Bug#310205: mutt: problem verifying smime signed message when also signed with pgp
----- Forwarded message from Matijs van Zuijlen <Matijs.van.Zuijlen@xxxxxxxxx>
-----
Subject: Bug#310205: mutt: problem verifying smime signed message when also
signed with pgp
Reply-To: Matijs van Zuijlen <Matijs.van.Zuijlen@xxxxxxxxx>,
310205@xxxxxxxxxxxxxxx
Original-Sender: Matijs van Zuijlen <matijs@xxxxxxxxxxxxx>
From: Matijs van Zuijlen <Matijs.van.Zuijlen@xxxxxxxxx>
To: Debian Bug Tracking System <submit@xxxxxxxxxxxxxxx>
Package: mutt
Version: 1.5.9-1
Severity: normal
I have recieved a message that consists of an s/mime signed message that
has subsequently been signed with pgp. When trying to verify the s/mime
signature, mutt passes the whole message to openssl. openssl sees the outer
multipart/signed content type, finds the signature, and then fails because
the signature is not of type application/pkcs7-signature but of type
application/pgp-signature:
Error reading S/MIME message
24052:error:2107A08D:PKCS7 routines:SMIME_read_PKCS7:sig invalid mime
type:pk7_mime.c:281:type: ___ication/pgp-signature
(The mime type is in fact garbled with characters I cannot input here, due
to a bug in openssl's error reporting, see #310184. This has nothing to do
with the present problem.)
It seems that for this to work properly mutt needs to pass just the s/mime
signed message part to openssl, without the pgp signature.
-- System Information:
Debian Release: 3.1
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: powerpc (ppc)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.8-powerpc
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Versions of packages mutt depends on:
ii exim [mail-transport-agent] 3.36-17 An MTA (Mail Transport Agent)
ii libc6 2.3.2.ds1-22 GNU C Library: Shared libraries an
ii libdb4.3 4.3.27-2 Berkeley v4.3 Database Libraries [
ii libgnutls11 1.0.16-13 GNU TLS library - runtime library
ii libidn11 0.5.13-1.0 GNU libidn library, implementation
ii libncursesw5 5.4-4 Shared libraries for terminal hand
ii libsasl2 2.1.19-1.5 Authentication abstraction library
-- no debconf information
----- End forwarded message -----
--
ciao,
Marco