+2002-10-10 Simon Josefsson <jas@extundo.com>
+
+ * mml-sec.el (mml-smime-encrypt-buffer): Warn about combined signing.
+ (mml-pgp-encrypt-buffer): Support combined signing.
+
+ * mml1991.el (mml1991-mailcrypt-encrypt): Support combined signing.
+ (mml1991-gpg-encrypt): Ditto.
+ (mml1991-pgg-encrypt): Ditto.
+ (mml1991-encrypt): Pass sign parameter.
+
+ * mml-sec.el (mml-signencrypt-style-alist): Defcustom.
+ (mml-signencrypt-style): Mention the variable.
+
+2002-10-09 Simon Josefsson <jas@extundo.com>
+
+ * mml1991.el (mml1991-pgg-sign): Bind pgg-default-user-id, not
+ pgg-gpg-user-id.
+
+ * pgg.el (pgg-insert-url-with-w3): Ignore errors.
+ (pgg-fetch-key-function): Nil if w3 is not installed.
+
2002-10-08 Kai Gro\e,A_\e(Bjohann <Kai.Grossjohann@CS.Uni-Dortmund.DE>
* gnus-agent.el (gnus-agent-fetch-selected-article): Bind
(defvar mml-default-encrypt-method (caar mml-encrypt-alist)
"Default encryption method.")
-(defvar mml-signencrypt-style-alist
+(defcustom mml-signencrypt-style-alist
'(("smime" separate)
("pgp" separate)
("pgpmime" separate))
- "Alist specifying whether or not a single sign & encrypt
-operation should be perfomed when requesting signencrypt.
-Note that combined sign & encrypt is NOT supported by pgp v2!
-Also note that you should access this with mml-signencrypt-style")
-
+ "Alist specifying if `signencrypt' results in two separate operations or not.
+The first entry indicates the MML security type, valid entries include
+the strings \"smime\", \"pgp\", and \"pgpmime\". The second entry is
+a symbol `separate' or `combined' where `separate' means that MML signs
+and encrypt messages in a two step process, and `combined' means that MML
+signs and encrypt the message in one step.
+Note that the `combined' mode is NOT supported by all OpenPGP implementations,
+in particular PGP version 2 does not support it!"
+ :type '(repeat (list (choice (const :tag "S/MIME" "smime")
+ (const :tag "PGP" "pgp")
+ (const :tag "PGP/MIME" "pgpmime")
+ (string :tag "User defined"))
+ (choice (const :tag "Separate" separate)
+ (const :tag "Combined" combined)))))
+
;;; Configuration/helper functions
(defun mml-signencrypt-style (method &optional style)
smime, putting the following in your Gnus startup file will
enable that behavior:
-\(mml-set-signencrypt-style \"smime\" combined)"
+\(mml-set-signencrypt-style \"smime\" combined)
+
+You can also customize or set `mml-signencrypt-style-alist' instead."
(let ((style-item (assoc method mml-signencrypt-style-alist)))
(if style-item
(if (or (eq style 'separate)
(or (mml-smime-sign cont)
(error "Signing failed... inspect message logs for errors")))
-(defun mml-smime-encrypt-buffer (cont)
+(defun mml-smime-encrypt-buffer (cont &optional sign)
+ (when sign
+ (message "Combined sign and encrypt S/MIME not support yet")
+ (sit-for 1))
(or (mml-smime-encrypt cont)
(error "Encryption failed... inspect message logs for errors")))
(or (mml1991-sign cont)
(error "Signing failed... inspect message logs for errors")))
-(defun mml-pgp-encrypt-buffer (cont)
- (or (mml1991-encrypt cont)
+(defun mml-pgp-encrypt-buffer (cont &optional sign)
+ (or (mml1991-encrypt cont sign)
(error "Encryption failed... inspect message logs for errors")))
(defun mml-pgpmime-sign-buffer (cont)
(insert-buffer signature)
(goto-char (point-max)))))
-(defun mml1991-mailcrypt-encrypt (cont)
+(defun mml1991-mailcrypt-encrypt (cont &optional sign)
(let ((text (current-buffer))
+ (mc-pgp-always-sign
+ (or mc-pgp-always-sign
+ sign
+ (eq t (or (message-options-get 'message-sign-encrypt)
+ (message-options-set
+ 'message-sign-encrypt
+ (or (y-or-n-p "Sign the message? ")
+ 'not))))
+ 'never))
cipher
(result-buffer (get-buffer-create "*GPG Result*")))
;; Strip MIME Content[^ ]: headers since it will be ASCII ARMOURED
(insert-buffer signature)
(goto-char (point-max)))))
-(defun mml1991-gpg-encrypt (cont)
+(defun mml1991-gpg-encrypt (cont &optional sign)
(let ((text (current-buffer))
cipher
(result-buffer (get-buffer-create "*GPG Result*")))
(kill-region (point-min) (point))))
(mm-with-unibyte-current-buffer-mule4
(with-temp-buffer
- (unless (gpg-sign-encrypt
- text (setq cipher (current-buffer))
- result-buffer
- (split-string
- (or
- (message-options-get 'message-recipients)
- (message-options-set 'message-recipients
- (read-string "Recipients: ")))
- "[ \f\t\n\r\v,]+")
- nil
- (message-options-get 'message-sender)
- t t) ; armor & textmode
- (unless (> (point-max) (point-min))
- (pop-to-buffer result-buffer)
- (error "Encrypt error")))
+ (flet ((gpg-encrypt-func
+ (sign plaintext ciphertext result recipients &optional
+ passphrase sign-with-key armor textmode)
+ (if sign
+ (gpg-sign-encrypt
+ plaintext ciphertext result recipients passphrase
+ sign-with-key armor textmode)
+ (gpg-encrypt
+ plaintext ciphertext result recipients passphrase
+ armor textmode))))
+ (unless (gpg-encrypt-func
+ sign
+ text (setq cipher (current-buffer))
+ result-buffer
+ (split-string
+ (or
+ (message-options-get 'message-recipients)
+ (message-options-set 'message-recipients
+ (read-string "Recipients: ")))
+ "[ \f\t\n\r\v,]+")
+ nil
+ (message-options-get 'message-sender)
+ t t) ; armor & textmode
+ (unless (> (point-max) (point-min))
+ (pop-to-buffer result-buffer)
+ (error "Encrypt error"))))
(goto-char (point-min))
(while (re-search-forward "\r+$" nil t)
(replace-match "" t t))
(forward-line) ;; skip header/body separator
(kill-region (point-min) (point)))
(quoted-printable-decode-region (point-min) (point-max))
- (unless (let ((pgg-gpg-user-id (message-options-get 'message-sender)))
+ (unless (let ((pgg-default-user-id (message-options-get 'message-sender)))
(pgg-sign-region (point-min) (point-max) t))
(pop-to-buffer pgg-errors-buffer)
(error "Encrypt error"))
(insert "\n")
t))
-(defun mml1991-pgg-encrypt (cont)
+(defun mml1991-pgg-encrypt (cont &optional sign)
(let (headers)
;; Don't sign headers.
(goto-char (point-min))
(message-options-get 'message-recipients)
(message-options-set 'message-recipients
(read-string "Recipients: ")))
- "[ \f\t\n\r\v,]+"))
+ "[ \f\t\n\r\v,]+")
+ sign)
(pop-to-buffer pgg-errors-buffer)
(error "Encrypt error"))
(kill-region (point-min) (point-max))
t))
;;;###autoload
-(defun mml1991-encrypt (cont)
+(defun mml1991-encrypt (cont &optional sign)
(let ((func (nth 2 (assq mml1991-use mml1991-function-alist))))
(if func
- (funcall func cont)
+ (funcall func cont sign)
(error "Cannot find encrypt function"))))
;;;###autoload
(require 'dns)
(require 'message)
-;; BBDB autoloads
-(autoload 'bbdb-search "bbdb-com")
(autoload 'bbdb-records "bbdb-com")
+;; Attempt to load BBDB macros
+(eval-when-compile
+ (condition-case nil
+ (require 'bbdb-com)
+ (error)))
+
+;; autoload executable-find
+(autoload 'executable-find "executable")
+
;;; Main parameters.
(defvar spam-use-blacklist t
Markup from spam recognisers, as well as `Xref', are to be removed from
articles before they get registered by Bogofilter.")
-;; FIXME! I do not know if Gnus has a compatibility function for
-;; `executable-find'. Here is a possible mantra for portability,
-;; until Lars decides how we really should do it.
-(unless (fboundp 'executable-find)
- (if (fboundp 'locate-file)
- (defun executable-find (command)
- (locate-file command exec-path))
- (autoload 'executable-find "executable")))
-;; End of portability mantra for `executable-find'.
-
(defvar spam-bogofilter-path (executable-find "bogofilter")
"File path of the Bogofilter executable program.
Force this variable to nil if you want to inhibit the functionality.")
+2002-10-10 Simon Josefsson <jas@extundo.com>
+
+ * message.texi (Security): Fix.
+
2002-10-04 Simon Josefsson <jas@extundo.com>
* pgg.texi: Document sign parameter.
message a single part tag will be used. This way, message mode will
do the Right Thing (TM) with signed/encrypted multipart messages.
+@vindex mml-signencrypt-style-alist
By default, when encrypting a message, Gnus will use the "signencrypt"
mode. If you would like to disable this for a particular message,
give the mml-secure-message-encrypt-* command a prefix argument. (for
example, C-u C-c C-m c p). Additionally, by default Gnus will
separately sign, then encrypt a message which has the mode
-signencrypt. If you would like to change this behavior use the
-@code{mml-signencrypt-style} function. For example
+signencrypt. If you would like to change this behavior you can
+customize the @code{mml-signencrypt-style-alist} variable. For
+example:
-@code{(mml-signencrypt-style "pgpmime" 'combined)}
+@lisp
+(setq mml-signencrypt-style-alist '(("smime" combined)
+ ("pgp" combined)
+ ("pgpmime" combined)))
+@end lisp
Will cause Gnus to sign and encrypt in one pass, thus generating a
-single signed and encrypted part.
+single signed and encrypted part. Note that combined sign and encrypt
+does not work with all supported OpenPGP implementations (in
+particular, PGP version 2 do not support this).
Since signing and especially encryption often is used when sensitive
information is sent, you may want to have some way to ensure that your
message a single part tag will be used. This way, message mode will
do the Right Thing (TM) with signed/encrypted multipart messages.
+@vindex mml-signencrypt-style-alist
By default, when encrypting a message, Gnus will use the "signencrypt"
mode. If you would like to disable this for a particular message,
give the mml-secure-message-encrypt-* command a prefix argument. (for
example, C-u C-c C-m c p). Additionally, by default Gnus will
separately sign, then encrypt a message which has the mode
-signencrypt. If you would like to change this behavior use the
-@code{mml-signencrypt-style} function. For example
+signencrypt. If you would like to change this behavior you can
+customize the @code{mml-signencrypt-style-alist} variable. For
+example:
-@code{(mml-signencrypt-style "pgpmime" 'combined)}
+
+@lisp
+(setq mml-signencrypt-style-alist '(("smime" combined)
+ ("pgp" combined)
+ ("pgpmime" combined)))
+@end lisp
Will cause Gnus to sign and encrypt in one pass, thus generating a
-single signed and encrypted part.
+single signed and encrypted part. Note that combined sign and encrypt
+does not work with all supported OpenPGP implementations (in
+particular, PGP version 2 do not support this).
Since signing and especially encryption often is used when sensitive
information is sent, you may want to have some way to ensure that your
projects / elisp / gnus.git- / commitdiff