From c02ab627ddc95a1d21a08277d1f8d09269f2232b Mon Sep 17 00:00:00 2001 From: David Edmondson Date: Mon, 8 Feb 2016 17:46:42 +0000 Subject: [PATCH] Re: Bug#755544: notmuch-emacs: doesn't check gpg/pgp signatures by default --- 9b/e7a720b0df44d862b72ce92a5adb43a46d1b9a | 128 ++++++++++++++++++++++ 1 file changed, 128 insertions(+) create mode 100644 9b/e7a720b0df44d862b72ce92a5adb43a46d1b9a diff --git a/9b/e7a720b0df44d862b72ce92a5adb43a46d1b9a b/9b/e7a720b0df44d862b72ce92a5adb43a46d1b9a new file mode 100644 index 000000000..a5c11dde3 --- /dev/null +++ b/9b/e7a720b0df44d862b72ce92a5adb43a46d1b9a @@ -0,0 +1,128 @@ +Return-Path: +X-Original-To: notmuch@notmuchmail.org +Delivered-To: notmuch@notmuchmail.org +Received: from localhost (localhost [127.0.0.1]) + by arlo.cworth.org (Postfix) with ESMTP id D43206DE0AC2 + for ; Mon, 8 Feb 2016 09:46:48 -0800 (PST) +X-Virus-Scanned: Debian amavisd-new at cworth.org +X-Spam-Flag: NO +X-Spam-Score: -0.008 +X-Spam-Level: +X-Spam-Status: No, score=-0.008 tagged_above=-999 required=5 tests=[AWL=0.059, + DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7, + RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_NEUTRAL=0.652, + UNPARSEABLE_RELAY=0.001] autolearn=disabled +Received: from arlo.cworth.org ([127.0.0.1]) + by localhost (arlo.cworth.org [127.0.0.1]) (amavisd-new, port 10024) + with ESMTP id VQv3DGdiMq9i for ; + Mon, 8 Feb 2016 09:46:47 -0800 (PST) +Received: from mail-wm0-f51.google.com (mail-wm0-f51.google.com + [74.125.82.51]) by arlo.cworth.org (Postfix) with ESMTPS id 9E09E6DE02CE for + ; Mon, 8 Feb 2016 09:46:46 -0800 (PST) +Received: by mail-wm0-f51.google.com with SMTP id p63so126462918wmp.1 + for ; Mon, 08 Feb 2016 09:46:46 -0800 (PST) +DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; + d=dme-org.20150623.gappssmtp.com; s=20150623; + h=to:cc:subject:in-reply-to:references:from:date:message-id + :mime-version:content-type; + bh=cpSssJUkKwE4wK0xkhRQYSJlKv1yc9eiCZg0nIczNVE=; + b=jTOD/qpnQ4gzfsHrp7q8yJ+11gi2KZJ5AoDkE6sfUMfxGIRx6eTEQByVP2kLsqrEUR + rXR4fc9YUD+Z8UoAJg3We3MuzkSIoY+7mRXanV7yVzl/wdfWntogAZ1vWgyeq3xDUs1I + CaeC0pKW2jKpMed6Art43vKzVHJXtDc3QGSiIW0yJyYMHUICb1tgs48/74d/2OyxuFWM + 8GejC6KhMF6FTtxSHDhQjuDnjPHEIXA4Uzm6oY2boKOvzWCdxDxVSysZZOjooJqkdCLn + TDzJg6go/NbSEC801ZSUrSG8Ax34Xh6wbsAhn21nSIxA9Rx7dgm/kbvCQmFhyDhi/aIg + PO8Q== +X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; + d=1e100.net; s=20130820; + h=x-gm-message-state:to:cc:subject:in-reply-to:references:from:date + :message-id:mime-version:content-type; + bh=cpSssJUkKwE4wK0xkhRQYSJlKv1yc9eiCZg0nIczNVE=; + b=cMyMAT0Ie/0GJo0u3kBBIhoD4WV/n9dItDw0APxNSiK/MqIILcyN6nHnXQDCwxPhrW + p4kLQEL16d4uusjrAJs7QoUXw0ussJZUvyfrr0ThXj+i5BIEn8E50gDQYKlJQ/zsCo9t + 0wMAqUohKNEQQafC7s8dD78thXaLMLll7Ga3UHvv6faswQ1agiuy2XEv5nHuU++vOu+9 + mPH/a+qMP9bMyIn8mOFTh0NRzEaiN7a5Wf8kQLn0y/hShSFZGoCk/Ue7GdND/qlvrBjw + 2n+MqxOMLbnpduWpGuVgt6NFYIHjVIqfbmMA3jGoVHCPpf6hLfAAE4scSpmysttvVc13 + /U0g== +X-Gm-Message-State: + AG10YOR83vZCL8T/8USFnat+1oq+dMfD2nzOeHbcP30IbHucqdq1Dsa1xRhY/GfAozzOOA== +X-Received: by 10.28.214.76 with SMTP id n73mr93379wmg.52.1454953605162; + Mon, 08 Feb 2016 09:46:45 -0800 (PST) +Received: from disaster-area.hh.sledj.net + ([2a01:348:1a2:1:ea39:35ff:fe2c:a227]) + by smtp.gmail.com with ESMTPSA id m63sm13722271wmc.3.2016.02.08.09.46.43 + (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); + Mon, 08 Feb 2016 09:46:44 -0800 (PST) +Received: from localhost (disaster-area.hh.sledj.net [local]) + by disaster-area.hh.sledj.net (OpenSMTPD) with ESMTPA id 70883960; + Mon, 8 Feb 2016 17:46:43 +0000 (UTC) +To: David Bremner , + Jameson Graef Rollins , + Vagrant Cascadian , 755544@bugs.debian.org +Cc: notmuch@notmuchmail.org +Subject: Re: Bug#755544: notmuch-emacs: doesn't check gpg/pgp signatures + by default +In-Reply-To: <878unlenhn.fsf@maritornes.cs.unb.ca> +References: <20140721223426.GA5250@siren> + <87silucnfx.fsf@maritornes.cs.unb.ca> + <87iomqxkzp.fsf@servo.finestructure.net> + <878unlenhn.fsf@maritornes.cs.unb.ca> +From: David Edmondson +Date: Mon, 08 Feb 2016 17:46:42 +0000 +Message-ID: +MIME-Version: 1.0 +Content-Type: text/plain +X-BeenThere: notmuch@notmuchmail.org +X-Mailman-Version: 2.1.20 +Precedence: list +List-Id: "Use and development of the notmuch mail system." + +List-Unsubscribe: , + +List-Archive: +List-Post: +List-Help: +List-Subscribe: , + +X-List-Received-Date: Mon, 08 Feb 2016 17:46:49 -0000 + +On Tue, Jul 22 2014, David Bremner wrote: +> Jameson Graef Rollins writes: +> +>> On Mon, Jul 21 2014, David Bremner wrote: +>>> notmuch folks: it seems that in vagrant's message, and several others I +>>> checked, it notmuch-crypto-process-mime==nil, then no signature button +>>> is created at all. +>> +>> Yes, this is true. The signature button is pretty meaningless if we're +>> not processing the signature. +>> +>> Maybe instead by default we could have a signature button that opens up +>> a notmuch-crypto-process-mime customization buffer? +>> +>> jamie. +> +> looking at the source, there is supposed to be some button: + +There is a button for the part (the one that says "[multipart/signed]") +and the help text is associated with that. There is no button +specifically for the signature (because no processing of the signature +took place). + +It wouldn't be complicated to add a button in the case where no checking +was done. Pressing the button could (as suggested) offer up +customisation of the variable (or just open the help). + +I wonder if I could make the button be "[Danger Will Robinson!!!]" in +flashing red and yellow text... + +> ,---- +> | (defun notmuch-show-insert-part-multipart/signed (msg part content-type nth depth button) +> | (button-put button 'face 'notmuch-crypto-part-header) +> | ;; add signature status button if sigstatus provided +> | (if (plist-member part :sigstatus) +> | (let* ((from (notmuch-show-get-header :From msg)) +> | (sigstatus (car (plist-get part :sigstatus)))) +> | (notmuch-crypto-insert-sigstatus-button sigstatus from)) +> | ;; if we're not adding sigstatus, tell the user how they can get it +> | (button-put button 'help-echo "Set notmuch-crypto-process-mime to process cryptographic MIME parts.")) +> `---- -- 2.26.2