<<< Date Index >>>     <<< Thread Index >>>

Re: For 1.5.9 - fixed smime-encrypt-self patch



On Wed, Feb 23, 2005 at 10:02:04PM +0900, TAKAHASHI Tamotsu wrote:
> On Fri, 18 Feb 2005, Christoph Ludwig wrote:
> > On Fri, Feb 18, 2005 at 06:06:33PM +0900, Tamotsu Takahashi wrote:
> > > The problem was fixed last year.
> > > You can add "encrypt-to YOURFINGERPRINT" to your ~/.gnupg/gpgsm.conf.
> > 
> > Oh, sorry, I misunderstood you. 
> > 
> > But when I try to add "encrypt-to FINGERPRINT" then mutt's gpgme backend 
> > fails
> > silently: If I choose "sign as" and enter "cludwig" then I don't get a list 
> > of
> > my certificates anymore but I am prompted for a selection criterion
> > again. Looking at the GnuPG logs in kwatchgnupg I see that gpgsm 
> > successfully
> > validates the certificate I specified in the "encrypt-to" directive, but it
> > does not do anything else. Here is the log with "encrypt-to" (with 
> > abbreviated
> > signature values and hash values):
> <snip>
> 
> Then you were in "for(;;)" in crypt_ask_for_key() in crypt-gpgme.c.
> And, I guess that crypt_getkeybystr() failed to return valid keys.
> More guess is that get_candidates() returned NULL.
> 
> But I haven't figured out where the bug is.
> 
> get_candidates() uses mutt_error() for most errors, but it does not
> use mutt_sleep() after the error. So you can't see the error if
> another error is shown right after that.
> So, if you want to debug it, you can replace mutt_error("%s",e)
> with dprint(5,(debugfile,"%s",e)), configure with "--enable-debug",
> and invoke mutt with "-d 5". Error messages will be recorded in
> your ~/.muttdebug0.
> 
> crypt_getkeybyaddr() uses mutt_message() and dprint().

sorry, I didn't have time yet to find out why the key selection in mutt fails
if I set the encrypt-to option in gpgsm.conf.

Since 1.5.9 is supposed to be released soon I am interested if other users of
the gpgme backend experience the same problem. If not, then it is a local
problem and there is no urgent need for my smime-encrypt-self patch. (Except
that I'd argue that this kind of option belongs in .muttrc, not gpgsm.conf, if
only for consistency. It is confusing if the user needs to configure, e.g.,
smime_default_key in .muttrc, butt smime_encrypt_self or the corresponding
encrypt-to in gpgsm.conf.)

But if others have the same problem, then I think my patch is a reasonable
workaround for 1.5.9 until someone has time to find and fix the bug. If for
some reason the gpgme backend maintainers don't want to keep it then it can be
reverted once the encrypt-to problem is fixed. That would affect only those
users who need the smime-encrypt-self functionality because they'd need to
modify their .muttrc and gpgsm.conf once the patch is reverted. But I think
the alternative - not having the smime-encrypt-self functionality with 1.5.9 -
is worse.

Regards

Christoph

-- 
http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/cludwig.html
LiDIA: http://www.informatik.tu-darmstadt.de/TI/LiDIA/Welcome.html