bug#6654: 23.2; mml-secure-message-encrypt-smime can't handle multiple recipients

bug#6654: 23.2; mml-secure-message-encrypt-smime can't handle multiple recipients

[Jay Berkenbilt]

When attempting to send an encrypted message to multiple recipients,
mml-secure-message-encrypt-smime creates a "secure" mml tag contains a
separate certfile attribute for each recipient.  For example (with !
below replaced by #):

<!secure method=smime mode=signencrypt keyfile="~/certs/key.pem" certfile="~/certs/c1.pem" certfile="~/certs/c2.pem">

This gets parsed and eventually ends up in mml-parse-1.  In this block
of code:

       ((looking-at "<#secure")
	;; The secure part is essentially a meta-meta tag, which
	;; expands to either a part tag if there are no other parts in
	;; the document or a multipart tag if there are other parts
	;; included in the message
	(let* (secure-mode
	       (taginfo (mml-read-tag))
	       (keyfile (cdr (assq 'keyfile taginfo)))
	       (certfile (cdr (assq 'certfile taginfo)))
	       (recipients (cdr (assq 'recipients taginfo)))
	       (sender (cdr (assq 'sender taginfo)))
	       (location (cdr (assq 'tag-location taginfo)))
	       (mode (cdr (assq 'mode taginfo)))
	       (method (cdr (assq 'method taginfo)))
	       tags)

you can see that certfile is set by calling (assq 'certfile taginfo),
which loses all but the first certfile.  This causes it to be mapped
into this:

<!part sign=smime encrypt=smime keyfile="~/certs/key.pem" certfile="~/certs/c1.pem">

(again with ! replaced by #).

If you start off with

<!part sign=smime encrypt=smime keyfile="~/certs/key.pem" certfile="~/certs/c1.pem" certfile="~/certs/c2.pem">

and proceed to send the message, the message is encrypted with multiple
recipients as expected.


In GNU Emacs 23.2.1 (x86_64-unknown-linux-gnu, GTK+ Version 2.10.4)
 of 2010-05-25 on motoko.argon.local
Windowing system distributor `The X.Org Foundation', version 11.0.70101000
configured using `configure  '--prefix=/opt/tps/packages/linux.x86_64.rhel5/emacs-23.2-1''

Important settings:
  value of $LC_ALL: nil
  value of $LC_COLLATE: nil
  value of $LC_CTYPE: nil
  value of $LC_MESSAGES: nil
  value of $LC_MONETARY: nil
  value of $LC_NUMERIC: nil
  value of $LC_TIME: nil
  value of $LANG: en_US.UTF-8
  value of $XMODIFIERS: @im=none
  locale-coding-system: utf-8-unix
  default enable-multibyte-characters: t

Major mode: Summary

Minor modes in effect:
  gnus-agent-mode: t
  diff-auto-refine-mode: t
  which-function-mode: t
  tooltip-mode: t
  mouse-wheel-mode: t
  file-name-shadow-mode: t
  global-font-lock-mode: t
  font-lock-mode: t
  blink-cursor-mode: t
  auto-encryption-mode: t
  auto-compression-mode: t
  column-number-mode: t
  line-number-mode: t

Recent input:
p s - b u i l d - i t e m s SPC i n SPC y o u r SPC 
C-a C-k T h e r e SPC a r e SPC o t h e r SPC w o r 
k a r o u n d s , SPC b u t SPC s e t t i n g SPC N 
O _ I C C SPC i s SPC a SPC r e a s o n a b l e SPC 
s o l u t i o n . SPC S-SPC I SPC s u p <backspace> 
s p e c t SPC y o u SPC m u s t SPC h a v e SPC N O 
_ X L C = 1 C-p M-f = 1 C-n SPC s o m e w h e r e SPC 
i n SPC y o r u <backspace> <backspace> u r SPC s e 
t u p SPC t o o SPC o r SPC e l s e SPC y o u ' d SPC 
b e SPC g e t t i n g SPC e r r o r s SPC a b o u t 
SPC x l c M-q SPC o n SPC t h e SPC h y d r a s . <return> 
<return> - - J a y C-n C-c C-c s s C-x C-g C-g M-x 
b u g <M-backspace> s e n d SPC e m SPC <M-backspace> 
<M-backspace> e m a c <M-backspace> b u g SPC SPC <M-backspace> 
<M-backspace> e m a c s SPC b SPC <M-backspace> <M-backspace> 
<M-backspace> r e p r t <backspace> <backspace> o t 
<tab> <backspace> <tab> r t <tab> b <tab> <return>

Recent messages:
waiting for TLS response...
Sending...done
Quit
Making completion list...
C-c C-g is undefined
Quit
Undo!
Type C-x 4 C-o RET to restore the other window.
Quit
C-c RET c s runs the command mml-secure-message-encrypt-smime

Load-path shadows:
/home/jberkenb/elisp/startup hides /opt/tps/packages/linux.x86_64.rhel5/emacs-23.2-1/share/emacs/23.2/lisp/startup

Features:
(shadow warnings emacsbug debug find-func diff-mode tabify man assoc
mule-util dabbrev perl-mode log-edit easy-mmode pcvs-util add-log vc-rcs
fg-lisp-indent help-mode view flow-fill mml-smime sh-script executable
tls newcomment rmail auth-source starttls mailalias q-valid-addr
flyspell ispell epa-file epa derived epg multi-isearch w3m-form
w3m-symbol sort gnus-cite ansi-color mail-extr gnus-async gnus-bcklg
parse-time gnus-ml disp-table vc-accurev paranoid-backup byte-opt
bytecomp byte-compile nndraft nnmh nnfolder gnus-agent gnus-srvr
gnus-score score-mode nnvirtual gnus-msg gnus-art mm-uu mml2015
epg-config mm-view smime dig nntp gnus-cache gnus-sum gnus-group
gnus-undo nndoc nnoo nnmail mail-source format-spec gnus-start gnus-spec
gnus-int gnus-range gnus-win gnus gnus-ems vc-svn vc vc-dispatcher w3m
browse-url doc-view image-mode dired timezone w3m-hist w3m-fb w3m-ems
w3m-ccl ccl w3m-favicon w3m-image w3m-proc w3m-util qmime qmime-compose
qmime-view which-func imenu filecache server uniquify compile ange-ftp
comint ring message ecomplete rfc822 mml mml-sec password-cache
mm-decode mm-bodies mm-encode mailcap mail-parse rfc2231 rfc2047 rfc2045
qp ietf-drums mailabbrev nnheader gnus-util netrc time-date mm-util
mail-prsvr gmm-utils mailheader canlock sha1 hex-util hashcash
mail-utils cc-styles cc-align cc-engine cc-vars cc-defs smtpmail
sendmail regexp-opt project advice help-fns advice-preload jka-compr
cus-edit easymenu wid-edit cus-start cus-load edmacro kmacro cl cl-19
tooltip ediff-hook vc-hooks lisp-float-type mwheel x-win x-dnd
font-setting tool-bar dnd fontset image fringe lisp-mode register page
menu-bar rfn-eshadow timer select scroll-bar mldrag mouse jit-lock
font-lock syntax facemenu font-core frame cham georgian utf-8-lang
misc-lang vietnamese tibetan thai tai-viet lao korean japanese hebrew
greek romanian slovak czech european ethiopic indian cyrillic chinese
case-table epa-hook jka-cmpr-hook help simple abbrev loaddefs button
minibuffer faces cus-face files text-properties overlay md5 base64
format env code-pages mule custom widget hashtable-print-readable
backquote make-network-process dbusbind system-font-setting
font-render-setting gtk x-toolkit x multi-tty emacs)

bug#6654: 23.2; mml-secure-message-encrypt-smime can't handle multiple recipients

[Daiki Ueno]

[-- Attachment #1: Type: text/plain, Size: 771 bytes --]

Hi,

Jay Berkenbilt <ejb@ql.org> writes:

> When attempting to send an encrypted message to multiple recipients,
> mml-secure-message-encrypt-smime creates a "secure" mml tag contains a
> separate certfile attribute for each recipient.  For example (with !
> below replaced by #):
>
> <!secure method=smime mode=signencrypt keyfile="~/certs/key.pem" certfile="~/certs/c1.pem" certfile="~/certs/c2.pem">
[...]
> you can see that certfile is set by calling (assq 'certfile taginfo),
> which loses all but the first certfile.  This causes it to be mapped
> into this:
>
> <!part sign=smime encrypt=smime keyfile="~/certs/key.pem" certfile="~/certs/c1.pem">

Thanks for the analysis.  Could you try the attached patch?  If ok, I'll
apply it to the trunk and close this bug.


[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: mml-secure-smime-multiple-certfile.diff --]
[-- Type: text/x-patch, Size: 933 bytes --]

=== modified file 'lisp/gnus/mml.el'
--- lisp/gnus/mml.el	2010-05-06 04:15:34 +0000
+++ lisp/gnus/mml.el	2010-07-20 01:56:14 +0000
@@ -228,7 +228,10 @@
 	(let* (secure-mode
 	       (taginfo (mml-read-tag))
 	       (keyfile (cdr (assq 'keyfile taginfo)))
-	       (certfile (cdr (assq 'certfile taginfo)))
+	       (certfiles (delq nil (mapcar (lambda (tag)
+					      (if (eq (car-safe tag) 'certfile)
+						  (cdr tag)))
+					    taginfo)))
 	       (recipients (cdr (assq 'recipients taginfo)))
 	       (sender (cdr (assq 'sender taginfo)))
 	       (location (cdr (assq 'tag-location taginfo)))
@@ -254,8 +257,10 @@
 				 ,@tags
 				 ,(if keyfile "keyfile")
 				 ,keyfile
-				 ,(if certfile "certfile")
-				 ,certfile
+				 ,@(apply #'append
+					  (mapcar (lambda (certfile)
+						    (list "certfile" certfile))
+						  certfiles))
 				 ,(if recipients "recipients")
 				 ,recipients
 				 ,(if sender "sender")


[-- Attachment #3: Type: text/plain, Size: 25 bytes --]


Regards,
-- 
Daiki Ueno

bug#6654: 23.2; mml-secure-message-encrypt-smime can't handle multiple recipients

[Jay Berkenbilt]

Daiki Ueno <ueno@unixuser.org> wrote:

> Thanks for the analysis.  Could you try the attached patch?  If ok,
> I'll apply it to the trunk and close this bug.

The patch seems to work fine.  After applying the patch, I was able to
send a message with multiple recipients and to decode the message with
either key.  Thanks!  (I still had to remove the keyfile attribute and
be prompted to get the extra certs included with the message, but I
reported that in a separate bug.)

-- 
Jay Berkenbilt <ejb@ql.org>

bug#6654: 23.2; mml-secure-message-encrypt-smime can't handle multiple recipients

[Daiki Ueno]

Jay Berkenbilt <ejb@ql.org> writes:

> The patch seems to work fine.  After applying the patch, I was able to
> send a message with multiple recipients and to decode the message with
> either key.

Thanks.  Applied as r100861.

Regards,
-- 
Daiki Ueno