From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: Notmuch Mail <notmuch@notmuchmail.org>
Subject: [PATCH v3 06/17] cli/show: add information about which headers were protected
Date: Mon, 27 May 2019 16:40:59 -0400 [thread overview]
Message-ID: <20190527204059.6027-1-dkg@fifthhorseman.net> (raw)
In-Reply-To: <871s0kkxy3.fsf@tethera.net>
This allows a clever UI frontend to mark whether a header was
protected (or not), and if it was protected, to show the details to
an interested user.
As before, we only handle Subject for now, but we might be able to
handle other headers in the future.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
---
devel/schemata | 9 +++++++++
notmuch-show.c | 21 +++++++++++++++++++++
| 4 ++--
3 files changed, 32 insertions(+), 2 deletions(-)
diff --git a/devel/schemata b/devel/schemata
index 72feb7b7..072b8d39 100644
--- a/devel/schemata
+++ b/devel/schemata
@@ -48,6 +48,9 @@ threadid = string
# Message ID, sans "id:"
messageid = string
+# E-mail header name, sans trailing colon, like "Subject" or "In-Reply-To"
+header_name = string
+
notmuch show schema
-------------------
@@ -88,9 +91,15 @@ crypto = {
status: sigstatus,
# was the set of signatures described under encrypted cover?
encrypted: bool,
+ # which of the headers is covered by sigstatus?
+ headers: [header_name*]
},
decrypted?: {
status: msgdecstatus,
+ # map encrypted headers that differed from the outside headers.
+ # the value of each item in the map is what that field showed externally
+ # (maybe null if it was not present in the external headers).
+ masked-headers: { header_name: string|null,*}
}
}
diff --git a/notmuch-show.c b/notmuch-show.c
index b1f6a4bb..583b87f6 100644
--- a/notmuch-show.c
+++ b/notmuch-show.c
@@ -645,6 +645,12 @@ format_part_sprinter (const void *ctx, sprinter_t *sp, mime_node_t *node,
sp->map_key (sp, "encrypted");
sp->boolean (sp, msg_crypto->signature_encrypted);
}
+ if (msg_crypto->payload_subject) {
+ sp->map_key (sp, "headers");
+ sp->begin_list (sp);
+ sp->string (sp, "Subject");
+ sp->end (sp);
+ }
sp->end (sp);
}
if (msg_crypto->decryption_status != NOTMUCH_MESSAGE_DECRYPTED_NONE) {
@@ -652,6 +658,21 @@ format_part_sprinter (const void *ctx, sprinter_t *sp, mime_node_t *node,
sp->begin_map (sp);
sp->map_key (sp, "status");
sp->string (sp, msg_crypto->decryption_status == NOTMUCH_MESSAGE_DECRYPTED_FULL ? "full" : "partial");
+
+ if (msg_crypto->payload_subject) {
+ const char *subject = g_mime_message_get_subject GMIME_MESSAGE (node->part);
+ if (subject == NULL || strcmp (subject, msg_crypto->payload_subject)) {
+ /* protected subject differs from the external header */
+ sp->map_key (sp, "masked-headers");
+ sp->begin_map (sp);
+ sp->map_key (sp, "Subject");
+ if (subject == NULL)
+ sp->null (sp);
+ else
+ sp->string (sp, subject);
+ sp->end (sp);
+ }
+ }
sp->end (sp);
}
}
--git a/test/T356-protected-headers.sh b/test/T356-protected-headers.sh
index 8a8fef6a..359e245f 100755
--- a/test/T356-protected-headers.sh
+++ b/test/T356-protected-headers.sh
@@ -22,7 +22,7 @@ test_json_nodes <<<"$output" \
test_begin_subtest "verify protected header is visible with decryption"
output=$(notmuch show --decrypt=true --format=json id:protected-header@crypto.notmuchmail.org)
test_json_nodes <<<"$output" \
- 'crypto:[0][0][0]["crypto"]={"decrypted": {"status": "full"}}' \
+ 'crypto:[0][0][0]["crypto"]={"decrypted": {"status": "full", "masked-headers": {"Subject": "Subject Unavailable"}}}' \
'subject:[0][0][0]["headers"]["Subject"]="This is a protected header"'
test_begin_subtest "misplaced protected headers should not be made visible during decryption"
@@ -58,7 +58,7 @@ test_json_nodes <<<"$output" \
test_begin_subtest "verify nested message/rfc822 protected header is visible"
output=$(notmuch show --decrypt=true --format=json id:nested-rfc822-message@crypto.notmuchmail.org)
test_json_nodes <<<"$output" \
- 'crypto:[0][0][0]["crypto"]={"decrypted": {"status": "full"}}' \
+ 'crypto:[0][0][0]["crypto"]={"decrypted": {"status": "full", "masked-headers": {"Subject": "Subject Unavailable"}}}' \
'subject:[0][0][0]["headers"]["Subject"]="This is a message using draft-melnikov-smime-header-signing"'
test_done
--
2.20.1
next prev parent reply other threads:[~2019-05-27 20:54 UTC|newest]
Thread overview: 47+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-05-26 22:15 Protected Headers (2nd major revision, more testing!) Daniel Kahn Gillmor
2019-05-26 22:15 ` [PATCH v2 01/17] cli/show: emit headers after emitting body Daniel Kahn Gillmor
2019-05-26 22:15 ` [PATCH v2 02/17] util/crypto: add information about the payload part Daniel Kahn Gillmor
2019-05-26 22:15 ` [PATCH v2 03/17] test: new test framework to compare json parts Daniel Kahn Gillmor
2019-05-27 9:56 ` David Bremner
2019-05-27 17:31 ` Rollins, Jameson
2019-05-27 20:34 ` [PATCH v3 " Daniel Kahn Gillmor
2019-05-27 21:30 ` Daniel Kahn Gillmor
2019-05-28 0:09 ` Rollins, Jameson
2019-05-27 18:35 ` [PATCH v3] " Rollins, Jameson
2019-05-26 22:15 ` [PATCH v2 04/17] cli/show: add tests for viewing protected headers Daniel Kahn Gillmor
2019-05-26 22:15 ` [PATCH v2 05/17] cli/show: emit payload subject instead of outside subject Daniel Kahn Gillmor
2019-05-26 22:15 ` [PATCH v2 06/17] cli/show: add information about which headers were protected Daniel Kahn Gillmor
2019-05-27 10:12 ` David Bremner
2019-05-27 17:34 ` Rollins, Jameson
2019-05-27 17:59 ` David Bremner
2019-05-27 20:40 ` Daniel Kahn Gillmor [this message]
2019-05-27 22:18 ` [PATCH v3 " Daniel Kahn Gillmor
2019-05-27 20:43 ` [PATCH v2 " Daniel Kahn Gillmor
2019-05-27 22:14 ` [PATCH v4 " Daniel Kahn Gillmor
2019-05-28 11:10 ` David Bremner
2019-05-28 22:39 ` Daniel Kahn Gillmor
2019-05-26 22:16 ` [PATCH v2 07/17] test: add test for missing external subject Daniel Kahn Gillmor
2019-05-26 22:16 ` [PATCH v2 08/17] test: show cryptographic envelope information for signed mails Daniel Kahn Gillmor
2019-05-26 22:16 ` [PATCH v2 09/17] cli/reply: ensure encrypted Subject: line does not leak in the clear Daniel Kahn Gillmor
2019-05-26 22:16 ` [PATCH v2 10/17] indexing: record protected subject when indexing cleartext Daniel Kahn Gillmor
2019-05-27 10:24 ` David Bremner
2019-05-27 21:17 ` [PATCH v3 " Daniel Kahn Gillmor
2019-05-27 22:35 ` Daniel Kahn Gillmor
2019-05-27 21:25 ` _notmuch_database_log vs _notmuch_database_log_append [was: Re: [PATCH v2 10/17] indexing: record protected subject when indexing cleartext] Daniel Kahn Gillmor
2019-05-27 22:40 ` [PATCH v4 10/17] indexing: record protected subject when indexing cleartext Daniel Kahn Gillmor
2019-05-26 22:16 ` [PATCH v2 11/17] test: protected headers should work when both encrypted and signed Daniel Kahn Gillmor
2019-05-26 22:16 ` [PATCH v2 12/17] test: after reindexing, only legitimate protected subjects are searchable Daniel Kahn Gillmor
2019-05-26 22:16 ` [PATCH v2 13/17] test: try indexing nested messages and protected headers Daniel Kahn Gillmor
2019-05-26 22:16 ` [PATCH v2 14/17] test: ensure that protected headers appear in notmuch-emacs search as expected Daniel Kahn Gillmor
2019-05-27 20:21 ` Rollins, Jameson
2019-05-27 21:58 ` [PATCH v3 " Daniel Kahn Gillmor
2019-05-27 22:02 ` stitching threads (v3 14/17) Daniel Kahn Gillmor
2021-12-23 11:57 ` David Bremner
2019-05-26 22:16 ` [PATCH v2 15/17] test: emacs/show: ensure that protected headers appear as expected Daniel Kahn Gillmor
2019-05-26 22:16 ` [PATCH v2 16/17] test: reply (in cli and emacs) should protect indexed sensitive headers Daniel Kahn Gillmor
2019-05-26 22:16 ` [PATCH v2 17/17] cli/reply: pull proposed subject line from the message, not the index Daniel Kahn Gillmor
2019-05-27 20:22 ` Protected Headers (2nd major revision, more testing!) Rollins, Jameson
2019-05-27 22:49 ` Daniel Kahn Gillmor
2019-05-29 11:44 ` David Bremner
2019-05-29 17:31 ` Daniel Kahn Gillmor
[not found] <87d0k3643o.fsf@caltech.edu.net>
2019-05-27 21:35 ` [PATCH v3 14/17] test: ensure that protected headers appear in notmuch-emacs search as expected Daniel Kahn Gillmor
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://notmuchmail.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190527204059.6027-1-dkg@fifthhorseman.net \
--to=dkg@fifthhorseman.net \
--cc=notmuch@notmuchmail.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://yhetil.org/notmuch.git/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).