Bug 3040

Summary: [PATCH] Handle revoked GPG private keys
Product: Claws Mail (GTK 2) Reporter: Palmer Dabbelt <palmer>
Component: Plugins/Privacy/PGPAssignee: users
Status: RESOLVED FIXED    
Severity: normal    
Priority: P3    
Version: other   
Hardware: PC   
OS: Linux   
Attachments:
Description Flags
Fix revoked GPG key handling none

Description Palmer Dabbelt 2013-12-23 06:50:18 UTC 
Created attachment 1311 [details]
Fix revoked GPG key handling

It appears that GPGME only sets the 'key->revoked' field when
searching for public/private keys, not when searching just for private
keys.  This patch changes the GPG plugin's key search code to search
for private/public keys, throw out keys incapable of signing (which I
hope maps to public-only keys), and then proceed to check if the key
has been revoked.

This patch is probably bigger than it needs to be because I couldn't
understand the original key searching code so I had to change quite a
bit of it.  The minimal patch should just be to change
"gpgme_op_keylist_start(..., 1)" to "gpgme_op_keylist_start(..., 0)"
and then add it checks for "key->can_sign" in the correct places.  The
problem is that the old code threaded through the GPGME error code as
a mechanism for deciding if the key was valid or not, which seemed too
tricky for me :).

The attached patch applies against both claws-mail-3.9.0 (from Gentoo) and against the current git HEAD (02b5ac9).  The bug manifests itself with both gpgme-1.3.2 (stable in Gentoo) and gpgme-1.4.3 (unstable in Gentoo).
Comment 1 Colin Leroy 2013-12-28 18:10:26 UTC 
Thanks for your patch, it may be longer, but it's better than the two do {} while loops :)
Comment 2 users 2013-12-28 18:58:00 UTC 
Changes related to this bug have been committed.
Please check latest Git and update the bug accordingly.
You can also get the patch from:
http://git.claws-mail.org/

++ ChangeLog	2013-12-28 18:57:35.500904730 +0100
http://git.claws-mail.org/?p=claws.git;a=commitdiff;h=e9ef0959dc55da5f723617f148e6184a64d11284
Merge: 766877a 6a4badf
Author: Colin Leroy <colin@colino.net>
Date:   Sat Dec 28 18:57:34 2013 +0100

    Merge branch 'master' of file:///home/git/claws

http://git.claws-mail.org/?p=claws.git;a=commitdiff;h=6a4badf693d075f151638f9497fa6b467e4d27b3
Author: Colin Leroy <colin@colino.net>
Date:   Sat Dec 28 18:31:22 2013 +0100

    Fix bug #2991, "POP3 sessions duplicated" on race conditions. Patch by
    Paul Rolland.

http://git.claws-mail.org/?p=claws.git;a=commitdiff;h=7bd41ae67a9fe6bd800d4cec9f2f1e012a244ba6
Author: Colin Leroy <colin@colino.net>
Date:   Sat Dec 28 18:15:31 2013 +0100

    Fix bug #3020, "Use theme doesn't change some icons until restart"

http://git.claws-mail.org/?p=claws.git;a=commitdiff;h=3d876eaf2fc33ebe36d36ca5d11a35b80868fee0
Author: Colin Leroy <colin@colino.net>
Date:   Sat Dec 28 18:10:26 2013 +0100

    Add Palmer Dabbelt to Authors

http://git.claws-mail.org/?p=claws.git;a=commitdiff;h=18696ff22a66c3d790abdc5f95b8ab5488ff2cb5
Author: Colin Leroy <colin@colino.net>
Date:   Sat Dec 28 18:08:38 2013 +0100

    Fix bug #3040, "Handle revoked GPG private keys". Patch by Palmer Dabbelt.

http://git.claws-mail.org/?p=claws.git;a=commitdiff;h=9a56118f8110ab403cb94547cca11c0cc3ab490c
Author: Colin Leroy <colin@colino.net>
Date:   Sat Dec 28 17:40:12 2013 +0100

    Fix bug #3038, "Select A Folder incorrectly matches on number
    in parentheses". Match on FolderItem's name instead of displayed
    string.

http://git.claws-mail.org/?p=claws.git;a=commitdiff;h=02b5ac9ed2d474e546a655c636e4c9e43dd3250b
Author: Colin Leroy <colin@colino.net>
Date:   Fri Dec 20 11:53:18 2013 +0100

    Add preference to allow disabling automatic drafting of encrypted
    messages.
Comment 3 Tristan Miller 2017-01-21 16:41:53 UTC 
Has this made it into the current release yet?  When Claws Mail 3.14.1 prompts me for the recipient's encryption key, the dialog still lists revoked keys.