Re: notmuch and "mute" -- useful to anyone?

[notmuch-archives.git] / 24 / 0a0a99ed18ae9ff3953a309966686585c8ca93

Return-Path: <dan.bryant@jhuapl.edu>\r
X-Original-To: notmuch@notmuchmail.org\r
Delivered-To: notmuch@notmuchmail.org\r
Received: from localhost (localhost [127.0.0.1])\r
        by olra.theworths.org (Postfix) with ESMTP id 17C3D431FBF\r
        for <notmuch@notmuchmail.org>; Mon,  9 Jul 2012 11:33:26 -0700 (PDT)\r
X-Virus-Scanned: Debian amavisd-new at olra.theworths.org\r
X-Spam-Flag: NO\r
X-Spam-Score: -2.3\r
X-Spam-Level: \r
X-Spam-Status: No, score=-2.3 tagged_above=-999 required=5\r
        tests=[RCVD_IN_DNSWL_MED=-2.3] autolearn=disabled\r
Received: from olra.theworths.org ([127.0.0.1])\r
        by localhost (olra.theworths.org [127.0.0.1]) (amavisd-new, port 10024)\r
        with ESMTP id mKsxC2Drg-xr for <notmuch@notmuchmail.org>;\r
        Mon,  9 Jul 2012 11:33:24 -0700 (PDT)\r
Received: from jhuapl.edu (piper.jhuapl.edu [128.244.251.37])\r
        (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))\r
        (No client certificate requested)\r
        by olra.theworths.org (Postfix) with ESMTPS id E7CB1431FAE\r
        for <notmuch@notmuchmail.org>; Mon,  9 Jul 2012 11:33:23 -0700 (PDT)\r
Received: from ([128.244.198.90])\r
        by piper.jhuapl.edu with ESMTP with TLS id 5Y8HCH1.139907146;\r
        Mon, 09 Jul 2012 14:33:18 -0400\r
Received: from aplesrepublic.dom1.jhuapl.edu ([128.244.198.191]) by\r
        aplexcas1.dom1.jhuapl.edu ([128.244.198.90]) with mapi; Mon, 9 Jul 2012\r
        14:33:17 -0400\r
From: "Bryant, Daniel B." <Dan.Bryant@jhuapl.edu>\r
To: 'Jameson Graef Rollins' <jrollins@finestructure.net>, Notmuch Mail\r
        <notmuch@notmuchmail.org>\r
Date: Mon, 9 Jul 2012 14:33:17 -0400\r
Subject: RE: S/MIME support\r
Thread-Topic: S/MIME support\r
Thread-Index: Ac1WJpG3cF0T/3SwRbaWe/RvL0uQfAH1xQaQ\r
Message-ID:\r
 <24CAA033F4DBCD4DB53CBFB11AEF037C1044F0566F@aplesrepublic.dom1.jhuapl.edu>\r
References: <1340995101-9616-1-git-send-email-jrollins@finestructure.net>\r
In-Reply-To: <1340995101-9616-1-git-send-email-jrollins@finestructure.net>\r
Accept-Language: en-US\r
Content-Language: en-US\r
X-MS-Has-Attach: \r
X-MS-TNEF-Correlator: \r
acceptlanguage: en-US\r
Content-Type: text/plain; charset="us-ascii"\r
Content-Transfer-Encoding: quoted-printable\r
MIME-Version: 1.0\r
X-BeenThere: notmuch@notmuchmail.org\r
X-Mailman-Version: 2.1.13\r
Precedence: list\r
List-Id: "Use and development of the notmuch mail system."\r
        <notmuch.notmuchmail.org>\r
List-Unsubscribe: <http://notmuchmail.org/mailman/options/notmuch>,\r
        <mailto:notmuch-request@notmuchmail.org?subject=unsubscribe>\r
List-Archive: <http://notmuchmail.org/pipermail/notmuch>\r
List-Post: <mailto:notmuch@notmuchmail.org>\r
List-Help: <mailto:notmuch-request@notmuchmail.org?subject=help>\r
List-Subscribe: <http://notmuchmail.org/mailman/listinfo/notmuch>,\r
        <mailto:notmuch-request@notmuchmail.org?subject=subscribe>\r
X-List-Received-Date: Mon, 09 Jul 2012 18:33:26 -0000\r
\r
Jamie,\r
\r
I was able to get signature verification working with your patchset (with a=\r
 caveat) but not decryption.\r
\r
Signature Verification\r
----------------------\r
\r
The caveat is that GMime is still borked with handling signatures with cont=\r
ent type application/x-pkcs7-signature (vs. application/pkcs7-signature, wh=\r
ich works fine). This is upstream GNOME bug #674032 that was supposed to ha=\r
ve been fixed in GMime 2.6.9, but that original fix is also broken.\r
\r
One possible workaround is to twiddle the content-type of the signature par=\r
t (and the corresponding protocol in the multipart/signed part). I implemen=\r
ted this by looping over each message part in mime_node_open() and modifyin=\r
g as necessary using the following logic:\r
\r
\r
    GMimeContentType *content_type =3D g_mime_object_get_content_type (part=\r
);\r
\r
    const char *subtype =3D g_mime_content_type_get_media_subtype (content_=\r
type);\r
    const char *protocol =3D g_mime_content_type_get_parameter (content_typ=\r
e, "protocol");\r
\r
    if (!strcmp(subtype, "x-pkcs7-signature")) {\r
        g_mime_content_type_set_media_subtype (content_type, "pkcs7-signatu=\r
re");\r
    }\r
\r
    if (protocol && !strcmp(protocol, "application/x-pkcs7-signature")) {\r
        g_mime_content_type_set_parameter (content_type, "protocol","applic=\r
ation/pkcs7-signature");\r
    }   =20\r
\r
\r
Decryption\r
----------\r
\r
All of my S/MIME encrypted mail consists of single part messages with conte=\r
nt-type "application/x-pkcs7-mime". These conform to RFC3851, section 3.3/3=\r
.4. (sample messages are included in the RFC as well). This fails to be dec=\r
rypted by notmuch because the mime node traversal code assumes that every e=\r
ncrypted message is multipart/encrypted, which appears to only be true for =\r
PGP/MIME.\r
\r
\r
Dan\r
\r
\r
\r
-----Original Message-----\r
From: notmuch-bounces@notmuchmail.org [mailto:notmuch-bounces@notmuchmail.o=\r
rg] On Behalf Of Jameson Graef Rollins\r
Sent: Friday, June 29, 2012 2:38 PM\r
To: Notmuch Mail\r
Subject: S/MIME support\r
\r
Hey, folks.  This patch adds S/MIME support to notmuch-show.  It's\r
pretty simple, now that the crypto rework [0] is complete.\r
\r
I was going to wait to submit this patch until we had a test suite\r
(ehem, dkg!), but seeing as there has been some other interest\r
expressed in seeing this feature I'm going to go ahead and send it to\r
the list in the hopes that it might spur development of the needed\r
tests.\r
\r
jamie.\r
\r
[0] id:"1338057946-29209-2-git-send-email-jrollins@finestructure.net"\r
\r
_______________________________________________\r
notmuch mailing list\r
notmuch@notmuchmail.org\r
http://notmuchmail.org/mailman/listinfo/notmuch\r