Re: Applying patches directly from emails?

[notmuch-archives.git] / 4f / bdd49504d263900e28ab4ad125576b14db6f79

Return-Path: <dkg@fifthhorseman.net>\r
X-Original-To: notmuch@notmuchmail.org\r
Delivered-To: notmuch@notmuchmail.org\r
Received: from localhost (localhost [127.0.0.1])\r
 by arlo.cworth.org (Postfix) with ESMTP id 8568A6DE1B68\r
 for <notmuch@notmuchmail.org>; Tue, 19 Jan 2016 18:53:25 -0800 (PST)\r
X-Virus-Scanned: Debian amavisd-new at cworth.org\r
X-Spam-Flag: NO\r
X-Spam-Score: -0.023\r
X-Spam-Level: \r
X-Spam-Status: No, score=-0.023 tagged_above=-999 required=5\r
 tests=[AWL=-0.023] autolearn=disabled\r
Received: from arlo.cworth.org ([127.0.0.1])\r
 by localhost (arlo.cworth.org [127.0.0.1]) (amavisd-new, port 10024)\r
 with ESMTP id 4Gijh78zCvgB for <notmuch@notmuchmail.org>;\r
 Tue, 19 Jan 2016 18:53:22 -0800 (PST)\r
Received: from che.mayfirst.org (che.mayfirst.org [209.234.253.108])\r
 by arlo.cworth.org (Postfix) with ESMTP id 412D66DE158D\r
 for <notmuch@notmuchmail.org>; Tue, 19 Jan 2016 18:53:16 -0800 (PST)\r
Received: from fifthhorseman.net (unknown [38.109.115.130])\r
 by che.mayfirst.org (Postfix) with ESMTPSA id CF3E1F997\r
 for <notmuch@notmuchmail.org>; Tue, 19 Jan 2016 21:53:13 -0500 (EST)\r
Received: by fifthhorseman.net (Postfix, from userid 1000)\r
 id ED375206C1; Tue, 19 Jan 2016 18:53:10 -0800 (PST)\r
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>\r
To: Notmuch Mail <notmuch@notmuchmail.org>\r
Subject: [PATCH v2 09/16] index encrypted parts when asked.\r
Date: Tue, 19 Jan 2016 21:52:42 -0500\r
Message-Id: <1453258369-7366-10-git-send-email-dkg@fifthhorseman.net>\r
X-Mailer: git-send-email 2.7.0.rc3\r
In-Reply-To: <1453258369-7366-1-git-send-email-dkg@fifthhorseman.net>\r
References: <1453258369-7366-1-git-send-email-dkg@fifthhorseman.net>\r
X-BeenThere: notmuch@notmuchmail.org\r
X-Mailman-Version: 2.1.20\r
Precedence: list\r
List-Id: "Use and development of the notmuch mail system."\r
 <notmuch.notmuchmail.org>\r
List-Unsubscribe: <https://notmuchmail.org/mailman/options/notmuch>,\r
 <mailto:notmuch-request@notmuchmail.org?subject=unsubscribe>\r
List-Archive: <http://notmuchmail.org/pipermail/notmuch/>\r
List-Post: <mailto:notmuch@notmuchmail.org>\r
List-Help: <mailto:notmuch-request@notmuchmail.org?subject=help>\r
List-Subscribe: <https://notmuchmail.org/mailman/listinfo/notmuch>,\r
 <mailto:notmuch-request@notmuchmail.org?subject=subscribe>\r
X-List-Received-Date: Wed, 20 Jan 2016 02:53:25 -0000\r
\r
If we see index options that ask us to decrypt when indexing a\r
message, and we encounter an encrypted part, we'll try to descend into\r
it.\r
\r
If we can decrypt, we tag the message with index-decrypted.\r
\r
If we can't decrypt (or recognize the encrypted type of mail), we tag\r
with decryption-failed.\r
\r
Note that a single message may be tagged with "encrypted" and\r
"index-decrypted" and "decryption-failed".  For example, consider a\r
message that includes multiple layers of encryption.  It is\r
automatically tagged with "encrypted".  If we decrypt the outer layer\r
("index-decrypted"), but fail on the inner layer\r
("decryption-failed").\r
---\r
 lib/database.cc       |  3 ++-\r
 lib/index.cc          | 64 ++++++++++++++++++++++++++++++++++++++++++++++++---\r
 lib/notmuch-private.h |  1 +\r
 3 files changed, 64 insertions(+), 4 deletions(-)\r
\r
diff --git a/lib/database.cc b/lib/database.cc\r
index 0d4dc9b..7d88f69 100644\r
--- a/lib/database.cc\r
+++ b/lib/database.cc\r
@@ -2402,6 +2402,7 @@ notmuch_database_add_message (notmuch_database_t *notmuch,\r
     notmuch_status_t ret = NOTMUCH_STATUS_SUCCESS, ret2;\r
     notmuch_private_status_t private_status;\r
     notmuch_bool_t is_ghost = false;\r
+    notmuch_indexopts_t *indexopts = NULL;\r
 \r
     const char *date, *header;\r
     const char *from, *to, *subject;\r
@@ -2514,7 +2515,7 @@ notmuch_database_add_message (notmuch_database_t *notmuch,\r
            date = _notmuch_message_file_get_header (message_file, "date");\r
            _notmuch_message_set_header_values (message, date, from, subject);\r
 \r
-           ret = _notmuch_message_index_file (message, message_file);\r
+           ret = _notmuch_message_index_file (message, indexopts, message_file);\r
            if (ret)\r
                goto DONE;\r
        } else {\r
diff --git a/lib/index.cc b/lib/index.cc\r
index ab0fd78..eb406d2 100644\r
--- a/lib/index.cc\r
+++ b/lib/index.cc\r
@@ -300,9 +300,14 @@ _index_address_list (notmuch_message_t *message,\r
     }\r
 }\r
 \r
+static void\r
+_index_encrypted_mime_part (notmuch_message_t *message, notmuch_indexopts_t *indexopts,\r
+                           GMimeContentType *content_type, GMimeMultipartEncrypted *part);\r
+\r
 /* Callback to generate terms for each mime part of a message. */\r
 static void\r
 _index_mime_part (notmuch_message_t *message,\r
+                 notmuch_indexopts_t *indexopts,\r
                  GMimeObject *part)\r
 {\r
     GMimeStream *stream, *filter;\r
@@ -340,17 +345,19 @@ _index_mime_part (notmuch_message_t *message,\r
            /* FIXME: is it always just the first part that is signed in\r
             all multipart/signed messages?*/\r
            _index_mime_part (message,\r
+                             indexopts,\r
                              g_mime_multipart_get_part (multipart, 0));\r
            \r
            if (g_mime_multipart_get_count (multipart) > 2)\r
                _notmuch_database_log (_notmuch_message_database (message),\r
                                       "Warning: Unexpected extra parts of multipart/signed. Indexing anyway.\n");\r
        } else if (GMIME_IS_MULTIPART_ENCRYPTED (multipart)) {\r
-           /* Don't index encrypted parts */\r
            _notmuch_message_add_term (message, "tag", "encrypted");\r
+           _index_encrypted_mime_part(message, indexopts, content_type, GMIME_MULTIPART_ENCRYPTED (part));\r
        } else {\r
            for (i = 0; i < g_mime_multipart_get_count (multipart); i++) {\r
                _index_mime_part (message,\r
+                                 indexopts,\r
                                  g_mime_multipart_get_part (multipart, i));\r
            }\r
        }\r
@@ -362,7 +369,7 @@ _index_mime_part (notmuch_message_t *message,\r
 \r
        mime_message = g_mime_message_part_get_message (GMIME_MESSAGE_PART (part));\r
 \r
-       _index_mime_part (message, g_mime_message_get_mime_part (mime_message));\r
+       _index_mime_part (message, indexopts, g_mime_message_get_mime_part (mime_message));\r
 \r
        return;\r
     }\r
@@ -432,8 +439,59 @@ _index_mime_part (notmuch_message_t *message,\r
     }\r
 }\r
 \r
+/* descend (if desired) into the cleartext part of an encrypted MIME\r
+ * part while indexing. */\r
+static void\r
+_index_encrypted_mime_part (notmuch_message_t *message,\r
+                           notmuch_indexopts_t *indexopts,\r
+                           GMimeContentType *content_type,\r
+                           GMimeMultipartEncrypted *encrypted_data)\r
+{\r
+    notmuch_status_t status;\r
+    GMimeCryptoContext* crypto_ctx = NULL;\r
+    const char *protocol = NULL;\r
+    GError *err = NULL;\r
+    notmuch_database_t * notmuch = NULL;\r
+    GMimeObject *clear = NULL;\r
+\r
+    if (!indexopts || !notmuch_indexopts_get_try_decrypt (indexopts))\r
+       return;\r
+\r
+    protocol = g_mime_content_type_get_parameter (content_type, "protocol");\r
+    notmuch = _notmuch_message_database (message);\r
+    \r
+    status = _notmuch_crypto_get_gmime_ctx_for_protocol (&(indexopts->crypto),\r
+                                                        protocol, &crypto_ctx);\r
+    if (status) {\r
+       _notmuch_database_log (notmuch, "Warning: setup failed for decrypting "\r
+                              "during indexing. (%d)\n", status);\r
+       _notmuch_message_add_term (message, "tag", "index-decryption-failed");\r
+       return;\r
+    }\r
+\r
+    /* we don't need the GMimeDecryptResult, because we're not looking\r
+     * at validating signatures, and we don't care about indexing who\r
+     * the message was ostensibly encrypted to.\r
+     */\r
+    clear = g_mime_multipart_encrypted_decrypt(encrypted_data, crypto_ctx,\r
+                                              NULL, &err);\r
+    if (err) {\r
+       _notmuch_database_log (notmuch, "Failed to decrypt during indexing. (%d:%d) [%s]\n",\r
+                              err->domain, err->code, err->message);\r
+       g_error_free(err);\r
+       /* Indicate that we failed to decrypt during indexing */\r
+       _notmuch_message_add_term (message, "tag", "index-decryption-failed");\r
+       return;\r
+    }\r
+    _index_mime_part (message, indexopts, clear);\r
+    g_object_unref (clear);\r
+    \r
+    _notmuch_message_add_term (message, "tag", "index-decrypted");\r
+}\r
+\r
 notmuch_status_t\r
 _notmuch_message_index_file (notmuch_message_t *message,\r
+                            notmuch_indexopts_t *indexopts,\r
                             notmuch_message_file_t *message_file)\r
 {\r
     GMimeMessage *mime_message;\r
@@ -463,7 +521,7 @@ _notmuch_message_index_file (notmuch_message_t *message,\r
     subject = g_mime_message_get_subject (mime_message);\r
     _notmuch_message_gen_terms (message, "subject", subject);\r
 \r
-    _index_mime_part (message, g_mime_message_get_mime_part (mime_message));\r
+    _index_mime_part (message, indexopts, g_mime_message_get_mime_part (mime_message));\r
 \r
     return NOTMUCH_STATUS_SUCCESS;\r
 }\r
diff --git a/lib/notmuch-private.h b/lib/notmuch-private.h\r
index e9c1e8a..9bd4f33 100644\r
--- a/lib/notmuch-private.h\r
+++ b/lib/notmuch-private.h\r
@@ -425,6 +425,7 @@ _notmuch_message_file_get_header (notmuch_message_file_t *message,\r
 \r
 notmuch_status_t\r
 _notmuch_message_index_file (notmuch_message_t *message,\r
+                            notmuch_indexopts_t *indexopts,\r
                             notmuch_message_file_t *message_file);\r
 \r
 /* messages.c */\r
-- \r
2.7.0.rc3\r
\r