Return-Path: X-Original-To: notmuch@notmuchmail.org Delivered-To: notmuch@notmuchmail.org Received: from localhost (localhost [127.0.0.1]) by olra.theworths.org (Postfix) with ESMTP id E4B6A41ED84 for ; Tue, 17 Jan 2012 12:38:52 -0800 (PST) X-Virus-Scanned: Debian amavisd-new at olra.theworths.org X-Spam-Flag: NO X-Spam-Score: -0.7 X-Spam-Level: X-Spam-Status: No, score=-0.7 tagged_above=-999 required=5 tests=[RCVD_IN_DNSWL_LOW=-0.7] autolearn=disabled Received: from olra.theworths.org ([127.0.0.1]) by localhost (olra.theworths.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qM8sf0c4YYkU for ; Tue, 17 Jan 2012 12:38:51 -0800 (PST) Received: from dmz-mailsec-scanner-1.mit.edu (DMZ-MAILSEC-SCANNER-1.MIT.EDU [18.9.25.12]) by olra.theworths.org (Postfix) with ESMTP id 31FA6421192 for ; Tue, 17 Jan 2012 12:38:51 -0800 (PST) X-AuditID: 1209190c-b7fad6d000000920-d9-4f15dc5a2ab6 Received: from mailhub-auth-2.mit.edu ( [18.7.62.36]) by dmz-mailsec-scanner-1.mit.edu (Symantec Messaging Gateway) with SMTP id 4D.54.02336.A5CD51F4; Tue, 17 Jan 2012 15:38:50 -0500 (EST) Received: from outgoing.mit.edu (OUTGOING-AUTH.MIT.EDU [18.7.22.103]) by mailhub-auth-2.mit.edu (8.13.8/8.9.2) with ESMTP id q0HKcnSh018110; Tue, 17 Jan 2012 15:38:50 -0500 Received: from awakening.csail.mit.edu (awakening.csail.mit.edu [18.26.4.91]) (authenticated bits=0) (User authenticated as amdragon@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.6/8.12.4) with ESMTP id q0HKclAZ019079 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=NOT); Tue, 17 Jan 2012 15:38:49 -0500 (EST) Received: from amthrax by awakening.csail.mit.edu with local (Exim 4.77) (envelope-from ) id 1RnFng-00086I-Dh; Tue, 17 Jan 2012 15:38:36 -0500 Date: Tue, 17 Jan 2012 15:38:36 -0500 From: Austin Clements To: Thomas Jost Subject: Re: [PATCH] Add pseudo-compatibility with gmime 2.6 Message-ID: <20120117203836.GR16740@mit.edu> References: <8762gbtd6p.fsf@schnouki.net> <1326758199-18058-1-git-send-email-schnouki@schnouki.net> <20120117034714.GG16740@mit.edu> <8739bea9lc.fsf@thor.loria.fr> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <8739bea9lc.fsf@thor.loria.fr> User-Agent: Mutt/1.5.21 (2010-09-15) X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFmpmleLIzCtJLcpLzFFi42IRYrdT0Y26I+pvcGuCjsX1mzOZLfb1+zsw eTxbdYvZY8qsuewBTFFcNimpOZllqUX6dglcGbuev2Uu+GVe8fZpL3sD42vNLkZODgkBE4k/ n98wQdhiEhfurWfrYuTiEBLYxyjxbGYXM4SzgVHiWM8HRgjnJJNET+dzFghnCaPExGlb2UH6 WQRUJbadmc0CYrMJaEhs27+cEcQWEVCXaJi/mw3EZhaQlvj2uxlsn7CAjcSxGU9YQWxeAR2J Gf0XweJCAisZJZp/RUPEBSVOznzCAtGrJXHj30ugGg6wOcv/cYCEOQW0Jd4tagQbLyqgIjHl 5Da2CYxCs5B0z0LSPQuhewEj8ypG2ZTcKt3cxMyc4tRk3eLkxLy81CJdQ73czBK91JTSTYyg sOaU5NnB+Oag0iFGAQ5GJR5eiQ2i/kKsiWXFlbmHGCU5mJREeWfdAArxJeWnVGYkFmfEF5Xm pBYfYpTgYFYS4b10GSjHm5JYWZValA+TkuZgURLnVdF65yckkJ5YkpqdmlqQWgSTleHgUJLg XXwbqFGwKDU9tSItM6cEIc3EwQkynAdo+ByQGt7igsTc4sx0iPwpRkUpcd5ykIQASCKjNA+u F5Z2XjGKA70izDsbpIoHmLLgul8BDWYCGpzTKgQyuCQRISXVwOh2931Vzc699cGHEgwvv/EO d1SUarFw+ZH6VVSzQ8pJd0+U9tIzlzteiem38y0LTXQ0ZZf9tEb5fUB/z2f/VXO2cKSvMlhw 6WTNgdsXi0yeLPySz1LYsFXgD5eXhDOblKvO26r95Um9DxfE2W8MW/XPp7rxNd/qZ3XvMsS9 n9gpy76xsIx5p8RSnJFoqMVcVJwIAIoWazAWAwAA Cc: notmuch@notmuchmail.org X-BeenThere: notmuch@notmuchmail.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: "Use and development of the notmuch mail system." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Jan 2012 20:38:53 -0000 Quoth Thomas Jost on Jan 17 at 11:48 am: > On Mon, 16 Jan 2012 22:47:14 -0500, Austin Clements wrote: > > Quoth Thomas Jost on Jan 17 at 12:56 am: > > > This is mostly based on id:"8762i8hrb9.fsf@bookbinder.fernseed.info". > > > > > > This was tested against both gmime 2.6.4 and 2.4.31. With gmime 2.4.31, the > > > crypto tests all work fine (as expected). With gmime 2.6.4, one crypto test > > > fails (signature verification with signer key unavailable) but this will be hard > > > to fix since the new API does not report the reason why a signature verification > > > fails (other than the human-readable error message). > > > > What is the result of this failing test? > > The test looks like that: > > FAIL signature verification with signer key unavailable > --- crypto.4.expected 2012-01-16 23:05:06.765651183 +0000 > +++ crypto.4.output 2012-01-16 23:05:06.765651183 +0000 > @@ -12,9 +12,7 @@ > "Bcc": "", > "Date": "01 Jan 2000 12:00:00 -0000"}, > "body": [{"id": 1, > - "sigstatus": [{"status": "error", > - "keyid": "6D92612D94E46381", > - "errors": 2}], > + "sigstatus": [], > "content-type": "multipart/signed", > "content": [{"id": 2, > "content-type": "text/plain", > Failed to verify signed part: gpg: keyblock resource `/home/schnouki/dev/notmuch/test/tmp.crypto/gnupg/pubring.gpg': file open error > gpg: armor header: Version: GnuPG v1.4.11 (GNU/Linux) > gpg: Signature made Mon Jan 16 23:05:06 2012 UTC using RSA key ID 94E46381 > gpg: Can't check signature: public key not found > > So basically if a signer public key is missing, we can't get the status > signature: empty "sigstatus" field in the JSON output, "Unknown > signature status" in Emacs. > > IMHO this is a bug in gmime 2.6, and I think I know what causes it. I'll > file a bug in gmime and hopefully they'll find a cleaner way to fix it > than the one I came up with :) Oh, okay. That does seem like a bug in GMime. Do you think it would be possible to mark this test as "broken" if notmuch is using GMime 2.6? Off the top of my head, I can't think of an easy way to plumb that information through to the test suite. I don't think we should push any patches that knowingly break a test, even if it's in just one configuration. > > > > > --- > > > mime-node.c | 50 ++++++++++++++++++++++++++- > > > notmuch-client.h | 27 ++++++++++++++- > > > notmuch-reply.c | 7 ++++ > > > notmuch-show.c | 97 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ > > > show-message.c | 4 ++ > > > 5 files changed, 181 insertions(+), 4 deletions(-) > > > > > > diff --git a/mime-node.c b/mime-node.c > > > index d26bb44..ae2473d 100644 > > > --- a/mime-node.c > > > +++ b/mime-node.c > > > @@ -33,7 +33,11 @@ typedef struct mime_node_context { > > > GMimeMessage *mime_message; > > > > > > /* Context provided by the caller. */ > > > +#ifdef GMIME_26 > > > + GMimeCryptoContext *cryptoctx; > > > +#else > > > GMimeCipherContext *cryptoctx; > > > +#endif > > > notmuch_bool_t decrypt; > > > } mime_node_context_t; > > > > > > @@ -57,8 +61,12 @@ _mime_node_context_free (mime_node_context_t *res) > > > > > > notmuch_status_t > > > mime_node_open (const void *ctx, notmuch_message_t *message, > > > - GMimeCipherContext *cryptoctx, notmuch_bool_t decrypt, > > > - mime_node_t **root_out) > > > +#ifdef GMIME_26 > > > + GMimeCryptoContext *cryptoctx, > > > +#else > > > + GMimeCipherContext *cryptoctx, > > > +#endif > > > + notmuch_bool_t decrypt, mime_node_t **root_out) > > > { > > > const char *filename = notmuch_message_get_filename (message); > > > mime_node_context_t *mctx; > > > @@ -112,12 +120,21 @@ DONE: > > > return status; > > > } > > > > > > +#ifdef GMIME_26 > > > +static int > > > +_signature_list_free (GMimeSignatureList **proxy) > > > +{ > > > + g_object_unref (*proxy); > > > + return 0; > > > +} > > > +#else > > > static int > > > _signature_validity_free (GMimeSignatureValidity **proxy) > > > { > > > g_mime_signature_validity_free (*proxy); > > > return 0; > > > } > > > +#endif > > > > > > static mime_node_t * > > > _mime_node_create (const mime_node_t *parent, GMimeObject *part) > > > @@ -165,11 +182,23 @@ _mime_node_create (const mime_node_t *parent, GMimeObject *part) > > > GMimeMultipartEncrypted *encrypteddata = > > > GMIME_MULTIPART_ENCRYPTED (part); > > > node->decrypt_attempted = TRUE; > > > +#ifdef GMIME_26 > > > + GMimeDecryptResult *decrypt_result = g_mime_decrypt_result_new (); > > > > I think g_mime_multipart_encrypted_decrypt allocates the > > GMimeDecryptResult for you, so this will just leak memory. > > You're right, fixed. Will it be freed along with node->decrypted_child, > or do we need to handle this ourself? That would be nice to know. My guess would be that we have to free it ourselves (or dereference it, at any rate), but the documentation doesn't say. > > > } else { > > > fprintf (stderr, "Failed to decrypt part: %s\n", > > > (err ? err->message : "no error explanation given")); > > > @@ -182,6 +211,18 @@ _mime_node_create (const mime_node_t *parent, GMimeObject *part) > > > "(must be exactly 2)\n", > > > node->nchildren); > > > } else { > > > +#ifdef GMIME_26 > > > + GMimeSignatureList *sig_list = g_mime_multipart_signed_verify > > > + (GMIME_MULTIPART_SIGNED (part), node->ctx->cryptoctx, &err); > > > + node->verify_attempted = TRUE; > > > + node->sig_list = sig_list; > > > + if (sig_list) { > > > + GMimeSignatureList **proxy = > > > + talloc (node, GMimeSignatureList *); > > > + *proxy = sig_list; > > > + talloc_set_destructor (proxy, _signature_list_free); > > > + } > > > +#else > > > /* For some reason the GMimeSignatureValidity returned > > > * here is not a const (inconsistent with that > > > * returned by > > > @@ -200,10 +241,15 @@ _mime_node_create (const mime_node_t *parent, GMimeObject *part) > > > *proxy = sig_validity; > > > talloc_set_destructor (proxy, _signature_validity_free); > > > } > > > +#endif > > > } > > > } > > > > > > +#ifdef GMIME_26 > > > + if (node->verify_attempted && !node->sig_list) > > > > Hmm. This is correct for signed parts, but will incorrectly trigger > > for an encrypted part with no signatures. For 2.6, I think this error > > checking may have to move into the branches of the if encrypted/signed > > since for encrypted parts you have to check if > > g_mime_multipart_encrypted_decrypt returned NULL. > > That sound right. The weird part is that it did not cause anything to > fail in the test suite... It would be worth adding a test with an encrypted but unsigned part. I don't know enough GPG myself to do that.