Commit graph

6900 commits

Author SHA1 Message Date
Daniel Kahn Gillmor
30c4fa3702 configure: Ensure that GMime can extract session keys
GMime 3.0 and higher can extract session keys, but it will *not*
extract session keys if it was built with --disable-crypto, or if it
was built against GPGME version < 1.8.0.

Notmuch currently expects to be able to extract session keys, and
tests will fail if it is not possible, so we ensure that this is the
case during ./configure time.

Part of this feels awkward because notmuch doesn't directly depend on
gpg at all.  Rather, it depends on GMime, and the current
implementation of GMime depends on GPGME for its crypto, and GPGME in
turn depends on gpg.

So the use of gpg in ./configure isn't actually introducing a new
dependency, though if a future version of GMime were ever to move away
from GnuPG, we might need to reconsider.

Note that this changeset depends on
id:20190506174327.13457-1-dkg@fifthhorseman.net , which supplies the
rfc822 message test/corpora/crypto/basic-encrypted.eml used in it.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-05-20 16:28:37 -03:00
Daniel Kahn Gillmor
c88e030580 tests: fail and report when a parallel build fails (or times out)
When a parallel build fails (or when it times out, if timeout is
present), the test suite should not blithely succeed.  Catch these
failures and at least report them.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-05-20 14:48:56 -03:00
Daniel Kahn Gillmor
73bf7e532e tests: make timeout configurable with NOTMUCH_TEST_TIMEOUT (default: 2m)
The current 2 minute timeout is reasonable, but to exercise the test
suite or induce timeout failures, we might want to make it shorter.
This makes it configurable so you can run (for example):

    make check NOTMUCH_TEST_TIMEOUT=10s

We stick with the default of 2m.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-05-20 14:48:43 -03:00
Daniel Kahn Gillmor
9c0001de4b test: show what emacs sees of an encrypted message when crypto is disabled
Some users may set notmuch-crypto-process-mime to nil, disabling all
crypto use.  We should have a baseline for what that looks like.
2019-05-10 12:30:03 -03:00
David Bremner
e19954fa18 lib/message-file: close stream in destructor
Without this,

$ make time-test OPTIONS=--small

leads to fatal errors from too many open files.

Thanks to st-gourichon-fid for bringing this problem to my attention in IRC.
2019-05-10 12:26:50 -03:00
Daniel Kahn Gillmor
bda0fecccd test: avoid unnecessary extraction of the test fingerprint
FINGERPRINT is already exported by add_gnupg_home, so this is
unnecessary.  This change also happens to get rid of the superfluous
check-trustdb spew from the test suite that looked like this:

gpg: checking the trustdb
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-05-10 06:56:34 -03:00
David Bremner
f2425a11a3 test: let the OS choose a port for smtp-dummy
This should avoid potential collisions if we start running multiple
smtp-dummy processes in parallel.
2019-05-10 06:56:22 -03:00
Daniel Kahn Gillmor
e1c8357c44 emacs: test notmuch-show during message decryption
We did not have a test showing what message decryption looks like
within notmuch-emacs.  This change gives us a baseline for future work
on the notmuch-emacs interface.

This differs from previous revisions of this patch in that it should
be insensitive to the order in which the local filesystem readdir()s
the underlying maildir.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-05-10 06:54:50 -03:00
Jameson Graef Rollins
eeff431996 tests: environment variable to specify that tests should be serialized
If NOTMUCH_TEST_SERIALIZE is non-null all tests will be run in series,
rather than in parallel.
2019-05-07 06:55:31 -03:00
Jameson Graef Rollins
908d930d22 tests: run all tests in parallel, if available
If either the moreutils or GNU parallel utility are available, run all
tests in parallel.  On my eight core machine this makes for a ~x7
speed-up in the full test suite (1m24s -> 12s).

The design of the test suite makes this parallelization trivial.
2019-05-07 06:54:09 -03:00
Jameson Graef Rollins
591388ccd1 tests: remove entangling corpus index optimization
The add_email_corpus test utility includes logic that tries to re-use
an index of the corpus if available.  This was seemingly done as an
optimization, so that every test that uses the corpus didn't have to
create it's own index of the corpus.  However, this has the perverse
side effect of entangling tests together, and breaks parallelization.

Forcing each test to do it's own index does increase the overall time
of the test slightly (~6%), but this will be more than made up for in
the next patch that introduces paraellization.
2019-05-07 06:53:57 -03:00
Jameson Graef Rollins
7f7af27bd8 tests: remove some redundant pre-cleanup of the corpus MAIL_DIR
add_email_corpus itself does an rm -rf $MAIL_DIR, so these are not necessary.
2019-05-07 06:52:35 -03:00
Daniel Kahn Gillmor
7d48604157 test/crypto: add_gnupg_home should have ultimate trust on "its own" key
The typical use case for gpg is that if you control a secret key, you
mark it with "ultimate" ownertrust.

The opaque --import-ownertrust mechanism is GnuPG's standard mechanism
to set up ultimate ownertrust (the ":6:" means "ultimate", for
whatever reason).

We adjust the test suite to match this change, inverting the sense of
one test: since the default is now that the user ID of the suite's own
key is valid, we change the test to make sure that the user ID is not
emitted when it is *not* valid.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-05-07 06:42:21 -03:00
Daniel Kahn Gillmor
93e699e5c8 test: simplify user ID handling
The user ID on the self-test is a little bit clunky-looking.  It also
may end up showing up elsewhere in the test suite.  Centralizing the
user ID in one place should make it easier to handle if it ever
changes, and should make tests easier to read.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-05-07 06:42:11 -03:00
Daniel Kahn Gillmor
9f05ceb994 test/crypto: clarify the difference between ownertrust and validity
This is a subtle difference, but the output of notmuch shouldn't ever
change based on ownertrust itself -- notmuch is intended to show valid
User IDs, and to avoid showing invalid User IDs.

It so happens that setting ownertrust of a key to ultimate sets all
associated user IDs to "full" validity, so the test is correct, but
just misnamed.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-05-07 06:42:01 -03:00
Daniel Kahn Gillmor
5642efb720 util/crypto: improve comment
The comment line here lingers from when we were using some fancy
version checking about session keys.  Correct it to match the current
state.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-05-07 06:41:28 -03:00
Daniel Kahn Gillmor
f079e7b9c3 emacs: drop use of message-default-charset
Apparently, message-default-charset is deprecated, which causes the
following warning messages during the build:

  In notmuch-maildir-setup-message-for-saving:
  emacs/notmuch-maildir-fcc.el:172:31:Warning: ‘message-default-charset’ is an
      obsolete variable (as of 26.1); The default charset comes from the
      language environment

In discussion with emacs upstream over on
https://debbugs.gnu.org/35370, it appears that we can just drop this
entirely and things should still work with emacs 25.
2019-05-07 06:35:44 -03:00
Pierre Neidhardt
f3cba19f88 emacs: Move notmuch-search-interactive-region to notmuch-lib as notmuch-interactive-region 2019-05-07 06:31:19 -03:00
Daniel Kahn Gillmor
b58594cd5b travis: use ppa:notmuch/notmuch
https://launchpad.net/~notmuch/+archive/ubuntu/notmuch/+packages
contains backports of gmime and gpgme and related cryptographic tools
to ubuntu xenial.

I tried to do a simple backport of gmime alone, and it failed due to
the older gpgme in xenial, so this setup resolves those problems.

This should allow us to continue to use the Travis continuous
integration build.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-05-06 20:39:29 -03:00
David Bremner
6682b4e686 Merge tag 0.28.4
No functionality changes merged, since the bug in question was already
fixed on master.
2019-05-05 16:38:51 -03:00
David Bremner
93bd675c2a debian: changelog for 0.28.4-1 2019-05-05 08:09:30 -03:00
David Bremner
1235902ed2 version: bump to 0.28.4 2019-05-05 08:06:07 -03:00
David Bremner
e49398dcad NEWS: NEWS for 0.28.4 2019-05-05 08:04:53 -03:00
David Bremner
ae6b52488d cli/show: avoid empty write to stdout in format_part_raw
Previously if the input was exactly a multiple of the internal buffer
size, notmuch would attempt to fwrite nothing to stdout, but still
expected fwrite to return 1, causing a failure that looked like this:

  $ notmuch show --format=raw id:87o96f1cya.fsf@codeaurora.org
    ...entire message shown as expected..
  Error: Write failed
  $ echo $?
  1

To fix the problem don't call fwrite at all when there's nothing to
write.

Amended by db: add some tests of message sizes likely to cause this
problem.
2019-05-05 08:01:17 -03:00
David Bremner
103c11822e cli/notmuch-show: support gzipped files
This drops "file" from mime_node_context and just uses a local
variable. It also uses the new gzip aware utility routines recently
added to util/gmime-extra.c. The use of gzopen / gzfile in addition is
a bit icky, but the choice is between that, and providing yet another
readline implimentation that understands GMime streams.
2019-05-03 07:48:43 -03:00
David Bremner
852167479f lib/message_file: open gzipped files
Rather than storing the lower level stdio FILE object, we store a
GMime stream. This allows both transparent decompression, and passing
the stream into GMime for parsing. As a side effect, we can let GMime
close the underlying OS stream (indeed, that stream isn't visible here
anymore).

This change is enough to get notmuch-{new,search} working, but there is still
some work required for notmuch-show, to be done in a following commit.
2019-05-03 07:48:43 -03:00
David Bremner
98b3eebc37 util/gmime-extra: add g_mime_stream_gzfile_{new, open}
These are usable as standard GMime streams, and transparently
decompress gzipped files.
2019-05-03 07:48:38 -03:00
David Bremner
2f33afd159 travis: bump gmime depends to 3.0
This is currently unsatisfiable, but at least the build should fail in
a comprehensible way.
2019-05-03 06:59:23 -03:00
Daniel Kahn Gillmor
c7bb4c7741 gmime-cleanup: no longer need to use GMime major version during build
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-05-03 06:58:21 -03:00
Daniel Kahn Gillmor
e9b870b692 gmime-cleanup: pass NULL as default GMimeParserOptions
This is a functional change, not a straight translation, because we
are no longer directly invoking g_mime_parser_options_get_default(),
but the GMime source has indicated that the options parameter for
g_mime_parser_construct_message() is "nullable" since upstream commit
d0ebdd2ea3e6fa635a2a551c846e9bc8b6040353 (which itself precedes GMime
3.0).

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-05-03 06:58:00 -03:00
Daniel Kahn Gillmor
bbe3015b3e gmime-cleanup: pass NULL arguments explicitly where GMime 3.0 expects it
Several GMime 2.6 functions sprouted a change in the argument order in
GMime 3.0.  We had a compatibility layer here to be able to handle
compiling against both GMime 2.6 and 3.0.  Now that we're using 3.0
only, rip out the compatibility layer for those functions with changed
argument lists, and explicitly use the 3.0 argument lists.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-05-03 06:57:27 -03:00
Daniel Kahn Gillmor
582f255aeb gmime-cleanup: use GMime 3.0 function names
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-05-03 06:57:16 -03:00
Daniel Kahn Gillmor
38240aafac gmime-cleanup: use GMime 3.0 data types
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-05-03 06:57:06 -03:00
Daniel Kahn Gillmor
58ee5d1bb5 gmime-cleanup: drop unused gmime #defines and simplify g_mime_init ()
Several of these #defines were not actually used in the notmuch
codebase any longer.  And as of GMime 3.0, g_mime_init takes no
arguments, so we can also drop the bogus RFC2047 argument that we were
passing and then #defining away.

signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-05-03 06:56:58 -03:00
Daniel Kahn Gillmor
b7ac4c05e1 gmime-cleanup: drop all arguments unused in GMime 3
This means dropping GMimeCryptoContext and notmuch_config arguments.

All the argument changes are to internal functions, so this is not an
API or ABI break.

We also get to drop the #define for g_mime_3_unused.

signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-05-03 06:56:38 -03:00
Daniel Kahn Gillmor
591a0787c2 gmime-cleanup: drop g_mime_2_6_unref
signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-05-03 06:56:28 -03:00
Daniel Kahn Gillmor
7e6f55b268 gmime-cleanup: simplify T355-smime.sh
GMime 3.0 and later can handle User ID as expected.

signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-05-03 06:55:52 -03:00
Daniel Kahn Gillmor
652baa6fe6 gmime-cleanup: tests should only care about gmime 3
note that "notmuch-show for message with invalid From" is still broken
in T310-emacs.sh.  It would be good to debug what's going on there and
try to get it fixed!

signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-05-03 06:55:44 -03:00
Daniel Kahn Gillmor
bb0b119358 gmime-cleanup: always support session keys
Our minimum version of GMime 3.0 always supports good session key
handling.

signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-05-03 06:55:32 -03:00
Daniel Kahn Gillmor
096d45a878 gmime-cleanup: remove obsolete gpg_path configuration option and crypto contexts
Note that we do keep ignoring the gpg_path configuration option,
though, to avoid breakage of existing installations.  It is ignored
like any other unknown configuration option, but we at least document
that it is ignored so that people who find it in their legacy configs
can know that it's safe to drop.

signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-05-03 06:55:04 -03:00
Daniel Kahn Gillmor
35e21bfb6f gmime-cleanup: remove GMime 2.6 variant codeblocks
signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-05-03 06:50:40 -03:00
Daniel Kahn Gillmor
f6da475e35 gmime-cleanup: drop unused gmime 2.6 content_type from _index_encrypted_mime_part
In _index_mime_part, we don't need to extract the content-type from
the part until just before we use it, so we also defer it lazily.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-05-03 06:50:27 -03:00
David Bremner
570349e132 build: drop support for gmime-2.6
GMime 3.0 is over 2 years old now, and 2.6 has been deprecated in
notmuch for about 1.5 years.

Comments and documentation no longer need to refer to GMime 2.6, so
clean them all up.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-05-03 06:49:49 -03:00
Örjan Ekeberg
2dfbd26c42 emacs: Make first documentation line distinct for "a" and "x" commands.
Since only the first line of the documentation is shown by the
help command, it is confusing when "x" and "a" seem to have the same
binding in show-mode.  This commit makes the two function documentations
first lines different and (hopefully) clearer.
2019-04-26 08:18:10 -03:00
Daniel Kahn Gillmor
afb0b11dcd crypto: Avoid pretending to verify signatures on unsigned encrypted mail
Unsigned encrypted mail shows up with a weird empty signature list.
If we successfully decrypted and there was no signature in it, we
should just not show a sigstatus at all.

The documentation for g_mime_decrypt_result_get_signatures says:

    a GMimeSignatureList or NULL if the stream was not signed.
2019-04-26 08:03:15 -03:00
Daniel Kahn Gillmor
325a924227 cli/show: pass the siglist directly to the sigstatus sprinter
This makes it easier to reuse format_part_sigstatus_sprinter() when we
have other places that we want to display a signature status.
2019-04-24 07:17:57 -03:00
Daniel Kahn Gillmor
22ec4a36e6 tests: move FINGERPRINT definition to add_gnupg_home
If a test has added a GnuPG homedir, it may well want to know the
fingerprint.  This saves us from having to redefine this magic string
in multiple places when more tests eventually use the GnuPG homedir.
2019-04-24 07:16:46 -03:00
Doan Tran Cong Danh
816633e636 python: support relative path in default database
From notmuch 0.28, notmuch support relative database path in
notmuch-config(1), but python binding haven't taught this yet.

afew denied to work with a perfectly fine notmuch-config due to this.
2019-04-24 07:10:53 -03:00
Örjan Ekeberg
f599ea7877 emacs: Add missing type and group to defcustom variable
Added the type 'regexp and group 'notmuch-send as properties to the
customizable variable notmuch-mua-attachment-regexp.
2019-04-24 07:06:55 -03:00
David Bremner
40b025c5f1 doc: exclude notmuch-emacs.rst if emacs is not present.
This will still generate a warning about an excluded document in the
toctree, but it cuts down on the noise quite a lot.
2019-04-24 06:53:13 -03:00