Arne Jørgensen <arne@arnested.dk> writes:

>  - havent verified this recently, but I think gnus will send a message
>    even though openssl fails (ie because of a typo in the password).
>    This should probably be considered a security bug.

It will send a mail unsigned if you make an error typing your
password.

The attach patch will avoid this (and also if encryption fails).

The patch also adds a bit to the doc for `smime-ldap-host-list'.

And since the PEM format is just a base64 of DER there is really no
reason to call openssl to do the conversion so I rewrote
`smime-cert-by-ldap-1' to use `base64-encode-string' instead. Also in
the patch.

Kind regards,
-- 
Arne Jørgensen <http://arnested.dk/>