From 991d4bf68c7242dfb94f6d276c23749afc8c956d Mon Sep 17 00:00:00 2001 From: Maximilian Bosch Date: Thu, 22 Nov 2018 21:29:14 +0100 Subject: [PATCH] mutt/neomutt: work around S/MIME issues with `application/pgp-encrypted` The original issue can be reproduced when sending with an unpatched `mutt` or `neomutt` an email with an attachement which as han `.asc` extension. This will be interpreted as `application/pgp-encrypted` which experiences special logic, in the end the attachement will contain "Version: 1"[1][2][3] Right now, there are the following issues in the {,neo}mutt packages: * `mutt.override { smimeSupport = true }` fails to build since the Debian patch results in a 404. Debian moved their packages to `salsa.debian.org`. However we can't use a versioned URL for this as Debian only tracks the Mutt versions that are available in their releases. The patch doesn't touch Mutt's core and is therefore simple to rebase, so sticking to the 1.10.2 patch for now should be sufficient. * The original issue was never fixed in NeoMutt, currently we use the S/MIME database from `pkgs.mime-types` which contains the issue with `application/pgp-encrypted` as well. After some discussion[4] it seems to be the best decision to use the `mailcap` database distributed by Fedora[5] which fixes the issue rather than `mime-types` v9 from 2012. [1] https://bugs.archlinux.org/task/43319 [2] https://bugs.gentoo.org/534658 [3] https://github.com/neomutt/neomutt/blob/neomutt-20180716/sendlib.c#L490-L496 [4] https://github.com/NixOS/nixpkgs/pull/50927#issuecomment-441383260 [5] https://pagure.io/mailcap --- pkgs/applications/networking/mailreaders/mutt/default.nix | 4 ++-- .../networking/mailreaders/neomutt/default.nix | 8 +++++--- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/pkgs/applications/networking/mailreaders/mutt/default.nix b/pkgs/applications/networking/mailreaders/mutt/default.nix index f2c097a43752a..cb0b8c8f5b792 100644 --- a/pkgs/applications/networking/mailreaders/mutt/default.nix +++ b/pkgs/applications/networking/mailreaders/mutt/default.nix @@ -35,8 +35,8 @@ stdenv.mkDerivation rec { }; patches = optional smimeSupport (fetchpatch { - url = "https://sources.debian.net/src/mutt/1.7.2-1/debian/patches/misc/smime.rc.patch"; - sha256 = "0mdqa9w1p6cmli6976v4wi0sw9r4p5prkj7lzfd1877wk11c9c73"; + url = "https://salsa.debian.org/mutt-team/mutt/raw/debian/1.10.1-2/debian/patches/misc/smime.rc.patch"; + sha256 = "1rl27qqwl4nw321ll5jcvfmkmz4fkvcsh5vihjcrhzzyf6vz8wmj"; }); buildInputs = diff --git a/pkgs/applications/networking/mailreaders/neomutt/default.nix b/pkgs/applications/networking/mailreaders/neomutt/default.nix index f082c241a64c1..a8c322b42b831 100644 --- a/pkgs/applications/networking/mailreaders/neomutt/default.nix +++ b/pkgs/applications/networking/mailreaders/neomutt/default.nix @@ -1,6 +1,7 @@ { stdenv, fetchFromGitHub, gettext, makeWrapper, tcl, which, writeScript , ncurses, perl , cyrus_sasl, gss, gpgme, kerberos, libidn, libxml2, notmuch, openssl -, lmdb, libxslt, docbook_xsl, docbook_xml_dtd_42, mime-types }: +, lmdb, libxslt, docbook_xsl, docbook_xml_dtd_42, mailcap +}: let muttWrapper = writeScript "mutt" '' @@ -28,7 +29,7 @@ in stdenv.mkDerivation rec { buildInputs = [ cyrus_sasl gss gpgme kerberos libidn ncurses notmuch openssl perl lmdb - mime-types + mailcap ]; nativeBuildInputs = [ @@ -47,10 +48,11 @@ in stdenv.mkDerivation rec { --replace http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd ${docbook_xml_dtd_42}/xml/dtd/docbook/docbookx.dtd done + # allow neomutt to map attachments to their proper mime.types if specified wrongly # and use a far more comprehensive list than the one shipped with neomutt substituteInPlace sendlib.c \ - --replace /etc/mime.types ${mime-types}/etc/mime.types + --replace /etc/mime.types ${mailcap}/etc/mime.types # The string conversion tests all fail with the first version of neomutt # that has tests (20180223) as well as 20180716 so we disable them for now.