Change the smime_encrypt_with default to aes256.

Openssl supports -aes256 at least since 2004, and it's a stronger
algorithm than des3.

Also:
- Remove the incorrect documentation comment about defaulting to 3des if unset.
- Change the default set in contrib/smime.rc.

diff --git a/contrib/smime.rc b/contrib/smime.rc
index f87459237959d3ebd4fd159c40ad06714a01dd1a..a355e5b4e7fcb247fd3a4c582532aa1e41d88b08 100644 (file)
--- a/contrib/smime.rc
+++ b/contrib/smime.rc
@@ -60,7 +60,7 @@ set smime_import_cert_command="smime_keys add_cert %f"
 
 # Algorithm to use for encryption.
 # valid choices are aes128, aes192, aes256, rc2-40, rc2-64, rc2-128, des, des3
-set smime_encrypt_with="des3"
+set smime_encrypt_with="aes256"
 
 # Encrypt a message. Input file is a MIME entity.
 set smime_encrypt_command="openssl smime -encrypt -%a -outform DER -in %f %c"

diff --git a/init.h b/init.h
index 2e50eed4902f024eb06d0283943193752cac6b55..8453c76b1ab94c09de8d32b56d9f47f943b69a69 100644 (file)
--- a/init.h
+++ b/init.h
@@ -2687,12 +2687,11 @@ struct option_t MuttVars[] = {
   ** possible \fCprintf(3)\fP-like sequences.
   ** (S/MIME only)
   */
-  { "smime_encrypt_with",      DT_STR,  R_NONE, UL &SmimeCryptAlg, 0 },
+  { "smime_encrypt_with",      DT_STR,  R_NONE, UL &SmimeCryptAlg, UL "aes256" },
   /*
   ** .pp
   ** This sets the algorithm that should be used for encryption.
   ** Valid choices are ``aes128'', ``aes192'', ``aes256'', ``des'', ``des3'', ``rc2-40'', ``rc2-64'', ``rc2-128''.
-  ** If \fIunset\fP, ``3des'' (TripleDES) is used.
   ** (S/MIME only)
   */
   { "smime_get_cert_command",  DT_STR, R_NONE, UL &SmimeGetCertCommand, 0},