lisp/gnus/mml2015.el (mml2015-epg-find-usable-key): handle revoked user-id

author: Daiki Ueno 2013-02-17 12:46:28 +0000
committer: Katsumi Yamaoka 2013-02-17 12:46:28 +0000
commit: a801007559f0235ce28fe868f44a9a055a9d3f32 (patch)
tree: 3905e56292ae8553279d39b6bee34d72f7628d29
parent: fd9547e88bc8796141a3cd82076d071add2fd64e (diff)
download: emacs-a801007559f0235ce28fe868f44a9a055a9d3f32.tar.gz
emacs-a801007559f0235ce28fe868f44a9a055a9d3f32.zip
2 files changed, 67 insertions, 20 deletions
diff --git a/lisp/gnus/ChangeLog b/lisp/gnus/ChangeLog
index dd6d20969ff..8de9e89a23d 100644
--- a/lisp/gnus/ChangeLog
+++ b/lisp/gnus/ChangeLog
@@ -1,3 +1,14 @@
+2013-02-17  Daiki Ueno  <ueno@gnu.org>
+        * mml2015.el (epg-key-user-id-list, epg-user-id-string)
+        (epg-user-id-validity): Autoload.
+        (mml2015-epg-check-user-id): New function.
+        (mml2015-epg-check-sub-key): New function split from
+        mml2015-epg-find-usable-key.
+        (mml2015-epg-find-usable-key): Accept context, name, usage, and
+        optional name-is-key-id, to handle the case when user-id is unusable.
+        Reported by Łukasz Stelmach <stlman@poczta.fm>.
 2013-02-17  Glenn Morris  <rgm@gnu.org>
        * shr.el (shr-put-image): Use image-multi-frame-p if available.
diff --git a/lisp/gnus/mml2015.el b/lisp/gnus/mml2015.el
index 275a4867e85..b20c02aa26f 100644
--- a/lisp/gnus/mml2015.el
+++ b/lisp/gnus/mml2015.el
@@ -757,6 +757,9 @@ If set, it overrides the setting of `mml2015-sign-with-sender'."
 (autoload 'epg-sub-key-fingerprint "epg")
 (autoload 'epg-signature-key-id "epg")
 (autoload 'epg-signature-to-string "epg")
+(autoload 'epg-key-user-id-list "epg")
+(autoload 'epg-user-id-string "epg")
+(autoload 'epg-user-id-validity "epg")
 (autoload 'epg-configuration "epg-config")
 (autoload 'epg-expand-group "epg-config")
 (autoload 'epa-select-keys "epa")
@@ -786,21 +789,53 @@ If set, it overrides the setting of `mml2015-sign-with-sender'."
              (cons password-cache-key-id mml2015-epg-secret-key-id-list))
        (copy-sequence passphrase)))))
-(defun mml2015-epg-find-usable-key (keys usage)
+(defun mml2015-epg-check-user-id (key recipient)
-  (catch 'found
+  (let ((pointer (epg-key-user-id-list key))
+        result)
+    (while pointer
+      (if (and (equal (car (mail-header-parse-address
+                            (epg-user-id-string (car pointer))))
+                      (car (mail-header-parse-address
+                            recipient)))
+               (not (memq (epg-user-id-validity (car pointer))
+                          '(revoked expired))))
+          (setq result t
+                pointer nil)
+        (setq pointer (cdr pointer))))
+    result))
+(defun mml2015-epg-check-sub-key (key usage)
+  (let ((pointer (epg-key-sub-key-list key))
+        result)
+    ;; The primary key will be marked as disabled, when the entire
+    ;; key is disabled (see 12 Field, Format of colon listings, in
+    ;; gnupg/doc/DETAILS)
+    (unless (memq 'disabled (epg-sub-key-capability (car pointer)))
+      (while pointer
+        (if (and (memq usage (epg-sub-key-capability (car pointer)))
+                 (not (memq (epg-sub-key-validity (car pointer))
+                            '(revoked expired))))
+            (setq result t
+                  pointer nil)
+          (setq pointer (cdr pointer)))))
+    result))
+(defun mml2015-epg-find-usable-key (context name usage
+                                            &optional name-is-key-id)
+  (let ((keys (epg-list-keys context name))
+        key)
    (while keys
-      (let ((pointer (epg-key-sub-key-list (car keys))))
+      (if (and (or name-is-key-id
-        ;; The primary key will be marked as disabled, when the entire
+                   ;; Non email user-id can be supplied through
-        ;; key is disabled (see 12 Field, Format of colon listings, in
+                   ;; mml2015-signers if mml2015-encrypt-to-self is set.
-        ;; gnupg/doc/DETAILS)
+                   ;; Treat it as valid, as it is user's intention.
-        (unless (memq 'disabled (epg-sub-key-capability (car pointer)))
+                   (not (string-match "\\`<" name))
-          (while pointer
+                   (mml2015-epg-check-user-id (car keys) name))
-            (if (and (memq usage (epg-sub-key-capability (car pointer)))
+               (mml2015-epg-check-sub-key (car keys) usage))
-                     (not (memq (epg-sub-key-validity (car pointer))
+          (setq key (car keys)
-                                '(revoked expired))))
+                keys nil)
-                (throw 'found (car keys)))
+        (setq keys (cdr keys))))
-            (setq pointer (cdr pointer)))))
+    key))
-      (setq keys (cdr keys)))))
 ;; XXX: since gpg --list-secret-keys does not return validity of each
 ;; key, `mml2015-epg-find-usable-key' defined above is not enough for
@@ -811,10 +846,12 @@ If set, it overrides the setting of `mml2015-sign-with-sender'."
        secret-key)
    (while (and (not secret-key) secret-keys)
      (if (mml2015-epg-find-usable-key
-           (epg-list-keys context (epg-sub-key-fingerprint
+           context
-                                   (car (epg-key-sub-key-list
+           (epg-sub-key-fingerprint
-                                         (car secret-keys)))))
+            (car (epg-key-sub-key-list
-           usage)
+                  (car secret-keys))))
+           usage
+           t)
          (setq secret-key (car secret-keys)
                secret-keys nil)
        (setq secret-keys (cdr secret-keys))))
@@ -1115,8 +1152,7 @@ If no one is selected, symmetric encryption will be performed.  "
                    (mapcar
                     (lambda (recipient)
                       (setq recipient-key (mml2015-epg-find-usable-key
-                                            (epg-list-keys context recipient)
+                                            context recipient 'encrypt))
-                                            'encrypt))
                       (unless (or recipient-key
                                   (y-or-n-p
                                    (format "No public key for %s; skip it? "
author	Daiki Ueno	2013-02-17 12:46:28 +0000
committer	Katsumi Yamaoka	2013-02-17 12:46:28 +0000
commit	a801007559f0235ce28fe868f44a9a055a9d3f32 (patch)
tree	3905e56292ae8553279d39b6bee34d72f7628d29
parent	fd9547e88bc8796141a3cd82076d071add2fd64e (diff)
download	emacs-a801007559f0235ce28fe868f44a9a055a9d3f32.tar.gz emacs-a801007559f0235ce28fe868f44a9a055a9d3f32.zip

diff --git a/lisp/gnus/ChangeLog b/lisp/gnus/ChangeLog index dd6d20969ff..8de9e89a23d 100644 --- a/lisp/gnus/ChangeLog +++ b/lisp/gnus/ChangeLog
@@ -1,3 +1,14 @@
		1	2013-02-17 Daiki Ueno <ueno@gnu.org>
		2
		3	* mml2015.el (epg-key-user-id-list, epg-user-id-string)
		4	(epg-user-id-validity): Autoload.
		5	(mml2015-epg-check-user-id): New function.
		6	(mml2015-epg-check-sub-key): New function split from
		7	mml2015-epg-find-usable-key.
		8	(mml2015-epg-find-usable-key): Accept context, name, usage, and
		9	optional name-is-key-id, to handle the case when user-id is unusable.
		10	Reported by Łukasz Stelmach <stlman@poczta.fm>.
		11
1	2013-02-17 Glenn Morris <rgm@gnu.org>	12	2013-02-17 Glenn Morris <rgm@gnu.org>
2		13
3	* shr.el (shr-put-image): Use image-multi-frame-p if available.	14	* shr.el (shr-put-image): Use image-multi-frame-p if available.


diff --git a/lisp/gnus/mml2015.el b/lisp/gnus/mml2015.el index 275a4867e85..b20c02aa26f 100644 --- a/lisp/gnus/mml2015.el +++ b/lisp/gnus/mml2015.el
@@ -757,6 +757,9 @@ If set, it overrides the setting of `mml2015-sign-with-sender'."
757	(autoload 'epg-sub-key-fingerprint "epg")	757	(autoload 'epg-sub-key-fingerprint "epg")
758	(autoload 'epg-signature-key-id "epg")	758	(autoload 'epg-signature-key-id "epg")
759	(autoload 'epg-signature-to-string "epg")	759	(autoload 'epg-signature-to-string "epg")
		760	(autoload 'epg-key-user-id-list "epg")
		761	(autoload 'epg-user-id-string "epg")
		762	(autoload 'epg-user-id-validity "epg")
760	(autoload 'epg-configuration "epg-config")	763	(autoload 'epg-configuration "epg-config")
761	(autoload 'epg-expand-group "epg-config")	764	(autoload 'epg-expand-group "epg-config")
762	(autoload 'epa-select-keys "epa")	765	(autoload 'epa-select-keys "epa")
@@ -786,21 +789,53 @@ If set, it overrides the setting of `mml2015-sign-with-sender'."
786	(cons password-cache-key-id mml2015-epg-secret-key-id-list))	789	(cons password-cache-key-id mml2015-epg-secret-key-id-list))
787	(copy-sequence passphrase)))))	790	(copy-sequence passphrase)))))
788		791
789	(defun mml2015-epg-find-usable-key (keys usage)	792	(defun mml2015-epg-check-user-id (key recipient)
790	(catch 'found	793	(let ((pointer (epg-key-user-id-list key))
		794	result)
		795	(while pointer
		796	(if (and (equal (car (mail-header-parse-address
		797	(epg-user-id-string (car pointer))))
		798	(car (mail-header-parse-address
		799	recipient)))
		800	(not (memq (epg-user-id-validity (car pointer))
		801	'(revoked expired))))
		802	(setq result t
		803	pointer nil)
		804	(setq pointer (cdr pointer))))
		805	result))
		806
		807	(defun mml2015-epg-check-sub-key (key usage)
		808	(let ((pointer (epg-key-sub-key-list key))
		809	result)
		810	;; The primary key will be marked as disabled, when the entire
		811	;; key is disabled (see 12 Field, Format of colon listings, in
		812	;; gnupg/doc/DETAILS)
		813	(unless (memq 'disabled (epg-sub-key-capability (car pointer)))
		814	(while pointer
		815	(if (and (memq usage (epg-sub-key-capability (car pointer)))
		816	(not (memq (epg-sub-key-validity (car pointer))
		817	'(revoked expired))))
		818	(setq result t
		819	pointer nil)
		820	(setq pointer (cdr pointer)))))
		821	result))
		822
		823	(defun mml2015-epg-find-usable-key (context name usage
		824	&optional name-is-key-id)
		825	(let ((keys (epg-list-keys context name))
		826	key)
791	(while keys	827	(while keys
792	(let ((pointer (epg-key-sub-key-list (car keys))))	828	(if (and (or name-is-key-id
793	;; The primary key will be marked as disabled, when the entire	829	;; Non email user-id can be supplied through
794	;; key is disabled (see 12 Field, Format of colon listings, in	830	;; mml2015-signers if mml2015-encrypt-to-self is set.
795	;; gnupg/doc/DETAILS)	831	;; Treat it as valid, as it is user's intention.
796	(unless (memq 'disabled (epg-sub-key-capability (car pointer)))	832	(not (string-match "\\`<" name))
797	(while pointer	833	(mml2015-epg-check-user-id (car keys) name))
798	(if (and (memq usage (epg-sub-key-capability (car pointer)))	834	(mml2015-epg-check-sub-key (car keys) usage))
799	(not (memq (epg-sub-key-validity (car pointer))	835	(setq key (car keys)
800	'(revoked expired))))	836	keys nil)
801	(throw 'found (car keys)))	837	(setq keys (cdr keys))))
802	(setq pointer (cdr pointer)))))	838	key))
803	(setq keys (cdr keys)))))
804		839
805	;; XXX: since gpg --list-secret-keys does not return validity of each	840	;; XXX: since gpg --list-secret-keys does not return validity of each
806	;; key, `mml2015-epg-find-usable-key' defined above is not enough for	841	;; key, `mml2015-epg-find-usable-key' defined above is not enough for
@@ -811,10 +846,12 @@ If set, it overrides the setting of `mml2015-sign-with-sender'."
811	secret-key)	846	secret-key)
812	(while (and (not secret-key) secret-keys)	847	(while (and (not secret-key) secret-keys)
813	(if (mml2015-epg-find-usable-key	848	(if (mml2015-epg-find-usable-key
814	(epg-list-keys context (epg-sub-key-fingerprint	849	context
815	(car (epg-key-sub-key-list	850	(epg-sub-key-fingerprint
816	(car secret-keys)))))	851	(car (epg-key-sub-key-list
817	usage)	852	(car secret-keys))))
		853	usage
		854	t)
818	(setq secret-key (car secret-keys)	855	(setq secret-key (car secret-keys)
819	secret-keys nil)	856	secret-keys nil)
820	(setq secret-keys (cdr secret-keys))))	857	(setq secret-keys (cdr secret-keys))))
@@ -1115,8 +1152,7 @@ If no one is selected, symmetric encryption will be performed. "
1115	(mapcar	1152	(mapcar
1116	(lambda (recipient)	1153	(lambda (recipient)
1117	(setq recipient-key (mml2015-epg-find-usable-key	1154	(setq recipient-key (mml2015-epg-find-usable-key
1118	(epg-list-keys context recipient)	1155	context recipient 'encrypt))
1119	'encrypt))
1120	(unless (or recipient-key	1156	(unless (or recipient-key
1121	(y-or-n-p	1157	(y-or-n-p
1122	(format "No public key for %s; skip it? "	1158	(format "No public key for %s; skip it? "