1 Return-Path: <jrollins@finestructure.net>
\r
2 X-Original-To: notmuch@notmuchmail.org
\r
3 Delivered-To: notmuch@notmuchmail.org
\r
4 Received: from localhost (localhost [127.0.0.1])
\r
5 by olra.theworths.org (Postfix) with ESMTP id 1E6AC431FBD
\r
6 for <notmuch@notmuchmail.org>; Wed, 23 May 2012 15:40:53 -0700 (PDT)
\r
7 X-Virus-Scanned: Debian amavisd-new at olra.theworths.org
\r
11 X-Spam-Status: No, score=-2.3 tagged_above=-999 required=5
\r
12 tests=[RCVD_IN_DNSWL_MED=-2.3] autolearn=disabled
\r
13 Received: from olra.theworths.org ([127.0.0.1])
\r
14 by localhost (olra.theworths.org [127.0.0.1]) (amavisd-new, port 10024)
\r
15 with ESMTP id zw3PNcdHnrkB for <notmuch@notmuchmail.org>;
\r
16 Wed, 23 May 2012 15:40:50 -0700 (PDT)
\r
17 Received: from outgoing-mail.its.caltech.edu (outgoing-mail.its.caltech.edu
\r
19 by olra.theworths.org (Postfix) with ESMTP id DEFAE431FB6
\r
20 for <notmuch@notmuchmail.org>; Wed, 23 May 2012 15:40:49 -0700 (PDT)
\r
21 Received: from earth-doxen.imss.caltech.edu (localhost [127.0.0.1])
\r
22 by earth-doxen-postvirus (Postfix) with ESMTP id 9D55066E0171
\r
23 for <notmuch@notmuchmail.org>; Wed, 23 May 2012 15:40:49 -0700 (PDT)
\r
24 X-Spam-Scanned: at Caltech-IMSS on earth-doxen by amavisd-new
\r
25 Received: from finestructure.net (unknown [137.151.175.56])
\r
26 (Authenticated sender: jrollins)
\r
27 by earth-doxen-submit (Postfix) with ESMTP id 86BB566E0196
\r
28 for <notmuch@notmuchmail.org>; Wed, 23 May 2012 15:40:47 -0700 (PDT)
\r
29 Received: by finestructure.net (Postfix, from userid 1000)
\r
30 id 0A1F81F3; Wed, 23 May 2012 15:40:46 -0700 (PDT)
\r
31 From: Jameson Graef Rollins <jrollins@finestructure.net>
\r
32 To: Notmuch Mail <notmuch@notmuchmail.org>
\r
33 Subject: [PATCH v4 6/7] cli: new crypto verify flag to handle verification
\r
34 Date: Wed, 23 May 2012 15:40:42 -0700
\r
35 Message-Id: <1337812843-14986-7-git-send-email-jrollins@finestructure.net>
\r
36 X-Mailer: git-send-email 1.7.10
\r
37 In-Reply-To: <1337812843-14986-6-git-send-email-jrollins@finestructure.net>
\r
38 References: <1337812843-14986-1-git-send-email-jrollins@finestructure.net>
\r
39 <1337812843-14986-2-git-send-email-jrollins@finestructure.net>
\r
40 <1337812843-14986-3-git-send-email-jrollins@finestructure.net>
\r
41 <1337812843-14986-4-git-send-email-jrollins@finestructure.net>
\r
42 <1337812843-14986-5-git-send-email-jrollins@finestructure.net>
\r
43 <1337812843-14986-6-git-send-email-jrollins@finestructure.net>
\r
44 X-BeenThere: notmuch@notmuchmail.org
\r
45 X-Mailman-Version: 2.1.13
\r
47 List-Id: "Use and development of the notmuch mail system."
\r
48 <notmuch.notmuchmail.org>
\r
49 List-Unsubscribe: <http://notmuchmail.org/mailman/options/notmuch>,
\r
50 <mailto:notmuch-request@notmuchmail.org?subject=unsubscribe>
\r
51 List-Archive: <http://notmuchmail.org/pipermail/notmuch>
\r
52 List-Post: <mailto:notmuch@notmuchmail.org>
\r
53 List-Help: <mailto:notmuch-request@notmuchmail.org?subject=help>
\r
54 List-Subscribe: <http://notmuchmail.org/mailman/listinfo/notmuch>,
\r
55 <mailto:notmuch-request@notmuchmail.org?subject=subscribe>
\r
56 X-List-Received-Date: Wed, 23 May 2012 22:40:53 -0000
\r
58 Use this flag rather than depend on the existence of an initialized
\r
59 gpgctx, to determine whether we should verify a multipart/signed. We
\r
60 will be moving to create the ctx lazily, so we don't want to depend on
\r
61 it being previously initialized if it's not needed.
\r
63 mime-node.c | 5 ++---
\r
64 notmuch-client.h | 8 ++++----
\r
65 notmuch-reply.c | 1 +
\r
66 notmuch-show.c | 14 +++++++++++---
\r
67 4 files changed, 18 insertions(+), 10 deletions(-)
\r
69 diff --git a/mime-node.c b/mime-node.c
\r
70 index a838224..73e28c5 100644
\r
73 @@ -183,8 +183,7 @@ _mime_node_create (mime_node_t *parent, GMimeObject *part)
\r
76 /* Handle PGP/MIME parts */
\r
77 - if (GMIME_IS_MULTIPART_ENCRYPTED (part)
\r
78 - && node->ctx->crypto->gpgctx && node->ctx->crypto->decrypt) {
\r
79 + if (GMIME_IS_MULTIPART_ENCRYPTED (part) && node->ctx->crypto->decrypt) {
\r
80 if (node->nchildren != 2) {
\r
81 /* this violates RFC 3156 section 4, so we won't bother with it. */
\r
82 fprintf (stderr, "Error: %d part(s) for a multipart/encrypted "
\r
83 @@ -218,7 +217,7 @@ _mime_node_create (mime_node_t *parent, GMimeObject *part)
\r
84 (err ? err->message : "no error explanation given"));
\r
87 - } else if (GMIME_IS_MULTIPART_SIGNED (part) && node->ctx->crypto->gpgctx) {
\r
88 + } else if (GMIME_IS_MULTIPART_SIGNED (part) && node->ctx->crypto->verify) {
\r
89 if (node->nchildren != 2) {
\r
90 /* this violates RFC 3156 section 5, so we won't bother with it. */
\r
91 fprintf (stderr, "Error: %d part(s) for a multipart/signed message "
\r
92 diff --git a/notmuch-client.h b/notmuch-client.h
\r
93 index 8d92d41..c501186 100644
\r
94 --- a/notmuch-client.h
\r
95 +++ b/notmuch-client.h
\r
96 @@ -78,6 +78,7 @@ typedef struct notmuch_show_format {
\r
98 typedef struct notmuch_crypto {
\r
99 GMimeCryptoContext* gpgctx;
\r
100 + notmuch_bool_t verify;
\r
101 notmuch_bool_t decrypt;
\r
102 } notmuch_crypto_t;
\r
104 @@ -349,10 +350,9 @@ struct mime_node {
\r
107 /* Construct a new MIME node pointing to the root message part of
\r
108 - * message. If crypto->gpgctx is non-NULL, it will be used to verify
\r
109 - * signatures on any child parts. If crypto->decrypt is true, then
\r
110 - * crypto.gpgctx will additionally be used to decrypt any encrypted
\r
112 + * message. If crypto->verify is true, signed child parts will be
\r
113 + * verified. If crypto->decrypt is true, encrypted child parts will be
\r
118 diff --git a/notmuch-reply.c b/notmuch-reply.c
\r
119 index 148152c..e4f293f 100644
\r
120 --- a/notmuch-reply.c
\r
121 +++ b/notmuch-reply.c
\r
122 @@ -676,6 +676,7 @@ notmuch_reply_command (void *ctx, int argc, char *argv[])
\r
123 notmuch_show_params_t params = {
\r
130 diff --git a/notmuch-show.c b/notmuch-show.c
\r
131 index fb5e9b6..3c06792 100644
\r
132 --- a/notmuch-show.c
\r
133 +++ b/notmuch-show.c
\r
134 @@ -987,11 +987,11 @@ notmuch_show_command (void *ctx, unused (int argc), unused (char *argv[]))
\r
136 .omit_excluded = TRUE,
\r
142 int format_sel = NOTMUCH_FORMAT_NOT_SPECIFIED;
\r
143 - notmuch_bool_t verify = FALSE;
\r
144 int exclude = EXCLUDE_TRUE;
\r
146 notmuch_opt_desc_t options[] = {
\r
147 @@ -1008,7 +1008,7 @@ notmuch_show_command (void *ctx, unused (int argc), unused (char *argv[]))
\r
148 { NOTMUCH_OPT_INT, ¶ms.part, "part", 'p', 0 },
\r
149 { NOTMUCH_OPT_BOOLEAN, ¶ms.entire_thread, "entire-thread", 't', 0 },
\r
150 { NOTMUCH_OPT_BOOLEAN, ¶ms.crypto.decrypt, "decrypt", 'd', 0 },
\r
151 - { NOTMUCH_OPT_BOOLEAN, &verify, "verify", 'v', 0 },
\r
152 + { NOTMUCH_OPT_BOOLEAN, ¶ms.crypto.verify, "verify", 'v', 0 },
\r
156 @@ -1018,6 +1018,10 @@ notmuch_show_command (void *ctx, unused (int argc), unused (char *argv[]))
\r
160 + /* decryption implies verification */
\r
161 + if (params.crypto.decrypt)
\r
162 + params.crypto.verify = TRUE;
\r
164 if (format_sel == NOTMUCH_FORMAT_NOT_SPECIFIED) {
\r
165 /* if part was requested and format was not specified, use format=raw */
\r
166 if (params.part >= 0)
\r
167 @@ -1052,7 +1056,7 @@ notmuch_show_command (void *ctx, unused (int argc), unused (char *argv[]))
\r
171 - if (params.crypto.decrypt || verify) {
\r
172 + if (params.crypto.decrypt || params.crypto.verify) {
\r
173 #ifdef GMIME_ATLEAST_26
\r
174 /* TODO: GMimePasswordRequestFunc */
\r
175 params.crypto.gpgctx = g_mime_gpg_context_new (NULL, "gpg");
\r
176 @@ -1063,6 +1067,10 @@ notmuch_show_command (void *ctx, unused (int argc), unused (char *argv[]))
\r
177 if (params.crypto.gpgctx) {
\r
178 g_mime_gpg_context_set_always_trust ((GMimeGpgContext*) params.crypto.gpgctx, FALSE);
\r
180 + /* If we fail to create the gpgctx set the verify and
\r
181 + * decrypt flags to FALSE so we don't try to do any
\r
182 + * further verification or decryption */
\r
183 + params.crypto.verify = FALSE;
\r
184 params.crypto.decrypt = FALSE;
\r
185 fprintf (stderr, "Failed to construct gpg context.\n");
\r