On Thu, Jul 28, 2022 at 12:57:58PM +0200, Werner Koch wrote:
Mutt is very useful as a tool for sending unattended mails. In particular the easy way to add attachments is very useful, for example to send release notes to customers. However, it is by design not possible to sign such mails. The reason for this might be that for signing you need to unlock your key and without caching the passphrase in gpg-agent this does make much sense.The proposed new option allows to overcome this design decision with less risk of any regression. I am using this patch for more than a half year now and have successfully sent thousands of signed mails with attachments using a straightforward script. Please consider to add this option to Mutt.
Thanks Werner. I have comments inline below. Just as a reminder, I'm only maintaining stable releases at this point, but the option is interesting and deserves comments. :-)
diff --git a/init.h b/init.h
index fa1e3b7d..bc80e3dd 100644
--- a/init.h
+++ b/init.h
@@ -797,6 +797,13 @@ struct option_t MuttVars[] = {
{ "crypt_autosign", DT_BOOL, R_NONE, {.l=OPTCRYPTAUTOSIGN}, {.l=0} },
/*
** .pp
Documentation needs to be after the option, to generate the manual properly.
+ ** This variable controls whether or not mutt may automatically
"may" or "will"? The documentation makes it sound like Mutt will consider it, subject to other options, such as $crypt_autosign.
+ ** PGP signing messages even in batch mode. See also
The code below looks like it will turn on signing for S/MIME too. In classic mode (for PGP and S/MIME) this could cause problems.
I think it would be good to check explicitly that they are either using GPGME, or else PGP with $pgp_use_gpg_agent set. This may be a bit tricky, since Mutt only checks $crypt_use_gpgme at startup to bind the glue functions.
--- a/send.c
+++ b/send.c
@@ -2128,6 +2128,7 @@ static int send_message_resume_first_edit (SEND_CONTEXT
*sctx)
{
int rv = -1;
int killfrom = 0;
+ int sendbatch_flag;
if (sctx->flags & SENDMAILX)
{
@@ -2263,14 +2264,18 @@ static int send_message_resume_first_edit (SEND_CONTEXT
*sctx)
* 3) we are resending a message
* 4) we are recalling a postponed message (don't override the user's saved
settings)
* 5) we are in mailx mode
- * 6) we are in batch mode
+ * 6) we are in batch mode (unless crypt_batchsign is set)
*
* This is done after allowing the user to edit the message so that security
* settings can be configured with send2-hook and $edit_headers.
*/
- if (WithCrypto && (sctx->msg->security == 0) && !(sctx->flags & (SENDBATCH |
SENDMAILX | SENDPOSTPONED | SENDRESEND)))
+ sendbatch_flag = option (OPTCRYPTBATCHSIGN)? 0 : SENDBATCH;
+ if (WithCrypto && (sctx->msg->security == 0)
+ && !(sctx->flags & (sendbatch_flag | SENDMAILX | SENDPOSTPONED |
SENDRESEND)))
{
- if (
+ if (option (OPTCRYPTBATCHSIGN))
+ sctx->msg->security |= SIGN;
So again, this logic needs to be different if $crypt_batchsign defers to $crypt_autosign to actually enable signing.
Overall I'm a little nervous how the Mutt code behaves with respect to quadoptions and prompts and such. I guess you've tested it quite a bit, but I'd still want to look through the code throroughly, since up to this point Mutt assumed crypto was always interactive if needed.
-- Kevin J. McCarthy GPG Fingerprint: 8975 A9B3 3AA3 7910 385C 5308 ADEF 7684 8031 6BDA
signature.asc
Description: PGP signature
