From: Jameson Graef Rollins <jrollins@finestructure.net>
To: Notmuch Mail <notmuch@notmuchmail.org>
Subject: [PATCH v5 6/7] cli: new crypto verify flag to handle verification
Date: Sat, 26 May 2012 11:45:45 -0700 [thread overview]
Message-ID: <1338057946-29209-7-git-send-email-jrollins@finestructure.net> (raw)
In-Reply-To: <1338057946-29209-6-git-send-email-jrollins@finestructure.net>
Use this flag rather than depend on the existence of an initialized
gpgctx, to determine whether we should verify a multipart/signed. We
will be moving to create the ctx lazily, so we don't want to depend on
it being previously initialized if it's not needed.
---
mime-node.c | 5 ++---
notmuch-client.h | 8 ++++----
notmuch-reply.c | 1 +
notmuch-show.c | 14 +++++++++++---
4 files changed, 18 insertions(+), 10 deletions(-)
diff --git a/mime-node.c b/mime-node.c
index a838224..73e28c5 100644
--- a/mime-node.c
+++ b/mime-node.c
@@ -183,8 +183,7 @@ _mime_node_create (mime_node_t *parent, GMimeObject *part)
}
/* Handle PGP/MIME parts */
- if (GMIME_IS_MULTIPART_ENCRYPTED (part)
- && node->ctx->crypto->gpgctx && node->ctx->crypto->decrypt) {
+ if (GMIME_IS_MULTIPART_ENCRYPTED (part) && node->ctx->crypto->decrypt) {
if (node->nchildren != 2) {
/* this violates RFC 3156 section 4, so we won't bother with it. */
fprintf (stderr, "Error: %d part(s) for a multipart/encrypted "
@@ -218,7 +217,7 @@ _mime_node_create (mime_node_t *parent, GMimeObject *part)
(err ? err->message : "no error explanation given"));
}
}
- } else if (GMIME_IS_MULTIPART_SIGNED (part) && node->ctx->crypto->gpgctx) {
+ } else if (GMIME_IS_MULTIPART_SIGNED (part) && node->ctx->crypto->verify) {
if (node->nchildren != 2) {
/* this violates RFC 3156 section 5, so we won't bother with it. */
fprintf (stderr, "Error: %d part(s) for a multipart/signed message "
diff --git a/notmuch-client.h b/notmuch-client.h
index 962c747..0f29a83 100644
--- a/notmuch-client.h
+++ b/notmuch-client.h
@@ -79,6 +79,7 @@ typedef struct notmuch_show_format {
typedef struct notmuch_crypto {
notmuch_crypto_context_t* gpgctx;
+ notmuch_bool_t verify;
notmuch_bool_t decrypt;
} notmuch_crypto_t;
@@ -350,10 +351,9 @@ struct mime_node {
};
/* Construct a new MIME node pointing to the root message part of
- * message. If crypto->gpgctx is non-NULL, it will be used to verify
- * signatures on any child parts. If crypto->decrypt is true, then
- * crypto.gpgctx will additionally be used to decrypt any encrypted
- * child parts.
+ * message. If crypto->verify is true, signed child parts will be
+ * verified. If crypto->decrypt is true, encrypted child parts will be
+ * decrypted.
*
* Return value:
*
diff --git a/notmuch-reply.c b/notmuch-reply.c
index 6f368c9..1ab3db9 100644
--- a/notmuch-reply.c
+++ b/notmuch-reply.c
@@ -707,6 +707,7 @@ notmuch_reply_command (void *ctx, int argc, char *argv[])
notmuch_show_params_t params = {
.part = -1,
.crypto = {
+ .verify = FALSE,
.decrypt = FALSE
}
};
diff --git a/notmuch-show.c b/notmuch-show.c
index fb5e9b6..3c06792 100644
--- a/notmuch-show.c
+++ b/notmuch-show.c
@@ -987,11 +987,11 @@ notmuch_show_command (void *ctx, unused (int argc), unused (char *argv[]))
.part = -1,
.omit_excluded = TRUE,
.crypto = {
+ .verify = FALSE,
.decrypt = FALSE
}
};
int format_sel = NOTMUCH_FORMAT_NOT_SPECIFIED;
- notmuch_bool_t verify = FALSE;
int exclude = EXCLUDE_TRUE;
notmuch_opt_desc_t options[] = {
@@ -1008,7 +1008,7 @@ notmuch_show_command (void *ctx, unused (int argc), unused (char *argv[]))
{ NOTMUCH_OPT_INT, ¶ms.part, "part", 'p', 0 },
{ NOTMUCH_OPT_BOOLEAN, ¶ms.entire_thread, "entire-thread", 't', 0 },
{ NOTMUCH_OPT_BOOLEAN, ¶ms.crypto.decrypt, "decrypt", 'd', 0 },
- { NOTMUCH_OPT_BOOLEAN, &verify, "verify", 'v', 0 },
+ { NOTMUCH_OPT_BOOLEAN, ¶ms.crypto.verify, "verify", 'v', 0 },
{ 0, 0, 0, 0, 0 }
};
@@ -1018,6 +1018,10 @@ notmuch_show_command (void *ctx, unused (int argc), unused (char *argv[]))
return 1;
}
+ /* decryption implies verification */
+ if (params.crypto.decrypt)
+ params.crypto.verify = TRUE;
+
if (format_sel == NOTMUCH_FORMAT_NOT_SPECIFIED) {
/* if part was requested and format was not specified, use format=raw */
if (params.part >= 0)
@@ -1052,7 +1056,7 @@ notmuch_show_command (void *ctx, unused (int argc), unused (char *argv[]))
break;
}
- if (params.crypto.decrypt || verify) {
+ if (params.crypto.decrypt || params.crypto.verify) {
#ifdef GMIME_ATLEAST_26
/* TODO: GMimePasswordRequestFunc */
params.crypto.gpgctx = g_mime_gpg_context_new (NULL, "gpg");
@@ -1063,6 +1067,10 @@ notmuch_show_command (void *ctx, unused (int argc), unused (char *argv[]))
if (params.crypto.gpgctx) {
g_mime_gpg_context_set_always_trust ((GMimeGpgContext*) params.crypto.gpgctx, FALSE);
} else {
+ /* If we fail to create the gpgctx set the verify and
+ * decrypt flags to FALSE so we don't try to do any
+ * further verification or decryption */
+ params.crypto.verify = FALSE;
params.crypto.decrypt = FALSE;
fprintf (stderr, "Failed to construct gpg context.\n");
}
--
1.7.10
next prev parent reply other threads:[~2012-05-26 18:46 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-05-26 18:45 [PATCH v5 0/7] cli: improved crypto internals Jameson Graef Rollins
2012-05-26 18:45 ` [PATCH v5 1/7] cli: use new typedef to deal with gmime 2.4/2.6 context incompatibility Jameson Graef Rollins
2012-05-26 18:45 ` [PATCH v5 2/7] cli: new crypto structure to store crypto contexts and parameters, and functions to support it Jameson Graef Rollins
2012-05-26 18:45 ` [PATCH v5 3/7] cli: modify show and reply to use new crypto struct Jameson Graef Rollins
2012-05-26 18:45 ` [PATCH v5 4/7] cli: modify mime_node_open to take new crypto struct as argument Jameson Graef Rollins
2012-05-26 18:45 ` [PATCH v5 5/7] cli: modify mime_node_context to use the new crypto struct Jameson Graef Rollins
2012-05-26 18:45 ` Jameson Graef Rollins [this message]
2012-05-26 18:45 ` [PATCH v5 7/7] cli: use new notmuch_crypto_get_context in mime-node.c Jameson Graef Rollins
2012-06-08 18:05 ` [PATCH v5 0/7] cli: improved crypto internals Jameson Graef Rollins
2012-06-10 2:17 ` Austin Clements
2012-06-10 19:34 ` Jani Nikula
2012-06-11 5:41 ` Jameson Graef Rollins
2012-06-10 23:20 ` David Bremner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://notmuchmail.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1338057946-29209-7-git-send-email-jrollins@finestructure.net \
--to=jrollins@finestructure.net \
--cc=notmuch@notmuchmail.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://yhetil.org/notmuch.git/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).