diff options
author | Kevin McCarthy <kevin@8t8.us> | 2024-04-13 13:22:11 +0800 |
---|---|---|
committer | Kevin McCarthy <kevin@8t8.us> | 2024-04-13 18:29:40 +0800 |
commit | 0d75d71a6f1b6a8a24ccb7fe4e6a9889b4ff8b0b (patch) | |
tree | 659d7d0a86094b17dd5fec085a7c218993a29e4d | |
parent | 00d56288d33005b7412c5fd8b36ccc1d27d12c2f (diff) |
Add $smime_pkcs7_default_smime_type config option.
This works around Outlook sending application/pkcs7-mime ".p7m" parts
without a smime-type parameter.
Mutt previously hardcoded an assumption that these were SignedData to
work around an old Outlook book. However Outlook now appears to also
send EnvelopedData in this form.
-rw-r--r-- | contrib/smime.rc | 8 | ||||
-rw-r--r-- | crypt.c | 11 | ||||
-rw-r--r-- | globals.h | 1 | ||||
-rw-r--r-- | init.h | 14 |
4 files changed, 31 insertions, 3 deletions
diff --git a/contrib/smime.rc b/contrib/smime.rc index 05c4dffc..dfcd13ea 100644 --- a/contrib/smime.rc +++ b/contrib/smime.rc @@ -104,6 +104,14 @@ set smime_verify_opaque_command="\ openssl smime -verify -inform DER -in %s %C || \ openssl smime -verify -inform DER -in %s -noverify 2>/dev/null" +# application/pkcs7-mime ".p7m" messages should have a smime-type +# parameter to tell Mutt whether it's signed or encrypted data. +# +# If the parameter is missing, Mutt by default assumes it's SignedData. +# This can be used to change Mutt's assumption to EnvelopedData (encrypted). +# +# set smime_pkcs7_default_smime_type="enveloped" + # Section D: Alternatives @@ -610,9 +610,14 @@ int mutt_is_application_smime (BODY *m) { len++; if (!ascii_strcasecmp ((t+len), "p7m")) - /* Not sure if this is the correct thing to do, but - it's required for compatibility with Outlook */ - return (SMIMESIGN|SMIMEOPAQUE); + { + if (!ascii_strcasecmp (SmimePkcs7DefaultSmimeType, "signed")) + return (SMIMESIGN|SMIMEOPAQUE); + else if (!ascii_strcasecmp (SmimePkcs7DefaultSmimeType, "enveloped")) + return SMIMEENCRYPT; + else + return 0; + } else if (!ascii_strcasecmp ((t+len), "p7s")) return (SMIMESIGN|SMIMEOPAQUE); } @@ -311,6 +311,7 @@ WHERE char *SmimeSignOpaqueCommand; WHERE char *SmimeEncryptCommand; WHERE char *SmimeGetSignerCertCommand; WHERE char *SmimePk7outCommand; +WHERE char *SmimePkcs7DefaultSmimeType; WHERE char *SmimeGetCertCommand; WHERE char *SmimeImportCertCommand; WHERE char *SmimeGetCertEmailCommand; @@ -4016,6 +4016,20 @@ struct option_t MuttVars[] = { ** edited. This option points to the location of the private keys. ** (S/MIME only) */ + { "smime_pkcs7_default_smime_type", DT_STR, R_NONE, {.p=&SmimePkcs7DefaultSmimeType}, {.p="signed"} }, + /* + ** .pp + ** The application/pkcs7-mime ``.p7m'' type can contain EnvelopedData + ** (encrypted) or SignedData. Senders should add a ``smime-type'' + ** parameter to the content type, to help receiving MUAs correctly + ** handle the data. Unfortunately, some clients (e.g. Outlook) + ** don't add this parameter. + ** .pp + ** This option is used to determine which type to assume when the + ** ``smime-type'' parameter is missing for ``.p7m'' file types. + ** .pp + ** Accepted values are ``enveloped'' and ``signed''. + */ { "smime_pk7out_command", DT_STR, R_NONE, {.p=&SmimePk7outCommand}, {.p=0} }, /* ** .pp |