[packages/alpine.git] / re-alpine-2.01.smime-signandencrypt.patch

diff -rup re-alpine-2.01.orig/pith/smime.c re-alpine-2.01.smime-patch/pith/smime.c
--- re-alpine-2.01.orig/pith/smime.c	2009-08-03 04:02:24.000000000 -0400
+++ re-alpine-2.01.smime-patch/pith/smime.c	2011-03-06 22:41:08.894139317 -0500
@@ -1736,7 +1736,6 @@ do_decoding(BODY *b, long msgno, const c
     PERSONAL_CERT 	*pcert = NULL;
     char    *what_we_did = "";
     char     null[1];
-    char     newSec[100];
 
     dprint((9, "do_decoding(msgno=%ld type=%d subtype=%s section=%s)", msgno, b->type, b->subtype ? b->subtype : "NULL", (section && *section) ? section : (section != NULL) ? "Top" : "NULL"));
     null[0] = '\0';
@@ -1751,8 +1750,25 @@ do_decoding(BODY *b, long msgno, const c
     }
     else{
 
-	snprintf(newSec, sizeof(newSec), "%s%s1", section ? section : "", (section && *section) ? "." : "");
-	p7 = get_pkcs7_from_part(msgno, newSec);
+	/*
+	 * Fix for signed-then-encrypted messages.
+	 *
+	 * If we're on the Top part (section == ""), then we need to bump it to "1".
+	 * Otherwise, we already know we're in a pkcs7-mime subpart and called
+	 * from do_fiddle_smime_message at the top, and the MULTIPART handline
+	 * has already bumped the section per-part.
+	 *
+	 * This allows signed-then-encrypted emails to work.
+	 * It *may* break signed or encrypted parts that are buried down in
+	 * a multi-part message (untested). Those are, IMO, far less common,
+	 * and I'd rather the signed+encrypted work.
+	 *
+	 * This used to do:
+	 * snprintf(newSec, sizeof(newSec), "%s%s1", section ? section : "", (section && *section) ? "." : "");
+	 * and pass the newSec to get_pkcs7_from_part
+	 *
+	 */
+	p7 = get_pkcs7_from_part(msgno, (section && *section) ? section : "1");
 	if(!p7){
             q_status_message1(SM_ORDER, 2, 2, "Couldn't load PKCS7 object: %s",
 			     (char*) openssl_error_string());
Commit	Line	Data
cf89ef84 PG	1	diff -rup re-alpine-2.01.orig/pith/smime.c re-alpine-2.01.smime-patch/pith/smime.c
	2	--- re-alpine-2.01.orig/pith/smime.c 2009-08-03 04:02:24.000000000 -0400
	3	+++ re-alpine-2.01.smime-patch/pith/smime.c 2011-03-06 22:41:08.894139317 -0500
	4	@@ -1736,7 +1736,6 @@ do_decoding(BODY *b, long msgno, const c
	5	PERSONAL_CERT *pcert = NULL;
	6	char *what_we_did = "";
	7	char null[1];
	8	- char newSec[100];
	9
	10	dprint((9, "do_decoding(msgno=%ld type=%d subtype=%s section=%s)", msgno, b->type, b->subtype ? b->subtype : "NULL", (section && *section) ? section : (section != NULL) ? "Top" : "NULL"));
	11	null[0] = '\0';
	12	@@ -1751,8 +1750,25 @@ do_decoding(BODY *b, long msgno, const c
	13	}
	14	else{
	15
	16	- snprintf(newSec, sizeof(newSec), "%s%s1", section ? section : "", (section && *section) ? "." : "");
	17	- p7 = get_pkcs7_from_part(msgno, newSec);
	18	+ /*
	19	+ * Fix for signed-then-encrypted messages.
	20	+ *
	21	+ * If we're on the Top part (section == ""), then we need to bump it to "1".
	22	+ * Otherwise, we already know we're in a pkcs7-mime subpart and called
	23	+ * from do_fiddle_smime_message at the top, and the MULTIPART handline
	24	+ * has already bumped the section per-part.
	25	+ *
	26	+ * This allows signed-then-encrypted emails to work.
	27	+ * It may break signed or encrypted parts that are buried down in
	28	+ * a multi-part message (untested). Those are, IMO, far less common,
	29	+ * and I'd rather the signed+encrypted work.
	30	+ *
	31	+ * This used to do:
	32	+ * snprintf(newSec, sizeof(newSec), "%s%s1", section ? section : "", (section && *section) ? "." : "");
	33	+ * and pass the newSec to get_pkcs7_from_part
	34	+ *
	35	+ */
	36	+ p7 = get_pkcs7_from_part(msgno, (section && *section) ? section : "1");
	37	if(!p7){
	38	q_status_message1(SM_ORDER, 2, 2, "Couldn't load PKCS7 object: %s",
	39	(char*) openssl_error_string());