--- /dev/null
+Return-Path: <jani@nikula.org>\r
+X-Original-To: notmuch@notmuchmail.org\r
+Delivered-To: notmuch@notmuchmail.org\r
+Received: from localhost (localhost [127.0.0.1])\r
+ by arlo.cworth.org (Postfix) with ESMTP id CCB1B6DE02D2\r
+ for <notmuch@notmuchmail.org>; Sat, 26 Sep 2015 04:59:03 -0700 (PDT)\r
+X-Virus-Scanned: Debian amavisd-new at cworth.org\r
+X-Spam-Flag: NO\r
+X-Spam-Score: -0.165\r
+X-Spam-Level: \r
+X-Spam-Status: No, score=-0.165 tagged_above=-999 required=5\r
+ tests=[AWL=-0.189, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01,\r
+ RCVD_IN_MSPIKE_WL=-0.01, URIBL_SBL=0.644, URIBL_SBL_A=0.1]\r
+ autolearn=disabled\r
+Received: from arlo.cworth.org ([127.0.0.1])\r
+ by localhost (arlo.cworth.org [127.0.0.1]) (amavisd-new, port 10024)\r
+ with ESMTP id EWWG6s_GSnTV for <notmuch@notmuchmail.org>;\r
+ Sat, 26 Sep 2015 04:59:02 -0700 (PDT)\r
+Received: from mail-wi0-f169.google.com (mail-wi0-f169.google.com\r
+ [209.85.212.169])\r
+ by arlo.cworth.org (Postfix) with ESMTPS id 9823B6DE0298\r
+ for <notmuch@notmuchmail.org>; Sat, 26 Sep 2015 04:59:01 -0700 (PDT)\r
+Received: by wicfx3 with SMTP id fx3so48325526wic.0\r
+ for <notmuch@notmuchmail.org>; Sat, 26 Sep 2015 04:59:00 -0700 (PDT)\r
+X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;\r
+ d=1e100.net; s=20130820;\r
+ h=x-gm-message-state:from:to:subject:in-reply-to:references\r
+ :user-agent:date:message-id:mime-version:content-type;\r
+ bh=L4QKMhpPrTIOx2qiMH/utGh+iDvkdoraIcBTfsGb+UA=;\r
+ b=hZmG0p8CXNzl5pIuQ21PZNC9Df2iK35MvEpssQiFy9cmUTu8rtqyrQ0muYTkk2ZXWc\r
+ lvT5ISe6DUF9/MNAb6oPIQ6GG67R0BLOfr+c2Scbdg3f/k4b74xEOqP+bUrbr5/iEUxi\r
+ dc7/wTxfQxLclXcORMlvslH7DPt/iKuwVZ4a1yNHknJtZQ/SRTOLVGHG0PBcR9JhdxbN\r
+ uFBAuB334hb2jDvlIyCbfkiO+9WfFG6Rj7Qio+AaZkDGPhOFbuGffU36AwU8EK9BXwJB\r
+ YBl63PvgeH2y5vjyMH7Hk4icrePdGJOmTSfvNo/LT732tKHoVJBqjViIr/my/Fv8vRg0\r
+ 49qA==\r
+X-Gm-Message-State:\r
+ ALoCoQmdvHDSZhgcrGhf+6Ct3OR+2+DJEr+PuYyn7PzVCHHxoR3MFCSmxuRP6w3x/Xiq5i88/x7W\r
+X-Received: by 10.194.110.37 with SMTP id hx5mr11554063wjb.149.1443268739965; \r
+ Sat, 26 Sep 2015 04:58:59 -0700 (PDT)\r
+Received: from localhost (mobile-access-bcee63-221.dhcp.inet.fi.\r
+ [188.238.99.221])\r
+ by smtp.gmail.com with ESMTPSA id lm3sm8039209wjc.39.2015.09.26.04.58.59\r
+ (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);\r
+ Sat, 26 Sep 2015 04:58:59 -0700 (PDT)\r
+From: Jani Nikula <jani@nikula.org>\r
+To: David Bremner <david@tethera.net>, notmuch@notmuchmail.org\r
+Subject: Re: [PATCH 6/8] cli: crypto: S/MIME verification support\r
+In-Reply-To: <1439746876-23654-7-git-send-email-david@tethera.net>\r
+References: <54CA467B.30408@gnome.org>\r
+ <1439746876-23654-1-git-send-email-david@tethera.net>\r
+ <1439746876-23654-7-git-send-email-david@tethera.net>\r
+User-Agent: Notmuch/0.20.2+66~gb33abd9 (http://notmuchmail.org) Emacs/24.4.1\r
+ (x86_64-pc-linux-gnu)\r
+Date: Sat, 26 Sep 2015 14:58:41 +0300\r
+Message-ID: <87bncpmlxq.fsf@nikula.org>\r
+MIME-Version: 1.0\r
+Content-Type: text/plain\r
+X-BeenThere: notmuch@notmuchmail.org\r
+X-Mailman-Version: 2.1.18\r
+Precedence: list\r
+List-Id: "Use and development of the notmuch mail system."\r
+ <notmuch.notmuchmail.org>\r
+List-Unsubscribe: <http://notmuchmail.org/mailman/options/notmuch>,\r
+ <mailto:notmuch-request@notmuchmail.org?subject=unsubscribe>\r
+List-Archive: <http://notmuchmail.org/pipermail/notmuch/>\r
+List-Post: <mailto:notmuch@notmuchmail.org>\r
+List-Help: <mailto:notmuch-request@notmuchmail.org?subject=help>\r
+List-Subscribe: <http://notmuchmail.org/mailman/listinfo/notmuch>,\r
+ <mailto:notmuch-request@notmuchmail.org?subject=subscribe>\r
+X-List-Received-Date: Sat, 26 Sep 2015 11:59:03 -0000\r
+\r
+On Sun, 16 Aug 2015, David Bremner <david@tethera.net> wrote:\r
+> From: Jani Nikula <jani@nikula.org>\r
+>\r
+> notmuch-show --verify will now also process S/MIME multiparts if\r
+> encountered. Requires gmime-2.6 and gpgsm.\r
+>\r
+> Based on work by Jameson Graef Rollins <jrollins@finestructure.net>.\r
+> ---\r
+> crypto.c | 50 ++++++++++++++++++++++++++++++++++++++++++++++++++\r
+> notmuch-client.h | 7 +++++--\r
+> test/T355-smime.sh | 1 -\r
+> 3 files changed, 55 insertions(+), 3 deletions(-)\r
+>\r
+> diff --git a/crypto.c b/crypto.c\r
+> index 11c167e..ce683d2 100644\r
+> --- a/crypto.c\r
+> +++ b/crypto.c\r
+> @@ -43,6 +43,51 @@ create_gpg_context (notmuch_crypto_t *crypto)\r
+> return gpgctx;\r
+> }\r
+> \r
+> +/* Create a PKCS7 context (GMime 2.6) */\r
+> +static notmuch_crypto_context_t *\r
+> +create_pkcs7_context (notmuch_crypto_t *crypto)\r
+> +{\r
+> + notmuch_crypto_context_t *pkcs7ctx;\r
+> +\r
+> + if (crypto->pkcs7ctx)\r
+> + return crypto->pkcs7ctx;\r
+> +\r
+> + /* TODO: GMimePasswordRequestFunc */\r
+> + pkcs7ctx = g_mime_pkcs7_context_new (NULL);\r
+> + if (! pkcs7ctx) {\r
+> + fprintf (stderr, "Failed to construct pkcs7 context.\n");\r
+> + return NULL;\r
+> + }\r
+> + crypto->pkcs7ctx = pkcs7ctx;\r
+> +\r
+> + g_mime_pkcs7_context_set_always_trust ((GMimePkcs7Context *) pkcs7ctx,\r
+> + FALSE);\r
+> +\r
+> + return pkcs7ctx;\r
+> +}\r
+> +\r
+> +static const struct {\r
+> + const char *protocol;\r
+> + notmuch_crypto_context_t *(*get_context) (notmuch_crypto_t *crypto);\r
+> +} protocols[] = {\r
+> + {\r
+> + .protocol = "application/pgp-signature",\r
+> + .get_context = create_gpg_context,\r
+> + },\r
+> + {\r
+> + .protocol = "application/pgp-encrypted",\r
+> + .get_context = create_gpg_context,\r
+> + },\r
+> + {\r
+> + .protocol = "application/pkcs7-signature",\r
+> + .get_context = create_pkcs7_context,\r
+> + },\r
+> + {\r
+> + .protocol = "application/x-pkcs7-signature",\r
+> + .get_context = create_pkcs7_context,\r
+> + },\r
+> +};\r
+\r
+The array itself should be added in patch 2 as it depends on it, and\r
+this patch should only add the pkcs7 ones. I guess this got broken at\r
+some rebase.\r
+\r
+BR,\r
+Jani.\r
+\r
+\r
+> +\r
+> /* for the specified protocol return the context pointer (initializing\r
+> * if needed) */\r
+> notmuch_crypto_context_t *\r
+> @@ -81,5 +126,10 @@ notmuch_crypto_cleanup (notmuch_crypto_t *crypto)\r
+> crypto->gpgctx = NULL;\r
+> }\r
+> \r
+> + if (crypto->pkcs7ctx) {\r
+> + g_object_unref (crypto->pkcs7ctx);\r
+> + crypto->pkcs7ctx = NULL;\r
+> + }\r
+> +\r
+> return 0;\r
+> }\r
+> diff --git a/notmuch-client.h b/notmuch-client.h\r
+> index 1f82656..774b620 100644\r
+> --- a/notmuch-client.h\r
+> +++ b/notmuch-client.h\r
+> @@ -31,6 +31,8 @@\r
+> #include <gmime/gmime.h>\r
+> \r
+> typedef GMimeCryptoContext notmuch_crypto_context_t;\r
+> +/* This is automatically included only since gmime 2.6.10 */\r
+> +#include <gmime/gmime-pkcs7-context.h>\r
+> \r
+> #include "notmuch.h"\r
+> \r
+> @@ -69,6 +71,7 @@ typedef struct notmuch_show_format {\r
+> \r
+> typedef struct notmuch_crypto {\r
+> notmuch_crypto_context_t* gpgctx;\r
+> + notmuch_crypto_context_t* pkcs7ctx;\r
+> notmuch_bool_t verify;\r
+> notmuch_bool_t decrypt;\r
+> const char *gpgpath;\r
+> @@ -406,8 +409,8 @@ struct mime_node {\r
+> /* Construct a new MIME node pointing to the root message part of\r
+> * message. If crypto->verify is true, signed child parts will be\r
+> * verified. If crypto->decrypt is true, encrypted child parts will be\r
+> - * decrypted. If crypto->gpgctx is NULL, it will be lazily\r
+> - * initialized.\r
+> + * decrypted. If the crypto contexts (crypto->gpgctx or\r
+> + * crypto->pkcs7) are NULL, they will be lazily initialized.\r
+> *\r
+> * Return value:\r
+> *\r
+> diff --git a/test/T355-smime.sh b/test/T355-smime.sh\r
+> index b3cc76e..caedf5e 100755\r
+> --- a/test/T355-smime.sh\r
+> +++ b/test/T355-smime.sh\r
+> @@ -56,7 +56,6 @@ EOF\r
+> test_expect_equal_file OUTPUT EXPECTED\r
+> \r
+> test_begin_subtest "signature verification (notmuch CLI)"\r
+> -test_subtest_known_broken\r
+> output=$(notmuch show --format=json --verify subject:"test signed message 001" \\r
+> | notmuch_json_show_sanitize \\r
+> | sed -e 's|"created": [1234567890]*|"created": 946728000|' \\r
+> -- \r
+> 2.5.0\r
projects / notmuch-archives.git / commitdiff