(require 'gnus-util)
(require 'epg)
+(require 'epa)
+(require 'password-cache)
+(require 'mm-encode)
(autoload 'mail-strip-quoted-names "mail-utils")
(autoload 'mml2015-sign "mml2015")
(autoload 'mml1991-encrypt "mml1991")
(autoload 'message-fetch-field "message")
(autoload 'message-goto-body "message")
+(autoload 'message-options-get "message")
(autoload 'mml-insert-tag "mml")
(autoload 'mml-smime-sign "mml-smime")
(autoload 'mml-smime-encrypt "mml-smime")
(autoload 'mml-smime-verify "mml-smime")
(autoload 'mml-smime-verify-test "mml-smime")
(autoload 'epa--select-keys "epa")
+(autoload 'message-options-get "message")
+(autoload 'message-options-set "message")
+
+(declare-function message-options-set "message" (symbol value))
(defvar mml-sign-alist
'(("smime" mml-smime-sign-buffer mml-smime-sign-query)
:group 'message
:type 'boolean)
-(defcustom mml-secure-cache-passphrase
- (if (boundp 'password-cache)
- password-cache
- t)
+;; FIXME If it's "NOT recommended", why is it the default?
+(defcustom mml-secure-cache-passphrase password-cache
"If t, cache OpenPGP or S/MIME passphrases inside Emacs.
Passphrase caching in Emacs is NOT recommended. Use gpg-agent instead.
See Info node `(message) Security'."
:group 'message
:type 'boolean)
-(defcustom mml-secure-passphrase-cache-expiry
- (if (boundp 'password-cache-expiry)
- password-cache-expiry
- 16)
+(defcustom mml-secure-passphrase-cache-expiry password-cache-expiry
"How many seconds the passphrase is cached.
Whether the passphrase is cached at all is controlled by
`mml-secure-cache-passphrase'."
;;; Common functionality for mml1991.el, mml2015.el, mml-smime.el
-(define-obsolete-variable-alias 'mml1991-signers 'mml-secure-openpgp-signers)
-(define-obsolete-variable-alias 'mml2015-signers 'mml-secure-openpgp-signers)
+(define-obsolete-variable-alias 'mml1991-signers 'mml-secure-openpgp-signers
+ "25.1")
+(define-obsolete-variable-alias 'mml2015-signers 'mml-secure-openpgp-signers
+ "25.1")
(defcustom mml-secure-openpgp-signers nil
"A list of your own key ID(s) which will be used to sign OpenPGP messages.
If set, it is added to the setting of `mml-secure-openpgp-sign-with-sender'."
:group 'mime-security
:type '(repeat (string :tag "Key ID")))
-(define-obsolete-variable-alias 'mml-smime-signers 'mml-secure-smime-signers)
+(define-obsolete-variable-alias 'mml-smime-signers 'mml-secure-smime-signers
+ "25.1")
(defcustom mml-secure-smime-signers nil
"A list of your own key ID(s) which will be used to sign S/MIME messages.
If set, it is added to the setting of `mml-secure-smime-sign-with-sender'."
:type '(repeat (string :tag "Key ID")))
(define-obsolete-variable-alias
- 'mml1991-encrypt-to-self 'mml-secure-openpgp-encrypt-to-self)
+ 'mml1991-encrypt-to-self 'mml-secure-openpgp-encrypt-to-self "25.1")
(define-obsolete-variable-alias
- 'mml2015-encrypt-to-self 'mml-secure-openpgp-encrypt-to-self)
+ 'mml2015-encrypt-to-self 'mml-secure-openpgp-encrypt-to-self "25.1")
(defcustom mml-secure-openpgp-encrypt-to-self nil
"List of own key ID(s) or t; determines additional recipients with OpenPGP.
If t, also encrypt to key for message sender; if list, encrypt to those keys.
(repeat (string :tag "Key ID"))))
(define-obsolete-variable-alias
- 'mml-smime-encrypt-to-self 'mml-secure-smime-encrypt-to-self)
+ 'mml-smime-encrypt-to-self 'mml-secure-smime-encrypt-to-self "25.1")
(defcustom mml-secure-smime-encrypt-to-self nil
"List of own key ID(s) or t; determines additional recipients with S/MIME.
If t, also encrypt to key for message sender; if list, encrypt to those keys.
(repeat (string :tag "Key ID"))))
(define-obsolete-variable-alias
- 'mml2015-sign-with-sender 'mml-secure-openpgp-sign-with-sender)
+ 'mml2015-sign-with-sender 'mml-secure-openpgp-sign-with-sender "25.1")
;mml1991-sign-with-sender did never exist.
(defcustom mml-secure-openpgp-sign-with-sender nil
"If t, use message sender to find an OpenPGP key to sign with."
:type 'boolean)
(define-obsolete-variable-alias
- 'mml-smime-sign-with-sender 'mml-secure-smime-sign-with-sender)
+ 'mml-smime-sign-with-sender 'mml-secure-smime-sign-with-sender "25.1")
(defcustom mml-secure-smime-sign-with-sender nil
"If t, use message sender to find an S/MIME key to sign with."
:group 'mime-security
:type 'boolean)
(define-obsolete-variable-alias
- 'mml2015-always-trust 'mml-secure-openpgp-always-trust)
+ 'mml2015-always-trust 'mml-secure-openpgp-always-trust "25.1")
;mml1991-always-trust did never exist.
(defcustom mml-secure-openpgp-always-trust t
"If t, skip key validation of GnuPG on encryption."
(defcustom mml-secure-fail-when-key-problem nil
"If t, raise an error if some key is missing or several keys exist.
Otherwise, ask the user."
+ :version "25.1"
:group 'mime-security
:type 'boolean)
encryption) or you own multiple key pairs (for signing). In such cases,
you will be asked which key(s) should be used, and your choice can be
customized in this variable."
+ :version "25.1"
:group 'mime-security
:type '(alist :key-type (symbol :tag "Protocol") :value-type
(alist :key-type (symbol :tag "Usage") :value-type
(let* ((usage-prefs (mml-secure-cust-usage-lookup context usage))
(curr-fprs (cdr (assoc name (cdr usage-prefs))))
(key-fprs (mapcar 'mml-secure-fingerprint keys))
- (new-fprs (gnus-union curr-fprs key-fprs :test 'equal)))
+ (new-fprs (cl-union curr-fprs key-fprs :test 'equal)))
(if curr-fprs
(setcdr (assoc name (cdr usage-prefs)) new-fprs)
(setcdr usage-prefs (cons (cons name new-fprs) (cdr usage-prefs))))
The passphrase is read and cached."
;; Based on mml2015-epg-passphrase-callback.
(if (eq key-id 'SYM)
- (epg-passphrase-callback-function context key-id nil)
+ (epa-passphrase-callback-function context key-id nil)
(let* ((password-cache-key-id
(if (eq key-id 'PIN)
"PIN"
(catch 'break
(dolist (uid uids nil)
(if (and (stringp (epg-user-id-string uid))
- (equal (car (mail-header-parse-address
- (epg-user-id-string uid)))
- (car (mail-header-parse-address
- recipient)))
+ (equal (downcase (car (mail-header-parse-address
+ (epg-user-id-string uid))))
+ (downcase (car (mail-header-parse-address
+ recipient))))
(not (memq (epg-user-id-validity uid)
'(revoked expired))))
(throw 'break t))))))
;; In contrast, signing requires secret key.
(mml-secure-secret-key-exists-p context subkey))
(or (not fingerprint)
- (gnus-string-match-p (concat fingerprint "$") fpr)
- (gnus-string-match-p (concat fingerprint "$")
- (epg-sub-key-fingerprint subkey))))
+ (string-match-p (concat fingerprint "$") fpr)
+ (string-match-p (concat fingerprint "$")
+ (epg-sub-key-fingerprint subkey))))
(throw 'break t)))))))
(defun mml-secure-find-usable-keys (context name usage &optional justone)
cipher signers)
(when sign
(setq signers (mml-secure-signers context signer-names))
- (epg-context-set-signers context signers))
+ (setf (epg-context-signers context) signers))
(when (eq 'OpenPGP protocol)
- (epg-context-set-armor context t)
- (epg-context-set-textmode context t))
+ (setf (epg-context-armor context) t)
+ (setf (epg-context-textmode context) t))
(when (mml-secure-cache-passphrase-p protocol)
(epg-context-set-passphrase-callback
context
(signers (mml-secure-signers context signer-names))
signature micalg)
(when (eq 'OpenPGP protocol)
- (epg-context-set-armor context t)
- (epg-context-set-textmode context t))
- (epg-context-set-signers context signers)
+ (setf (epg-context-armor context) t)
+ (setf (epg-context-textmode context) t))
+ (setf (epg-context-signers context) signers)
(when (mml-secure-cache-passphrase-p protocol)
(epg-context-set-passphrase-callback
context
(if (eq 'OpenPGP protocol)
(epg-sign-string context (buffer-string) mode)
(epg-sign-string context
- (mm-replace-in-string (buffer-string)
- "\n" "\r\n") t))
+ (replace-regexp-in-string
+ "\n" "\r\n" (buffer-string))
+ t))
mml-secure-secret-key-id-list nil)
(error
(mml-secure-clear-secret-key-id-list)