Your message dated Thu, 08 Sep 2016 22:37:26 +0000
with message-id <[email protected]>
and subject line Bug#639533: fixed in mutt 1.7.0-2
has caused the Debian Bug report #639533,
regarding mutt: smime_decrypt_command, switch to openssl cms command please
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
639533: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=639533
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: mutt
Version: 1.5.21-5
Severity: wishlist
Hi,
I received a S/MIME encrypted message this week and mutt was unable to
decrypt a message with the output:
Error reading S/MIME message
4147550360:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong
tag:tasn_dec.c:1319:
4147550360:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1
error:tasn_dec.c:381:Type=PKCS7_ISSUER_AND_SERIAL
4147550360:error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested
asn1 error:tasn_dec.c:751:Field=issuer_and_serial, Type=PKCS7_RECIP_INFO
4147550360:error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested
asn1 error:tasn_dec.c:711:Field=recipientinfo, Type=PKCS7_ENVELOPE
4147550360:error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested
asn1 error:tasn_dec.c:751:
4147550360:error:0D08403A:asn1 encoding routines:ASN1_TEMPLATE_EX_D2I:nested
asn1 error:tasn_dec.c:579:Field=d.enveloped, Type=PKCS7
After some googling I found the message:
http://www.mail-archive.com/[email protected]/msg60596.html
with the hint:
<cite>
Looks like that isn't a PKCS#7 structure but a CMS structure (which is a
superset of PKCS#7). Try the cms command in OpenSSL 1.0.0 instead.
</cite>
I tried the mutt configuration change:
diff --git a/Muttrc.d/smime.rc b/Muttrc.d/smime.rc
index efb0b6e..8da824c 100644
--- a/Muttrc.d/smime.rc
+++ b/Muttrc.d/smime.rc
@@ -74,7 +74,7 @@ set smime_sign_command="openssl smime -sign -signer %c -inkey
%k -passin stdin -
#Section C: Incoming messages
# Decrypt a message. Output is a MIME entity.
-set smime_decrypt_command="openssl smime -decrypt -passin stdin -inform DER
-in %f -inkey %k -recip %c"
+set smime_decrypt_command="openssl cms -decrypt -passin stdin -inform DER -in
%f -inkey %k -recip %c"
# Verify a signature of type multipart/signed
set smime_verify_command="openssl smime -verify -inform DER -in %s %C -content
%f"
It was sufficient to decrypt the problematic message. I tried to sent an
encrypted message to myself using Mutt and this message was also
decrypted correctly. Some farther testing is maybe needed.
Best Regards
--
Zito
-- Package-specific info:
Mutt 1.5.21 (2010-09-15)
Copyright (C) 1996-2009 Michael R. Elkins and others.
Mutt comes with ABSOLUTELY NO WARRANTY; for details type `mutt -vv'.
Mutt is free software, and you are welcome to redistribute it
under certain conditions; type `mutt -vv' for details.
System: Linux 3.0.0-1-amd64 (x86_64)
ncurses: ncurses 5.9.20110404 (compiled with 5.9)
libidn: 1.22 (compiled with 1.20)
hcache backend: tokyocabinet 1.4.37
Compile options:
-DOMAIN
+DEBUG
-HOMESPOOL +USE_SETGID +USE_DOTLOCK +DL_STANDALONE +USE_FCNTL -USE_FLOCK
+USE_POP +USE_IMAP +USE_SMTP
-USE_SSL_OPENSSL +USE_SSL_GNUTLS +USE_SASL +USE_GSS +HAVE_GETADDRINFO
+HAVE_REGCOMP -USE_GNU_REGEX
+HAVE_COLOR +HAVE_START_COLOR +HAVE_TYPEAHEAD +HAVE_BKGDSET
+HAVE_CURS_SET +HAVE_META +HAVE_RESIZETERM
+CRYPT_BACKEND_CLASSIC_PGP +CRYPT_BACKEND_CLASSIC_SMIME +CRYPT_BACKEND_GPGME
-EXACT_ADDRESS -SUN_ATTACHMENT
+ENABLE_NLS -LOCALES_HACK +COMPRESSED +HAVE_WC_FUNCS +HAVE_LANGINFO_CODESET
+HAVE_LANGINFO_YESEXPR
+HAVE_ICONV -ICONV_NONTRANS +HAVE_LIBIDN +HAVE_GETSID +USE_HCACHE
-ISPELL
SENDMAIL="/usr/sbin/sendmail"
MAILPATH="/var/mail"
PKGDATADIR="/usr/share/mutt"
SYSCONFDIR="/etc"
EXECSHELL="/bin/sh"
MIXMASTER="mixmaster"
To contact the developers, please mail to <[email protected]>.
To report a bug, please visit http://bugs.mutt.org/.
misc/am-maintainer-mode
features/ifdef
features/xtitles
features/trash-folder
features/purge-message
features/imap_fast_trash
features/sensible_browser_position
features-old/patch-1.5.4.vk.pgp_verbose_mime
features/compressed-folders
features/compressed-folders.debian
debian-specific/Muttrc
debian-specific/Md.etc_mailname_gethostbyname.diff
debian-specific/use_usr_bin_editor.diff
debian-specific/correct_docdir_in_man_page.diff
debian-specific/dont_document_not_present_features.diff
debian-specific/document_debian_defaults
debian-specific/assumed_charset-compat
debian-specific/467432-write_bcc.patch
debian-specific/566076-build_doc_adjustments.patch
misc/define-pgp_getkeys_command.diff
misc/gpg.rc-paths
misc/smime.rc
upstream/531430-imapuser.patch
upstream/537818-emptycharset.patch
upstream/543467-thread-segfault.patch
upstream/542817-smimekeys-tmpdir.patch
upstream/548577-gpgme-1.2.patch
upstream/553321-ansi-escape-segfault.patch
upstream/568295-references.patch
upstream/547980-smime_keys-chaining.patch
upstream/528233-readonly-open.patch
upstream/228671-pipe-mime.patch
upstream/383769-score-match.patch
upstream/578087-header-strchr.patch
upstream/603288-split-fetches.patch
upstream/537061-dont-recode-saved-attachments.patch
upstream/608706-fix-spelling-errors.patch
upstream/620854-pop3-segfault.patch
upstream/611412-bts-regexp.patch
upstream/624058-gnutls-deprecated-set-priority.patch
upstream/624085-gnutls-deprecated-verify-peers.patch
upstream/584138-mx_update_context-segfault.patch
upstream/619216-gnutls-CN-validation.patch
upstream/611410-no-implicit_autoview-for-text-html.patch
upstream/path_max
mutt.org
-- System Information:
Debian Release: wheezy/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (x86_64)
Kernel: Linux 3.0.0-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=cs_CZ.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages mutt depends on:
ii libc6 2.13-18 Embedded GNU C Library: Shared lib
ii libcome 1.42~WIP-2011-07-02-1 common error description library
ii libgnut 2.12.7-7 GNU TLS library - runtime library
ii libgpg- 1.10-0.3 library for common error values an
ii libgpgm 1.2.0-1.4 GPGME - GnuPG Made Easy
ii libgssa 1.9.1+dfsg-2 MIT Kerberos runtime libraries - k
ii libidn1 1.22-3 GNU Libidn library, implementation
ii libk5cr 1.9.1+dfsg-2 MIT Kerberos runtime libraries - C
ii libkrb5 1.9.1+dfsg-2 MIT Kerberos runtime libraries
ii libncur 5.9-1 shared libraries for terminal hand
ii libsasl 2.1.24~rc1.dfsg1+cvs2011-05-23-6 Cyrus SASL - authentication abstra
ii libtoky 1.4.37-6.1 Tokyo Cabinet Database Libraries [
Versions of packages mutt recommends:
ii exim4-d 4.76-2 lightweight Exim MTA (v4) daemon
ii libsasl 2.1.24~rc1.dfsg1+cvs2011-05-23-6 Cyrus SASL - pluggable authenticat
ii locales 2.13-18 Embedded GNU C Library: National L
ii mime-su 3.51-1 MIME files 'mime.types' & 'mailcap
Versions of packages mutt suggests:
ii aspell 0.60.7~20110707-1 GNU Aspell spell-checker
ii ca-certificates 20110502 Common CA certificates
ii gnupg 1.4.11-3 GNU privacy guard - a free PGP rep
ii ispell 3.3.02-5 International Ispell (an interacti
pn mixmaster <none> (no description available)
ii openssl 1.0.0d-3 Secure Socket Layer (SSL) binary a
ii urlview 0.9-19 Extracts URLs from text
Versions of packages mutt is related to:
ii mutt 1.5.21-5 text-based mailreader supporting M
pn mutt-dbg <none> (no description available)
pn mutt-patched <none> (no description available)
-- no debconf information
--- End Message ---
--- Begin Message ---
Source: mutt
Source-Version: 1.7.0-2
We believe that the bug you reported is fixed in the latest version of
mutt, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Antonio Radici <[email protected]> (supplier of updated mutt package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 29 Aug 2016 21:27:08 +0100
Source: mutt
Binary: mutt
Architecture: source
Version: 1.7.0-2
Distribution: unstable
Urgency: medium
Maintainer: Mutt maintainers <[email protected]>
Changed-By: Antonio Radici <[email protected]>
Description:
mutt - text-based mailreader supporting MIME, GPG, PGP and threading
Closes: 96144 423931 549204 569038 599136 618425 639533 644992 741213 757141
774746 819196 824832 828751 832971 833192 834448 836148 836812
Changes:
mutt (1.7.0-2) unstable; urgency=medium
.
* debian/patches:
+ upstream/833192-preserve-messageid-for-postponed-emails.patch: do not
remove the message-id of postponed emails (Closes: 833192).
+ upstream/819196-disable-X-in-message-scoring.patch: to disable ~X in
message scoring, as upstream requested (Closes: 819196).
+ upstream/757141-date-format-length.patch: allow more space for
date_format
(Closes: 757141).
+ upstream/644992-ipv6-literal.patch: to parse ipv6 literal addresses
properly (Closes: 644992).
+ upstream/741213-dsa-elgamal-keys-length.patch: to correctly extract the
length of DSA and Elgamal keys (Closes: 741213).
+ upstream/549204-clear-N-on-readonly-imap-folders.patch: to clear the N
flag on readonly IMAP mailboxes (Closes: 549204).
+ upstream/569038-interrupt-socket-read-write.patch: allow the interruption
of operations which can be long-running
(Closes: 569038, 774746, 423931, 599136, 618425).
+ upstream/openssl-1.1-build.patch: to build against openssl 1.1
+ neomutt-devel/832971-reset-xlabel.patch to reset X-Label properly for
newer versions of mutt (Closes: 832971).
+ neomutt-devel/836812-user-agent-temp-fix.patch: hardcode the NeoMutt
version, it will be fixed in the next NeoMutt release (Closes: 836812).
+ neomutt-devel/834448-restore-i-pager-binding.patch: restored the 'i'
binding to exit from the pager (Closes: 834448).
+ debian-specific/828751-pinentry-gpg2-support.patch: enable gpgme by
default, delegating all crypto to gnupg (Closes: 96144, 828751, 824832).
+ misc/smime.rc.patch: switch to 'openssl cms' for decrypt (superset of
smime) (Closes: 639533).
* debian/extra/rc/notmuch.rc: restored the notmuch keybindings
(Closes: 836148).
* debian/NEWS: added information about GPGME being enabled by default.
Checksums-Sha1:
bd330d076f98d6f6b495b14f5e4304aef5a11092 2165 mutt_1.7.0-2.dsc
7e996d68f3cca799410236a331013be2e2553614 255840 mutt_1.7.0-2.debian.tar.xz
Checksums-Sha256:
bef7b5cc73000f68efa0d7131eea0fef747440398f59e9faf0c66fb14932836c 2165
mutt_1.7.0-2.dsc
cce475d3f0eb28b46a860659295d8c32f146d4e4867ae944540c58da26d1b3dc 255840
mutt_1.7.0-2.debian.tar.xz
Files:
f7d3d0c85f834167017151ca0d30c5b8 2165 mail optional mutt_1.7.0-2.dsc
e76e6b51ea2e0ae602fccde7c0bb1264 255840 mail optional
mutt_1.7.0-2.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCAAGBQJX0dTMAAoJEDXIyIhyyx7tQLwP/j1Z+8z79Tk1wkszjsNvCKih
b16sYAJFQRg8yekaw46d8aixaoJotsGuyRiuk+yzSHgNiE9cj48luCBhmpZGgQZ1
So3thRaMWWSAdsY8dGBWBm7/YO91YHJo0Tib0wmu4i14JFZS0lXmWaE9dnQTCztz
ZOGuCtkziK+O6ztg7VQAp9+qQNKTqQa7p+HvmHYkn8QVbxhk0TdsO/yJ/EUcMaZZ
UsxvpxMSMssZ+iFCVm475vHQanThi223SO+/6vCEBHdPylY1Coi3AX8X6AcLLjGb
SXQyYRDjDtiEJqvxUsFQdL9FiWnyvs54FKRiUldHoSfcILE0w/cx94ZKvOH+fU63
Ibx+w1Ifoai4nTzUUQhk07FN6ptSR3+TZfiatTTNMktccaIOxS7qdw2d7fNxhMFV
QficJcfpMGO4vp0iVahBJPzMJZzlbb6mGO6+6hW8yl7rcfyQtvnCn7OUzhTZM1QY
zI1n9vVlrXG8lO/nCIOENCJZZ3Jp6bI+Ra1hOR9F5lo2KPWEQf7Z6tUAsfeNX2vM
33JV4yuUPflNU80AlhitNMegyVtSUZUlTC/ldywF4CSiqPuU7DkA0eN/DXA4Asbz
cGoRkNWzz8/34jXH9mNMqPVeYekzK1WZoboxUzUwUi0lAtwHTSK2IAxUW1zUCN1A
032z/piSav/yqwU7eggb
=aEMP
-----END PGP SIGNATURE-----
--- End Message ---
