From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from localhost (localhost [127.0.0.1]) by arlo.cworth.org (Postfix) with ESMTP id 778FB6DE12A7 for ; Sat, 8 Oct 2016 13:05:36 -0700 (PDT) X-Virus-Scanned: Debian amavisd-new at cworth.org X-Spam-Flag: NO X-Spam-Score: 0.01 X-Spam-Level: X-Spam-Status: No, score=0.01 tagged_above=-999 required=5 tests=[AWL=-0.120, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=disabled Received: from arlo.cworth.org ([127.0.0.1]) by localhost (arlo.cworth.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id m5sK-ufccdej for ; Sat, 8 Oct 2016 13:05:36 -0700 (PDT) Received: from mail-wm0-f67.google.com (mail-wm0-f67.google.com [74.125.82.67]) by arlo.cworth.org (Postfix) with ESMTPS id B10856DE128E for ; Sat, 8 Oct 2016 13:05:30 -0700 (PDT) Received: by mail-wm0-f67.google.com with SMTP id 123so7999413wmb.3 for ; Sat, 08 Oct 2016 13:05:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=2k09rVzL/ShyycQvZKmkW2HTNesRTMkDSYtd+HoQKoQ=; b=Amc1Ud2+4PK7IBHpwhocnCEr8rHZyr0Z3IZasJaSSMUKfGSTycL3W9/3sKHDQlgLRj 9NSmuXuxMu1jCxDErbp0F8hVsk7oiNRIm5h+BxM6oSK+PWbRVIH+1gmRIX2vcY6GIn2+ No7cC1tKumN0Jwct6jmGN3oZmjl9/YH123e5CrrZfBi1IbwA8fM8czaUP9sAcsiZbWt2 5abe2VgUjqa7Oke3GYOxOCoFFPGMZYdu6co5sZmPe0+ruq9iEMo59KZzzv8ZbfI7AajI I2jJh/u2qQKKvUHaYjYfGkCTDRMzxnc4tnJBRiENLlnHuLXyKKpx5cGBRpHG4aDLvQtn XzsA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=2k09rVzL/ShyycQvZKmkW2HTNesRTMkDSYtd+HoQKoQ=; b=QFPG86zxw5pw7oi6+S8+0cozUy/0jtu31dJG/MtfRDT9JBvn4r5hrxvIy93dJU1H1M qRr5Pr36mUZhI+MOVf/aTbc6nPBk/g2L+9yt61K2cE96uX5Q4setrnyGLIPHfCLLTK6M IgVJ/d/fKE/MBggdOdVsPrUNkIDOCP6R3y+SH7Ol25jrGWol/N6QK3mEArv8OxCurDRr IPstTPeMbF2Ei+MVeogSvffvaKhglWE7yl513iezpNe4L3Q+aVaChtdANu9wemJKrVw1 iJlZWU+eBvili6c0SQITa4knMN7e8NH9hIk5Wji2Ew77LoA3itTcx+swNhISqenvyxmP TLQA== X-Gm-Message-State: AA6/9RmjxWZ4/stzjtIcdlGvP1/Tomru/Hi2ZbKF597cytM02OEQuxjfBOSF5OMYijE8mg== X-Received: by 10.28.27.12 with SMTP id b12mr4366656wmb.1.1475957129126; Sat, 08 Oct 2016 13:05:29 -0700 (PDT) Received: from localhost (5751dfa2.skybroadband.com. [87.81.223.162]) by smtp.gmail.com with ESMTPSA id a1sm26545578wjl.28.2016.10.08.13.05.28 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sat, 08 Oct 2016 13:05:28 -0700 (PDT) From: Mark Walters To: notmuch@notmuchmail.org Subject: [PATCH v4 2/2] emacs: mua: check for misplaced secure mml tags Date: Sat, 8 Oct 2016 21:05:23 +0100 Message-Id: <1475957123-6920-3-git-send-email-markwalters1009@gmail.com> X-Mailer: git-send-email 2.1.4 In-Reply-To: <1475957123-6920-1-git-send-email-markwalters1009@gmail.com> References: <1475957123-6920-1-git-send-email-markwalters1009@gmail.com> X-BeenThere: notmuch@notmuchmail.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Use and development of the notmuch mail system." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 08 Oct 2016 20:05:36 -0000 Emacs message-send seems to ignore a secure mml tag anywhere except at the start of the body, and it must be followed by a newline. Since this is almost certainly not desired we check for it, and require user confirmation before sending. As the setup before message-send or message-send-and-exit is getting more complicated it is convenient to unify the two correspoinding notmuch functions. --- emacs/notmuch-mua.el | 52 ++++++++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 48 insertions(+), 4 deletions(-) diff --git a/emacs/notmuch-mua.el b/emacs/notmuch-mua.el index 72fb770..c567173 100644 --- a/emacs/notmuch-mua.el +++ b/emacs/notmuch-mua.el @@ -490,12 +490,56 @@ will be addressed to all recipients of the source message." (notmuch-mua-reply query-string sender reply-all) (deactivate-mark))) +(defun notmuch-mua-check-no-misplaced-secure-tag () + "Query user if there is a misplaced secure mml tag. + +Emacs message-send will (probably) ignore a secure mml tag unless +it is at the start of the body. Returns t if there is no such +tag, or the user confirms they mean it." + (save-excursion + (let ((body-start (progn (message-goto-body) (point)))) + (goto-char (point-max)) + (or + ;; We are always fine if there is no secure tag. + (not (search-backward "<#secure" nil 't)) + ;; There is a secure tag, so it must be at the start of the + ;; body, with no secure tag earlier (i.e., in the headers). + (and (= (point) body-start) + (not (search-backward "<#secure" nil 't))) + ;; The user confirms they means it. + (yes-or-no-p "\ +There is a <#secure> tag not at the start of the body. It is +likely that the message will be sent unsigned and unencrypted. +Really send? "))))) + +(defun notmuch-mua-check-secure-tag-has-newline () + "Query if the secure mml tag has a newline following it. + +Emacs message-send will (probably) ignore a correctly placed +secure mml tag unless it is followed by a newline. Returns t if +any secure tag is followed by a newline, or the user confirms +they mean it." + (save-excursion + (message-goto-body) + (or + ;; There is no (correctly placed) secure tag. + (not (looking-at "<#secure")) + ;; The secure tag is followed by a newline. + (looking-at "<#secure[^\n>]*>\n") + ;; The user confirms they means it. + (yes-or-no-p "\ +The <#secure> tag at the start of the body is not followed by a +newline. It is likely that the message will be sent unsigned and +unencrypted. Really send? ")))) + (defun notmuch-mua-send-common (arg &optional exit) (interactive "P") - (letf (((symbol-function 'message-do-fcc) #'notmuch-maildir-message-do-fcc)) - (if exit - (message-send-and-exit arg) - (message-send arg)))) + (when (and (notmuch-mua-check-no-misplaced-secure-tag) + (notmuch-mua-check-secure-tag-has-newline)) + (letf (((symbol-function 'message-do-fcc) #'notmuch-maildir-message-do-fcc)) + (if exit + (message-send-and-exit arg) + (message-send arg))))) (defun notmuch-mua-send-and-exit (&optional arg) (interactive "P") -- 2.1.4