From b2c8fdee53a1b06dd19fafe23e53ac8555d294af Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Sat, 26 May 2012 11:45:45 -0700 Subject: [PATCH] cli: new crypto verify flag to handle verification Use this flag rather than depend on the existence of an initialized gpgctx, to determine whether we should verify a multipart/signed. We will be moving to create the ctx lazily, so we don't want to depend on it being previously initialized if it's not needed. --- mime-node.c | 5 ++--- notmuch-client.h | 8 ++++---- notmuch-reply.c | 1 + notmuch-show.c | 14 +++++++++++--- 4 files changed, 18 insertions(+), 10 deletions(-) diff --git a/mime-node.c b/mime-node.c index a838224e..73e28c57 100644 --- a/mime-node.c +++ b/mime-node.c @@ -183,8 +183,7 @@ _mime_node_create (mime_node_t *parent, GMimeObject *part) } /* Handle PGP/MIME parts */ - if (GMIME_IS_MULTIPART_ENCRYPTED (part) - && node->ctx->crypto->gpgctx && node->ctx->crypto->decrypt) { + if (GMIME_IS_MULTIPART_ENCRYPTED (part) && node->ctx->crypto->decrypt) { if (node->nchildren != 2) { /* this violates RFC 3156 section 4, so we won't bother with it. */ fprintf (stderr, "Error: %d part(s) for a multipart/encrypted " @@ -218,7 +217,7 @@ _mime_node_create (mime_node_t *parent, GMimeObject *part) (err ? err->message : "no error explanation given")); } } - } else if (GMIME_IS_MULTIPART_SIGNED (part) && node->ctx->crypto->gpgctx) { + } else if (GMIME_IS_MULTIPART_SIGNED (part) && node->ctx->crypto->verify) { if (node->nchildren != 2) { /* this violates RFC 3156 section 5, so we won't bother with it. */ fprintf (stderr, "Error: %d part(s) for a multipart/signed message " diff --git a/notmuch-client.h b/notmuch-client.h index 962c747f..0f29a83a 100644 --- a/notmuch-client.h +++ b/notmuch-client.h @@ -79,6 +79,7 @@ typedef struct notmuch_show_format { typedef struct notmuch_crypto { notmuch_crypto_context_t* gpgctx; + notmuch_bool_t verify; notmuch_bool_t decrypt; } notmuch_crypto_t; @@ -350,10 +351,9 @@ struct mime_node { }; /* Construct a new MIME node pointing to the root message part of - * message. If crypto->gpgctx is non-NULL, it will be used to verify - * signatures on any child parts. If crypto->decrypt is true, then - * crypto.gpgctx will additionally be used to decrypt any encrypted - * child parts. + * message. If crypto->verify is true, signed child parts will be + * verified. If crypto->decrypt is true, encrypted child parts will be + * decrypted. * * Return value: * diff --git a/notmuch-reply.c b/notmuch-reply.c index 6f368c93..1ab3db94 100644 --- a/notmuch-reply.c +++ b/notmuch-reply.c @@ -707,6 +707,7 @@ notmuch_reply_command (void *ctx, int argc, char *argv[]) notmuch_show_params_t params = { .part = -1, .crypto = { + .verify = FALSE, .decrypt = FALSE } }; diff --git a/notmuch-show.c b/notmuch-show.c index fb5e9b60..3c067924 100644 --- a/notmuch-show.c +++ b/notmuch-show.c @@ -987,11 +987,11 @@ notmuch_show_command (void *ctx, unused (int argc), unused (char *argv[])) .part = -1, .omit_excluded = TRUE, .crypto = { + .verify = FALSE, .decrypt = FALSE } }; int format_sel = NOTMUCH_FORMAT_NOT_SPECIFIED; - notmuch_bool_t verify = FALSE; int exclude = EXCLUDE_TRUE; notmuch_opt_desc_t options[] = { @@ -1008,7 +1008,7 @@ notmuch_show_command (void *ctx, unused (int argc), unused (char *argv[])) { NOTMUCH_OPT_INT, ¶ms.part, "part", 'p', 0 }, { NOTMUCH_OPT_BOOLEAN, ¶ms.entire_thread, "entire-thread", 't', 0 }, { NOTMUCH_OPT_BOOLEAN, ¶ms.crypto.decrypt, "decrypt", 'd', 0 }, - { NOTMUCH_OPT_BOOLEAN, &verify, "verify", 'v', 0 }, + { NOTMUCH_OPT_BOOLEAN, ¶ms.crypto.verify, "verify", 'v', 0 }, { 0, 0, 0, 0, 0 } }; @@ -1018,6 +1018,10 @@ notmuch_show_command (void *ctx, unused (int argc), unused (char *argv[])) return 1; } + /* decryption implies verification */ + if (params.crypto.decrypt) + params.crypto.verify = TRUE; + if (format_sel == NOTMUCH_FORMAT_NOT_SPECIFIED) { /* if part was requested and format was not specified, use format=raw */ if (params.part >= 0) @@ -1052,7 +1056,7 @@ notmuch_show_command (void *ctx, unused (int argc), unused (char *argv[])) break; } - if (params.crypto.decrypt || verify) { + if (params.crypto.decrypt || params.crypto.verify) { #ifdef GMIME_ATLEAST_26 /* TODO: GMimePasswordRequestFunc */ params.crypto.gpgctx = g_mime_gpg_context_new (NULL, "gpg"); @@ -1063,6 +1067,10 @@ notmuch_show_command (void *ctx, unused (int argc), unused (char *argv[])) if (params.crypto.gpgctx) { g_mime_gpg_context_set_always_trust ((GMimeGpgContext*) params.crypto.gpgctx, FALSE); } else { + /* If we fail to create the gpgctx set the verify and + * decrypt flags to FALSE so we don't try to do any + * further verification or decryption */ + params.crypto.verify = FALSE; params.crypto.decrypt = FALSE; fprintf (stderr, "Failed to construct gpg context.\n"); }