1 Return-Path: <jrollins@finestructure.net>
\r
2 X-Original-To: notmuch@notmuchmail.org
\r
3 Delivered-To: notmuch@notmuchmail.org
\r
4 Received: from localhost (localhost [127.0.0.1])
\r
5 by olra.theworths.org (Postfix) with ESMTP id 67976431FBC
\r
6 for <notmuch@notmuchmail.org>; Tue, 22 May 2012 18:44:01 -0700 (PDT)
\r
7 X-Virus-Scanned: Debian amavisd-new at olra.theworths.org
\r
11 X-Spam-Status: No, score=-2.3 tagged_above=-999 required=5
\r
12 tests=[RCVD_IN_DNSWL_MED=-2.3] autolearn=disabled
\r
13 Received: from olra.theworths.org ([127.0.0.1])
\r
14 by localhost (olra.theworths.org [127.0.0.1]) (amavisd-new, port 10024)
\r
15 with ESMTP id zhi5qs8TJyYa for <notmuch@notmuchmail.org>;
\r
16 Tue, 22 May 2012 18:43:59 -0700 (PDT)
\r
17 Received: from outgoing-mail.its.caltech.edu (outgoing-mail.its.caltech.edu
\r
19 by olra.theworths.org (Postfix) with ESMTP id B10F3431FAF
\r
20 for <notmuch@notmuchmail.org>; Tue, 22 May 2012 18:43:58 -0700 (PDT)
\r
21 Received: from fire-doxen.imss.caltech.edu (localhost [127.0.0.1])
\r
22 by fire-doxen-postvirus (Postfix) with ESMTP id 64813328042
\r
23 for <notmuch@notmuchmail.org>; Tue, 22 May 2012 18:43:57 -0700 (PDT)
\r
24 X-Spam-Scanned: at Caltech-IMSS on fire-doxen by amavisd-new
\r
25 Received: from finestructure.net (gwave-125.ligo.caltech.edu
\r
26 [131.215.114.125]) (Authenticated sender: jrollins) by fire-doxen-submit
\r
27 (Postfix) with ESMTP id 68BDD32800B for <notmuch@notmuchmail.org>; Tue, 22
\r
28 May 2012 18:43:55 -0700 (PDT)
\r
29 Received: by finestructure.net (Postfix, from userid 1000)
\r
30 id 3EE841E5; Tue, 22 May 2012 18:43:54 -0700 (PDT)
\r
31 From: Jameson Graef Rollins <jrollins@finestructure.net>
\r
32 To: Notmuch Mail <notmuch@notmuchmail.org>
\r
33 Subject: [PATCH v3 5/6] cli: new crypto verify flag to handle verification
\r
34 Date: Tue, 22 May 2012 18:43:49 -0700
\r
35 Message-Id: <1337737430-21160-6-git-send-email-jrollins@finestructure.net>
\r
36 X-Mailer: git-send-email 1.7.10
\r
37 In-Reply-To: <1337737430-21160-5-git-send-email-jrollins@finestructure.net>
\r
38 References: <1337737430-21160-1-git-send-email-jrollins@finestructure.net>
\r
39 <1337737430-21160-2-git-send-email-jrollins@finestructure.net>
\r
40 <1337737430-21160-3-git-send-email-jrollins@finestructure.net>
\r
41 <1337737430-21160-4-git-send-email-jrollins@finestructure.net>
\r
42 <1337737430-21160-5-git-send-email-jrollins@finestructure.net>
\r
43 X-BeenThere: notmuch@notmuchmail.org
\r
44 X-Mailman-Version: 2.1.13
\r
46 List-Id: "Use and development of the notmuch mail system."
\r
47 <notmuch.notmuchmail.org>
\r
48 List-Unsubscribe: <http://notmuchmail.org/mailman/options/notmuch>,
\r
49 <mailto:notmuch-request@notmuchmail.org?subject=unsubscribe>
\r
50 List-Archive: <http://notmuchmail.org/pipermail/notmuch>
\r
51 List-Post: <mailto:notmuch@notmuchmail.org>
\r
52 List-Help: <mailto:notmuch-request@notmuchmail.org?subject=help>
\r
53 List-Subscribe: <http://notmuchmail.org/mailman/listinfo/notmuch>,
\r
54 <mailto:notmuch-request@notmuchmail.org?subject=subscribe>
\r
55 X-List-Received-Date: Wed, 23 May 2012 01:44:01 -0000
\r
57 Use this flag rather than depend on the existence of an initialized
\r
58 gpgctx, to determine whether we should verify a multipart/signed. We
\r
59 will be moving to create the ctx lazily, so we don't want to depend on
\r
60 it being previously initialized if it's not needed.
\r
62 mime-node.c | 5 ++---
\r
63 notmuch-client.h | 8 ++++----
\r
64 notmuch-reply.c | 1 +
\r
65 notmuch-show.c | 14 +++++++++++---
\r
66 4 files changed, 18 insertions(+), 10 deletions(-)
\r
68 diff --git a/mime-node.c b/mime-node.c
\r
69 index a838224..73e28c5 100644
\r
72 @@ -183,8 +183,7 @@ _mime_node_create (mime_node_t *parent, GMimeObject *part)
\r
75 /* Handle PGP/MIME parts */
\r
76 - if (GMIME_IS_MULTIPART_ENCRYPTED (part)
\r
77 - && node->ctx->crypto->gpgctx && node->ctx->crypto->decrypt) {
\r
78 + if (GMIME_IS_MULTIPART_ENCRYPTED (part) && node->ctx->crypto->decrypt) {
\r
79 if (node->nchildren != 2) {
\r
80 /* this violates RFC 3156 section 4, so we won't bother with it. */
\r
81 fprintf (stderr, "Error: %d part(s) for a multipart/encrypted "
\r
82 @@ -218,7 +217,7 @@ _mime_node_create (mime_node_t *parent, GMimeObject *part)
\r
83 (err ? err->message : "no error explanation given"));
\r
86 - } else if (GMIME_IS_MULTIPART_SIGNED (part) && node->ctx->crypto->gpgctx) {
\r
87 + } else if (GMIME_IS_MULTIPART_SIGNED (part) && node->ctx->crypto->verify) {
\r
88 if (node->nchildren != 2) {
\r
89 /* this violates RFC 3156 section 5, so we won't bother with it. */
\r
90 fprintf (stderr, "Error: %d part(s) for a multipart/signed message "
\r
91 diff --git a/notmuch-client.h b/notmuch-client.h
\r
92 index 94af8f7..db1c347 100644
\r
93 --- a/notmuch-client.h
\r
94 +++ b/notmuch-client.h
\r
95 @@ -80,6 +80,7 @@ typedef struct notmuch_crypto {
\r
97 GMimeCipherContext* gpgctx;
\r
99 + notmuch_bool_t verify;
\r
100 notmuch_bool_t decrypt;
\r
101 } notmuch_crypto_t;
\r
103 @@ -351,10 +352,9 @@ struct mime_node {
\r
106 /* Construct a new MIME node pointing to the root message part of
\r
107 - * message. If crypto->gpgctx is non-NULL, it will be used to verify
\r
108 - * signatures on any child parts. If crypto->decrypt is true, then
\r
109 - * crypto.gpgctx will additionally be used to decrypt any encrypted
\r
111 + * message. If crypto->verify is true, signed child parts will be
\r
112 + * verified. If crypto->decrypt is true, encrypted child parts will be
\r
117 diff --git a/notmuch-reply.c b/notmuch-reply.c
\r
118 index 148152c..e4f293f 100644
\r
119 --- a/notmuch-reply.c
\r
120 +++ b/notmuch-reply.c
\r
121 @@ -676,6 +676,7 @@ notmuch_reply_command (void *ctx, int argc, char *argv[])
\r
122 notmuch_show_params_t params = {
\r
129 diff --git a/notmuch-show.c b/notmuch-show.c
\r
130 index fb5e9b6..3c06792 100644
\r
131 --- a/notmuch-show.c
\r
132 +++ b/notmuch-show.c
\r
133 @@ -987,11 +987,11 @@ notmuch_show_command (void *ctx, unused (int argc), unused (char *argv[]))
\r
135 .omit_excluded = TRUE,
\r
141 int format_sel = NOTMUCH_FORMAT_NOT_SPECIFIED;
\r
142 - notmuch_bool_t verify = FALSE;
\r
143 int exclude = EXCLUDE_TRUE;
\r
145 notmuch_opt_desc_t options[] = {
\r
146 @@ -1008,7 +1008,7 @@ notmuch_show_command (void *ctx, unused (int argc), unused (char *argv[]))
\r
147 { NOTMUCH_OPT_INT, ¶ms.part, "part", 'p', 0 },
\r
148 { NOTMUCH_OPT_BOOLEAN, ¶ms.entire_thread, "entire-thread", 't', 0 },
\r
149 { NOTMUCH_OPT_BOOLEAN, ¶ms.crypto.decrypt, "decrypt", 'd', 0 },
\r
150 - { NOTMUCH_OPT_BOOLEAN, &verify, "verify", 'v', 0 },
\r
151 + { NOTMUCH_OPT_BOOLEAN, ¶ms.crypto.verify, "verify", 'v', 0 },
\r
155 @@ -1018,6 +1018,10 @@ notmuch_show_command (void *ctx, unused (int argc), unused (char *argv[]))
\r
159 + /* decryption implies verification */
\r
160 + if (params.crypto.decrypt)
\r
161 + params.crypto.verify = TRUE;
\r
163 if (format_sel == NOTMUCH_FORMAT_NOT_SPECIFIED) {
\r
164 /* if part was requested and format was not specified, use format=raw */
\r
165 if (params.part >= 0)
\r
166 @@ -1052,7 +1056,7 @@ notmuch_show_command (void *ctx, unused (int argc), unused (char *argv[]))
\r
170 - if (params.crypto.decrypt || verify) {
\r
171 + if (params.crypto.decrypt || params.crypto.verify) {
\r
172 #ifdef GMIME_ATLEAST_26
\r
173 /* TODO: GMimePasswordRequestFunc */
\r
174 params.crypto.gpgctx = g_mime_gpg_context_new (NULL, "gpg");
\r
175 @@ -1063,6 +1067,10 @@ notmuch_show_command (void *ctx, unused (int argc), unused (char *argv[]))
\r
176 if (params.crypto.gpgctx) {
\r
177 g_mime_gpg_context_set_always_trust ((GMimeGpgContext*) params.crypto.gpgctx, FALSE);
\r
179 + /* If we fail to create the gpgctx set the verify and
\r
180 + * decrypt flags to FALSE so we don't try to do any
\r
181 + * further verification or decryption */
\r
182 + params.crypto.verify = FALSE;
\r
183 params.crypto.decrypt = FALSE;
\r
184 fprintf (stderr, "Failed to construct gpg context.\n");
\r