From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: Notmuch Mail <notmuch@notmuchmail.org>
Subject: [PATCH] crypto: Avoid pretending to verify signatures on unsigned encrypted mail
Date: Sat, 20 Apr 2019 13:02:57 -0400 [thread overview]
Message-ID: <20190420170257.8189-1-dkg@fifthhorseman.net> (raw)
Unsigned encrypted mail shows up with a weird empty signature list.
If we successfully decrypted and there was no signature in it, we
should just not show a sigstatus at all.
The documentation for g_mime_decrypt_result_get_signatures says:
a GMimeSignatureList or NULL if the stream was not signed.
---
mime-node.c | 2 +-
test/T350-crypto.sh | 1 -
2 files changed, 1 insertion(+), 2 deletions(-)
This was originally sent to the list as part of a longer patch series
in id:20180511055544.13676-3-dkg@fifthhorseman.net but i think it
stands alone, and it would help me to reduce the size of the
outstanding patch series to get it applied to master :)
diff --git a/mime-node.c b/mime-node.c
index 2a24e537..1bfb479b 100644
--- a/mime-node.c
+++ b/mime-node.c
@@ -218,12 +218,12 @@ node_decrypt_and_verify (mime_node_t *node, GMimeObject *part,
}
node->decrypt_success = true;
- node->verify_attempted = true;
if (decrypt_result) {
/* This may be NULL if the part is not signed. */
node->sig_list = g_mime_decrypt_result_get_signatures (decrypt_result);
if (node->sig_list) {
+ node->verify_attempted = true;
g_object_ref (node->sig_list);
set_signature_list_destructor (node);
}
diff --git a/test/T350-crypto.sh b/test/T350-crypto.sh
index 73aa58de..80d57847 100755
--- a/test/T350-crypto.sh
+++ b/test/T350-crypto.sh
@@ -271,7 +271,6 @@ expected='[[[{"id": "XXXXX",
"Date": "Sat, 01 Jan 2000 12:00:00 +0000"},
"body": [{"id": 1,
"encstatus": [{"status": "good"}],
- "sigstatus": [],
"content-type": "multipart/encrypted",
"content": [{"id": 2,
"content-type": "application/pgp-encrypted",
--
2.20.1
next reply other threads:[~2019-04-20 17:03 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-04-20 17:02 Daniel Kahn Gillmor [this message]
2019-04-24 18:13 ` [PATCH] crypto: Avoid pretending to verify signatures on unsigned encrypted mail Daniel Kahn Gillmor
2019-04-26 11:10 ` David Bremner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://notmuchmail.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190420170257.8189-1-dkg@fifthhorseman.net \
--to=dkg@fifthhorseman.net \
--cc=notmuch@notmuchmail.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://yhetil.org/notmuch.git/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).