Your message dated Sun, 21 Jul 2013 11:19:54 +0200 with message-id <201307211119.55144.p...@debian.org> and subject line Re: Bug#710386: kmail: KMail cannot verify signatures for PGP/MIME messages (fixed upstream) has caused the Debian Bug report #710386, regarding kmail: KMail cannot verify signatures for PGP/MIME messages (fixed upstream) to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 710386: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=710386 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: kmail Version: 4:4.4.11.1+l10n-3+b1 Severity: normal Tags: patch Dear Maintainer, KMail (1.3.7) is unable to verify signatures for PGP/MIME encrypted messages. This bug was fixed upstream in https://projects.kde.org/projects/kde/kdepim/repository/revisions/44a3eb070b74414256f8f8ef58f73fd67678f5e4 -- System Information: Debian Release: jessie/sid APT prefers testing APT policy: (650, 'testing'), (600, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.7.1 (SMP w/4 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages kmail depends on: ii kde-runtime 4:4.8.4-2 ii kdepim-runtime 4:4.4.11.1-6 ii kdepimlibs-kio-plugins 4:4.8.4-2 ii libakonadi-contact4 4:4.8.4-2 ii libakonadi-kde4 4:4.8.4-2 ii libc6 2.17-3 ii libgcc1 1:4.8.0-7 ii libgpgme++2 4:4.8.4-2 ii libkabc4 4:4.8.4-2 ii libkcal4 4:4.8.4-2 ii libkcmutils4 4:4.8.4-4 ii libkde3support4 4:4.8.4-4 ii libkdecore5 4:4.8.4-4 ii libkdepim4 4:4.4.11.1+l10n-3+b1 ii libkdeui5 4:4.8.4-4 ii libkhtml5 4:4.8.4-4 ii libkimap4 4:4.8.4-2 ii libkio5 4:4.8.4-4 ii libkldap4 4:4.8.4-2 ii libkleo4 4:4.4.11.1+l10n-3+b1 ii libkmime4 4:4.8.4-2 ii libknotifyconfig4 4:4.8.4-4 ii libkontactinterface4 4:4.8.4-2 ii libkparts4 4:4.8.4-4 ii libkpgp4 4:4.4.11.1+l10n-3+b1 ii libkpimidentities4 4:4.8.4-2 ii libkpimtextedit4 4:4.8.4-2 ii libkpimutils4 4:4.8.4-2 ii libkresources4 4:4.8.4-2 ii libksieve4 4:4.4.11.1+l10n-3+b1 ii libktnef4 4:4.8.4-2 ii libmailtransport4 4:4.8.4-2 ii libmessagecore4 4:4.4.11.1+l10n-3+b1 ii libmessagelist4 4:4.4.11.1+l10n-3+b1 ii libmimelib4 4:4.4.11.1+l10n-3+b1 ii libnepomuk4 4:4.8.4-4 ii libphonon4 4:4.6.0.0-3 ii libqt4-dbus 4:4.8.2+dfsg-11 ii libqt4-network 4:4.8.2+dfsg-11 ii libqt4-qt3support 4:4.8.2+dfsg-11 ii libqt4-xml 4:4.8.2+dfsg-11 ii libqtcore4 4:4.8.2+dfsg-11 ii libqtgui4 4:4.8.2+dfsg-11 ii libstdc++6 4.8.0-7 ii libthreadweaver4 4:4.8.4-4 ii perl 5.14.2-21 ii phonon 4:4.6.0.0-3 Versions of packages kmail recommends: ii gnupg-agent 2.0.20-1 ii gnupg2 2.0.20-1 ii pinentry-gtk2 [pinentry-x11] 0.8.1-1 ii pinentry-qt4 [pinentry-x11] 0.8.1-1 Versions of packages kmail suggests: ii bogofilter 1.2.2+dfsg1-3 pn clamav | f-prot-installer <none> ii kaddressbook 4:4.4.11.1+l10n-3+b1 pn kleopatra <none> ii procmail 3.22-20 -- no debconf informationdiff -Nru kdepim-4.4.11.1+l10n/debian/changelog kdepim-4.4.11.1+l10n/debian/changelog --- kdepim-4.4.11.1+l10n/debian/changelog 2012-06-10 13:12:30.000000000 +0100 +++ kdepim-4.4.11.1+l10n/debian/changelog 2013-05-30 09:48:18.000000000 +0100 @@ -1,3 +1,11 @@ +kdepim (4:4.4.11.1+l10n-3.1) UNRELEASED; urgency=low + + * Non-maintainer upload. + * Backport upstream commit 44a3eb070b74414256f8f8ef58f73fd67678f5e4 to fix + OpenPGP signaure verification + + -- Martin Albrecht <martinralbre...@googlemail.com> Thu, 30 May 2013 09:46:38 +0100 + kdepim (4:4.4.11.1+l10n-3) unstable; urgency=low * Team upload. diff -Nru kdepim-4.4.11.1+l10n/debian/patches/series kdepim-4.4.11.1+l10n/debian/patches/series --- kdepim-4.4.11.1+l10n/debian/patches/series 2012-06-10 12:56:33.000000000 +0100 +++ kdepim-4.4.11.1+l10n/debian/patches/series 2013-05-30 09:39:23.000000000 +0100 @@ -6,3 +6,4 @@ upstream_Build-with-clang.patch upstream_Fix-crash-in-Folder-destructor.patch upstream_in-c4_String-c4_String-only-call-memset-if-the-numbe.patch +upstream-verify-signature-rfc-3156.patch diff -Nru kdepim-4.4.11.1+l10n/debian/patches/upstream-verify-signature-rfc-3156.patch kdepim-4.4.11.1+l10n/debian/patches/upstream-verify-signature-rfc-3156.patch --- kdepim-4.4.11.1+l10n/debian/patches/upstream-verify-signature-rfc-3156.patch 1970-01-01 01:00:00.000000000 +0100 +++ kdepim-4.4.11.1+l10n/debian/patches/upstream-verify-signature-rfc-3156.patch 2013-05-30 09:43:01.000000000 +0100 @@ -0,0 +1,46 @@ +Index: kdepim-4.4.11.1+l10n/kmail/objecttreeparser.cpp +=================================================================== +--- kdepim-4.4.11.1+l10n.orig/kmail/objecttreeparser.cpp 2011-04-20 21:03:31.000000000 +0100 ++++ kdepim-4.4.11.1+l10n/kmail/objecttreeparser.cpp 2013-05-30 09:42:58.466795851 +0100 +@@ -605,8 +605,40 @@ + messagePart.status = i18n("Different results for signatures"); + } + } +- if ( messagePart.status_code & GPGME_SIG_STAT_GOOD ) ++ if ( messagePart.status_code & GPGME_SIG_STAT_GOOD ) { + messagePart.isGoodSignature = true; ++ if ( !doCheck ) { ++ // We have a good signature but did not do a verify, ++ // this means the signature was already validated before by ++ // decryptverify for example. ++ Q_ASSERT( !key.keyID() ); // There should be no key set without doCheck ++ // Search for the key by it's fingerprint so that we can check for ++ // trust etc. ++ ++ Kleo::KeyListJob * job = cryptProto->keyListJob( false ); // local, no sigs ++ ++ if ( !job ) { ++ kDebug() << "The Crypto backend does not support listing keys. "; ++ } else { ++ std::vector<GpgME::Key> found_keys; ++ // As we are local it is ok to make this synchronous ++ GpgME::KeyListResult res = job->exec( QStringList( signature.fingerprint() ), false, found_keys ); ++ if ( res.error() ) { ++ kDebug() << "Error while searching key for Fingerprint: " << signature.fingerprint(); ++ } ++ if ( found_keys.size() > 1 ) { ++ // Should not Happen ++ kDebug() << "Oops: Found more then one Key for Fingerprint: " << signature.fingerprint(); ++ } ++ if ( found_keys.size() != 1 ) { ++ // Should not Happen at this point ++ kDebug() << "Oops: Found no Key for Fingerprint: " << signature.fingerprint(); ++ } else { ++ key = found_keys[0]; ++ } ++ } ++ } ++ } + + // save extended signature status flags + messagePart.sigSummary = signature.summary();diff -Nru kdepim-4.4.11.1+l10n/debian/changelog kdepim-4.4.11.1+l10n/debian/changelog --- kdepim-4.4.11.1+l10n/debian/changelog 2012-06-10 13:12:30.000000000 +0100 +++ kdepim-4.4.11.1+l10n/debian/changelog 2013-05-30 09:48:18.000000000 +0100 @@ -1,3 +1,11 @@ +kdepim (4:4.4.11.1+l10n-3.1) UNRELEASED; urgency=low + + * Non-maintainer upload. + * Backport upstream commit 44a3eb070b74414256f8f8ef58f73fd67678f5e4 to fix + OpenPGP signaure verification + + -- Martin Albrecht <martinralbre...@googlemail.com> Thu, 30 May 2013 09:46:38 +0100 + kdepim (4:4.4.11.1+l10n-3) unstable; urgency=low * Team upload. diff -Nru kdepim-4.4.11.1+l10n/debian/patches/series kdepim-4.4.11.1+l10n/debian/patches/series --- kdepim-4.4.11.1+l10n/debian/patches/series 2012-06-10 12:56:33.000000000 +0100 +++ kdepim-4.4.11.1+l10n/debian/patches/series 2013-05-30 09:39:23.000000000 +0100 @@ -6,3 +6,4 @@ upstream_Build-with-clang.patch upstream_Fix-crash-in-Folder-destructor.patch upstream_in-c4_String-c4_String-only-call-memset-if-the-numbe.patch +upstream-verify-signature-rfc-3156.patch diff -Nru kdepim-4.4.11.1+l10n/debian/patches/upstream-verify-signature-rfc-3156.patch kdepim-4.4.11.1+l10n/debian/patches/upstream-verify-signature-rfc-3156.patch --- kdepim-4.4.11.1+l10n/debian/patches/upstream-verify-signature-rfc-3156.patch 1970-01-01 01:00:00.000000000 +0100 +++ kdepim-4.4.11.1+l10n/debian/patches/upstream-verify-signature-rfc-3156.patch 2013-05-30 09:43:01.000000000 +0100 @@ -0,0 +1,46 @@ +Index: kdepim-4.4.11.1+l10n/kmail/objecttreeparser.cpp +=================================================================== +--- kdepim-4.4.11.1+l10n.orig/kmail/objecttreeparser.cpp 2011-04-20 21:03:31.000000000 +0100 ++++ kdepim-4.4.11.1+l10n/kmail/objecttreeparser.cpp 2013-05-30 09:42:58.466795851 +0100 +@@ -605,8 +605,40 @@ + messagePart.status = i18n("Different results for signatures"); + } + } +- if ( messagePart.status_code & GPGME_SIG_STAT_GOOD ) ++ if ( messagePart.status_code & GPGME_SIG_STAT_GOOD ) { + messagePart.isGoodSignature = true; ++ if ( !doCheck ) { ++ // We have a good signature but did not do a verify, ++ // this means the signature was already validated before by ++ // decryptverify for example. ++ Q_ASSERT( !key.keyID() ); // There should be no key set without doCheck ++ // Search for the key by it's fingerprint so that we can check for ++ // trust etc. ++ ++ Kleo::KeyListJob * job = cryptProto->keyListJob( false ); // local, no sigs ++ ++ if ( !job ) { ++ kDebug() << "The Crypto backend does not support listing keys. "; ++ } else { ++ std::vector<GpgME::Key> found_keys; ++ // As we are local it is ok to make this synchronous ++ GpgME::KeyListResult res = job->exec( QStringList( signature.fingerprint() ), false, found_keys ); ++ if ( res.error() ) { ++ kDebug() << "Error while searching key for Fingerprint: " << signature.fingerprint(); ++ } ++ if ( found_keys.size() > 1 ) { ++ // Should not Happen ++ kDebug() << "Oops: Found more then one Key for Fingerprint: " << signature.fingerprint(); ++ } ++ if ( found_keys.size() != 1 ) { ++ // Should not Happen at this point ++ kDebug() << "Oops: Found no Key for Fingerprint: " << signature.fingerprint(); ++ } else { ++ key = found_keys[0]; ++ } ++ } ++ } ++ } + + // save extended signature status flags + messagePart.sigSummary = signature.summary();
--- End Message ---
--- Begin Message ---Source: kdepim Source-Version: 4:4.10.2-1 Hi, Alle giovedì 30 maggio 2013, Martin Albrecht ha scritto: > Dear Maintainer, > > KMail (1.3.7) is unable to verify signatures for PGP/MIME > encrypted messages. This bug was fixed upstream in > https://projects.kde.org/projects/kde/kdepim/repository/revisions/44a > 3eb070b74414256f8f8ef58f73fd67678f5e4 This bug has been fixed in kdepim >= 4.9; closing according to the first kdepim version after 4.9 available in Debian. Thanks, -- Pino Toscanosignature.asc
Description: This is a digitally signed message part.
--- End Message ---