[balsa] Relax secret key selection



commit b9305282c3994d3dc11ad99336310c1d013e062f
Author: Albrecht Dreß <albrecht dress arcor de>
Date:   Fri Feb 15 17:47:20 2019 -0500

    Relax secret key selection
    
    Currently, the user can only select a key with a uid which matches
    the account's email address.  However, there are use-cases where
    this is not sufficient.  At work, we have an isolated network
    with “internal” email addresses.  Outgoing messages are
    re-written to public addresses, but the internal ones shall
    not be exposed to the outside world (see e.g. [1]), i.e. the
    key /must not/ carry a user-id for the internal address.  Thus,
    neither auto-selection nor defining the key id in the gui works
    (it would be possible to run gpg[sm] on the console to print
    the id, and then copy it into the input field, though).
    
    The patch enables selecting any valid private key in the identity
    dialogue, but /not/ when a message shall be sent and the private
    key cannot be determined.  Note that the vast majority of users
    will probably never use this feature, i.e. use automatic key
    selection (id is empty in the identity setup).
    
    * libbalsa/libbalsa-gpgme.c (libbalsa_gpgme_get_seckey): relax
    the selection of the private key in the identity setup dialogue
    
    Signed-off-by: Peter Bloomfield <PeterBloomfield bellsouth net>

 ChangeLog                 | 26 +++++++++++++++++++++++++-
 libbalsa/libbalsa-gpgme.c |  6 ++++--
 2 files changed, 29 insertions(+), 3 deletions(-)
---
diff --git a/ChangeLog b/ChangeLog
index 4c4b74949..e4a021f5c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,4 +1,28 @@
-2019-02-15  Peter Bloomfield  <pbloomfield bellsouth net>
+2018-02-15  Albrecht Dreß  <albrecht dress arcor de>
+
+       Relax secret key selection
+
+       Currently, the user can only select a key with a uid which matches
+       the account's email address.  However, there are use-cases where
+       this is not sufficient.  At work, we have an isolated network
+       with “internal” email addresses.  Outgoing messages are
+       re-written to public addresses, but the internal ones shall
+       not be exposed to the outside world (see e.g. [1]), i.e. the
+       key /must not/ carry a user-id for the internal address.  Thus,
+       neither auto-selection nor defining the key id in the gui works
+       (it would be possible to run gpg[sm] on the console to print
+       the id, and then copy it into the input field, though).
+
+       The patch enables selecting any valid private key in the identity
+       dialogue, but /not/ when a message shall be sent and the private
+       key cannot be determined.  Note that the vast majority of users
+       will probably never use this feature, i.e. use automatic key
+       selection (id is empty in the identity setup).
+
+       * libbalsa/libbalsa-gpgme.c (libbalsa_gpgme_get_seckey): relax
+       the selection of the private key in the identity setup dialogue
+
+2018-02-15  Albrecht Dreß  <albrecht dress arcor de>
 
        Fix broken decryption of s/mime messages loaded from imap
 
diff --git a/libbalsa/libbalsa-gpgme.c b/libbalsa/libbalsa-gpgme.c
index 41dfe560f..c0b5fe737 100644
--- a/libbalsa/libbalsa-gpgme.c
+++ b/libbalsa/libbalsa-gpgme.c
@@ -771,8 +771,10 @@ libbalsa_gpgme_get_seckey(gpgme_protocol_t   protocol,
        if (ctx != NULL) {
                GList *keys = NULL;
 
-               /* let gpgme list all available keys */
-               if (libbalsa_gpgme_list_keys(ctx, &keys, NULL, name, TRUE, FALSE, FALSE, error)) {
+               /* Let gpgme list all available secret keys, including those not matching the passed email 
address.
+                * Rationale: enable selecting a secret key even if the local email address is re-written by 
the MTA.
+                * See e.g. http://www.postfix.org/ADDRESS_REWRITING_README.html#generic */
+               if (libbalsa_gpgme_list_keys(ctx, &keys, NULL, NULL, TRUE, FALSE, FALSE, error)) {
                        if (keys != NULL) {
                                gpgme_key_t key;
 


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]