From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.io/gmane.emacs.gnus.general/46650 Path: main.gmane.org!not-for-mail From: Simon Josefsson Newsgroups: gmane.emacs.gnus.general Subject: Re: S/MIME + additional certificate files Date: Mon, 23 Sep 2002 17:52:46 +0200 Sender: owner-ding@hpc.uh.edu Message-ID: References: NNTP-Posting-Host: localhost.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-2 Content-Transfer-Encoding: quoted-printable X-Trace: main.gmane.org 1032796474 15875 127.0.0.1 (23 Sep 2002 15:54:34 GMT) X-Complaints-To: usenet@main.gmane.org NNTP-Posting-Date: Mon, 23 Sep 2002 15:54:34 +0000 (UTC) Cc: ding@gnus.org Return-path: Original-Received: from malifon.math.uh.edu ([129.7.128.13]) by main.gmane.org with esmtp (Exim 3.35 #1 (Debian)) id 17tVXc-00047s-00 for ; Mon, 23 Sep 2002 17:54:33 +0200 Original-Received: from sina.hpc.uh.edu ([129.7.128.10] ident=lists) by malifon.math.uh.edu with esmtp (Exim 3.20 #1) id 17tVWP-0008DT-00; Mon, 23 Sep 2002 10:53:17 -0500 Original-Received: by sina.hpc.uh.edu (TLB v0.09a (1.20 tibbs 1996/10/09 22:03:07)); Mon, 23 Sep 2002 10:53:55 -0500 (CDT) Original-Received: from sclp3.sclp.com (qmailr@sclp3.sclp.com [209.196.61.66]) by sina.hpc.uh.edu (8.9.3/8.9.3) with SMTP id KAA08610 for ; Mon, 23 Sep 2002 10:53:39 -0500 (CDT) Original-Received: (qmail 26817 invoked by alias); 23 Sep 2002 15:52:50 -0000 Original-Received: (qmail 26811 invoked from network); 23 Sep 2002 15:52:49 -0000 Original-Received: from 178.230.13.217.in-addr.dgcsystems.net (HELO yxa.extundo.com) (217.13.230.178) by gnus.org with SMTP; 23 Sep 2002 15:52:49 -0000 Original-Received: from latte.josefsson.org (yxa.extundo.com [217.13.230.178]) by yxa.extundo.com (8.12.6/8.12.6) with ESMTP id g8NFqkn2030148; Mon, 23 Sep 2002 17:52:46 +0200 Original-To: beaker@iavmb.pl (Krzysztof =?iso-8859-2?q?J=EAdruczyk?=) Mail-Copies-To: nobody X-Hashcash: 0:020923:beaker@iavmb.pl:1035b4d1e667e96a X-Hashcash: 0:020923:ding@gnus.org:a516d70785ae4ce4 In-Reply-To: (beaker@iavmb.pl's message of "Mon, 23 Sep 2002 16:46:42 +0200") Original-Lines: 39 User-Agent: Gnus/5.090008 (Oort Gnus v0.08) Emacs/21.2 (i386-debian-linux-gnu) Precedence: list X-Majordomo: 1.94.jlt7 Xref: main.gmane.org gmane.emacs.gnus.general:46650 X-Report-Spam: http://spam.gmane.org/gmane.emacs.gnus.general:46650 beaker@iavmb.pl (Krzysztof J=EAdruczyk) writes: > Hello, > > I've recently tried to send some S/MIME signed messages and > encountered a problem, which I believe lies in gnus' smime.el. The > problem is that even if I specify additional certificate files in > smime-keys variable - they don't get attached to signature. This > might cause with verification - depending on what certs recipient > has already installed (the certification path will be incomplete). > > I've searched google for reports on this particular problem, and found > nothing. So - I looked at it myself.=20 > > I identified the problem to be in smime-sign-buffer, which in turn > passes keyfile retrieved with smime-get-key-by-email to > smime-sign-region. The problem is that smime-get-key-by-email returns > only the key without accompanying additional certs. The sign command only need the key to sign something. By reading the OpenSSL S/MIME man page it seems that -certfile should be specified to solve this problem. What does the following do? (Untested, it might mail your private key...) Index: smime.el =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /usr/local/cvsroot/gnus/lisp/smime.el,v retrieving revision 6.26 diff -u -p -u -w -r6.26 smime.el --- smime.el 2002/04/11 19:49:45 6.26 +++ smime.el 2002/09/23 16:35:08 @@ -254,6 +254,7 @@ key and certificate itself." (when (prog1 (apply 'smime-call-openssl-region b e (list buffer tmpfile) "smime" "-sign" "-signer" (expand-file-name keyfile) + "-certfile" (expand-file-name keyfile) (append (smime-make-certfiles certfiles) (if passphrase