mirror of
https://git.notmuchmail.org/git/notmuch
synced 2024-11-24 20:08:10 +01:00
util/repair: add _notmuch_repair_crypto_payload_skip_legacy_display
This is a utility function designed to make it easier to "fast-forward" past a legacy-display part associated with a cryptographic envelope, and show the user the intended message body. The bulk of the ugliness in here is in the test function _notmuch_crypto_payload_has_legacy_display, which tests all of the things we'd expect to be true in a a cryptographic payload that contains a legacy display part. Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
This commit is contained in:
parent
ab0ae8b1c0
commit
ff3d873f0b
2 changed files with 118 additions and 0 deletions
101
util/repair.c
101
util/repair.c
|
@ -18,4 +18,105 @@
|
||||||
* Authors: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
|
* Authors: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
#include <stdbool.h>
|
||||||
#include "repair.h"
|
#include "repair.h"
|
||||||
|
|
||||||
|
|
||||||
|
static bool
|
||||||
|
_notmuch_crypto_payload_has_legacy_display (GMimeObject *payload)
|
||||||
|
{
|
||||||
|
GMimeMultipart *mpayload;
|
||||||
|
const char *protected_header_parameter;
|
||||||
|
GMimeTextPart *legacy_display;
|
||||||
|
char *legacy_display_header_text = NULL;
|
||||||
|
GMimeStream *stream = NULL;
|
||||||
|
GMimeParser *parser = NULL;
|
||||||
|
GMimeObject *legacy_header_object = NULL, *first;
|
||||||
|
GMimeHeaderList *legacy_display_headers = NULL, *protected_headers = NULL;
|
||||||
|
bool ret = false;
|
||||||
|
|
||||||
|
if (! g_mime_content_type_is_type (g_mime_object_get_content_type (payload),
|
||||||
|
"multipart", "mixed"))
|
||||||
|
return false;
|
||||||
|
protected_header_parameter = g_mime_object_get_content_type_parameter (payload, "protected-headers");
|
||||||
|
if ((! protected_header_parameter) || strcmp (protected_header_parameter, "v1"))
|
||||||
|
return false;
|
||||||
|
if (! GMIME_IS_MULTIPART (payload))
|
||||||
|
return false;
|
||||||
|
mpayload = GMIME_MULTIPART (payload);
|
||||||
|
if (mpayload == NULL)
|
||||||
|
return false;
|
||||||
|
if (g_mime_multipart_get_count (mpayload) != 2)
|
||||||
|
return false;
|
||||||
|
first = g_mime_multipart_get_part (mpayload, 0);
|
||||||
|
if (! g_mime_content_type_is_type (g_mime_object_get_content_type (first),
|
||||||
|
"text", "rfc822-headers"))
|
||||||
|
return false;
|
||||||
|
protected_header_parameter = g_mime_object_get_content_type_parameter (first, "protected-headers");
|
||||||
|
if ((! protected_header_parameter) || strcmp (protected_header_parameter, "v1"))
|
||||||
|
return false;
|
||||||
|
if (! GMIME_IS_TEXT_PART (first))
|
||||||
|
return false;
|
||||||
|
|
||||||
|
/* ensure that the headers in the first part all match the values
|
||||||
|
* found in the payload's own protected headers! if they don't,
|
||||||
|
* we should not treat this as a valid "legacy-display" part.
|
||||||
|
*
|
||||||
|
* Crafting a GMimeHeaderList object from the content of the
|
||||||
|
* text/rfc822-headers part is pretty clumsy; we should probably
|
||||||
|
* push something into GMime that makes this a one-shot
|
||||||
|
* operation. */
|
||||||
|
if ((protected_headers = g_mime_object_get_header_list (payload), protected_headers) &&
|
||||||
|
(legacy_display = GMIME_TEXT_PART (first), legacy_display) &&
|
||||||
|
(legacy_display_header_text = g_mime_text_part_get_text (legacy_display), legacy_display_header_text) &&
|
||||||
|
(stream = g_mime_stream_mem_new_with_buffer (legacy_display_header_text, strlen (legacy_display_header_text)), stream) &&
|
||||||
|
(g_mime_stream_write (stream, "\r\n\r\n", 4) == 4) &&
|
||||||
|
(g_mime_stream_seek (stream, 0, GMIME_STREAM_SEEK_SET) == 0) &&
|
||||||
|
(parser = g_mime_parser_new_with_stream (stream), parser) &&
|
||||||
|
(legacy_header_object = g_mime_parser_construct_part (parser, NULL), legacy_header_object) &&
|
||||||
|
(legacy_display_headers = g_mime_object_get_header_list (legacy_header_object), legacy_display_headers)) {
|
||||||
|
/* walk through legacy_display_headers, comparing them against
|
||||||
|
* their values in the protected_headers: */
|
||||||
|
ret = true;
|
||||||
|
for (int i = 0; i < g_mime_header_list_get_count (legacy_display_headers); i++) {
|
||||||
|
GMimeHeader *dh = g_mime_header_list_get_header_at (legacy_display_headers, i);
|
||||||
|
if (dh == NULL) {
|
||||||
|
ret = false;
|
||||||
|
goto DONE;
|
||||||
|
}
|
||||||
|
GMimeHeader *ph = g_mime_header_list_get_header (protected_headers, g_mime_header_get_name (dh));
|
||||||
|
if (ph == NULL) {
|
||||||
|
ret = false;
|
||||||
|
goto DONE;
|
||||||
|
}
|
||||||
|
const char *dhv = g_mime_header_get_value (dh);
|
||||||
|
const char *phv = g_mime_header_get_value (ph);
|
||||||
|
if (dhv == NULL || phv == NULL || strcmp (dhv, phv)) {
|
||||||
|
ret = false;
|
||||||
|
goto DONE;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
DONE:
|
||||||
|
if (legacy_display_header_text)
|
||||||
|
g_free (legacy_display_header_text);
|
||||||
|
if (stream)
|
||||||
|
g_object_unref (stream);
|
||||||
|
if (parser)
|
||||||
|
g_object_unref (parser);
|
||||||
|
if (legacy_header_object)
|
||||||
|
g_object_unref (legacy_header_object);
|
||||||
|
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
|
GMimeObject *
|
||||||
|
_notmuch_repair_crypto_payload_skip_legacy_display (GMimeObject *payload)
|
||||||
|
{
|
||||||
|
if (_notmuch_crypto_payload_has_legacy_display (payload)) {
|
||||||
|
return g_mime_multipart_get_part (GMIME_MULTIPART (payload), 1);
|
||||||
|
} else {
|
||||||
|
return payload;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
|
@ -11,6 +11,23 @@ extern "C" {
|
||||||
* techniques that are designed to improve the user experience of
|
* techniques that are designed to improve the user experience of
|
||||||
* notmuch */
|
* notmuch */
|
||||||
|
|
||||||
|
/* If payload is a cryptographic payload within an encrypted message, and
|
||||||
|
* it has a "legacy display" part, then we can skip over it and jump
|
||||||
|
* to the actual content, because notmuch already handles protected
|
||||||
|
* headers appropriately.
|
||||||
|
*
|
||||||
|
* This function either returns payload directly (if it does not have
|
||||||
|
* a "legacy display" part), or it returns a pointer to its
|
||||||
|
* content-bearing subpart, with the "legacy display" part and the
|
||||||
|
* surrounding multipart/mixed object bypassed.
|
||||||
|
*
|
||||||
|
* No new objects are created by calling this function, and the
|
||||||
|
* returned object will only be released when the original part is
|
||||||
|
* disposed of.
|
||||||
|
*/
|
||||||
|
GMimeObject *
|
||||||
|
_notmuch_repair_crypto_payload_skip_legacy_display (GMimeObject *payload);
|
||||||
|
|
||||||
#ifdef __cplusplus
|
#ifdef __cplusplus
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
Loading…
Reference in a new issue