bug#7797: Configure the use of from header for epg signing.

Gnus development mailing list
 help / color / mirror / Atom feed

From: Luca Capello <luca@pca.it>
To: Daniel Dehennin <daniel.dehennin@baby-gnu.org>
Cc: 7797@debbugs.gnu.org, Ashish SHUKLA <wahjava.ml@gmail.com>,
	Daiki Ueno <ueno@unixuser.org>,
	rfrancoise@debian.org, ding@gnus.org
Subject: bug#7797: Configure the use of from header for epg signing.
Date: Sun, 16 Jan 2011 21:32:20 +0100	[thread overview]
Message-ID: <87lj2kd1yj.fsf@gismo.pca.it> (raw)
In-Reply-To: <874o9lehkl.fsf@gismo.pca.it>

[-- Attachment #1: Type: text/plain, Size: 4330 bytes --]

Hi there!

On Fri, 07 Jan 2011 14:18:41 +0100, Daiki Ueno wrote:
> Luca Capello <luca@pca.it> writes:
>> Please, can you post it here, so I do not have to download the bzr
>> repository?  The Savannah bzr repository is disabled
>> <http://bzr.savannah.gnu.org/lh/emacs> and the Launhpad one
>> <http://bazaar.launchpad.net/~vcs-imports/emacs/trunk/files> does not
>> have it yet.
>
> Looks git mirror is up to date:
>
> http://git.sv.gnu.org/cgit/emacs.git/commit/?id=3d51f602

It was not at the time of my writing and looking around on the Internet
I was not sure if the Git repository is automatically updated (and when)
or not.

>> I am sorry, but I still think this is not the correct solution, thus I
>> reopened the bug (control server bcc:ed).  I think the cases should be
>> the following, which I have (sort of) explained in my first post and it
>> is similar to Ashish's one at:
>>
>>   <http://lists.gnu.org/archive/html/emacs-devel/2010-12/msg00612.html>
>
> I think there are 2 separate issues:
>
> (1) Gnus now picks signing keys from "From:" header by default. Which is
>     an incompatible behavior change from the previous versions.
>
> (2) mml2015-epg-find-usable-key, a function used to determine whether a
>     key is usable for signing, has a bug.
>
> I fixed (2) as r102771 and you are talking about (1).  

Exactly, but I do not understand the need for (2), since as I wrote in
my previous reply (point 1) IMHO by default EasyPG should do nothing WRT
GnuPG and which keys should be used, especially given that the error
message is useless without a non-nil `epg-debug':

  Message-ID: <87r5cpow4q.fsf@gismo.pca.it>
  URL: <http://debbugs.gnu.org/cgi/bugreport.cgi?bug=7797#16>

Nevertheless, now that things went back to normality (read below), I do
not care such a lot about that.

>> I would have wanted to reply only after having implemented my solution,
>> but since I am quite busy right now (and I will be for the whole next
>> week as well), it is better to put here my ideas *now*.
>
> Well, probably you could first try the patch for (2) and then propose
> improvement ideas for (1) I think :-)

FWIW, your patch for (2) works perfectly (adapted to the
lisp/gnus/mml2015.el local copy I have), tested on both my working
environment and the fresh setup I used to report the bug.

On Fri, 07 Jan 2011 18:29:01 +0100, Daniel Dehennin wrote:
> Here is a patch to make the use of from header conditional, this solve
> issue 1 in [1].
>
> It can be fetched from my Gnus git repository [2].
>
> I do not update the Changelog to avoid conflict, I think changelog can
> be automatically handled by hook when Lars pull in its branch ;-)
>
> This patch is tested by me.

And tested by me as well, *without* Daiki's patch applied, for both
signing...
=====
/usr/bin/gpg --no-tty --status-fd 1 --yes --command-fd 0 --armor --textmode \
--output /tmp/epg-output3395dRp --detach-sign -u 8D3867D89DDB992B
gpg: skipped "8D3867D89DDB992B": unusable secret key
gpg: signing failed: unusable secret key

[patch applied]

/usr/bin/gpg --no-tty --status-fd 1 --yes --command-fd 0 --armor --textmode \
--output /tmp/epg-output3395qbv --detach-sign
[GNUPG:] USERID_HINT D91D57A03BE9F36D Luca Capello <luca@pca.it>
=====

...and encryption to my Debian address:
=====
/usr/bin/gpg --no-tty --status-fd 1 --yes --command-fd 0 --armor --textmode \
 --output /tmp/epg-output355543E --always-trust --encrypt --sign -u 8D3867D89DDB992B -r 06EAA066E397832F
gpg: skipped "8D3867D89DDB992B": unusable secret key
gpg: [stdin]: sign+encrypt failed: unusable secret key

[patch applied]

/usr/bin/gpg --no-tty --status-fd 1 --yes --command-fd 0 --armor --textmode \
 --output /tmp/epg-output3555FCL --always-trust --encrypt --sign -r 06EAA066E397832F
[GNUPG:] USERID_HINT D91D57A03BE9F36D Luca Capello <luca@pca.it>
=====

> @@ -1035,7 +1042,8 @@ If no one is selected, default secret key is used.  "
>    (let ((inhibit-redisplay t)
>  	(context (epg-make-context))
>  	(config (epg-configuration))
> -	(sender (message-options-get 'message-sender))
> +	 (sender (if mml2015-use-from-address
> +		     (message-options-get 'message-sender)))

There are extra spaces before the parenthesis here ;-)

Thx, bye,
Gismo / Luca

[-- Attachment #2: Type: application/pgp-signature, Size: 835 bytes --]

next prev parent reply	other threads:[~2011-01-16 20:32 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <87y66wn972.fsf@broken.deisui.org>
     [not found] ` <874o9lehkl.fsf@gismo.pca.it>
     [not found]   ` <m3ipy1h3l8.fsf-ueno@unixuser.org>
     [not found]     ` <m3r5cp3vlo.fsf-ueno@unixuser.org>
     [not found]       ` <87r5cpow4q.fsf@gismo.pca.it>
2011-01-07 17:29         ` Daniel Dehennin
2011-01-11 19:06           ` Lars Magne Ingebrigtsen
2011-01-16 20:32           ` Luca Capello [this message]
2011-01-16 20:52           ` Daniel Dehennin
2011-01-22 18:51             ` Lars Ingebrigtsen
2011-01-24  3:09               ` Daiki Ueno
2011-01-27 17:18                 ` Julien Danjou
2011-01-28  1:08                   ` Daiki Ueno
2011-02-09 12:03                     ` Luca Capello

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=87lj2kd1yj.fsf@gismo.pca.it \
    --to=luca@pca.it \
    --cc=7797@debbugs.gnu.org \
    --cc=daniel.dehennin@baby-gnu.org \
    --cc=ding@gnus.org \
    --cc=rfrancoise@debian.org \
    --cc=ueno@unixuser.org \
    --cc=wahjava.ml@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).