[prev in list] [next in list] [prev in thread] [next in thread]
List: mutt-dev
Subject: Re: [PATCH] Incorrect handling of pgp decryption
From: "Kevin J. McCarthy" <kevin () 8t8 ! us>
Date: 2020-07-29 18:42:22
Message-ID: 20200729184222.GF148859 () afu ! lan
[Download RAW message or body]
On Wed, Jul 29, 2020 at 07:22:24PM +0200, sachamutt@s0c4.net wrote:
> today, after a great desperation with my PGP setup and pgp_decrypt_command, I have \
> noticed bug(?) in pgp.c when handling return value of pgp_check_decryption_okay().
> From the mentioned function comments, and from usage on line 564, I think we are \
> good for rc=-2 and above, yet on line 1011 we are considering the function failed \
> for rc<0. With my one-line patch, mutt is again decrypting messages as expected.
I'm not officially here, but a quick NAK on this patch.
The 564 checks are for inline "BEGIN PGP MESSAGE" blocks, and display a
status message if the MESSAGE is in fact not an encrypted block. The
comments there explain this pretty clearly.
The 1011 checks are for PGP/MIME, and they protect against spoofing.
Use the contrib/gpg.rc file. If you don't use that, or don't care about
spoofed encryption then feel free to unset
$pgp_check_gpg_decrypt_status_fd and the fallback $pgp_decryption_okay;
but the patch is incorrect.
--
Kevin J. McCarthy
GPG Fingerprint: 8975 A9B3 3AA3 7910 385C 5308 ADEF 7684 8031 6BDA
["signature.asc" (application/pgp-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic