GNU bug report logs - #37025
27.0.50; smime signing and encryption does not work any longer

Previous Next

Package: emacs;

Reported by: Uwe Brauer <oub <at> mat.ucm.es>

Date: Wed, 14 Aug 2019 10:26:02 UTC

Severity: normal

Tags: fixed

Found in version 27.0.50

Fixed in version 27.1

Done: Lars Ingebrigtsen <larsi <at> gnus.org>

Bug is archived. No further changes may be made.

Full log

Message #20 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Uwe Brauer <oub <at> mat.ucm.es>
To: bug-gnu-emacs <at> gnu.org
Subject: Re: bug#37025: [found the culprit]
Date: Thu, 15 Aug 2019 09:38:37 +0200

[Message part 1 (text/plain, inline)]
>>> "TL" == Teemu Likonen <tlikonen <at> iki.fi> writes:

   > Glenn Morris [2019-08-14T21:39:37-04] wrote:
   >> Teemu Likonen wrote:
   >>> Thanks for the report and bisecting. I think we can fix the bug by
   >>> including "--sender" option only with openpgp protocol (i.e. gpg).

   > Because --sender is an OpenPGP thing (gpg) it is logical to narrow its
   > use to that protocol only. Here's the first fix:

A couple of comments. 

    1. A quick fix. Since your patch is not applied. I tried to change
       my setting. To my surprise
       (mml-secure-smime-sign-with-sender nil)
       *did not help*, although I am using smime not opengpg.
       But
       (mml-secure-openpgp-sign-with-sender nil)
       *did help*.
       This should be mentioned in the documentation (NEWS and in the
       relevant doc strings)

    2. I am not sure what will happen with older pgp versions. A quick
       fix would be to set the above variable to nil

    3. I think this issue should be discussed on the devel list.

    4. Who and when your patch will be applied?


[Snip]...



   >> gpg --sender
   -> gpg: invalid option "--sender"  # RHEL 7.6 with gpg 2.0.22
   >> 
   >> The option seems to only by present since gpg 2.1.15.
   >> https://gnupg.org/download/release_notes.html
   >> 
   >> Ideally you should test if it is supported or not.

   > So there should also be version checking in epg.el's epg-start-sign and
   > epg-start-encrypt functions (or somewhere). Currently I don't know if
   > there are useful infrastructure in epg for dealing with different
   > versions of gpg.

Given that circumstance, is your change really worth the effort?

[smime.p7s (application/pkcs7-signature, attachment)]
This bug report was last modified 5 years and 265 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.