From: Simon Josefsson <jas@extundo.com>
Cc: ding@gnus.org
Subject: Re: S/MIME + additional certificate files
Date: Mon, 23 Sep 2002 17:52:46 +0200 [thread overview]
Message-ID: <iluy99saek1.fsf@latte.josefsson.org> (raw)
In-Reply-To: <ubs6o4vcd.fsf@hot.pl> (beaker@iavmb.pl's message of "Mon, 23 Sep 2002 16:46:42 +0200")
beaker@iavmb.pl (Krzysztof Jędruczyk) writes:
> Hello,
>
> I've recently tried to send some S/MIME signed messages and
> encountered a problem, which I believe lies in gnus' smime.el. The
> problem is that even if I specify additional certificate files in
> smime-keys variable - they don't get attached to signature. This
> might cause with verification - depending on what certs recipient
> has already installed (the certification path will be incomplete).
>
> I've searched google for reports on this particular problem, and found
> nothing. So - I looked at it myself.
>
> I identified the problem to be in smime-sign-buffer, which in turn
> passes keyfile retrieved with smime-get-key-by-email to
> smime-sign-region. The problem is that smime-get-key-by-email returns
> only the key without accompanying additional certs.
The sign command only need the key to sign something. By reading the
OpenSSL S/MIME man page it seems that -certfile should be specified to
solve this problem. What does the following do? (Untested, it might
mail your private key...)
Index: smime.el
===================================================================
RCS file: /usr/local/cvsroot/gnus/lisp/smime.el,v
retrieving revision 6.26
diff -u -p -u -w -r6.26 smime.el
--- smime.el 2002/04/11 19:49:45 6.26
+++ smime.el 2002/09/23 16:35:08
@@ -254,6 +254,7 @@ key and certificate itself."
(when (prog1
(apply 'smime-call-openssl-region b e (list buffer tmpfile)
"smime" "-sign" "-signer" (expand-file-name keyfile)
+ "-certfile" (expand-file-name keyfile)
(append
(smime-make-certfiles certfiles)
(if passphrase
next prev parent reply other threads:[~2002-09-23 15:52 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-09-23 14:46 Krzysztof Jędruczyk
2002-09-23 15:52 ` Simon Josefsson [this message]
2002-09-23 15:58 ` Simon Josefsson
2002-09-23 16:58 ` Krzysztof Jędruczyk
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=iluy99saek1.fsf@latte.josefsson.org \
--to=jas@extundo.com \
--cc=ding@gnus.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).