From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from localhost (localhost [127.0.0.1]) by arlo.cworth.org (Postfix) with ESMTP id 4AF686DE0A89 for ; Thu, 10 May 2018 22:56:06 -0700 (PDT) X-Virus-Scanned: Debian amavisd-new at cworth.org X-Spam-Flag: NO X-Spam-Score: -0.019 X-Spam-Level: X-Spam-Status: No, score=-0.019 tagged_above=-999 required=5 tests=[AWL=-0.019, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=disabled Received: from arlo.cworth.org ([127.0.0.1]) by localhost (arlo.cworth.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VBCRAKivorcC for ; Thu, 10 May 2018 22:56:05 -0700 (PDT) Received: from che.mayfirst.org (che.mayfirst.org [162.247.75.118]) by arlo.cworth.org (Postfix) with ESMTPS id 1C3586DE02CA for ; Thu, 10 May 2018 22:56:03 -0700 (PDT) Received: from fifthhorseman.net (unknown [38.109.115.130]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by che.mayfirst.org (Postfix) with ESMTPSA id F0AD1F9A5 for ; Fri, 11 May 2018 01:55:58 -0400 (EDT) Received: by fifthhorseman.net (Postfix, from userid 1000) id BD36120C51; Fri, 11 May 2018 01:55:52 -0400 (EDT) From: Daniel Kahn Gillmor To: Notmuch Mail Subject: [PATCH 02/20] crypto: Avoid pretending to verify signatures on unsigned encrypted mail Date: Fri, 11 May 2018 01:55:26 -0400 Message-Id: <20180511055544.13676-3-dkg@fifthhorseman.net> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20180511055544.13676-1-dkg@fifthhorseman.net> References: <20180511055544.13676-1-dkg@fifthhorseman.net> X-BeenThere: notmuch@notmuchmail.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: "Use and development of the notmuch mail system." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 May 2018 05:56:06 -0000 Unsigned encrypted mail shows up with a weird empty signature list. If we successfully decrypted and there was no signature in it, we should just not show a sigstatus at all. The documentation for g_mime_decrypt_result_get_signatures says: a GMimeSignatureList or NULL if the stream was not signed. --- mime-node.c | 2 +- test/T350-crypto.sh | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/mime-node.c b/mime-node.c index 11df082b..74f40417 100644 --- a/mime-node.c +++ b/mime-node.c @@ -216,12 +216,12 @@ node_decrypt_and_verify (mime_node_t *node, GMimeObject *part, } node->decrypt_success = true; - node->verify_attempted = true; if (decrypt_result) { /* This may be NULL if the part is not signed. */ node->sig_list = g_mime_decrypt_result_get_signatures (decrypt_result); if (node->sig_list) { + node->verify_attempted = true; g_object_ref (node->sig_list); set_signature_list_destructor (node); } diff --git a/test/T350-crypto.sh b/test/T350-crypto.sh index a776ec35..b5067346 100755 --- a/test/T350-crypto.sh +++ b/test/T350-crypto.sh @@ -271,7 +271,6 @@ expected='[[[{"id": "XXXXX", "Date": "Sat, 01 Jan 2000 12:00:00 +0000"}, "body": [{"id": 1, "encstatus": [{"status": "good"}], - "sigstatus": [], "content-type": "multipart/encrypted", "content": [{"id": 2, "content-type": "application/pgp-encrypted", -- 2.17.0