On Thu, 2006-01-26 at 15:44 -0500, Jeffrey Stedfast wrote:
On Thu, 2006-01-26 at 15:00 -0500, Michael H. Warfield wrote:Ok all, I'm cross posting this to both Evolution and MailScanner because I can already predict the finger pointing that's naturally going to result. A few months ago, someone brought it to my attention that my GPG signatures (messages signed only, not encrypted) where suddenly turning up "bad". The signature on this message will probably be "bad". It took some major head scratching to figure out what changed, what the parameters where, and what the hell was happening but I think I've got in narrowed down to some poor behavior on the part of BOTH Evolution AND MailScanner (or a component of MailScanner - not sure). It seems to have initially broken with an upgrade to MailScanner. I think upgrading to 4.47.4-2 or there abouts might have been the triggering event, but I don't remember what I was running on that server prior to that. Before then, all my signatures GPG signatures were good. After, they were bad. If I turn off MailScanner on my server, the signatures are good. I have accounts on several servers and the signatures are bad if I forward mail through one running a recent version of MailScanner. I just upgraded one of my servers to 4.50.5-12 and now I've got bad signatures through that server as well (I wasn't running MailScanner on that one before). But, that doesn't get Evolution off the hook. It's only happening for messages that I'm composing in Evolution! If I compose them in Mutt or vi a text file and send it, everything is fine. Also, my saved copies in the Evolution sent box is fine. Sooo... I compare what was saved in the "sent" box with what was received with a bad signature... What was the difference? Carriage Returns! Evolution is terminating lines with CR-LF when composing a message. MailScanner is removing the CR and leaving the LF. Apparently, Evolution called gpg in binary mode to create the signature. Modifying even the line termination then breaks the signature. No other mailer I use generates the DOS/Windows line termination, they all end lines with *NIX convention of LF only (no I haven't tried ThunderBird or KMail or other GUI client as yet). 1) Why must we be adding extraneous CR on text messages? Is this REALLY necessary?Yes. From rfc3156: When the OpenPGP digital signature is generated: (1) The data to be signed MUST first be converted to its content- type specific canonical form. For text/plain, this means conversion to an appropriate character set and conversion of line endings to the canonical <CR><LF> sequence.
This is what Evolution does.
Ok... I'll concede that point. Then what about the signing mode, text
vs binary. We're still broken here.
-- Jeffrey Stedfast Evolution Hacker - Novell, Inc. fejj ximian com - www.novell.com
Mike
--
Michael H. Warfield (AI4NB) | (770) 985-6132 | mhw WittsEnd com
/\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/
NIC whois: MHW9 | An optimist believes we live in the best of all
PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it!
Attachment:
signature.asc
Description: This is a digitally signed message part