--- /dev/null
+Return-Path: <jani@nikula.org>\r
+X-Original-To: notmuch@notmuchmail.org\r
+Delivered-To: notmuch@notmuchmail.org\r
+Received: from localhost (localhost [127.0.0.1])\r
+ by olra.theworths.org (Postfix) with ESMTP id 58989431FCB\r
+ for <notmuch@notmuchmail.org>; Sat, 30 Mar 2013 06:53:33 -0700 (PDT)\r
+X-Virus-Scanned: Debian amavisd-new at olra.theworths.org\r
+X-Amavis-Alert: BAD HEADER SECTION, Duplicate header field: "References"\r
+X-Spam-Flag: NO\r
+X-Spam-Score: -0.7\r
+X-Spam-Level: \r
+X-Spam-Status: No, score=-0.7 tagged_above=-999 required=5\r
+ tests=[RCVD_IN_DNSWL_LOW=-0.7] autolearn=disabled\r
+Received: from olra.theworths.org ([127.0.0.1])\r
+ by localhost (olra.theworths.org [127.0.0.1]) (amavisd-new, port 10024)\r
+ with ESMTP id uIn4lGgVcPUN for <notmuch@notmuchmail.org>;\r
+ Sat, 30 Mar 2013 06:53:30 -0700 (PDT)\r
+Received: from mail-la0-f54.google.com (mail-la0-f54.google.com\r
+ [209.85.215.54]) (using TLSv1 with cipher RC4-SHA (128/128 bits))\r
+ (No client certificate requested)\r
+ by olra.theworths.org (Postfix) with ESMTPS id 81119431FC2\r
+ for <notmuch@notmuchmail.org>; Sat, 30 Mar 2013 06:53:27 -0700 (PDT)\r
+Received: by mail-la0-f54.google.com with SMTP id gw10so1125519lab.27\r
+ for <notmuch@notmuchmail.org>; Sat, 30 Mar 2013 06:53:26 -0700 (PDT)\r
+X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;\r
+ d=google.com; s=20120113;\r
+ h=x-received:from:to:cc:subject:date:message-id:x-mailer:in-reply-to\r
+ :references:in-reply-to:references:x-gm-message-state;\r
+ bh=lN0nHh42XFn6MB7XkotrqdVJTtwL602UONRhOgUTqFE=;\r
+ b=gUQ5S1hoxmvOcCR9/AH+Zs83nBvlqc6OqwBApvY4Bccm2JH84Lk1tzHsRaxsikUJvu\r
+ 242SMh3kNLPFKKZF0DqjxxWG/MYXIfYf14nKzPWJTHGp4V7q+jwR8ICe5R/BpuW+ACd0\r
+ VySBOTbabZ1dSP2DECNLSB08pf8s9uzbO5eYStoAsPD9cyVe8BUow9d2evocJmXW4Fhj\r
+ G5LSq1dLMwIHzE5xD0CrEyGbUCM3dVjpsKZXKYEQHJ7nBtZP5wCGR4K7efpLwVyKdTGf\r
+ FOmEqVk0RN12C0M8Pi2tNL/Om9vJQYQ77tqZcKmc4XS1Lzrm6b1XGgOIgyES3hOhUykH\r
+ +mwQ==\r
+X-Received: by 10.152.145.134 with SMTP id su6mr2780505lab.35.1364651605963;\r
+ Sat, 30 Mar 2013 06:53:25 -0700 (PDT)\r
+Received: from localhost (dsl-hkibrasgw4-50df51-27.dhcp.inet.fi.\r
+ [80.223.81.27])\r
+ by mx.google.com with ESMTPS id i3sm2658459lbn.0.2013.03.30.06.53.24\r
+ (version=TLSv1.2 cipher=RC4-SHA bits=128/128);\r
+ Sat, 30 Mar 2013 06:53:25 -0700 (PDT)\r
+From: Jani Nikula <jani@nikula.org>\r
+To: notmuch@notmuchmail.org\r
+Subject: [PATCH v2 2/3] cli: mime node: abstract decryption and signature\r
+ verification\r
+Date: Sat, 30 Mar 2013 15:53:16 +0200\r
+Message-Id:\r
+ <f68f5e573449cea7e66fc37567ddfbbf2f11131d.1364651359.git.jani@nikula.org>\r
+X-Mailer: git-send-email 1.7.10.4\r
+In-Reply-To: <cover.1364651359.git.jani@nikula.org>\r
+References: <cover.1364651359.git.jani@nikula.org>\r
+In-Reply-To: <cover.1364651359.git.jani@nikula.org>\r
+References: <cover.1364651359.git.jani@nikula.org>\r
+X-Gm-Message-State:\r
+ ALoCoQkZMAN5at7jRHEtWVm36X3z+n4cfouAvFo1R1ZPW1v1S91dnIHZNA/IqPcSmrGaiDwxAFt0\r
+X-BeenThere: notmuch@notmuchmail.org\r
+X-Mailman-Version: 2.1.13\r
+Precedence: list\r
+List-Id: "Use and development of the notmuch mail system."\r
+ <notmuch.notmuchmail.org>\r
+List-Unsubscribe: <http://notmuchmail.org/mailman/options/notmuch>,\r
+ <mailto:notmuch-request@notmuchmail.org?subject=unsubscribe>\r
+List-Archive: <http://notmuchmail.org/pipermail/notmuch>\r
+List-Post: <mailto:notmuch@notmuchmail.org>\r
+List-Help: <mailto:notmuch-request@notmuchmail.org?subject=help>\r
+List-Subscribe: <http://notmuchmail.org/mailman/listinfo/notmuch>,\r
+ <mailto:notmuch-request@notmuchmail.org?subject=subscribe>\r
+X-List-Received-Date: Sat, 30 Mar 2013 13:53:33 -0000\r
+\r
+The code filled with #ifdef GMIME_ATLEAST_26 is difficult to\r
+read. Abstract the decryption and signature verification into\r
+functions, with separate implementations for GMime 2.4 and 2.6, to\r
+clarify the code.\r
+\r
+There should be no functional changes.\r
+---\r
+ mime-node.c | 218 ++++++++++++++++++++++++++++++++++++++---------------------\r
+ 1 file changed, 142 insertions(+), 76 deletions(-)\r
+\r
+diff --git a/mime-node.c b/mime-node.c\r
+index 839737a..851f963 100644\r
+--- a/mime-node.c\r
++++ b/mime-node.c\r
+@@ -130,26 +130,163 @@ DONE:\r
+ }\r
+ \r
+ #ifdef GMIME_ATLEAST_26\r
++\r
++/* Signature list destructor (GMime 2.6) */\r
+ static int\r
+ _signature_list_free (GMimeSignatureList **proxy)\r
+ {\r
+ g_object_unref (*proxy);\r
+ return 0;\r
+ }\r
+-#else\r
++\r
++/* Set up signature list destructor (GMime 2.6) */\r
++static void\r
++set_signature_list_destructor (mime_node_t *node)\r
++{\r
++ GMimeSignatureList **proxy = talloc (node, GMimeSignatureList *);\r
++ if (proxy) {\r
++ *proxy = node->sig_list;\r
++ talloc_set_destructor (proxy, _signature_list_free);\r
++ }\r
++}\r
++\r
++/* Verify a signed mime node (GMime 2.6) */\r
++static void\r
++node_verify (mime_node_t *node, GMimeObject *part,\r
++ notmuch_crypto_context_t *cryptoctx)\r
++{\r
++ GError *err = NULL;\r
++\r
++ node->verify_attempted = TRUE;\r
++ node->sig_list = g_mime_multipart_signed_verify\r
++ (GMIME_MULTIPART_SIGNED (part), cryptoctx, &err);\r
++\r
++ if (node->sig_list)\r
++ set_signature_list_destructor (node);\r
++ else\r
++ fprintf (stderr, "Failed to verify signed part: %s\n",\r
++ err ? err->message : "no error explanation given");\r
++\r
++ if (err)\r
++ g_error_free (err);\r
++}\r
++\r
++/* Decrypt and optionally verify an encrypted mime node (GMime 2.6) */\r
++static void\r
++node_decrypt_and_verify (mime_node_t *node, GMimeObject *part,\r
++ notmuch_crypto_context_t *cryptoctx)\r
++{\r
++ GError *err = NULL;\r
++ GMimeDecryptResult *decrypt_result = NULL;\r
++ GMimeMultipartEncrypted *encrypteddata = GMIME_MULTIPART_ENCRYPTED (part);\r
++\r
++ node->decrypt_attempted = TRUE;\r
++ node->decrypted_child = g_mime_multipart_encrypted_decrypt\r
++ (encrypteddata, cryptoctx, &decrypt_result, &err);\r
++ if (! node->decrypted_child) {\r
++ fprintf (stderr, "Failed to decrypt part: %s\n",\r
++ err ? err->message : "no error explanation given");\r
++ goto DONE;\r
++ }\r
++\r
++ node->decrypt_success = TRUE;\r
++ node->verify_attempted = TRUE;\r
++\r
++ /* This may be NULL if the part is not signed. */\r
++ node->sig_list = g_mime_decrypt_result_get_signatures (decrypt_result);\r
++ if (node->sig_list) {\r
++ g_object_ref (node->sig_list);\r
++ set_signature_list_destructor (node);\r
++ }\r
++ g_object_unref (decrypt_result);\r
++\r
++ DONE:\r
++ if (err)\r
++ g_error_free (err);\r
++}\r
++\r
++#else /* GMIME_ATLEAST_26 */\r
++\r
++/* Signature validity destructor (GMime 2.4) */\r
+ static int\r
+ _signature_validity_free (GMimeSignatureValidity **proxy)\r
+ {\r
+ g_mime_signature_validity_free (*proxy);\r
+ return 0;\r
+ }\r
+-#endif\r
++\r
++/* Set up signature validity destructor (GMime 2.4) */\r
++static void\r
++set_signature_validity_destructor (mime_node_t *node)\r
++{\r
++ GMimeSignatureValidity **proxy = talloc (node, GMimeSignatureValidity *);\r
++ if (proxy) {\r
++ *proxy = node->sig_validity;\r
++ talloc_set_destructor (proxy, _signature_validity_free);\r
++ }\r
++}\r
++\r
++/* Verify a signed mime node (GMime 2.4) */\r
++static void\r
++node_verify (mime_node_t *node, GMimeObject *part,\r
++ notmuch_crypto_context_t *cryptoctx)\r
++{\r
++ GError *err = NULL;\r
++\r
++ node->verify_attempted = TRUE;\r
++ node->sig_validity = g_mime_multipart_signed_verify\r
++ (GMIME_MULTIPART_SIGNED (part), cryptoctx, &err);\r
++ if (node->sig_validity) {\r
++ set_signature_validity_destructor (node);\r
++ } else {\r
++ fprintf (stderr, "Failed to verify signed part: %s\n",\r
++ err ? err->message : "no error explanation given");\r
++ }\r
++\r
++ if (err)\r
++ g_error_free (err);\r
++}\r
++\r
++/* Decrypt and optionally verify an encrypted mime node (GMime 2.4) */\r
++static void\r
++node_decrypt_and_verify (mime_node_t *node, GMimeObject *part,\r
++ notmuch_crypto_context_t *cryptoctx)\r
++{\r
++ GError *err = NULL;\r
++ GMimeMultipartEncrypted *encrypteddata = GMIME_MULTIPART_ENCRYPTED (part);\r
++\r
++ node->decrypt_attempted = TRUE;\r
++ node->decrypted_child = g_mime_multipart_encrypted_decrypt\r
++ (encrypteddata, cryptoctx, &err);\r
++ if (! node->decrypted_child) {\r
++ fprintf (stderr, "Failed to decrypt part: %s\n",\r
++ err ? err->message : "no error explanation given");\r
++ goto DONE;\r
++ }\r
++\r
++ node->decrypt_success = TRUE;\r
++ node->verify_attempted = TRUE;\r
++\r
++ /* The GMimeSignatureValidity returned here is a const, unlike the\r
++ * one returned by g_mime_multipart_signed_verify() in\r
++ * node_verify() above, so the destructor is not needed.\r
++ */\r
++ node->sig_validity = g_mime_multipart_encrypted_get_signature_validity (encrypteddata);\r
++ if (! node->sig_validity)\r
++ fprintf (stderr, "Failed to verify encrypted signed part: %s\n",\r
++ err ? err->message : "no error explanation given");\r
++\r
++ DONE:\r
++ if (err)\r
++ g_error_free (err);\r
++}\r
++\r
++#endif /* GMIME_ATLEAST_26 */\r
+ \r
+ static mime_node_t *\r
+ _mime_node_create (mime_node_t *parent, GMimeObject *part)\r
+ {\r
+ mime_node_t *node = talloc_zero (parent, mime_node_t);\r
+- GError *err = NULL;\r
+ notmuch_crypto_context_t *cryptoctx = NULL;\r
+ \r
+ /* Set basic node properties */\r
+@@ -198,32 +335,7 @@ _mime_node_create (mime_node_t *parent, GMimeObject *part)\r
+ "message (must be exactly 2)\n",\r
+ node->nchildren);\r
+ } else {\r
+- GMimeMultipartEncrypted *encrypteddata =\r
+- GMIME_MULTIPART_ENCRYPTED (part);\r
+- node->decrypt_attempted = TRUE;\r
+-#ifdef GMIME_ATLEAST_26\r
+- GMimeDecryptResult *decrypt_result = NULL;\r
+- node->decrypted_child = g_mime_multipart_encrypted_decrypt\r
+- (encrypteddata, cryptoctx, &decrypt_result, &err);\r
+-#else\r
+- node->decrypted_child = g_mime_multipart_encrypted_decrypt\r
+- (encrypteddata, cryptoctx, &err);\r
+-#endif\r
+- if (node->decrypted_child) {\r
+- node->decrypt_success = node->verify_attempted = TRUE;\r
+-#ifdef GMIME_ATLEAST_26\r
+- /* This may be NULL if the part is not signed. */\r
+- node->sig_list = g_mime_decrypt_result_get_signatures (decrypt_result);\r
+- if (node->sig_list)\r
+- g_object_ref (node->sig_list);\r
+- g_object_unref (decrypt_result);\r
+-#else\r
+- node->sig_validity = g_mime_multipart_encrypted_get_signature_validity (encrypteddata);\r
+-#endif\r
+- } else {\r
+- fprintf (stderr, "Failed to decrypt part: %s\n",\r
+- (err ? err->message : "no error explanation given"));\r
+- }\r
++ node_decrypt_and_verify (node, part, cryptoctx);\r
+ }\r
+ } else if (GMIME_IS_MULTIPART_SIGNED (part) && node->ctx->crypto->verify && cryptoctx) {\r
+ if (node->nchildren != 2) {\r
+@@ -232,56 +344,10 @@ _mime_node_create (mime_node_t *parent, GMimeObject *part)\r
+ "(must be exactly 2)\n",\r
+ node->nchildren);\r
+ } else {\r
+-#ifdef GMIME_ATLEAST_26\r
+- node->sig_list = g_mime_multipart_signed_verify\r
+- (GMIME_MULTIPART_SIGNED (part), cryptoctx, &err);\r
+- node->verify_attempted = TRUE;\r
+-\r
+- if (!node->sig_list)\r
+- fprintf (stderr, "Failed to verify signed part: %s\n",\r
+- (err ? err->message : "no error explanation given"));\r
+-#else\r
+- /* For some reason the GMimeSignatureValidity returned\r
+- * here is not a const (inconsistent with that\r
+- * returned by\r
+- * g_mime_multipart_encrypted_get_signature_validity,\r
+- * and therefore needs to be properly disposed of.\r
+- *\r
+- * In GMime 2.6, they're both non-const, so we'll be able\r
+- * to clean up this asymmetry. */\r
+- GMimeSignatureValidity *sig_validity = g_mime_multipart_signed_verify\r
+- (GMIME_MULTIPART_SIGNED (part), cryptoctx, &err);\r
+- node->verify_attempted = TRUE;\r
+- node->sig_validity = sig_validity;\r
+- if (sig_validity) {\r
+- GMimeSignatureValidity **proxy =\r
+- talloc (node, GMimeSignatureValidity *);\r
+- *proxy = sig_validity;\r
+- talloc_set_destructor (proxy, _signature_validity_free);\r
+- }\r
+-#endif\r
++ node_verify (node, part, cryptoctx);\r
+ }\r
+ }\r
+ \r
+-#ifdef GMIME_ATLEAST_26\r
+- /* sig_list may be created in both above cases, so we need to\r
+- * cleanly handle it here. */\r
+- if (node->sig_list) {\r
+- GMimeSignatureList **proxy = talloc (node, GMimeSignatureList *);\r
+- *proxy = node->sig_list;\r
+- talloc_set_destructor (proxy, _signature_list_free);\r
+- }\r
+-#endif\r
+-\r
+-#ifndef GMIME_ATLEAST_26\r
+- if (node->verify_attempted && !node->sig_validity)\r
+- fprintf (stderr, "Failed to verify signed part: %s\n",\r
+- (err ? err->message : "no error explanation given"));\r
+-#endif\r
+-\r
+- if (err)\r
+- g_error_free (err);\r
+-\r
+ return node;\r
+ }\r
+ \r
+-- \r
+1.7.10.4\r
+\r
projects / notmuch-archives.git / commitdiff