[PATCH 3/9] index encrypted parts when the message is flagged appropriately

diff --git a/01/1a4483c6b0232807c48e6b8b80efeaaa21adab b/01/1a4483c6b0232807c48e6b8b80efeaaa21adab
new file mode 100644 (file)
index 0000000..c154708
--- /dev/null
+++ b/01/1a4483c6b0232807c48e6b8b80efeaaa21adab
@@ -0,0 +1,164 @@
+Return-Path: <dkg@fifthhorseman.net>\r
+X-Original-To: notmuch@notmuchmail.org\r
+Delivered-To: notmuch@notmuchmail.org\r
+Received: from localhost (localhost [127.0.0.1])\r
+ by arlo.cworth.org (Postfix) with ESMTP id 1B5C16DE0FF1\r
+ for <notmuch@notmuchmail.org>; Wed,  9 Dec 2015 19:40:09 -0800 (PST)\r
+X-Virus-Scanned: Debian amavisd-new at cworth.org\r
+X-Spam-Flag: NO\r
+X-Spam-Score: -0.035\r
+X-Spam-Level: \r
+X-Spam-Status: No, score=-0.035 tagged_above=-999 required=5\r
+ tests=[AWL=-0.035] autolearn=disabled\r
+Received: from arlo.cworth.org ([127.0.0.1])\r
+ by localhost (arlo.cworth.org [127.0.0.1]) (amavisd-new, port 10024)\r
+ with ESMTP id 5UbXq0YuG3Ap for <notmuch@notmuchmail.org>;\r
+ Wed,  9 Dec 2015 19:40:05 -0800 (PST)\r
+Received: from che.mayfirst.org (che.mayfirst.org [209.234.253.108])\r
+ by arlo.cworth.org (Postfix) with ESMTP id D46A36DE005F\r
+ for <notmuch@notmuchmail.org>; Wed,  9 Dec 2015 19:40:04 -0800 (PST)\r
+Received: from fifthhorseman.net (unknown [38.109.115.130])\r
+ by che.mayfirst.org (Postfix) with ESMTPSA id 09188F985\r
+ for <notmuch@notmuchmail.org>; Wed,  9 Dec 2015 22:40:03 -0500 (EST)\r
+Received: by fifthhorseman.net (Postfix, from userid 1000)\r
+ id AC13120CF1; Wed,  9 Dec 2015 22:40:03 -0500 (EST)\r
+From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>\r
+To: Notmuch Mail <notmuch@notmuchmail.org>\r
+Subject: [PATCH 3/9] index encrypted parts when the message is flagged\r
+ appropriately\r
+Date: Wed,  9 Dec 2015 22:39:40 -0500\r
+Message-Id: <1449718786-28000-4-git-send-email-dkg@fifthhorseman.net>\r
+X-Mailer: git-send-email 2.6.2\r
+In-Reply-To: <1449718786-28000-1-git-send-email-dkg@fifthhorseman.net>\r
+References: <1449718786-28000-1-git-send-email-dkg@fifthhorseman.net>\r
+X-BeenThere: notmuch@notmuchmail.org\r
+X-Mailman-Version: 2.1.20\r
+Precedence: list\r
+List-Id: "Use and development of the notmuch mail system."\r
+ <notmuch.notmuchmail.org>\r
+List-Unsubscribe: <https://notmuchmail.org/mailman/options/notmuch>,\r
+ <mailto:notmuch-request@notmuchmail.org?subject=unsubscribe>\r
+List-Archive: <http://notmuchmail.org/pipermail/notmuch/>\r
+List-Post: <mailto:notmuch@notmuchmail.org>\r
+List-Help: <mailto:notmuch-request@notmuchmail.org?subject=help>\r
+List-Subscribe: <https://notmuchmail.org/mailman/listinfo/notmuch>,\r
+ <mailto:notmuch-request@notmuchmail.org?subject=subscribe>\r
+X-List-Received-Date: Thu, 10 Dec 2015 03:40:09 -0000\r
+\r
+We add a new message flag that indicates desire for indexing the\r
+cleartext of a given message.\r
+\r
+If that flag is set while indexing, we'll try to descend into it.\r
+\r
+If we can decrypt, we tag the message with index-decrypted.\r
+\r
+If we can't decrypt (or recognize the encrypted type of mail), we tag\r
+with decryption-failed.\r
+\r
+Note that a single message may be tagged with "encrypted" and\r
+"index-decrypted" and "decryption-failed".  For example, consider a\r
+message that includes multiple layers of encryption.  It is\r
+automatically tagged with "encrypted".  If we decrypt the outer layer\r
+("index-decrypted"), but fail on the inner layer\r
+("decryption-failed").\r
+---\r
+ lib/index.cc  | 52 +++++++++++++++++++++++++++++++++++++++++++++++++++-\r
+ lib/notmuch.h |  5 +++++\r
+ 2 files changed, 56 insertions(+), 1 deletion(-)\r
+\r
+diff --git a/lib/index.cc b/lib/index.cc\r
+index 2fa6616..bd028cb 100644\r
+--- a/lib/index.cc\r
++++ b/lib/index.cc\r
+@@ -300,6 +300,10 @@ _index_address_list (notmuch_message_t *message,\r
+     }\r
+ }\r
+ \r
++static void\r
++_index_encrypted_mime_part (notmuch_message_t *message, GMimeContentType *content_type,\r
++                          GMimeMultipartEncrypted *part);\r
++\r
+ /* Callback to generate terms for each mime part of a message. */\r
+ static void\r
+ _index_mime_part (notmuch_message_t *message,\r
+@@ -346,7 +350,10 @@ _index_mime_part (notmuch_message_t *message,\r
+               _notmuch_database_log (_notmuch_message_database (message),\r
+                                      "Warning: Unexpected extra parts of multipart/signed. Indexing anyway.\n");\r
+       } else if (GMIME_IS_MULTIPART_ENCRYPTED (multipart)) {\r
+-          /* Don't index encrypted parts */\r
++          _notmuch_message_add_term (message, "tag", "encrypted");\r
++          if (notmuch_message_get_flag (message, NOTMUCH_MESSAGE_FLAG_INDEX_DECRYPTED)) {\r
++              _index_encrypted_mime_part(message, content_type, GMIME_MULTIPART_ENCRYPTED (part));\r
++          }\r
+       } else {\r
+           for (i = 0; i < g_mime_multipart_get_count (multipart); i++) {\r
+               _index_mime_part (message,\r
+@@ -431,6 +438,49 @@ _index_mime_part (notmuch_message_t *message,\r
+     }\r
+ }\r
+ \r
++/* descend (if possible) into the cleartext part of an encrypted MIME\r
++ * part while indexing. */\r
++static void\r
++_index_encrypted_mime_part (notmuch_message_t *message,\r
++                          GMimeContentType *content_type,\r
++                          GMimeMultipartEncrypted *encrypted_data)\r
++{\r
++    notmuch_private_status_t status;\r
++    GMimeCryptoContext* crypto_ctx = NULL;\r
++    const char *protocol = g_mime_content_type_get_parameter (content_type, "protocol");\r
++    GError *err = NULL;\r
++    notmuch_database_t * notmuch = _notmuch_message_database (message);\r
++    GMimeObject *clear = NULL;\r
++    \r
++    status = _notmuch_database_get_crypto_for_protocol (notmuch, protocol,\r
++                                                      &crypto_ctx);\r
++    if (status) {\r
++      _notmuch_database_log (notmuch, "Warning: setup failed for decrypting "\r
++                             "during indexing. (%d)\n", status);\r
++      _notmuch_message_add_term (message, "tag", "index-decryption-failed");\r
++      return;\r
++    }\r
++\r
++    /* we don't need the GMimeDecryptResult, because we're not looking\r
++     * at validating signatures, and we don't care about indexing who\r
++     * the message was ostensibly encrypted to.\r
++     */\r
++    clear = g_mime_multipart_encrypted_decrypt(encrypted_data, crypto_ctx,\r
++                                             NULL, &err);\r
++    if (err) {\r
++      _notmuch_database_log (notmuch, "Failed to decrypt during indexing. (%d:%d) [%s]\n",\r
++                             err->domain, err->code, err->message);\r
++      g_error_free(err);\r
++      /* Indicate that we failed to decrypt during indexing */\r
++      _notmuch_message_add_term (message, "tag", "index-decryption-failed");\r
++      return;\r
++    }\r
++    _index_mime_part (message, clear);\r
++    g_object_unref (clear);\r
++    \r
++    _notmuch_message_add_term (message, "tag", "index-decrypted");\r
++}\r
++\r
+ notmuch_status_t\r
+ _notmuch_message_index_file (notmuch_message_t *message,\r
+                            notmuch_message_file_t *message_file)\r
+diff --git a/lib/notmuch.h b/lib/notmuch.h\r
+index 310a8b8..e7085b7 100644\r
+--- a/lib/notmuch.h\r
++++ b/lib/notmuch.h\r
+@@ -1357,6 +1357,11 @@ typedef enum _notmuch_message_flag {\r
+      * thread ID.\r
+      */\r
+     NOTMUCH_MESSAGE_FLAG_GHOST,\r
++    \r
++    /* Some part(s) of this message is encrypted, but the message is\r
++     * indexed in the clear.\r
++     */\r
++    NOTMUCH_MESSAGE_FLAG_INDEX_DECRYPTED\r
+ } notmuch_message_flag_t;\r
+ \r
+ /**\r
+-- \r
+2.6.2\r
+\r