diff options
| author | Mark Walters <markwalters1009@gmail.com> | 2016-10-08 21:05:23 +0100 |
|---|---|---|
| committer | David Bremner <david@tethera.net> | 2016-10-09 08:53:14 -0300 |
| commit | 9259c7971d0839b4fcfda348c33761048b441064 (patch) | |
| tree | 9ac02ec23c1efa7282b0c1ffd6d4a474740844d8 | |
| parent | 025bf3cd4af73020e1657dbb20e13cc0711b8d68 (diff) | |
emacs: mua: check for misplaced secure mml tags
Emacs message-send seems to ignore a secure mml tag anywhere except at
the start of the body, and it must be followed by a newline. Since
this is almost certainly not desired we check for it, and require user
confirmation before sending.
As the setup before message-send or message-send-and-exit is getting
more complicated it is convenient to unify the two correspoinding
notmuch functions.
| -rw-r--r-- | emacs/notmuch-mua.el | 52 |
1 files changed, 48 insertions, 4 deletions
diff --git a/emacs/notmuch-mua.el b/emacs/notmuch-mua.el index 72fb7705..c5671731 100644 --- a/emacs/notmuch-mua.el +++ b/emacs/notmuch-mua.el @@ -490,12 +490,56 @@ will be addressed to all recipients of the source message." (notmuch-mua-reply query-string sender reply-all) (deactivate-mark))) +(defun notmuch-mua-check-no-misplaced-secure-tag () + "Query user if there is a misplaced secure mml tag. + +Emacs message-send will (probably) ignore a secure mml tag unless +it is at the start of the body. Returns t if there is no such +tag, or the user confirms they mean it." + (save-excursion + (let ((body-start (progn (message-goto-body) (point)))) + (goto-char (point-max)) + (or + ;; We are always fine if there is no secure tag. + (not (search-backward "<#secure" nil 't)) + ;; There is a secure tag, so it must be at the start of the + ;; body, with no secure tag earlier (i.e., in the headers). + (and (= (point) body-start) + (not (search-backward "<#secure" nil 't))) + ;; The user confirms they means it. + (yes-or-no-p "\ +There is a <#secure> tag not at the start of the body. It is +likely that the message will be sent unsigned and unencrypted. +Really send? "))))) + +(defun notmuch-mua-check-secure-tag-has-newline () + "Query if the secure mml tag has a newline following it. + +Emacs message-send will (probably) ignore a correctly placed +secure mml tag unless it is followed by a newline. Returns t if +any secure tag is followed by a newline, or the user confirms +they mean it." + (save-excursion + (message-goto-body) + (or + ;; There is no (correctly placed) secure tag. + (not (looking-at "<#secure")) + ;; The secure tag is followed by a newline. + (looking-at "<#secure[^\n>]*>\n") + ;; The user confirms they means it. + (yes-or-no-p "\ +The <#secure> tag at the start of the body is not followed by a +newline. It is likely that the message will be sent unsigned and +unencrypted. Really send? ")))) + (defun notmuch-mua-send-common (arg &optional exit) (interactive "P") - (letf (((symbol-function 'message-do-fcc) #'notmuch-maildir-message-do-fcc)) - (if exit - (message-send-and-exit arg) - (message-send arg)))) + (when (and (notmuch-mua-check-no-misplaced-secure-tag) + (notmuch-mua-check-secure-tag-has-newline)) + (letf (((symbol-function 'message-do-fcc) #'notmuch-maildir-message-do-fcc)) + (if exit + (message-send-and-exit arg) + (message-send arg))))) (defun notmuch-mua-send-and-exit (&optional arg) (interactive "P") |