<<< Date Index >>>     <<< Thread Index >>>

Re: incorporating s/mime - one last question



* Christoph Ludwig <cludwig@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> [07-10-2003 17:03]:

> On Tue, Oct 07, 2003 at 05:07:30PM +0300, Odhiambo Washington wrote:
> > I would like to sign only using my s/mime key, and not gpg.
> > When composing (mostly when replying) I see this when I am about
> > to send:

[...]

> >   S/MIME: Sign
> >  sign as: <default> sign as: 1234567c.0
> >  ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

[...]

> > How can I setup so that it defaults to just 
> > sign as: 1234567c.0
> 
> Did you set smime_is_default and smime_default_key? 
> Did you perhaps set any pgp_* variable in your .muttrc that may
> interfere with the S/MIME support? 

This is fixed in the CVS.  When replying, mutt 1.5.4 messes things up.
Attached patch by Thomas Roessler should fix the problems, and here is
the CVS log entry that explains a little more.  The patch should apply
to 1.5.4.

HTH, if not, please e-mail me,

-- 
René Clerc                      - (rene@xxxxxxxx) - PGP: 0x9ACE0AC7

Retteb sif lahd, noces ehttub, but the second half is better.
-A palindrome
? core.28264
? core.3732
? core.3789
? patch-1.5.3-CVS.tlr.idna.1
? patch-1.5.4.tlr.pgpsmimeautoselect.1
? typescript
Index: init.h
===================================================================
RCS file: /cvs/mutt/mutt/init.h,v
retrieving revision 3.37
diff -u -r3.37 init.h
--- init.h      2 Apr 2003 08:28:24 -0000       3.37
+++ init.h      11 Apr 2003 19:48:42 -0000
@@ -359,6 +359,22 @@
   ** will be saved for later references.  Also see ``$$record'',
   ** ``$$save_name'', ``$$force_name'' and ``$fcc-hook''.
   */
+  { "crypt_autopgp",   DT_BOOL, R_NONE, OPTCRYPTAUTOPGP, 1 },
+  /*
+  ** .pp
+  ** This variable controls whether or not mutt may automatically enable
+  ** PGP encryption/signing for messages.  See also ``$$crypt_autoencrypt'',
+  ** ``$$crypt_replyencrypt'',
+  ** ``$$crypt_autosign'', ``$$crypt_replysign'' and ``$$smime_is_default''.
+  */
+  { "crypt_autosmime", DT_BOOL, R_NONE, OPTCRYPTAUTOSMIME, 1 },
+  /*
+  ** .pp
+  ** This variable controls whether or not mutt may automatically enable
+  ** S/MIME encryption/signing for messages. See also ``$$crypt_autoencrypt'',
+  ** ``$$crypt_replyencrypt'',
+  ** ``$$crypt_autosign'', ``$$crypt_replysign'' and ``$$smime_is_default''.
+  */
   { "date_format",     DT_STR,  R_BOTH, UL &DateFmt, UL "!%a, %b %d, %Y at 
%I:%M:%S%p %Z" },
   /*
   ** .pp
@@ -1287,7 +1303,7 @@
   ** operations. To override and to use OpenSSL instead this must be set.
   ** However, this has no effect while replying, since mutt will automatically 
   ** select the same application that was used to sign/encrypt the original
-  ** message.
+  ** message.  (Note that this variable can be overridden by unsetting 
$$crypt_autosmime.)
   ** (S/MIME only)
   */
   { "smime_ask_cert_label",    DT_BOOL, R_NONE, OPTASKCERTLABEL, 1 },
Index: mutt.h
===================================================================
RCS file: /cvs/mutt/mutt/mutt.h,v
retrieving revision 3.16
diff -u -r3.16 mutt.h
--- mutt.h      2 Apr 2003 08:28:24 -0000       3.16
+++ mutt.h      11 Apr 2003 19:48:42 -0000
@@ -427,6 +427,8 @@
   
   OPTCRYPTAUTOSIGN,
   OPTCRYPTAUTOENCRYPT,
+  OPTCRYPTAUTOPGP,
+  OPTCRYPTAUTOSMIME,
   OPTCRYPTREPLYENCRYPT,
   OPTCRYPTREPLYSIGN,
   OPTCRYPTREPLYSIGNENCRYPTED,
Index: send.c
===================================================================
RCS file: /cvs/mutt/mutt/send.c,v
retrieving revision 3.23
diff -u -r3.23 send.c
--- send.c      11 Apr 2003 15:15:04 -0000      3.23
+++ send.c      11 Apr 2003 19:48:42 -0000
@@ -1250,36 +1250,50 @@
        msg->security |= ENCRYPT;
       if (option (OPTCRYPTREPLYSIGN) && cur && (cur->security & SIGN))
        msg->security |= SIGN;
-      if (option (OPTCRYPTREPLYSIGNENCRYPTED) && cur && cur->security & 
ENCRYPT)
+      if (option (OPTCRYPTREPLYSIGNENCRYPTED) && cur && (cur->security & 
ENCRYPT))
        msg->security |= SIGN;
     }      
 
-    if (WithCrypto && msg->security && cur)
+    if (WithCrypto && msg->security)
     {
-      if ((WithCrypto & APPLICATION_SMIME)
-          && ((cur->security & APPLICATION_SMIME)
-              || option (OPTSMIMEISDEFAULT)))
-        msg->security |= APPLICATION_SMIME;
-
-      if ((WithCrypto & APPLICATION_PGP) && (cur->security & APPLICATION_PGP))
+      /* 
+       * When reypling / forwarding, use the original message's
+       * crypto system.  According to the documentation,
+       * smime_is_default should be disregarded here.
+       * 
+       * Problem: At least with forwarding, this doesn't really
+       * make much sense. Should we have an option to completely
+       * disable individual mechanisms at run-time?
+       */
+      if (cur)
       {
-       msg->security &= ~APPLICATION_SMIME;
-        msg->security |= APPLICATION_PGP;
+       if ((WithCrypto & APPLICATION_PGP) && option (OPTCRYPTAUTOPGP) 
+           && (cur->security & APPLICATION_PGP))
+         msg->security |= APPLICATION_PGP;
+       else if ((WithCrypto & APPLICATION_SMIME) && option (OPTCRYPTAUTOSMIME)
+                && (cur->security & APPLICATION_SMIME))
+         msg->security |= APPLICATION_SMIME;
       }
-      if ((WithCrypto & APPLICATION_SMIME)
-          && !(cur->security & (APPLICATION_PGP|APPLICATION_SMIME)))
-       msg->security |= APPLICATION_PGP;
-    }
-    else if ((WithCrypto & APPLICATION_PGP) && msg->security)
-    {
-      msg->security |= APPLICATION_PGP;
-      if ((WithCrypto & APPLICATION_SMIME) && option (OPTSMIMEISDEFAULT))
+      
+      /*
+       * No crypto mechanism selected? Use availability + smime_is_default
+       * for the decision. 
+       */
+      if (!(msg->security & (APPLICATION_SMIME | APPLICATION_PGP)))
       {
-        msg->security |= APPLICATION_SMIME;
-        msg->security &= ~APPLICATION_PGP;
+       if ((WithCrypto & APPLICATION_SMIME) && option (OPTCRYPTAUTOSMIME) 
+           && option (OPTSMIMEISDEFAULT))
+         msg->security |= APPLICATION_SMIME;
+       else if ((WithCrypto & APPLICATION_PGP) && option (OPTCRYPTAUTOPGP))
+         msg->security |= APPLICATION_PGP;
+       else if ((WithCrypto & APPLICATION_SMIME) && option (OPTCRYPTAUTOSMIME))
+         msg->security |= APPLICATION_SMIME;
       }
     }
-
+    
+    /* No permissible mechanisms found.  Don't sign. */
+    if (!(msg->security & (APPLICATION_SMIME|APPLICATION_PGP)))
+      msg->security = 0;
   }
   /* wait until now to set the real name portion of our return address so
      that $realname can be set in a send-hook */

Attachment: pgpQ5LqIosJOR.pgp
Description: PGP signature