On Tue, Jun 26, 2018 at 08:08:10AM -0400, Vincent Lefevre wrote: > On 2018-06-25 14:02:33 -0700, Kevin J. McCarthy wrote: > > On Mon, Jun 25, 2018 at 04:39:19PM -0400, Vincent Lefevre wrote: > > > It seems that a recent change has broken PGP decryption: > > > I now get a failure from gnupg. No issues with Mutt from > > > Debian/unstable. > > > > > > I don't have the time for the moment to look at this more closely. > > > > Vincent, would you mind invoking debug '-d 2' and posting the section > > starting with 'pgp_check_decryption_okay:'? > > There's no such section, but: > > [...] > [2018-06-26 08:03:54] parse_parameter: `filename' = `msg.asc' > [2018-06-26 08:03:56] mutt_pgp_command: gpg --passphrase-fd 0 > --no-verbose --batch -o - > /var/tmp/mutt-zira-1000-10409-1833246164453793250
It looks like you may have customized the $pgp_decrypt_command. Mutt expects '--status-fd=2' to be in there so it can read the status output from gpg. The next stable release (1.10.1) will contain a new option, $pgp_check_gpg_decrypt_status_fd, by default set, that scans the control channel to check spoofed encrypted emails. See <https://gitlab.com/muttmua/mutt/issues/39>. If you don't want to scan, you should turn off $pgp_check_decrypt_status_fd. The '--no-verbose' option listed in contrib/gpg.rc is also very important, and protects against a status-fd injection attack. This is fixed by the most recent release of gpg2, but I recommend leaving it in. -- Kevin J. McCarthy GPG Fingerprint: 8975 A9B3 3AA3 7910 385C 5308 ADEF 7684 8031 6BDA
signature.asc
Description: PGP signature
