Add a security bit to the message for oppenc mode.

This allows oppenc to be enabled/disabled on a message level.  If
something initially enables encryption, such as crypt_autoencrypt or
crypt_replyencrypt, oppenc is turned off for the message.

Change the postpone/resume code to persist the oppenc bit.

Also change resend message to enable and invoke oppenc if the option is
set.

diff --git a/crypt.c b/crypt.c
index c3bba9739baa1c900c0e734b757e31d83a980626..dc7a669bef97b219729cb1f8b82cae914744a9a0 100644 (file)
--- a/crypt.c
+++ b/crypt.c
@@ -773,8 +773,7 @@ void crypt_opportunistic_encrypt(HEADER *msg)
   if (!WithCrypto)
     return;
 
-  /* crypt_autoencrypt should override crypt_opportunistic_encrypt */
-  if (option (OPTCRYPTAUTOENCRYPT))
+  if (! (option (OPTCRYPTOPPORTUNISTICENCRYPT) && (msg->security & OPPENCRYPT)) )
     return;
 
   crypt_get_keys (msg, &pgpkeylist, 1);

diff --git a/mutt.h b/mutt.h
index 04238a02d6345ec14b9f048678592d0103eccae3..41a3637c624376c97d382fdccb57ae07de086140 100644 (file)
--- a/mutt.h
+++ b/mutt.h
@@ -705,8 +705,8 @@ typedef struct mutt_thread THREAD;
 
 typedef struct header
 {
-  unsigned int security : 11;  /* bit 0-6: flags, bit 7,8: application.
-                                see: crypt.h pgplib.h, smime.h */
+  unsigned int security : 12;  /* bit 0-8: flags, bit 9,10: application.
+                                see: mutt_crypt.h pgplib.h, smime.h */
 
   unsigned int mime : 1;               /* has a MIME-Version header? */
   unsigned int flagged : 1;            /* marked important? */

diff --git a/mutt_crypt.h b/mutt_crypt.h
index 7ef52e4b071e6a60aaf55b0601ad72345f7cb047..7a934906ae577855f9c5e4fd89578519abef2eb3 100644 (file)
--- a/mutt_crypt.h
+++ b/mutt_crypt.h
@@ -39,11 +39,12 @@
 #define SIGNOPAQUE (1 << 5)
 #define KEYBLOCK   (1 << 6) /* KEY too generic? */
 #define INLINE     (1 << 7)
+#define OPPENCRYPT (1 << 8) /* Opportunistic encrypt mode */
 
-#define APPLICATION_PGP    (1 << 8) 
-#define APPLICATION_SMIME  (1 << 9)
+#define APPLICATION_PGP    (1 << 9)
+#define APPLICATION_SMIME  (1 << 10)
 
-#define PGP_TRADITIONAL_CHECKED (1 << 10)
+#define PGP_TRADITIONAL_CHECKED (1 << 11)
 
 #define PGPENCRYPT  (APPLICATION_PGP | ENCRYPT)
 #define PGPSIGN     (APPLICATION_PGP | SIGN)

diff --git a/postpone.c b/postpone.c
index f612973157b47e0ac5606cc152b945d4ee92b058..a70316185258cdaf34c483eeee931b1f2d59db55 100644 (file)
--- a/postpone.c
+++ b/postpone.c
@@ -404,6 +404,10 @@ int mutt_get_postponed (CONTEXT *ctx, HEADER *hdr, HEADER **cur, char *fcc, size
       tmp = tmp->next;
     }
   }
+
+  if (option (OPTCRYPTOPPORTUNISTICENCRYPT))
+    crypt_opportunistic_encrypt (hdr);
+
   return (code);
 }
 
@@ -429,6 +433,11 @@ int mutt_parse_crypt_hdr (const char *p, int set_empty_signas, int crypt_app)
         flags |= ENCRYPT;
         break;
 
+      case 'o':
+      case 'O':
+        flags |= OPPENCRYPT;
+        break;
+
       case 's':
       case 'S':
         flags |= SIGN;

diff --git a/send.c b/send.c
index 16db62bc9621d4806090ebeb62cee1b5b4108fd1..d4e2a7974da48e7169ef5a029567dd523f58b481 100644 (file)
--- a/send.c
+++ b/send.c
@@ -1089,7 +1089,28 @@ int mutt_resend_message (FILE *fp, CONTEXT *ctx, HEADER *cur)
   
   if (mutt_prepare_template (fp, ctx, msg, cur, 1) < 0)
     return -1;
-  
+
+  if (WithCrypto)
+  {
+    /* mutt_prepare_template doesn't always flip on an application bit.
+     * so fix that here */
+    if (!(msg->security & (APPLICATION_SMIME | APPLICATION_PGP)))
+    {
+      if ((WithCrypto & APPLICATION_SMIME) && option (OPTSMIMEISDEFAULT))
+        msg->security |= APPLICATION_SMIME;
+      else if (WithCrypto & APPLICATION_PGP)
+        msg->security |= APPLICATION_PGP;
+      else
+        msg->security |= APPLICATION_SMIME;
+    }
+
+    if (option (OPTCRYPTOPPORTUNISTICENCRYPT))
+    {
+      msg->security |= OPPENCRYPT;
+      crypt_opportunistic_encrypt(msg);
+    }
+  }
+
   return ci_send_message (SENDRESEND, msg, NULL, ctx, cur);
 }
 
@@ -1517,7 +1538,15 @@ ci_send_message (int flags,              /* send mode */
     /* opportunistic encrypt relys on SMIME or PGP already being selected */
     if (option (OPTCRYPTOPPORTUNISTICENCRYPT))
     {
-      crypt_opportunistic_encrypt(msg);
+      /* If something has already enabled encryption, e.g. OPTCRYPTAUTOENCRYPT
+       * or OPTCRYPTREPLYENCRYPT, then don't enable opportunistic encrypt for
+       * the message.
+       */
+      if (! (msg->security & ENCRYPT))
+      {
+        msg->security |= OPPENCRYPT;
+        crypt_opportunistic_encrypt(msg);
+      }
     }
 
     /* No permissible mechanisms found.  Don't sign or encrypt. */

diff --git a/sendlib.c b/sendlib.c
index ed04788a9f765b7ae88414e49189b4e2c50b1188..a3454163c37154e07fafc12c3cc7f029a4def683 100644 (file)
--- a/sendlib.c
+++ b/sendlib.c
@@ -2770,6 +2770,8 @@ int mutt_write_fcc (const char *path, HEADER *hdr, const char *msgid, int post,
     fputs ("X-Mutt-PGP: ", msg->fp);
     if (hdr->security & ENCRYPT)
       fputc ('E', msg->fp);
+    if (hdr->security & OPPENCRYPT)
+      fputc ('O', msg->fp);
     if (hdr->security & SIGN)
     {
       fputc ('S', msg->fp);
@@ -2791,6 +2793,8 @@ int mutt_write_fcc (const char *path, HEADER *hdr, const char *msgid, int post,
        if (SmimeCryptAlg && *SmimeCryptAlg)
            fprintf (msg->fp, "C<%s>", SmimeCryptAlg);
     }
+    if (hdr->security & OPPENCRYPT)
+      fputc ('O', msg->fp);
     if (hdr->security & SIGN) {
        fputc ('S', msg->fp);
        if (SmimeDefaultKey && *SmimeDefaultKey)