Bug 291890 - Kmail2 ignores signatures of inline PGP messages
Summary: Kmail2 ignores signatures of inline PGP messages
Status: RESOLVED FIXED
Alias: None
Product: kmail2
Classification: Unclassified
Component: crypto (show other bugs)
Version: 4.7
Platform: openSUSE RPMs Linux
: NOR normal with 5 votes (vote)
Target Milestone: ---
Assignee: kdepim bugs
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2012-01-18 18:36 UTC by Thomas Zell
Modified: 2013-10-30 00:21 UTC (History)
3 users (show)

See Also:
Latest Commit:
Version Fixed In: 4.12


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Thomas Zell 2012-01-18 18:36:46 UTC
Version:           4.7
OS:                Linux

The status of the signature contained in signed inline PGP messages (no matter if encrypted or not) is ignored by KMail2. The GPG log viewer shows that the signature is actually verified, but KMail2 visualizes neither the presence nor the validity of the signature.


Reproducible: Always

Steps to Reproduce:
Send encrypted or unencrypted PGP inline message with Enigmail, receive with KMail2.

Actual Results:  
No visualization of signature.

Expected Results:  
Green border around message.

gpg (GnuPG) version: 2.0.18
This behavior seems to be independent from bug 286035 (which still persists).
Comment 1 quazgar 2012-01-21 23:03:06 UTC
I can confirm this on KDE 4.7.3.

The same problem hold true for inline-encrypted messages:  There's no visual identification that one is looking at an encrypted message.
Comment 2 Thomas Zell 2012-01-26 18:54:16 UTC
Whoops ... this is a duplicate of bug 247657 !!!

In any case, removing the "log-file" entry from
~/.gnupg/gpg.conf
fixes things.
Comment 3 Thomas Zell 2012-01-26 18:54:32 UTC

*** This bug has been marked as a duplicate of bug 247657 ***
Comment 4 Thomas Zell 2012-04-04 19:11:32 UTC
Probably it's better to leave this as a bug reported against kmail2. So I'm marking the old bug report as a duplicate of this one.
Comment 5 Thomas Zell 2012-04-04 19:12:07 UTC
*** Bug 247657 has been marked as a duplicate of this bug. ***
Comment 6 Christian Boltz 2013-10-04 10:03:19 UTC
I listed some details in https://bugzilla.novell.com/show_bug.cgi?id=667717#c8

copy&paste from there:
----------
Your link was quite helpful - removing the "log-file" option solved the problem and KMail displayed the inline-signed mails as signed.

But now to the interesting part - who added this line?

# tail ~/.gnupg/gpg.conf
###+++--- GPGConf ---+++###
utf8-strings
debug-level advanced
log-file socket:///home/cb/.gnupg/log-socket
###+++--- GPGConf ---+++### Fr 27 Sep 2013 17:51:54 CEST
# GPGConf edited this configuration file.
# It will disable options before this marked block, but it will
# never change anything below these lines.

Note that the mentioned time is very close to comment #6.
What did I do before writing the comment? Well, I checked what the GnuPG Log watch (binary "watchgnupg", "GnuPG-Protokollanzeige" in german KMail) tells me about an inline-signed mail.

And indeed, after starting GnuPG log watch again, I have a fresh "log-file
socket://..." line in gpg.conf - and KMail no longer displays the mail as
signed.

So basically this bug consists of 3 bugs:
a) kwatchgnupg changes the gpg.conf in a way that breaks KMail
   (by adding the lines quoted above)
b) kwatchgnupg does not undo its change at exit, which means the then 
   dead socket stays in gpg.conf
c) KMail does not display any notice about the failed gpg call - it should
   display a yellow border and tell me that it couldn't check the signature)

For c), see also [1] from comment 7:
    "If the output from STDERR cannot be parsed due to an error in gpg, 
    kmail internally does not set the flag that the mail was signed at all"

BTW: I wasn't aware that some KMail developers listened to my "1001 bugs - or: the golden rules of bad programming" talk at oSC11 or LinuxTag 2012. Rule 21 said:
    Users hate error messages
    Conclusion: never print an error message. Fail silently instead
;-))
----------

To make it clear: The reproducer is to start kwatchgnupg which adds the "log-file socket:///home/cb/.gnupg/log-socket" line to ~/.gnupg/gpg.conf
Comment 7 Sandro Knauß 2013-10-30 00:21:14 UTC
Git commit 25f0b41941e093071cf9cee624b24f30a71047a1 by Sandro Knauß.
Committed on 15/10/2013 at 16:44.
Pushed by knauss into branch 'master'.

use gpgme instead of kpgp for decrypting PGP Inline messages

REVIEW: 113348
Related: bug 247657, bug 295217
FIXED-IN: 4.12

M  +200  -149  messageviewer/viewer/objecttreeparser.cpp

http://commits.kde.org/kdepim/25f0b41941e093071cf9cee624b24f30a71047a1