Re: [MlMt] Is Security.plist broken in r5187?
On 2016-01-27 09:12:24 (+0100), Philip Paeps wrote: On 2015-11-28 09:25:50 (+0100), Philip Paeps wrote: On 2015-11-28 12:59:18 (+0530), Benny Kjær Nielsen wrote: On 28 Nov 2015, at 8:17, Philip Paeps wrote: I just noticed that MailMate r5187 is not respecting my PGP uid->keyid mappings in Security.plist. It was working for me last week. Did something break? :) I noticed today that this is still broken. Actually, I'm not sure if it's "still" or "again". I haven't been exchanging much email relying on the configuration in Security.plist. This turned out to be my fault. I introduced a syntax error in my Security.plist around the same time as r5187 came out. Thanks for helping me debug this, Benny! If anyone else runs into this sort of thing: don't use #-comments in your Security.plist and run `plutil -lint` on it if in doubt! Philip -- Philip Paeps Senior Reality Engineer Ministry of Information ___ mailmate mailing list mailmate@lists.freron.com http://lists.freron.com/listinfo/mailmate
Re: [MlMt] Is Security.plist broken in r5187?
On 27 Jan 2016, at 9:12, Philip Paeps wrote: On 2015-11-28 09:25:50 (+0100), Philip Paeps wrote: On 2015-11-28 12:59:18 (+0530), Benny Kjær Nielsen wrote: On 28 Nov 2015, at 8:17, Philip Paeps wrote: I just noticed that MailMate r5187 is not respecting my PGP uid->keyid mappings in Security.plist. It was working for me last week. Did something break? :) I noticed today that this is still broken. Actually, I'm not sure if it's "still" or "again". I haven't been exchanging much email relying on the configuration in Security.plist. I started MailMate from the command line as you suggested in November and it looks like Security.plist is just being ignored. Its contents don't appear to affect the gpg2 command line being generated. Could you please look into this again? Sounds like maybe finding or parsing the file fails. Could you send me the file: ~/Library/Application Support/MailMate/Security.plist You can change the keys/addresses if you like. -- Benny ___ mailmate mailing list mailmate@lists.freron.com http://lists.freron.com/listinfo/mailmate
Re: [MlMt] Is Security.plist broken in r5187?
On 2015-11-28 09:25:50 (+0100), Philip Paeps wrote: On 2015-11-28 12:59:18 (+0530), Benny Kjær Nielsen wrote: On 28 Nov 2015, at 8:17, Philip Paeps wrote: I just noticed that MailMate r5187 is not respecting my PGP uid->keyid mappings in Security.plist. It was working for me last week. Did something break? :) I noticed today that this is still broken. Actually, I'm not sure if it's "still" or "again". I haven't been exchanging much email relying on the configuration in Security.plist. I started MailMate from the command line as you suggested in November and it looks like Security.plist is just being ignored. Its contents don't appear to affect the gpg2 command line being generated. Could you please look into this again? Many thanks! Philip -- Philip Paeps Senior Reality Engineer Ministry of Information ___ mailmate mailing list mailmate@lists.freron.com http://lists.freron.com/listinfo/mailmate
Re: [MlMt] Is Security.plist broken in r5187?
On 2015-11-28 12:59:18 (+0530), Benny Kjær Nielsen
wrote:
On 28 Nov 2015, at 8:17, Philip Paeps wrote:
I just noticed that MailMate r5187 is not respecting my PGP
uid->keyid mappings in Security.plist.
It was working for me last week. Did something break? :)
Not intentionally.
😀
I've got a bunch of valid secret keys which are all valid and I've
configured Security.plist to pick the correct one for my various email
addresses:
{
map = (
{
address = "phi...@trouble.is";
userID = "0x31AEB9B5FDBBCB0E";
},
{
[...]
This morning I tried to sign a message from phi...@trouble.is and
MailMate wants to use another key, not 0x31AEB9B5FDBBCB0E. I thought
the problem might be related to the fact that 0x31AEB9B5FDBBCB0E is
stored on a Yubikey smartcard (that sometimes confuses GnuPG), but GnuPG
is happy to use the key:
[665] (philip@twoflower)...ation Support/MailMate% gpg
--card-status
Application ID ...: D27600012401020603703952
Version ..: 2.0
Manufacturer .: Yubico
Serial number : 03703952
[...]
Signature key : F579 7FCB F1F1 4E2C 28A9 487B 7C62 BC47 76C9
F29E
created : 2015-06-14 20:27:26
Encryption key: D034 ACB7 65C9 A8A5 01A5 4F82 935D B834 3AF2
5C94
created : 2015-06-14 20:27:48
Authentication key: 3BC4 6C0F DA40 B9AF 9FC6 C076 CFF6 3254 4136
DF54
created : 2015-06-14 20:28:12
General key info..: pub 2048R/0x7C62BC4776C9F29E 2015-06-14 Philip
Paeps
[...]
If you launch from a Terminal window then you can get some more
details like this:
defaults write com.freron.MailMate MmDebugSecurity -bool YES
/Applications/MailMate.app/Contents/MacOS/MailMate
You can send me the output off list if it's still not working for you.
It looks like r5187 is not feeding the userID to the gpg --local-user
command line option. It's just giving the address:
2015-11-28 13:34:44.734 MailMate[28147:1947364] Failed to connect
(_messageView) outlet from (SFCertificateTrustPanel) to (NSTextField):
missing setter or instance variable
This line turned up as soon as the main window opened. I'm doubt it's
related to the problem, but I thought I'd keep it just in case.
OpenPGP
gpg2 --no-verbose --batch --no-tty --openpgp --status-fd 2
--digest-algo SHA1 --textmode --armor --local-user ""
--detach-sign
Note the --local-user is not the userID from my Security.plist.
As an aside: is there a particular reason you're specifying SHA1 rather
than allowing GnuPG to pick the algorithm (in my case, I've told it to
prefer stronger ciphers in my $HOME/.gnupg/gpg.conf).
Input string (202): "Content-Type:
text/plain\r\nContent-Transfer-Encoding: quoted-printable\r\n\r\ntesting
testing testing\r\n\r\nPhilip\r\n\r\n-- =\r\n\r\nPhilip Paeps\r\nSenior
Reality Engineer\r\nMinistry of Informati..."
Command: #!/usr/bin/env bash
"$MM_GPG" --no-verbose --batch --no-tty --openpgp --status-fd 2
--digest-algo SHA1 --textmode --armor --local-user ""
--detach-sign
Result: Failure
Output string (0): ""
Detail: [GNUPG:] USERID_HINT BB5E2C462A0FA8B0 Philip Paeps
Detail: [GNUPG:] NEED_PASSPHRASE BB5E2C462A0FA8B0 BB5E2C462A0FA8B0
1 0
Detail: gpg: cancelled by user
Detail: [GNUPG:] MISSING_PASSPHRASE
Detail: gpg: skipped "": Operation cancelled
Detail: [GNUPG:] INV_SGNR 0
Detail: gpg: signing failed: Operation cancelled
I expected GnuPG to ask me for the PIN for the key on my smart card, not
the passphrase for this other key. Which is what it did until I
upgraded.
Thanks.
Philip
--
Philip Paeps
Senior Reality Engineer
Ministry of Information
___
mailmate mailing list
mailmate@lists.freron.com
http://lists.freron.com/listinfo/mailmate
Re: [MlMt] Is Security.plist broken in r5187?
On 28 Nov 2015, at 8:17, Philip Paeps wrote: I just noticed that MailMate r5187 is not respecting my PGP uid->keyid mappings in Security.plist. It was working for me last week. Did something break? :) Not intentionally. If you launch from a Terminal window then you can get some more details like this: defaults write com.freron.MailMate MmDebugSecurity -bool YES /Applications/MailMate.app/Contents/MacOS/MailMate You can send me the output off list if it's still not working for you. -- Benny ___ mailmate mailing list mailmate@lists.freron.com http://lists.freron.com/listinfo/mailmate
