GNU bug report logs - #67931
[PATCH] Use S/MIME key from content for mail signing via OpenSSL

Previous Next

Package: emacs;

Reported by: Illia Ostapyshyn <illia <at> yshyn.com>

Date: Wed, 20 Dec 2023 13:59:01 UTC

Severity: normal

Tags: patch

Done: Eric Abrahamsen <eric <at> ericabrahamsen.net>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Eric Abrahamsen <eric <at> ericabrahamsen.net>
To: Illia Ostapyshyn <illia <at> yshyn.com>
Cc: larsi <at> gnus.org, Eli Zaretskii <eliz <at> gnu.org>, 67931 <at> debbugs.gnu.org, stefankangas <at> gmail.com
Subject: bug#67931: [PATCH] Use S/MIME key from content for mail signing via OpenSSL
Date: Tue, 07 May 2024 19:20:30 -0700

Eric Abrahamsen <eric <at> ericabrahamsen.net> writes:

> Illia Ostapyshyn <illia <at> yshyn.com> writes:
>
>> Eli Zaretskii <eliz <at> gnu.org> writes:
>>
>>>> Cc: Lars Ingebrigtsen <larsi <at> gnus.org>, 17780 <at> debbugs.gnu.org,
>>>>  Stefan Kangas <stefankangas <at> gmail.com>, Jan Beich <jbeich <at> vfemail.net>,
>>>>  67931 <at> debbugs.gnu.org
>>>> From: Illia Ostapyshyn <illia <at> yshyn.com>
>>>> Date: Mon, 06 May 2024 20:46:33 +0200
>>>> 
>>>> Sorry, forgot to attach the patch, sending it with this email.
>>>
>>> Thanks, I'm adding Eric to the discussion.
>>
>> Thanks!
>>
>> I've realized that reusing certfile parameter for signing will have
>> unintended side-effects when encrypting and signing a message.  When a
>> single signencrypt MML tag is used for both this results in all
>> certfiles passed to both `smime-encrypt-buffer' and `smime-sign-buffer'.
>>
>> I'm sending a new patch that introduces a parameter called chainfile for
>> signatures instead.
>
> Thanks for the report, and the code. I haven't been able to get the
> reproducer to work so far (in Emacs -Q), because it always ends up at
> `mml-smime-sign-query' instead of `mml-smime-sign-buffer', and the
> latter seems to be the only way to (eventually) end up at
> `mml-smime-openssl-sign', where the problem is:
>
> - mml-smime-sign-buffer
> - mml-smime-sign
> - (funcall (nth 1 (assq 'openssl mml-smime-function-alist)))
> - mml-smime-openssl-sign
>
> `mml-smime-sign' is the only place that does (nth 1 (assq 'openssl
> mml-smime-function-alist))
>
> The only way to call `mml-smime-sign-buffer' instead of
> `mml-smime-sign-query' is if some code ran:
>
> (funcall (nth 1 (assoc "smime" mml-sign-alist)))
>
> And so far as I can tell, no code does that.
>
> Obviously you arrived at that function somehow, otherwise we wouldn't
> have this bug report, but so far I can't figure out how!

Bah, I'm sorry, I didn't realize that was only half the recipe. Hang on...
This bug report was last modified 1 year and 100 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.