From mboxrd@z Thu Jan 1 00:00:00 1970 Received: by 10.204.20.129 with SMTP id f1cs154758bkb; Tue, 12 Oct 2010 14:46:39 -0700 (PDT) Received: by 10.42.175.132 with SMTP id ba4mr1289951icb.197.1286919998060; Tue, 12 Oct 2010 14:46:38 -0700 (PDT) Return-Path: Received: from rubyforge.org (rubyforge.org [205.234.109.19]) by mx.google.com with ESMTP id x21si20703342ibf.71.2010.10.12.14.46.37; Tue, 12 Oct 2010 14:46:38 -0700 (PDT) Received-SPF: pass (google.com: domain of sup-devel-bounces@rubyforge.org designates 205.234.109.19 as permitted sender) client-ip=205.234.109.19; Authentication-Results: mx.google.com; spf=pass (google.com: domain of sup-devel-bounces@rubyforge.org designates 205.234.109.19 as permitted sender) smtp.mail=sup-devel-bounces@rubyforge.org Received: from rubyforge.org (rubyforge.org [127.0.0.1]) by rubyforge.org (Postfix) with ESMTP id 2121819783CD; Tue, 12 Oct 2010 17:46:37 -0400 (EDT) Received: from ping.pong.ch (ping.pong.ch [77.109.141.101]) by rubyforge.org (Postfix) with ESMTP id 0BFF71858357 for ; Tue, 12 Oct 2010 17:46:29 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by ping.pong.ch (Postfix) with ESMTP id C3B3440CB4D0; Tue, 12 Oct 2010 23:46:26 +0200 (CEST) Received: from ping.pong.ch ([127.0.0.1]) by localhost (ping.pong.ch [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LXxjfvRGMjhD; Tue, 12 Oct 2010 23:46:22 +0200 (CEST) Received: from auth sender gaudenz@ping.pong.ch by ping.pong.ch (Postfix) with ESMTPSA id BEC4240CB4C8; Tue, 12 Oct 2010 23:46:22 +0200 (CEST) Received: by meteor.durcheinandertal.local (Postfix, from userid 1000) id C9DCA1CD0; Tue, 12 Oct 2010 23:46:23 +0200 (CEST) From: Gaudenz Steinlin To: sup-devel Date: Tue, 12 Oct 2010 23:46:19 +0200 Message-Id: <1286919925-sup-9064@meteor.durcheinandertal.local> User-Agent: Sup/git MIME-Version: 1.0 Subject: [sup-devel] [PATCH] Fix signing of multipart messages X-BeenThere: sup-devel@rubyforge.org X-Mailman-Version: 2.1.12 Precedence: list Reply-To: Sup developer discussion List-Id: Sup developer discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============0459651191==" Sender: sup-devel-bounces@rubyforge.org Errors-To: sup-devel-bounces@rubyforge.org --===============0459651191== Content-Transfer-Encoding: 8bit Content-Type: multipart/signed; micalg="pgp-sha256"; boundary="=-1286919983-769238-6769-9366-5-="; protocol="application/pgp-signature" --=-1286919983-769238-6769-9366-5-= Content-Type: multipart/mixed; boundary="=-1286919979-466408-6769-6358-4-=" --=-1286919979-466408-6769-6358-4-= Content-Type: text/plain; charset=UTF-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi Sup currently crashes when you try to sign a multipart message. This is fixed by the first patch. Additionally the signatures created for multipart messages are wrong, because the incorrect MIME-Version header is stripped before signing but not when actually constructing the message. RMail automagically adds these MIME-Version headers on serialization. This also creates problems on signature verification of signed multipart messages. = The second patch addresses these two problems by monkey patching RMail to no longer automagically add MIME-Version headers. This is not really elegant, but I could not come up with a better way to avoid the various side effects on signatures of automatically messing with mail parts on serialization. For the monkey patch to be applied the require statements had to be rearranged so that rmail is included before sup/util. If someone knows a better fix than monkey patching I would be more than happy... Gaudenz P.S.: Do you rather prefer patches as attachments or inline patches? -- Ever tried. Ever failed. No matter. Try again. Fail again. Fail better. ~ Samuel Beckett ~ --=-1286919979-466408-6769-6358-4-= Content-Disposition: attachment; filename="0001-Encode-multipart-messages-for-crypt-operations.patch" Content-Type: application/octet-stream; name="0001-Encode-multipart-messages-for-crypt-operations.patch" Content-Transfer-Encoding: base64 RnJvbSBjYTI1MTEyMjBkMWYwMTk4YTRlNzM0MzJlODc3NzRhOGZlMzBmYmE5 IE1vbiBTZXAgMTcgMDA6MDA6MDAgMjAwMQpGcm9tOiBHYXVkZW56IFN0ZWlu bGluIDxnYXVkZW56QHNvemlvbG9naWUuY2g+CkRhdGU6IFR1ZSwgMTIgT2N0 IDIwMTAgMjM6MjA6NTMgKzAyMDAKU3ViamVjdDogW1BBVENIIDEvMl0gRW5j b2RlIG11bHRpcGFydCBtZXNzYWdlcyBmb3IgY3J5cHQgb3BlcmF0aW9ucwoK U3VwIGNyYXNoZWQgd2hlbiB0cnlpbmcgdG8gZW5jb2RlIGEgbXVsdGlwYXJ0 IG1lc3NhZ2UgZm9yIGNyeXB0bwpvcGVyYXRpb25zLiBUaGlzIGVuY29kZXMg ZWFjaCBwYXJ0IG9mIHRoZSBtZXNzYWdlIHNlcGFyYXRlbHkuIEl0IGFsc28K Y2hhbmdlcyB0aGUgZW5jb2RpbmcgZm9yIHRleHQvKiBwYXJ0cyB0byBxdW90 ZWQtcHJpbnRhYmxlLgoKVGhpcyBvbmx5IGNvbmNlcm5zIHRoZSB0cmFuc2Zl ciBlbmNvZGluZyBhbmQgZG9lcyBub3QgY2hhbmdlIHRoZSBjaGFyc2V0Cmlu IGFueSB3YXkuCi0tLQogbGliL3N1cC9tb2Rlcy9lZGl0LW1lc3NhZ2UtbW9k ZS5yYiB8ICAgMjYgKysrKysrKysrKysrKysrKysrKysrKysrLS0KIDEgZmls ZXMgY2hhbmdlZCwgMjQgaW5zZXJ0aW9ucygrKSwgMiBkZWxldGlvbnMoLSkK CmRpZmYgLS1naXQgYS9saWIvc3VwL21vZGVzL2VkaXQtbWVzc2FnZS1tb2Rl LnJiIGIvbGliL3N1cC9tb2Rlcy9lZGl0LW1lc3NhZ2UtbW9kZS5yYgppbmRl eCBmMjdlYjVjLi4xYmY5Mzc4IDEwMDY0NAotLS0gYS9saWIvc3VwL21vZGVz L2VkaXQtbWVzc2FnZS1tb2RlLnJiCisrKyBiL2xpYi9zdXAvbW9kZXMvZWRp dC1tZXNzYWdlLW1vZGUucmIKQEAgLTQwMyw4ICs0MDMsMTEgQEAgcHJvdGVj dGVkCiAgICAgaWYgQGNyeXB0b19zZWxlY3RvciAmJiBAY3J5cHRvX3NlbGVj dG9yLnZhbCAhPSA6bm9uZQogICAgICAgZnJvbV9lbWFpbCA9IFBlcnNvbi5m cm9tX2FkZHJlc3MoQGhlYWRlclsiRnJvbSJdKS5lbWFpbAogICAgICAgdG9f ZW1haWwgPSBbQGhlYWRlclsiVG8iXSwgQGhlYWRlclsiQ2MiXSwgQGhlYWRl clsiQmNjIl1dLmZsYXR0ZW4uY29tcGFjdC5tYXAgeyB8cHwgUGVyc29uLmZy b21fYWRkcmVzcyhwKS5lbWFpbCB9Ci0gICAgICBtLmhlYWRlclsiQ29udGVu dC1UcmFuc2Zlci1FbmNvZGluZyJdID0gJ2Jhc2U2NCcKLSAgICAgIG0uYm9k eSA9IFttLmJvZHldLnBhY2soJ20nKQorICAgICAgaWYgbS5tdWx0aXBhcnQ/ CisgICAgICAgIG0uZWFjaF9wYXJ0IHt8cHwgcCA9IHRyYW5zZmVyX2VuY29k ZSBwfQorICAgICAgZWxzZQorICAgICAgICBtID0gdHJhbnNmZXJfZW5jb2Rl IG0KKyAgICAgIGVuZAogCiAgICAgICBtID0gQ3J5cHRvTWFuYWdlci5zZW5k IEBjcnlwdG9fc2VsZWN0b3IudmFsLCBmcm9tX2VtYWlsLCB0b19lbWFpbCwg bQogICAgIGVuZApAQCAtNTIwLDYgKzUyMywyNSBAQCBwcml2YXRlCiAgICAg ICBbXQogICAgIGVuZAogICBlbmQKKworICBkZWYgdHJhbnNmZXJfZW5jb2Rl IG1zZ19wYXJ0CisgICAgIyMgcmV0dXJuIHRoZSBtZXNzYWdlIHVuY2hhbmdl ZCBpZiBpdCdzIGFscmVhZHkgZW5jb2RlZAorICAgIGlmIChtc2dfcGFydC5o ZWFkZXJbIkNvbnRlbnQtVHJhbnNmZXItRW5jb2RpbmciXSA9PSAiYmFzZTY0 IiB8fAorICAgICAgICBtc2dfcGFydC5oZWFkZXJbIkNvbnRlbnQtVHJhbnNm ZXItRW5jb2RpbmciXSA9PSAicXVvdGVkLXByaW50YWJsZSIpCisgICAgICBy ZXR1cm4gbXNnX3BhcnQKKyAgICBlbmQKKworICAgICMjIGVuY29kZSB0byBx dW90ZWQtcHJpbnRhYmxlIGZvciBhbGwgdGV4dC8qIE1JTUUgdHlwZXMsCisg ICAgIyMgdXNlIGJhc2U2NCBvdGhlcndpc2UKKyAgICBpZiBtc2dfcGFydC5o ZWFkZXJbIkNvbnRlbnQtVHlwZSJdID1+IC90ZXh0XC8uKi8KKyAgICAgIG1z Z19wYXJ0LmhlYWRlclsiQ29udGVudC1UcmFuc2Zlci1FbmNvZGluZyJdID0g J3F1b3RlZC1wcmludGFibGUnCisgICAgICBtc2dfcGFydC5ib2R5ID0gW21z Z19wYXJ0LmJvZHldLnBhY2soJ00nKQorICAgIGVsc2UKKyAgICAgIG1zZ19w YXJ0LmhlYWRlclsiQ29udGVudC1UcmFuc2Zlci1FbmNvZGluZyJdID0gJ2Jh c2U2NCcKKyAgICAgIG1zZ19wYXJ0LmJvZHkgPSBbbXNnX3BhcnQuYm9keV0u cGFjaygnbScpCisgICAgZW5kCisgICAgbXNnX3BhcnQKKyAgZW5kCiBlbmQK IAogZW5kCi0tIAoxLjcuMQoK --=-1286919979-466408-6769-6358-4-= Content-Disposition: attachment; filename="0002-Monkey-patch-RMails-MIME-Version-header-handling.patch" Content-Type: application/octet-stream; name="0002-Monkey-patch-RMails-MIME-Version-header-handling.patch" Content-Transfer-Encoding: base64 RnJvbSBlYjRiYmM2MDU0YTVkOGM2M2I4M2QwZGM2MzJmODgwYzJiNjUwZWI0 IE1vbiBTZXAgMTcgMDA6MDA6MDAgMjAwMQpGcm9tOiBHYXVkZW56IFN0ZWlu bGluIDxnYXVkZW56QHNvemlvbG9naWUuY2g+CkRhdGU6IFR1ZSwgMTIgT2N0 IDIwMTAgMjM6MjU6MjggKzAyMDAKU3ViamVjdDogW1BBVENIIDIvMl0gTW9u a2V5IHBhdGNoIFJNYWlscyBNSU1FLVZlcnNpb24gaGVhZGVyIGhhbmRsaW5n CgpSTWFpbCBhdXRvbWFnaWNhbGx5IGFkZHMgTUlNRS1WZXJzaW9uIGhlYWRl cnMgdG8gbWVzc2FnZXMgb24Kc2VyaWFsaXphdGlvbi4gU3VwIHVzZXMgUk1h aWw6Ok1lc3NhZ2Ugb2JqZWN0IHRvIHJlcHJlc2VudCBwYXJ0cyBvZgptdWx0 aXBhcnQgbWVzc2FnZXMuIEFkZGluZyBoZWFkZXJzIHRvIHRoZXNlIHBhcnRz IGJyZWFrcyBncGcgc2lnbmF0dXJlcy4KVGhlIE1JTUUtVmVyc2lvbiBoZWFk ZXIgaXMgb25seSBuZWVkZWQgaW4gdGhlIG91dGVybW9zdCBtZXNzYWdlLiBU aGVyZQppdCdzIGFkZGVkIG1hbnVhbGx5LgotLS0KIGxpYi9zdXAucmIgICAg ICAgICAgICAgICAgICAgICAgICAgfCAgICAxICsKIGxpYi9zdXAvY3J5cHRv LnJiICAgICAgICAgICAgICAgICAgfCAgICAyICstCiBsaWIvc3VwL21haWxk aXIucmIgICAgICAgICAgICAgICAgIHwgICAgMSAtCiBsaWIvc3VwL21ib3gu cmIgICAgICAgICAgICAgICAgICAgIHwgICAgMSAtCiBsaWIvc3VwL21vZGVz L2VkaXQtbWVzc2FnZS1tb2RlLnJiIHwgICAgMiArLQogbGliL3N1cC91dGls LnJiICAgICAgICAgICAgICAgICAgICB8ICAgMTMgKysrKysrKysrKysrKwog NiBmaWxlcyBjaGFuZ2VkLCAxNiBpbnNlcnRpb25zKCspLCA0IGRlbGV0aW9u cygtKQoKZGlmZiAtLWdpdCBhL2xpYi9zdXAucmIgYi9saWIvc3VwLnJiCmlu ZGV4IDBlMDUxYmUuLmExZDc0NWMgMTAwNjQ0Ci0tLSBhL2xpYi9zdXAucmIK KysrIGIvbGliL3N1cC5yYgpAQCAtNSw2ICs1LDcgQEAgcmVxdWlyZSAndGhy ZWFkJwogcmVxdWlyZSAnZmlsZXV0aWxzJwogcmVxdWlyZSAnZ2V0dGV4dCcK IHJlcXVpcmUgJ2N1cnNlcycKK3JlcXVpcmUgJ3JtYWlsJwogYmVnaW4KICAg cmVxdWlyZSAnZmFzdHRocmVhZCcKIHJlc2N1ZSBMb2FkRXJyb3IKZGlmZiAt LWdpdCBhL2xpYi9zdXAvY3J5cHRvLnJiIGIvbGliL3N1cC9jcnlwdG8ucmIK aW5kZXggMTk5ODNkMi4uMzg2ZGJiOCAxMDA2NDQKLS0tIGEvbGliL3N1cC9j cnlwdG8ucmIKKysrIGIvbGliL3N1cC9jcnlwdG8ucmIKQEAgLTIwNyw3ICsy MDcsNyBAQCBwcml2YXRlCiAgICMjIGhlcmUncyB3aGVyZSB3ZSBtdW5nZSBy bWFpbCBvdXRwdXQgaW50byB0aGUgZm9ybWF0IHRoYXQgc2lnbmVkL2VuY3J5 cHRlZAogICAjIyBQR1AvR1BHIG1lc3NhZ2VzIHNob3VsZCBiZQogICBkZWYg Zm9ybWF0X3BheWxvYWQgcGF5bG9hZAotICAgIHBheWxvYWQudG9fcy5nc3Vi KC8oXnxbXlxyXSlcbi8sICJcXDFcclxuIikuZ3N1YigvXk1JTUUtVmVyc2lv bjogLipcclxuLywgIiIpCisgICAgcGF5bG9hZC50b19zLmdzdWIoLyhefFte XHJdKVxuLywgIlxcMVxyXG4iKQogICBlbmQKIAogICAjIGxvZ2ljIGlzOgpk aWZmIC0tZ2l0IGEvbGliL3N1cC9tYWlsZGlyLnJiIGIvbGliL3N1cC9tYWls ZGlyLnJiCmluZGV4IGI0ZTUyMDguLjkyYWFlZGMgMTAwNjQ0Ci0tLSBhL2xp Yi9zdXAvbWFpbGRpci5yYgorKysgYi9saWIvc3VwL21haWxkaXIucmIKQEAg LTEsNCArMSwzIEBACi1yZXF1aXJlICdybWFpbCcKIHJlcXVpcmUgJ3VyaScK IAogbW9kdWxlIFJlZHdvb2QKZGlmZiAtLWdpdCBhL2xpYi9zdXAvbWJveC5y YiBiL2xpYi9zdXAvbWJveC5yYgppbmRleCAwN2IxYjY3Li42YjZlZmYzIDEw MDY0NAotLS0gYS9saWIvc3VwL21ib3gucmIKKysrIGIvbGliL3N1cC9tYm94 LnJiCkBAIC0xLDQgKzEsMyBAQAotcmVxdWlyZSAncm1haWwnCiByZXF1aXJl ICd1cmknCiByZXF1aXJlICdzZXQnCiAKZGlmZiAtLWdpdCBhL2xpYi9zdXAv bW9kZXMvZWRpdC1tZXNzYWdlLW1vZGUucmIgYi9saWIvc3VwL21vZGVzL2Vk aXQtbWVzc2FnZS1tb2RlLnJiCmluZGV4IDFiZjkzNzguLjg2YWVmNGIgMTAw NjQ0Ci0tLSBhL2xpYi9zdXAvbW9kZXMvZWRpdC1tZXNzYWdlLW1vZGUucmIK KysrIGIvbGliL3N1cC9tb2Rlcy9lZGl0LW1lc3NhZ2UtbW9kZS5yYgpAQCAt MSw3ICsxLDYgQEAKIHJlcXVpcmUgJ3RlbXBmaWxlJwogcmVxdWlyZSAnc29j a2V0JyAjIGp1c3QgZm9yIGdldGhvc3RuYW1lIQogcmVxdWlyZSAncGF0aG5h bWUnCi1yZXF1aXJlICdybWFpbCcKIAogbW9kdWxlIFJlZHdvb2QKIApAQCAt NDI4LDYgKzQyNyw3IEBAIHByb3RlY3RlZAogICAgIG0uaGVhZGVyWyJNZXNz YWdlLUlkIl0gPSBAbWVzc2FnZV9pZAogICAgIG0uaGVhZGVyWyJVc2VyLUFn ZW50Il0gPSAiU3VwLyN7UmVkd29vZDo6VkVSU0lPTn0iCiAgICAgbS5oZWFk ZXJbIkNvbnRlbnQtVHJhbnNmZXItRW5jb2RpbmciXSB8fD0gJzhiaXQnCisg ICAgbS5oZWFkZXJbIk1JTUUtVmVyc2lvbiJdID0gIjEuMCIgaWYgbS5tdWx0 aXBhcnQ/CiAgICAgbQogICBlbmQKIApkaWZmIC0tZ2l0IGEvbGliL3N1cC91 dGlsLnJiIGIvbGliL3N1cC91dGlsLnJiCmluZGV4IGQxOWNhY2EuLjJiODRj OWMgMTAwNjQ0Ci0tLSBhL2xpYi9zdXAvdXRpbC5yYgorKysgYi9saWIvc3Vw L3V0aWwucmIKQEAgLTk4LDYgKzk4LDE5IEBAIG1vZHVsZSBSTWFpbAogICAg ICAgYQogICAgIGVuZAogICBlbmQKKworICBjbGFzcyBTZXJpYWxpemUKKyAg ICAjIyBEb24ndCBhZGQgTUlNRS1WZXJzaW9uIGhlYWRlcnMgb24gc2VyaWFs aXphdGlvbi4gU3VwIHNvbWV0aW1lcyB3YW50J3MgdG8gc2VyaWFsaXplCisg ICAgIyMgbWVzc2FnZSBwYXJ0cyB3aGVyZSB0aGVzZSBoZWFkZXJzIGFyZSBu b3QgbmVlZGVkIGFuZCBtZXNzaW5nIHdpdGggdGhlIG1lc3NhZ2Ugb24KKyAg ICAjIyBzZXJpYWxpemF0aW9uIGJyZWFrcyBncGcgc2lnbmF0dXJlcy4gVGhl IGNvbW1lbnRlZCBzZWN0aW9uIHNob3dzIHRoZSBvcmlnaW5hbCBSTWFpbAor ICAgICMjIGNvZGUuCisgICAgZGVmIGNhbGN1bGF0ZV9ib3VuZGFyaWVzKG1l c3NhZ2UpCisgICAgICBjYWxjdWxhdGVfYm91bmRhcmllc19sb3cobWVzc2Fn ZSwgW10pCisgICAgICAjIHVubGVzcyBtZXNzYWdlLmhlYWRlclsnTUlNRS1W ZXJzaW9uJ10KKyAgICAgICMgICBtZXNzYWdlLmhlYWRlclsnTUlNRS1WZXJz aW9uJ10gPSAiMS4wIgorICAgICAgIyBlbmQKKyAgICBlbmQKKyAgZW5kCiBl bmQKIAogY2xhc3MgUmFuZ2UKLS0gCjEuNy4xCgo= --=-1286919979-466408-6769-6358-4-=-- --=-1286919983-769238-6769-9366-5-= Content-Disposition: attachment; filename="signature.asc" Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEVAwUBTLTXK00yN7tZsYcyAQi+twf+MTknIVOn0FRAm/AyNdAq/NTXKpH7bJbw GBZUuFCXS/gRyqk5mdFUWfN9olwW9CNrruHXPPgYzpTZGC0BOdt5fi76rM9X1yqT 7cpSAAxwvaWjjifk/h1JEfx3k4SWN7sxcQ4PYVBs/pVk+Vrmc8WxGd3O3Xil9PLr XpTHgXSZ4T6sljeiSiT/32DqO7JWhPbLRlSWeOsEBTW6I6WSaQsLej1NxPaTkMbD jQdqsOv4ZbH1HJBP8KoSBbvsIV6FMBpwhQqG+oYrzLR5edzWrFaf5CAYRCX27JzO iT3RpQOxsOUoidn2djKKKweFh/Rv08MUBpK2wKQNodJUFF1sFNE1zQ== =n+3s -----END PGP SIGNATURE----- --=-1286919983-769238-6769-9366-5-=-- --===============0459651191== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Sup-devel mailing list Sup-devel@rubyforge.org http://rubyforge.org/mailman/listinfo/sup-devel --===============0459651191==--