<<< Date Index >>>     <<< Thread Index >>>

Re: smime signature default changes



* hal King <hck@xxxxxxx> [14-10-2003 18:27]:

> Thanks for the response but,
> The patch addresses 1.5.1 I'm using 1.5.4i. The patch does not function in 
> the source directory, nor above (where it would fail on directory). Are you 
> saying I need to go back to 1.5.1?

The patch you attached looks like something that was mocked up by me,
indeed for mutt 1.5.1.  But it was not the patch I referred to, nor
was it attached to message <20031007222829.GF5516@xxxxxxxx>..

Here is the patch I meant..

-- 
René Clerc                      - (rene@xxxxxxxx) - PGP: 0x9ACE0AC7

No woman, no cry.
-Bob Marley
? core.28264
? core.3732
? core.3789
? patch-1.5.3-CVS.tlr.idna.1
? patch-1.5.4.tlr.pgpsmimeautoselect.1
? typescript
Index: init.h
===================================================================
RCS file: /cvs/mutt/mutt/init.h,v
retrieving revision 3.37
diff -u -r3.37 init.h
--- init.h      2 Apr 2003 08:28:24 -0000       3.37
+++ init.h      11 Apr 2003 19:48:42 -0000
@@ -359,6 +359,22 @@
   ** will be saved for later references.  Also see ``$$record'',
   ** ``$$save_name'', ``$$force_name'' and ``$fcc-hook''.
   */
+  { "crypt_autopgp",   DT_BOOL, R_NONE, OPTCRYPTAUTOPGP, 1 },
+  /*
+  ** .pp
+  ** This variable controls whether or not mutt may automatically enable
+  ** PGP encryption/signing for messages.  See also ``$$crypt_autoencrypt'',
+  ** ``$$crypt_replyencrypt'',
+  ** ``$$crypt_autosign'', ``$$crypt_replysign'' and ``$$smime_is_default''.
+  */
+  { "crypt_autosmime", DT_BOOL, R_NONE, OPTCRYPTAUTOSMIME, 1 },
+  /*
+  ** .pp
+  ** This variable controls whether or not mutt may automatically enable
+  ** S/MIME encryption/signing for messages. See also ``$$crypt_autoencrypt'',
+  ** ``$$crypt_replyencrypt'',
+  ** ``$$crypt_autosign'', ``$$crypt_replysign'' and ``$$smime_is_default''.
+  */
   { "date_format",     DT_STR,  R_BOTH, UL &DateFmt, UL "!%a, %b %d, %Y at 
%I:%M:%S%p %Z" },
   /*
   ** .pp
@@ -1287,7 +1303,7 @@
   ** operations. To override and to use OpenSSL instead this must be set.
   ** However, this has no effect while replying, since mutt will automatically 
   ** select the same application that was used to sign/encrypt the original
-  ** message.
+  ** message.  (Note that this variable can be overridden by unsetting 
$$crypt_autosmime.)
   ** (S/MIME only)
   */
   { "smime_ask_cert_label",    DT_BOOL, R_NONE, OPTASKCERTLABEL, 1 },
Index: mutt.h
===================================================================
RCS file: /cvs/mutt/mutt/mutt.h,v
retrieving revision 3.16
diff -u -r3.16 mutt.h
--- mutt.h      2 Apr 2003 08:28:24 -0000       3.16
+++ mutt.h      11 Apr 2003 19:48:42 -0000
@@ -427,6 +427,8 @@
   
   OPTCRYPTAUTOSIGN,
   OPTCRYPTAUTOENCRYPT,
+  OPTCRYPTAUTOPGP,
+  OPTCRYPTAUTOSMIME,
   OPTCRYPTREPLYENCRYPT,
   OPTCRYPTREPLYSIGN,
   OPTCRYPTREPLYSIGNENCRYPTED,
Index: send.c
===================================================================
RCS file: /cvs/mutt/mutt/send.c,v
retrieving revision 3.23
diff -u -r3.23 send.c
--- send.c      11 Apr 2003 15:15:04 -0000      3.23
+++ send.c      11 Apr 2003 19:48:42 -0000
@@ -1250,36 +1250,50 @@
        msg->security |= ENCRYPT;
       if (option (OPTCRYPTREPLYSIGN) && cur && (cur->security & SIGN))
        msg->security |= SIGN;
-      if (option (OPTCRYPTREPLYSIGNENCRYPTED) && cur && cur->security & 
ENCRYPT)
+      if (option (OPTCRYPTREPLYSIGNENCRYPTED) && cur && (cur->security & 
ENCRYPT))
        msg->security |= SIGN;
     }      
 
-    if (WithCrypto && msg->security && cur)
+    if (WithCrypto && msg->security)
     {
-      if ((WithCrypto & APPLICATION_SMIME)
-          && ((cur->security & APPLICATION_SMIME)
-              || option (OPTSMIMEISDEFAULT)))
-        msg->security |= APPLICATION_SMIME;
-
-      if ((WithCrypto & APPLICATION_PGP) && (cur->security & APPLICATION_PGP))
+      /* 
+       * When reypling / forwarding, use the original message's
+       * crypto system.  According to the documentation,
+       * smime_is_default should be disregarded here.
+       * 
+       * Problem: At least with forwarding, this doesn't really
+       * make much sense. Should we have an option to completely
+       * disable individual mechanisms at run-time?
+       */
+      if (cur)
       {
-       msg->security &= ~APPLICATION_SMIME;
-        msg->security |= APPLICATION_PGP;
+       if ((WithCrypto & APPLICATION_PGP) && option (OPTCRYPTAUTOPGP) 
+           && (cur->security & APPLICATION_PGP))
+         msg->security |= APPLICATION_PGP;
+       else if ((WithCrypto & APPLICATION_SMIME) && option (OPTCRYPTAUTOSMIME)
+                && (cur->security & APPLICATION_SMIME))
+         msg->security |= APPLICATION_SMIME;
       }
-      if ((WithCrypto & APPLICATION_SMIME)
-          && !(cur->security & (APPLICATION_PGP|APPLICATION_SMIME)))
-       msg->security |= APPLICATION_PGP;
-    }
-    else if ((WithCrypto & APPLICATION_PGP) && msg->security)
-    {
-      msg->security |= APPLICATION_PGP;
-      if ((WithCrypto & APPLICATION_SMIME) && option (OPTSMIMEISDEFAULT))
+      
+      /*
+       * No crypto mechanism selected? Use availability + smime_is_default
+       * for the decision. 
+       */
+      if (!(msg->security & (APPLICATION_SMIME | APPLICATION_PGP)))
       {
-        msg->security |= APPLICATION_SMIME;
-        msg->security &= ~APPLICATION_PGP;
+       if ((WithCrypto & APPLICATION_SMIME) && option (OPTCRYPTAUTOSMIME) 
+           && option (OPTSMIMEISDEFAULT))
+         msg->security |= APPLICATION_SMIME;
+       else if ((WithCrypto & APPLICATION_PGP) && option (OPTCRYPTAUTOPGP))
+         msg->security |= APPLICATION_PGP;
+       else if ((WithCrypto & APPLICATION_SMIME) && option (OPTCRYPTAUTOSMIME))
+         msg->security |= APPLICATION_SMIME;
       }
     }
-
+    
+    /* No permissible mechanisms found.  Don't sign. */
+    if (!(msg->security & (APPLICATION_SMIME|APPLICATION_PGP)))
+      msg->security = 0;
   }
   /* wait until now to set the real name portion of our return address so
      that $realname can be set in a send-hook */

Attachment: pgp4o6tNByxoo.pgp
Description: PGP signature