mirror of
https://git.notmuchmail.org/git/notmuch
synced 2024-11-21 18:38:08 +01:00
cli/show: If a leaf part has children, show them instead of omitting
Until we did PKCS#7 unwrapping, no leaf MIME part could have a child. Now, we treat the unwrapped MIME part as the child of the PKCS#7 SignedData object. So in that case, we want to show it instead of deliberately omitting the content. This fixes the test of the protected subject in id:smime-onepart-signed@protected-headers.example. Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
This commit is contained in:
parent
5f4aceee26
commit
f12fb4d819
3 changed files with 14 additions and 6 deletions
|
@ -759,7 +759,16 @@ format_part_sprinter (const void *ctx, sprinter_t *sp, mime_node_t *node,
|
||||||
sp->string_len (sp, (char *) part_content->data, part_content->len);
|
sp->string_len (sp, (char *) part_content->data, part_content->len);
|
||||||
g_object_unref (stream_memory);
|
g_object_unref (stream_memory);
|
||||||
} else {
|
} else {
|
||||||
format_omitted_part_meta_sprinter (sp, meta, GMIME_PART (node->part));
|
/* if we have a child part despite being a standard
|
||||||
|
* (non-multipart) MIME part, that means there is
|
||||||
|
* something to unwrap, which we will present in
|
||||||
|
* content: */
|
||||||
|
if (node->nchildren) {
|
||||||
|
sp->map_key (sp, "content");
|
||||||
|
sp->begin_list (sp);
|
||||||
|
nclose = 1;
|
||||||
|
} else
|
||||||
|
format_omitted_part_meta_sprinter (sp, meta, GMIME_PART (node->part));
|
||||||
}
|
}
|
||||||
} else if (GMIME_IS_MULTIPART (node->part)) {
|
} else if (GMIME_IS_MULTIPART (node->part)) {
|
||||||
sp->map_key (sp, "content");
|
sp->map_key (sp, "content");
|
||||||
|
|
|
@ -177,12 +177,10 @@ On Tue, 26 Nov 2019 20:11:29 -0400, Alice Lovelace <alice@smime.example> wrote:
|
||||||
test_expect_equal "$expected" "$output"
|
test_expect_equal "$expected" "$output"
|
||||||
|
|
||||||
test_begin_subtest "show PKCS#7 SignedData outputs valid JSON"
|
test_begin_subtest "show PKCS#7 SignedData outputs valid JSON"
|
||||||
test_subtest_known_broken
|
|
||||||
output=$(notmuch show --format=json id:smime-onepart-signed@protected-headers.example)
|
output=$(notmuch show --format=json id:smime-onepart-signed@protected-headers.example)
|
||||||
test_valid_json "$output"
|
test_valid_json "$output"
|
||||||
|
|
||||||
test_begin_subtest "Verify signature on PKCS#7 SignedData message"
|
test_begin_subtest "Verify signature on PKCS#7 SignedData message"
|
||||||
test_subtest_known_broken
|
|
||||||
output=$(notmuch show --format=json id:smime-onepart-signed@protected-headers.example)
|
output=$(notmuch show --format=json id:smime-onepart-signed@protected-headers.example)
|
||||||
|
|
||||||
test_json_nodes <<<"$output" \
|
test_json_nodes <<<"$output" \
|
||||||
|
@ -192,7 +190,9 @@ test_json_nodes <<<"$output" \
|
||||||
'status:[0][0][0]["crypto"]["signed"]["status"][0]["status"]="good"'
|
'status:[0][0][0]["crypto"]["signed"]["status"][0]["status"]="good"'
|
||||||
|
|
||||||
test_begin_subtest "Verify signature on PKCS#7 SignedData message signer User ID"
|
test_begin_subtest "Verify signature on PKCS#7 SignedData message signer User ID"
|
||||||
test_subtest_known_broken
|
if [ $NOTMUCH_GMIME_X509_CERT_VALIDITY -ne 1 ]; then
|
||||||
|
test_subtest_known_broken
|
||||||
|
fi
|
||||||
test_json_nodes <<<"$output" \
|
test_json_nodes <<<"$output" \
|
||||||
'userid:[0][0][0]["crypto"]["signed"]["status"][0]["userid"]="CN=Alice Lovelace"'
|
'userid:[0][0][0]["crypto"]["signed"]["status"][0]["userid"]="CN=Alice Lovelace"'
|
||||||
|
|
||||||
|
|
|
@ -157,7 +157,6 @@ test_expect_equal "$output" id:protected-with-legacy-display@crypto.notmuchmail.
|
||||||
|
|
||||||
for variant in multipart-signed onepart-signed; do
|
for variant in multipart-signed onepart-signed; do
|
||||||
test_begin_subtest "verify signed PKCS#7 subject ($variant)"
|
test_begin_subtest "verify signed PKCS#7 subject ($variant)"
|
||||||
[ "$variant" = multipart-signed ] || test_subtest_known_broken
|
|
||||||
output=$(notmuch show --verify --format=json "id:smime-${variant}@protected-headers.example")
|
output=$(notmuch show --verify --format=json "id:smime-${variant}@protected-headers.example")
|
||||||
test_json_nodes <<<"$output" \
|
test_json_nodes <<<"$output" \
|
||||||
'signed_subject:[0][0][0]["crypto"]["signed"]["headers"]=["Subject"]' \
|
'signed_subject:[0][0][0]["crypto"]["signed"]["headers"]=["Subject"]' \
|
||||||
|
@ -165,7 +164,7 @@ for variant in multipart-signed onepart-signed; do
|
||||||
'sig_fpr:[0][0][0]["crypto"]["signed"]["status"][0]["fingerprint"]="702BA4B157F1E2B7D16B0C6A5FFC8A7DE2057DEB"' \
|
'sig_fpr:[0][0][0]["crypto"]["signed"]["status"][0]["fingerprint"]="702BA4B157F1E2B7D16B0C6A5FFC8A7DE2057DEB"' \
|
||||||
'not_encrypted:[0][0][0]["crypto"]!"decrypted"'
|
'not_encrypted:[0][0][0]["crypto"]!"decrypted"'
|
||||||
test_begin_subtest "verify signed PKCS#7 subject ($variant) signer User ID"
|
test_begin_subtest "verify signed PKCS#7 subject ($variant) signer User ID"
|
||||||
if [ $NOTMUCH_GMIME_X509_CERT_VALIDITY -ne 1 ] || [ "$variant" != multipart-signed ]; then
|
if [ $NOTMUCH_GMIME_X509_CERT_VALIDITY -ne 1 ]; then
|
||||||
test_subtest_known_broken
|
test_subtest_known_broken
|
||||||
fi
|
fi
|
||||||
test_json_nodes <<<"$output" \
|
test_json_nodes <<<"$output" \
|
||||||
|
|
Loading…
Reference in a new issue