81 lines
3.5 KiB
Diff
81 lines
3.5 KiB
Diff
The problem is fixed with gpgme 1.14.0.
|
|
|
|
We'll force a conflicts with gpgme older than 1.14.0, so nothing to
|
|
worry about.
|
|
--- a/configure
|
|
+++ b/configure
|
|
@@ -520,73 +520,8 @@ if pkg-config --exists "gmime-3.0 >= $GM
|
|
# there are problems verifying signatures when decrypting with session keys with GPGME 1.13.0 and 1.13.1
|
|
printf "Checking signature verification when decrypting using session keys... "
|
|
|
|
- cat > _verify_sig_with_session_key.c <<EOF
|
|
-#include <stdio.h>
|
|
-#include <gmime/gmime.h>
|
|
-
|
|
-int main () {
|
|
- GError *error = NULL;
|
|
- GMimeParser *parser = NULL;
|
|
- GMimeMultipartEncrypted *body = NULL;
|
|
- GMimeDecryptResult *result = NULL;
|
|
- GMimeSignatureList *sig_list = NULL;
|
|
- GMimeSignature *sig = NULL;
|
|
- GMimeObject *output = NULL;
|
|
- GMimeSignatureStatus status;
|
|
- int len;
|
|
-
|
|
- g_mime_init ();
|
|
- parser = g_mime_parser_new ();
|
|
- g_mime_parser_init_with_stream (parser, g_mime_stream_file_open("$srcdir/test/corpora/crypto/encrypted-signed.eml", "r", &error));
|
|
- if (error) return !! fprintf (stderr, "failed to instantiate parser with test/corpora/pkcs7/smime-onepart-signed.eml\n");
|
|
-
|
|
- body = GMIME_MULTIPART_ENCRYPTED(g_mime_message_get_mime_part (g_mime_parser_construct_message (parser, NULL)));
|
|
- if (body == NULL) return !! fprintf (stderr, "did not find a multipart/encrypted message\n");
|
|
-
|
|
- output = g_mime_multipart_encrypted_decrypt (body, GMIME_DECRYPT_NONE, "9:9E1CDF53BBF794EA34F894B5B68E1E56FB015EA69F81D2A5EAB7F96C7B65783E", &result, &error);
|
|
- if (error || output == NULL) return !! fprintf (stderr, "decrypt failed\n");
|
|
-
|
|
- sig_list = g_mime_decrypt_result_get_signatures (result);
|
|
- if (sig_list == NULL) return !! fprintf (stderr, "sig_list is NULL\n");
|
|
-
|
|
- if (sig_list == NULL) return !! fprintf (stderr, "no GMimeSignatureList found\n");
|
|
- len = g_mime_signature_list_length (sig_list);
|
|
- if (len != 1) return !! fprintf (stderr, "expected 1 signature, got %d\n", len);
|
|
- sig = g_mime_signature_list_get_signature (sig_list, 0);
|
|
- if (sig == NULL) return !! fprintf (stderr, "no GMimeSignature found at position 0\n");
|
|
- status = g_mime_signature_get_status (sig);
|
|
- if (status & GMIME_SIGNATURE_STATUS_KEY_MISSING) return !! fprintf (stderr, "signature status contains KEY_MISSING (see https://dev.gnupg.org/T3464)\n");
|
|
-
|
|
- return 0;
|
|
-}
|
|
-EOF
|
|
- if ! TEMP_GPG=$(mktemp -d "${TMPDIR:-/tmp}/notmuch.XXXXXX"); then
|
|
- printf 'No.\nCould not make tempdir for testing signature verification when decrypting with session keys.\n'
|
|
- errors=$((errors + 1))
|
|
- elif ${CC} ${CFLAGS} ${gmime_cflags} _verify_sig_with_session_key.c ${gmime_ldflags} -o _verify_sig_with_session_key \
|
|
- && GNUPGHOME=${TEMP_GPG} gpg --batch --quiet --import < "$srcdir"/test/openpgp4-secret-key.asc \
|
|
- && rm -f ${TEMP_GPG}/private-keys-v1.d/*.key
|
|
- then
|
|
- if GNUPGHOME=${TEMP_GPG} ./_verify_sig_with_session_key; then
|
|
gmime_verify_with_session_key=1
|
|
printf "Yes.\n"
|
|
- else
|
|
- gmime_verify_with_session_key=0
|
|
- printf "No.\n"
|
|
- cat <<EOF
|
|
-*** Error: GMime fails to verify signatures when decrypting with a session key.
|
|
-
|
|
-This is most likely due to a buggy version of GPGME, which should be fixed in 1.13.2 or later.
|
|
-See https://dev.gnupg.org/T3464 for more details.
|
|
-EOF
|
|
- fi
|
|
- else
|
|
- printf 'No.\nFailed to set up gpg for testing signature verification while decrypting with a session key.\n'
|
|
- errors=$((errors + 1))
|
|
- fi
|
|
- if [ -n "$TEMP_GPG" -a -d "$TEMP_GPG" ]; then
|
|
- rm -rf "$TEMP_GPG"
|
|
- fi
|
|
else
|
|
have_gmime=0
|
|
printf "No.\n"
|