Skip Menu |

This queue is for tickets about the Mail-GnuPG CPAN distribution.

Report information
The Basics
Id: 46168
Status: resolved
Priority: 0/
Queue: Mail-GnuPG
People
Owner: Nobody in particular
Requestors: chalpin+d+1243492097.49d9e7 [...] cs.wisc.edu
Cc:
AdminCc:
Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: (no value)
Attachments
check_status
check_status.out
mutt.png
test.msg.bz2
test.pl

History Show all quoted text
  Mon May 18 02:29:30 2009 chalpin+d+1243492097.49d9e7 [...] cs.wisc.edu - Ticket created
Subject: Mutt and Mail::GnuPG disagree about a signature
Date: Mon, 18 May 2009 01:27:44 -0500
To: bug-Mail-GnuPG [...] rt.cpan.org
From: Corey Halpin <chalpin [...] cs.wisc.edu>
Download (untitled)
application/pgp-signature 196b

Message body not shown because it is not plain text.

The attached message (bzip2'd) shows up as having a correct signature in mutt, but Mail::GnuPG's verify() method calls it incorrect. Unfortunately, I don't know the Mail::GnuPG code well enough to be of much use in debugging this. Perhaps the quoted printable encoding is an issue? ~crh
Download test.msg.bz2
application/octet-stream 2.8k

Message body not shown because it is not plain text.

  Thu May 21 00:30:59 2009 rspier [...] pobox.com - Correspondence added
Subject: Re: [rt.cpan.org #46168] Mutt and Mail::GnuPG disagree about a signature
Date: Wed, 20 May 2009 21:30:36 -0700
To: bug-Mail-GnuPG [...] rt.cpan.org
From: Robert Spier <rspier [...] pobox.com>
Please be more specific. What's the error you're getting? What does your code look like?
  Thu May 21 00:31:00 2009 The RT System itself - Status changed from 'new' to 'open'
  Thu May 21 10:11:44 2009 chalpin [...] cs.wisc.edu - Correspondence added
Subject: Re: [rt.cpan.org #46168] Mutt and Mail::GnuPG disagree about a signature
Date: Thu, 21 May 2009 09:11:11 -0500
To: "rspier [...] pobox.com via RT" <bug-Mail-GnuPG [...] rt.cpan.org>
From: Corey Halpin <chalpin [...] cs.wisc.edu>
On 2009-05-21, rspier@pobox.com via RT wrote: Show quoted text
> <URL: http://rt.cpan.org/Ticket/Display.html?id=46168 > > > > Please be more specific. What's the error you're getting?
There was no error, the return code of verify() was just not correct according to mutt. Show quoted text
> What does your code look like?
Attached is the code I ran, the output it generates for me, and a screenshot of mutt displaying the same message. ~crh

Message body is not shown because sender requested not to inline it.

Message body is not shown because sender requested not to inline it.

Download mutt.png
image/png 16.3k

Message body is not shown because sender requested not to inline it.

  Fri May 22 00:14:09 2009 rspier [...] pobox.com - Correspondence added
CC: undisclosed-recipients:;
Subject: Re: [rt.cpan.org #46168] Mutt and Mail::GnuPG disagree about a signature
Date: Thu, 21 May 2009 21:13:47 -0700
To: "Corey Halpin via RT" <bug-Mail-GnuPG [...] rt.cpan.org>
From: Robert Spier <rspier [...] pobox.com>
Corey Halpin via RT wrote: Show quoted text
> > Queue: Mail-GnuPG > Ticket <URL: http://rt.cpan.org/Ticket/Display.html?id=46168 > > > On 2009-05-21, rspier@pobox.com via RT wrote:
> > <URL: http://rt.cpan.org/Ticket/Display.html?id=46168 > > > > > > > Please be more specific. What's the error you're getting?
> > There was no error, the return code of verify() was just not correct > according to mutt. >
> > What does your code look like?
> > Attached is the code I ran, the output it generates for me, and a screenshot > of mutt displaying the same message.
What's the return code that verify is providing? Can you share the message that isn't verifying so we can build a test case? It's going to be impossible to debug it going back and forth like this. -R
  Fri May 22 12:47:07 2009 chalpin [...] cs.wisc.edu - Correspondence added
Subject: Re: [rt.cpan.org #46168] Mutt and Mail::GnuPG disagree about a signature
Date: Fri, 22 May 2009 11:46:40 -0500
To: "rspier [...] pobox.com via RT" <bug-Mail-GnuPG [...] rt.cpan.org>
From: Corey Halpin <chalpin [...] cs.wisc.edu>
On 2009-05-22, rspier@pobox.com via RT wrote: Show quoted text
> Can you share the message that isn't verifying so we can build a test > case? It's going to be impossible to debug it going back and forth like > this.
I'm not understanding what you mean by "back and forth like this". Are you not getting my attachments? When the request tracker CC's me, I see them. Furthermore, they show up on the web version of the tracker. I attached the problematic message to my first report. To my second report, I attached the code I'm running, the output it produces, and a screencap of mutt verifying the same message. In the case that it is something weird with attachment stripping, here they are again : http://pages.cs.wisc.edu/~chalpin/gpg_data/test.msg.bz2 -- the message http://pages.cs.wisc.edu/~chalpin/gpg_data/check_status -- my code http://pages.cs.wisc.edu/~chalpin/gpg_data/check_status.out -- output http://pages.cs.wisc.edu/~chalpin/gpg_data/mutt.png -- screencap Thank you for your attention to this, and let me know if there's anything else I can provide to be useful. ~crh
  Mon Nov 23 02:18:07 2009 rspier [...] pobox.com - Correspondence added
CC: undisclosed-recipients:;
Subject: Re: [rt.cpan.org #46168] Mutt and Mail::GnuPG disagree about a signature
Date: Sun, 22 Nov 2009 23:17:46 -0800
To: "Corey Halpin via RT" <bug-Mail-GnuPG [...] rt.cpan.org>
From: Robert Spier <rspier [...] pobox.com>
I finally found time to look at this. I'm pretty sure the problem isn't Mail::GnuPG, but the underlying MIME::Entity and friends that Mail::GnuPG uses. It looks like MIME::Entity stores the message internally decoded, and then re-encodes it when asked to print it. It does so in a manner that is *different* from the original message. (See the diff below.) Thus, the sig doesn't verify. -R --- mutt-wombat-1000-13828-2 2009-11-22 22:54:00.000000000 -0800 +++ mgdLPxP0d 2009-11-22 22:59:16.000000000 -0800 @@ -28,6 +28,6 @@ Regards, Mauricio Campiglia -=2D-=20 +--=20 =C2=ABHistory is a vast early warning system.=C2=BB --Norman Cousins--
  Mon Nov 23 23:50:13 2009 chalpin [...] cs.wisc.edu - Correspondence added
Subject: Re: [rt.cpan.org #46168] Mutt and Mail::GnuPG disagree about a signature
Date: Mon, 23 Nov 2009 22:49:50 -0600
To: "rspier [...] pobox.com via RT" <bug-Mail-GnuPG [...] rt.cpan.org>
From: Corey Halpin <chalpin [...] cs.wisc.edu>
On 2009-11-23, rspier@pobox.com via RT wrote: Show quoted text
> <URL: http://rt.cpan.org/Ticket/Display.html?id=46168 > > > > I finally found time to look at this. > > I'm pretty sure the problem isn't Mail::GnuPG, but the underlying > MIME::Entity and friends that Mail::GnuPG uses. > > It looks like MIME::Entity stores the message internally decoded, and > then re-encodes it when asked to print it. It does so in a manner > that is *different* from the original message. (See the diff below.) > Thus, the sig doesn't verify.
Ah, okay. Thank you for looking into this. ~crh
Download (untitled)
application/pgp-signature 196b

Message body not shown because it is not plain text.

  Sun Dec 12 20:27:30 2010 DDB [...] cpan.org - Correspondence added
This is fixed in 0.15, at least if you call the Mime::Parser::decode_bodies method. See modified version of your script attached.
Subject: test.pl
#!/usr/bin/perl ( $#ARGV==-1 or ($#ARGV==0 and $ARGV[0] eq "-n" ) ) or die "Usage: check_status [-n] < message"; use MIME::Parser; use Mail::GnuPG; use Email::Filter; my $email = Email::Filter->new(); mkdir "/tmp/$$",0700; chdir "/tmp/$$"; my $parser = new MIME::Parser; $parser->decode_bodies(0); $entity = $parser->parse_data( $email->simple->as_string ) or die "parse failed\n"; my $mg = new Mail::GnuPG(); if( $mg->is_signed($entity) ){ print "Message was signed\n"; my ($code, $keyid, $email) = $mg->verify($entity); if($code==0) { print "The signature valid\n"; } else { print "The signature was invalid\n"; } } `rm -rf /tmp/$$`; # Tempdir must die.
  Sun Dec 12 20:27:31 2010 DDB [...] cpan.org - Status changed from 'open' to 'resolved'