Re: [Evolution] Evolution + GPG + MailScanner = Bad Juju...

[Jeffrey Stedfast <fejj novell com>]

On Thu, 2006-01-26 at 15:00 -0500, Michael H. Warfield wrote:
> Ok all,
>
>       I'm cross posting this to both Evolution and MailScanner because I can
> already predict the finger pointing that's naturally going to result.
>
>       A few months ago, someone brought it to my attention that my GPG
> signatures (messages signed only, not encrypted) where suddenly turning
> up "bad".  The signature on this message will probably be "bad".  It
> took some major head scratching to figure out what changed, what the
> parameters where, and what the hell was happening but I think I've got
> in narrowed down to some poor behavior on the part of BOTH Evolution AND
> MailScanner (or a component of MailScanner - not sure).
>
>       It seems to have initially broken with an upgrade to MailScanner.  I
> think upgrading to 4.47.4-2 or there abouts might have been the
> triggering event, but I don't remember what I was running on that server
> prior to that.  Before then, all my signatures GPG signatures were good.
> After, they were bad.  If I turn off MailScanner on my server, the
> signatures are good.  I have accounts on several servers and the
> signatures are bad if I forward mail through one running a recent
> version of MailScanner.  I just upgraded one of my servers to 4.50.5-12
> and now I've got bad signatures through that server as well (I wasn't
> running MailScanner on that one before).
>
>       But, that doesn't get Evolution off the hook.  It's only happening for
> messages that I'm composing in Evolution!  If I compose them in Mutt or
> vi a text file and send it, everything is fine.  Also, my saved copies
> in the Evolution sent box is fine.
>
>       Sooo...  I compare what was saved in the "sent" box with what was
> received with a bad signature...  What was the difference?  Carriage
> Returns!  Evolution is terminating lines with CR-LF when composing a
> message.  MailScanner is removing the CR and leaving the LF.
> Apparently, Evolution called gpg in binary mode to create the signature.
> Modifying even the line termination then breaks the signature.
>
>       No other mailer I use generates the DOS/Windows line termination, they
> all end lines with *NIX convention of LF only (no I haven't tried
> ThunderBird or KMail or other GUI client as yet).
>
>       1) Why must we be adding extraneous CR on text messages?  Is this
> REALLY necessary?

Yes. From rfc3156:

   When the OpenPGP digital signature is generated:

   (1)   The data to be signed MUST first be converted to its content-
         type specific canonical form.  For text/plain, this means
         conversion to an appropriate character set and conversion of
         line endings to the canonical <CR><LF> sequence.

This is what Evolution does.

-- 
Jeffrey Stedfast
Evolution Hacker - Novell, Inc.
fejj ximian com  - www.novell.com