GNU bug report logs - #6654
23.2; mml-secure-message-encrypt-smime can't handle multiple recipients

Previous Next

Packages: gnus, emacs;

Reported by: Jay Berkenbilt <ejb <at> ql.org>

Date: Fri, 16 Jul 2010 18:28:01 UTC

Severity: normal

Found in version 23.2

Done: Daiki Ueno <ueno <at> unixuser.org>

Bug is archived. No further changes may be made.

To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 6654 in the body.
You can then email your comments to 6654 AT debbugs.gnu.org in the normal way.

Toggle the display of automated, internal messages from the tracker.

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to owner <at> debbugs.gnu.org, bug-gnu-emacs <at> gnu.org:
bug#6654; Package emacs. (Fri, 16 Jul 2010 18:28:01 GMT) Full text and rfc822 format available.
Acknowledgement sent to Jay Berkenbilt <ejb <at> ql.org>:
New bug report received and forwarded. Copy sent to bug-gnu-emacs <at> gnu.org. (Fri, 16 Jul 2010 18:28:01 GMT) Full text and rfc822 format available.

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Jay Berkenbilt <ejb <at> ql.org>
To: bug-gnu-emacs <at> gnu.org
Subject: 23.2;
	mml-secure-message-encrypt-smime can't handle multiple recipients
Date: Fri, 16 Jul 2010 14:27:31 -0400

When attempting to send an encrypted message to multiple recipients,
mml-secure-message-encrypt-smime creates a "secure" mml tag contains a
separate certfile attribute for each recipient.  For example (with !
below replaced by #):

<!secure method=smime mode=signencrypt keyfile="~/certs/key.pem" certfile="~/certs/c1.pem" certfile="~/certs/c2.pem">

This gets parsed and eventually ends up in mml-parse-1.  In this block
of code:

       ((looking-at "<#secure")
	;; The secure part is essentially a meta-meta tag, which
	;; expands to either a part tag if there are no other parts in
	;; the document or a multipart tag if there are other parts
	;; included in the message
	(let* (secure-mode
	       (taginfo (mml-read-tag))
	       (keyfile (cdr (assq 'keyfile taginfo)))
	       (certfile (cdr (assq 'certfile taginfo)))
	       (recipients (cdr (assq 'recipients taginfo)))
	       (sender (cdr (assq 'sender taginfo)))
	       (location (cdr (assq 'tag-location taginfo)))
	       (mode (cdr (assq 'mode taginfo)))
	       (method (cdr (assq 'method taginfo)))
	       tags)

you can see that certfile is set by calling (assq 'certfile taginfo),
which loses all but the first certfile.  This causes it to be mapped
into this:

<!part sign=smime encrypt=smime keyfile="~/certs/key.pem" certfile="~/certs/c1.pem">

(again with ! replaced by #).

If you start off with

<!part sign=smime encrypt=smime keyfile="~/certs/key.pem" certfile="~/certs/c1.pem" certfile="~/certs/c2.pem">

and proceed to send the message, the message is encrypted with multiple
recipients as expected.


In GNU Emacs 23.2.1 (x86_64-unknown-linux-gnu, GTK+ Version 2.10.4)
 of 2010-05-25 on motoko.argon.local
Windowing system distributor `The X.Org Foundation', version 11.0.70101000
configured using `configure  '--prefix=/opt/tps/packages/linux.x86_64.rhel5/emacs-23.2-1''

Important settings:
  value of $LC_ALL: nil
  value of $LC_COLLATE: nil
  value of $LC_CTYPE: nil
  value of $LC_MESSAGES: nil
  value of $LC_MONETARY: nil
  value of $LC_NUMERIC: nil
  value of $LC_TIME: nil
  value of $LANG: en_US.UTF-8
  value of $XMODIFIERS: @im=none
  locale-coding-system: utf-8-unix
  default enable-multibyte-characters: t

Major mode: Summary

Minor modes in effect:
  gnus-agent-mode: t
  diff-auto-refine-mode: t
  which-function-mode: t
  tooltip-mode: t
  mouse-wheel-mode: t
  file-name-shadow-mode: t
  global-font-lock-mode: t
  font-lock-mode: t
  blink-cursor-mode: t
  auto-encryption-mode: t
  auto-compression-mode: t
  column-number-mode: t
  line-number-mode: t

Recent input:
p s - b u i l d - i t e m s SPC i n SPC y o u r SPC 
C-a C-k T h e r e SPC a r e SPC o t h e r SPC w o r 
k a r o u n d s , SPC b u t SPC s e t t i n g SPC N 
O _ I C C SPC i s SPC a SPC r e a s o n a b l e SPC 
s o l u t i o n . SPC S-SPC I SPC s u p <backspace> 
s p e c t SPC y o u SPC m u s t SPC h a v e SPC N O 
_ X L C = 1 C-p M-f = 1 C-n SPC s o m e w h e r e SPC 
i n SPC y o r u <backspace> <backspace> u r SPC s e 
t u p SPC t o o SPC o r SPC e l s e SPC y o u ' d SPC 
b e SPC g e t t i n g SPC e r r o r s SPC a b o u t 
SPC x l c M-q SPC o n SPC t h e SPC h y d r a s . <return> 
<return> - - J a y C-n C-c C-c s s C-x C-g C-g M-x 
b u g <M-backspace> s e n d SPC e m SPC <M-backspace> 
<M-backspace> e m a c <M-backspace> b u g SPC SPC <M-backspace> 
<M-backspace> e m a c s SPC b SPC <M-backspace> <M-backspace> 
<M-backspace> r e p r t <backspace> <backspace> o t 
<tab> <backspace> <tab> r t <tab> b <tab> <return>

Recent messages:
waiting for TLS response...
Sending...done
Quit
Making completion list...
C-c C-g is undefined
Quit
Undo!
Type C-x 4 C-o RET to restore the other window.
Quit
C-c RET c s runs the command mml-secure-message-encrypt-smime

Load-path shadows:
/home/jberkenb/elisp/startup hides /opt/tps/packages/linux.x86_64.rhel5/emacs-23.2-1/share/emacs/23.2/lisp/startup

Features:
(shadow warnings emacsbug debug find-func diff-mode tabify man assoc
mule-util dabbrev perl-mode log-edit easy-mmode pcvs-util add-log vc-rcs
fg-lisp-indent help-mode view flow-fill mml-smime sh-script executable
tls newcomment rmail auth-source starttls mailalias q-valid-addr
flyspell ispell epa-file epa derived epg multi-isearch w3m-form
w3m-symbol sort gnus-cite ansi-color mail-extr gnus-async gnus-bcklg
parse-time gnus-ml disp-table vc-accurev paranoid-backup byte-opt
bytecomp byte-compile nndraft nnmh nnfolder gnus-agent gnus-srvr
gnus-score score-mode nnvirtual gnus-msg gnus-art mm-uu mml2015
epg-config mm-view smime dig nntp gnus-cache gnus-sum gnus-group
gnus-undo nndoc nnoo nnmail mail-source format-spec gnus-start gnus-spec
gnus-int gnus-range gnus-win gnus gnus-ems vc-svn vc vc-dispatcher w3m
browse-url doc-view image-mode dired timezone w3m-hist w3m-fb w3m-ems
w3m-ccl ccl w3m-favicon w3m-image w3m-proc w3m-util qmime qmime-compose
qmime-view which-func imenu filecache server uniquify compile ange-ftp
comint ring message ecomplete rfc822 mml mml-sec password-cache
mm-decode mm-bodies mm-encode mailcap mail-parse rfc2231 rfc2047 rfc2045
qp ietf-drums mailabbrev nnheader gnus-util netrc time-date mm-util
mail-prsvr gmm-utils mailheader canlock sha1 hex-util hashcash
mail-utils cc-styles cc-align cc-engine cc-vars cc-defs smtpmail
sendmail regexp-opt project advice help-fns advice-preload jka-compr
cus-edit easymenu wid-edit cus-start cus-load edmacro kmacro cl cl-19
tooltip ediff-hook vc-hooks lisp-float-type mwheel x-win x-dnd
font-setting tool-bar dnd fontset image fringe lisp-mode register page
menu-bar rfn-eshadow timer select scroll-bar mldrag mouse jit-lock
font-lock syntax facemenu font-core frame cham georgian utf-8-lang
misc-lang vietnamese tibetan thai tai-viet lao korean japanese hebrew
greek romanian slovak czech european ethiopic indian cyrillic chinese
case-table epa-hook jka-cmpr-hook help simple abbrev loaddefs button
minibuffer faces cus-face files text-properties overlay md5 base64
format env code-pages mule custom widget hashtable-print-readable
backquote make-network-process dbusbind system-font-setting
font-render-setting gtk x-toolkit x multi-tty emacs)
Information forwarded to owner <at> debbugs.gnu.org, bug-gnu-emacs <at> gnu.org, bugs <at> gnus.org:
bug#6654; Package emacs,gnus. (Tue, 20 Jul 2010 02:09:02 GMT) Full text and rfc822 format available.

Message #8 received at 6654 <at> debbugs.gnu.org (full text, mbox):

From: Daiki Ueno <ueno <at> unixuser.org>
To: Jay Berkenbilt <ejb <at> ql.org>
Cc: 6654 <at> debbugs.gnu.org
Subject: Re: bug#6654: 23.2;
	mml-secure-message-encrypt-smime can't handle multiple recipients
Date: Tue, 20 Jul 2010 11:08:51 +0900

[Message part 1 (text/plain, inline)]
Hi,

Jay Berkenbilt <ejb <at> ql.org> writes:

> When attempting to send an encrypted message to multiple recipients,
> mml-secure-message-encrypt-smime creates a "secure" mml tag contains a
> separate certfile attribute for each recipient.  For example (with !
> below replaced by #):
>
> <!secure method=smime mode=signencrypt keyfile="~/certs/key.pem" certfile="~/certs/c1.pem" certfile="~/certs/c2.pem">
[...]
> you can see that certfile is set by calling (assq 'certfile taginfo),
> which loses all but the first certfile.  This causes it to be mapped
> into this:
>
> <!part sign=smime encrypt=smime keyfile="~/certs/key.pem" certfile="~/certs/c1.pem">

Thanks for the analysis.  Could you try the attached patch?  If ok, I'll
apply it to the trunk and close this bug.


[mml-secure-smime-multiple-certfile.diff (text/x-patch, inline)]
=== modified file 'lisp/gnus/mml.el'
--- lisp/gnus/mml.el	2010-05-06 04:15:34 +0000
+++ lisp/gnus/mml.el	2010-07-20 01:56:14 +0000
@@ -228,7 +228,10 @@
 	(let* (secure-mode
 	       (taginfo (mml-read-tag))
 	       (keyfile (cdr (assq 'keyfile taginfo)))
-	       (certfile (cdr (assq 'certfile taginfo)))
+	       (certfiles (delq nil (mapcar (lambda (tag)
+					      (if (eq (car-safe tag) 'certfile)
+						  (cdr tag)))
+					    taginfo)))
 	       (recipients (cdr (assq 'recipients taginfo)))
 	       (sender (cdr (assq 'sender taginfo)))
 	       (location (cdr (assq 'tag-location taginfo)))
@@ -254,8 +257,10 @@
 				 ,@tags
 				 ,(if keyfile "keyfile")
 				 ,keyfile
-				 ,(if certfile "certfile")
-				 ,certfile
+				 ,@(apply #'append
+					  (mapcar (lambda (certfile)
+						    (list "certfile" certfile))
+						  certfiles))
 				 ,(if recipients "recipients")
 				 ,recipients
 				 ,(if sender "sender")


[Message part 3 (text/plain, inline)]
Regards,
-- 
Daiki Ueno
Information forwarded to owner <at> debbugs.gnu.org, bug-gnu-emacs <at> gnu.org, bugs <at> gnus.org:
bug#6654; Package emacs,gnus. (Tue, 20 Jul 2010 16:59:01 GMT) Full text and rfc822 format available.

Message #11 received at 6654 <at> debbugs.gnu.org (full text, mbox):

From: Jay Berkenbilt <ejb <at> ql.org>
To: Daiki Ueno <ueno <at> unixuser.org>
Cc: "6654 <at> debbugs.gnu.org" <6654 <at> debbugs.gnu.org>
Subject: Re: bug#6654: 23.2;
	mml-secure-message-encrypt-smime can't handle multiple recipients
Date: Tue, 20 Jul 2010 12:58:43 -0400

Daiki Ueno <ueno <at> unixuser.org> wrote:

> Thanks for the analysis.  Could you try the attached patch?  If ok,
> I'll apply it to the trunk and close this bug.

The patch seems to work fine.  After applying the patch, I was able to
send a message with multiple recipients and to decode the message with
either key.  Thanks!  (I still had to remove the keyfile attribute and
be prompted to get the extra certs included with the message, but I
reported that in a separate bug.)

-- 
Jay Berkenbilt <ejb <at> ql.org>
Reply sent to Daiki Ueno <ueno <at> unixuser.org>:
You have taken responsibility. (Wed, 21 Jul 2010 06:05:02 GMT) Full text and rfc822 format available.
Notification sent to Jay Berkenbilt <ejb <at> ql.org>:
bug acknowledged by developer. (Wed, 21 Jul 2010 06:05:02 GMT) Full text and rfc822 format available.

Message #16 received at 6654-done <at> debbugs.gnu.org (full text, mbox):

From: Daiki Ueno <ueno <at> unixuser.org>
To: 6654-done <at> debbugs.gnu.org
Subject: Re: bug#6654: 23.2;
	mml-secure-message-encrypt-smime can't handle multiple recipients
Date: Wed, 21 Jul 2010 15:04:52 +0900

Jay Berkenbilt <ejb <at> ql.org> writes:

> The patch seems to work fine.  After applying the patch, I was able to
> send a message with multiple recipients and to decode the message with
> either key.

Thanks.  Applied as r100861.

Regards,
-- 
Daiki Ueno
bug archived. Request was from Debbugs Internal Request <help-debbugs <at> gnu.org> to internal_control <at> debbugs.gnu.org. (Wed, 18 Aug 2010 11:24:03 GMT) Full text and rfc822 format available.
This bug report was last modified 15 years and 7 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.