New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
mutt: add option to configure S/MIME and GnuPG #31207
Conversation
sed -i 's#/usr/bin/openssl#${openssl}/bin/openssl#' smime_keys.pl | ||
''; | ||
patches = optional smimeSupport (fetchpatch { | ||
url = "https://sources.debian.net/src/mutt/1.7.2-1/debian/patches/misc/smime.rc.patch"; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This patch works with our version of mutt?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Basically it enables the configuration samples, minus a few options. I tested it with GnuPG. Someone should try S/SMIME but I think it should be fine.
I can confirm S/MIME works as expected using the new
Furthermore, I dumped the configuration with 128c128
< mailcap_path="~/.mailcap:/nix/store/bvlm8ls85pyvl650i9f3iibgyqggs1ww-mutt-1.9.1/share/mutt/mailcap:/nix/store/bvlm8ls85pyvl650i9f3iibgyqggs1ww-mutt-1.9.1/etc/mailcap:/etc/mailcap:/usr/etc/mailcap:/usr/local/etc/mailcap"
---
> mailcap_path="~/.mailcap:/nix/store/1bvxzdl4s1cr3hhym3hnnp7l8wygkdil-mutt-1.9.1/share/mutt/mailcap:/nix/store/1bvxzdl4s1cr3hhym3hnnp7l8wygkdil-mutt-1.9.1/etc/mailcap:/etc/mailcap:/usr/etc/mailcap:/usr/local/etc/mailcap"
275c275
< smime_decrypt_command=""
---
> smime_decrypt_command="/nix/store/1m0mzcz0aqmlrpjs6606ya2fpsz6f4gs-openssl-1.0.2m-bin/bin/openssl smime -decrypt -passin stdin -inform DER -in %f -inkey %k -recip %c"
278c278
< smime_encrypt_command=""
---
> smime_encrypt_command="/nix/store/1m0mzcz0aqmlrpjs6606ya2fpsz6f4gs-openssl-1.0.2m-bin/bin/openssl smime -encrypt -%a -outform DER -in %f %c"
280,283c280,283
< smime_get_cert_command=""
< smime_get_cert_email_command=""
< smime_get_signer_cert_command=""
< smime_import_cert_command=""
---
> smime_get_cert_command="/nix/store/1m0mzcz0aqmlrpjs6606ya2fpsz6f4gs-openssl-1.0.2m-bin/bin/openssl pkcs7 -print_certs -in %f"
> smime_get_cert_email_command="/nix/store/1m0mzcz0aqmlrpjs6606ya2fpsz6f4gs-openssl-1.0.2m-bin/bin/openssl x509 -in %f -noout -email"
> smime_get_signer_cert_command="/nix/store/1m0mzcz0aqmlrpjs6606ya2fpsz6f4gs-openssl-1.0.2m-bin/bin/openssl smime -verify -in %f -noverify -signer %c -out /dev/null"
> smime_import_cert_command="smime_keys add_cert %f"
286c286
< smime_pk7out_command=""
---
> smime_pk7out_command="/nix/store/1m0mzcz0aqmlrpjs6606ya2fpsz6f4gs-openssl-1.0.2m-bin/bin/openssl smime -verify -in %f -noverify -pk7out"
289c289
< smime_sign_command=""
---
> smime_sign_command="/nix/store/1m0mzcz0aqmlrpjs6606ya2fpsz6f4gs-openssl-1.0.2m-bin/bin/openssl smime -sign -md %d -signer %c -inkey %k -passin stdin -in %f -certfile %i -outform DER"
293,294c293,294
< smime_verify_command=""
< smime_verify_opaque_command=""
---
> smime_verify_command="/nix/store/1m0mzcz0aqmlrpjs6606ya2fpsz6f4gs-openssl-1.0.2m-bin/bin/openssl smime -verify -inform DER -in %s %C -content %f"
> smime_verify_opaque_command="/nix/store/1m0mzcz0aqmlrpjs6606ya2fpsz6f4gs-openssl-1.0.2m-bin/bin/openssl smime -verify -inform DER -in %s %C || /nix/store/1m0mzcz0aqmlrpjs6606ya2fpsz6f4gs-openssl-1.0.2m-bin/bin/openssl smime -verify -inform DER -in %s -nov |
Motivation for this change
Fix #31102
Things done
I set
gpgSupport
andsmimeSupport
default off because we already have GPGME and it should be preferred.