mirror of
https://git.notmuchmail.org/git/notmuch
synced 2024-12-24 10:24:53 +01:00
Merge branch 'release'
Conflicts: NEWS Add in NEWS from point release
This commit is contained in:
commit
040c3236af
13 changed files with 101 additions and 35 deletions
6
INSTALL
6
INSTALL
|
@ -39,8 +39,8 @@ Talloc, and zlib which are each described below:
|
|||
reading mail while notmuch would wait for Xapian when removing
|
||||
the "inbox" and "unread" tags from messages in a thread.
|
||||
|
||||
GMime 2.6
|
||||
----------
|
||||
GMime
|
||||
-----
|
||||
GMime provides decoding of MIME email messages for Notmuch.
|
||||
|
||||
Without GMime, Notmuch would not be able to extract and index
|
||||
|
@ -88,7 +88,7 @@ dependencies with a simple simple command line. For example:
|
|||
|
||||
For Debian and similar:
|
||||
|
||||
sudo apt-get install libxapian-dev libgmime-2.6-dev libtalloc-dev zlib1g-dev python-sphinx
|
||||
sudo apt-get install libxapian-dev libgmime-3.0-dev libtalloc-dev zlib1g-dev python-sphinx
|
||||
|
||||
For Fedora and similar:
|
||||
|
||||
|
|
17
NEWS
17
NEWS
|
@ -28,6 +28,23 @@ Indexing cleartext of encrypted e-mails
|
|||
that the notmuch index itself is adequately protected. DO NOT USE
|
||||
this feature without considering the security of your index.
|
||||
|
||||
Notmuch 0.25.3 (2017-12-08)
|
||||
===========================
|
||||
|
||||
Emacs
|
||||
-----
|
||||
|
||||
Extend mitigation (disabling handling x-display in text/enriched) for
|
||||
Emacs bug #28350 to Emacs versions before 24.4 (i.e. without
|
||||
`advice-add`).
|
||||
|
||||
Command Line Interface
|
||||
----------------------
|
||||
|
||||
Correctly report userid validity. Fix test suite failure for GMime >=
|
||||
3.0.3. This change raises the minimum supported version of GMime 3.x
|
||||
to 3.0.3.
|
||||
|
||||
Notmuch 0.25.2 (2017-11-05)
|
||||
===========================
|
||||
|
||||
|
|
|
@ -1,3 +1,3 @@
|
|||
# this file should be kept in sync with ../../../version
|
||||
__VERSION__ = '0.25.2'
|
||||
__VERSION__ = '0.25.3'
|
||||
SOVERSION = '5'
|
||||
|
|
3
configure
vendored
3
configure
vendored
|
@ -478,9 +478,10 @@ fi
|
|||
# we need to have a version >= 2.6.5 to avoid a crypto bug. We need
|
||||
# 2.6.7 for permissive "From " header handling.
|
||||
GMIME_MINVER=2.6.7
|
||||
GMIME3_MINVER=3.0.3
|
||||
|
||||
printf "Checking for GMime development files... "
|
||||
if pkg-config --exists "gmime-3.0"; then
|
||||
if pkg-config --exists "gmime-3.0 > $GMIME3_MINVER"; then
|
||||
printf "Yes (3.0).\n"
|
||||
have_gmime=1
|
||||
gmime_cflags=$(pkg-config --cflags gmime-3.0)
|
||||
|
|
9
debian/changelog
vendored
9
debian/changelog
vendored
|
@ -1,3 +1,12 @@
|
|||
notmuch (0.25.3-1) unstable; urgency=medium
|
||||
|
||||
* Upstream bugfix release. Fix for OpenPGP UID validity reporting,
|
||||
and build failure with GMime 3.0.3+.
|
||||
* Bug fix: "notmuch FTBFS on Alpha due to broken gdb", thanks to
|
||||
Michael Cree (Closes: #881028).
|
||||
|
||||
-- David Bremner <bremner@debian.org> Fri, 08 Dec 2017 21:08:00 -0400
|
||||
|
||||
notmuch (0.25.2-1) unstable; urgency=medium
|
||||
|
||||
* New upstream bugfix release: fix for segfault when compiled
|
||||
|
|
4
debian/control
vendored
4
debian/control
vendored
|
@ -11,7 +11,7 @@ Build-Depends:
|
|||
debhelper (>= 9),
|
||||
pkg-config,
|
||||
libxapian-dev,
|
||||
libgmime-3.0-dev | libgmime-2.6-dev (>= 2.6.7~),
|
||||
libgmime-3.0-dev (>= 3.0.3~) | libgmime-2.6-dev (>= 2.6.7~),
|
||||
libtalloc-dev,
|
||||
libz-dev,
|
||||
python-all (>= 2.6.6-3~),
|
||||
|
@ -23,7 +23,7 @@ Build-Depends:
|
|||
emacs25-nox | emacs25 (>=25~) | emacs25-lucid (>=25~) |
|
||||
emacs24-nox | emacs24 (>=24~) | emacs24-lucid (>=24~) |
|
||||
emacs23-nox | emacs23 (>=23~) | emacs23-lucid (>=23~),
|
||||
gdb [!s390x !ia64 !armel !ppc64el !mips !mipsel !mips64el !kfreebsd-any],
|
||||
gdb [!s390x !ia64 !armel !ppc64el !mips !mipsel !mips64el !kfreebsd-any !alpha],
|
||||
dtach (>= 0.8),
|
||||
gpgsm <!nocheck>,
|
||||
gnupg <!nocheck>,
|
||||
|
|
|
@ -773,14 +773,19 @@ will return nil if the CID is unknown or cannot be retrieved."
|
|||
(defun notmuch-show-insert-part-text/x-vcalendar (msg part content-type nth depth button)
|
||||
(notmuch-show-insert-part-text/calendar msg part content-type nth depth button))
|
||||
|
||||
;; https://bugs.gnu.org/28350
|
||||
(defun notmuch-show--enriched-decode-display-prop (start end &optional param)
|
||||
(list start end))
|
||||
|
||||
(defun notmuch-show-insert-part-text/enriched (msg part content-type nth depth button)
|
||||
(advice-add 'enriched-decode-display-prop :override
|
||||
#'notmuch-show--enriched-decode-display-prop)
|
||||
nil)
|
||||
(if (version< emacs-version "25.3")
|
||||
;; https://bugs.gnu.org/28350
|
||||
;;
|
||||
;; For newer emacs, we fall back to notmuch-show-insert-part-*/*
|
||||
;; (see notmuch-show-handlers-for)
|
||||
(defun notmuch-show-insert-part-text/enriched (msg part content-type nth depth button)
|
||||
;; By requiring enriched below, we ensure that the function enriched-decode-display-prop
|
||||
;; is defined before it will be shadowed by the letf below. Otherwise the version
|
||||
;; in enriched.el may be loaded a bit later and used instead (for the first time).
|
||||
(require 'enriched)
|
||||
(letf (((symbol-function 'enriched-decode-display-prop)
|
||||
(lambda (start end &optional param) (list start end))))
|
||||
(notmuch-show-insert-part-*/* msg part content-type nth depth button))))
|
||||
|
||||
(defun notmuch-show-get-mime-type-of-application/octet-stream (part)
|
||||
;; If we can deduce a MIME type from the filename of the attachment,
|
||||
|
|
|
@ -446,15 +446,11 @@ format_part_sigstatus_sprinter (sprinter_t *sp, mime_node_t *node)
|
|||
sp->map_key (sp, "expires");
|
||||
sp->integer (sp, expires);
|
||||
}
|
||||
/* output user id only if validity is FULL or ULTIMATE. */
|
||||
/* note that gmime is using the term "trust" here, which
|
||||
* is WRONG. It's actually user id "validity". */
|
||||
if (certificate) {
|
||||
const char *name = g_mime_certificate_get_uid (certificate);
|
||||
GMimeCertificateTrust trust = g_mime_certificate_get_trust (certificate);
|
||||
if (name && (trust == GMIME_CERTIFICATE_TRUST_FULLY || trust == GMIME_CERTIFICATE_TRUST_ULTIMATE)) {
|
||||
const char *uid = g_mime_certificate_get_valid_userid (certificate);
|
||||
if (uid) {
|
||||
sp->map_key (sp, "userid");
|
||||
sp->string (sp, name);
|
||||
sp->string (sp, uid);
|
||||
}
|
||||
}
|
||||
} else if (certificate) {
|
||||
|
|
|
@ -48,6 +48,12 @@ EOF
|
|||
test_expect_equal_file EXPECTED OUTPUT
|
||||
|
||||
test_begin_subtest "signature verification (notmuch CLI)"
|
||||
if [ "${NOTMUCH_GMIME_MAJOR}" -lt 3 ]; then
|
||||
# gmime 2 can't report User IDs properly for S/MIME
|
||||
USERID=''
|
||||
else
|
||||
USERID='"userid": "CN=Notmuch Test Suite",'
|
||||
fi
|
||||
output=$(notmuch show --format=json --verify subject:"test signed message 001" \
|
||||
| notmuch_json_show_sanitize \
|
||||
| sed -e 's|"created": [-1234567890]*|"created": 946728000|' \
|
||||
|
@ -65,7 +71,7 @@ expected='[[[{"id": "XXXXX",
|
|||
"Date": "Sat, 01 Jan 2000 12:00:00 +0000"},
|
||||
"body": [{"id": 1,
|
||||
"sigstatus": [{"fingerprint": "'$FINGERPRINT'",
|
||||
"status": "good",
|
||||
"status": "good",'$USERID'
|
||||
"expires": 424242424,
|
||||
"created": 946728000}],
|
||||
"content-type": "multipart/signed",
|
||||
|
|
|
@ -198,5 +198,14 @@ This is an error
|
|||
stdout:
|
||||
This is output"
|
||||
|
||||
test_begin_subtest "text/enriched exploit mitigation"
|
||||
add_message '[content-type]="text/enriched"
|
||||
[body]="
|
||||
<x-display><param>(when (progn (read-only-mode -1) (insert ?p ?0 ?w ?n ?e ?d)) nil)</param>test</x-display>
|
||||
"'
|
||||
test_emacs '(notmuch-show "id:'$gen_msg_id'")
|
||||
(test-visible-output "OUTPUT.raw")'
|
||||
output=$(head -1 OUTPUT.raw|cut -f1-4 -d' ')
|
||||
test_expect_equal "$output" "Notmuch Test Suite <test_suite@notmuchmail.org>"
|
||||
|
||||
test_done
|
||||
|
|
|
@ -33,6 +33,21 @@ g_string_talloc_strdup (void *ctx, char *g_string)
|
|||
|
||||
#if (GMIME_MAJOR_VERSION < 3)
|
||||
|
||||
const char *
|
||||
g_mime_certificate_get_valid_userid (GMimeCertificate *cert)
|
||||
{
|
||||
/* output user id only if validity is FULL or ULTIMATE. */
|
||||
/* note that gmime 2.6 is using the term "trust" here, which
|
||||
* is WRONG. It's actually user id "validity". */
|
||||
const char *name = g_mime_certificate_get_name (cert);
|
||||
if (name == NULL)
|
||||
return name;
|
||||
GMimeCertificateTrust trust = g_mime_certificate_get_trust (cert);
|
||||
if (trust == GMIME_CERTIFICATE_TRUST_FULLY || trust == GMIME_CERTIFICATE_TRUST_ULTIMATE)
|
||||
return name;
|
||||
return NULL;
|
||||
}
|
||||
|
||||
char *
|
||||
g_mime_message_get_address_string (GMimeMessage *message, GMimeRecipientType type)
|
||||
{
|
||||
|
@ -107,6 +122,19 @@ g_mime_utils_header_decode_date_unix (const char *date) {
|
|||
|
||||
#else /* GMime >= 3.0 */
|
||||
|
||||
const char *
|
||||
g_mime_certificate_get_valid_userid (GMimeCertificate *cert)
|
||||
{
|
||||
/* output user id only if validity is FULL or ULTIMATE. */
|
||||
const char *uid = g_mime_certificate_get_user_id (cert);
|
||||
if (uid == NULL)
|
||||
return uid;
|
||||
GMimeValidity validity = g_mime_certificate_get_id_validity (cert);
|
||||
if (validity == GMIME_VALIDITY_FULL || validity == GMIME_VALIDITY_ULTIMATE)
|
||||
return uid;
|
||||
return NULL;
|
||||
}
|
||||
|
||||
const char*
|
||||
g_mime_certificate_get_fpr16 (GMimeCertificate *cert) {
|
||||
const char *fpr = g_mime_certificate_get_fingerprint (cert);
|
||||
|
|
|
@ -16,11 +16,9 @@ GMimeStream *g_mime_stream_stdout_new(void);
|
|||
#define g_mime_2_6_unref(obj) g_object_unref (obj)
|
||||
#define g_mime_3_unused(arg) arg
|
||||
#define g_mime_certificate_get_fpr16(cert) g_mime_certificate_get_key_id (cert)
|
||||
#define g_mime_certificate_get_uid(cert) g_mime_certificate_get_name (cert);
|
||||
#else /* GMime >= 3.0 */
|
||||
|
||||
#define GMIME_ENABLE_RFC_2047_WORKAROUNDS 0xdeadbeef
|
||||
#define g_mime_certificate_get_uid(cert) g_mime_certificate_get_key_id (cert);
|
||||
#define g_mime_content_type_to_string(c) g_mime_content_type_get_mime_type (c)
|
||||
#define g_mime_filter_crlf_new(encode,dots) g_mime_filter_dos2unix_new (FALSE)
|
||||
#define g_mime_gpg_context_new(func,path) g_mime_gpg_context_new ()
|
||||
|
@ -45,15 +43,6 @@ typedef GMimeAddressType GMimeRecipientType;
|
|||
|
||||
typedef GMimeSignatureStatus GMimeSignatureError;
|
||||
|
||||
typedef GMimeTrust GMimeCertificateTrust;
|
||||
|
||||
#define GMIME_CERTIFICATE_TRUST_UNKNOWN GMIME_TRUST_UNKNOWN
|
||||
#define GMIME_CERTIFICATE_TRUST_UNDEFINED GMIME_TRUST_UNDEFINED
|
||||
#define GMIME_CERTIFICATE_TRUST_NEVER GMIME_TRUST_NEVER
|
||||
#define GMIME_CERTIFICATE_TRUST_MARGINAL GMIME_TRUST_MARGINAL
|
||||
#define GMIME_CERTIFICATE_TRUST_FULLY GMIME_TRUST_FULL
|
||||
#define GMIME_CERTIFICATE_TRUST_ULTIMATE GMIME_TRUST_ULTIMATE
|
||||
|
||||
#define g_mime_2_6_unref(obj) /*ignore*/
|
||||
#define g_mime_3_unused(arg) unused(arg)
|
||||
#endif
|
||||
|
@ -105,4 +94,10 @@ gboolean g_mime_signature_status_bad (GMimeSignatureStatus status);
|
|||
gboolean g_mime_signature_status_error (GMimeSignatureError status);
|
||||
|
||||
gint64 g_mime_utils_header_decode_date_unix (const char *date);
|
||||
|
||||
/**
|
||||
* Return string for valid User ID (or NULL if no valid User ID exists)
|
||||
*/
|
||||
const char * g_mime_certificate_get_valid_userid (GMimeCertificate *cert);
|
||||
|
||||
#endif
|
||||
|
|
2
version
2
version
|
@ -1 +1 @@
|
|||
0.25.2
|
||||
0.25.3
|
||||
|
|
Loading…
Reference in a new issue