1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
|
--- commands.c.orig 2016-10-08 19:30:21 UTC
+++ commands.c
@@ -185,7 +185,7 @@ int mutt_display_message (HEADER *cur)
{
if (cur->security & GOODSIGN)
{
- if (!crypt_smime_verify_sender(cur))
+ if (option(OPTSMIMENOSENDER) || !crypt_smime_verify_sender(cur))
mutt_message ( _("S/MIME signature successfully verified."));
else
mutt_error ( _("S/MIME certificate owner does not match sender."));
--- contrib/smime.rc.orig 2016-10-08 19:30:21 UTC
+++ contrib/smime.rc
@@ -8,7 +8,10 @@ set smime_is_default
# Uncomment this if you don't want to set labels for certificates you add.
# unset smime_ask_cert_label
-
+
+# Uncomment this if you don't want to check for sender's email address
+# set smime_dont_check_sender = yes
+
# Passphrase expiration
set smime_timeout=300
--- init.h.orig 2016-10-08 19:35:50 UTC
+++ init.h
@@ -2946,6 +2946,15 @@ struct option_t MuttVars[] = {
** alongside the documentation.
** (S/MIME only)
*/
+ { "smime_dont_check_sender", DT_BOOL, R_NONE, OPTSMIMENOSENDER, 0 },
+ /*
+ ** .pp
+ ** This flag controls wether you want the skip the check for the sender's
+ ** email address against the email address stored in the certificate.
+ ** This can be useful if most of your email senders use SMIMEv3 which no
+ ** longer needs email-addresses as part of the certificates.
+ ** It is not set by default.
+ */
{ "smime_decrypt_use_default_key", DT_BOOL, R_NONE, OPTSDEFAULTDECRYPTKEY, 1 },
/*
** .pp
--- mutt.h.orig 2016-10-08 19:30:21 UTC
+++ mutt.h
@@ -486,6 +486,7 @@ enum
OPTCRYPTTIMESTAMP,
OPTSMIMEISDEFAULT,
OPTASKCERTLABEL,
+ OPTSMIMENOSENDER,
OPTSDEFAULTDECRYPTKEY,
OPTPGPIGNORESUB,
OPTPGPCHECKEXIT,
|