Page MenuHome GnuPG
Create Task
Maniphest T6827

GpgOL: Check S/MIME draft encrypt and use GPGME_ENCRYPT_ALWAYS_TRUST
Closed, ResolvedPublic
Actions

Description

This should easily be doable now that we have done T6701

I think I could pretty blindly solve this by:

diff --git a/src/cryptcontroller.cpp b/src/cryptcontroller.cpp
index 9265e1a..dc883bb 100644
--- a/src/cryptcontroller.cpp
+++ b/src/cryptcontroller.cpp
@@ -1095,13 +1095,14 @@ CryptController::do_crypto (GpgME::Error &err, std::string &r_diag, bool force)
   /* Prepare to offer a "Forced encryption for S/MIME errors */
   GpgME::Context::EncryptionFlags flags = GpgME::Context::EncryptionFlags::None;
   int errVal = -1;
+  bool draft = m_mail->isDraftEncrypt ();
   /* For openPGP or when force is used we want to use Always Trust */
-  if (m_proto == GpgME::OpenPGP || force) {
+  if (m_proto == GpgME::OpenPGP || force || draft) {
       /* Force is currently only used for S/MIME but just to make
          this clear we add the check here */
-      if (force && m_proto == GpgME::CMS)
+      if ((force || draft) && m_proto == GpgME::CMS)
         {
-          log_dbg ("Using alwaysTrust force option");
+          log_dbg ("Using alwaysTrust %s option", (draft ? "draft" : "force");
           /* When force is used we don't need any online verification. */
           ctx->setOffline(true);
           /* Rewind the input and start with a fresh output */

But I want to see first if I can reproduce the reported problems and to check if they are solved by this.

Revisions and Commits

rO GpgOL
rO105d4eea771b Use offline and AlwaysTrust for S/MIME draft enc

Related Objects

Event Timeline

aheinecke triaged this task as High priority.Nov 18 2023, 2:11 PM
aheinecke created this task.
aheinecke added a comment.Nov 19 2023, 1:51 PM

So I tested this with an S/MIME certificate for which the CRL was not available and as described by the original reporter Outlook just froze. And you had to kill it. With the current beta you would get the dialog to encrypt the message anyway but this does not make sense for draft encryption where you can only select your own keys.

I tested with above change and this should reduce the failure modes of this and also make it much faster. Esp. disabling CRL checks for draft encryption should always have been done.

aheinecke added a commit: rO105d4eea771b: Use offline and AlwaysTrust for S/MIME draft enc.Nov 19 2023, 2:12 PM
aheinecke changed the task status from Open to Testing.Nov 19 2023, 2:16 PM
aheinecke moved this task from Backlog to WiP on the vsd32 board.
aheinecke moved this task from WiP to QA on the vsd32 board.Nov 23 2023, 2:16 PM
aheinecke closed this task as Resolved.Feb 8 2024, 9:04 AM
ebo moved this task from QA to vsd-3.2.0 on the vsd32 board.Apr 17 2024, 11:20 AM
ebo edited projects, added vsd32 (vsd-3.2.0); removed vsd32.