cli: write session keys to database, if asked to do so

If the decryption policy is NOTMUCH_DECRYPT_TRUE, that means we want
to stash session keys in the database.  Note that there is currently
no way from the command line to set it this way, though, so it is not
yet included in the test suite.
This commit is contained in:
Daniel Kahn Gillmor 2018-05-11 02:57:56 -04:00 committed by David Bremner
parent f32e52448b
commit bc842bfff1

View file

@ -197,16 +197,18 @@ node_decrypt_and_verify (mime_node_t *node, GMimeObject *part,
GError *err = NULL; GError *err = NULL;
GMimeDecryptResult *decrypt_result = NULL; GMimeDecryptResult *decrypt_result = NULL;
GMimeMultipartEncrypted *encrypteddata = GMIME_MULTIPART_ENCRYPTED (part); GMimeMultipartEncrypted *encrypteddata = GMIME_MULTIPART_ENCRYPTED (part);
notmuch_message_t *message = NULL;
if (! node->decrypted_child) { if (! node->decrypted_child) {
mime_node_t *parent; for (mime_node_t *parent = node; parent; parent = parent->parent)
for (parent = node; parent; parent = parent->parent) if (parent->envelope_file) {
if (parent->envelope_file) message = parent->envelope_file;
break; break;
}
node->decrypted_child = _notmuch_crypto_decrypt (&node->decrypt_attempted, node->decrypted_child = _notmuch_crypto_decrypt (&node->decrypt_attempted,
node->ctx->crypto->decrypt, node->ctx->crypto->decrypt,
parent ? parent->envelope_file : NULL, message,
cryptoctx, encrypteddata, &decrypt_result, &err); cryptoctx, encrypteddata, &decrypt_result, &err);
} }
if (! node->decrypted_child) { if (! node->decrypted_child) {
@ -225,6 +227,18 @@ node_decrypt_and_verify (mime_node_t *node, GMimeObject *part,
g_object_ref (node->sig_list); g_object_ref (node->sig_list);
set_signature_list_destructor (node); set_signature_list_destructor (node);
} }
#if HAVE_GMIME_SESSION_KEYS
if (node->ctx->crypto->decrypt == NOTMUCH_DECRYPT_TRUE && message) {
notmuch_database_t *db = notmuch_message_get_database (message);
const char *session_key = g_mime_decrypt_result_get_session_key (decrypt_result);
if (db && session_key)
print_status_message ("Failed to stash session key in the database",
message,
notmuch_message_add_property (message, "session-key",
session_key));
}
#endif
g_object_unref (decrypt_result); g_object_unref (decrypt_result);
} }