Re: [Evolution] Evolution + GPG + MailScanner = Bad Juju...

[Jeffrey Stedfast <fejj novell com>]

On Thu, 2006-01-26 at 15:53 -0500, Michael H. Warfield wrote:
> On Thu, 2006-01-26 at 15:44 -0500, Jeffrey Stedfast wrote:
> > On Thu, 2006-01-26 at 15:00 -0500, Michael H. Warfield wrote:
> > > Ok all,
> > > 
> > > 	I'm cross posting this to both Evolution and MailScanner because I can
> > > already predict the finger pointing that's naturally going to result.
> > > 
> > > 	A few months ago, someone brought it to my attention that my GPG
> > > signatures (messages signed only, not encrypted) where suddenly turning
> > > up "bad".  The signature on this message will probably be "bad".  It
> > > took some major head scratching to figure out what changed, what the
> > > parameters where, and what the hell was happening but I think I've got
> > > in narrowed down to some poor behavior on the part of BOTH Evolution AND
> > > MailScanner (or a component of MailScanner - not sure).
> > > 
> > > 	It seems to have initially broken with an upgrade to MailScanner.  I
> > > think upgrading to 4.47.4-2 or there abouts might have been the
> > > triggering event, but I don't remember what I was running on that server
> > > prior to that.  Before then, all my signatures GPG signatures were good.
> > > After, they were bad.  If I turn off MailScanner on my server, the
> > > signatures are good.  I have accounts on several servers and the
> > > signatures are bad if I forward mail through one running a recent
> > > version of MailScanner.  I just upgraded one of my servers to 4.50.5-12
> > > and now I've got bad signatures through that server as well (I wasn't
> > > running MailScanner on that one before).
> > > 
> > > 	But, that doesn't get Evolution off the hook.  It's only happening for
> > > messages that I'm composing in Evolution!  If I compose them in Mutt or
> > > vi a text file and send it, everything is fine.  Also, my saved copies
> > > in the Evolution sent box is fine.
> > > 
> > > 	Sooo...  I compare what was saved in the "sent" box with what was
> > > received with a bad signature...  What was the difference?  Carriage
> > > Returns!  Evolution is terminating lines with CR-LF when composing a
> > > message.  MailScanner is removing the CR and leaving the LF.
> > > Apparently, Evolution called gpg in binary mode to create the signature.
> > > Modifying even the line termination then breaks the signature.
> > > 
> > > 	No other mailer I use generates the DOS/Windows line termination, they
> > > all end lines with *NIX convention of LF only (no I haven't tried
> > > ThunderBird or KMail or other GUI client as yet).
> > > 
> > > 	1) Why must we be adding extraneous CR on text messages?  Is this
> > > REALLY necessary?
> > 
> > Yes. From rfc3156:
> > 
> >    When the OpenPGP digital signature is generated:
> > 
> >    (1)   The data to be signed MUST first be converted to its content-
> >          type specific canonical form.  For text/plain, this means
> >          conversion to an appropriate character set and conversion of
> >          line endings to the canonical <CR><LF> sequence.
> 
> > This is what Evolution does.
> 
> 	Ok...  I'll concede that point.  Then what about the signing mode, text
> vs binary.  We're still broken here.

How so? The only difference between text and binary mode is the
canonical CRLF endings, and, guess what, Evolution converts to CRLF. So
no problem there.

> 
> > -- 
> > Jeffrey Stedfast
> > Evolution Hacker - Novell, Inc.
> > fejj ximian com  - www.novell.com
> 
> 	Mike
-- 
Jeffrey Stedfast
Evolution Hacker - Novell, Inc.
fejj ximian com  - www.novell.com