I'm told this patch doesn't work with the patch(1) command. I didn't try that myself, as it was short enough to apply by hand. I cached the message here so I can find it easily, since I've had to track it down and reapply it several times now when I've upgraded my system.
I look forward to the day this gets fixed in the official exmh sources, so I don't have to keep re-fixing it locally. :-P
(from exmh-users@redhat.com)
In message <200109280730.f8S7UAF01896@folly.stanford.edu>, Ben Escoto writes:
When I try to clearsign something with gpg the message ends up corrupted because the signature section isn't a detached signature but rather the whole message.
I convinced myself a while back that detached signatures were the only correct way to sign multipart/signed messages and fixed this bug. Unfortunately, I still have some changes pending (to the PGP code) and have not checked in my changes. The relevant diff (to pgpMain.tcl) is:
*** 740,756 ****
# Depending on format standard may mean different
# things. It was decided to keep this ambiguity
# internal instead of exporting it via the GUI.
! if {$pgp(format,$id) == "plain"} {
Pgp_Exec_Sign $pgp(version,$id) $msgfile $pgpfile \
! $originator standard
} else {
Pgp_Exec_Sign $pgp(version,$id) $msgfile $pgpfile \
! $originator detached
}
}
clearsign {
! Pgp_Exec_Sign $pgp(version,$id) $msgfile $pgpfile \
$originator clearsign
}
encryptsign {
Pgp_Exec_EncryptSign $pgp(version,$id) $msgfile $pgpfile \
--- 759,782 ----
# Depending on format standard may mean different
# things. It was decided to keep this ambiguity
# internal instead of exporting it via the GUI.
! if {$pgp(format,$id) == "pm"} {
Pgp_Exec_Sign $pgp(version,$id) $msgfile $pgpfile \
! $originator detached
} else {
Pgp_Exec_Sign $pgp(version,$id) $msgfile $pgpfile \
! $originator standard
}
}
clearsign {
! # There is only one correct way of signing
! # multipart/signed messages and that is "detached".
! if {$pgp(format,$id) == "pm"} {
! Pgp_Exec_Sign $pgp(version,$id) $msgfile $pgpfile \
! $originator detached
! } else {
! Pgp_Exec_Sign $pgp(version,$id) $msgfile $pgpfile \
$originator clearsign
+ }
}
encryptsign {
Pgp_Exec_EncryptSign $pgp(version,$id) $msgfile $pgpfile \
***************
[ Example deleted.]
I was messing with exmh to figure out how to encrypt stuff with emacs, so I might have broken it myself. Just tell me if it works for other people and I'll take a closer look.
BTW, here is a crude (but perhaps working) standalone script that tells exmh to Multipart/PGP clearsign or encryptsign a drafts file. It can be used from external editors.
I'm not 100% sure but I think you may need to clear those pgp(*) variables your script sets or risk having subsequent draft re-use those settings.
Kevin