debian/notmuch
1
0
Fork 0
mirror of https://git.notmuchmail.org/git/notmuch synced 2024-11-22 02:48:08 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

cli: new crypto verify flag to handle verification

Browse source 
Use this flag rather than depend on the existence of an initialized
gpgctx, to determine whether we should verify a multipart/signed.  We
will be moving to create the ctx lazily, so we don't want to depend on
it being previously initialized if it's not needed.
This commit is contained in:
Jameson Graef Rollins 2012-05-26 11:45:45 -07:00 committed by David Bremner
parent 90822ffdb8
commit b2c8fdee53
4 changed files with 18 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
mime-node.c
View file

@ -183,8 +183,7 @@ _mime_node_create (mime_node_t *parent, GMimeObject *part)
} }
/* Handle PGP/MIME parts */ /* Handle PGP/MIME parts */
if (GMIME_IS_MULTIPART_ENCRYPTED (part) if (GMIME_IS_MULTIPART_ENCRYPTED (part) && node->ctx->crypto->decrypt) {
&& node->ctx->crypto->gpgctx && node->ctx->crypto->decrypt) {
if (node->nchildren != 2) { if (node->nchildren != 2) {
/* this violates RFC 3156 section 4, so we won't bother with it. */ /* this violates RFC 3156 section 4, so we won't bother with it. */
fprintf (stderr, "Error: %d part(s) for a multipart/encrypted " fprintf (stderr, "Error: %d part(s) for a multipart/encrypted "
@ -218,7 +217,7 @@ _mime_node_create (mime_node_t *parent, GMimeObject *part)
(err ? err->message : "no error explanation given")); (err ? err->message : "no error explanation given"));
} }
} }
} else if (GMIME_IS_MULTIPART_SIGNED (part) && node->ctx->crypto->gpgctx) { } else if (GMIME_IS_MULTIPART_SIGNED (part) && node->ctx->crypto->verify) {
if (node->nchildren != 2) { if (node->nchildren != 2) {
/* this violates RFC 3156 section 5, so we won't bother with it. */ /* this violates RFC 3156 section 5, so we won't bother with it. */
fprintf (stderr, "Error: %d part(s) for a multipart/signed message " fprintf (stderr, "Error: %d part(s) for a multipart/signed message "

8
notmuch-client.h
View file

@ -79,6 +79,7 @@ typedef struct notmuch_show_format {
typedef struct notmuch_crypto { typedef struct notmuch_crypto {
notmuch_crypto_context_t* gpgctx; notmuch_crypto_context_t* gpgctx;
notmuch_bool_t verify;
notmuch_bool_t decrypt; notmuch_bool_t decrypt;
} notmuch_crypto_t; } notmuch_crypto_t;
@ -350,10 +351,9 @@ struct mime_node {
}; };
/* Construct a new MIME node pointing to the root message part of /* Construct a new MIME node pointing to the root message part of
* message. If crypto->gpgctx is non-NULL, it will be used to verify * message. If crypto->verify is true, signed child parts will be
* signatures on any child parts. If crypto->decrypt is true, then * verified. If crypto->decrypt is true, encrypted child parts will be
* crypto.gpgctx will additionally be used to decrypt any encrypted * decrypted.
* child parts.
* *
* Return value: * Return value:
* *

1
notmuch-reply.c
View file

@ -707,6 +707,7 @@ notmuch_reply_command (void *ctx, int argc, char *argv[])
notmuch_show_params_t params = { notmuch_show_params_t params = {
.part = -1, .part = -1,
.crypto = { .crypto = {
.verify = FALSE,
.decrypt = FALSE .decrypt = FALSE
} }
}; };

14
notmuch-show.c
View file

@ -987,11 +987,11 @@ notmuch_show_command (void *ctx, unused (int argc), unused (char *argv[]))
.part = -1, .part = -1,
.omit_excluded = TRUE, .omit_excluded = TRUE,
.crypto = { .crypto = {
.verify = FALSE,
.decrypt = FALSE .decrypt = FALSE
} }
}; };
int format_sel = NOTMUCH_FORMAT_NOT_SPECIFIED; int format_sel = NOTMUCH_FORMAT_NOT_SPECIFIED;
notmuch_bool_t verify = FALSE;
int exclude = EXCLUDE_TRUE; int exclude = EXCLUDE_TRUE;
notmuch_opt_desc_t options[] = { notmuch_opt_desc_t options[] = {
@ -1008,7 +1008,7 @@ notmuch_show_command (void *ctx, unused (int argc), unused (char *argv[]))
{ NOTMUCH_OPT_INT, &params.part, "part", 'p', 0 }, { NOTMUCH_OPT_INT, &params.part, "part", 'p', 0 },
{ NOTMUCH_OPT_BOOLEAN, &params.entire_thread, "entire-thread", 't', 0 }, { NOTMUCH_OPT_BOOLEAN, &params.entire_thread, "entire-thread", 't', 0 },
{ NOTMUCH_OPT_BOOLEAN, &params.crypto.decrypt, "decrypt", 'd', 0 }, { NOTMUCH_OPT_BOOLEAN, &params.crypto.decrypt, "decrypt", 'd', 0 },
{ NOTMUCH_OPT_BOOLEAN, &verify, "verify", 'v', 0 }, { NOTMUCH_OPT_BOOLEAN, &params.crypto.verify, "verify", 'v', 0 },
{ 0, 0, 0, 0, 0 } { 0, 0, 0, 0, 0 }
}; };
@ -1018,6 +1018,10 @@ notmuch_show_command (void *ctx, unused (int argc), unused (char *argv[]))
return 1; return 1;
} }
/* decryption implies verification */
if (params.crypto.decrypt)
params.crypto.verify = TRUE;
if (format_sel == NOTMUCH_FORMAT_NOT_SPECIFIED) { if (format_sel == NOTMUCH_FORMAT_NOT_SPECIFIED) {
/* if part was requested and format was not specified, use format=raw */ /* if part was requested and format was not specified, use format=raw */
if (params.part >= 0) if (params.part >= 0)
@ -1052,7 +1056,7 @@ notmuch_show_command (void *ctx, unused (int argc), unused (char *argv[]))
break; break;
} }
if (params.crypto.decrypt || verify) { if (params.crypto.decrypt || params.crypto.verify) {
#ifdef GMIME_ATLEAST_26 #ifdef GMIME_ATLEAST_26
/* TODO: GMimePasswordRequestFunc */ /* TODO: GMimePasswordRequestFunc */
params.crypto.gpgctx = g_mime_gpg_context_new (NULL, "gpg"); params.crypto.gpgctx = g_mime_gpg_context_new (NULL, "gpg");
@ -1063,6 +1067,10 @@ notmuch_show_command (void *ctx, unused (int argc), unused (char *argv[]))
if (params.crypto.gpgctx) { if (params.crypto.gpgctx) {
g_mime_gpg_context_set_always_trust ((GMimeGpgContext*) params.crypto.gpgctx, FALSE); g_mime_gpg_context_set_always_trust ((GMimeGpgContext*) params.crypto.gpgctx, FALSE);
} else { } else {
/* If we fail to create the gpgctx set the verify and
* decrypt flags to FALSE so we don't try to do any
* further verification or decryption */
params.crypto.verify = FALSE;
params.crypto.decrypt = FALSE; params.crypto.decrypt = FALSE;
fprintf (stderr, "Failed to construct gpg context.\n"); fprintf (stderr, "Failed to construct gpg context.\n");
} }