From: Jani Nikula <jani@nikula.org>
To: Tim Bielawa <tbielawa@redhat.com>, notmuch@notmuchmail.org
Subject: Re: [PATCH] Fix mml-quoting in responses where pgp-signing is enabled
Date: Sun, 04 Mar 2012 01:36:29 +0200 [thread overview]
Message-ID: <87ty25fe9u.fsf@nikula.org> (raw)
In-Reply-To: <1330812262-28272-1-git-send-email-tbielawa@redhat.com>
On Sat, 3 Mar 2012 17:04:22 -0500, Tim Bielawa <tbielawa@redhat.com> wrote:
> The addition of mml-quote-region (notmuch-mua.el) in 2c6710e3 breaks
> automatic signing in replies. When replies are mml-quoted and signing
> is enabled by default the "<#part sign=pgpmime>" string will appear on
> line 1. This will be consumed during the application of the
> mml-quote-region function and transform into the inert string
> "<#!part sign=pgpmime>". The result is that responses will no longer
> be signed by default.
>
> This fix moves the point forward one line before applying the quoting
> function.
>
> Consideration: Clients not signing mail by default. The first line of
> their responses would be skipped when the quoting function is
> applied. This string takes this general form:
>
> On Sat, 03 Mar 2012 12:55:14 -0800, notmuch-request@notmuchmail.org wrote:
>
> Because the string is generated by notmuch I don't believe this fix
> introduces the possibility for malicious mml commands being omitted
> from the quoting.
Hmm, would it work to mml quote the reply *before* extracting it from
the temp buffer, like below? It would handle not mml quoting the user's
signature too. Completely untested...
BR,
Jani.
diff --git a/emacs/notmuch-mua.el b/emacs/notmuch-mua.el
index 4be7c13..13244eb 100644
--- a/emacs/notmuch-mua.el
+++ b/emacs/notmuch-mua.el
@@ -95,6 +95,9 @@ list."
(goto-char (point-min))
(setq headers (mail-header-extract)))))
(forward-line 1)
+ ;; Original message may contain (malicious) MML tags. We must
+ ;; properly quote them in the reply.
+ (mml-quote-region (point) (point-max))
(setq body (buffer-substring (point) (point-max))))
;; If sender is non-nil, set the From: header to its value.
(when sender
@@ -116,12 +119,7 @@ list."
(push-mark))
(set-buffer-modified-p nil)
- (message-goto-body)
- ;; Original message may contain (malicious) MML tags. We must
- ;; properly quote them in the reply. Note that using `point-max'
- ;; instead of `mark' here is wrong. The buffer may include user's
- ;; signature which should not be MML-quoted.
- (mml-quote-region (point) (mark)))
+ (message-goto-body))
(defun notmuch-mua-forward-message ()
(message-forward)
next prev parent reply other threads:[~2012-03-03 23:36 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-03-03 22:04 [PATCH] Fix mml-quoting in responses where pgp-signing is enabled Tim Bielawa
2012-03-03 23:17 ` Tim Bielawa
2012-03-03 23:36 ` Jani Nikula [this message]
2012-03-04 1:12 ` Tim Bielawa
2012-03-04 8:25 ` [PATCH] emacs: fix MML quoting in replies Jani Nikula
2012-03-05 0:41 ` Mark Walters
2012-03-10 14:57 ` Tomi Ollila
2012-03-11 1:50 ` David Bremner
2012-03-14 22:08 ` Austin Clements
2012-03-15 6:33 ` Jani Nikula
-- strict thread matches above, loose matches on Subject: below --
2012-03-03 23:54 [PATCH] Fix mml-quoting in responses where pgp-signing is enabled Tim Bielawa
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://notmuchmail.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87ty25fe9u.fsf@nikula.org \
--to=jani@nikula.org \
--cc=notmuch@notmuchmail.org \
--cc=tbielawa@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://yhetil.org/notmuch.git/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).