From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: Notmuch Mail <notmuch@notmuchmail.org>
Subject: [PATCH v2 09/16] index encrypted parts when asked.
Date: Tue, 19 Jan 2016 21:52:42 -0500 [thread overview]
Message-ID: <1453258369-7366-10-git-send-email-dkg@fifthhorseman.net> (raw)
In-Reply-To: <1453258369-7366-1-git-send-email-dkg@fifthhorseman.net>
If we see index options that ask us to decrypt when indexing a
message, and we encounter an encrypted part, we'll try to descend into
it.
If we can decrypt, we tag the message with index-decrypted.
If we can't decrypt (or recognize the encrypted type of mail), we tag
with decryption-failed.
Note that a single message may be tagged with "encrypted" and
"index-decrypted" and "decryption-failed". For example, consider a
message that includes multiple layers of encryption. It is
automatically tagged with "encrypted". If we decrypt the outer layer
("index-decrypted"), but fail on the inner layer
("decryption-failed").
---
lib/database.cc | 3 ++-
lib/index.cc | 64 ++++++++++++++++++++++++++++++++++++++++++++++++---
lib/notmuch-private.h | 1 +
3 files changed, 64 insertions(+), 4 deletions(-)
diff --git a/lib/database.cc b/lib/database.cc
index 0d4dc9b..7d88f69 100644
--- a/lib/database.cc
+++ b/lib/database.cc
@@ -2402,6 +2402,7 @@ notmuch_database_add_message (notmuch_database_t *notmuch,
notmuch_status_t ret = NOTMUCH_STATUS_SUCCESS, ret2;
notmuch_private_status_t private_status;
notmuch_bool_t is_ghost = false;
+ notmuch_indexopts_t *indexopts = NULL;
const char *date, *header;
const char *from, *to, *subject;
@@ -2514,7 +2515,7 @@ notmuch_database_add_message (notmuch_database_t *notmuch,
date = _notmuch_message_file_get_header (message_file, "date");
_notmuch_message_set_header_values (message, date, from, subject);
- ret = _notmuch_message_index_file (message, message_file);
+ ret = _notmuch_message_index_file (message, indexopts, message_file);
if (ret)
goto DONE;
} else {
diff --git a/lib/index.cc b/lib/index.cc
index ab0fd78..eb406d2 100644
--- a/lib/index.cc
+++ b/lib/index.cc
@@ -300,9 +300,14 @@ _index_address_list (notmuch_message_t *message,
}
}
+static void
+_index_encrypted_mime_part (notmuch_message_t *message, notmuch_indexopts_t *indexopts,
+ GMimeContentType *content_type, GMimeMultipartEncrypted *part);
+
/* Callback to generate terms for each mime part of a message. */
static void
_index_mime_part (notmuch_message_t *message,
+ notmuch_indexopts_t *indexopts,
GMimeObject *part)
{
GMimeStream *stream, *filter;
@@ -340,17 +345,19 @@ _index_mime_part (notmuch_message_t *message,
/* FIXME: is it always just the first part that is signed in
all multipart/signed messages?*/
_index_mime_part (message,
+ indexopts,
g_mime_multipart_get_part (multipart, 0));
if (g_mime_multipart_get_count (multipart) > 2)
_notmuch_database_log (_notmuch_message_database (message),
"Warning: Unexpected extra parts of multipart/signed. Indexing anyway.\n");
} else if (GMIME_IS_MULTIPART_ENCRYPTED (multipart)) {
- /* Don't index encrypted parts */
_notmuch_message_add_term (message, "tag", "encrypted");
+ _index_encrypted_mime_part(message, indexopts, content_type, GMIME_MULTIPART_ENCRYPTED (part));
} else {
for (i = 0; i < g_mime_multipart_get_count (multipart); i++) {
_index_mime_part (message,
+ indexopts,
g_mime_multipart_get_part (multipart, i));
}
}
@@ -362,7 +369,7 @@ _index_mime_part (notmuch_message_t *message,
mime_message = g_mime_message_part_get_message (GMIME_MESSAGE_PART (part));
- _index_mime_part (message, g_mime_message_get_mime_part (mime_message));
+ _index_mime_part (message, indexopts, g_mime_message_get_mime_part (mime_message));
return;
}
@@ -432,8 +439,59 @@ _index_mime_part (notmuch_message_t *message,
}
}
+/* descend (if desired) into the cleartext part of an encrypted MIME
+ * part while indexing. */
+static void
+_index_encrypted_mime_part (notmuch_message_t *message,
+ notmuch_indexopts_t *indexopts,
+ GMimeContentType *content_type,
+ GMimeMultipartEncrypted *encrypted_data)
+{
+ notmuch_status_t status;
+ GMimeCryptoContext* crypto_ctx = NULL;
+ const char *protocol = NULL;
+ GError *err = NULL;
+ notmuch_database_t * notmuch = NULL;
+ GMimeObject *clear = NULL;
+
+ if (!indexopts || !notmuch_indexopts_get_try_decrypt (indexopts))
+ return;
+
+ protocol = g_mime_content_type_get_parameter (content_type, "protocol");
+ notmuch = _notmuch_message_database (message);
+
+ status = _notmuch_crypto_get_gmime_ctx_for_protocol (&(indexopts->crypto),
+ protocol, &crypto_ctx);
+ if (status) {
+ _notmuch_database_log (notmuch, "Warning: setup failed for decrypting "
+ "during indexing. (%d)\n", status);
+ _notmuch_message_add_term (message, "tag", "index-decryption-failed");
+ return;
+ }
+
+ /* we don't need the GMimeDecryptResult, because we're not looking
+ * at validating signatures, and we don't care about indexing who
+ * the message was ostensibly encrypted to.
+ */
+ clear = g_mime_multipart_encrypted_decrypt(encrypted_data, crypto_ctx,
+ NULL, &err);
+ if (err) {
+ _notmuch_database_log (notmuch, "Failed to decrypt during indexing. (%d:%d) [%s]\n",
+ err->domain, err->code, err->message);
+ g_error_free(err);
+ /* Indicate that we failed to decrypt during indexing */
+ _notmuch_message_add_term (message, "tag", "index-decryption-failed");
+ return;
+ }
+ _index_mime_part (message, indexopts, clear);
+ g_object_unref (clear);
+
+ _notmuch_message_add_term (message, "tag", "index-decrypted");
+}
+
notmuch_status_t
_notmuch_message_index_file (notmuch_message_t *message,
+ notmuch_indexopts_t *indexopts,
notmuch_message_file_t *message_file)
{
GMimeMessage *mime_message;
@@ -463,7 +521,7 @@ _notmuch_message_index_file (notmuch_message_t *message,
subject = g_mime_message_get_subject (mime_message);
_notmuch_message_gen_terms (message, "subject", subject);
- _index_mime_part (message, g_mime_message_get_mime_part (mime_message));
+ _index_mime_part (message, indexopts, g_mime_message_get_mime_part (mime_message));
return NOTMUCH_STATUS_SUCCESS;
}
diff --git a/lib/notmuch-private.h b/lib/notmuch-private.h
index e9c1e8a..9bd4f33 100644
--- a/lib/notmuch-private.h
+++ b/lib/notmuch-private.h
@@ -425,6 +425,7 @@ _notmuch_message_file_get_header (notmuch_message_file_t *message,
notmuch_status_t
_notmuch_message_index_file (notmuch_message_t *message,
+ notmuch_indexopts_t *indexopts,
notmuch_message_file_t *message_file);
/* messages.c */
--
2.7.0.rc3
next prev parent reply other threads:[~2016-01-20 2:53 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-01-20 2:52 Allow indexing cleartext of encrypted messages (v2) Daniel Kahn Gillmor
2016-01-20 2:52 ` [PATCH v2 01/16] add util/search-path.{c, h} to test for executables in $PATH Daniel Kahn Gillmor
2016-01-20 2:52 ` [PATCH v2 02/16] Move crypto.c into libutil Daniel Kahn Gillmor
2016-01-20 2:52 ` [PATCH v2 03/16] make shared crypto code behave library-like Daniel Kahn Gillmor
2016-01-20 2:52 ` [PATCH v2 04/16] Provide _notmuch_crypto_{set,get}_gpg_path Daniel Kahn Gillmor
2016-01-24 15:23 ` Tomi Ollila
2016-01-24 15:55 ` Daniel Kahn Gillmor
2016-01-20 2:52 ` [PATCH v2 05/16] Use a blank _notmuch_crypto to choose the default gpg_path Daniel Kahn Gillmor
2016-01-20 2:52 ` [PATCH v2 06/16] Prefer gpg2 in the test suite if available Daniel Kahn Gillmor
2016-01-24 15:25 ` Tomi Ollila
2016-01-24 16:03 ` Daniel Kahn Gillmor
2016-01-20 2:52 ` [PATCH v2 07/16] create a notmuch_indexopts_t index options object Daniel Kahn Gillmor
2016-01-20 2:52 ` [PATCH v2 08/16] reorganize indexing of multipart/signed and multipart/encrypted Daniel Kahn Gillmor
2016-01-20 2:52 ` Daniel Kahn Gillmor [this message]
2016-01-20 2:52 ` [PATCH v2 10/16] Add n_d_add_message_with_indexopts (extension of n_d_add_message) Daniel Kahn Gillmor
2016-01-20 2:52 ` [PATCH v2 11/16] add --try-decrypt to notmuch insert Daniel Kahn Gillmor
2016-01-20 2:52 ` [PATCH v2 12/16] add --try-decrypt to notmuch new Daniel Kahn Gillmor
2016-01-20 2:52 ` [PATCH v2 13/16] add indexopts to notmuch python bindings Daniel Kahn Gillmor
2016-01-20 2:52 ` [PATCH v2 14/16] test indexing cleartext version of delivered messages Daniel Kahn Gillmor
2016-01-20 2:52 ` [PATCH v2 15/16] added notmuch_message_reindex Daniel Kahn Gillmor
2016-01-20 2:52 ` [PATCH v2 16/16] add "notmuch reindex" subcommand Daniel Kahn Gillmor
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://notmuchmail.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1453258369-7366-10-git-send-email-dkg@fifthhorseman.net \
--to=dkg@fifthhorseman.net \
--cc=notmuch@notmuchmail.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://yhetil.org/notmuch.git/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).