master 7518596: Query for the signer when sending signed mail (with unknown signer)

[Lars Ingebrigtsen]

branch: master
commit 75185968578cbbd806274d9dfd984aff7a1b02c9
Author: Robert Pluim <rpluim@gmail.com>
Commit: Lars Ingebrigtsen <larsi@gnus.org>

    Query for the signer when sending signed mail (with unknown signer)
    
    * lisp/gnus/mml-sec.el (mml-secure-sender-sign-query): New
    function (bug#40118).
    (mml-secure-epg-sign): Use it to determine the signer (bug#40118).
    
    * lisp/gnus/mml-sec.el
    (mml-secure-allow-signing-with-unknown-recipient): Remove.
---
 lisp/gnus/mml-sec.el            | 67 +++++++++++++++++++++++++++++++++--------
 test/lisp/gnus/mml-sec-tests.el |  1 -
 2 files changed, 55 insertions(+), 13 deletions(-)

diff --git a/lisp/gnus/mml-sec.el b/lisp/gnus/mml-sec.el
index 69852c3..0a84206 100644
--- a/lisp/gnus/mml-sec.el
+++ b/lisp/gnus/mml-sec.el
@@ -938,9 +938,47 @@ If no one is selected, symmetric encryption will be 
performed.  "
        (signal (car error) (cdr error))))
     cipher))
 
-;; Should probably be removed and the interface should be different.
-(defvar mml-secure-allow-signing-with-unknown-recipient nil
-  "Variable to bind to allow automatic recipient selection.")
+(defun mml-secure-sender-sign-query (protocol sender)
+  "Query whether to use SENDER to sign when using PROTOCOL.
+PROTOCOL will be `OpenPGP' or `CMS' (smime).
+This can also save the resulting value of
+`mml-secure-smime-sign-with-sender' or
+`mml-secure-openpgp-sign-with-sender' via Customize.
+Returns non-nil if the user has chosen to use SENDER."
+  (let ((buffer (get-buffer-create "*MML sender signing options*"))
+        (options '((?a "always" "Sign using this sender now and sign with 
message sender in future.")
+                   (?s "session only" "Sign using this sender now, and sign 
with message sender for this session only.")
+                   (?n "no" "Do not sign this message (and error out)")))
+        answer done val)
+    (save-window-excursion
+      (pop-to-buffer buffer)
+      (erase-buffer)
+      (insert (format "No %s signing key was found for this message.\nThe 
sender of this message is \"%s\".\nWould you like to attempt looking up a 
signing key based on it?"
+                      (if (eq protocol 'OpenPGP)
+                          "openpgp" "smime")
+                      sender))
+      (while (not done)
+        (setq answer (read-multiple-choice "Sign this message using the 
sender?" options))
+        (cl-case (car answer)
+          (?a
+           (if (eq protocol 'OpenPGP)
+               (progn
+                 (setq mml-secure-openpgp-sign-with-sender t)
+                 (customize-save-variable
+                 'mml-secure-openpgp-sign-with-sender t))
+             (setq mml-secure-smime-sign-with-sender t)
+             (customize-save-variable 'mml-secure-smime-sign-with-sender t))
+           (setq done t
+                 val t))
+          (?s
+           (if (eq protocol 'OpenPGP)
+               (setq mml-secure-openpgp-sign-with-sender t)
+             (setq mml-secure-smime-sign-with-sender t))
+           (setq done t
+                 val t))
+          (?n
+           (setq done t)))))
+    val))
 
 (defun mml-secure-epg-sign (protocol mode)
   ;; Based on code appearing inside mml2015-epg-sign.
@@ -950,15 +988,20 @@ If no one is selected, symmetric encryption will be 
performed.  "
         (signers (mml-secure-signers context signer-names))
         signature micalg)
     (unless signers
-      (let ((maybe-msg
-             (if mml-secure-smime-sign-with-sender
-                 "."
-               "; try setting `mml-secure-smime-sign-with-sender'.")))
-        ;; If `mml-secure-smime-sign-with-sender' is already non-nil
-        ;; then there's no point advising the user to examine it.  If
-        ;; there are any other variables worth examining, please
-        ;; improve this error message by having it mention them.
-       (unless mml-secure-allow-signing-with-unknown-recipient
+      (if (mml-secure-sender-sign-query protocol sender)
+          (setq signer-names (mml-secure-signer-names protocol sender)
+                signers (mml-secure-signers context signer-names)))
+      (unless signers
+        (let ((maybe-msg
+               (if (or mml-secure-smime-sign-with-sender
+                       mml-secure-openpgp-sign-with-sender)
+                   "."
+                 "; try setting `mml-secure-smime-sign-with-sender' or 
'mml-secure-openpgp-sign-with-sender'.")))
+          ;; If `mml-secure-smime-sign-with-sender' or
+          ;; `mml-secure-openpgp-sign-with-sender' are already non-nil
+          ;; then there's no point advising the user to examine them.
+          ;; If there are any other variables worth examining, please
+          ;; improve this error message by having it mention them.
           (error "Couldn't find any signer names%s" maybe-msg))))
     (when (eq 'OpenPGP protocol)
       (setf (epg-context-armor context) t)
diff --git a/test/lisp/gnus/mml-sec-tests.el b/test/lisp/gnus/mml-sec-tests.el
index 4c745ea..51083ac 100644
--- a/test/lisp/gnus/mml-sec-tests.el
+++ b/test/lisp/gnus/mml-sec-tests.el
@@ -67,7 +67,6 @@ instead of gpg-agent."
        (condition-case error
            (let ((epg-gpg-home-directory
                    (expand-file-name "test/data/mml-sec" source-directory))
-                  (mml-secure-allow-signing-with-unknown-recipient t)
                  (mml-smime-use 'epg)
                  ;; Create debug output in empty epg-debug-buffer.
                  (epg-debug t)