From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <jani@nikula.org>
Received: from localhost (localhost [127.0.0.1])
	by olra.theworths.org (Postfix) with ESMTP id 16FE3431FAF
	for <notmuch@notmuchmail.org>; Sat,  3 Mar 2012 15:36:37 -0800 (PST)
X-Virus-Scanned: Debian amavisd-new at olra.theworths.org
X-Spam-Flag: NO
X-Spam-Score: -0.7
X-Spam-Level: 
X-Spam-Status: No, score=-0.7 tagged_above=-999 required=5
	tests=[RCVD_IN_DNSWL_LOW=-0.7] autolearn=disabled
Received: from olra.theworths.org ([127.0.0.1])
	by localhost (olra.theworths.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id bXT-GUqATMCf for <notmuch@notmuchmail.org>;
	Sat,  3 Mar 2012 15:36:35 -0800 (PST)
Received: from mail-lpp01m010-f53.google.com (mail-lpp01m010-f53.google.com
	[209.85.215.53]) (using TLSv1 with cipher RC4-SHA (128/128 bits))
	(No client certificate requested)
	by olra.theworths.org (Postfix) with ESMTPS id ADF9E431FAE
	for <notmuch@notmuchmail.org>; Sat,  3 Mar 2012 15:36:34 -0800 (PST)
Received: by lahc1 with SMTP id c1so3588507lah.26
	for <notmuch@notmuchmail.org>; Sat, 03 Mar 2012 15:36:33 -0800 (PST)
Received-SPF: pass (google.com: domain of jani@nikula.org designates
	10.112.103.228 as permitted sender) client-ip=10.112.103.228; 
Authentication-Results: mr.google.com;
	spf=pass (google.com: domain of jani@nikula.org
	designates 10.112.103.228 as permitted sender)
	smtp.mail=jani@nikula.org
Received: from mr.google.com ([10.112.103.228])
	by 10.112.103.228 with SMTP id fz4mr6491577lbb.99.1330817793231
	(num_hops = 1); Sat, 03 Mar 2012 15:36:33 -0800 (PST)
Received: by 10.112.103.228 with SMTP id fz4mr5307297lbb.99.1330817793076;
	Sat, 03 Mar 2012 15:36:33 -0800 (PST)
Received: from localhost (dsl-hkibrasgw4-fe50f800-253.dhcp.inet.fi.
	[84.248.80.253])
	by mx.google.com with ESMTPS id fl2sm15225898lbb.4.2012.03.03.15.36.31
	(version=SSLv3 cipher=OTHER); Sat, 03 Mar 2012 15:36:32 -0800 (PST)
From: Jani Nikula <jani@nikula.org>
To: Tim Bielawa <tbielawa@redhat.com>, notmuch@notmuchmail.org
Subject: Re: [PATCH] Fix mml-quoting in responses where pgp-signing is
 enabled
In-Reply-To: <1330812262-28272-1-git-send-email-tbielawa@redhat.com>
References: <1330812262-28272-1-git-send-email-tbielawa@redhat.com>
User-Agent: Notmuch/0.11.1+295~g780f284 (http://notmuchmail.org) Emacs/23.3.1
	(i686-pc-linux-gnu)
Date: Sun, 04 Mar 2012 01:36:29 +0200
Message-ID: <87ty25fe9u.fsf@nikula.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Gm-Message-State: ALoCoQnRWkKHP28R+OCe08SWbBS2xNcci14RgspHbtiLGrsyVY5WLEkyDpqtXMoXFhN0cG2bdBRK
X-BeenThere: notmuch@notmuchmail.org
X-Mailman-Version: 2.1.13
Precedence: list
List-Id: "Use and development of the notmuch mail system."
	<notmuch.notmuchmail.org>
List-Unsubscribe: <http://notmuchmail.org/mailman/options/notmuch>,
	<mailto:notmuch-request@notmuchmail.org?subject=unsubscribe>
List-Archive: <http://notmuchmail.org/pipermail/notmuch>
List-Post: <mailto:notmuch@notmuchmail.org>
List-Help: <mailto:notmuch-request@notmuchmail.org?subject=help>
List-Subscribe: <http://notmuchmail.org/mailman/listinfo/notmuch>,
	<mailto:notmuch-request@notmuchmail.org?subject=subscribe>
X-List-Received-Date: Sat, 03 Mar 2012 23:36:37 -0000

On Sat,  3 Mar 2012 17:04:22 -0500, Tim Bielawa <tbielawa@redhat.com> wrote:
> The addition of mml-quote-region (notmuch-mua.el) in 2c6710e3 breaks
> automatic signing in replies. When replies are mml-quoted and signing
> is enabled by default the "<#part sign=pgpmime>" string will appear on
> line 1. This will be consumed during the application of the
> mml-quote-region function and transform into the inert string
> "<#!part sign=pgpmime>". The result is that responses will no longer
> be signed by default.
> 
> This fix moves the point forward one line before applying the quoting
> function.
> 
> Consideration: Clients not signing mail by default. The first line of
> their responses would be skipped when the quoting function is
> applied. This string takes this general form:
> 
>     On Sat, 03 Mar 2012 12:55:14 -0800, notmuch-request@notmuchmail.org wrote:
> 
> Because the string is generated by notmuch I don't believe this fix
> introduces the possibility for malicious mml commands being omitted
> from the quoting.

Hmm, would it work to mml quote the reply *before* extracting it from
the temp buffer, like below? It would handle not mml quoting the user's
signature too. Completely untested...

BR,
Jani.


diff --git a/emacs/notmuch-mua.el b/emacs/notmuch-mua.el
index 4be7c13..13244eb 100644
--- a/emacs/notmuch-mua.el
+++ b/emacs/notmuch-mua.el
@@ -95,6 +95,9 @@ list."
 	      (goto-char (point-min))
 	      (setq headers (mail-header-extract)))))
       (forward-line 1)
+      ;; Original message may contain (malicious) MML tags. We must
+      ;; properly quote them in the reply.
+      (mml-quote-region (point) (point-max))
       (setq body (buffer-substring (point) (point-max))))
     ;; If sender is non-nil, set the From: header to its value.
     (when sender
@@ -116,12 +119,7 @@ list."
     (push-mark))
   (set-buffer-modified-p nil)
 
-  (message-goto-body)
-  ;; Original message may contain (malicious) MML tags.  We must
-  ;; properly quote them in the reply.  Note that using `point-max'
-  ;; instead of `mark' here is wrong.  The buffer may include user's
-  ;; signature which should not be MML-quoted.
-  (mml-quote-region (point) (mark)))
+  (message-goto-body))
 
 (defun notmuch-mua-forward-message ()
   (message-forward)