Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Bug#838361: mutt: Mutt hangs for minutes while checking S/MIME signed mails
162 views
Skip to first unread message
Stephan Seitz
Sep 20, 2016, 6:20:03 AM9/20/16
to
Package: mutt
Version: 1.7.0-5
Severity: normal
Dear Maintainer,
with your last update you set „crypt_use_gpgme=yes” in
„/etc/Muttrc.d/gpg.rc”. While this setting works with PGP signed mails,
trying to open SMIME mails leads to a hanging mutt (more than one
minute).
Looking at the process list I see gpgsm is started. After several minutes
the mail is opened but the signature could not be verified.
When I set crypt_use_gpgme to no then mutt opens the mail at once.
Openssl is used to check the signature and the signature can be verified.
I don’t see anything in the documentation what I have to change to get
gpgsm working. The changes only speak about the new gpg handling.
Many greetings,
Stephan
-- Package-specific info:
NeoMutt 20160910 (1.7.0)
Copyright (C) 1996-2016 Michael R. Elkins and others.
Mutt comes with ABSOLUTELY NO WARRANTY; for details type `mutt -vv'.
Mutt is free software, and you are welcome to redistribute it
under certain conditions; type `mutt -vv' for details.
System: Linux 4.7.4 (x86_64)
libidn: 1.33 (compiled with 1.33)
hcache backend: tokyocabinet 1.4.48
Compiler:
Using built-in specs.
COLLECT_GCC=gcc
COLLECT_LTO_WRAPPER=/usr/lib/gcc/x86_64-linux-gnu/6/lto-wrapper
Target: x86_64-linux-gnu
Configured with: ../src/configure -v --with-pkgversion='Debian 6.2.0-3' --with-bugurl=file:///usr/share/doc/gcc-6/README.Bugs --enable-languages=c,ada,c++,java,go,d,fortran,objc,obj-c++ --prefix=/usr --program-suffix=-6 --enable-shared --enable-linker-build-id --libexecdir=/usr/lib --without-included-gettext --enable-threads=posix --libdir=/usr/lib --enable-nls --with-sysroot=/ --enable-clocale=gnu --enable-libstdcxx-debug --enable-libstdcxx-time=yes --with-default-libstdcxx-abi=new --enable-gnu-unique-object --disable-vtable-verify --enable-libmpx --enable-plugin --with-system-zlib --disable-browser-plugin --enable-java-awt=gtk --enable-gtk-cairo --with-java-home=/usr/lib/jvm/java-1.5.0-gcj-6-amd64/jre --enable-java-home --with-jvm-root-dir=/usr/lib/jvm/java-1.5.0-gcj-6-amd64 --with-jvm-jar-dir=/usr/lib/jvm-exports/java-1.5.0-gcj-6-amd64 --with-arch-directory=amd64 --with-ecj-jar=/usr/share/java/eclipse-ecj.jar --enable-objc-gc --enable-multiarch --with-arch-32=i686 --with-abi=m64 --with-multilib-list=m32,m64,mx32 --enable-multilib --with-tune=generic --enable-checking=release --build=x86_64-linux-gnu --host=x86_64-linux-gnu --target=x86_64-linux-gnu
Thread model: posix
gcc version 6.2.0 20160901 (Debian 6.2.0-3)
Configure options: '--build=x86_64-linux-gnu' '--prefix=/usr' '--includedir=\${prefix}/include' '--mandir=\${prefix}/share/man' '--infodir=\${prefix}/share/info' '--sysconfdir=/etc' '--localstatedir=/var' '--disable-silent-rules' '--libdir=\${prefix}/lib/x86_64-linux-gnu' '--libexecdir=\${prefix}/lib/x86_64-linux-gnu' '--disable-maintainer-mode' '--disable-dependency-tracking' '--with-mailpath=/var/mail' '--enable-compressed' '--enable-debug' '--enable-fcntl' '--enable-hcache' '--enable-gpgme' '--enable-imap' '--enable-smtp' '--enable-pop' '--enable-sidebar' '--enable-nntp' '--enable-notmuch' '--disable-fmemopen' '--with-curses' '--with-gnutls' '--with-gss' '--with-idn' '--with-mixmaster' '--with-sasl' '--without-gdbm' '--without-bdb' '--without-qdbm' 'build_alias=x86_64-linux-gnu' 'CFLAGS=-g -O2 -fdebug-prefix-map=/build/mutt-eJ8cNY/mutt-1.7.0=. -fPIE -fstack-protector-strong -Wformat -Werror=format-security' 'LDFLAGS=-fPIE -pie -Wl,-z,relro -Wl,-z,now' 'CPPFLAGS=-Wdate-time -D_FORTIFY_SOURCE=2'
Compilation CFLAGS: -Wall -pedantic -Wno-long-long -g -O2 -fdebug-prefix-map=/build/mutt-eJ8cNY/mutt-1.7.0=. -fPIE -fstack-protector-strong -Wformat -Werror=format-security
Compile options:
+CRYPT_BACKEND_CLASSIC_PGP +CRYPT_BACKEND_CLASSIC_SMIME +CRYPT_BACKEND_GPGME
+DEBUG +DL_STANDALONE +ENABLE_NLS -EXACT_ADDRESS -HOMESPOOL -LOCALES_HACK
-SUN_ATTACHMENT +HAVE_BKGDSET +HAVE_COLOR +HAVE_CURS_SET +HAVE_GETADDRINFO
+HAVE_GETSID +HAVE_ICONV +HAVE_LANGINFO_CODESET +HAVE_LANGINFO_YESEXPR
+HAVE_LIBIDN +HAVE_META +HAVE_REGCOMP +HAVE_RESIZETERM +HAVE_START_COLOR
+HAVE_TYPEAHEAD +HAVE_WC_FUNCS +ICONV_NONTRANS +USE_COMPRESSED +USE_DOTLOCK
+USE_FCNTL -USE_FLOCK -USE_FMEMOPEN -USE_GNU_REGEX +USE_GSS +USE_HCACHE
+USE_IMAP +USE_NOTMUCH +USE_NNTP +USE_POP +USE_SASL +USE_SETGID +USE_SIDEBAR
+USE_SMTP +USE_SSL_GNUTLS -USE_SSL_OPENSSL
-DOMAIN
MIXMASTER="mixmaster"
-ISPELL
SENDMAIL="/usr/sbin/sendmail"
MAILPATH="/var/mail"
PKGDATADIR="/usr/share/mutt"
SYSCONFDIR="/etc"
EXECSHELL="/bin/sh"
patch-attach-headers-color-neomutt
patch-compress-neomutt
patch-cond-date-neomutt
patch-encrypt-to-self-neomutt
patch-fmemopen-neomutt
patch-forgotten-attachments-neomutt
patch-ifdef-neomutt
patch-index-color-neomutt
patch-initials-neomutt
patch-keywords-neomutt
patch-limit-current-thread-neomutt
patch-lmdb-neomutt
patch-multiple-fcc-neomutt
patch-nested-if-neomutt
patch-new-mail-neomutt
patch-nntp-neomutt
patch-notmuch-neomutt
patch-progress-neomutt
patch-quasi-delete-neomutt
patch-reply-with-xorig-neomutt
patch-sensible-browser-neomutt
patch-sidebar-neomutt
patch-skip-quoted-neomutt
patch-smime-encrypt-self-neomutt
patch-status-color-neomutt
patch-timeout-neomutt
patch-tls-sni-neomutt
To learn more about NeoMutt, visit: http://www.neomutt.org/
If you find a bug in NeoMutt, please raise an issue at:
https://github.com/neomutt/neomutt/issues
or send an email at: <neomut...@neomutt.org>
-- System Information:
Debian Release: stretch/sid
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'testing'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.7.4 (SMP w/8 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
Versions of packages mutt depends on:
ii libassuan0 2.4.3-1
ii libc6 2.23-5
ii libcomerr2 1.43.1-1
ii libgnutls30 3.5.4-2
ii libgpg-error0 1.24-1
ii libgpgme11 1.6.0-3
ii libgssapi-krb5-2 1.14.3+dfsg-2
ii libidn11 1.33-1
ii libk5crypto3 1.14.3+dfsg-2
ii libkrb5-3 1.14.3+dfsg-2
ii libncursesw5 6.0+20160625-1
ii libnotmuch4 0.22.2-1
ii libsasl2-2 2.1.26.dfsg1-15
ii libtinfo5 6.0+20160625-1
ii libtokyocabinet9 1.4.48-10
Versions of packages mutt recommends:
ii libsasl2-modules 2.1.26.dfsg1-15
ii locales 2.23-5
ii mime-support 3.60
Versions of packages mutt suggests:
ii aspell 0.60.7~20110707-3+b1
ii ca-certificates 20160104
ii gnupg 1.4.20-6
ii ispell 3.4.00-5
pn mixmaster <none>
ii openssl 1.0.2h-1
ii postfix [mail-transport-agent] 3.1.0-5+b1
ii urlview 0.9-20
Versions of packages mutt is related to:
ii mutt 1.7.0-5
-- no debconf information
--
| Stephan Seitz E-Mail: stse+de...@fsing.rootsland.net |
| Public Keys: http://fsing.rootsland.net/~stse/keys.html |
Version: 1.7.0-5
Severity: normal
Dear Maintainer,
with your last update you set „crypt_use_gpgme=yes” in
„/etc/Muttrc.d/gpg.rc”. While this setting works with PGP signed mails,
trying to open SMIME mails leads to a hanging mutt (more than one
minute).
Looking at the process list I see gpgsm is started. After several minutes
the mail is opened but the signature could not be verified.
When I set crypt_use_gpgme to no then mutt opens the mail at once.
Openssl is used to check the signature and the signature can be verified.
I don’t see anything in the documentation what I have to change to get
gpgsm working. The changes only speak about the new gpg handling.
Many greetings,
Stephan
-- Package-specific info:
NeoMutt 20160910 (1.7.0)
Copyright (C) 1996-2016 Michael R. Elkins and others.
Mutt comes with ABSOLUTELY NO WARRANTY; for details type `mutt -vv'.
Mutt is free software, and you are welcome to redistribute it
under certain conditions; type `mutt -vv' for details.
System: Linux 4.7.4 (x86_64)
libidn: 1.33 (compiled with 1.33)
hcache backend: tokyocabinet 1.4.48
Compiler:
Using built-in specs.
COLLECT_GCC=gcc
COLLECT_LTO_WRAPPER=/usr/lib/gcc/x86_64-linux-gnu/6/lto-wrapper
Target: x86_64-linux-gnu
Configured with: ../src/configure -v --with-pkgversion='Debian 6.2.0-3' --with-bugurl=file:///usr/share/doc/gcc-6/README.Bugs --enable-languages=c,ada,c++,java,go,d,fortran,objc,obj-c++ --prefix=/usr --program-suffix=-6 --enable-shared --enable-linker-build-id --libexecdir=/usr/lib --without-included-gettext --enable-threads=posix --libdir=/usr/lib --enable-nls --with-sysroot=/ --enable-clocale=gnu --enable-libstdcxx-debug --enable-libstdcxx-time=yes --with-default-libstdcxx-abi=new --enable-gnu-unique-object --disable-vtable-verify --enable-libmpx --enable-plugin --with-system-zlib --disable-browser-plugin --enable-java-awt=gtk --enable-gtk-cairo --with-java-home=/usr/lib/jvm/java-1.5.0-gcj-6-amd64/jre --enable-java-home --with-jvm-root-dir=/usr/lib/jvm/java-1.5.0-gcj-6-amd64 --with-jvm-jar-dir=/usr/lib/jvm-exports/java-1.5.0-gcj-6-amd64 --with-arch-directory=amd64 --with-ecj-jar=/usr/share/java/eclipse-ecj.jar --enable-objc-gc --enable-multiarch --with-arch-32=i686 --with-abi=m64 --with-multilib-list=m32,m64,mx32 --enable-multilib --with-tune=generic --enable-checking=release --build=x86_64-linux-gnu --host=x86_64-linux-gnu --target=x86_64-linux-gnu
Thread model: posix
gcc version 6.2.0 20160901 (Debian 6.2.0-3)
Configure options: '--build=x86_64-linux-gnu' '--prefix=/usr' '--includedir=\${prefix}/include' '--mandir=\${prefix}/share/man' '--infodir=\${prefix}/share/info' '--sysconfdir=/etc' '--localstatedir=/var' '--disable-silent-rules' '--libdir=\${prefix}/lib/x86_64-linux-gnu' '--libexecdir=\${prefix}/lib/x86_64-linux-gnu' '--disable-maintainer-mode' '--disable-dependency-tracking' '--with-mailpath=/var/mail' '--enable-compressed' '--enable-debug' '--enable-fcntl' '--enable-hcache' '--enable-gpgme' '--enable-imap' '--enable-smtp' '--enable-pop' '--enable-sidebar' '--enable-nntp' '--enable-notmuch' '--disable-fmemopen' '--with-curses' '--with-gnutls' '--with-gss' '--with-idn' '--with-mixmaster' '--with-sasl' '--without-gdbm' '--without-bdb' '--without-qdbm' 'build_alias=x86_64-linux-gnu' 'CFLAGS=-g -O2 -fdebug-prefix-map=/build/mutt-eJ8cNY/mutt-1.7.0=. -fPIE -fstack-protector-strong -Wformat -Werror=format-security' 'LDFLAGS=-fPIE -pie -Wl,-z,relro -Wl,-z,now' 'CPPFLAGS=-Wdate-time -D_FORTIFY_SOURCE=2'
Compilation CFLAGS: -Wall -pedantic -Wno-long-long -g -O2 -fdebug-prefix-map=/build/mutt-eJ8cNY/mutt-1.7.0=. -fPIE -fstack-protector-strong -Wformat -Werror=format-security
Compile options:
+CRYPT_BACKEND_CLASSIC_PGP +CRYPT_BACKEND_CLASSIC_SMIME +CRYPT_BACKEND_GPGME
+DEBUG +DL_STANDALONE +ENABLE_NLS -EXACT_ADDRESS -HOMESPOOL -LOCALES_HACK
-SUN_ATTACHMENT +HAVE_BKGDSET +HAVE_COLOR +HAVE_CURS_SET +HAVE_GETADDRINFO
+HAVE_GETSID +HAVE_ICONV +HAVE_LANGINFO_CODESET +HAVE_LANGINFO_YESEXPR
+HAVE_LIBIDN +HAVE_META +HAVE_REGCOMP +HAVE_RESIZETERM +HAVE_START_COLOR
+HAVE_TYPEAHEAD +HAVE_WC_FUNCS +ICONV_NONTRANS +USE_COMPRESSED +USE_DOTLOCK
+USE_FCNTL -USE_FLOCK -USE_FMEMOPEN -USE_GNU_REGEX +USE_GSS +USE_HCACHE
+USE_IMAP +USE_NOTMUCH +USE_NNTP +USE_POP +USE_SASL +USE_SETGID +USE_SIDEBAR
+USE_SMTP +USE_SSL_GNUTLS -USE_SSL_OPENSSL
-DOMAIN
MIXMASTER="mixmaster"
-ISPELL
SENDMAIL="/usr/sbin/sendmail"
MAILPATH="/var/mail"
PKGDATADIR="/usr/share/mutt"
SYSCONFDIR="/etc"
EXECSHELL="/bin/sh"
patch-attach-headers-color-neomutt
patch-compress-neomutt
patch-cond-date-neomutt
patch-encrypt-to-self-neomutt
patch-fmemopen-neomutt
patch-forgotten-attachments-neomutt
patch-ifdef-neomutt
patch-index-color-neomutt
patch-initials-neomutt
patch-keywords-neomutt
patch-limit-current-thread-neomutt
patch-lmdb-neomutt
patch-multiple-fcc-neomutt
patch-nested-if-neomutt
patch-new-mail-neomutt
patch-nntp-neomutt
patch-notmuch-neomutt
patch-progress-neomutt
patch-quasi-delete-neomutt
patch-reply-with-xorig-neomutt
patch-sensible-browser-neomutt
patch-sidebar-neomutt
patch-skip-quoted-neomutt
patch-smime-encrypt-self-neomutt
patch-status-color-neomutt
patch-timeout-neomutt
patch-tls-sni-neomutt
To learn more about NeoMutt, visit: http://www.neomutt.org/
If you find a bug in NeoMutt, please raise an issue at:
https://github.com/neomutt/neomutt/issues
or send an email at: <neomut...@neomutt.org>
-- System Information:
Debian Release: stretch/sid
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'testing'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.7.4 (SMP w/8 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
Versions of packages mutt depends on:
ii libassuan0 2.4.3-1
ii libc6 2.23-5
ii libcomerr2 1.43.1-1
ii libgnutls30 3.5.4-2
ii libgpg-error0 1.24-1
ii libgpgme11 1.6.0-3
ii libgssapi-krb5-2 1.14.3+dfsg-2
ii libidn11 1.33-1
ii libk5crypto3 1.14.3+dfsg-2
ii libkrb5-3 1.14.3+dfsg-2
ii libncursesw5 6.0+20160625-1
ii libnotmuch4 0.22.2-1
ii libsasl2-2 2.1.26.dfsg1-15
ii libtinfo5 6.0+20160625-1
ii libtokyocabinet9 1.4.48-10
Versions of packages mutt recommends:
ii libsasl2-modules 2.1.26.dfsg1-15
ii locales 2.23-5
ii mime-support 3.60
Versions of packages mutt suggests:
ii aspell 0.60.7~20110707-3+b1
ii ca-certificates 20160104
ii gnupg 1.4.20-6
ii ispell 3.4.00-5
pn mixmaster <none>
ii openssl 1.0.2h-1
ii postfix [mail-transport-agent] 3.1.0-5+b1
ii urlview 0.9-20
Versions of packages mutt is related to:
ii mutt 1.7.0-5
-- no debconf information
--
| Stephan Seitz E-Mail: stse+de...@fsing.rootsland.net |
| Public Keys: http://fsing.rootsland.net/~stse/keys.html |
Antonio Radici
Sep 20, 2016, 6:40:03 AM9/20/16
to
Control: severity -1 important
On Tue, Sep 20, 2016 at 12:13:29PM +0200, Stephan Seitz wrote:
> Package: mutt
> Version: 1.7.0-5
> Severity: normal
>
> Dear Maintainer,
>
> with your last update you set „crypt_use_gpgme=yes” in
> „/etc/Muttrc.d/gpg.rc”. While this setting works with PGP signed mails,
> trying to open SMIME mails leads to a hanging mutt (more than one minute).
>
> Looking at the process list I see gpgsm is started. After several minutes
> the mail is opened but the signature could not be verified.
>
> When I set crypt_use_gpgme to no then mutt opens the mail at once. Openssl
> is used to check the signature and the signature can be verified.
>
> I don’t see anything in the documentation what I have to change to get gpgsm
> working. The changes only speak about the new gpg handling.
>
This is not good, let me investigate it and I'll get back to you.
On Tue, Sep 20, 2016 at 12:13:29PM +0200, Stephan Seitz wrote:
> Package: mutt
> Version: 1.7.0-5
> Severity: normal
>
> Dear Maintainer,
>
> with your last update you set „crypt_use_gpgme=yes” in
> „/etc/Muttrc.d/gpg.rc”. While this setting works with PGP signed mails,
> trying to open SMIME mails leads to a hanging mutt (more than one minute).
>
> Looking at the process list I see gpgsm is started. After several minutes
> the mail is opened but the signature could not be verified.
>
> When I set crypt_use_gpgme to no then mutt opens the mail at once. Openssl
> is used to check the signature and the signature can be verified.
>
> I don’t see anything in the documentation what I have to change to get gpgsm
> working. The changes only speak about the new gpg handling.
>
Josh Triplett
Oct 18, 2017, 2:20:03 PM10/18/17
to
I'm experiencing the same issue: opening a mail with an S/MIME signature
just hangs mutt.
- Josh Triplett
just hangs mutt.
- Josh Triplett
Roland Hieber
Jun 11, 2018, 7:10:02 AM6/11/18
to
FWIW, I was having this problem today with mutt 1.7.2-1 from stretch,
and I was not able to get around the delay. Sometimes I see some
full-screen dialog, possibly made with ncurses, asking about if I should
accept a (self-signed?) certificate, but I was not able to interact with
it. I didn't wait for the delay, but killed the gpgsm process from a
different terminal to get back to mutt. Mutt then says "S/MIME signature
could NOT be verified", and shows "Error: verification failed: End of
file" in the mail body:
[-- Attachment #1 --]
[-- Type: multipart/signed, Encoding: 7bit, Size: 45K --]
[-- Begin signature information --]
Error: verification failed: End of file
[-- End signature information --]
[-- The following data is signed --]
[-- Attachment #1 --]
[-- Type: text/plain, Encoding: quoted-printable, Size: 2.6K --]
Given that the mutt package in stretch is really a mutt with neomutt
patches, I tried the neomutt 20180512+dfsg.1-1 from unstable, which
works better. There is no delay, but it also says "S/MIME signature
could NOT be verified". However, it shows openssl output in the mail
body instead:
[-- Attachment #1 --]
[-- Type: multipart/signed, Encoding: 7bit, Size: 45K --]
[-- OpenSSL output follows (current time: Mo 11 Jun 2018 12:56:04 CEST) --]
Verification failure
139830712489216:error:21075075:PKCS7 routines:PKCS7_verify:certificate verify error:../crypto/pkcs7/pk7_smime.c:285:Verify error:self signed certificate in
certificate chain
[-- End of OpenSSL output --]
[-- The following data is signed --]
[-- Attachment #1 --]
[-- Type: text/plain; charset=utf-8, Encoding: quoted-printable, Size: 2.6K --]
I also tried setting "pinentry-program /usr/bin/pinentry-tty" in my
~/.gnupg/gpg-agent.conf, but that didn't change the behaviour in
strech-mutt. Neither did setting "set smime_ask_cert_label = no" in my
muttrc.
- Roland
and I was not able to get around the delay. Sometimes I see some
full-screen dialog, possibly made with ncurses, asking about if I should
accept a (self-signed?) certificate, but I was not able to interact with
it. I didn't wait for the delay, but killed the gpgsm process from a
different terminal to get back to mutt. Mutt then says "S/MIME signature
could NOT be verified", and shows "Error: verification failed: End of
file" in the mail body:
[-- Attachment #1 --]
[-- Type: multipart/signed, Encoding: 7bit, Size: 45K --]
[-- Begin signature information --]
Error: verification failed: End of file
[-- End signature information --]
[-- The following data is signed --]
[-- Attachment #1 --]
[-- Type: text/plain, Encoding: quoted-printable, Size: 2.6K --]
Given that the mutt package in stretch is really a mutt with neomutt
patches, I tried the neomutt 20180512+dfsg.1-1 from unstable, which
works better. There is no delay, but it also says "S/MIME signature
could NOT be verified". However, it shows openssl output in the mail
body instead:
[-- Attachment #1 --]
[-- Type: multipart/signed, Encoding: 7bit, Size: 45K --]
[-- OpenSSL output follows (current time: Mo 11 Jun 2018 12:56:04 CEST) --]
Verification failure
139830712489216:error:21075075:PKCS7 routines:PKCS7_verify:certificate verify error:../crypto/pkcs7/pk7_smime.c:285:Verify error:self signed certificate in
certificate chain
[-- End of OpenSSL output --]
[-- The following data is signed --]
[-- Attachment #1 --]
[-- Type: text/plain; charset=utf-8, Encoding: quoted-printable, Size: 2.6K --]
I also tried setting "pinentry-program /usr/bin/pinentry-tty" in my
~/.gnupg/gpg-agent.conf, but that didn't change the behaviour in
strech-mutt. Neither did setting "set smime_ask_cert_label = no" in my
muttrc.
- Roland
Ari | lideaart
Dec 3, 2019, 2:10:02 AM12/3/19
to
Hello,
Hope you are doing well.
We are Yiwu Derui Arts & Crafts Co., Ltd., a factory with main products:
canvas,
framed art,
art mirrors.
If you are interested in these products, please feel free to ask us for presentation copy. Hope there is a chance to be your supplier.
Waiting for our kindly reply.
Regards
Ari
Hope you are doing well.
We are Yiwu Derui Arts & Crafts Co., Ltd., a factory with main products:
canvas,
framed art,
art mirrors.
If you are interested in these products, please feel free to ask us for presentation copy. Hope there is a chance to be your supplier.
Waiting for our kindly reply.
Regards
Ari
Carsten Otto
May 3, 2020, 8:00:02 AM5/3/20
to
Hi,
this bug still exists with mutt 1.10.1-2.1, and I'm unable to work
around the issue. Could you provide any solution or workaround? Antonio,
how are your investigations going?
Thanks,
Carsten
--
Dr. Carsten Otto
car...@c-otto.de
this bug still exists with mutt 1.10.1-2.1, and I'm unable to work
around the issue. Could you provide any solution or workaround? Antonio,
how are your investigations going?
Thanks,
Carsten
--
Dr. Carsten Otto
car...@c-otto.de
Stefano Zacchiroli
May 6, 2021, 5:30:03 AM5/6/21
to
retitle 988127 neomutt hangs for minutes while checking S/MIME signed mails
found 988127 20201127+dfsg.1-1.1
thanks
Heya, I've cloned/reassigned this issue from mutt to neomutt, because it
does happen to me with neomutt right now (version 20201127+dfsg.1-1.1 ),
exactly as described in the original mutt bug report.
Cheers
--
Stefano Zacchiroli . za...@upsilon.cc . upsilon.cc/zack . . o . . . o . o
Computer Science Professor . CTO Software Heritage . . . . . o . . . o o
Former Debian Project Leader & OSI Board Director . . . o o o . . . o .
« the first rule of tautology club is the first rule of tautology club »
found 988127 20201127+dfsg.1-1.1
thanks
Heya, I've cloned/reassigned this issue from mutt to neomutt, because it
does happen to me with neomutt right now (version 20201127+dfsg.1-1.1 ),
exactly as described in the original mutt bug report.
Cheers
--
Stefano Zacchiroli . za...@upsilon.cc . upsilon.cc/zack . . o . . . o . o
Computer Science Professor . CTO Software Heritage . . . . . o . . . o o
Former Debian Project Leader & OSI Board Director . . . o o o . . . o .
« the first rule of tautology club is the first rule of tautology club »
Nilesh Patra
Apr 30, 2023, 7:10:05 PM4/30/23
to
Control: found -1 20220429+dfsg1-4.1
On Thu, 6 May 2021 11:22:27 +0200 Stefano Zacchiroli <za...@debian.org> wrote:
> retitle 988127 neomutt hangs for minutes while checking S/MIME signed mails
> found 988127 20201127+dfsg.1-1.1
> thanks
>
> Heya, I've cloned/reassigned this issue from mutt to neomutt, because it
> does happen to me with neomutt right now (version 20201127+dfsg.1-1.1 ),
> exactly as described in the original mutt bug report.
It happens for me also with latest version of neomutt. @Antonio, could
you please consider to investigate this?
--
Best,
Nilesh
On Thu, 6 May 2021 11:22:27 +0200 Stefano Zacchiroli <za...@debian.org> wrote:
> retitle 988127 neomutt hangs for minutes while checking S/MIME signed mails
> found 988127 20201127+dfsg.1-1.1
> thanks
>
> Heya, I've cloned/reassigned this issue from mutt to neomutt, because it
> does happen to me with neomutt right now (version 20201127+dfsg.1-1.1 ),
> exactly as described in the original mutt bug report.
you please consider to investigate this?
--
Best,
Nilesh
Daniel Gröber
Feb 1, 2024, 5:40:04 AM2/1/24
to
Hi all,
I've done some code review to figure out what we can do to
workaround/fix this issue since it has annoyed me in the past and I
just don't even want to use S/MIME ever really.
Some things I found: since I set crypt_use_gpgme=yes gpgme apparently
handles S/MIME directly (didn't know gpg supported it) and the
"backend" is /usr/bin/gpgsm.
So a very nasty hack is to get rid of this issue is to just symlink
gpgsm to /usr/bin/false somewhere on your $PATH:
# ln -s /usr/bin/false gpgsm
Looking at the code I found the original sin to be at
ncrypt/cryptglue.c:crypt_init:
#ifdef CRYPT_BACKEND_GPGME
if (c_crypt_use_gpgme)
{
crypto_module_register(&CryptModPgpGpgme);
crypto_module_register(&CryptModSmimeGpgme);
}
#endif
this makes it so crypt_use_gpgme=yes enables both gpg and smime
support with no way to disable smime at init or message verification
time. Not even hooks will help since the crypt module registration
runs only once.
IMO this is unacceptable as I have no interest in being exposed to the
vulnerability surface area of smime despite not having any use for it,
so I'm planning to propose a patch to neomutt to move the smime
registration to a seperate rc variable.
Does anybody think the ability to toggle this per-message would be
useful? I can't think of a compelling reason to want that.
--Daniel
I've done some code review to figure out what we can do to
workaround/fix this issue since it has annoyed me in the past and I
just don't even want to use S/MIME ever really.
Some things I found: since I set crypt_use_gpgme=yes gpgme apparently
handles S/MIME directly (didn't know gpg supported it) and the
"backend" is /usr/bin/gpgsm.
So a very nasty hack is to get rid of this issue is to just symlink
gpgsm to /usr/bin/false somewhere on your $PATH:
# ln -s /usr/bin/false gpgsm
Looking at the code I found the original sin to be at
ncrypt/cryptglue.c:crypt_init:
#ifdef CRYPT_BACKEND_GPGME
if (c_crypt_use_gpgme)
{
crypto_module_register(&CryptModPgpGpgme);
crypto_module_register(&CryptModSmimeGpgme);
}
#endif
this makes it so crypt_use_gpgme=yes enables both gpg and smime
support with no way to disable smime at init or message verification
time. Not even hooks will help since the crypt module registration
runs only once.
IMO this is unacceptable as I have no interest in being exposed to the
vulnerability surface area of smime despite not having any use for it,
so I'm planning to propose a patch to neomutt to move the smime
registration to a seperate rc variable.
Does anybody think the ability to toggle this per-message would be
useful? I can't think of a compelling reason to want that.
--Daniel
0 new messages