Commit 880f1a1b authored by Christoph Berg's avatar Christoph Berg

Use upstream's smime.rc file, hereby fixing S/MIME encryption. (Closes: #315319)

parent 997ecaf9
......@@ -3,8 +3,10 @@ mutt (1.5.19-2) experimental; urgency=low
* Recommends: libsasl2-modules. Technically, we depend on libsasl2-2 which
already recommends this package, but not having it installed just confuses
too many users.
* Use upstream's smime.rc file, hereby fixing S/MIME encryption.
(Closes: #315319)
-- Christoph Berg <myon@debian.org> Fri, 30 Jan 2009 00:10:25 +0100
-- Christoph Berg <myon@debian.org> Tue, 03 Feb 2009 22:08:02 +0100
mutt (1.5.19-1) experimental; urgency=low
......
# S/MIME configuration
set smime_ca_location=`for f in $HOME/.smime/ca-certificates.crt $HOME/.smime/ca-bundle.crt /etc/ssl/certs/ca-certificates.crt ; do if [ -f $f ] ; then echo $f ; exit ; fi ; done`
set smime_certificates="~/.smime/certificates"
set smime_keys="~/.smime/keys"
set smime_pk7out_command="openssl smime -verify -in %f -noverify -pk7out"
set smime_get_cert_command="openssl pkcs7 -print_certs -in %f"
set smime_get_signer_cert_command="openssl smime -verify -in %f -noverify -signer %c -out /dev/null"
set smime_get_cert_email_command="openssl x509 -in %f -noout -email"
set smime_import_cert_command="smime_keys add_cert %f"
set smime_encrypt_command="openssl smime -encrypt %a -outform DER -in %f %c"
set smime_sign_command="openssl smime -sign -signer %c -inkey %k -passin stdin -in %f -certfile %i -outform DER"
# This alternative command does not include the full certificates chain.
# Be sure to understand RFC 2315 section 9.1 before using it.
#set smime_sign_command="openssl smime -sign -signer %c -inkey %k -passin stdin -in %f -outform DER"
set smime_decrypt_command="openssl smime -decrypt -passin stdin -inform DER -in %f -inkey %k -recip %c"
set smime_verify_command="openssl smime -verify -inform DER -in %s %C -content %f"
set smime_verify_opaque_command="\
openssl smime -verify -inform DER -in %s %C || \
openssl smime -verify -inform DER -in %s -noverify 2>/dev/null"
......@@ -11,6 +11,7 @@ debian/extra/lib/debian-ldap-query usr/lib/mutt
debian/tmp/Muttrc etc
debian/tmp/gpg.rc etc/Muttrc.d
contrib/smime.rc etc/Muttrc.d
debian/extra/rc/*.rc etc/Muttrc.d
debian/extra/mutt.xpm usr/share/pixmaps
debian/tmp/usr/share/doc/*.html usr/share/doc/mutt/html
#!/bin/sh
if [ "$1" = "upgrade" ] && dpkg --compare-versions "$2" lt "1.5.19-2" ; then
MD5SUM=$(md5sum /etc/Muttrc.d/smime-paths.rc | cut -d ' ' -f 1)
if [ "$MD5SUM" = "185414b78b332a662500719a179778c5" ] ; then
echo "Removing obsolete config file /etc/Muttrc.d/smime-paths.rc"
rm /etc/Muttrc.d/smime-paths.rc
else
echo "Not removing modified obsolete config file /etc/Muttrc.d/smime-paths.rc"
fi
fi
#DEBHELPER#
exit 0
--- a/contrib/smime.rc
+++ b/contrib/smime.rc
@@ -4,33 +4,34 @@
# If you compiled mutt with support for both PGP and S/MIME, PGP
# will be the default method unless the following option is set
-set smime_is_default
+#set smime_is_default
# Uncoment this if you don't want to set labels for certificates you add.
# unset smime_ask_cert_label
# Passphrase expiration
-set smime_timeout=300
+#set smime_timeout=300
# Global crypto options -- these affect PGP operations as well.
-set crypt_autosign = yes
-set crypt_replyencrypt = yes
-set crypt_replysign = yes
-set crypt_replysignencrypted = yes
-set crypt_verify_sig = yes
+#set crypt_autosign = yes
+#set crypt_replyencrypt = yes
+#set crypt_replysign = yes
+#set crypt_replysignencrypted = yes
+#set crypt_verify_sig = yes
# Section A: Key Management.
# The (default) keyfile for signing/decrypting. Uncomment the following
# line and replace the keyid with your own.
-set smime_default_key="12345678.0"
+#set smime_default_key="12345678.0"
# Uncommen to make mutt ask what key to use when trying to decrypt a message.
# It will use the default key above (if that was set) else.
# unset smime_decrypt_use_default_key
# Path to a file or directory with trusted certificates
-set smime_ca_location="~/.smime/ca-bundle.crt"
+#set smime_ca_location="~/.smime/ca-bundle.crt"
+set smime_ca_location=`for f in $HOME/.smime/ca-certificates.crt $HOME/.smime/ca-bundle.crt /etc/ssl/certs/ca-certificates.crt ; do if [ -e $f ] ; then echo $f ; exit ; fi ; done`
# Path to where all known certificates go. (must exist!)
set smime_certificates="~/.smime/certificates"
......@@ -25,6 +25,7 @@ debian-specific/assumed_charset-compat
misc/define-pgp_getkeys_command.diff
misc/gpg.rc-paths
misc/smime.rc
mutt.org
# extra patches for mutt-patched
mutt-patched/sidebar-compat-revert.debian
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment