From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <markwalters1009@gmail.com>
Received: from localhost (localhost [127.0.0.1])
 by arlo.cworth.org (Postfix) with ESMTP id 0D1A56DE0931
 for <notmuch@notmuchmail.org>; Sun,  2 Oct 2016 07:05:44 -0700 (PDT)
X-Virus-Scanned: Debian amavisd-new at cworth.org
X-Spam-Flag: NO
X-Spam-Score: 0.498
X-Spam-Level: 
X-Spam-Status: No, score=0.498 tagged_above=-999 required=5 tests=[AWL=-0.632, 
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1,
 FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001,
 FREEMAIL_REPLY=1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01,
 RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=disabled
Received: from arlo.cworth.org ([127.0.0.1])
 by localhost (arlo.cworth.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id fS_xHcJGfOBx for <notmuch@notmuchmail.org>;
 Sun,  2 Oct 2016 07:05:42 -0700 (PDT)
Received: from mail-wm0-f68.google.com (mail-wm0-f68.google.com [74.125.82.68])
 by arlo.cworth.org (Postfix) with ESMTPS id 154AF6DE0222
 for <notmuch@notmuchmail.org>; Sun,  2 Oct 2016 07:05:42 -0700 (PDT)
Received: by mail-wm0-f68.google.com with SMTP id b184so10641524wma.3
 for <notmuch@notmuchmail.org>; Sun, 02 Oct 2016 07:05:42 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=from:to:cc:subject:date:message-id;
 bh=Tw9dsXmbsaTZ24oEaZ7o9c776G7BYyb0MIGXpmDWN7A=;
 b=P1eIoOwrrPESsDT3FV/LbNPba76PvIM4Dg7qFo6yYDQpX9ApMar4m4fKUggjSzuFha
 0bjKkBrib0eAwsiFUPeVqGqVZOdsuylbwFGjnbfS5vErLDH3sRfAMmhibNXguKJH+kdv
 FK8Mn0OuEuJiRjvAMhWXtmjcxi6rbE4/UAzsV/yw77QzspjVCkosfgjBMQ+FG5WH9Ac5
 4tT8x5DHxbAAJNN0liuwcipzoE9Zpn1vh3vBa8XtrW8g0KO/C5SayVjTzPa8D+AArFv6
 jtd/Wa1wUEYJz0YVxfDk9XZXUmFR2MteAnVZW5npq2uLTjy6D7T0US2P8O/jqAW8xIDs
 GWgg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-gm-message-state:from:to:cc:subject:date:message-id;
 bh=Tw9dsXmbsaTZ24oEaZ7o9c776G7BYyb0MIGXpmDWN7A=;
 b=UMBlyY00dfGaSAZB5H1kHKOmEUp3QtJsX2esgto/nNBgGFYJWXs6PuEWCBLhTtbqfZ
 F5o7DnBksbxG0wEz/ccWuwScGnxo9vtJQJnVlRIiePApjTWSLfrDTTX2hDKjfLyqz0LR
 j/UAz/jmbthgvn6kojuUQE0fE9S17fsicvP2Q05xYZr3FmqcbKeC0eScQGcTy7fpLuwt
 5eaF0TJ/98hyNzp7OeVps/uWKnifEihZ5FIis22WScNtWtGTjcSWZ+lZr/lYbKI3cGNY
 +SU4ASRBuKUUbYXzIwDv0IUp2w5guhgZj+H4csZF0FG08p2mDTk7nR/P6VrdzugwJ9BI
 qDzA==
X-Gm-Message-State: AA6/9RnjvlI+sHUANmXheR4Q/tdSNzTg+BQLVGYA4KSCzhPHSkKgT+ZQ+FiSTgGVVIWnJA==
X-Received: by 10.28.104.212 with SMTP id d203mr749215wmc.90.1475417138988;
 Sun, 02 Oct 2016 07:05:38 -0700 (PDT)
Received: from localhost (5751dfa2.skybroadband.com. [87.81.223.162])
 by smtp.gmail.com with ESMTPSA id a3sm29648334wjg.33.2016.10.02.07.05.38
 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
 Sun, 02 Oct 2016 07:05:38 -0700 (PDT)
From: Mark Walters <markwalters1009@gmail.com>
To: notmuch@notmuchmail.org
Subject: [PATCH 0/2] Check for misplaced secure mml tags
Date: Sun,  2 Oct 2016 15:05:29 +0100
Message-Id: <1475417131-24915-1-git-send-email-markwalters1009@gmail.com>
X-Mailer: git-send-email 2.1.4
X-BeenThere: notmuch@notmuchmail.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Use and development of the notmuch mail system."
 <notmuch.notmuchmail.org>
List-Unsubscribe: <https://notmuchmail.org/mailman/options/notmuch>,
 <mailto:notmuch-request@notmuchmail.org?subject=unsubscribe>
List-Archive: <http://notmuchmail.org/pipermail/notmuch/>
List-Post: <mailto:notmuch@notmuchmail.org>
List-Help: <mailto:notmuch-request@notmuchmail.org?subject=help>
List-Subscribe: <https://notmuchmail.org/mailman/listinfo/notmuch>,
 <mailto:notmuch-request@notmuchmail.org?subject=subscribe>
X-List-Received-Date: Sun, 02 Oct 2016 14:05:44 -0000

This is new (essentially completely rewritten) version of
id:1475008491-28175-1-git-send-email-markwalters1009@gmail.com

This version is stricter in its checking. I believe emacs only
processes a secure tag if it as the start of the body and followed by
a newline. Thus if there is a secure tag anywhere else (including in
the headers), or it is not followed by a newline we query the user.

The logic is a little convoluted but it seems to work in all cases I
have tried.

The extra strictness over the previous version is partly based on
experience from my current (not yet posted) version of the postpone
code. I will store the secure tag in a header while it is saved (so
checking the header seems worth doing), and one version restored the
secure tag. but not on its own line and that caused problems.

We could consider adding other checks later -- generally I think
sending a malformed email is bad but not terrible, but accidentally
sending a message unencrypted is terrible so we should be stricter
here.

Finally, there are other possible corruptions of a secure tag, but
this seems a good start.

Best wishes

Mark


Mark Walters (2):
  emacs: mua: extract a common message-send function.
  emacs: mua: check for misplaced secure mml tags

 emacs/notmuch-mua.el | 38 ++++++++++++++++++++++++++++++++++----
 1 file changed, 34 insertions(+), 4 deletions(-)

-- 
2.1.4