|
|
@@ -94,6 +94,29 @@ This setting can also be overridden in the CRYPTKEY property."
|
|
|
:type 'string
|
|
|
:group 'org-crypt)
|
|
|
|
|
|
+(defcustom org-crypt-disable-auto-save 'ask
|
|
|
+ "What org-decrypt should do if `auto-save-mode' is enabled.
|
|
|
+
|
|
|
+t : Disable auto-save-mode for the current buffer
|
|
|
+ prior to decrypting an entry.
|
|
|
+
|
|
|
+nil : Leave auto-save-mode enabled.
|
|
|
+ This may cause data to be written to disk unencrypted!
|
|
|
+
|
|
|
+'ask : Ask user whether or not to disable auto-save-mode
|
|
|
+ for the current buffer.
|
|
|
+
|
|
|
+'encrypt : Leave auto-save-mode enabled for the current buffer,
|
|
|
+ but automatically re-encrypt all decrypted entries
|
|
|
+ *before* auto-saving.
|
|
|
+ NOTE: This only works for entries which have a tag
|
|
|
+ that matches `org-crypt-tag-matcher'."
|
|
|
+ :group 'org-crypt
|
|
|
+ :type '(choice (const :tag "Always" t)
|
|
|
+ (const :tag "Never" nil)
|
|
|
+ (const :tag "Ask" ask)
|
|
|
+ (const :tag "Encrypt" encrypt)))
|
|
|
+
|
|
|
(defun org-crypt-key-for-heading ()
|
|
|
"Return the encryption key for the current heading."
|
|
|
(save-excursion
|
|
|
@@ -142,6 +165,30 @@ This setting can also be overridden in the CRYPTKEY property."
|
|
|
(defun org-decrypt-entry ()
|
|
|
"Decrypt the content of the current headline."
|
|
|
(interactive)
|
|
|
+
|
|
|
+ ; auto-save-mode may cause leakage, so check whether it's enabled.
|
|
|
+ (when buffer-auto-save-file-name
|
|
|
+ (cond
|
|
|
+ ((or
|
|
|
+ (eq org-crypt-disable-auto-save t)
|
|
|
+ (and
|
|
|
+ (eq org-crypt-disable-auto-save 'ask)
|
|
|
+ (y-or-n-p "org-decrypt: auto-save-mode may cause leakage. Disable it for current buffer? ")))
|
|
|
+ (message (concat "org-decrypt: Disabling auto-save-mode for " (or (buffer-file-name) (current-buffer))))
|
|
|
+ ; The argument to auto-save-mode has to be "-1", since
|
|
|
+ ; giving a "nil" argument toggles instead of disabling.
|
|
|
+ (auto-save-mode -1))
|
|
|
+ ((eq org-crypt-disable-auto-save nil)
|
|
|
+ (message "org-decrypt: Decrypting entry with auto-save-mode enabled. This may cause leakage."))
|
|
|
+ ((eq org-crypt-disable-auto-save 'encrypt)
|
|
|
+ (message "org-decrypt: Enabling re-encryption on auto-save.")
|
|
|
+ (add-hook 'auto-save-hook
|
|
|
+ (lambda ()
|
|
|
+ (message "org-crypt: Re-encrypting all decrypted entries due to auto-save.")
|
|
|
+ (org-encrypt-entries))
|
|
|
+ nil t))
|
|
|
+ (t nil)))
|
|
|
+
|
|
|
(require 'epg)
|
|
|
(unless (org-before-first-heading-p)
|
|
|
(save-excursion
|
|
|
@@ -201,19 +248,6 @@ This setting can also be overridden in the CRYPTKEY property."
|
|
|
'org-mode-hook
|
|
|
(lambda () (add-hook 'before-save-hook 'org-encrypt-entries nil t))))
|
|
|
|
|
|
-;; FIXME Find a better way to encrypt Org auto-saved buffers?
|
|
|
-;; When `auto-save-default' is non-nil, make sure entries are
|
|
|
-;; encrypted before auto-saving
|
|
|
-;; (when auto-save-default
|
|
|
-;; (add-hook
|
|
|
-;; 'org-mode-hook
|
|
|
-;; (lambda () (add-hook 'auto-save-hook 'org-encrypt-entries nil t))))
|
|
|
-
|
|
|
-(when (and (functionp 'daemonp)
|
|
|
- (not (daemonp)) auto-save-default)
|
|
|
- (message "Warning: turn auto-save-mode off in Org buffers containing crypted entries.")
|
|
|
- (sit-for 1))
|
|
|
-
|
|
|
(add-hook 'org-reveal-start-hook 'org-decrypt-entry)
|
|
|
|
|
|
(provide 'org-crypt)
|
Pieter Praet