<<< Date Index >>>     <<< Thread Index >>>

[PATCH] Re: Security issue / bad UI design in mutt CVS (encryption options)



On Sat, Aug 07, 2004 at 08:09:24AM +0200, Thomas Roessler wrote:
> On 2004-08-07 05:12:34 +0200, Adeodato Simó wrote:
> 
> >   well, that's a separate issue. the specific issue we are
> >   talking about, and for which there seems to be some agreement
> >   (among the ones who talked, though) is just the toggleness of
> >   the crypt options.
> 
> I guess I'm basically convinced.  Also, S/MIME and PGP key menus
> should certainly behave the same way.

:)  With my patch, they do (at least I think so, see below).

> One frequently heared criticism of the old behavior concerned the
> fact that it takes two key presses to come from "both" to "sign
> only" or to "encrypt only." What do you guys think -- should the
> "encrypt" option disable signing, and should "sign" disable
> encryption, with "both" (or "encrypt" followed by "sign as") being
> the only way to get both security functions?

Yes, definitely.  This always was the point of all of the bug reports
(both mine and the others), and I believe it is the reason behind the
recent behavior change.  This behavior saves keystrokes, and as such
I think it is the right way to go.

The attached patch should solve all of the afforementioned problems,
and should apply against the current CVS.  I can't thoroughly test the
S/MIME stuff since I don't use it, but the PGP menu tested out ok.

Now, any chance I can also convince you to commit my pgp-auto-decode
patch?  ;-)

-- 
Derek D. Martin    http://www.pizzashack.org/   GPG Key ID: 0xDFBEAD02
-=-=-=-=-
This message is posted from an invalid address.  Replying to it will result in
undeliverable mail.  Sorry for the inconvenience.  Thank the spammers.

diff -ru mutt/pgp.c mutt.ddm/pgp.c
--- mutt/pgp.c  2004-07-20 06:41:43.000000000 +0900
+++ mutt.ddm/pgp.c      2004-08-07 19:18:08.000000000 +0900
@@ -1462,15 +1462,15 @@
   if (!(WithCrypto & APPLICATION_PGP))
     return msg->security;
 
-  switch (mutt_multi_choice (_("PGP (e)ncrypt, (s)ign, sign (a)s, (b)oth, 
(i)nline, or (f)orget it? "),
-                            _("esabif")))
+  switch (mutt_multi_choice (_("PGP (e)ncrypt, (s)ign, sign (a)s, (b)oth, 
(i)nline [toggle], or (c)lear? "),
+                            _("esabic")))
   {
   case 1: /* (e)ncrypt */
-    msg->security ^= ENCRYPT;
+    msg->security = (msg->security & INLINE) | ENCRYPT;
     break;
 
   case 2: /* (s)ign */
-    msg->security ^= SIGN;
+    msg->security = (msg->security & INLINE) | SIGN;
     break;
 
   case 3: /* sign (a)s */
@@ -1496,10 +1496,7 @@
     break;
 
   case 4: /* (b)oth */
-    if ((msg->security & (ENCRYPT | SIGN)) == (ENCRYPT | SIGN))
-      msg->security = 0;
-    else
-      msg->security |= (ENCRYPT | SIGN);
+    msg->security = (msg->security & INLINE) | ENCRYPT | SIGN;
     break;
 
   case 5: /* (i)nline */
@@ -1509,7 +1506,7 @@
       msg->security &= ~INLINE;
     break;
 
-  case 6: /* (f)orget it */
+  case 6: /* (c)lear */
     msg->security = 0;
     break;
   }
diff -ru mutt/smime.c mutt.ddm/smime.c
--- mutt/smime.c        2004-06-18 05:39:20.000000000 +0900
+++ mutt.ddm/smime.c    2004-08-07 19:20:52.000000000 +0900
@@ -1940,18 +1940,19 @@
   if (!(WithCrypto & APPLICATION_SMIME))
     return msg->security;
 
-  switch (mutt_multi_choice (_("S/MIME (e)ncrypt, (s)ign, encrypt (w)ith, sign 
(a)s, (b)oth, or (f)orget it? "),
-                            _("eswabf")))
+  switch (mutt_multi_choice (_("S/MIME (e)ncrypt, (s)ign, encrypt (w)ith, sign
+(a)s, (b)oth, or (c)lear? "),
+                            _("eswabc")))
   {
   case 1: /* (e)ncrypt */
-    msg->security ^= ENCRYPT;
+    msg->security = ENCRYPT;
     break;
 
   case 3: /* encrypt (w)ith */
-    msg->security |= ENCRYPT;
+    msg->security = ENCRYPT;
     switch (mutt_multi_choice (_("1: DES, 2: Triple-DES, 3: RC2-40,"
-                                " 4: RC2-64, 5: RC2-128, or (f)orget it? "),
-                              _("12345f"))) {
+                                " 4: RC2-64, 5: RC2-128, or (c)lear? "),
+                              _("12345c"))) {
     case 1:
        mutt_str_replace (&SmimeCryptAlg, "des");
        break;
@@ -1967,7 +1968,7 @@
     case 5:
        mutt_str_replace (&SmimeCryptAlg, "rc2-128");
        break;
-    case 6: /* forget it */
+    case 6: /* clear */
        break;
     }
     break;
@@ -1977,7 +1978,7 @@
     if(!SmimeDefaultKey)
        mutt_message("Can\'t sign: No key specified. use sign(as).");
     else
-       msg->security ^= SIGN;
+       msg->security = SIGN;
     break;
 
   case 4: /* sign (a)s */
@@ -1998,10 +1999,10 @@
     break;
 
   case 5: /* (b)oth */
-    msg->security |= (ENCRYPT | SIGN);
+    msg->security = (ENCRYPT | SIGN);
     break;
 
-  case 6: /* (f)orget it */
+  case 6: /* (c)lear */
     msg->security = 0;
     break;
   }

Attachment: pgp3VB5DZ7weJ.pgp
Description: PGP signature