1 Return-Path: <dkg@fifthhorseman.net>
\r
2 X-Original-To: notmuch@notmuchmail.org
\r
3 Delivered-To: notmuch@notmuchmail.org
\r
4 Received: from localhost (localhost [127.0.0.1])
\r
5 by arlo.cworth.org (Postfix) with ESMTP id 8568A6DE1B68
\r
6 for <notmuch@notmuchmail.org>; Tue, 19 Jan 2016 18:53:25 -0800 (PST)
\r
7 X-Virus-Scanned: Debian amavisd-new at cworth.org
\r
11 X-Spam-Status: No, score=-0.023 tagged_above=-999 required=5
\r
12 tests=[AWL=-0.023] autolearn=disabled
\r
13 Received: from arlo.cworth.org ([127.0.0.1])
\r
14 by localhost (arlo.cworth.org [127.0.0.1]) (amavisd-new, port 10024)
\r
15 with ESMTP id 4Gijh78zCvgB for <notmuch@notmuchmail.org>;
\r
16 Tue, 19 Jan 2016 18:53:22 -0800 (PST)
\r
17 Received: from che.mayfirst.org (che.mayfirst.org [209.234.253.108])
\r
18 by arlo.cworth.org (Postfix) with ESMTP id 412D66DE158D
\r
19 for <notmuch@notmuchmail.org>; Tue, 19 Jan 2016 18:53:16 -0800 (PST)
\r
20 Received: from fifthhorseman.net (unknown [38.109.115.130])
\r
21 by che.mayfirst.org (Postfix) with ESMTPSA id CF3E1F997
\r
22 for <notmuch@notmuchmail.org>; Tue, 19 Jan 2016 21:53:13 -0500 (EST)
\r
23 Received: by fifthhorseman.net (Postfix, from userid 1000)
\r
24 id ED375206C1; Tue, 19 Jan 2016 18:53:10 -0800 (PST)
\r
25 From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
\r
26 To: Notmuch Mail <notmuch@notmuchmail.org>
\r
27 Subject: [PATCH v2 09/16] index encrypted parts when asked.
\r
28 Date: Tue, 19 Jan 2016 21:52:42 -0500
\r
29 Message-Id: <1453258369-7366-10-git-send-email-dkg@fifthhorseman.net>
\r
30 X-Mailer: git-send-email 2.7.0.rc3
\r
31 In-Reply-To: <1453258369-7366-1-git-send-email-dkg@fifthhorseman.net>
\r
32 References: <1453258369-7366-1-git-send-email-dkg@fifthhorseman.net>
\r
33 X-BeenThere: notmuch@notmuchmail.org
\r
34 X-Mailman-Version: 2.1.20
\r
36 List-Id: "Use and development of the notmuch mail system."
\r
37 <notmuch.notmuchmail.org>
\r
38 List-Unsubscribe: <https://notmuchmail.org/mailman/options/notmuch>,
\r
39 <mailto:notmuch-request@notmuchmail.org?subject=unsubscribe>
\r
40 List-Archive: <http://notmuchmail.org/pipermail/notmuch/>
\r
41 List-Post: <mailto:notmuch@notmuchmail.org>
\r
42 List-Help: <mailto:notmuch-request@notmuchmail.org?subject=help>
\r
43 List-Subscribe: <https://notmuchmail.org/mailman/listinfo/notmuch>,
\r
44 <mailto:notmuch-request@notmuchmail.org?subject=subscribe>
\r
45 X-List-Received-Date: Wed, 20 Jan 2016 02:53:25 -0000
\r
47 If we see index options that ask us to decrypt when indexing a
\r
48 message, and we encounter an encrypted part, we'll try to descend into
\r
51 If we can decrypt, we tag the message with index-decrypted.
\r
53 If we can't decrypt (or recognize the encrypted type of mail), we tag
\r
54 with decryption-failed.
\r
56 Note that a single message may be tagged with "encrypted" and
\r
57 "index-decrypted" and "decryption-failed". For example, consider a
\r
58 message that includes multiple layers of encryption. It is
\r
59 automatically tagged with "encrypted". If we decrypt the outer layer
\r
60 ("index-decrypted"), but fail on the inner layer
\r
61 ("decryption-failed").
\r
63 lib/database.cc | 3 ++-
\r
64 lib/index.cc | 64 ++++++++++++++++++++++++++++++++++++++++++++++++---
\r
65 lib/notmuch-private.h | 1 +
\r
66 3 files changed, 64 insertions(+), 4 deletions(-)
\r
68 diff --git a/lib/database.cc b/lib/database.cc
\r
69 index 0d4dc9b..7d88f69 100644
\r
70 --- a/lib/database.cc
\r
71 +++ b/lib/database.cc
\r
72 @@ -2402,6 +2402,7 @@ notmuch_database_add_message (notmuch_database_t *notmuch,
\r
73 notmuch_status_t ret = NOTMUCH_STATUS_SUCCESS, ret2;
\r
74 notmuch_private_status_t private_status;
\r
75 notmuch_bool_t is_ghost = false;
\r
76 + notmuch_indexopts_t *indexopts = NULL;
\r
78 const char *date, *header;
\r
79 const char *from, *to, *subject;
\r
80 @@ -2514,7 +2515,7 @@ notmuch_database_add_message (notmuch_database_t *notmuch,
\r
81 date = _notmuch_message_file_get_header (message_file, "date");
\r
82 _notmuch_message_set_header_values (message, date, from, subject);
\r
84 - ret = _notmuch_message_index_file (message, message_file);
\r
85 + ret = _notmuch_message_index_file (message, indexopts, message_file);
\r
89 diff --git a/lib/index.cc b/lib/index.cc
\r
90 index ab0fd78..eb406d2 100644
\r
93 @@ -300,9 +300,14 @@ _index_address_list (notmuch_message_t *message,
\r
98 +_index_encrypted_mime_part (notmuch_message_t *message, notmuch_indexopts_t *indexopts,
\r
99 + GMimeContentType *content_type, GMimeMultipartEncrypted *part);
\r
101 /* Callback to generate terms for each mime part of a message. */
\r
103 _index_mime_part (notmuch_message_t *message,
\r
104 + notmuch_indexopts_t *indexopts,
\r
107 GMimeStream *stream, *filter;
\r
108 @@ -340,17 +345,19 @@ _index_mime_part (notmuch_message_t *message,
\r
109 /* FIXME: is it always just the first part that is signed in
\r
110 all multipart/signed messages?*/
\r
111 _index_mime_part (message,
\r
113 g_mime_multipart_get_part (multipart, 0));
\r
115 if (g_mime_multipart_get_count (multipart) > 2)
\r
116 _notmuch_database_log (_notmuch_message_database (message),
\r
117 "Warning: Unexpected extra parts of multipart/signed. Indexing anyway.\n");
\r
118 } else if (GMIME_IS_MULTIPART_ENCRYPTED (multipart)) {
\r
119 - /* Don't index encrypted parts */
\r
120 _notmuch_message_add_term (message, "tag", "encrypted");
\r
121 + _index_encrypted_mime_part(message, indexopts, content_type, GMIME_MULTIPART_ENCRYPTED (part));
\r
123 for (i = 0; i < g_mime_multipart_get_count (multipart); i++) {
\r
124 _index_mime_part (message,
\r
126 g_mime_multipart_get_part (multipart, i));
\r
129 @@ -362,7 +369,7 @@ _index_mime_part (notmuch_message_t *message,
\r
131 mime_message = g_mime_message_part_get_message (GMIME_MESSAGE_PART (part));
\r
133 - _index_mime_part (message, g_mime_message_get_mime_part (mime_message));
\r
134 + _index_mime_part (message, indexopts, g_mime_message_get_mime_part (mime_message));
\r
138 @@ -432,8 +439,59 @@ _index_mime_part (notmuch_message_t *message,
\r
142 +/* descend (if desired) into the cleartext part of an encrypted MIME
\r
143 + * part while indexing. */
\r
145 +_index_encrypted_mime_part (notmuch_message_t *message,
\r
146 + notmuch_indexopts_t *indexopts,
\r
147 + GMimeContentType *content_type,
\r
148 + GMimeMultipartEncrypted *encrypted_data)
\r
150 + notmuch_status_t status;
\r
151 + GMimeCryptoContext* crypto_ctx = NULL;
\r
152 + const char *protocol = NULL;
\r
153 + GError *err = NULL;
\r
154 + notmuch_database_t * notmuch = NULL;
\r
155 + GMimeObject *clear = NULL;
\r
157 + if (!indexopts || !notmuch_indexopts_get_try_decrypt (indexopts))
\r
160 + protocol = g_mime_content_type_get_parameter (content_type, "protocol");
\r
161 + notmuch = _notmuch_message_database (message);
\r
163 + status = _notmuch_crypto_get_gmime_ctx_for_protocol (&(indexopts->crypto),
\r
164 + protocol, &crypto_ctx);
\r
166 + _notmuch_database_log (notmuch, "Warning: setup failed for decrypting "
\r
167 + "during indexing. (%d)\n", status);
\r
168 + _notmuch_message_add_term (message, "tag", "index-decryption-failed");
\r
172 + /* we don't need the GMimeDecryptResult, because we're not looking
\r
173 + * at validating signatures, and we don't care about indexing who
\r
174 + * the message was ostensibly encrypted to.
\r
176 + clear = g_mime_multipart_encrypted_decrypt(encrypted_data, crypto_ctx,
\r
179 + _notmuch_database_log (notmuch, "Failed to decrypt during indexing. (%d:%d) [%s]\n",
\r
180 + err->domain, err->code, err->message);
\r
181 + g_error_free(err);
\r
182 + /* Indicate that we failed to decrypt during indexing */
\r
183 + _notmuch_message_add_term (message, "tag", "index-decryption-failed");
\r
186 + _index_mime_part (message, indexopts, clear);
\r
187 + g_object_unref (clear);
\r
189 + _notmuch_message_add_term (message, "tag", "index-decrypted");
\r
193 _notmuch_message_index_file (notmuch_message_t *message,
\r
194 + notmuch_indexopts_t *indexopts,
\r
195 notmuch_message_file_t *message_file)
\r
197 GMimeMessage *mime_message;
\r
198 @@ -463,7 +521,7 @@ _notmuch_message_index_file (notmuch_message_t *message,
\r
199 subject = g_mime_message_get_subject (mime_message);
\r
200 _notmuch_message_gen_terms (message, "subject", subject);
\r
202 - _index_mime_part (message, g_mime_message_get_mime_part (mime_message));
\r
203 + _index_mime_part (message, indexopts, g_mime_message_get_mime_part (mime_message));
\r
205 return NOTMUCH_STATUS_SUCCESS;
\r
207 diff --git a/lib/notmuch-private.h b/lib/notmuch-private.h
\r
208 index e9c1e8a..9bd4f33 100644
\r
209 --- a/lib/notmuch-private.h
\r
210 +++ b/lib/notmuch-private.h
\r
211 @@ -425,6 +425,7 @@ _notmuch_message_file_get_header (notmuch_message_file_t *message,
\r
214 _notmuch_message_index_file (notmuch_message_t *message,
\r
215 + notmuch_indexopts_t *indexopts,
\r
216 notmuch_message_file_t *message_file);
\r