1 diff -rup re-alpine-2.01.orig/pith/smime.c re-alpine-2.01.smime-patch/pith/smime.c
2 --- re-alpine-2.01.orig/pith/smime.c 2009-08-03 04:02:24.000000000 -0400
3 +++ re-alpine-2.01.smime-patch/pith/smime.c 2011-03-06 22:41:08.894139317 -0500
4 @@ -1736,7 +1736,6 @@ do_decoding(BODY *b, long msgno, const c
5 PERSONAL_CERT *pcert = NULL;
6 char *what_we_did = "";
10 dprint((9, "do_decoding(msgno=%ld type=%d subtype=%s section=%s)", msgno, b->type, b->subtype ? b->subtype : "NULL", (section && *section) ? section : (section != NULL) ? "Top" : "NULL"));
12 @@ -1751,8 +1750,25 @@ do_decoding(BODY *b, long msgno, const c
16 - snprintf(newSec, sizeof(newSec), "%s%s1", section ? section : "", (section && *section) ? "." : "");
17 - p7 = get_pkcs7_from_part(msgno, newSec);
19 + * Fix for signed-then-encrypted messages.
21 + * If we're on the Top part (section == ""), then we need to bump it to "1".
22 + * Otherwise, we already know we're in a pkcs7-mime subpart and called
23 + * from do_fiddle_smime_message at the top, and the MULTIPART handline
24 + * has already bumped the section per-part.
26 + * This allows signed-then-encrypted emails to work.
27 + * It *may* break signed or encrypted parts that are buried down in
28 + * a multi-part message (untested). Those are, IMO, far less common,
29 + * and I'd rather the signed+encrypted work.
32 + * snprintf(newSec, sizeof(newSec), "%s%s1", section ? section : "", (section && *section) ? "." : "");
33 + * and pass the newSec to get_pkcs7_from_part
36 + p7 = get_pkcs7_from_part(msgno, (section && *section) ? section : "1");
38 q_status_message1(SM_ORDER, 2, 2, "Couldn't load PKCS7 object: %s",
39 (char*) openssl_error_string());