Confusing wrong Autocrypt error message
Under the following conditions
- Balsa is compiled with Autocrypt support,
- no identity has Autocrypt enabled,
- a new GnuPG signed message for which the public key is not present in the key ring is received, and
- the message includes a valid Autocrypt: header
Balsa emits the (wrong) message
The message contains an Autocrypt header, but it is either broken
or the signature has been created using a different key.
In detail, the following happens:
-
libbalsa_message_headers_from_gmime()
remembers that the message includes a valid Autocrypt: header; -
balsa_message_set()
callsautocrypt_from_message()
iff the message is new and at least one identity has Autocrypt support enabled. This function imports the information from the Autocrypt: header into the Autocrypt database; -
balsa_mime_widget_signature_widget()
tries to read Autocrypt information from the database which is not present asautocrypt_from_message()
has not been called in the previous step. But as in step 1 the header has been detected, it emits the confusing error message.
IMHO, we have two options:
- either we just remove the check in step 2., i.e. we always import Autocrypt data into the database, even if no identity is configured to use it, or
- in step 3. we simply suppress the message if no identity uses Autocrypt.
I am inclined to implement the first solution, as this would still offer to import the key extracted from the Autocrypt: header into the database and would warn if the header is really broken (and it's easier – just remove a few lines of code…).
Opinions?