On 2005-01-16 04:29:23 +0100, Adeodato Sim� wrote: > After some investigation, I've found that, while that fix was > necessary, it is not enough, since pgp_decrypt_part(), in its > current form, does never return NULL.
Let's say, it doesn't announce all errors by returning NULL -- some are, indeed, flagged. > This is because, unlike in the rest of pgp.c, the return of > mutt_wait_filter() is not checked. The problem here is that PGP exit values are nontrivial. To give just one example, gpg will return exit status 1 when it encounters a bad signature; I'm not sure right now whether this includes a signature that couldn't be verified because the public key is not known. With your patch, this would be interpreted as a failure to decrypt (in the case of a signed+encrypted attachment), which it isn't. There is a pgp_check_exit variable that may help to take care of some of these effects, but that isn't rocket science, either. > I attach a patch that seems to fix the issue, comments > welcome. I've checked that pgp_decrypt_part returning NULL is > handled gracefully in the other invocation of it. Your patch certainly detects errors, but it will also bail out on non-errors. I'm not sure what's the right way out of this ugliness. Regards, -- Thomas Roessler � Personal soap box at <http://log.does-not-exist.org/>.
