Hash: SHA1

Hi Albrecht,

On 08/10/2017 03:42:44 PM Thu, Albrecht Dreß wrote:
Hi all,

the attached patch fixes some issues with gpg/gpgsm encryption, and tries to 
improve encryption in general.  It also adds some other, small improvements.  
Note that this patch includes the one I submitted a week ago (subject “[PATCH] 
plug mem leak, simplifications”).

(1) Bug Fixes
- Due to an (undocumented) change in gpgme, S/MIME signing fails with error 
“not implemented” if the context is created with a passphrase callback, so 
never set one in this case.
- Fix several mem leaks in encryption.
- Do not use a forced GnuPG key ID for S/MIME (see improvements, below)

(2) Crypto-related Improvements
- The user identity has a field for forcing the key id used when signing GnuPG 
messages.  Using it for S/MIME is plain wrong, though (see Bugs above), so add 
an extra field for forcing a S/MIME certificate.  As to simplify life for the 
user, add buttons to display the usual key list dialogue from which the user 
can choose.
- Simplify the key list dialogue by showing the User ID only.  When the user 
double-clicks an entry, open a new dialogue with the full key details.
- Although exchanging GnuPG keys using a key server or (since the latest gpg 
versions) WKS is preferred, there are situations where keys shall not be 
published (e.g. as to not disclose an employment of a person).  For this 
situation, add a send message option to attach the sender's public key.
- On the receiving side, import application/pgp-keys parts into a temporary gpg 
context, and display the keys with buttons for importing them into the main key 
- Add subkey details (bits, type, ECC curve if applicable) to the key widget.
- Make sure S/MIME signed messages always include the signer's signature (note 
that it does not make sense to include the whole certificate chain, as the root 
cert should /always/ be imported from a trustworthy source).
- RFC3156, sect. 3 requires a message to be 7-bit clean.  Thus, QP-encoding 
pure 7-bit parts is superfluous.

(3) Misc Stuff
- Simplify deleting a folder recursively and creating a temp folder by 
exclusively using glib functions (re-sent from last week's patch).
- Check BALSA_DIALOG_HEADERBAR for information dialogues.

As always, any feedback would be highly appreciated!


Thanks as always for the patch, and for the work it represents! Thanks also for 
rolling in last weeks patch--thanks to travel and an appalling connection, I 
hadn't even installed it :-(

The changes look good from a first look: Balsa builds and runs, but I've not 
tested all the code paths. I've pushed the patch to master, to get some serious 
testing beyond what I can do.



balsa-list mailing list

Reply via email to