--- crypt-hook-both/PATCHES Dec 2002 17:44:54 -0000	3.6
+++ crypt-hook-both/PATCHES Feb 2004 13:19:43 -0000
@@ -0,0 +1,2 @@
+patch-1.5.6.dw.confirm-crypt-hook.1
+patch-1.5.6.dw.multiple-crypt-hook.2
--- mutt-1.5.15/hook.c.orig	2007-06-03 14:10:28.090351677 +0200
+++ mutt-1.5.15/hook.c	2007-06-03 14:12:17.468584787 +0200
@@ -139,7 +139,11 @@ int mutt_parse_hook (BUFFER *buf, BUFFER
 	ptr->rx.not == not &&
 	!mutt_strcmp (pattern.data, ptr->rx.pattern))
     {
+#ifdef M_CRYPTHOOK
+      if (data & (M_FOLDERHOOK | M_SENDHOOK | M_SEND2HOOK | M_MESSAGEHOOK | M_ACCOUNTHOOK | M_REPLYHOOK | M_CRYPTHOOK))
+#else
       if (data & (M_FOLDERHOOK | M_SENDHOOK | M_SEND2HOOK | M_MESSAGEHOOK | M_ACCOUNTHOOK | M_REPLYHOOK))
+#endif
       {
 	/* these hooks allow multiple commands with the same
 	 * pattern, so if we've already seen this pattern/command pair, just
@@ -466,9 +470,25 @@ char *mutt_iconv_hook (const char *chs)
   return _mutt_string_hook (chs, M_ICONVHOOK);
 }
 
-char *mutt_crypt_hook (ADDRESS *adr)
+LIST *mutt_crypt_hook (ADDRESS *adr)
 {
-  return _mutt_string_hook (adr->mailbox, M_CRYPTHOOK);
+  HOOK *hook;
+  LIST *key_list = NULL;
+
+  if (!adr && !adr->mailbox)
+    return (NULL);
+
+  for (hook = Hooks; hook; hook = hook->next)
+  {
+    if (!hook->command)
+      continue;
+    if (!(hook->type & M_CRYPTHOOK))
+      continue;
+
+    if ((regexec (hook->rx.rx, adr->mailbox, 0, NULL, 0) == 0) ^ hook->rx.not)
+      key_list = mutt_add_list (key_list, hook->command);
+  }
+  return (key_list);
 }
 
 #ifdef USE_SOCKET
--- crypt-hook-both/init.h Feb 2004 17:10:43 -0000	3.43
+++ crypt-hook-both/init.h Feb 2004 13:19:43 -0000
@@ -1230,2 +1230,11 @@ struct option_t MuttVars[] = {
   */
+  { "pgp_confirmhook",		DT_SYN, R_NONE, UL "crypt_confirmhook", 1 },
+  { "crypt_confirmhook",	DT_BOOL, R_NONE, OPTCRYPTCONFIRMHOOK, 1 },
+  /*
+  ** .pp
+  ** If set, then you will be prompted for confirmation of keys when using
+  ** the \fIcrypt-hook\fP command.  If unset, no such confirmation prompt will
+  ** be presented.  This is generally considered unsafe, especially where
+  ** typos are concerned.
+  */
   { "pgp_ignore_subkeys", DT_BOOL, R_NONE, OPTPGPIGNORESUB, 1},
--- crypt-hook-both/mutt.h Feb 2004 17:10:43 -0000	3.23
+++ crypt-hook-both/mutt.h Feb 2004 13:19:44 -0000
@@ -442,2 +442,3 @@ enum
   OPTSDEFAULTDECRYPTKEY,
+  OPTCRYPTCONFIRMHOOK,
   OPTPGPIGNORESUB,
--- crypt-hook-both/pgp.c Sep 2003 13:03:26 -0000	3.26
+++ crypt-hook-both/pgp.c Feb 2004 13:19:44 -0000
@@ -1018,2 +1018,4 @@ char *pgp_findKeys (ADDRESS *to, ADDRESS
   size_t keylist_used = 0;
+  LIST *hook_list = NULL;
+  LIST *hook = NULL;
   ADDRESS *tmp = NULL, *addr = NULL;
@@ -1051,66 +1053,93 @@ char *pgp_findKeys (ADDRESS *to, ADDRESS
     q = p;
-    k_info = NULL;
 
-    if ((keyID = mutt_crypt_hook (p)) != NULL)
+    /*
+     * grab the list of matching hooks (matching on recipient address)
+     * process each entry singly so that auto key selection still works
+     */
+    hook_list = mutt_crypt_hook (p);
+    hook = hook_list;
+    while (1)
     {
       int r;
-      snprintf (buf, sizeof (buf), _("Use keyID = \"%s\" for %s?"), keyID, p->mailbox);
-      if ((r = mutt_yesorno (buf, M_YES)) == M_YES)
+
+      k_info = NULL;
+      key = NULL;
+
+      if (hook)
       {
-	if (is_numerical_keyid (keyID))
+	keyID = (char *)hook->data;
+	snprintf (buf, sizeof (buf), _("Use keyID = \"%s\" for %s?"), keyID, p->mailbox);
+	if (!option(OPTCRYPTCONFIRMHOOK) || (r = mutt_yesorno (buf, M_YES)) == M_YES)
 	{
-	  if (strncmp (keyID, "0x", 2) == 0)
-	    keyID += 2;
-	  goto bypass_selection;		/* you don't see this. */
+	  if (is_numerical_keyid (keyID))
+	  {
+	    if (strncmp (keyID, "0x", 2) == 0)
+	      keyID += 2;
+	    goto bypass_selection;		/* you don't see this. */
+	  }
+
+	  /* check for e-mail address */
+	  if ((t = strchr (keyID, '@')) && 
+	      (addr = rfc822_parse_adrlist (NULL, keyID)))
+	  {
+	    if (fqdn) rfc822_qualify (addr, fqdn);
+	    q = addr;
+	  }
+	  else
+	    k_info = pgp_getkeybystr (keyID, KEYFLAG_CANENCRYPT, PGP_PUBRING);
 	}
-	
-	/* check for e-mail address */
-	if ((t = strchr (keyID, '@')) && 
-	    (addr = rfc822_parse_adrlist (NULL, keyID)))
+	else if (r == -1)
 	{
-	  if (fqdn) rfc822_qualify (addr, fqdn);
-	  q = addr;
+	  /*
+	   * yes, this implies that if one key fails they all do
+	   */
+	  FREE (&keylist);
+	  rfc822_free_address (&tmp);
+	  rfc822_free_address (&addr);
+	  mutt_free_list (&hook_list);
+	  return NULL;
 	}
-	else
-	  k_info = pgp_getkeybystr (keyID, KEYFLAG_CANENCRYPT, PGP_PUBRING);
       }
-      else if (r == -1)
-      {
-	FREE (&keylist);
-	rfc822_free_address (&tmp);
-	rfc822_free_address (&addr);
-	return NULL;
-      }
-    }
 
-    if (k_info == NULL)
-      pgp_invoke_getkeys (q);
-
-    if (k_info == NULL && (k_info = pgp_getkeybyaddr (q, KEYFLAG_CANENCRYPT, PGP_PUBRING)) == NULL)
-    {
-      snprintf (buf, sizeof (buf), _("Enter keyID for %s: "), q->mailbox);
+      if (k_info == NULL)
+	pgp_invoke_getkeys (q);
 
-      if ((key = pgp_ask_for_key (buf, q->mailbox,
-				  KEYFLAG_CANENCRYPT, PGP_PUBRING)) == NULL)
+      if (k_info == NULL && (k_info = pgp_getkeybyaddr (q, KEYFLAG_CANENCRYPT, PGP_PUBRING)) == NULL)
       {
-	FREE (&keylist);
-	rfc822_free_address (&tmp);
-	rfc822_free_address (&addr);
-	return NULL;
+	snprintf (buf, sizeof (buf), _("Enter keyID for %s: "), q->mailbox);
+
+	if ((key = pgp_ask_for_key (buf, q->mailbox,
+				    KEYFLAG_CANENCRYPT, PGP_PUBRING)) == NULL)
+	{
+	  FREE (&keylist);
+	  rfc822_free_address (&tmp);
+	  rfc822_free_address (&addr);
+	  mutt_free_list (&hook_list);
+	  return NULL;
+	}
       }
-    }
-    else
-      key = k_info;
+      else
+	key = k_info;
 
-    keyID = pgp_keyid (key);
+      keyID = pgp_keyid (key);
     
   bypass_selection:
-    keylist_size += mutt_strlen (keyID) + 4;
-    safe_realloc (&keylist, keylist_size);
-    sprintf (keylist + keylist_used, "%s0x%s", keylist_used ? " " : "",	/* __SPRINTF_CHECKED__ */
-	     keyID);
-    keylist_used = mutt_strlen (keylist);
+      keylist_size += mutt_strlen (keyID) + 4;
+      safe_realloc (&keylist, keylist_size);
+      sprintf (keylist + keylist_used, "%s0x%s", keylist_used ? " " : "",	/* __SPRINTF_CHECKED__ */
+	       keyID);
+      keylist_used = mutt_strlen (keylist);
 
-    pgp_free_key (&key);
-    rfc822_free_address (&addr);
+      pgp_free_key (&key);
+      rfc822_free_address (&addr);
+
+      if (!hook_list)
+	break;
+
+      hook = hook->next;
+      if (!hook)
+	break;
+
+    }
+    mutt_free_list (&hook_list);
 
--- crypt-hook-both/protos.h Feb 2004 17:10:43 -0000	3.19
+++ crypt-hook-both/protos.h Feb 2004 13:19:44 -0000
@@ -131,3 +131,3 @@ const char *mutt_get_name (ADDRESS *);
 char *mutt_get_parameter (const char *, PARAMETER *);
-char *mutt_crypt_hook (ADDRESS *);
+LIST *mutt_crypt_hook (ADDRESS *);
 char *mutt_make_date (char *, size_t);
--- crypt-hook-both/doc/manual.xml.head Feb 2004 17:45:33 -0000	3.26
+++ crypt-hook-both/doc/manual.xml.head Feb 2004 13:19:44 -0000
@@ -1450,3 +1450,5 @@ normally use.  The crypt-hook command pr
 specify the ID of the public key to be used when encrypting messages to
-a certain recipient.
+a certain recipient.  You may use multiple pgp-hook's with the same
+pattern; multiple matching pgp-hook's result in the use of multiple
+keyids for recipient.
 
--- crypt-hook-both/doc/muttrc.man.head Feb 2004 17:10:43 -0000	3.10
+++ crypt-hook-both/doc/muttrc.man.head Feb 2004 13:19:44 -0000
@@ -297,3 +297,6 @@ to a certain recipient.  The meaning of 
 broadly: This can be a different e-mail address, a numerical key ID,
-or even just an arbitrary search string.
+or even just an arbitrary search string.  You may use multiple
+\fBpgp-hook\fPs with the same \fIpattern\fP; multiple matching
+\fBpgp-hook\fPs result in the use of multiple \fIkey-id\fPs for
+recipient.
 .TP