[PATCH 2/2] emacs: mua: check for misplaced secure mml tags

Subject: [PATCH 2/2] emacs: mua: check for misplaced secure mml tags

Date: Sun, 2 Oct 2016 15:05:31 +0100

Cc:

Emacs message-send seems to ignore a secure mml tag anywhere except at
the start of the body, and it must be followed by a newline. Since
this is almost certainly not desired we check for it, and require user
confirmation before sending.

As the setup before message-send or message-send-and-exit is getting
more complicated it is convenient to unify the two correspoinding
notmuch functions.
---
 emacs/notmuch-mua.el | 31 ++++++++++++++++++++++++++++---
 1 file changed, 28 insertions(+), 3 deletions(-)

diff --git a/emacs/notmuch-mua.el b/emacs/notmuch-mua.el
index 72fb770..bae95f3 100644
--- a/emacs/notmuch-mua.el
+++ b/emacs/notmuch-mua.el
@@ -490,12 +490,37 @@ will be addressed to all recipients of the source message."
     (notmuch-mua-reply query-string sender reply-all)
     (deactivate-mark)))
 
+(defun notmuch-mua-misplaced-secure-tag ()
+  "Query user if there is a misplaced secure mml tag.
+
+Emacs message-send will (probably) ignore a secure mml tag unless
+it is at the start of the body and followed by a newline. Since
+this is almost certainly not desired we check for it, and get
+confirmation from the user if there is such a tag. Returns t if
+there is such a tag unless the user confirms they mean it."
+  (save-excursion
+    (let ((body-start (progn (message-goto-body) (point))))
+      (goto-char (point-max))
+      ;; We are always fine if there is no secure tag.
+      (when (search-backward "<#secure" nil 't)
+	;; There is a secure tag, so it must be at the start of the
+	;; body, with no secure tag earlier (i.e., in the headers) and
+	;; it must be followed by a newline.
+	(unless (and (= (point) body-start)
+		     (not (search-backward "<#secure" nil 't))
+		     (looking-at "<#secure[^\n>]*>\n"))
+	  (not (yes-or-no-p "\
+There is a <#secure> tag not at the start of the body. It is
+likely that the message will be sent unsigned and unencrypted.
+Really send? ")))))))
+
 (defun notmuch-mua-send-common (arg &optional exit)
   (interactive "P")
   (letf (((symbol-function 'message-do-fcc) #'notmuch-maildir-message-do-fcc))
-	(if exit
-	    (message-send-and-exit arg)
-	  (message-send arg))))
+	(unless (notmuch-mua-misplaced-secure-tag)
+	  (if exit
+	      (message-send-and-exit arg)
+	    (message-send arg)))))
 
 (defun notmuch-mua-send-and-exit (&optional arg)
   (interactive "P")
-- 
2.1.4

Previous message (by thread): Re: [PATCH 2/2] emacs: mua: check for misplaced secure mml tags

Thread:

Mark Walters—[PATCH 0/2] Check for misplaced secure mml tags [inbox, unread]
- Mark Walters—[PATCH 1/2] emacs: mua: extract a common message-send function. [inbox, notmuch::obsolete, notmuch::patch, unread]
- Mark Walters—[PATCH 2/2] emacs: mua: check for misplaced secure mml tags [inbox, notmuch::obsolete, notmuch::patch, unread]
  - David Bremner—Re: [PATCH 2/2] emacs: mua: check for misplaced secure mml tags [inbox, unread]