Package: mutt
Version: 1.5.23-3
Severity: normal
Dear Maintainer,
* What led up to the situation?
.. configuring gpg2 to NOT have --no-sig-create-check set
(ie, gpg2 verifies each signature right after construction)
.. configuring mutt with (lines broken for readability)
pgp_retainable_sigs = yes
pgp_sign_command = "gpg2 --no-verbose -q --batch -a -t -o - \
--detach-sign %?p?--passphrase-fd 0? \
%?a?-u %a? %f"
pgp_encrypt_only_command = "/usr/lib/mutt/pgpewrap gpg2 \
--no-verbose -q --batch -a -t -o - \
-- -r %r -- %f"
pgp_verify_command = "gpg2 --no-verbose -q --batch -o - \
--status-fd 2 --verify %s %f"
* What exactly did you do (or not do) that was effective (or
ineffective)?
.. preparing an email
.. selecting the recipient's public encryption key from the PGP menu
.. selecting (b)oth to the question of PGP/MIME signing and/or encrypting
.. entering the password for the private master key that contains the
signing key
.. giving the [yes] to have the email sent off
* What was the outcome of this action?
Mutt responding on the terminal (via STDERR, I suppose) with
gpg: Signature made Di 12 Jan 2016 01:25:32 CET
gpg: using RSA key DEADBEEF
gpg: BAD signature from "Name <[email protected]>" [ultimate]
Press any key to continue...
* What outcome did you expect instead?
The progress message that mutt issues on the ncurses UI to tell us it
is shipping out an email.
*** End of the template - remove these template lines ***
Having mutt run in debug mode while doing the above clearly showed that
gpg2 is called exactly three times:
1. when listing public encryption keys (pgp_list_pubring_command),
2. when detach-signing the message (pgp_sign_command), and
3. when encrypting it (pgp_encrypt_only_command);
nowhere is it invoked to verify something.
Performing the detach-signing, encrypting, and verifying sequence
with the commands above on the command line does produce the desired
result without any "BAD signature" complaints.
-- Package-specific info:
Mutt 1.5.23 (2014-03-12)
Copyright (C) 1996-2009 Michael R. Elkins and others.
Mutt comes with ABSOLUTELY NO WARRANTY; for details type `mutt -vv'.
Mutt is free software, and you are welcome to redistribute it
under certain conditions; type `mutt -vv' for details.
System: Linux 3.19.7-apple-mbp4.1-gpt-ext4 (x86_64)
ncurses: ncurses 6.0.20151024 (compiled with 5.9)
libidn: 1.32 (compiled with 1.29)
hcache backend: tokyocabinet 1.4.48
Compiler:
Using built-in specs.
COLLECT_GCC=gcc
COLLECT_LTO_WRAPPER=/usr/lib/gcc/x86_64-linux-gnu/4.9/lto-wrapper
Target: x86_64-linux-gnu
Configured with: ../src/configure -v --with-pkgversion='Debian 4.9.2-4'
--with-bugurl=file:///usr/share/doc/gcc-4.9/README.Bugs
--enable-languages=c,c++,java,go,d,fortran,objc,obj-c++ --prefix=/usr
--program-suffix=-4.9 --enable-shared --enable-linker-build-id
--libexecdir=/usr/lib --without-included-gettext --enable-threads=posix
--with-gxx-include-dir=/usr/include/c++/4.9 --libdir=/usr/lib --enable-nls
--with-sysroot=/ --enable-clocale=gnu --enable-libstdcxx-debug
--enable-libstdcxx-time=yes --enable-gnu-unique-object --disable-vtable-verify
--enable-plugin --with-system-zlib --disable-browser-plugin
--enable-java-awt=gtk --enable-gtk-cairo
--with-java-home=/usr/lib/jvm/java-1.5.0-gcj-4.9-amd64/jre --enable-java-home
--with-jvm-root-dir=/usr/lib/jvm/java-1.5.0-gcj-4.9-amd64
--with-jvm-jar-dir=/usr/lib/jvm-exports/java-1.5.0-gcj-4.9-amd64
--with-arch-directory=amd64 --with-ecj-jar=/usr/share/java/eclipse-ecj.jar
--enable-objc-gc --enable-multiarch --with-arch-32=i586 --with-abi=m64
--with-multilib-list=m32,m64,mx32 --enable-multilib --with-tune=generic
--enable-checking=release --build=x86_64-linux-gnu --host=x86_64-linux-gnu
--target=x86_64-linux-gnu
Thread model: posix
gcc version 4.9.2 (Debian 4.9.2-4)
Configure options: '--prefix=/usr' '--sysconfdir=/etc'
'--mandir=/usr/share/man' '--with-docdir=/usr/share/doc'
'--with-mailpath=/var/mail' '--disable-dependency-tracking'
'--enable-compressed' '--enable-debug' '--enable-fcntl' '--enable-hcache'
'--enable-gpgme' '--enable-imap' '--enable-smtp' '--enable-pop' '--with-curses'
'--with-gnutls' '--with-gss' '--with-idn' '--with-mixmaster' '--with-sasl'
'--without-gdbm' '--without-bdb' '--without-qdbm' '--build' 'x86_64-linux-gnu'
'build_alias=x86_64-linux-gnu' 'CFLAGS=-g -O2 -fstack-protector-strong -Wformat
-Werror=format-security -Wall' 'LDFLAGS=-Wl,-z,relro'
'CPPFLAGS=-D_FORTIFY_SOURCE=2 -I/usr/include/qdbm'
Compilation CFLAGS: -g -O2 -fstack-protector-strong -Wformat
-Werror=format-security -Wall
Compile options:
-DOMAIN
+DEBUG
-HOMESPOOL +USE_SETGID +USE_DOTLOCK +DL_STANDALONE +USE_FCNTL -USE_FLOCK
+USE_POP +USE_IMAP +USE_SMTP
-USE_SSL_OPENSSL +USE_SSL_GNUTLS +USE_SASL +USE_GSS +HAVE_GETADDRINFO
+HAVE_REGCOMP -USE_GNU_REGEX
+HAVE_COLOR +HAVE_START_COLOR +HAVE_TYPEAHEAD +HAVE_BKGDSET
+HAVE_CURS_SET +HAVE_META +HAVE_RESIZETERM
+CRYPT_BACKEND_CLASSIC_PGP +CRYPT_BACKEND_CLASSIC_SMIME +CRYPT_BACKEND_GPGME
-EXACT_ADDRESS -SUN_ATTACHMENT
+ENABLE_NLS -LOCALES_HACK +COMPRESSED +HAVE_WC_FUNCS +HAVE_LANGINFO_CODESET
+HAVE_LANGINFO_YESEXPR
+HAVE_ICONV -ICONV_NONTRANS +HAVE_LIBIDN +HAVE_GETSID +USE_HCACHE
-ISPELL
SENDMAIL="/usr/sbin/sendmail"
MAILPATH="/var/mail"
PKGDATADIR="/usr/share/mutt"
SYSCONFDIR="/etc"
EXECSHELL="/bin/sh"
MIXMASTER="mixmaster"
To contact the developers, please mail to <[email protected]>.
To report a bug, please visit http://bugs.mutt.org/.
misc/am-maintainer-mode.patch
features/ifdef.patch
features/xtitles.patch
features/trash-folder.patch
features/purge-message.patch
features/imap_fast_trash.patch
features/sensible_browser_position.patch
features-old/patch-1.5.4.vk.pgp_verbose_mime.patch
features/compressed-folders.patch
features/compressed-folders.debian.patch
debian-specific/Muttrc.patch
debian-specific/Md.etc_mailname_gethostbyname.patch
debian-specific/use_usr_bin_editor.patch
debian-specific/correct_docdir_in_man_page.patch
debian-specific/dont_document_not_present_features.patch
debian-specific/document_debian_defaults.patch
debian-specific/assumed_charset-compat.patch
debian-specific/467432-write_bcc.patch
debian-specific/566076-build_doc_adjustments.patch
misc/define-pgp_getkeys_command.patch
misc/gpg.rc-paths.patch
misc/smime.rc.patch
misc/fix-configure-test-operator.patch
upstream/531430-imapuser.patch
upstream/543467-thread-segfault.patch
upstream/542817-smimekeys-tmpdir.patch
upstream/548577-gpgme-1.2.patch
upstream/553321-ansi-escape-segfault.patch
upstream/547980-smime_keys-chaining.patch
upstream/528233-readonly-open.patch
upstream/228671-pipe-mime.patch
upstream/383769-score-match.patch
upstream/603288-split-fetches.patch
upstream/611410-no-implicit_autoview-for-text-html.patch
upstream/path_max.patch
translations/update_german_translation.patch
upstream/771125-CVE-2014-9116-jessie.patch
__separator__mutt.org.patch
-- System Information:
Debian Release: stretch/sid
APT prefers testing
APT policy: (500, 'testing'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 3.19.7-apple-mbp4.1-gpt-ext4 (SMP w/2 CPU cores; PREEMPT)
Locale: LANG=POSIX, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages mutt depends on:
ii libassuan0 2.4.2-1
ii libc6 2.19-22
ii libcomerr2 1.42.13-1
ii libgnutls-deb0-28 3.3.15-5
ii libgpg-error0 1.20-1
ii libgpgme11 1.6.0-1
ii libgssapi-krb5-2 1.13.2+dfsg-4
ii libidn11 1.32-3
ii libk5crypto3 1.13.2+dfsg-4
ii libkrb5-3 1.13.2+dfsg-4
ii libncursesw5 6.0+20151024-2
ii libsasl2-2 2.1.26.dfsg1-14
ii libtinfo5 6.0+20151024-2
ii libtokyocabinet9 1.4.48-3
Versions of packages mutt recommends:
ii exim4-daemon-light [mail-transport-agent] 4.86-7
ii libsasl2-modules 2.1.26.dfsg1-14
ii locales 2.19-22
ii mime-support 3.59
Versions of packages mutt suggests:
pn aspell | ispell <none>
ii ca-certificates 20150426
ii gnupg 1.4.19-6
pn mixmaster <none>
ii openssl 1.0.2d-1
pn urlview <none>
Versions of packages mutt is related to:
ii mutt 1.5.23-3
pn mutt-dbg <none>
pn mutt-patched <none>
-- no debconf information