From 06bf67a6b9724bf6460c06eff7834fb94b430099 Mon Sep 17 00:00:00 2001 From: Jani Nikula Date: Sat, 5 Apr 2014 12:18:06 +0300 Subject: [PATCH] [PATCH] emacs: sign/encrypt replies to signed/encrypted messages --- 1d/859263749134913b39ebc8d54e1609d4dad008 | 116 ++++++++++++++++++++++ 1 file changed, 116 insertions(+) create mode 100644 1d/859263749134913b39ebc8d54e1609d4dad008 diff --git a/1d/859263749134913b39ebc8d54e1609d4dad008 b/1d/859263749134913b39ebc8d54e1609d4dad008 new file mode 100644 index 000000000..0959e4323 --- /dev/null +++ b/1d/859263749134913b39ebc8d54e1609d4dad008 @@ -0,0 +1,116 @@ +Return-Path: +X-Original-To: notmuch@notmuchmail.org +Delivered-To: notmuch@notmuchmail.org +Received: from localhost (localhost [127.0.0.1]) + by olra.theworths.org (Postfix) with ESMTP id 38E21431FAF + for ; Sat, 5 Apr 2014 02:18:20 -0700 (PDT) +X-Virus-Scanned: Debian amavisd-new at olra.theworths.org +X-Spam-Flag: NO +X-Spam-Score: -0.7 +X-Spam-Level: +X-Spam-Status: No, score=-0.7 tagged_above=-999 required=5 + tests=[RCVD_IN_DNSWL_LOW=-0.7] autolearn=disabled +Received: from olra.theworths.org ([127.0.0.1]) + by localhost (olra.theworths.org [127.0.0.1]) (amavisd-new, port 10024) + with ESMTP id 7z23kfWnNqNu for ; + Sat, 5 Apr 2014 02:18:14 -0700 (PDT) +Received: from mail-we0-f182.google.com (mail-we0-f182.google.com + [74.125.82.182]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) + (No client certificate requested) + by olra.theworths.org (Postfix) with ESMTPS id 83889431FAE + for ; Sat, 5 Apr 2014 02:18:14 -0700 (PDT) +Received: by mail-we0-f182.google.com with SMTP id p61so4532076wes.27 + for ; Sat, 05 Apr 2014 02:18:11 -0700 (PDT) +X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; + d=1e100.net; s=20130820; + h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to + :references; + bh=8LJq/kSp1nWUYUrMDz9AGj8wCQkmfW9jh7oagRmZWsE=; + b=RTgL9pGDL4Wc77oiL7tV/TPOy3CFuSKsUZmpDlwlYFx/2a3zWat/QS5D69yF5xgXpi + cFThOtfp61570JMwfHTF8ghTcaV+SQL5S+9pRTG2wsVcEp6G6tjvB2Oo3jK04ikbvt6G + dm9RfJNFnBUdCVgb2XI64kRWu7bSF/KSP2W0MlmEurMifKQUtwR7wevaGWUhhCliyidK + VS63UGbYCgzcQQawDdkKKrWNqaIRrSiI+NpSjNbebv1qLsiaaxuCWD3DU7KJ6v9NxuZT + OXjOJeeYMEcavQOwL37rC8RiRr1kWgYqTDrYUQCWqNUiQTrtBDHOnoeWc+tLszCK8rw6 + 5hbA== +X-Gm-Message-State: + ALoCoQk2g8AQcn5oOslChySuwAC6Rti21+1l/20JxTAWmCSXulqy0ZxKz6RTVXJ1hlxwDqUnGdW3 +X-Received: by 10.194.187.107 with SMTP id fr11mr26542331wjc.70.1396689490550; + Sat, 05 Apr 2014 02:18:10 -0700 (PDT) +Received: from localhost (dsl-hkibrasgw2-58c36f-91.dhcp.inet.fi. + [88.195.111.91]) + by mx.google.com with ESMTPSA id w1sm25636216eel.16.2014.04.05.02.18.08 + for + (version=TLSv1.2 cipher=RC4-SHA bits=128/128); + Sat, 05 Apr 2014 02:18:09 -0700 (PDT) +From: Jani Nikula +To: notmuch@notmuchmail.org +Subject: [PATCH] emacs: sign/encrypt replies to signed/encrypted messages +Date: Sat, 5 Apr 2014 12:18:06 +0300 +Message-Id: <1396689486-19232-1-git-send-email-jani@nikula.org> +X-Mailer: git-send-email 1.9.1 +In-Reply-To: <87a9f1c8aq.fsf@servo.finestructure.net> +References: <87a9f1c8aq.fsf@servo.finestructure.net> +X-BeenThere: notmuch@notmuchmail.org +X-Mailman-Version: 2.1.13 +Precedence: list +List-Id: "Use and development of the notmuch mail system." + +List-Unsubscribe: , + +List-Archive: +List-Post: +List-Help: +List-Subscribe: , + +X-List-Received-Date: Sat, 05 Apr 2014 09:18:20 -0000 + +This is a simple approach to improving security when replying to +signed or encrypted messages. If the message being replied to was +signed, add mml tag to sign the reply. If the message being replied to +was encrypted, add mml tag to sign and encrypt the reply. + +This may need configuration; I for one might want to encrypt replies +to encrypted messages, but not always sign replies to signed messages. + +This still includes a slight bug: if any mml tags are added, they are +included in the region containing the quoted parts. Killing the region +will kill the mml tags too. +--- + emacs/notmuch-mua.el | 14 +++++++++++++- + 1 file changed, 13 insertions(+), 1 deletion(-) + +diff --git a/emacs/notmuch-mua.el b/emacs/notmuch-mua.el +index ba3ef275ec5e..9fb84b57b030 100644 +--- a/emacs/notmuch-mua.el ++++ b/emacs/notmuch-mua.el +@@ -115,6 +115,15 @@ list." + (push header message-hidden-headers))) + notmuch-mua-hidden-headers)) + ++(defun notmuch-mua-reply-crypto (parts) ++ (loop for part in parts ++ if (notmuch-match-content-type (plist-get part :content-type) "multipart/signed") ++ do (mml-secure-message-sign) ++ else if (notmuch-match-content-type (plist-get part :content-type) "multipart/encrypted") ++ do (mml-secure-message-sign-encrypt) ++ else if (notmuch-match-content-type (plist-get part :content-type) "multipart/*") ++ do (notmuch-mua-reply-crypto (plist-get part :content)))) ++ + (defun notmuch-mua-get-quotable-parts (parts) + (loop for part in parts + if (notmuch-match-content-type (plist-get part :content-type) "multipart/alternative") +@@ -224,7 +233,10 @@ list." + (set-mark (point)) + (goto-char start) + ;; Quote the original message according to the user's configured style. +- (message-cite-original)))) ++ (message-cite-original))) ++ ++ ;; Sign and/or encrypt replies to signed and/or encrypted messages. ++ (notmuch-mua-reply-crypto (plist-get original :body))) + + ;; Push mark right before signature, if any. + (message-goto-signature) +-- +1.9.1 + -- 2.26.2