1 Return-Path: <jrollins@finestructure.net>
\r
2 X-Original-To: notmuch@notmuchmail.org
\r
3 Delivered-To: notmuch@notmuchmail.org
\r
4 Received: from localhost (localhost [127.0.0.1])
\r
5 by olra.theworths.org (Postfix) with ESMTP id A1099431FB6
\r
6 for <notmuch@notmuchmail.org>; Fri, 18 May 2012 10:32:50 -0700 (PDT)
\r
7 X-Virus-Scanned: Debian amavisd-new at olra.theworths.org
\r
11 X-Spam-Status: No, score=-2.3 tagged_above=-999 required=5
\r
12 tests=[RCVD_IN_DNSWL_MED=-2.3] autolearn=disabled
\r
13 Received: from olra.theworths.org ([127.0.0.1])
\r
14 by localhost (olra.theworths.org [127.0.0.1]) (amavisd-new, port 10024)
\r
15 with ESMTP id f-m-3GdUCltF for <notmuch@notmuchmail.org>;
\r
16 Fri, 18 May 2012 10:32:49 -0700 (PDT)
\r
17 Received: from outgoing-mail.its.caltech.edu (outgoing-mail.its.caltech.edu
\r
19 by olra.theworths.org (Postfix) with ESMTP id 941ED431FBD
\r
20 for <notmuch@notmuchmail.org>; Fri, 18 May 2012 10:32:46 -0700 (PDT)
\r
21 Received: from fire-doxen.imss.caltech.edu (localhost [127.0.0.1])
\r
22 by fire-doxen-postvirus (Postfix) with ESMTP id 5082F32807A
\r
23 for <notmuch@notmuchmail.org>; Fri, 18 May 2012 10:32:44 -0700 (PDT)
\r
24 X-Spam-Scanned: at Caltech-IMSS on fire-doxen by amavisd-new
\r
25 Received: from finestructure.net (cpe-98-14-81-93.nyc.res.rr.com
\r
26 [98.14.81.93]) (Authenticated sender: jrollins) by fire-doxen-submit
\r
27 (Postfix) with ESMTP id DEFBF328035 for <notmuch@notmuchmail.org>; Fri, 18
\r
28 May 2012 10:32:41 -0700 (PDT)
\r
29 Received: by finestructure.net (Postfix, from userid 1000)
\r
30 id 4917B624; Fri, 18 May 2012 10:32:40 -0700 (PDT)
\r
31 From: Jameson Graef Rollins <jrollins@finestructure.net>
\r
32 To: Notmuch Mail <notmuch@notmuchmail.org>
\r
33 Subject: [PATCH v2 4/5] cli: new crypto verify flag to handle verification
\r
34 Date: Fri, 18 May 2012 10:32:36 -0700
\r
35 Message-Id: <1337362357-31281-5-git-send-email-jrollins@finestructure.net>
\r
36 X-Mailer: git-send-email 1.7.10
\r
37 In-Reply-To: <1337362357-31281-4-git-send-email-jrollins@finestructure.net>
\r
38 References: <1337362357-31281-1-git-send-email-jrollins@finestructure.net>
\r
39 <1337362357-31281-2-git-send-email-jrollins@finestructure.net>
\r
40 <1337362357-31281-3-git-send-email-jrollins@finestructure.net>
\r
41 <1337362357-31281-4-git-send-email-jrollins@finestructure.net>
\r
42 X-BeenThere: notmuch@notmuchmail.org
\r
43 X-Mailman-Version: 2.1.13
\r
45 List-Id: "Use and development of the notmuch mail system."
\r
46 <notmuch.notmuchmail.org>
\r
47 List-Unsubscribe: <http://notmuchmail.org/mailman/options/notmuch>,
\r
48 <mailto:notmuch-request@notmuchmail.org?subject=unsubscribe>
\r
49 List-Archive: <http://notmuchmail.org/pipermail/notmuch>
\r
50 List-Post: <mailto:notmuch@notmuchmail.org>
\r
51 List-Help: <mailto:notmuch-request@notmuchmail.org?subject=help>
\r
52 List-Subscribe: <http://notmuchmail.org/mailman/listinfo/notmuch>,
\r
53 <mailto:notmuch-request@notmuchmail.org?subject=subscribe>
\r
54 X-List-Received-Date: Fri, 18 May 2012 17:32:51 -0000
\r
56 Use this flag rather than depend on the existence of an initialized
\r
57 gpgctx, to determine whether we should verify a multipart/signed. We
\r
58 will be moving to create the ctx lazily, so we don't want to depend on
\r
59 it being previously initialized if it's not needed.
\r
61 mime-node.c | 5 ++---
\r
62 notmuch-client.h | 8 ++++----
\r
63 notmuch-reply.c | 1 +
\r
64 notmuch-show.c | 14 +++++++++++---
\r
65 4 files changed, 18 insertions(+), 10 deletions(-)
\r
67 diff --git a/mime-node.c b/mime-node.c
\r
68 index 3dda900..3adbe5a 100644
\r
71 @@ -183,8 +183,7 @@ _mime_node_create (mime_node_t *parent, GMimeObject *part)
\r
74 /* Handle PGP/MIME parts */
\r
75 - if (GMIME_IS_MULTIPART_ENCRYPTED (part)
\r
76 - && node->ctx->crypto->gpgctx && node->ctx->crypto->decrypt) {
\r
77 + if (GMIME_IS_MULTIPART_ENCRYPTED (part) && node->ctx->crypto->decrypt) {
\r
78 if (node->nchildren != 2) {
\r
79 /* this violates RFC 3156 section 4, so we won't bother with it. */
\r
80 fprintf (stderr, "Error: %d part(s) for a multipart/encrypted "
\r
81 @@ -218,7 +217,7 @@ _mime_node_create (mime_node_t *parent, GMimeObject *part)
\r
82 (err ? err->message : "no error explanation given"));
\r
85 - } else if (GMIME_IS_MULTIPART_SIGNED (part) && node->ctx->crypto->gpgctx) {
\r
86 + } else if (GMIME_IS_MULTIPART_SIGNED (part) && node->ctx->crypto->verify) {
\r
87 if (node->nchildren != 2) {
\r
88 /* this violates RFC 3156 section 5, so we won't bother with it. */
\r
89 fprintf (stderr, "Error: %d part(s) for a multipart/signed message "
\r
90 diff --git a/notmuch-client.h b/notmuch-client.h
\r
91 index 9892968..c671c13 100644
\r
92 --- a/notmuch-client.h
\r
93 +++ b/notmuch-client.h
\r
94 @@ -80,6 +80,7 @@ typedef struct notmuch_crypto {
\r
96 GMimeCipherContext* gpgctx;
\r
98 + notmuch_bool_t verify;
\r
99 notmuch_bool_t decrypt;
\r
100 } notmuch_crypto_t;
\r
102 @@ -345,10 +346,9 @@ struct mime_node {
\r
105 /* Construct a new MIME node pointing to the root message part of
\r
106 - * message. If crypto->gpgctx is non-NULL, it will be used to verify
\r
107 - * signatures on any child parts. If crypto->decrypt is true, then
\r
108 - * crypto.gpgctx will additionally be used to decrypt any encrypted
\r
110 + * message. If crypto->verify is true, signed child parts will be
\r
111 + * verified. If crypto->decrypt is true, encrypted child parts will be
\r
116 diff --git a/notmuch-reply.c b/notmuch-reply.c
\r
117 index 34a906e..345be76 100644
\r
118 --- a/notmuch-reply.c
\r
119 +++ b/notmuch-reply.c
\r
120 @@ -674,6 +674,7 @@ notmuch_reply_command (void *ctx, int argc, char *argv[])
\r
121 int opt_index, ret = 0;
\r
122 int (*reply_format_func)(void *ctx, notmuch_config_t *config, notmuch_query_t *query, notmuch_crypto_t *crypto, notmuch_bool_t reply_all);
\r
123 notmuch_crypto_t crypto = {
\r
127 int format = FORMAT_DEFAULT;
\r
128 diff --git a/notmuch-show.c b/notmuch-show.c
\r
129 index 66c74e2..f4ee038 100644
\r
130 --- a/notmuch-show.c
\r
131 +++ b/notmuch-show.c
\r
132 @@ -987,11 +987,11 @@ notmuch_show_command (void *ctx, unused (int argc), unused (char *argv[]))
\r
134 .omit_excluded = TRUE,
\r
140 int format_sel = NOTMUCH_FORMAT_NOT_SPECIFIED;
\r
141 - notmuch_bool_t verify = FALSE;
\r
142 int exclude = EXCLUDE_TRUE;
\r
144 notmuch_opt_desc_t options[] = {
\r
145 @@ -1008,7 +1008,7 @@ notmuch_show_command (void *ctx, unused (int argc), unused (char *argv[]))
\r
146 { NOTMUCH_OPT_INT, ¶ms.part, "part", 'p', 0 },
\r
147 { NOTMUCH_OPT_BOOLEAN, ¶ms.entire_thread, "entire-thread", 't', 0 },
\r
148 { NOTMUCH_OPT_BOOLEAN, ¶ms.crypto.decrypt, "decrypt", 'd', 0 },
\r
149 - { NOTMUCH_OPT_BOOLEAN, &verify, "verify", 'v', 0 },
\r
150 + { NOTMUCH_OPT_BOOLEAN, ¶ms.crypto.verify, "verify", 'v', 0 },
\r
154 @@ -1018,6 +1018,10 @@ notmuch_show_command (void *ctx, unused (int argc), unused (char *argv[]))
\r
158 + /* decryption implies verification */
\r
159 + if (params.crypto.decrypt)
\r
160 + params.crypto.verify = TRUE;
\r
162 if (format_sel == NOTMUCH_FORMAT_NOT_SPECIFIED) {
\r
163 /* if part was requested and format was not specified, use format=raw */
\r
164 if (params.part >= 0)
\r
165 @@ -1052,7 +1056,7 @@ notmuch_show_command (void *ctx, unused (int argc), unused (char *argv[]))
\r
169 - if (params.crypto.decrypt || verify) {
\r
170 + if (params.crypto.decrypt || params.crypto.verify) {
\r
171 #ifdef GMIME_ATLEAST_26
\r
172 /* TODO: GMimePasswordRequestFunc */
\r
173 params.crypto.gpgctx = g_mime_gpg_context_new (NULL, "gpg");
\r
174 @@ -1063,6 +1067,10 @@ notmuch_show_command (void *ctx, unused (int argc), unused (char *argv[]))
\r
175 if (params.crypto.gpgctx) {
\r
176 g_mime_gpg_context_set_always_trust ((GMimeGpgContext*) params.crypto.gpgctx, FALSE);
\r
178 + /* If we fail to create the gpgctx set the verify and
\r
179 + * decrypt flags to FALSE so we don't try to do any
\r
180 + * further verification or decryption */
\r
181 + params.crypto.verify = FALSE;
\r
182 params.crypto.decrypt = FALSE;
\r
183 fprintf (stderr, "Failed to construct gpg context.\n");
\r