1 Return-Path: <dkg@fifthhorseman.net>
\r
2 X-Original-To: notmuch@notmuchmail.org
\r
3 Delivered-To: notmuch@notmuchmail.org
\r
4 Received: from localhost (localhost [127.0.0.1])
\r
5 by arlo.cworth.org (Postfix) with ESMTP id EB9006DE13FB
\r
6 for <notmuch@notmuchmail.org>; Tue, 19 Jan 2016 18:53:18 -0800 (PST)
\r
7 X-Virus-Scanned: Debian amavisd-new at cworth.org
\r
11 X-Spam-Status: No, score=-0.023 tagged_above=-999 required=5
\r
12 tests=[AWL=-0.023] autolearn=disabled
\r
13 Received: from arlo.cworth.org ([127.0.0.1])
\r
14 by localhost (arlo.cworth.org [127.0.0.1]) (amavisd-new, port 10024)
\r
15 with ESMTP id ipU96bG_aBQ0 for <notmuch@notmuchmail.org>;
\r
16 Tue, 19 Jan 2016 18:53:15 -0800 (PST)
\r
17 Received: from che.mayfirst.org (che.mayfirst.org [209.234.253.108])
\r
18 by arlo.cworth.org (Postfix) with ESMTP id 5C4F36DE1403
\r
19 for <notmuch@notmuchmail.org>; Tue, 19 Jan 2016 18:53:15 -0800 (PST)
\r
20 Received: from fifthhorseman.net (unknown [38.109.115.130])
\r
21 by che.mayfirst.org (Postfix) with ESMTPSA id 617FDF986
\r
22 for <notmuch@notmuchmail.org>; Tue, 19 Jan 2016 21:53:10 -0500 (EST)
\r
23 Received: by fifthhorseman.net (Postfix, from userid 1000)
\r
24 id D174520229; Tue, 19 Jan 2016 18:53:10 -0800 (PST)
\r
25 From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
\r
26 To: Notmuch Mail <notmuch@notmuchmail.org>
\r
27 Subject: [PATCH v2 03/16] make shared crypto code behave library-like
\r
28 Date: Tue, 19 Jan 2016 21:52:36 -0500
\r
29 Message-Id: <1453258369-7366-4-git-send-email-dkg@fifthhorseman.net>
\r
30 X-Mailer: git-send-email 2.7.0.rc3
\r
31 In-Reply-To: <1453258369-7366-1-git-send-email-dkg@fifthhorseman.net>
\r
32 References: <1453258369-7366-1-git-send-email-dkg@fifthhorseman.net>
\r
33 X-BeenThere: notmuch@notmuchmail.org
\r
34 X-Mailman-Version: 2.1.20
\r
36 List-Id: "Use and development of the notmuch mail system."
\r
37 <notmuch.notmuchmail.org>
\r
38 List-Unsubscribe: <https://notmuchmail.org/mailman/options/notmuch>,
\r
39 <mailto:notmuch-request@notmuchmail.org?subject=unsubscribe>
\r
40 List-Archive: <http://notmuchmail.org/pipermail/notmuch/>
\r
41 List-Post: <mailto:notmuch@notmuchmail.org>
\r
42 List-Help: <mailto:notmuch-request@notmuchmail.org?subject=help>
\r
43 List-Subscribe: <https://notmuchmail.org/mailman/listinfo/notmuch>,
\r
44 <mailto:notmuch-request@notmuchmail.org?subject=subscribe>
\r
45 X-List-Received-Date: Wed, 20 Jan 2016 02:53:19 -0000
\r
47 If we're going to reuse the crypto code across both the library and
\r
48 the client, then it needs to report error states properly and not
\r
51 lib/database.cc | 6 ++++++
\r
52 lib/notmuch.h | 17 +++++++++++++++++
\r
53 mime-node.c | 7 ++++++-
\r
54 util/crypto.c | 55 +++++++++++++++++++++++++------------------------------
\r
55 util/crypto.h | 6 ++++--
\r
56 5 files changed, 58 insertions(+), 33 deletions(-)
\r
58 diff --git a/lib/database.cc b/lib/database.cc
\r
59 index 3b342f1..0d4dc9b 100644
\r
60 --- a/lib/database.cc
\r
61 +++ b/lib/database.cc
\r
62 @@ -349,6 +349,12 @@ notmuch_status_to_string (notmuch_status_t status)
\r
63 return "Operation requires a database upgrade";
\r
64 case NOTMUCH_STATUS_PATH_ERROR:
\r
65 return "Path supplied is illegal for this function";
\r
66 + case NOTMUCH_STATUS_MALFORMED_CRYPTO_PROTOCOL:
\r
67 + return "Crypto protocol missing, malformed, or unintelligible";
\r
68 + case NOTMUCH_STATUS_FAILED_CRYPTO_CONTEXT_CREATION:
\r
69 + return "Crypto engine initialization failure";
\r
70 + case NOTMUCH_STATUS_UNKNOWN_CRYPTO_PROTOCOL:
\r
71 + return "Unknown crypto protocol";
\r
73 case NOTMUCH_STATUS_LAST_STATUS:
\r
74 return "Unknown error status value";
\r
75 diff --git a/lib/notmuch.h b/lib/notmuch.h
\r
76 index 310a8b8..00002f1 100644
\r
79 @@ -171,6 +171,23 @@ typedef enum _notmuch_status {
\r
81 NOTMUCH_STATUS_PATH_ERROR,
\r
83 + * A MIME object claimed to have cryptographic protection which
\r
84 + * notmuch tried to handle, but the protocol was not specified in
\r
85 + * an intelligible way.
\r
87 + NOTMUCH_STATUS_MALFORMED_CRYPTO_PROTOCOL,
\r
89 + * Notmuch attempted to do crypto processing, but could not
\r
90 + * initialize the engine needed to do so.
\r
92 + NOTMUCH_STATUS_FAILED_CRYPTO_CONTEXT_CREATION,
\r
94 + * A MIME object claimed to have cryptographic protection, and
\r
95 + * notmuch attempted to process it, but the specific protocol was
\r
96 + * something that notmuch doesn't know how to handle.
\r
98 + NOTMUCH_STATUS_UNKNOWN_CRYPTO_PROTOCOL,
\r
100 * Not an actual status value. Just a way to find out how many
\r
101 * valid status values there are.
\r
103 diff --git a/mime-node.c b/mime-node.c
\r
104 index a8f5670..59c0da2 100644
\r
107 @@ -244,7 +244,12 @@ _mime_node_create (mime_node_t *parent, GMimeObject *part)
\r
108 || (GMIME_IS_MULTIPART_SIGNED (part) && node->ctx->crypto->verify)) {
\r
109 GMimeContentType *content_type = g_mime_object_get_content_type (part);
\r
110 const char *protocol = g_mime_content_type_get_parameter (content_type, "protocol");
\r
111 - cryptoctx = _notmuch_crypto_get_gmime_context (node->ctx->crypto, protocol);
\r
112 + notmuch_status_t status;
\r
113 + status = _notmuch_crypto_get_gmime_ctx_for_protocol (node->ctx->crypto,
\r
114 + protocol, &cryptoctx);
\r
115 + if (status) /* this is a warning, not an error */
\r
116 + fprintf (stderr, "Warning: %s (%s).\n", notmuch_status_to_string (status),
\r
117 + protocol ? protocol : "(NULL)");
\r
120 /* Handle PGP/MIME parts */
\r
121 diff --git a/util/crypto.c b/util/crypto.c
\r
122 index 1712347..c18c82c 100644
\r
123 --- a/util/crypto.c
\r
124 +++ b/util/crypto.c
\r
125 @@ -26,55 +26,53 @@
\r
126 #define ARRAY_SIZE(arr) (sizeof (arr) / sizeof (arr[0]))
\r
128 /* Create a GPG context (GMime 2.6) */
\r
129 -static GMimeCryptoContext*
\r
130 -create_gpg_context (_notmuch_crypto_t *crypto)
\r
131 +static notmuch_status_t
\r
132 +get_gpg_context (_notmuch_crypto_t *crypto, GMimeCryptoContext **ctx)
\r
134 - GMimeCryptoContext *gpgctx;
\r
135 + if (ctx == NULL || crypto == NULL)
\r
136 + return NOTMUCH_STATUS_NULL_POINTER;
\r
138 if (crypto->gpgctx) {
\r
139 - return crypto->gpgctx;
\r
140 + *ctx = crypto->gpgctx;
\r
141 + return NOTMUCH_STATUS_SUCCESS;
\r
144 /* TODO: GMimePasswordRequestFunc */
\r
145 - gpgctx = g_mime_gpg_context_new (NULL, crypto->gpgpath ? crypto->gpgpath : "gpg");
\r
147 - fprintf (stderr, "Failed to construct gpg context.\n");
\r
149 + crypto->gpgctx = g_mime_gpg_context_new (NULL, crypto->gpgpath ? crypto->gpgpath : "gpg");
\r
150 + if (! crypto->gpgctx) {
\r
151 + return NOTMUCH_STATUS_FAILED_CRYPTO_CONTEXT_CREATION;
\r
153 - crypto->gpgctx = gpgctx;
\r
155 - g_mime_gpg_context_set_use_agent ((GMimeGpgContext *) gpgctx, TRUE);
\r
156 - g_mime_gpg_context_set_always_trust ((GMimeGpgContext *) gpgctx, FALSE);
\r
157 + g_mime_gpg_context_set_use_agent ((GMimeGpgContext *) crypto->gpgctx, TRUE);
\r
158 + g_mime_gpg_context_set_always_trust ((GMimeGpgContext *) crypto->gpgctx, FALSE);
\r
160 - return crypto->gpgctx;
\r
161 + *ctx = crypto->gpgctx;
\r
162 + return NOTMUCH_STATUS_SUCCESS;
\r
165 static const struct {
\r
166 const char *protocol;
\r
167 - GMimeCryptoContext *(*get_context) (_notmuch_crypto_t *crypto);
\r
168 + notmuch_status_t (*get_context) (_notmuch_crypto_t *crypto, GMimeCryptoContext **ctx);
\r
171 .protocol = "application/pgp-signature",
\r
172 - .get_context = create_gpg_context,
\r
173 + .get_context = get_gpg_context,
\r
176 .protocol = "application/pgp-encrypted",
\r
177 - .get_context = create_gpg_context,
\r
178 + .get_context = get_gpg_context,
\r
182 /* for the specified protocol return the context pointer (initializing
\r
184 -GMimeCryptoContext *
\r
185 -_notmuch_crypto_get_gmime_context (_notmuch_crypto_t *crypto, const char *protocol)
\r
187 +_notmuch_crypto_get_gmime_ctx_for_protocol (_notmuch_crypto_t *crypto,
\r
188 + const char *protocol,
\r
189 + GMimeCryptoContext **ctx)
\r
191 - GMimeCryptoContext *cryptoctx = NULL;
\r
194 - if (! protocol) {
\r
195 - fprintf (stderr, "Cryptographic protocol is empty.\n");
\r
196 - return cryptoctx;
\r
199 + return NOTMUCH_STATUS_MALFORMED_CRYPTO_PROTOCOL;
\r
201 /* As per RFC 1847 section 2.1: "the [protocol] value token is
\r
202 * comprised of the type and sub-type tokens of the Content-Type".
\r
203 @@ -82,15 +80,12 @@ _notmuch_crypto_get_gmime_context (_notmuch_crypto_t *crypto, const char *protoc
\r
204 * parameter names as defined in this document are
\r
205 * case-insensitive." Thus, we use strcasecmp for the protocol.
\r
207 - for (i = 0; i < ARRAY_SIZE (protocols); i++) {
\r
208 + for (size_t i = 0; i < ARRAY_SIZE (protocols); i++) {
\r
209 if (strcasecmp (protocol, protocols[i].protocol) == 0)
\r
210 - return protocols[i].get_context (crypto);
\r
211 + return protocols[i].get_context (crypto, ctx);
\r
214 - fprintf (stderr, "Unknown or unsupported cryptographic protocol %s.\n",
\r
218 + return NOTMUCH_STATUS_UNKNOWN_CRYPTO_PROTOCOL;
\r
222 diff --git a/util/crypto.h b/util/crypto.h
\r
223 index 0e65472..92357b4 100644
\r
224 --- a/util/crypto.h
\r
225 +++ b/util/crypto.h
\r
226 @@ -12,8 +12,10 @@ typedef struct _notmuch_crypto {
\r
227 } _notmuch_crypto_t;
\r
230 -GMimeCryptoContext *
\r
231 -_notmuch_crypto_get_gmime_context (_notmuch_crypto_t *crypto, const char *protocol);
\r
233 +_notmuch_crypto_get_gmime_ctx_for_protocol (_notmuch_crypto_t *crypto,
\r
234 + const char *protocol,
\r
235 + GMimeCryptoContext **ctx);
\r
238 _notmuch_crypto_cleanup (_notmuch_crypto_t *crypto);
\r