Bug#838352: mutt: after the switch to GPGME, I could no longer decrypt my sent PGP mail
On Tue, Sep 20, 2016 at 10:51:01AM +0200, Christian Pietsch wrote: > Dear Maintainer, > >* What led up to the situation? > > Version 1.7.0-5 enabled GPGME for PGP handling by default. > >* What exactly did you do (or not do) that was effective (or > ineffective)? > > After updating to version 1.7.0-5, when I sent an encrypted e-mail to > somebody else, I was surprised that I was unable to decrypt this > message afterwards. > > Before the upgrade, I was able to decrypt all PGP/MIME messages I had > sent. > >* My analysis: > > It turns out I did not have `set pgp_encrypt_self=yes` in my > configuration. Instead, I relied on the following settings which seem > to be ignored by GPGME: > > set pgp_encrypt_only_command="/usr/lib/mutt/pgpewrap gpg --batch --quiet > --no-verbose --output - --encrypt --textmode --armor --always-trust > --encrypt-to 0x > set pgp_encrypt_sign_command="/usr/lib/mutt/pgpewrap gpg --passphrase-fd 0 > --batch --quiet --no-verbose --textmode --output - --encrypt --sign %?a?-u > %a? --armor --always-trust --encrypt-to 0x -- -r %r -- %f" > > Would it be possible to honour these settings with GPGME, or to parse > the `--encrypt-to` argument to make the transition to GPGME a smoother > experience? > Just to clarify this to myself, pgp_encrypt_self=true is going to solve this, the bug itself is for a smoother transition if --encrypt-to is set in the pgp_ commands
Bug#838352: [Pkg-mutt-maintainers] Bug#838352: mutt: after the switch to GPGME, I could no longer decrypt my sent PGP mail
On Tue, Sep 20, 2016 at 02:58:48PM +0200, Christian Pietsch wrote: > On Tue, Sep 20, 2016 at 10:02:13AM +, Antonio Radici wrote: > > In this particular case I believe that the behavior is the correct one, > > once we > > switched to gpgme all pgp_* commands are ignored, if people want to encrypt > > to > > themselves, then they should use the proper configuration option rather than > > relying on a option passed on the pgp_* command. > > > > The best I can do is to update the NEWS entry to make clear that all pgp_* > > command are ignored after the switch to gpgme and saying that if you want to > > encrypt to yourself you have to doublecheck that pgp_encrypt_self is true in > > your config > > Sounds good to me. But are you sure that all pgp_* commands are > ignored? For instance, I just found out that pgp_encrypt_self=yes is > quite essential in this situation. > It turns out that it doesn't work, I was looking on the internet and I found out that you cannot encrypt-to-self when using gpgme [0], I'll work on a patch for that if it's not already available. [0] https://github.com/karelzak/mutt-kz/issues/89
Bug#838352: [Pkg-mutt-maintainers] Bug#838352: mutt: after the switch to GPGME, I could no longer decrypt my sent PGP mail
Control: forwarded -1 http://bugs.mutt.org/2973 Control: tag -1 +confirmed upstream
Bug#838352: mutt: after the switch to GPGME, I could no longer decrypt my sent PGP mail
On Tue, Sep 20, 2016 at 10:02:13AM +, Antonio Radici wrote: > In this particular case I believe that the behavior is the correct one, once > we > switched to gpgme all pgp_* commands are ignored, if people want to encrypt to > themselves, then they should use the proper configuration option rather than > relying on a option passed on the pgp_* command. > > The best I can do is to update the NEWS entry to make clear that all pgp_* > command are ignored after the switch to gpgme and saying that if you want to > encrypt to yourself you have to doublecheck that pgp_encrypt_self is true in > your config Sounds good to me. But are you sure that all pgp_* commands are ignored? For instance, I just found out that pgp_encrypt_self=yes is quite essential in this situation. Thanks! Christian signature.asc Description: PGP signature
Bug#838352: mutt: after the switch to GPGME, I could no longer decrypt my sent PGP mail
Control: tag -1 +pending On Tue, Sep 20, 2016 at 10:51:01AM +0200, Christian Pietsch wrote: > Package: mutt > Version: 1.7.0-5 > Severity: normal > > Dear Maintainer, > >* What led up to the situation? > > Version 1.7.0-5 enabled GPGME for PGP handling by default. > >* What exactly did you do (or not do) that was effective (or > ineffective)? > > After updating to version 1.7.0-5, when I sent an encrypted e-mail to > somebody else, I was surprised that I was unable to decrypt this > message afterwards. > > Before the upgrade, I was able to decrypt all PGP/MIME messages I had > sent. > >* My analysis: > > It turns out I did not have `set pgp_encrypt_self=yes` in my > configuration. Instead, I relied on the following settings which seem > to be ignored by GPGME: > > set pgp_encrypt_only_command="/usr/lib/mutt/pgpewrap gpg --batch --quiet > --no-verbose --output - --encrypt --textmode --armor --always-trust > --encrypt-to 0x > set pgp_encrypt_sign_command="/usr/lib/mutt/pgpewrap gpg --passphrase-fd 0 > --batch --quiet --no-verbose --textmode --output - --encrypt --sign %?a?-u > %a? --armor --always-trust --encrypt-to 0x -- -r %r -- %f" > > Would it be possible to honour these settings with GPGME, or to parse > the `--encrypt-to` argument to make the transition to GPGME a smoother > experience? > In this particular case I believe that the behavior is the correct one, once we switched to gpgme all pgp_* commands are ignored, if people want to encrypt to themselves, then they should use the proper configuration option rather than relying on a option passed on the pgp_* command. The best I can do is to update the NEWS entry to make clear that all pgp_* command are ignored after the switch to gpgme and saying that if you want to encrypt to yourself you have to doublecheck that pgp_encrypt_self is true in your config
Bug#838352: mutt: after the switch to GPGME, I could no longer decrypt my sent PGP mail
Package: mutt Version: 1.7.0-5 Severity: normal Dear Maintainer, * What led up to the situation? Version 1.7.0-5 enabled GPGME for PGP handling by default. * What exactly did you do (or not do) that was effective (or ineffective)? After updating to version 1.7.0-5, when I sent an encrypted e-mail to somebody else, I was surprised that I was unable to decrypt this message afterwards. Before the upgrade, I was able to decrypt all PGP/MIME messages I had sent. * My analysis: It turns out I did not have `set pgp_encrypt_self=yes` in my configuration. Instead, I relied on the following settings which seem to be ignored by GPGME: set pgp_encrypt_only_command="/usr/lib/mutt/pgpewrap gpg --batch --quiet --no-verbose --output - --encrypt --textmode --armor --always-trust --encrypt-to 0x set pgp_encrypt_sign_command="/usr/lib/mutt/pgpewrap gpg --passphrase-fd 0 --batch --quiet --no-verbose --textmode --output - --encrypt --sign %?a?-u %a? --armor --always-trust --encrypt-to 0x -- -r %r -- %f" Would it be possible to honour these settings with GPGME, or to parse the `--encrypt-to` argument to make the transition to GPGME a smoother experience? -- Package-specific info: NeoMutt 20160910 (1.7.0) Copyright (C) 1996-2016 Michael R. Elkins and others. Mutt comes with ABSOLUTELY NO WARRANTY; for details type `mutt -vv'. Mutt is free software, and you are welcome to redistribute it under certain conditions; type `mutt -vv' for details. System: Linux 4.6.0-1-amd64 (x86_64) libidn: 1.33 (compiled with 1.33) hcache backend: tokyocabinet 1.4.48 Compiler: Using built-in specs. COLLECT_GCC=gcc COLLECT_LTO_WRAPPER=/usr/lib/gcc/x86_64-linux-gnu/6/lto-wrapper Target: x86_64-linux-gnu Configured with: ../src/configure -v --with-pkgversion='Debian 6.2.0-3' --with-bugurl=file:///usr/share/doc/gcc-6/README.Bugs --enable-languages=c,ada,c++,java,go,d,fortran,objc,obj-c++ --prefix=/usr --program-suffix=-6 --enable-shared --enable-linker-build-id --libexecdir=/usr/lib --without-included-gettext --enable-threads=posix --libdir=/usr/lib --enable-nls --with-sysroot=/ --enable-clocale=gnu --enable-libstdcxx-debug --enable-libstdcxx-time=yes --with-default-libstdcxx-abi=new --enable-gnu-unique-object --disable-vtable-verify --enable-libmpx --enable-plugin --with-system-zlib --disable-browser-plugin --enable-java-awt=gtk --enable-gtk-cairo --with-java-home=/usr/lib/jvm/java-1.5.0-gcj-6-amd64/jre --enable-java-home --with-jvm-root-dir=/usr/lib/jvm/java-1.5.0-gcj-6-amd64 --with-jvm-jar-dir=/usr/lib/jvm-exports/java-1.5.0-gcj-6-amd64 --with-arch-directory=amd64 --with-ecj-jar=/usr/share/java/eclipse-ecj.jar --enable-objc-gc --enable-multiarch --with-arch-32=i686 --with-abi=m64 --with-multilib-list=m32,m64,mx32 --enable-multilib --with-tune=generic --enable-checking=release --build=x86_64-linux-gnu --host=x86_64-linux-gnu --target=x86_64-linux-gnu Thread model: posix gcc version 6.2.0 20160901 (Debian 6.2.0-3) Configure options: '--build=x86_64-linux-gnu' '--prefix=/usr' '--includedir=\${prefix}/include' '--mandir=\${prefix}/share/man' '--infodir=\${prefix}/share/info' '--sysconfdir=/etc' '--localstatedir=/var' '--disable-silent-rules' '--libdir=\${prefix}/lib/x86_64-linux-gnu' '--libexecdir=\${prefix}/lib/x86_64-linux-gnu' '--disable-maintainer-mode' '--disable-dependency-tracking' '--with-mailpath=/var/mail' '--enable-compressed' '--enable-debug' '--enable-fcntl' '--enable-hcache' '--enable-gpgme' '--enable-imap' '--enable-smtp' '--enable-pop' '--enable-sidebar' '--enable-nntp' '--enable-notmuch' '--disable-fmemopen' '--with-curses' '--with-gnutls' '--with-gss' '--with-idn' '--with-mixmaster' '--with-sasl' '--without-gdbm' '--without-bdb' '--without-qdbm' 'build_alias=x86_64-linux-gnu' 'CFLAGS=-g -O2 -fdebug-prefix-map=/build/mutt-eJ8cNY/mutt-1.7.0=. -fPIE -fstack-protector-strong -Wformat -Werror=format-security' 'LDFLAGS=-fPIE -pie -Wl,-z,relro -Wl,-z,now' 'CPPFLAGS=-Wdate-time -D_FORTIFY_SOURCE=2' Compilation CFLAGS: -Wall -pedantic -Wno-long-long -g -O2 -fdebug-prefix-map=/build/mutt-eJ8cNY/mutt-1.7.0=. -fPIE -fstack-protector-strong -Wformat -Werror=format-security Compile options: +CRYPT_BACKEND_CLASSIC_PGP +CRYPT_BACKEND_CLASSIC_SMIME +CRYPT_BACKEND_GPGME +DEBUG +DL_STANDALONE +ENABLE_NLS -EXACT_ADDRESS -HOMESPOOL -LOCALES_HACK -SUN_ATTACHMENT +HAVE_BKGDSET +HAVE_COLOR +HAVE_CURS_SET +HAVE_GETADDRINFO +HAVE_GETSID +HAVE_ICONV +HAVE_LANGINFO_CODESET +HAVE_LANGINFO_YESEXPR +HAVE_LIBIDN +HAVE_META +HAVE_REGCOMP +HAVE_RESIZETERM +HAVE_START_COLOR +HAVE_TYPEAHEAD +HAVE_WC_FUNCS +ICONV_NONTRANS +USE_COMPRESSED +USE_DOTLOCK +USE_FCNTL -USE_FLOCK -USE_FMEMOPEN -USE_GNU_REGEX +USE_GSS +USE_HCACHE +USE_IMAP +USE_NOTMUCH +USE_NNTP +USE_POP +USE_SASL +USE_SETGID +USE_SIDEBAR +USE_SMTP +USE_SSL_GNUTLS -USE_SSL_OPENSSL -DOMAIN MIXMASTER="mixmaster" -ISPELL SENDMAIL="/usr/sbin/sendmail" MAILPATH="/var/mail" PKGDATADIR="/usr/share/mutt"