Commit graph

6036 commits

Author SHA1 Message Date
David Bremner
b7ca3c23d1 changelog for backports 2020-05-27 11:49:39 -03:00
David Bremner
ad61f8e34d notmuch Debian 0.29.3-1 upload (same as 0.29.3)
-----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEkiyHYXwaY0SiY6fqA0U5G1WqFSEFAl3eb04ACgkQA0U5G1Wq
 FSG22w//UBCmmJ/osIqJQs0lCzrszJ7AqEwROSj5RluIMhHpYcaITdktUEcZ1JNM
 GW6+pmK5opH6JlbNlyogY/qZRPrfvb0TAxvHl9D2xABs+54mesRP9cNzeqqO52eA
 7E3mRYry3eReNCoW66Fmyqb9DL0AcmzDBVVmpM2/zYeWJp7bzbzTdSSnULkIfMqf
 U3ZakJv+9QbrBRTLNqrsRxuU7LqU88JhNjDYNEQN99mbc0mjApS2oQrn9vI08BGw
 IMTqprjTi+E+169WIiFgtguAE6w5LvqWqQNBK5mDdpR/JjxTAVcX/VhcWDq4zAw5
 7uK7mXSOVre5+NeZYPENa8N6sGM8CMwZgdJj3PIMwoxgfz1TX+qpVyfUm92gp3Zv
 ySVGHvME5Z8/4lwNL30uX+SmxdhMF1e1D45aXbeBvlOQzZOnplbRsezGynmh9bBw
 n3mvjGjM2A6/hiAsmgeH5nA4Mm6tyGCp7e0GrRdFYFYk0WkDRxzKFtZEUII0WRos
 77pmxcYMSDJ/PaZwHZ4upvAyQt5X9IIenTPFAdc7u3MtKPaVAtLNSeJ4wFa3tBoy
 gfO+RVT3gdWOnJZpUMAgsQXNBHdGLILSFjcoghIy4U4KXcHJ+dF0yt+0QL4wPOX3
 EhnRtyIzutDh93Q6QVCgSHCxCbHMnmh9/OD6kiDHzLZnWbyGAYw=
 =TdGH
 -----END PGP SIGNATURE-----

Merge tag 'debian/0.29.3-1' into debian/buster-backports

notmuch Debian 0.29.3-1 upload (same as 0.29.3)
2020-05-27 11:49:10 -03:00
David Bremner
a59ef7d02c debian: changelog for 0.29.3 2019-11-27 08:20:54 -04:00
David Bremner
e5437dc4c2 mention python 2 changes 2019-11-27 08:20:54 -04:00
David Bremner
3efa2ad72c version: bump to 0.29.3 2019-11-27 08:20:54 -04:00
David Bremner
9024b2f5f6 NEWS for 0.29.3 2019-11-27 08:20:54 -04:00
Ralph Seichter
a11b2f0f2d notmuch-dump.c: Fix output file being closed twice
Fixed: If the output file for a dump was non-writeable, gzclose_w()
was called twice on the output file handle, resulting in SIGABRT.

(cherry picked from commit 17806ecc95)
2019-11-27 08:00:00 -04:00
David Bremner
8e22514842 lib: fix memory error in notmuch_config_list_value
The documentation for notmuch_config_list_key warns that that the
returned value will be destroyed by the next call to
notmuch_config_list_key, but it neglected to mention that calling
notmuch_config_list_value would also destroy it (by calling
notmuch_config_list_key). This is surprising, and caused a use after
free bug in _setup_user_query_fields (first noticed by an OpenBSD
porter, so kudos to the OpenBSD malloc implementation).  This change
fixes that use-after-free bug.
2019-11-27 07:58:09 -04:00
David Bremner
2a003f0f50 debian upload 0.29.2-2: goodbye python2 support
Convert to pybuild while we are at it.
2019-11-02 18:21:25 -03:00
David Bremner
1c8d9e172e update NEWS for 0.29.2 2019-10-19 07:37:37 -03:00
David Bremner
75328e4fec Changelog stanza for 0.29.2-1 2019-10-19 07:24:08 -03:00
David Bremner
449e77761e bump version 2019-10-19 07:21:53 -03:00
David Bremner
49621ea8d5 util: whitespace cleanup for 4c5b17b1
Oops. This should make the merge back to master smoother.
2019-10-13 09:18:24 -03:00
David Bremner
4c5b17b10b util: unreference objects referenced by the returned stream obj
We want freeing the returned stream to also free these underlying
objects. Compare tests/test-filters.c in the gmime 3.2.x source, which
uses this same idiom.

Thanks to James Troup for the report and the fix.
2019-10-12 08:45:55 -03:00
David Bremner
2cf38f8e1c test: known broken test file descriptor leak in gzip file open
James Troup reported this bug in id:87pnjsf9q5.fsf@canonical.com
2019-10-12 08:43:39 -03:00
David Bremner
1ee5bdcc1d remove stray ` from NEWS 2019-09-23 21:34:38 -03:00
David Bremner
58e8605218 changelog for buster backports 2019-08-19 16:51:49 -03:00
David Bremner
cc6b1921b9 Merge branch 'debian/unstable' into release 2019-07-21 16:06:41 -03:00
David Bremner
1f43b05174 debian: Changelog for re-upload to unstable 2019-07-21 14:36:12 -03:00
Ralph Seichter
4b17201c4f configure: fix mktemp call for macOS
Add missing template to mktemp, as required by macOS / OS X.

Signed-off-by: Ralph Seichter <abbot@monksofcool.net>
2019-06-17 07:05:08 +02:00
David Bremner
20842dfb6d debian: changelog for 0.29.1-1 2019-06-11 20:16:48 -03:00
David Bremner
6600f8b328 NEWS: news for 0.29.1 2019-06-11 20:15:04 -03:00
David Bremner
f325bd599c version: bump to 0.29.1 2019-06-11 20:11:45 -03:00
David Bremner
3ec47e1165 doc: Don't install emacs docs when they are not built
In 40b025 we stopped building the notmuch-emacs documentation if
HAVE_EMACS=0 (i.e. no emacs was detected by configure). Unfortunately
we continued to try to install the (non-existent) documentation, which
causes build/install failures.

As a bonus, we also avoid installing the documentation if the user
configures --without-emacs.

Thanks to Ralph Seichter for reporting the problem, and testing
previous versions of this fix.
2019-06-10 21:48:03 -03:00
David Bremner
71bf459596 doc: don't build notmuch-emacs.info for configure --without-emacs
Since the docstrings are not built in the case of --without-emacs,
even if emacs is detected, don't let sphinx build the emacs docs. This
avoids a large number of error messages due to missing includes. It's
actually a bit surprising sphinx doesn't generate an error for the
missing include files.
2019-06-10 21:46:55 -03:00
David Bremner
3d9edf4fb1 debian: fix desktop install
Previous version expected full upstream install to be run, and also
caused lintian whine about the the desktop file being in a different
package than the script. I'm not sure they shouldn't both be in
elpa-notmuch, but I can see how they should be together.
2019-06-07 07:20:53 -03:00
David Bremner
46e16011fa debian: install desktop file 2019-06-07 06:46:30 -03:00
David Bremner
b0842be6d1 NEWS: set release date for 0.29 2019-06-07 06:46:30 -03:00
David Bremner
b4fe304344 version: bump to 0.29 2019-06-07 06:46:30 -03:00
David Bremner
1cc18e0479 debian: start changelog for 0.29-1 2019-06-07 06:46:30 -03:00
David Bremner
8057875629 debian: install logo
Thanks to Tim Retout for the patch
2019-06-07 06:46:30 -03:00
David Bremner
ea52ab1284 NEWS: add Emacs front end changes by various people.
These are most of the remaining emacs related chagnes.
2019-06-07 06:46:30 -03:00
Daniel Kahn Gillmor
b3ba6f65cc NEWS: add a note about protected headers
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-06-03 10:20:25 -03:00
David Bremner
5228e06e09 debian: changelog for 0.29~rc1-1 2019-06-03 08:10:19 -03:00
David Bremner
fd97ef8a64 version: bump to 0.29~rc1 2019-06-03 08:08:00 -03:00
David Bremner
6edc073e44 doc: use separate doctrees for distinct builders
It seems our previous attempt with order-only targets was not
sufficient to avoid problems with sphinx-builds doctree cache [0].
Looking around at other people's approaches [1], using separate
doctrees was suggested. I guess there might be a slight loss of
efficiency, but it seems more robust.

[0]: build failures were first noticed in Debian experimental, but I was able to duplicate it in
     my usual build environment about 1 in 8 builds.

[1]: in particular
     9e3fc1657d
2019-06-03 07:35:30 -03:00
David Bremner
80cfc48af5 debian: changelog for 0.29~rc0-1 2019-05-31 08:24:55 -03:00
David Bremner
a425a010c9 version: bump to 0.29~rc0 2019-05-31 08:11:12 -03:00
Daniel Kahn Gillmor
d439e4b5d1 mime-node: be clearer about decryption
Part 0 of a multipart/encrypted object is
GMIME_MULTIPART_ENCRYPTED_VERSION; part 1 is
GMIME_MULTIPART_ENCRYPTED_CONTENT.  Using the name for what we want
describes our intent more clearly than using a magic number in the
code.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-05-31 07:55:46 -03:00
David Bremner
2c1e5c186e test: update test description.
I missed this fix in dkg's revisions.
2019-05-29 08:40:02 -03:00
Daniel Kahn Gillmor
1c704dd22d cli/reply: pull proposed subject line from the message, not the index
Protected subject lines were being emitted in reply when the cleartext
of documents was indexed.  create_reply_message() was pulling the
subject line from the index, rather than pulling it from the
GMimeMessage object that it already has on hand.

This one-line fix to notmuch-reply.c solves that problem, and doesn't
cause any additional tests to fail.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-05-29 08:17:33 -03:00
Daniel Kahn Gillmor
06dedd0a83 test: reply (in cli and emacs) should protect indexed sensitive headers
These tests are currently broken!  When a protected subject is indexed
in the clear, it leaks in the reply headers :(

For emacs, we set up separate tests for when the protected header is
indexed in the clear and when it is unindexed.  neither case should
leak, but the former wasn't tested yet.

We will fix the two broken tests in a subsequent patch.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-05-29 08:17:20 -03:00
Daniel Kahn Gillmor
cd8006886b test: emacs/show: ensure that protected headers appear as expected
This tests notmuch-show; headers appear appropriately based on the
setting of notmuch-crypto-process-mime.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-05-29 08:17:12 -03:00
Daniel Kahn Gillmor
5007595be8 test: ensure that protected headers appear in notmuch-emacs search as expected
We initially test only notmuch-search; tests for other functionality
come in different patchsets later.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-05-29 08:16:58 -03:00
Daniel Kahn Gillmor
809a34a870 test: try indexing nested messages and protected headers
We want to make sure that internally-forwarded messages don't end up
"bubbling up" when they aren't actually the cryptographic payload.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-05-29 08:15:28 -03:00
Daniel Kahn Gillmor
bfed02bb0b test: after reindexing, only legitimate protected subjects are searchable
This test scans for all the possible protected headers (including
bogus/broken ones) that are present in the protected-headers corpus,
trying to make sure that only the ones that are not broken or
malformed show up in a search after re-indexing.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-05-29 08:15:18 -03:00
Daniel Kahn Gillmor
b36248a26e test: protected headers should work when both encrypted and signed.
Up to this point, we've tested protected headers on messages that have
either been encrypted or signed, but not both.

This adds a couple tests of signed+encrypted messages, one where the
subject line is masked (outside subject line is "Subject Unavailable")
and another where it is not (outside Subject: matches inner Subject:)

See the discussion at
https://dkg.fifthhorseman.net/blog/e-mail-cryptography.html#protected-headers
for more details about the nuances between signed, stripped, and
stubbed headers.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-05-29 08:14:57 -03:00
Daniel Kahn Gillmor
5c3a44681f indexing: record protected subject when indexing cleartext
When indexing the cleartext of an encrypted message, record any
protected subject in the database, which should make it findable and
visible in search.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-05-29 08:14:44 -03:00
Daniel Kahn Gillmor
b7b553e732 cli/reply: ensure encrypted Subject: line does not leak in the clear
Now that we can decrypt headers, we want to make sure that clients
using "notmuch reply" to prepare a reply don't leak cleartext in their
subject lines.  In particular, the ["reply-headers"]["Subject"] should
by default show the external Subject.

A replying MUA that intends to protect the Subject line should show
the user the Subject from ["original"]["headers"]["Subject"] instead
of using ["reply-headers"]["Subject"].

This minor asymmetry with "notmuch show" is intentional.  While both
tools always render the cleartext subject line when they know it (in
["headers"]["Subject"] for "notmuch show" and in
["original"]["headers"]["Subject"] for "notmuch reply"), "notmuch
reply" should never leak something that should stay under encrypted
cover in "reply-headers".

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-05-29 08:14:32 -03:00
Daniel Kahn Gillmor
996ef5710c test: show cryptographic envelope information for signed mails
Make sure that we emit the correct cryptographic envelope status for
cleartext signed messages.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-05-29 08:13:06 -03:00