Bug#838352: mutt: after the switch to GPGME, I could no longer decrypt my sent PGP mail
On Tue, Sep 20, 2016 at 10:51:01AM +0200, Christian Pietsch wrote: > Dear Maintainer, > >* What led up to the situation? > > Version 1.7.0-5 enabled GPGME for PGP handling by default. > >* What exactly did you do (or not do) that was effective (or > ineffective)? > > After updating to version 1.7.0-5, when I sent an encrypted e-mail to > somebody else, I was surprised that I was unable to decrypt this > message afterwards. > > Before the upgrade, I was able to decrypt all PGP/MIME messages I had > sent. > >* My analysis: > > It turns out I did not have `set pgp_encrypt_self=yes` in my > configuration. Instead, I relied on the following settings which seem > to be ignored by GPGME: > > set pgp_encrypt_only_command="/usr/lib/mutt/pgpewrap gpg --batch --quiet > --no-verbose --output - --encrypt --textmode --armor --always-trust > --encrypt-to 0x > set pgp_encrypt_sign_command="/usr/lib/mutt/pgpewrap gpg --passphrase-fd 0 > --batch --quiet --no-verbose --textmode --output - --encrypt --sign %?a?-u > %a? --armor --always-trust --encrypt-to 0x -- -r %r -- %f" > > Would it be possible to honour these settings with GPGME, or to parse > the `--encrypt-to` argument to make the transition to GPGME a smoother > experience? > Just to clarify this to myself, pgp_encrypt_self=true is going to solve this, the bug itself is for a smoother transition if --encrypt-to is set in the pgp_ commands
Bug#838352: [Pkg-mutt-maintainers] Bug#838352: mutt: after the switch to GPGME, I could no longer decrypt my sent PGP mail
On Tue, Sep 20, 2016 at 02:58:48PM +0200, Christian Pietsch wrote: > On Tue, Sep 20, 2016 at 10:02:13AM +, Antonio Radici wrote: > > In this particular case I believe that the behavior is the correct one, > > once we > > switched to gpgme all pgp_* commands are ignored, if people want to encrypt > > to > > themselves, then they should use the proper configuration option rather than > > relying on a option passed on the pgp_* command. > > > > The best I can do is to update the NEWS entry to make clear that all pgp_* > > command are ignored after the switch to gpgme and saying that if you want to > > encrypt to yourself you have to doublecheck that pgp_encrypt_self is true in > > your config > > Sounds good to me. But are you sure that all pgp_* commands are > ignored? For instance, I just found out that pgp_encrypt_self=yes is > quite essential in this situation. > It turns out that it doesn't work, I was looking on the internet and I found out that you cannot encrypt-to-self when using gpgme [0], I'll work on a patch for that if it's not already available. [0] https://github.com/karelzak/mutt-kz/issues/89
Bug#838352: [Pkg-mutt-maintainers] Bug#838352: mutt: after the switch to GPGME, I could no longer decrypt my sent PGP mail
Control: forwarded -1 http://bugs.mutt.org/2973 Control: tag -1 +confirmed upstream
Bug#838352: mutt: after the switch to GPGME, I could no longer decrypt my sent PGP mail
On Tue, Sep 20, 2016 at 10:02:13AM +, Antonio Radici wrote: > In this particular case I believe that the behavior is the correct one, once > we > switched to gpgme all pgp_* commands are ignored, if people want to encrypt to > themselves, then they should use the proper configuration option rather than > relying on a option passed on the pgp_* command. > > The best I can do is to update the NEWS entry to make clear that all pgp_* > command are ignored after the switch to gpgme and saying that if you want to > encrypt to yourself you have to doublecheck that pgp_encrypt_self is true in > your config Sounds good to me. But are you sure that all pgp_* commands are ignored? For instance, I just found out that pgp_encrypt_self=yes is quite essential in this situation. Thanks! Christian signature.asc Description: PGP signature
Bug#838352: mutt: after the switch to GPGME, I could no longer decrypt my sent PGP mail
Control: tag -1 +pending On Tue, Sep 20, 2016 at 10:51:01AM +0200, Christian Pietsch wrote: > Package: mutt > Version: 1.7.0-5 > Severity: normal > > Dear Maintainer, > >* What led up to the situation? > > Version 1.7.0-5 enabled GPGME for PGP handling by default. > >* What exactly did you do (or not do) that was effective (or > ineffective)? > > After updating to version 1.7.0-5, when I sent an encrypted e-mail to > somebody else, I was surprised that I was unable to decrypt this > message afterwards. > > Before the upgrade, I was able to decrypt all PGP/MIME messages I had > sent. > >* My analysis: > > It turns out I did not have `set pgp_encrypt_self=yes` in my > configuration. Instead, I relied on the following settings which seem > to be ignored by GPGME: > > set pgp_encrypt_only_command="/usr/lib/mutt/pgpewrap gpg --batch --quiet > --no-verbose --output - --encrypt --textmode --armor --always-trust > --encrypt-to 0x > set pgp_encrypt_sign_command="/usr/lib/mutt/pgpewrap gpg --passphrase-fd 0 > --batch --quiet --no-verbose --textmode --output - --encrypt --sign %?a?-u > %a? --armor --always-trust --encrypt-to 0x -- -r %r -- %f" > > Would it be possible to honour these settings with GPGME, or to parse > the `--encrypt-to` argument to make the transition to GPGME a smoother > experience? > In this particular case I believe that the behavior is the correct one, once we switched to gpgme all pgp_* commands are ignored, if people want to encrypt to themselves, then they should use the proper configuration option rather than relying on a option passed on the pgp_* command. The best I can do is to update the NEWS entry to make clear that all pgp_* command are ignored after the switch to gpgme and saying that if you want to encrypt to yourself you have to doublecheck that pgp_encrypt_self is true in your config
Bug#838352: mutt: after the switch to GPGME, I could no longer decrypt my sent PGP mail
Package: mutt
Version: 1.7.0-5
Severity: normal
Dear Maintainer,
* What led up to the situation?
Version 1.7.0-5 enabled GPGME for PGP handling by default.
* What exactly did you do (or not do) that was effective (or
ineffective)?
After updating to version 1.7.0-5, when I sent an encrypted e-mail to
somebody else, I was surprised that I was unable to decrypt this
message afterwards.
Before the upgrade, I was able to decrypt all PGP/MIME messages I had
sent.
* My analysis:
It turns out I did not have `set pgp_encrypt_self=yes` in my
configuration. Instead, I relied on the following settings which seem
to be ignored by GPGME:
set pgp_encrypt_only_command="/usr/lib/mutt/pgpewrap gpg --batch --quiet
--no-verbose --output - --encrypt --textmode --armor --always-trust
--encrypt-to 0x
set pgp_encrypt_sign_command="/usr/lib/mutt/pgpewrap gpg --passphrase-fd 0
--batch --quiet --no-verbose --textmode --output - --encrypt --sign %?a?-u %a?
--armor --always-trust --encrypt-to 0x -- -r %r -- %f"
Would it be possible to honour these settings with GPGME, or to parse
the `--encrypt-to` argument to make the transition to GPGME a smoother
experience?
-- Package-specific info:
NeoMutt 20160910 (1.7.0)
Copyright (C) 1996-2016 Michael R. Elkins and others.
Mutt comes with ABSOLUTELY NO WARRANTY; for details type `mutt -vv'.
Mutt is free software, and you are welcome to redistribute it
under certain conditions; type `mutt -vv' for details.
System: Linux 4.6.0-1-amd64 (x86_64)
libidn: 1.33 (compiled with 1.33)
hcache backend: tokyocabinet 1.4.48
Compiler:
Using built-in specs.
COLLECT_GCC=gcc
COLLECT_LTO_WRAPPER=/usr/lib/gcc/x86_64-linux-gnu/6/lto-wrapper
Target: x86_64-linux-gnu
Configured with: ../src/configure -v --with-pkgversion='Debian 6.2.0-3'
--with-bugurl=file:///usr/share/doc/gcc-6/README.Bugs
--enable-languages=c,ada,c++,java,go,d,fortran,objc,obj-c++ --prefix=/usr
--program-suffix=-6 --enable-shared --enable-linker-build-id
--libexecdir=/usr/lib --without-included-gettext --enable-threads=posix
--libdir=/usr/lib --enable-nls --with-sysroot=/ --enable-clocale=gnu
--enable-libstdcxx-debug --enable-libstdcxx-time=yes
--with-default-libstdcxx-abi=new --enable-gnu-unique-object
--disable-vtable-verify --enable-libmpx --enable-plugin --with-system-zlib
--disable-browser-plugin --enable-java-awt=gtk --enable-gtk-cairo
--with-java-home=/usr/lib/jvm/java-1.5.0-gcj-6-amd64/jre --enable-java-home
--with-jvm-root-dir=/usr/lib/jvm/java-1.5.0-gcj-6-amd64
--with-jvm-jar-dir=/usr/lib/jvm-exports/java-1.5.0-gcj-6-amd64
--with-arch-directory=amd64 --with-ecj-jar=/usr/share/java/eclipse-ecj.jar
--enable-objc-gc --enable-multiarch --with-arch-32=i686 --with-abi=m64
--with-multilib-list=m32,m64,mx32 --enable-multilib --with-tune=generic
--enable-checking=release --build=x86_64-linux-gnu --host=x86_64-linux-gnu
--target=x86_64-linux-gnu
Thread model: posix
gcc version 6.2.0 20160901 (Debian 6.2.0-3)
Configure options: '--build=x86_64-linux-gnu' '--prefix=/usr'
'--includedir=\${prefix}/include' '--mandir=\${prefix}/share/man'
'--infodir=\${prefix}/share/info' '--sysconfdir=/etc' '--localstatedir=/var'
'--disable-silent-rules' '--libdir=\${prefix}/lib/x86_64-linux-gnu'
'--libexecdir=\${prefix}/lib/x86_64-linux-gnu' '--disable-maintainer-mode'
'--disable-dependency-tracking' '--with-mailpath=/var/mail'
'--enable-compressed' '--enable-debug' '--enable-fcntl' '--enable-hcache'
'--enable-gpgme' '--enable-imap' '--enable-smtp' '--enable-pop'
'--enable-sidebar' '--enable-nntp' '--enable-notmuch' '--disable-fmemopen'
'--with-curses' '--with-gnutls' '--with-gss' '--with-idn' '--with-mixmaster'
'--with-sasl' '--without-gdbm' '--without-bdb' '--without-qdbm'
'build_alias=x86_64-linux-gnu' 'CFLAGS=-g -O2
-fdebug-prefix-map=/build/mutt-eJ8cNY/mutt-1.7.0=. -fPIE
-fstack-protector-strong -Wformat -Werror=format-security' 'LDFLAGS=-fPIE -pie
-Wl,-z,relro -Wl,-z,now' 'CPPFLAGS=-Wdate-time -D_FORTIFY_SOURCE=2'
Compilation CFLAGS: -Wall -pedantic -Wno-long-long -g -O2
-fdebug-prefix-map=/build/mutt-eJ8cNY/mutt-1.7.0=. -fPIE
-fstack-protector-strong -Wformat -Werror=format-security
Compile options:
+CRYPT_BACKEND_CLASSIC_PGP +CRYPT_BACKEND_CLASSIC_SMIME +CRYPT_BACKEND_GPGME
+DEBUG +DL_STANDALONE +ENABLE_NLS -EXACT_ADDRESS -HOMESPOOL -LOCALES_HACK
-SUN_ATTACHMENT +HAVE_BKGDSET +HAVE_COLOR +HAVE_CURS_SET +HAVE_GETADDRINFO
+HAVE_GETSID +HAVE_ICONV +HAVE_LANGINFO_CODESET +HAVE_LANGINFO_YESEXPR
+HAVE_LIBIDN +HAVE_META +HAVE_REGCOMP +HAVE_RESIZETERM +HAVE_START_COLOR
+HAVE_TYPEAHEAD +HAVE_WC_FUNCS +ICONV_NONTRANS +USE_COMPRESSED +USE_DOTLOCK
+USE_FCNTL -USE_FLOCK -USE_FMEMOPEN -USE_GNU_REGEX +USE_GSS +USE_HCACHE
+USE_IMAP +USE_NOTMUCH +USE_NNTP +USE_POP +USE_SASL +USE_SETGID +USE_SIDEBAR
+USE_SMTP +USE_SSL_GNUTLS -USE_SSL_OPENSSL
-DOMAIN
MIXMASTER="mixmaster"
-ISPELL
SENDMAIL="/usr/sbin/sendmail"
MAILPATH="/var/mail"
PKGDATADIR="/usr/share/mutt"
