I would like to propose an alternate solution to this problem because I think this issue is part of a slightly larger problem.
The larger problem is that the smime command doesn't generate valid S/MIME output. It has probably never generated valid S/MIME output, and it hasn't been much of a problem in the past. I can see two use cases for the smime command, one that hopefully describes what Bruno is doing, and one that describes that I am doing. Bruno appears to be doing 'Unix stuff'. He is using a bunch of handy Unix tools to build himself a signed and/or encrypted mail message. I'm guessing that Bruno uses commonly available Unix commands to send the mail message. What Bruno needs is a normal Unix text file as output and he appears to be happy using any extras that help him generate a valid email message. I am using openssl as part of a large message processing system. What I need is standards conforming S/MIME (if there is such a thing). I don't want any extras from the system and I want something that helps be speak SMTP. In essence, Bruno is integrating openssl with his MUA and I am integrating openssl with my MTA. I would like to replace the -crlfeol command line flag with -canonical. Without this flag, 'openssl smime' should generate lines with the local platform dependent eol and all the headers it generates now. With the -canonical flag, it should generate valid S/MIME output. All lines will be CRLF terminated (headers and base64) and the 'MIME-Version' header will not be emitted. The latter is because the MIME-Version header is not actually a MIME header and it cannot appear in a MIME message part. I don't see a huge problem with dropping the crlfeol command line flag because people only discovered it by reading the source or the changelog, and they can do that again to find out that it has gone. The patches for CRLF line endings already attached to this ticket are an excellent start. I'll try and come up with some patches for the rest of it later today. Cheers -- Lloyd Parkes Senior Systems Programmer Open Systems Ph: +64 4 890 2437 ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]