From 7067d9be35e2177e6b891ede1db93f9af6c7e234 Mon Sep 17 00:00:00 2001
From: Jens Lechtenboerger <jens.lechtenboerger@fsfe.org>
Date: Thu, 17 Dec 2015 17:29:56 +0100
Subject: [PATCH] Apply patch by Katsumi Yamaoka  <yamaoka@jpl.org>

---
 lisp/ChangeLog    | 103 ++++++++++++++++++++++++++++++++++++++++++++++
 lisp/mml-sec.el   |  43 +++++++++----------
 lisp/mml-smime.el |   4 +-
 lisp/mml1991.el   |   4 +-
 lisp/mml2015.el   |   4 +-
 texi/ChangeLog    |   7 ++++
 6 files changed, 138 insertions(+), 27 deletions(-)

diff --git a/lisp/ChangeLog b/lisp/ChangeLog
index da75f8036..a069e7553 100644
--- a/lisp/ChangeLog
+++ b/lisp/ChangeLog
@@ -30,6 +30,109 @@
 	* dgnushack.el (byte-optimize-apply): Make the use-mapcan advice work
 	for (function nconc) as well as (quote nconc).
 
+2015-12-16  Katsumi Yamaoka  <yamaoka@jpl.org>
+
+	* mml-sec.el (mml-secure-smime-sign-with-sender): Remove duplicate.
+	(mml-secure-cust-record-keys): Use gnus-union instead of cl-union.
+	(mml1991-cache-passphrase, mml1991-passphrase-cache-expiry):
+	Suppress byte-compile warning for old (X)Emacsen.
+	(mml-secure-check-sub-key):
+	Use gnus-string-match-p instead of string-match-p.
+	(mml-secure-select-preferred-keys):
+	Don't use mapcan that is a cl runtime function.
+
+	* mml-smime.el (mml-smime-cache-passphrase)
+	(mml-smime-passphrase-cache-expiry):
+	* mml1991.el (mml1991-cache-passphrase)
+	(mml1991-passphrase-cache-expiry):
+	* mml2015.el (mml2015-cache-passphrase)
+	(mml2015-passphrase-cache-expiry):
+	Fix version that indicates when those variables were made obsolete.
+
+2015-12-13  Jens Lechtenboerger  <jens.lechtenboerger@fsfe.org>
+
+	Refactor mml-smime.el, mml1991.el, mml2015.el
+
+	Cf. discussion on ding mailing list, messages in
+	<http://thread.gmane.org/gmane.emacs.gnus.general/86228>.
+	Common code from the three files mml-smime.el, mml1991.el, and
+	mml2015.el is moved to mml-sec.el.  Auxiliary functions are added
+	to gnus-util.el.
+
+	The code is supported by test cases with necessary test keys.
+
+	Documentation in message.texi is updated.
+
+	* gnus-util.el (gnus-test-list, gnus-subsetp, gnus-setdiff):
+	New functions.
+
+	* mml-sec.el: Require gnus-util and epg.
+	(epa--select-keys): Autoload.
+	(mml-signencrypt-style-alist, mml-secure-cache-passphrase): Doc fix.
+	(mml-secure-openpgp-signers): New user option;
+	make mml1991-signers and mml2015-signers obsolete aliases to it.
+	(mml-secure-smime-signers): New user option;
+	make mml-smime-signers an obsolete alias to it.
+	(mml-secure-openpgp-encrypt-to-self): New user option;
+	make mml1991-encrypt-to-self and mml2015-encrypt-to-self obsolete
+	aliases to it.
+	(mml-secure-smime-encrypt-to-self): New user option;
+	make mml-smime-encrypt-to-self an obsolete alias to it.
+	(mml-secure-openpgp-sign-with-sender): New user option;
+	make mml2015-sign-with-sender an obsolete alias to it.
+	(mml-secure-smime-sign-with-sender): New user option;
+	make mml-smime-sign-with-sender an obsolete alias to it.
+	(mml-secure-openpgp-always-trust): New user option;
+	make mml2015-always-trust an obsolete alias to it.
+	(mml-secure-fail-when-key-problem, mml-secure-key-preferences):
+	New user options.
+	(mml-secure-cust-usage-lookup, mml-secure-cust-fpr-lookup)
+	(mml-secure-cust-record-keys, mml-secure-cust-remove-keys)
+	(mml-secure-add-secret-key-id, mml-secure-clear-secret-key-id-list)
+	(mml-secure-cache-passphrase-p, mml-secure-cache-expiry-interval)
+	(mml-secure-passphrase-callback, mml-secure-check-user-id)
+	(mml-secure-secret-key-exists-p, mml-secure-check-sub-key)
+	(mml-secure-find-usable-keys, mml-secure-select-preferred-keys)
+	(mml-secure-fingerprint, mml-secure-filter-keys)
+	(mml-secure-normalize-cust-name, mml-secure-select-keys)
+	(mml-secure-select-keys-1, mml-secure-signer-names, mml-secure-signers)
+	(mml-secure-self-recipients, mml-secure-recipients)
+	(mml-secure-epg-encrypt, mml-secure-epg-sign): New functions.
+
+	* mml-smime.el: Require epg;
+	refactor declaration and autoloading of epg functions.
+	(mml-smime-use): Doc fix.
+	(mml-smime-cache-passphrase, mml-smime-passphrase-cache-expiry):
+	Obsolete.
+	(mml-smime-get-dns-cert, mml-smime-get-ldap-cert):
+	Use format instead of gnus-format-message.
+	(mml-smime-epg-secret-key-id-list): Remove variable.
+	(mml-smime-epg-passphrase-callback, mml-smime-epg-find-usable-key)
+	(mml-smime-epg-find-usable-secret-key): Remove functions.
+	(mml-smime-epg-sign, mml-smime-epg-encrypt): Refactor.
+
+	* mml1991.el (mml1991-cache-passphrase)
+	(mml1991-passphrase-cache-expiry): Obsolete.
+	(mml1991-epg-secret-key-id-list): Remove variable.
+	(mml1991-epg-passphrase-callback, mml1991-epg-find-usable-key)
+	(mml1991-epg-find-usable-secret-key): Remove functions.
+	(mml1991-epg-sign, mml1991-epg-encrypt): Refactor.
+
+	* mml2015.el (mml2015-cache-passphrase)
+	(mml2015-passphrase-cache-expiry): Obsolete.
+	(mml2015-epg-secret-key-id-list): Remove variable.
+	(mml2015-epg-passphrase-callback, mml2015-epg-check-user-id)
+	(mml2015-epg-check-sub-key, mml2015-epg-find-usable-key)
+	(mml2015-epg-find-usable-secret-key): Remove functions.
+	(mml2015-epg-decrypt, mml2015-epg-clear-decrypt, mml2015-epg-sign)
+	(mml2015-epg-encrypt): Refactor.
+
+	* tests/gnustest-gnus-util.el:
+	* tests/gnustest-mml-sec.README:
+	* tests/gnustest-mml-sec.el:
+	* tests/mml-gpghome/gpg-agent.conf:
+	* tests/mml-gpghome/trustlist.txt: New files.
+
 2015-12-04  Daiki Ueno  <ueno@gnu.org>
 
 	* qp.el (quoted-printable-encode-region): Bind `case-fold-search' to
diff --git a/lisp/mml-sec.el b/lisp/mml-sec.el
index f5bfcecca..f526e058c 100644
--- a/lisp/mml-sec.el
+++ b/lisp/mml-sec.el
@@ -502,10 +502,6 @@ https://debbugs.gnu.org/cgi/bugreport.cgi?bug=18718"
   :group 'mime-security
   :type 'boolean)
 
-(defcustom mml-secure-smime-sign-with-sender nil
-  "If t, use message sender to find an S/MIME key to sign with."
-  :group 'mime-security
-  :type 'boolean)
 (define-obsolete-variable-alias
   'mml2015-always-trust 'mml-secure-openpgp-always-trust)
 ;mml1991-always-trust did never exist.
@@ -554,7 +550,7 @@ Return keys."
   (let* ((usage-prefs (mml-secure-cust-usage-lookup context usage))
 	 (curr-fprs (cdr (assoc name (cdr usage-prefs))))
 	 (key-fprs (mapcar 'mml-secure-fingerprint keys))
-	 (new-fprs (cl-union curr-fprs key-fprs :test 'equal)))
+	 (new-fprs (gnus-union curr-fprs key-fprs)))
     (if curr-fprs
 	(setcdr (assoc name (cdr usage-prefs)) new-fprs)
       (setcdr usage-prefs (cons (cons name new-fprs) (cdr usage-prefs))))
@@ -586,6 +582,9 @@ Return t if a customization for NAME was present (and has been removed)."
     (password-cache-remove key-id))
   (setq mml-secure-secret-key-id-list nil))
 
+(defvar mml1991-cache-passphrase)
+(defvar mml1991-passphrase-cache-expiry)
+
 (defun mml-secure-cache-passphrase-p (protocol)
   "Return t if OpenPGP or S/MIME passphrases should be cached for PROTOCOL.
 Passphrase caching in Emacs is NOT recommended.  Use gpg-agent instead."
@@ -698,9 +697,9 @@ be present in the keyring."
 		       ;; In contrast, signing requires secret key.
 		       (mml-secure-secret-key-exists-p context subkey))
 		   (or (not fingerprint)
-		       (string-match-p (concat fingerprint "$") fpr)
-		       (string-match-p (concat fingerprint "$")
-				       (epg-sub-key-fingerprint subkey))))
+		       (gnus-string-match-p (concat fingerprint "$") fpr)
+		       (gnus-string-match-p (concat fingerprint "$")
+					    (epg-sub-key-fingerprint subkey))))
 	      (throw 'break t)))))))
 
 (defun mml-secure-find-usable-keys (context name usage &optional justone)
@@ -740,19 +739,21 @@ When `mml-secure-fail-when-key-problem' is t, fail with an error in
 case of missing, outdated, or multiple keys."
   ;; Loosely based on code appearing inside mml2015-epg-sign and
   ;; mml2015-epg-encrypt.
-  (mapcan
-   (lambda (name)
-     (let* ((keys (mml-secure-find-usable-keys context name usage))
-	    (keyno (length keys)))
-       (cond ((= 0 keyno)
-	      (when (or mml-secure-fail-when-key-problem
-			(not (y-or-n-p
-			      (format "No %s key for %s; skip it? "
-				      usage name))))
-		(error "No %s key for %s" usage name)))
-	     ((= 1 keyno) keys)
-	     (t (mml-secure-select-keys context name keys usage)))))
-   names))
+  (apply
+   #'nconc
+   (mapcar
+    (lambda (name)
+      (let* ((keys (mml-secure-find-usable-keys context name usage))
+	     (keyno (length keys)))
+	(cond ((= 0 keyno)
+	       (when (or mml-secure-fail-when-key-problem
+			 (not (y-or-n-p
+			       (format "No %s key for %s; skip it? "
+				       usage name))))
+		 (error "No %s key for %s" usage name)))
+	      ((= 1 keyno) keys)
+	      (t (mml-secure-select-keys context name keys usage)))))
+    names)))
 
 (defun mml-secure-fingerprint (key)
   "Return fingerprint for public KEY."
diff --git a/lisp/mml-smime.el b/lisp/mml-smime.el
index b9f4a542f..a40595ecb 100644
--- a/lisp/mml-smime.el
+++ b/lisp/mml-smime.el
@@ -67,7 +67,7 @@ for the `smime' command coming with OpenSSL first.  EasyPG is recommended."
   :type 'boolean)
 (make-obsolete-variable 'mml-smime-cache-passphrase
 			'mml-secure-cache-passphrase
-			"25.0.50")
+			"25.1")
 
 (defcustom mml-smime-passphrase-cache-expiry mml-secure-passphrase-cache-expiry
   "How many seconds the passphrase is cached.
@@ -77,7 +77,7 @@ Whether the passphrase is cached at all is controlled by
   :type 'integer)
 (make-obsolete-variable 'mml-smime-passphrase-cache-expiry
 			'mml-secure-passphrase-cache-expiry
-			"25.0.50")
+			"25.1")
 
 (defcustom mml-smime-signers nil
   "A list of your own key ID which will be used to sign a message."
diff --git a/lisp/mml1991.el b/lisp/mml1991.el
index aa514425c..bb5c940f1 100644
--- a/lisp/mml1991.el
+++ b/lisp/mml1991.el
@@ -65,7 +65,7 @@
   "If t, cache passphrase.")
 (make-obsolete-variable 'mml1991-cache-passphrase
 			'mml-secure-cache-passphrase
-			"25.0.50")
+			"25.1")
 
 (defvar mml1991-passphrase-cache-expiry mml-secure-passphrase-cache-expiry
   "How many seconds the passphrase is cached.
@@ -73,7 +73,7 @@ Whether the passphrase is cached at all is controlled by
 `mml1991-cache-passphrase'.")
 (make-obsolete-variable 'mml1991-passphrase-cache-expiry
 			'mml-secure-passphrase-cache-expiry
-			"25.0.50")
+			"25.1")
 
 (defvar mml1991-signers nil
   "A list of your own key ID which will be used to sign a message.")
diff --git a/lisp/mml2015.el b/lisp/mml2015.el
index 136ed808f..e2e997718 100644
--- a/lisp/mml2015.el
+++ b/lisp/mml2015.el
@@ -113,7 +113,7 @@ Valid packages include `epg', `pgg' and `mailcrypt'.")
   :type 'boolean)
 (make-obsolete-variable 'mml2015-cache-passphrase
 			'mml-secure-cache-passphrase
-			"25.0.50")
+			"25.1")
 
 (defcustom mml2015-passphrase-cache-expiry mml-secure-passphrase-cache-expiry
   "How many seconds the passphrase is cached.
@@ -123,7 +123,7 @@ Whether the passphrase is cached at all is controlled by
   :type 'integer)
 (make-obsolete-variable 'mml2015-passphrase-cache-expiry
 			'mml-secure-passphrase-cache-expiry
-			"25.0.50")
+			"25.1")
 
 (defcustom mml2015-signers nil
   "A list of your own key ID(s) which will be used to sign a message.
diff --git a/texi/ChangeLog b/texi/ChangeLog
index 34985ea09..65ba0e5be 100644
--- a/texi/ChangeLog
+++ b/texi/ChangeLog
@@ -1,3 +1,10 @@
+2015-12-13  Jens Lechtenboerger  <jens.lechtenboerger@fsfe.org>
+
+	* message.texi (Security, Using S/MIME):
+	Update for refactoring mml-smime.el, mml1991.el, mml2015.el.
+	(Using OpenPGP): Rename from "Using PGP/MIME"; update contents.
+	(Passphrase caching, Encrypt-to-self, Bcc Warning): New sections.
+
 2015-09-16  Paul Eggert  <eggert@cs.ucla.edu>
 
 	* gnus-faq.texi (FAQ 5-8):
-- 
2.25.1