From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp0.migadu.com ([2001:41d0:403:4876::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms13.migadu.com with LMTPS id GHaRHHmIjmb2OAAAqHPOHw:P1 (envelope-from ) for ; Wed, 10 Jul 2024 13:11:21 +0000 Received: from aspmx1.migadu.com ([2001:41d0:403:4876::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp0.migadu.com with LMTPS id GHaRHHmIjmb2OAAAqHPOHw (envelope-from ) for ; Wed, 10 Jul 2024 15:11:21 +0200 X-Envelope-To: larch@yhetil.org Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=VeLVY46Z; spf=pass (aspmx1.migadu.com: domain of "emacs-orgmode-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="emacs-orgmode-bounces+larch=yhetil.org@gnu.org"; dmarc=pass (policy=none) header.from=gmail.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1720617081; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post:dkim-signature; bh=cw5rJOnFQZyCpSOJNzjscD2tHPKfieKd1AEa4g3TSSw=; b=JVQJQ95a8462hRBgF49Za5ioh0CyclMFVC5ogI0chUM4a/TNQYtaDAh3O04EuvFkfhCvt7 GtzmEB3LOAlCZ6oZcFbhrSKdl5P/sjHJHv42+FFfeZ5kpJbLuMULbbIP1+aj1XdlKLQIZ0 dK0b+rRaraY/+VwqLcEhOmAKeJnC+uJOhOiutBORybdOFQn+pLlY3aY5+AKEaCRtXqdMq7 1HEeRfhjUeOtCzifsHpouPEdzA3KQ07jHIM9Zhe3srPVb1XeO9YuzmFKz6p5hImB/RpwB5 7s+05PejrD0NxUy0nXjkClmUKuw2ZRWn+gqQrGsu1827QVokYfS9cqBQ5s8FQg== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=VeLVY46Z; spf=pass (aspmx1.migadu.com: domain of "emacs-orgmode-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="emacs-orgmode-bounces+larch=yhetil.org@gnu.org"; dmarc=pass (policy=none) header.from=gmail.com ARC-Seal: i=1; s=key1; d=yhetil.org; t=1720617081; a=rsa-sha256; cv=none; b=g0C0BnFUqV8Cn+d6mbjpDsoF31WVOBy2I1K7lN/A9s0t6x7t3wcBWN3zQKuUFxZD+StQ4S aKdcR67jd2LP1N63+BZeWfn0lF52HQPLZuy8cj3fJRi3wFJ21YUl2g7InYWLbvWjrhYqP6 +8+zYaJJgUc4VDtxESmW+ufdkV0aH8F0rTW84vSHg0FZVrfdpj2AlWRfm4F7YwdFISPrRI IbtYnT1LUugF1FKVO6mjjaJ9PJpXljTzZVVI8QbWYPWq1gICS8KPnps7Y1n2IZ88ZWqW7m k7k6uYLMMdLNBO7lkXsZUtDsqt3ouiw8IsgkmtPobKnXv1pLrZVZiU+T5EvQeg== Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id E66C0EB15 for ; Wed, 10 Jul 2024 15:11:20 +0200 (CEST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sRX5c-0001fU-72; Wed, 10 Jul 2024 09:10:32 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sRX5a-0001f5-Bw for emacs-orgmode@gnu.org; Wed, 10 Jul 2024 09:10:30 -0400 Received: from mail-yw1-x1130.google.com ([2607:f8b0:4864:20::1130]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sRX5Y-0008UA-DG; Wed, 10 Jul 2024 09:10:30 -0400 Received: by mail-yw1-x1130.google.com with SMTP id 00721157ae682-6561850a7bcso36243217b3.3; Wed, 10 Jul 2024 06:10:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1720617025; x=1721221825; darn=gnu.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=cw5rJOnFQZyCpSOJNzjscD2tHPKfieKd1AEa4g3TSSw=; b=VeLVY46ZIhKW1PS1zo4EXad0TKxHEnHPXxhbfUm5oEHZOx0OzSoyFs9gz10hkS+ITT rwByp7Wyg2AMs2asUXeZAvvg7GssJjEKXydmdzxJKMgBbdrY24xYCOJgGDT36Y1gv+pD CknMuU5yGjHsB4Gp+asbH5UE6OFKxHWVuen7UiKJsVT3el0JNRG0fHkB07GlJsAPn3fw 9wzoWiULrLf5OpWv4bJAQupsDd/VXUuuoqpArUeZqPoYs/pevDFFdiLObTtUrWt0xc64 Gy4a94aEplKGCH/VB4DOUjzstCwGJ7Pn3SwTknvoEbatMWR9dd989dgOf2nZo6rDlLr3 rHiQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1720617025; x=1721221825; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=cw5rJOnFQZyCpSOJNzjscD2tHPKfieKd1AEa4g3TSSw=; b=OmMGEhPqhfdqBDNXku7bZLWmPT8aYIeRn9qVjjNSK6qhSJA0/f9/wvRWzV5KrNMfeg 8EsEmCUdA3QlIwKVUkdfn2+tjAGz6zhCZQ2ibIRMD1LraxyrlLr4WaqSprejrW7C9Nyu j9w+MIT54prh4D39O/kM7gl/PrGNYjymsh0AU739dmDo4w980flwgOOQ6L55wZ2DVdub vUMTIQ534HS0QNgbgISYEGq8DmcSASKQAXsdiAZn/z3VdKqggP44B4hBZEFU1EtF9vBX Jdv/iNsfyo+cZwuIUa2F49qJAH3wYikVyO3D2Huek2yEdDKXVP/popO5HFeZRMVboZr8 RoiQ== X-Forwarded-Encrypted: i=1; AJvYcCUMT9fKpUIhvvM7eiM349DoauoXF2UPzEqmUM2b5CS5duyx7kjMSPcn4q/s4GezmxC5Q7LGW+PRhypDBooSbReF8dm/bB4= X-Gm-Message-State: AOJu0YxaFLYCPPoy3OjFLtqRy1dlB4pQBDz57agz56/+z0As+aH8eLyn cYjv/A9GPGfwPgPZJDRLlDqiveLUSHZXHkFoOyvhu0H+3VoesUIGLgWZVcnoHGlyngFewwGhdKC Fzi4JGr+7Kw6yD1QNCCOc22ZvcE8= X-Google-Smtp-Source: AGHT+IFPsZEPNLiRGYfUucLKtCn5XGEIbFAHowmqQx8H1A0T6s2vzzx0bEKPrNReCLqS9sfiTNf8ltf5S7V15fq+3Z0= X-Received: by 2002:a05:690c:c05:b0:625:1090:b54f with SMTP id 00721157ae682-658f09d22d1mr67902167b3.39.1720617025240; Wed, 10 Jul 2024 06:10:25 -0700 (PDT) MIME-Version: 1.0 References: <86ed921oxu.fsf@gnu.org> <874j9vllbp.fsf@localhost> <87o781t676.fsf@localhost> <874j9qs0wh.fsf@localhost> <87ed8mtyp0.fsf@localhost> <87msn7kffy.fsf@localhost> <87o77my9mp.fsf@localhost> <87y16j4nbe.fsf@localhost> <87o77ak70y.fsf@localhost> In-Reply-To: <87o77ak70y.fsf@localhost> From: Daniel Clemente Date: Wed, 10 Jul 2024 13:09:57 +0000 Message-ID: Subject: Re: org-encrypt-entries is slow (was: org-crypt leaking data when encryption password is not entered twice (was: Please document the caching and its user options)) To: Ihor Radchenko Cc: Eli Zaretskii , emacs-orgmode@gnu.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass client-ip=2607:f8b0:4864:20::1130; envelope-from=n142857@gmail.com; helo=mail-yw1-x1130.google.com X-Spam_score_int: -17 X-Spam_score: -1.8 X-Spam_bar: - X-Spam_report: (-1.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: emacs-orgmode@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "General discussions about Org-mode." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-orgmode-bounces+larch=yhetil.org@gnu.org Sender: emacs-orgmode-bounces+larch=yhetil.org@gnu.org X-Migadu-Country: US X-Migadu-Flow: FLOW_IN X-Spam-Score: -9.74 X-Migadu-Queue-Id: E66C0EB15 X-Migadu-Scanner: mx10.migadu.com X-Migadu-Spam-Score: -9.74 X-TUID: Nddde5VzI9sF > > With that code I see something strange: I opened a file which had > > encrypted :crypt: sections (never unencrypted), and after adding a > > space somewhere else and saving, it asked me for an encryption > > password. It shouldn't, since all sections are encrypted. > > I also see =E2=80=9Eorg-crypt: Re-encrypting all decrypted entries due = to > > auto-save=E2=80=9C asking me for the encryption password. > > Note that it may be asking about _different_ buffers, not just current. > That's because auto-save-mode saves all the buffers, not just current :) > It would be good to know what buffer it is asking about; see suggestion later below, about mentioning its name. But I think it's already telling me which buffer it is, by moving the point to the affected section, before asking the question. It's the first section in the current file. And I can see that it's actually encrypted. I see it's trying to decrypt things (therefore it asks for the password). It shouldn't, since I didn't modify any encrypted section. I said =E2=80=9Eit asked me for an encryption password=E2=80=9C because the= GPG prompt confusingly uses the word =E2=80=9Eencryption=E2=80=9C (=E2=80=9EPassphrase= for symmetric encryption=E2=80=9C), though it's actually asking for a decryption password= . It calls: org-decrypt-entry() (progn (org-decrypt-entry)) (if (get-text-property (point) 'org-crypt-auto-encrypted) (progn (org-decrypt-entry))) (while (not (eobp)) (if (get-text-property (point) 'org-crypt-auto-encrypted) (progn (org-decrypt-entry))) (goto-char (next-single-char-property-change (point) 'org-crypt-auto-encrypted))) (save-restriction (widen) (goto-char (point-min)) (while (not (eobp)) (if (get-text-property (point) 'org-crypt-auto-encrypted) (progn (org-decrypt-entry))) (goto-char (next-single-char-property-change (point) 'org-crypt-auto-encrypted)))) (save-excursion (save-restriction (widen) (goto-char (point-min)) (while (not (eobp)) (if (get-text-property (point) 'org-crypt-auto-encrypted) (progn (org-decrypt-entry))) (goto-char (next-single-char-property-change (point) 'org-crypt-auto-encrypted))))) (let ((modified-flag (buffer-modified-p))) (save-excursion (save-restriction (widen) (goto-char (point-min)) (while (not (eobp)) (if (get-text-property (point) 'org-crypt-auto-encrypted) (progn (org-decrypt-entry))) (goto-char (next-single-char-property-change (point) 'org-crypt-auto-encrypted))))) (set-buffer-modified-p modified-flag)) org-crypt--decrypt-marked-entries() run-hooks(after-save-hook) basic-save-buffer(t) > > But I tried removing all :crypt: tags (I renamed them to something > > else), and saving a large file seems as slow as before. A few seconds > > (often 5 seconds; sometimes it's just 2 or 3; this was the case before > > too). Here's when it's 5, for 1 save: > > I think I fixed this now. > May you try the latest version of the same branch? > This particular case in which there are no :crypt: tags is fast now, thanks. In the same large file as before, saving is instantaneous (well, the usual 100 to 200 ms). 22 2% - run-hook-with-args-until-success 22 2% - org-crypt--encrypt-and-mark-entries 22 2% - let 22 2% - condition-case 22 2% - unwind-protect 22 2% - org-encrypt-entries 22 2% - org-encrypt--map-items 22 2% - let* 22 2% - if 22 2% - or 22 2% - save-excursion 22 2% - save-restriction 22 2% re-search-forward > > I also see new problems (which would take me a long time to explain > > since I don't understand the code or the settings), where: > > - Org asks me for an encryption password even if there are no :crypt: > > tags. I just changed the only :crypt: tag to a :nocrypt: tag and saved > > I cannot reproduce. May you create a small example file and explain how > to trigger the problem you are seeing? This is the text "abc" encrypted with password "abc". Use this file: * hi :nocr= ypt: -----BEGIN PGP MESSAGE----- jA0ECQMCVpS/qSoed5f/0joBYoIRWdgt/+PVQCsZh9sg176SdnvP2Wc8tH/CV1Rk l2MjAh3Rk19Q2aP2EffpZ5CFeGELTMXCnCYv =3DFNtI -----END PGP MESSAGE----- Open the file, add a space to the title and save it. The first time it works (no questions asked) because there's no tag called :crypt: Now change the :nocrypt: to :crypt: and save. It asks for the password. Press C-g to cancel. Change again the tag to :nocrypt:. Save. It asks for the encryption password; it shouldn't. Add a space to the title, save, it keeps asking for the encryption password, though there's no :crypt: section. > > > - Org spends around 20 seconds trying to save the file, in a loop, > > reporting: (error "org-crypt: Encryption failed. Not saving the > > buffer. Error: GPG error: \"Encrypt failed\", \"Canceled; Exit\"") > > This is curious, but I again have no clue. Maybe the new version of the > branch works a bit better. > Since this error can happen because of a problem in a different buffer (not the current one), would it be good to mention the file name in that error message? I didn't see this particular problem again. But I see others, which are hard to report and reproduce. For instance I had an encrypted section under a :crypt: header (I see =E2=80=9EBEGIN PGP=E2=80=9C and hex c= odes), I save, and saving *UNencrypts* the header before saving, without asking. It should never decrypt when saving, but it does. This happens with the same small example I posted above (but using the :crypt: tag).