gmime-cleanup: remove obsolete gpg_path configuration option and crypto contexts

Note that we do keep ignoring the gpg_path configuration option,
though, to avoid breakage of existing installations.  It is ignored
like any other unknown configuration option, but we at least document
that it is ignored so that people who find it in their legacy configs
can know that it's safe to drop.

signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
This commit is contained in:
Daniel Kahn Gillmor 2019-05-02 09:19:36 -04:00 committed by David Bremner
parent 35e21bfb6f
commit 096d45a878
10 changed files with 1 additions and 212 deletions

View file

@ -284,22 +284,6 @@ _mime_node_create (mime_node_t *parent, GMimeObject *part)
return NULL; return NULL;
} }
#if (GMIME_MAJOR_VERSION < 3)
if ((GMIME_IS_MULTIPART_ENCRYPTED (part) && (node->ctx->crypto->decrypt != NOTMUCH_DECRYPT_FALSE))
|| (GMIME_IS_MULTIPART_SIGNED (part) && node->ctx->crypto->verify)) {
GMimeContentType *content_type = g_mime_object_get_content_type (part);
const char *protocol = g_mime_content_type_get_parameter (content_type, "protocol");
notmuch_status_t status;
status = _notmuch_crypto_get_gmime_ctx_for_protocol (node->ctx->crypto,
protocol, &cryptoctx);
if (status) /* this is a warning, not an error */
fprintf (stderr, "Warning: %s (%s).\n", notmuch_status_to_string (status),
protocol ? protocol : "NULL");
if (!cryptoctx)
return node;
}
#endif
/* Handle PGP/MIME parts */ /* Handle PGP/MIME parts */
if (GMIME_IS_MULTIPART_ENCRYPTED (part) && (node->ctx->crypto->decrypt != NOTMUCH_DECRYPT_FALSE)) { if (GMIME_IS_MULTIPART_ENCRYPTED (part) && (node->ctx->crypto->decrypt != NOTMUCH_DECRYPT_FALSE)) {
if (node->nchildren != 2) { if (node->nchildren != 2) {

View file

@ -276,15 +276,6 @@ void
notmuch_config_set_database_path (notmuch_config_t *config, notmuch_config_set_database_path (notmuch_config_t *config,
const char *database_path); const char *database_path);
#if (GMIME_MAJOR_VERSION < 3)
const char *
notmuch_config_get_crypto_gpg_path (notmuch_config_t *config);
void
notmuch_config_set_crypto_gpg_path (notmuch_config_t *config,
const char *gpg_path);
#endif
const char * const char *
notmuch_config_get_user_name (notmuch_config_t *config); notmuch_config_get_user_name (notmuch_config_t *config);

View file

@ -104,19 +104,11 @@ static const char search_config_comment[] =
static const char crypto_config_comment[] = static const char crypto_config_comment[] =
" Cryptography related configuration\n" " Cryptography related configuration\n"
"\n" "\n"
#if (GMIME_MAJOR_VERSION < 3)
" The following *deprecated* option is currently supported:\n"
"\n"
"\tgpg_path\n"
"\t\tbinary name or full path to invoke gpg.\n"
"\t\tNOTE: In a future build, this option will be ignored.\n"
#else
" The following old option is now ignored:\n" " The following old option is now ignored:\n"
"\n" "\n"
"\tgpgpath\n" "\tgpgpath\n"
"\t\tThis option was used by older builds of notmuch to choose\n" "\t\tThis option was used by older builds of notmuch to choose\n"
"\t\tthe version of gpg to use.\n" "\t\tthe version of gpg to use.\n"
#endif
"\t\tSetting $PATH is a better approach.\n"; "\t\tSetting $PATH is a better approach.\n";
struct _notmuch_config { struct _notmuch_config {
@ -470,12 +462,6 @@ notmuch_config_open (void *ctx,
g_error_free (error); g_error_free (error);
} }
#if (GMIME_MAJOR_VERSION < 3)
if (notmuch_config_get_crypto_gpg_path (config) == NULL) {
notmuch_config_set_crypto_gpg_path (config, "gpg");
}
#endif
/* Whenever we know of configuration sections that don't appear in /* Whenever we know of configuration sections that don't appear in
* the configuration file, we add some comments to help the user * the configuration file, we add some comments to help the user
* understand what can be done. */ * understand what can be done. */
@ -776,21 +762,6 @@ notmuch_config_set_search_exclude_tags (notmuch_config_t *config,
&(config->search_exclude_tags)); &(config->search_exclude_tags));
} }
#if (GMIME_MAJOR_VERSION < 3)
const char *
notmuch_config_get_crypto_gpg_path (notmuch_config_t *config)
{
return _config_get (config, &config->crypto_gpg_path, "crypto", "gpg_path");
}
void
notmuch_config_set_crypto_gpg_path (notmuch_config_t *config,
const char *gpg_path)
{
_config_set (config, &config->crypto_gpg_path, "crypto", "gpg_path", gpg_path);
}
#endif
/* Given a configuration item of the form <group>.<key> return the /* Given a configuration item of the form <group>.<key> return the
* component group and key. If any error occurs, print a message on * component group and key. If any error occurs, print a message on

View file

@ -748,10 +748,6 @@ notmuch_reply_command (notmuch_config_t *config, int argc, char *argv[])
return EXIT_FAILURE; return EXIT_FAILURE;
} }
#if (GMIME_MAJOR_VERSION < 3)
params.crypto.gpgpath = notmuch_config_get_crypto_gpg_path (config);
#endif
if (notmuch_database_open (notmuch_config_get_database_path (config), if (notmuch_database_open (notmuch_config_get_database_path (config),
NOTMUCH_DATABASE_MODE_READ_ONLY, &notmuch)) NOTMUCH_DATABASE_MODE_READ_ONLY, &notmuch))
return EXIT_FAILURE; return EXIT_FAILURE;

View file

@ -1213,10 +1213,6 @@ notmuch_show_command (notmuch_config_t *config, int argc, char *argv[])
return EXIT_FAILURE; return EXIT_FAILURE;
} }
#if (GMIME_MAJOR_VERSION < 3)
params.crypto.gpgpath = notmuch_config_get_crypto_gpg_path (config);
#endif
notmuch_database_mode_t mode = NOTMUCH_DATABASE_MODE_READ_ONLY; notmuch_database_mode_t mode = NOTMUCH_DATABASE_MODE_READ_ONLY;
if (params.crypto.decrypt == NOTMUCH_DECRYPT_TRUE) if (params.crypto.decrypt == NOTMUCH_DECRYPT_TRUE)
mode = NOTMUCH_DATABASE_MODE_READ_WRITE; mode = NOTMUCH_DATABASE_MODE_READ_WRITE;

View file

@ -129,14 +129,6 @@ notmuch_process_shared_indexing_options (notmuch_database_t *notmuch, g_mime_3_u
return status; return status;
} }
} }
#if (GMIME_MAJOR_VERSION < 3)
if (indexing_cli_choices.opts && notmuch_indexopts_get_decrypt_policy (indexing_cli_choices.opts) != NOTMUCH_DECRYPT_FALSE) {
const char* gpg_path = notmuch_config_get_crypto_gpg_path (config);
if (gpg_path && strcmp(gpg_path, "gpg"))
fprintf (stderr, "Warning: deprecated crypto.gpg_path is set to '%s'\n"
"\tbut ignoring (use $PATH instead)\n", gpg_path);
}
#endif
return NOTMUCH_STATUS_SUCCESS; return NOTMUCH_STATUS_SUCCESS;
} }

View file

@ -46,11 +46,6 @@ test_begin_subtest "List all items"
notmuch config list > STDOUT 2> STDERR notmuch config list > STDOUT 2> STDERR
printf "%s\n====\n%s\n" "$(< STDOUT)" "$(< STDERR)" | notmuch_config_sanitize > OUTPUT printf "%s\n====\n%s\n" "$(< STDOUT)" "$(< STDERR)" | notmuch_config_sanitize > OUTPUT
if [ "${NOTMUCH_GMIME_MAJOR}" -lt 3 ]; then
config_gpg_path="crypto.gpg_path=gpg
"
fi
cat <<EOF > EXPECTED cat <<EOF > EXPECTED
database.path=MAIL_DIR database.path=MAIL_DIR
user.name=Notmuch Test Suite user.name=Notmuch Test Suite
@ -60,7 +55,7 @@ new.tags=unread;inbox;
new.ignore= new.ignore=
search.exclude_tags= search.exclude_tags=
maildir.synchronize_flags=true maildir.synchronize_flags=true
${config_gpg_path}foo.string=this is another string value foo.string=this is another string value
foo.list=this;is another;list value; foo.list=this;is another;list value;
built_with.compact=something built_with.compact=something
built_with.field_processor=something built_with.field_processor=something

View file

@ -20,11 +20,6 @@ foo bar
baz baz
EOF EOF
if [ "${NOTMUCH_GMIME_MAJOR}" -lt 3 ]; then
config_gpg_path="crypto.gpg_path=gpg
"
fi
output=$(notmuch --config=new-notmuch-config config list | notmuch_built_with_sanitize) output=$(notmuch --config=new-notmuch-config config list | notmuch_built_with_sanitize)
test_expect_equal "$output" "\ test_expect_equal "$output" "\
database.path=/path/to/maildir database.path=/path/to/maildir
@ -35,7 +30,6 @@ new.tags=foo;bar;
new.ignore= new.ignore=
search.exclude_tags=baz; search.exclude_tags=baz;
maildir.synchronize_flags=true maildir.synchronize_flags=true
""${config_gpg_path}""\
built_with.compact=something built_with.compact=something
built_with.field_processor=something built_with.field_processor=something
built_with.retry_lock=something" built_with.retry_lock=something"

View file

@ -24,120 +24,9 @@
#define ARRAY_SIZE(arr) (sizeof (arr) / sizeof (arr[0])) #define ARRAY_SIZE(arr) (sizeof (arr) / sizeof (arr[0]))
#if (GMIME_MAJOR_VERSION < 3)
/* Create or pass on a GPG context (GMime 2.6) */
static notmuch_status_t
get_gpg_context (_notmuch_crypto_t *crypto, GMimeCryptoContext **ctx)
{
if (ctx == NULL || crypto == NULL)
return NOTMUCH_STATUS_NULL_POINTER;
if (crypto->gpgctx) {
*ctx = crypto->gpgctx;
return NOTMUCH_STATUS_SUCCESS;
}
/* TODO: GMimePasswordRequestFunc */
crypto->gpgctx = g_mime_gpg_context_new (NULL, crypto->gpgpath ? crypto->gpgpath : "gpg");
if (! crypto->gpgctx) {
return NOTMUCH_STATUS_FAILED_CRYPTO_CONTEXT_CREATION;
}
g_mime_gpg_context_set_use_agent ((GMimeGpgContext *) crypto->gpgctx, true);
g_mime_gpg_context_set_always_trust ((GMimeGpgContext *) crypto->gpgctx, false);
*ctx = crypto->gpgctx;
return NOTMUCH_STATUS_SUCCESS;
}
/* Create or pass on a PKCS7 context (GMime 2.6) */
static notmuch_status_t
get_pkcs7_context (_notmuch_crypto_t *crypto, GMimeCryptoContext **ctx)
{
if (ctx == NULL || crypto == NULL)
return NOTMUCH_STATUS_NULL_POINTER;
if (crypto->pkcs7ctx) {
*ctx = crypto->pkcs7ctx;
return NOTMUCH_STATUS_SUCCESS;
}
/* TODO: GMimePasswordRequestFunc */
crypto->pkcs7ctx = g_mime_pkcs7_context_new (NULL);
if (! crypto->pkcs7ctx) {
return NOTMUCH_STATUS_FAILED_CRYPTO_CONTEXT_CREATION;
}
g_mime_pkcs7_context_set_always_trust ((GMimePkcs7Context *) crypto->pkcs7ctx,
false);
*ctx = crypto->pkcs7ctx;
return NOTMUCH_STATUS_SUCCESS;
}
static const struct {
const char *protocol;
notmuch_status_t (*get_context) (_notmuch_crypto_t *crypto, GMimeCryptoContext **ctx);
} protocols[] = {
{
.protocol = "application/pgp-signature",
.get_context = get_gpg_context,
},
{
.protocol = "application/pgp-encrypted",
.get_context = get_gpg_context,
},
{
.protocol = "application/pkcs7-signature",
.get_context = get_pkcs7_context,
},
{
.protocol = "application/x-pkcs7-signature",
.get_context = get_pkcs7_context,
},
};
/* for the specified protocol return the context pointer (initializing
* if needed) */
notmuch_status_t
_notmuch_crypto_get_gmime_ctx_for_protocol (_notmuch_crypto_t *crypto,
const char *protocol,
GMimeCryptoContext **ctx)
{
if (! protocol)
return NOTMUCH_STATUS_MALFORMED_CRYPTO_PROTOCOL;
/* As per RFC 1847 section 2.1: "the [protocol] value token is
* comprised of the type and sub-type tokens of the Content-Type".
* As per RFC 1521 section 2: "Content-Type values, subtypes, and
* parameter names as defined in this document are
* case-insensitive." Thus, we use strcasecmp for the protocol.
*/
for (size_t i = 0; i < ARRAY_SIZE (protocols); i++) {
if (strcasecmp (protocol, protocols[i].protocol) == 0)
return protocols[i].get_context (crypto, ctx);
}
return NOTMUCH_STATUS_UNKNOWN_CRYPTO_PROTOCOL;
}
void
_notmuch_crypto_cleanup (_notmuch_crypto_t *crypto)
{
if (crypto->gpgctx) {
g_object_unref (crypto->gpgctx);
crypto->gpgctx = NULL;
}
if (crypto->pkcs7ctx) {
g_object_unref (crypto->pkcs7ctx);
crypto->pkcs7ctx = NULL;
}
}
#else
void _notmuch_crypto_cleanup (unused(_notmuch_crypto_t *crypto)) void _notmuch_crypto_cleanup (unused(_notmuch_crypto_t *crypto))
{ {
} }
#endif
GMimeObject * GMimeObject *
_notmuch_crypto_decrypt (bool *attempted, _notmuch_crypto_decrypt (bool *attempted,
@ -165,17 +54,10 @@ _notmuch_crypto_decrypt (bool *attempted,
} }
if (attempted) if (attempted)
*attempted = true; *attempted = true;
#if (GMIME_MAJOR_VERSION < 3)
ret = g_mime_multipart_encrypted_decrypt_session (part,
crypto_ctx,
notmuch_message_properties_value (list),
decrypt_result, err);
#else
ret = g_mime_multipart_encrypted_decrypt (part, ret = g_mime_multipart_encrypted_decrypt (part,
GMIME_DECRYPT_NONE, GMIME_DECRYPT_NONE,
notmuch_message_properties_value (list), notmuch_message_properties_value (list),
decrypt_result, err); decrypt_result, err);
#endif
if (ret) if (ret)
break; break;
} }

View file

@ -12,11 +12,6 @@ extern "C" {
typedef struct _notmuch_crypto { typedef struct _notmuch_crypto {
bool verify; bool verify;
notmuch_decryption_policy_t decrypt; notmuch_decryption_policy_t decrypt;
#if (GMIME_MAJOR_VERSION < 3)
GMimeCryptoContext* gpgctx;
GMimeCryptoContext* pkcs7ctx;
const char *gpgpath;
#endif
} _notmuch_crypto_t; } _notmuch_crypto_t;
GMimeObject * GMimeObject *
@ -28,13 +23,6 @@ _notmuch_crypto_decrypt (bool *attempted,
GMimeDecryptResult **decrypt_result, GMimeDecryptResult **decrypt_result,
GError **err); GError **err);
#if (GMIME_MAJOR_VERSION < 3)
notmuch_status_t
_notmuch_crypto_get_gmime_ctx_for_protocol (_notmuch_crypto_t *crypto,
const char *protocol,
GMimeCryptoContext **ctx);
#endif
void void
_notmuch_crypto_cleanup (_notmuch_crypto_t *crypto); _notmuch_crypto_cleanup (_notmuch_crypto_t *crypto);