diff options
| author | Teemu Likonen | 2019-07-13 02:12:58 +0200 |
|---|---|---|
| committer | Lars Ingebrigtsen | 2019-07-13 02:13:40 +0200 |
| commit | 74579d3d2bb82f300a6f2d81b7b559f0a24061db (patch) | |
| tree | dc7fc3b56c36b2b73304ccb53f78c0b7168f702f | |
| parent | d539d5868c90cecd48d7097752d2ac995b3e60cb (diff) | |
| download | emacs-74579d3d2bb82f300a6f2d81b7b559f0a24061db.tar.gz emacs-74579d3d2bb82f300a6f2d81b7b559f0a24061db.zip | |
Use the gpg --sender option
* lisp/epg.el (epg-start-encrypt)
* lisp/gnus/mml-sec.el (mml-secure-epg-encrypt): When
'mml-secure-openpgp-sign-with-sender' is non-nil message sender's
email address (in addition to its old behaviour) will also be used
to set gpg's "--sender email@domain" option.
| -rw-r--r-- | etc/NEWS | 23 | ||||
| -rw-r--r-- | lisp/epg.el | 8 | ||||
| -rw-r--r-- | lisp/gnus/mml-sec.el | 9 |
3 files changed, 38 insertions, 2 deletions
| @@ -1379,6 +1379,22 @@ are formatted as MIME digests. | |||
| 1379 | *** 'message-forward-included-headers' has changed its default to | 1379 | *** 'message-forward-included-headers' has changed its default to |
| 1380 | exclude most headers when forwarding. | 1380 | exclude most headers when forwarding. |
| 1381 | 1381 | ||
| 1382 | *** 'mml-secure-openpgp-sign-with-sender' sets also "gpg --sender" | ||
| 1383 | When 'mml-secure-openpgp-sign-with-sender' is non-nil message sender's | ||
| 1384 | email address (in addition to its old behaviour) will also be used to | ||
| 1385 | set gpg's "--sender email@domain" option. | ||
| 1386 | |||
| 1387 | The option is useful for two reasons when verifying the signature: | ||
| 1388 | |||
| 1389 | 1. GnuPG's TOFU statistics are updated for the specific user id | ||
| 1390 | (email) only. See gpg(1) man page about "--sender". | ||
| 1391 | |||
| 1392 | 2. GnuPG's --auto-key-retrieve functionality can use WKD (web key | ||
| 1393 | directory) method for finding the signer's key. You need GnuPG | ||
| 1394 | 2.2.17 to fully benefit from this feature. See gpg(1) man page for | ||
| 1395 | "--auto-key-retrieve". | ||
| 1396 | |||
| 1397 | --- | ||
| 1382 | ** EasyPG | 1398 | ** EasyPG |
| 1383 | 1399 | ||
| 1384 | --- | 1400 | --- |
| @@ -1391,6 +1407,13 @@ It now applies to epg functions as well as epa functions. | |||
| 1391 | been removed. Use 'encode-coding-string', 'decode-coding-string', and | 1407 | been removed. Use 'encode-coding-string', 'decode-coding-string', and |
| 1392 | 'select-safe-coding-system' instead. | 1408 | 'select-safe-coding-system' instead. |
| 1393 | 1409 | ||
| 1410 | *** 'epg-context' structure supports now 'sender' slot | ||
| 1411 | The value of the new 'sender' slot (if a string) is used to set gpg's | ||
| 1412 | --sender option. This feature is used by | ||
| 1413 | 'mml-secure-openpgp-sign-with-sender'. See gpg(1) manual page about | ||
| 1414 | "--sender" for more information. | ||
| 1415 | |||
| 1416 | --- | ||
| 1394 | ** Rmail | 1417 | ** Rmail |
| 1395 | 1418 | ||
| 1396 | +++ | 1419 | +++ |
diff --git a/lisp/epg.el b/lisp/epg.el index 8029bf5a931..ce58c520f17 100644 --- a/lisp/epg.el +++ b/lisp/epg.el | |||
| @@ -208,6 +208,7 @@ | |||
| 208 | progress-callback | 208 | progress-callback |
| 209 | edit-callback | 209 | edit-callback |
| 210 | signers | 210 | signers |
| 211 | sender | ||
| 211 | sig-notations | 212 | sig-notations |
| 212 | process | 213 | process |
| 213 | output-file | 214 | output-file |
| @@ -1616,6 +1617,9 @@ If you are unsure, use synchronous version of this function | |||
| 1616 | (epg-sub-key-id | 1617 | (epg-sub-key-id |
| 1617 | (car (epg-key-sub-key-list signer))))) | 1618 | (car (epg-key-sub-key-list signer))))) |
| 1618 | (epg-context-signers context))) | 1619 | (epg-context-signers context))) |
| 1620 | (let ((sender (epg-context-sender context))) | ||
| 1621 | (when (stringp sender) | ||
| 1622 | (list "--sender" sender))) | ||
| 1619 | (epg--args-from-sig-notations | 1623 | (epg--args-from-sig-notations |
| 1620 | (epg-context-sig-notations context)) | 1624 | (epg-context-sig-notations context)) |
| 1621 | (if (epg-data-file plain) | 1625 | (if (epg-data-file plain) |
| @@ -1711,6 +1715,10 @@ If you are unsure, use synchronous version of this function | |||
| 1711 | signer))))) | 1715 | signer))))) |
| 1712 | (epg-context-signers context)))) | 1716 | (epg-context-signers context)))) |
| 1713 | (if sign | 1717 | (if sign |
| 1718 | (let ((sender (epg-context-sender context))) | ||
| 1719 | (when (stringp sender) | ||
| 1720 | (list "--sender" sender)))) | ||
| 1721 | (if sign | ||
| 1714 | (epg--args-from-sig-notations | 1722 | (epg--args-from-sig-notations |
| 1715 | (epg-context-sig-notations context))) | 1723 | (epg-context-sig-notations context))) |
| 1716 | (apply #'nconc | 1724 | (apply #'nconc |
diff --git a/lisp/gnus/mml-sec.el b/lisp/gnus/mml-sec.el index 02a27b367cd..07d20285343 100644 --- a/lisp/gnus/mml-sec.el +++ b/lisp/gnus/mml-sec.el | |||
| @@ -497,7 +497,8 @@ https://debbugs.gnu.org/cgi/bugreport.cgi?bug=18718" | |||
| 497 | 'mml2015-sign-with-sender 'mml-secure-openpgp-sign-with-sender "25.1") | 497 | 'mml2015-sign-with-sender 'mml-secure-openpgp-sign-with-sender "25.1") |
| 498 | ;mml1991-sign-with-sender did never exist. | 498 | ;mml1991-sign-with-sender did never exist. |
| 499 | (defcustom mml-secure-openpgp-sign-with-sender nil | 499 | (defcustom mml-secure-openpgp-sign-with-sender nil |
| 500 | "If t, use message sender to find an OpenPGP key to sign with." | 500 | "If t, use message sender to find an OpenPGP key to sign with. |
| 501 | Also use message's sender with GnuPG's --sender option." | ||
| 501 | :group 'mime-security | 502 | :group 'mime-security |
| 502 | :type 'boolean) | 503 | :type 'boolean) |
| 503 | 504 | ||
| @@ -913,7 +914,9 @@ If no one is selected, symmetric encryption will be performed. " | |||
| 913 | cipher signers) | 914 | cipher signers) |
| 914 | (when sign | 915 | (when sign |
| 915 | (setq signers (mml-secure-signers context signer-names)) | 916 | (setq signers (mml-secure-signers context signer-names)) |
| 916 | (setf (epg-context-signers context) signers)) | 917 | (setf (epg-context-signers context) signers) |
| 918 | (when mml-secure-openpgp-sign-with-sender | ||
| 919 | (setf (epg-context-sender context) sender))) | ||
| 917 | (when (eq 'OpenPGP protocol) | 920 | (when (eq 'OpenPGP protocol) |
| 918 | (setf (epg-context-armor context) t) | 921 | (setf (epg-context-armor context) t) |
| 919 | (setf (epg-context-textmode context) t)) | 922 | (setf (epg-context-textmode context) t)) |
| @@ -944,6 +947,8 @@ If no one is selected, symmetric encryption will be performed. " | |||
| 944 | (setf (epg-context-armor context) t) | 947 | (setf (epg-context-armor context) t) |
| 945 | (setf (epg-context-textmode context) t)) | 948 | (setf (epg-context-textmode context) t)) |
| 946 | (setf (epg-context-signers context) signers) | 949 | (setf (epg-context-signers context) signers) |
| 950 | (when mml-secure-openpgp-sign-with-sender | ||
| 951 | (setf (epg-context-sender context) sender)) | ||
| 947 | (when (mml-secure-cache-passphrase-p protocol) | 952 | (when (mml-secure-cache-passphrase-p protocol) |
| 948 | (epg-context-set-passphrase-callback | 953 | (epg-context-set-passphrase-callback |
| 949 | context | 954 | context |