From 9d29479ea8ceeaf63daf9a37dbc477edccec409b Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Mon, 1 Feb 2016 15:39:54 +1900 Subject: [PATCH] [PATCH v3 09/16] index encrypted parts when asked. --- 74/116c49e7c50600466f0a2da9406e04f6ccf42e | 222 ++++++++++++++++++++++ 1 file changed, 222 insertions(+) create mode 100644 74/116c49e7c50600466f0a2da9406e04f6ccf42e diff --git a/74/116c49e7c50600466f0a2da9406e04f6ccf42e b/74/116c49e7c50600466f0a2da9406e04f6ccf42e new file mode 100644 index 000000000..2274e4a34 --- /dev/null +++ b/74/116c49e7c50600466f0a2da9406e04f6ccf42e @@ -0,0 +1,222 @@ +Return-Path: +X-Original-To: notmuch@notmuchmail.org +Delivered-To: notmuch@notmuchmail.org +Received: from localhost (localhost [127.0.0.1]) + by arlo.cworth.org (Postfix) with ESMTP id 756666DE1B50 + for ; Sun, 31 Jan 2016 12:40:19 -0800 (PST) +X-Virus-Scanned: Debian amavisd-new at cworth.org +X-Spam-Flag: NO +X-Spam-Score: 0 +X-Spam-Level: +X-Spam-Status: No, score=0 tagged_above=-999 required=5 tests=[none] + autolearn=disabled +Received: from arlo.cworth.org ([127.0.0.1]) + by localhost (arlo.cworth.org [127.0.0.1]) (amavisd-new, port 10024) + with ESMTP id DJVWgiBGX0rn for ; + Sun, 31 Jan 2016 12:40:17 -0800 (PST) +Received: from che.mayfirst.org (che.mayfirst.org [209.234.253.108]) + by arlo.cworth.org (Postfix) with ESMTP id 7F7836DE1AC4 + for ; Sun, 31 Jan 2016 12:40:09 -0800 (PST) +Received: from fifthhorseman.net (ip-64-134-185-108.public.wayport.net + [64.134.185.108]) + by che.mayfirst.org (Postfix) with ESMTPSA id 81A78F99E + for ; Sun, 31 Jan 2016 15:40:06 -0500 (EST) +Received: by fifthhorseman.net (Postfix, from userid 1000) + id 4DA8421028; Sun, 31 Jan 2016 15:40:06 -0500 (EST) +From: Daniel Kahn Gillmor +To: Notmuch Mail +Subject: [PATCH v3 09/16] index encrypted parts when asked. +Date: Sun, 31 Jan 2016 15:39:54 -0500 +Message-Id: <1454272801-23623-10-git-send-email-dkg@fifthhorseman.net> +X-Mailer: git-send-email 2.7.0.rc3 +In-Reply-To: <1454272801-23623-1-git-send-email-dkg@fifthhorseman.net> +References: <1454272801-23623-1-git-send-email-dkg@fifthhorseman.net> +X-BeenThere: notmuch@notmuchmail.org +X-Mailman-Version: 2.1.20 +Precedence: list +List-Id: "Use and development of the notmuch mail system." + +List-Unsubscribe: , + +List-Archive: +List-Post: +List-Help: +List-Subscribe: , + +X-List-Received-Date: Sun, 31 Jan 2016 20:40:19 -0000 + +If we see index options that ask us to decrypt when indexing a +message, and we encounter an encrypted part, we'll try to descend into +it. + +If we can decrypt, we tag the message with index-decrypted. + +If we can't decrypt (or recognize the encrypted type of mail), we tag +with decryption-failed. + +Note that a single message may be tagged with "encrypted" and +"index-decrypted" and "decryption-failed". For example, consider a +message that includes multiple layers of encryption. It is +automatically tagged with "encrypted". If we decrypt the outer layer +("index-decrypted"), but fail on the inner layer +("decryption-failed"). +--- + lib/database.cc | 3 ++- + lib/index.cc | 64 ++++++++++++++++++++++++++++++++++++++++++++++++--- + lib/notmuch-private.h | 1 + + 3 files changed, 64 insertions(+), 4 deletions(-) + +diff --git a/lib/database.cc b/lib/database.cc +index 0d4dc9b..7d88f69 100644 +--- a/lib/database.cc ++++ b/lib/database.cc +@@ -2402,6 +2402,7 @@ notmuch_database_add_message (notmuch_database_t *notmuch, + notmuch_status_t ret = NOTMUCH_STATUS_SUCCESS, ret2; + notmuch_private_status_t private_status; + notmuch_bool_t is_ghost = false; ++ notmuch_indexopts_t *indexopts = NULL; + + const char *date, *header; + const char *from, *to, *subject; +@@ -2514,7 +2515,7 @@ notmuch_database_add_message (notmuch_database_t *notmuch, + date = _notmuch_message_file_get_header (message_file, "date"); + _notmuch_message_set_header_values (message, date, from, subject); + +- ret = _notmuch_message_index_file (message, message_file); ++ ret = _notmuch_message_index_file (message, indexopts, message_file); + if (ret) + goto DONE; + } else { +diff --git a/lib/index.cc b/lib/index.cc +index ab0fd78..eb406d2 100644 +--- a/lib/index.cc ++++ b/lib/index.cc +@@ -300,9 +300,14 @@ _index_address_list (notmuch_message_t *message, + } + } + ++static void ++_index_encrypted_mime_part (notmuch_message_t *message, notmuch_indexopts_t *indexopts, ++ GMimeContentType *content_type, GMimeMultipartEncrypted *part); ++ + /* Callback to generate terms for each mime part of a message. */ + static void + _index_mime_part (notmuch_message_t *message, ++ notmuch_indexopts_t *indexopts, + GMimeObject *part) + { + GMimeStream *stream, *filter; +@@ -340,17 +345,19 @@ _index_mime_part (notmuch_message_t *message, + /* FIXME: is it always just the first part that is signed in + all multipart/signed messages?*/ + _index_mime_part (message, ++ indexopts, + g_mime_multipart_get_part (multipart, 0)); + + if (g_mime_multipart_get_count (multipart) > 2) + _notmuch_database_log (_notmuch_message_database (message), + "Warning: Unexpected extra parts of multipart/signed. Indexing anyway.\n"); + } else if (GMIME_IS_MULTIPART_ENCRYPTED (multipart)) { +- /* Don't index encrypted parts */ + _notmuch_message_add_term (message, "tag", "encrypted"); ++ _index_encrypted_mime_part(message, indexopts, content_type, GMIME_MULTIPART_ENCRYPTED (part)); + } else { + for (i = 0; i < g_mime_multipart_get_count (multipart); i++) { + _index_mime_part (message, ++ indexopts, + g_mime_multipart_get_part (multipart, i)); + } + } +@@ -362,7 +369,7 @@ _index_mime_part (notmuch_message_t *message, + + mime_message = g_mime_message_part_get_message (GMIME_MESSAGE_PART (part)); + +- _index_mime_part (message, g_mime_message_get_mime_part (mime_message)); ++ _index_mime_part (message, indexopts, g_mime_message_get_mime_part (mime_message)); + + return; + } +@@ -432,8 +439,59 @@ _index_mime_part (notmuch_message_t *message, + } + } + ++/* descend (if desired) into the cleartext part of an encrypted MIME ++ * part while indexing. */ ++static void ++_index_encrypted_mime_part (notmuch_message_t *message, ++ notmuch_indexopts_t *indexopts, ++ GMimeContentType *content_type, ++ GMimeMultipartEncrypted *encrypted_data) ++{ ++ notmuch_status_t status; ++ GMimeCryptoContext* crypto_ctx = NULL; ++ const char *protocol = NULL; ++ GError *err = NULL; ++ notmuch_database_t * notmuch = NULL; ++ GMimeObject *clear = NULL; ++ ++ if (!indexopts || !notmuch_indexopts_get_try_decrypt (indexopts)) ++ return; ++ ++ protocol = g_mime_content_type_get_parameter (content_type, "protocol"); ++ notmuch = _notmuch_message_database (message); ++ ++ status = _notmuch_crypto_get_gmime_ctx_for_protocol (&(indexopts->crypto), ++ protocol, &crypto_ctx); ++ if (status) { ++ _notmuch_database_log (notmuch, "Warning: setup failed for decrypting " ++ "during indexing. (%d)\n", status); ++ _notmuch_message_add_term (message, "tag", "index-decryption-failed"); ++ return; ++ } ++ ++ /* we don't need the GMimeDecryptResult, because we're not looking ++ * at validating signatures, and we don't care about indexing who ++ * the message was ostensibly encrypted to. ++ */ ++ clear = g_mime_multipart_encrypted_decrypt(encrypted_data, crypto_ctx, ++ NULL, &err); ++ if (err) { ++ _notmuch_database_log (notmuch, "Failed to decrypt during indexing. (%d:%d) [%s]\n", ++ err->domain, err->code, err->message); ++ g_error_free(err); ++ /* Indicate that we failed to decrypt during indexing */ ++ _notmuch_message_add_term (message, "tag", "index-decryption-failed"); ++ return; ++ } ++ _index_mime_part (message, indexopts, clear); ++ g_object_unref (clear); ++ ++ _notmuch_message_add_term (message, "tag", "index-decrypted"); ++} ++ + notmuch_status_t + _notmuch_message_index_file (notmuch_message_t *message, ++ notmuch_indexopts_t *indexopts, + notmuch_message_file_t *message_file) + { + GMimeMessage *mime_message; +@@ -463,7 +521,7 @@ _notmuch_message_index_file (notmuch_message_t *message, + subject = g_mime_message_get_subject (mime_message); + _notmuch_message_gen_terms (message, "subject", subject); + +- _index_mime_part (message, g_mime_message_get_mime_part (mime_message)); ++ _index_mime_part (message, indexopts, g_mime_message_get_mime_part (mime_message)); + + return NOTMUCH_STATUS_SUCCESS; + } +diff --git a/lib/notmuch-private.h b/lib/notmuch-private.h +index e9c1e8a..9bd4f33 100644 +--- a/lib/notmuch-private.h ++++ b/lib/notmuch-private.h +@@ -425,6 +425,7 @@ _notmuch_message_file_get_header (notmuch_message_file_t *message, + + notmuch_status_t + _notmuch_message_index_file (notmuch_message_t *message, ++ notmuch_indexopts_t *indexopts, + notmuch_message_file_t *message_file); + + /* messages.c */ +-- +2.7.0.rc3 + -- 2.26.2