s:GPGBufReadPost()
+  autocmd FileReadCmd                            *.\(gpg\|asc\|pgp\) call s:GPGInit(0)
+  autocmd FileReadCmd                            *.\(gpg\|asc\|pgp\) call s:GPGDecrypt(0)
 
   " convert all text to encrypted text before writing
-  autocmd BufWriteCmd,FileWriteCmd               *.\(gpg\|asc\|pgp\) call s:GPGInit()
+  autocmd BufWriteCmd                            *.\(gpg\|asc\|pgp\) call s:GPGBufWritePre()
+  autocmd BufWriteCmd,FileWriteCmd               *.\(gpg\|asc\|pgp\) call s:GPGInit(0)
   autocmd BufWriteCmd,FileWriteCmd               *.\(gpg\|asc\|pgp\) call s:GPGEncrypt()
 
   " cleanup on leaving vim
@@ -164,6 +172,7 @@ augroup END
 " Section: Constants {{{1
 
 let s:GPGMagicString = "\t \t"
+let s:keyPattern = '\%(0x\)\=[[:xdigit:]]\{8,16}'
 
 " Section: Highlight setup {{{1
 
@@ -173,19 +182,30 @@ highlight default link GPGHighlightUnknownRecipient ErrorMsg
 
 " Section: Functions {{{1
 
-" Function: s:GPGInit() {{{2
+" Function: s:GPGInit(bufread) {{{2
 "
 " initialize the plugin
+" The bufread argument specifies whether this was called due to BufReadCmd
 "
-function s:GPGInit()
-  call s:GPGDebug(3, ">>>>>>>> Entering s:GPGInit()")
-
-  " we don't want a swap file, as it writes unencrypted data to disk
-  setl noswapfile
+function s:GPGInit(bufread)
+  call s:GPGDebug(3, printf(">>>>>>>> Entering s:GPGInit(%d)", a:bufread))
+
+  " For FileReadCmd, we're reading the contents into another buffer.  If that
+  " buffer is also destined to be encrypted, then these settings will have
+  " already been set, otherwise don't set them since it limits the
+  " functionality of the cleartext buffer.
+  if a:bufread
+    " we don't want a swap file, as it writes unencrypted data to disk
+    setl noswapfile
+
+    " if persistent undo is present, disable it for this buffer
+    if exists('+undofile')
+      setl noundofile
+    endif
 
-  " if persistent undo is present, disable it for this buffer
-  if exists('+undofile')
-    setl noundofile
+    " first make sure nothing is written to ~/.viminfo while editing
+    " an encrypted file.
+    set viminfo=
   endif
 
   " the rest only has to be run once
@@ -193,10 +213,6 @@ function s:GPGInit()
     return
   endif
 
-  " first make sure nothing is written to ~/.viminfo while editing
-  " an encrypted file.
-  set viminfo=
-
   " check what gpg command to use
   if (!exists("g:GPGExecutable"))
     let g:GPGExecutable = "gpg --trust-model always"
@@ -237,6 +253,11 @@ function s:GPGInit()
     let g:GPGUsePipes = 0
   endif
 
+  " allow alternate gnupg homedir
+  if (!exists('g:GPGHomedir'))
+    let g:GPGHomedir = ''
+  endif
+
   " print version
   call s:GPGDebug(1, "gnupg.vim ". g:loaded_gnupg)
 
@@ -298,14 +319,7 @@ function s:GPGInit()
   call s:GPGDebug(3, "shell implementation: " . resolve(s:shell))
 
   " find the supported algorithms
-  let commandline = s:GPGCommand . " --version"
-  call s:GPGDebug(2, "command: ". commandline)
-  let &shellredir = s:shellredir
-  let &shell = s:shell
-  let output = system(commandline)
-  let &shellredir = s:shellredirsave
-  let &shell = s:shellsave
-  call s:GPGDebug(2, "output: ". output)
+  let output = s:GPGSystem({ 'level': 2, 'args': '--version' })
 
   let s:GPGPubkey = substitute(output, ".*Pubkey: \\(.\\{-}\\)\n.*", "\\1", "")
   let s:GPGCipher = substitute(output, ".*Cipher: \\(.\\{-}\\)\n.*", "\\1", "")
@@ -334,39 +348,41 @@ function s:GPGCleanup()
   call s:GPGDebug(3, "<<<<<<<< Leaving s:GPGCleanup()")
 endfunction
 
-" Function: s:GPGDecrypt() {{{2
+" Function: s:GPGDecrypt(bufread) {{{2
 "
 " decrypt the buffer and find all recipients of the encrypted file
+" The bufread argument specifies whether this was called due to BufReadCmd
 "
-function s:GPGDecrypt()
-  call s:GPGDebug(3, ">>>>>>>> Entering s:GPGDecrypt()")
+function s:GPGDecrypt(bufread)
+  call s:GPGDebug(3, printf(">>>>>>>> Entering s:GPGDecrypt(%d)", a:bufread))
 
   " get the filename of the current buffer
   let filename = expand("<afile>:p")
 
+  " clear GPGRecipients and GPGOptions
+  let b:GPGRecipients = g:GPGDefaultRecipients
+  let b:GPGOptions = []
+
   " File doesn't exist yet, so nothing to decrypt
   if empty(glob(filename))
     return
   endif
 
-  " clear GPGEncrypted, GPGRecipients and GPGOptions
+  " Only let this if the file actually exists, otherwise GPG functionality
+  " will be disabled when editing a buffer that doesn't yet have a backing
+  " file
   let b:GPGEncrypted = 0
-  let b:GPGRecipients = []
-  let b:GPGOptions = []
 
   " find the recipients of the file
-  let commandline = s:GPGCommand . " --verbose --decrypt --list-only --dry-run --batch --no-use-agent --logger-fd 1 " . shellescape(filename)
-  call s:GPGDebug(3, "command: " . commandline)
-  let &shellredir = s:shellredir
-  let &shell = s:shell
-  let &shelltemp = s:shelltemp
-  let output = system(commandline)
-  let &shellredir = s:shellredirsave
-  let &shell = s:shellsave
-  let &shelltemp = s:shelltempsave
-  call s:GPGDebug(3, "output: ". output)
+  let cmd = { 'level': 3 }
+  let cmd.args = '--verbose --decrypt --list-only --dry-run --batch --no-use-agent --logger-fd 1 ' . shellescape(filename)
+  let output = s:GPGSystem(cmd)
 
-  let asymmPattern = 'gpg: public key is \%(0x\)\=[[:xdigit:]]\{8,16}'
+  " Suppress the "N more lines" message when editing a file, not when reading
+  " the contents of a file into a buffer
+  let silent = a:bufread ? 'silent ' : ''
+
+  let asymmPattern = 'gpg: public key is ' . s:keyPattern
   " check if the file is symmetric/asymmetric encrypted
   if (match(output, "gpg: encrypted with [[:digit:]]\\+ passphrase") >= 0)
     " file is symmetric encrypted
@@ -397,7 +413,7 @@ function s:GPGDecrypt()
     let start = match(output, asymmPattern)
     while (start >= 0)
       let start = start + strlen("gpg: public key is ")
-      let recipient = matchstr(output, '[[:xdigit:]]\{8,16}', start)
+      let recipient = matchstr(output, s:keyPattern, start)
       call s:GPGDebug(1, "recipient is " . recipient)
       let name = s:GPGNameToID(recipient)
       if (strlen(name) > 0)
@@ -418,7 +434,7 @@ function s:GPGDecrypt()
     echohl GPGWarning
     echom "File is not encrypted, all GPG functions disabled!"
     echohl None
-    silent exe '.r ' . fnameescape(filename)
+    exe printf('%sr %s', silent, fnameescape(filename))
     call s:GPGDebug(3, "<<<<<<<< Leaving s:GPGDecrypt()")
     return
   endif
@@ -433,20 +449,19 @@ function s:GPGDecrypt()
   " since even with the --quiet option passphrase typos will be reported,
   " we must redirect stderr (using shell temporarily)
   call s:GPGDebug(1, "decrypting file")
-  let commandline = "r !" . s:GPGCommand . ' --quiet --decrypt ' . shellescape(filename, 1) . ' ' . s:stderrredirnull
-  call s:GPGDebug(1, "command: " . commandline)
-  let &shellredir = s:shellredir
-  let &shell = s:shell
-  let &shelltemp = s:shelltemp
-  execute commandline
-  let &shellredir = s:shellredirsave
-  let &shell = s:shellsave
-  let &shelltemp = s:shelltempsave
+  let cmd = { 'level': 1, 'ex': silent . 'r !' }
+  let cmd.args = '--quiet --decrypt ' . shellescape(filename, 1)
+  call s:GPGExecute(cmd)
+
   if (v:shell_error) " message could not be decrypted
     echohl GPGError
     let blackhole = input("Message could not be decrypted! (Press ENTER)")
     echohl None
-    silent bwipeout!
+    " Only wipeout the buffer if we were creating one to start with.
+    " FileReadCmd just reads the content into the existing buffer
+    if a:bufread
+      silent bwipeout!
+    endif
     call s:GPGDebug(3, "<<<<<<<< Leaving s:GPGDecrypt()")
     return
   endif
@@ -457,15 +472,41 @@ function s:GPGDecrypt()
   call s:GPGDebug(3, "<<<<<<<< Leaving s:GPGDecrypt()")
 endfunction
 
+" Function: s:GPGBufReadPost() {{{2
+"
+" Handle functionality specific to opening a file for reading rather than
+" reading the contents of a file into a buffer
+"
 function s:GPGBufReadPost()
   call s:GPGDebug(3, ">>>>>>>> Entering s:GPGBufReadPost()")
+  " In order to make :undo a no-op immediately after the buffer is read,
+  " we need to do this dance with 'undolevels'.  Actually discarding the undo
+  " history requires performing a change after setting 'undolevels' to -1 and,
+  " luckily, we have one we need to do (delete the extra line from the :r
+  " command)
+  let levels = &undolevels
+  set undolevels=-1
   silent 1delete
+  let &undolevels = levels
   " call the autocommand for the file minus .gpg$
-  execute ':doautocmd BufReadPost ' . fnameescape(expand('<afile>:r'))
+  silent execute ':doautocmd BufReadPost ' . fnameescape(expand('<afile>:r'))
   call s:GPGDebug(2, 'called autocommand for ' . fnameescape(expand('<afile>:r')))
   call s:GPGDebug(3, "<<<<<<<< Leaving s:GPGBufReadPost()")
 endfunction
 
+" Function: s:GPGBufWritePre() {{{2
+"
+" Handle functionality specific to saving an entire buffer to a file rather
+" than saving a partial buffer
+"
+function s:GPGBufWritePre()
+  call s:GPGDebug(3, ">>>>>>>> Entering s:GPGBufWritePre()")
+  " call the autocommand for the file minus .gpg$
+  silent execute ':doautocmd BufWritePre ' . fnameescape(expand('<afile>:r'))
+  call s:GPGDebug(2, 'called autocommand for ' . fnameescape(expand('<afile>:r')))
+  call s:GPGDebug(3, "<<<<<<<< Leaving s:GPGBufWritePre()")
+endfunction
+
 " Function: s:GPGEncrypt() {{{2
 "
 " encrypts the buffer to all previous recipients
@@ -543,15 +584,10 @@ function s:GPGEncrypt()
 
   " encrypt the buffer
   let destfile = tempname()
-  let commandline = "'[,']w !" . s:GPGCommand . ' --quiet --no-encrypt-to ' . options . '>' . shellescape(destfile, 1) . ' ' . s:stderrredirnull
-  call s:GPGDebug(1, "command: " . commandline)
-  let &shellredir = s:shellredir
-  let &shell = s:shell
-  let &shelltemp = s:shelltemp
-  silent execute commandline
-  let &shellredir = s:shellredirsave
-  let &shell = s:shellsave
-  let &shelltemp = s:shelltempsave
+  let cmd = { 'level': 1, 'ex': "'[,']w !" }
+  let cmd.args = '--quiet --no-encrypt-to ' . options
+  let cmd.redirect = '>' . shellescape(destfile, 1)
+  call s:GPGExecute(cmd)
 
   " restore encoding
   if (s:GPGEncoding != "")
@@ -569,7 +605,7 @@ function s:GPGEncrypt()
     return
   endif
 
-  call rename(destfile, expand('<afile>'))
+  call rename(destfile, resolve(expand('<afile>')))
   setl nomodified
   call s:GPGDebug(3, "<<<<<<<< Leaving s:GPGEncrypt()")
 endfunction
@@ -760,13 +796,13 @@ function s:GPGFinishRecipientsBuffer()
   " delete the autocommand
   autocmd! * <buffer>
 
-
   " get the recipients from the scratch buffer
   let recipients = []
   let lines = getline(1,"$")
   for recipient in lines
-    " delete all text after magic string
-    let recipient = substitute(recipient, s:GPGMagicString . ".*$", "", "")
+    let matches = matchlist(recipient, '^\(.\{-}\)\%(' . s:GPGMagicString . '(ID:\s\+\(' . s:keyPattern . '\)\s\+.*\)\=$')
+
+    let recipient = matches[2] ? matches[2] : matches[1]
 
     " delete all spaces at beginning and end of the recipient
     " also delete a '!' at the beginning of the recipient
@@ -1030,14 +1066,9 @@ function s:GPGNameToID(name)
   call s:GPGDebug(3, ">>>>>>>> Entering s:GPGNameToID()")
 
   " ask gpg for the id for a name
-  let commandline = s:GPGCommand . " --quiet --with-colons --fixed-list-mode --list-keys " . shellescape(a:name)
-  call s:GPGDebug(2, "command: ". commandline)
-  let &shellredir = s:shellredir
-  let &shell = s:shell
-  let output = system(commandline)
-  let &shellredir = s:shellredirsave
-  let &shell = s:shellsave
-  call s:GPGDebug(2, "output: ". output)
+  let cmd = { 'level': 2 }
+  let cmd.args = '--quiet --with-colons --fixed-list-mode --list-keys ' . shellescape(a:name)
+  let output = s:GPGSystem(cmd)
 
   " when called with "--with-colons" gpg encodes its output _ALWAYS_ as UTF-8,
   " so convert it, if necessary
@@ -1059,18 +1090,22 @@ function s:GPGNameToID(name)
       let duplicates[line] = 1
 
       let fields = split(line, ":")
+
       " search for the next uid
-      if (pubseen == 1)
+      if pubseen
         if (fields[0] == "uid")
           let choices = choices . "   " . fields[9] . "\n"
         else
           let pubseen = 0
         endif
-      endif
-
       " search for the next pub
-      if (pubseen == 0)
+      else
         if (fields[0] == "pub")
+          " Ignore keys which are not usable for encryption
+          if fields[11] !~? 'e'
+            continue
+          endif
+
           let identity = fields[4]
           let gpgids += [identity]
           if exists("*strftime")
@@ -1111,14 +1146,9 @@ function s:GPGIDToName(identity)
   " TODO is the encryption subkey really unique?
 
   " ask gpg for the id for a name
-  let commandline = s:GPGCommand . " --quiet --with-colons --fixed-list-mode --list-keys " . a:identity
-  call s:GPGDebug(2, "command: ". commandline)
-  let &shellredir = s:shellredir
-  let &shell = s:shell
-  let output = system(commandline)
-  let &shellredir = s:shellredirsave
-  let &shell = s:shellsave
-  call s:GPGDebug(2, "output: ". output)
+  let cmd = { 'level': 2 }
+  let cmd.args = '--quiet --with-colons --fixed-list-mode --list-keys ' . a:identity
+  let output = s:GPGSystem(cmd)
 
   " when called with "--with-colons" gpg encodes its output _ALWAYS_ as UTF-8,
   " so convert it, if necessary
@@ -1132,8 +1162,14 @@ function s:GPGIDToName(identity)
   let uid = ""
   for line in lines
     let fields = split(line, ":")
-    if (pubseen == 0) " search for the next pub
+
+    if !pubseen " search for the next pub
       if (fields[0] == "pub")
+        " Ignore keys which are not usable for encryption
+        if fields[11] !~? 'e'
+          continue
+        endif
+
         let pubseen = 1
       endif
     else " search for the next uid
@@ -1153,6 +1189,68 @@ function s:GPGIDToName(identity)
   return uid
 endfunction
 
+function s:GPGPreCmd()
+  let &shellredir = s:shellredir
+  let &shell = s:shell
+  let &shelltemp = s:shelltemp
+endfunction
+
+function s:GPGPostCmd()
+  let &shellredir = s:shellredirsave
+  let &shell = s:shellsave
+  let &shelltemp = s:shelltempsave
+endfunction
+
+" Function: s:GPGSystem(dict) {{{2
+"
+" run g:GPGCommand using system(), logging the commandline and output
+" Recognized keys are:
+" level - Debug level at which the commandline and output will be logged
+" args - Arguments to be given to g:GPGCommand
+"
+" Returns: command output
+"
+function s:GPGSystem(dict)
+  let commandline = printf('%s %s', s:GPGCommand, a:dict.args)
+  if (!empty(g:GPGHomedir))
+    let commandline .= ' --homedir ' . shellescape(g:GPGHomedir)
+  endif
+  let commandline .= ' ' . s:stderrredirnull
+  call s:GPGDebug(a:dict.level, "command: ". commandline)
+
+  call s:GPGPreCmd()
+  let output = system(commandline)
+  call s:GPGPostCmd()
+
+  call s:GPGDebug(a:dict.level, "output: ". output)
+  return output
+endfunction
+
+" Function: s:GPGExecute(dict) {{{2
+"
+" run g:GPGCommand using :execute, logging the commandline
+" Recognized keys are:
+" level - Debug level at which the commandline will be logged
+" args - Arguments to be given to g:GPGCommand
+" ex - Ex command which will be :executed
+" redirect - Shell redirect to use, if needed
+"
+function s:GPGExecute(dict)
+  let commandline = printf('%s%s %s', a:dict.ex, s:GPGCommand, a:dict.args)
+  if (!empty(g:GPGHomedir))
+    let commandline .= ' --homedir ' . shellescape(g:GPGHomedir, 1)
+  endif
+  if (has_key(a:dict, 'redirect'))
+    let commandline .= ' ' . a:dict.redirect
+  endif
+  let commandline .= ' ' . s:stderrredirnull
+  call s:GPGDebug(a:dict.level, "command: " . commandline)
+
+  call s:GPGPreCmd()
+  execute commandline
+  call s:GPGPostCmd()
+endfunction
+
 " Function: s:GPGDebug(level, text) {{{2
 "
 " output debug message, if this message has high enough importance
@@ -1162,7 +1260,7 @@ function s:GPGDebug(level, text)
   if exists("g:GPGDebugLevel") && g:GPGDebugLevel >= a:level
     if exists("g:GPGDebugLog")
       execute "redir >> " . g:GPGDebugLog
-      echom "GnuPG: " . a:text
+      silent echom "GnuPG: " . a:text
       redir END
     else
       echom "GnuPG: " . a:text

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-vim/vim-scripts.git



More information about the pkg-vim-maintainers mailing list