Add $smime_pkcs7_default_smime_type config option.

This works around Outlook sending application/pkcs7-mime ".p7m" parts without a smime-type parameter. Mutt previously hardcoded an assumption that these were SignedData to work around an old Outlook book. However Outlook now appears to also send EnvelopedData in this form.
muttmua · Apr 13, 2024 · 0d75d71 · 0d75d71
1 parent 00d5628
commit 0d75d71
Show file tree

Hide file tree

Showing 4 changed files with 31 additions and 3 deletions.
diff --git a/contrib/smime.rc b/contrib/smime.rc
@@ -104,6 +104,14 @@ set smime_verify_opaque_command="\
 openssl smime -verify -inform DER -in %s %C || \
 openssl smime -verify -inform DER -in %s -noverify 2>/dev/null"
 
+# application/pkcs7-mime ".p7m" messages should have a smime-type
+# parameter to tell Mutt whether it's signed or encrypted data.
+#
+# If the parameter is missing, Mutt by default assumes it's SignedData.
+# This can be used to change Mutt's assumption to EnvelopedData (encrypted).
+#
+# set smime_pkcs7_default_smime_type="enveloped"
+
 
 
 # Section D: Alternatives

diff --git a/crypt.c b/crypt.c
@@ -610,9 +610,14 @@ int mutt_is_application_smime (BODY *m)
     {
       len++;
       if (!ascii_strcasecmp ((t+len), "p7m"))
-        /* Not sure if this is the correct thing to do, but
-           it's required for compatibility with Outlook */
-        return (SMIMESIGN|SMIMEOPAQUE);
+      {
+        if (!ascii_strcasecmp (SmimePkcs7DefaultSmimeType, "signed"))
+          return (SMIMESIGN|SMIMEOPAQUE);
+	else if (!ascii_strcasecmp (SmimePkcs7DefaultSmimeType, "enveloped"))
+	  return SMIMEENCRYPT;
+        else
+          return 0;
+      }
       else if (!ascii_strcasecmp ((t+len), "p7s"))
 	return (SMIMESIGN|SMIMEOPAQUE);
     }

diff --git a/globals.h b/globals.h
@@ -311,6 +311,7 @@ WHERE char *SmimeSignOpaqueCommand;
 WHERE char *SmimeEncryptCommand;
 WHERE char *SmimeGetSignerCertCommand;
 WHERE char *SmimePk7outCommand;
+WHERE char *SmimePkcs7DefaultSmimeType;
 WHERE char *SmimeGetCertCommand;
 WHERE char *SmimeImportCertCommand;
 WHERE char *SmimeGetCertEmailCommand;

diff --git a/init.h b/init.h
@@ -4016,6 +4016,20 @@ struct option_t MuttVars[] = {
   ** edited. This option points to the location of the private keys.
   ** (S/MIME only)
   */
+  { "smime_pkcs7_default_smime_type", 	DT_STR, R_NONE, {.p=&SmimePkcs7DefaultSmimeType}, {.p="signed"} },
+  /*
+  ** .pp
+  ** The application/pkcs7-mime ``.p7m'' type can contain EnvelopedData
+  ** (encrypted) or SignedData.  Senders should add a ``smime-type''
+  ** parameter to the content type, to help receiving MUAs correctly
+  ** handle the data.  Unfortunately, some clients (e.g. Outlook)
+  ** don't add this parameter.
+  ** .pp
+  ** This option is used to determine which type to assume when the
+  ** ``smime-type'' parameter is missing for ``.p7m'' file types.
+  ** .pp
+  ** Accepted values are ``enveloped'' and ``signed''.
+  */
   { "smime_pk7out_command", 	DT_STR, R_NONE, {.p=&SmimePk7outCommand}, {.p=0} },
   /*
   ** .pp