Home GnuPG
Diffusion GpgOL 976e9822a5ca

Improve handling of sign selected without certs


Improve handling of sign selected without certs

* src/common_indep.h (opt): Add smimeNoCertSigErr.
* src/cryptcontroller.cpp (CryptController::parse_output):
Handle if no signing is selected.
(CryptController::is_resolved): Show an error in the
case of a specific misconfiguration.
(CryptController::prepare_crypto): Actually handle to
send out an unencrypted / unsiged mail.
* src/cryptcontroller.h (prepare_crypto): Document new
return value.
* src/mail.cpp (do_crypt): Send an unsigned / unencrypted
mail in case only sign was selected and the user selected no
signing cert.
* src/main.c (read_options): Read the new value.

This brings both a better error handling in case signing was
selected but no signing certificate was found but it also
fixes the case that the user selected "Do not sign message"
in the key resolver when only sign was selected. This
means that we then send a completely unencrypted message.

For encryption we deliberately do not allow this to avoid the
misuse of "I can't encrypt, lets send unencrypted" but for signing
this should be ok.

This will help a lot in the default configuration of a specific

Regarding async encryption. I do not think that COM GpgOL will
ever see such a functionality again. So I do not care about it