#455 Sign Button indicates wrong status on recipient rules

[allo]

Steps to reproduce:

• Set "sign all mails" in your account settings
• create recipient rule for not signing for a specified recipient
• click reply on some message of the recipient

The button now idicates "sign because of encryption modus (incorrect), but the mail will not be signed (correct).

I guess for people with sign/encryption rules the other way round this will be a serious security problem.

[Patrick Brunschwig]

Could you please try the following beta version:
https://www.enigmail.net/download/beta/enigmail-1.8.2-pre.xpi

and let me know if this fixes the issue?

[allo]

It's still broken.
But the first time after a fresh start of firefox, the status is okay, when i click reply. When i close the composing window and click reply again, sign is checked, while the rule is still disabling signing.

[Ludwig Hügelschäfer]

I can not reproduce this. Are "sign non-encrypted messages" and "sign encrypted messages" checked or not checked in your account settings?

[allo]

user_pref("extensions.enigmail.advancedUser", true);
user_pref("extensions.enigmail.autoSendEncrypted", 0);
user_pref("extensions.enigmail.composeHtmlAlertCount", 0);
user_pref("extensions.enigmail.configuredVersion", "1.8.2pre");
user_pref("extensions.enigmail.confirmBeforeSending", 2);
user_pref("extensions.enigmail.displaySignWarn", false);
user_pref("extensions.enigmail.encryptionModel", 1);
user_pref("extensions.enigmail.maxIdleMinutes", 10);
user_pref("extensions.enigmail.saveEncrypted", 1);
user_pref("extensions.enigmail.warnGpgAgentAndIdleTime", false);

are all "enigmail" settings in prefs.js

[allo]

<pgprulelist><pgprule email="{some@user.com}" keyid="" sign="0" encrypt="0" pgpmime="0" negaterule="0">
</pgprule></pgprulelist>

[Ludwig Hügelschäfer]

Ok, thanks. Additionally, I need the per-account preferences. Replace the ".default." in documentation by the suitable identity, e.g. ".id1.".

[allo]

user_pref("mail.identity.id2.attachPgpKey", false);
user_pref("mail.identity.id2.attach_signature", false);
user_pref("mail.identity.id2.attach_vcard", false);
user_pref("mail.identity.id2.autoEncryptDrafts", true);
user_pref("mail.identity.id2.auto_quote", true);
user_pref("mail.identity.id2.compose_html", false);
user_pref("mail.identity.id2.defaultEncryptionPolicy", 0);
user_pref("mail.identity.id2.defaultSigningPolicy", 1);
user_pref("mail.identity.id2.doBcc", false);
user_pref("mail.identity.id2.doCc", false);
user_pref("mail.identity.id2.enablePgp", true);
user_pref("mail.identity.id2.encryptionpolicy", 0);
user_pref("mail.identity.id2.escapedVCard", "null");
user_pref("mail.identity.id2.openPgpHeaderMode", 0);
user_pref("mail.identity.id2.overrideGlobal_Pref", false);
user_pref("mail.identity.id2.pgpKeyMode", 1);
user_pref("mail.identity.id2.pgpMimeMode", true);
user_pref("mail.identity.id2.pgpSignEncrypted", false);
user_pref("mail.identity.id2.pgpSignPlain", false);
user_pref("mail.identity.id2.pgpkeyId", "0xXXXXXXXX"); // why is this a short id?
user_pref("mail.identity.id2.sig_bottom", true);
user_pref("mail.identity.id2.sig_date", 0);
user_pref("mail.identity.id2.sig_on_fwd", false);
user_pref("mail.identity.id2.sig_on_reply", true);
user_pref("mail.identity.id2.sign_mail", false);
user_pref("mail.identity.id2.smtpServer", "smtp1");
user_pref("mail.identity.id2.valid", true);

[Ludwig Hügelschäfer]

On 28.03.15 16:30, allo wrote:

user_pref("mail.identity.id2.pgpSignEncrypted", false);
user_pref("mail.identity.id2.pgpSignPlain", false);

Ok, in this case, the PRR should control signing.

user_pref("mail.identity.id2.pgpkeyId", "0xXXXXXXXX"); // why is
this a short id?

Because you'll never get a secret key with the same short key-Id.

Would you please create a debug log
(https://www.enigmail.net/support/bugs.php#execTrace, last section)
while sending to such a recipient. Either obfuscate personal
information before posting here or send it encrypted to ludwig at
enigmail dot net. Thanks!

[allo]

Hm, that's an argument for the id, on the other hand the long id would not hurt there. And its displayed in the UI, so the User may use the Short ID to tell others his key.

I do not get a "debugging" tab when i activate expert options. Was the option moved to somewhere else?

[Ludwig Hügelschäfer]

We're intending to switch to long key-Ids in the mid-term. Concerning debugging (Expert Mode activated):

• Open the menu Enigmail > Debugging Options > View Log.
• Click the Save Log to File ... button to save the log.

[allo]

Got it via about:config anyway.

First log:

• Start thunderbird
• Go to the folder
• Click a message
• Click reply
  (all okay)

[allo]

Second log:

• Closed Compose window
• Clicked reply again
  (No rules are evaluated according to the logfile)

I did not log sending, as the problem happens before sending.
But it's interesting, that sending respects the recipient rules and not the state of the Buttons.

[Ludwig Hügelschäfer]

I can reproduce it now.

[Ludwig Hügelschäfer]

In an incorrect case, can you please click into one of the recipient lines (TO, CC, BCC) on top? Does the icon display then refresh and show the correct state?

[allo]

Clicking the "TO" Recipient changes the button to the correct state. Did not try the other cases.

[Patrick Brunschwig]

As several things happen asynchronously in parallel, this looks like a timing issue. I implemented a workaround to re-check the flags after 1 second.