| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
| |
Add pinentry support to GPG for signing, enrypting and decrypting
messages.
Signed-off-by: Koni Marti <koni.marti@gmail.com>
Acked-by: Robin Jarry <robin@jarry.cc>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix the content encoding for GPG-signed messages.
To remove the Mime-Version header field for the signed message part, the
raw message is parsed with go-message. go-message.Read(), however,
decodes the message body as well (i.e. from quoted-printable to UTF8
depending on the Content-Transfer-Encoding header). This means that the
msg.Body field now contains the decoded message (it is no longer encoded
as quoted-printable). We never encode the message back to the proper
Content-Transfer-Encoding.
To fix this, use net/mail.ReadMessage() to parse the headers and to not
decode the message body.
To verify the issue, send a signed message with the following text:
"19+1=20!"
The message will be properly signed, but the text is wrong; it shows
"19+1 !"; instead it should read "19+1=3D20!".
Fixes: 5e443bce ("gpg: fix mime-version header position")
References: https://todo.sr.ht/~rjarry/aerc/79
Signed-off-by: Koni Marti <koni.marti@gmail.com>
Tested-by: Jens Grassel <jens@wegtam.com>
Acked-by: Robin Jarry <robin@jarry.cc>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Some MTAs try to normalize the case of all headers (including signed
text parts headers). Unfortunately, Mime-Version can be normalized to
different casing depending on the implementation (MIME- vs Mime-).
Since the signature is computed on the whole part, including its header,
changing the case can cause the signature to become invalid.
Due to how multipart/signed messages are constructed, we need to hack
around go-message writers to intercept the writing of a text part,
compute its signature and write the actual message with the proper
headers.
Unfortunately, go-message does not allow creating a message writer that
does not insert a Mime-Version header. This causes the Mime-Version
header to be inserted in the wrong place: it is put inside the signed
text part header instead on the top level header. Thus, included in the
signed content.
Make sure to remove any Mime-Version header from the signed part header.
Finally, ensure that Mime-Version is set on the top-level header so that
messages are compliant with RFC 2045.
Fixes: https://todo.sr.ht/~rjarry/aerc/143
Link: https://github.com/emersion/go-message/issues/165
Link: https://github.com/emersion/go-pgpmail/pull/15
Link: https://lists.sr.ht/~rjarry/aerc-devel/%3CCQRPF5EA0TF8.PEJ4AKCEGMFM%40fembook%3E
Changelog-fixed: `Mime-Version` is no longer inserted in signed
text parts headers. MTAs normalizing header case will not corrupt
signatures anymore.
Reported-by: Coco Liliace <chloe@liliace.dev>
Reported-by: Kirill Chibisov <contact@kchibisov.com>
Signed-off-by: Robin Jarry <robin@jarry.cc>
Tested-by: Tim Culverhouse <tim@timculverhouse.com>
|
|
|
|
|
| |
Signed-off-by: Moritz Poldrack <moritz@poldrack.dev>
Acked-by: Robin Jarry <robin@jarry.cc>
|
|
|
|
|
|
|
|
| |
This makes it more explicit for non pgp compatible clients. Without
this, they may show "unnamed part" or "noname".
Signed-off-by: Robin Jarry <robin@jarry.cc>
Acked-by: Moritz Poldrack <moritz@poldrack.dev>
|
|
This commit adds gpg system integration. This is done through two new
packages: gpgbin, which handles the system calls and parsing; and gpg
which is mostly a copy of emersion/go-pgpmail with modifications to
interface with package gpgbin. gpg includes tests for many cases, and
by it's nature also tests package gpgbin. I separated these in case an
external dependency is ever used for the gpg sys-calls/parsing (IE we
mirror how go-pgpmail+openpgp currently are dependencies)
Two new config options are introduced:
* pgp-provider. If it is not explicitly set to "gpg", aerc will default to
it's internal pgp provider
* pgp-key-id: (Optionally) specify a key by short or long keyId
Signed-off-by: Tim Culverhouse <tim@timculverhouse.com>
Acked-by: Koni Marti <koni.marti@gmail.com>
Acked-by: Robin Jarry <robin@jarry.cc>
|