From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: Notmuch Mail <notmuch@notmuchmail.org>
Subject: [PATCH v4 6/8] util/repair: add _notmuch_repair_crypto_payload_skip_legacy_display
Date: Thu, 29 Aug 2019 11:38:51 -0400 [thread overview]
Message-ID: <20190829153853.12199-7-dkg@fifthhorseman.net> (raw)
In-Reply-To: <20190829153853.12199-1-dkg@fifthhorseman.net>
This is a utility function designed to make it easier to
"fast-forward" past a legacy-display part associated with a
cryptographic envelope, and show the user the intended message body.
The bulk of the ugliness in here is in the test function
_notmuch_crypto_payload_has_legacy_display, which tests all of the
things we'd expect to be true in a a cryptographic payload that
contains a legacy display part.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
---
util/repair.c | 101 ++++++++++++++++++++++++++++++++++++++++++++++++++
util/repair.h | 17 +++++++++
2 files changed, 118 insertions(+)
diff --git a/util/repair.c b/util/repair.c
index f91c1244..629e6f23 100644
--- a/util/repair.c
+++ b/util/repair.c
@@ -18,4 +18,105 @@
* Authors: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
*/
+#include <stdbool.h>
#include "repair.h"
+
+
+static bool
+_notmuch_crypto_payload_has_legacy_display (GMimeObject *payload)
+{
+ GMimeMultipart *mpayload;
+ const char *protected_header_parameter;
+ GMimeTextPart *legacy_display;
+ char *legacy_display_header_text = NULL;
+ GMimeStream *stream = NULL;
+ GMimeParser *parser = NULL;
+ GMimeObject *legacy_header_object = NULL, *first;
+ GMimeHeaderList *legacy_display_headers = NULL, *protected_headers = NULL;
+ bool ret = false;
+
+ if (! g_mime_content_type_is_type (g_mime_object_get_content_type (payload),
+ "multipart", "mixed"))
+ return false;
+ protected_header_parameter = g_mime_object_get_content_type_parameter (payload, "protected-headers");
+ if ((! protected_header_parameter) || strcmp (protected_header_parameter, "v1"))
+ return false;
+ if (! GMIME_IS_MULTIPART (payload))
+ return false;
+ mpayload = GMIME_MULTIPART (payload);
+ if (mpayload == NULL)
+ return false;
+ if (g_mime_multipart_get_count (mpayload) != 2)
+ return false;
+ first = g_mime_multipart_get_part (mpayload, 0);
+ if (! g_mime_content_type_is_type (g_mime_object_get_content_type (first),
+ "text", "rfc822-headers"))
+ return false;
+ protected_header_parameter = g_mime_object_get_content_type_parameter (first, "protected-headers");
+ if ((! protected_header_parameter) || strcmp (protected_header_parameter, "v1"))
+ return false;
+ if (! GMIME_IS_TEXT_PART (first))
+ return false;
+
+ /* ensure that the headers in the first part all match the values
+ * found in the payload's own protected headers! if they don't,
+ * we should not treat this as a valid "legacy-display" part.
+ *
+ * Crafting a GMimeHeaderList object from the content of the
+ * text/rfc822-headers part is pretty clumsy; we should probably
+ * push something into GMime that makes this a one-shot
+ * operation. */
+ if ((protected_headers = g_mime_object_get_header_list (payload), protected_headers) &&
+ (legacy_display = GMIME_TEXT_PART (first), legacy_display) &&
+ (legacy_display_header_text = g_mime_text_part_get_text (legacy_display), legacy_display_header_text) &&
+ (stream = g_mime_stream_mem_new_with_buffer (legacy_display_header_text, strlen (legacy_display_header_text)), stream) &&
+ (g_mime_stream_write (stream, "\r\n\r\n", 4) == 4) &&
+ (g_mime_stream_seek (stream, 0, GMIME_STREAM_SEEK_SET) == 0) &&
+ (parser = g_mime_parser_new_with_stream (stream), parser) &&
+ (legacy_header_object = g_mime_parser_construct_part (parser, NULL), legacy_header_object) &&
+ (legacy_display_headers = g_mime_object_get_header_list (legacy_header_object), legacy_display_headers)) {
+ /* walk through legacy_display_headers, comparing them against
+ * their values in the protected_headers: */
+ ret = true;
+ for (int i = 0; i < g_mime_header_list_get_count (legacy_display_headers); i++) {
+ GMimeHeader *dh = g_mime_header_list_get_header_at (legacy_display_headers, i);
+ if (dh == NULL) {
+ ret = false;
+ goto DONE;
+ }
+ GMimeHeader *ph = g_mime_header_list_get_header (protected_headers, g_mime_header_get_name (dh));
+ if (ph == NULL) {
+ ret = false;
+ goto DONE;
+ }
+ const char *dhv = g_mime_header_get_value (dh);
+ const char *phv = g_mime_header_get_value (ph);
+ if (dhv == NULL || phv == NULL || strcmp (dhv, phv)) {
+ ret = false;
+ goto DONE;
+ }
+ }
+ }
+
+ DONE:
+ if (legacy_display_header_text)
+ g_free (legacy_display_header_text);
+ if (stream)
+ g_object_unref (stream);
+ if (parser)
+ g_object_unref (parser);
+ if (legacy_header_object)
+ g_object_unref (legacy_header_object);
+
+ return ret;
+}
+
+GMimeObject *
+_notmuch_repair_crypto_payload_skip_legacy_display (GMimeObject *payload)
+{
+ if (_notmuch_crypto_payload_has_legacy_display (payload)) {
+ return g_mime_multipart_get_part (GMIME_MULTIPART (payload), 1);
+ } else {
+ return payload;
+ }
+}
diff --git a/util/repair.h b/util/repair.h
index 70e2b7bc..9974d693 100644
--- a/util/repair.h
+++ b/util/repair.h
@@ -11,6 +11,23 @@ extern "C" {
* techniques that are designed to improve the user experience of
* notmuch */
+/* If payload is a cryptographic payload within an encrypted message, and
+ * it has a "legacy display" part, then we can skip over it and jump
+ * to the actual content, because notmuch already handles protected
+ * headers appropriately.
+ *
+ * This function either returns payload directly (if it does not have
+ * a "legacy display" part), or it returns a pointer to its
+ * content-bearing subpart, with the "legacy display" part and the
+ * surrounding multipart/mixed object bypassed.
+ *
+ * No new objects are created by calling this function, and the
+ * returned object will only be released when the original part is
+ * disposed of.
+ */
+GMimeObject *
+_notmuch_repair_crypto_payload_skip_legacy_display (GMimeObject *payload);
+
#ifdef __cplusplus
}
#endif
--
2.23.0.rc1
next prev parent reply other threads:[~2019-08-29 15:39 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-08-29 15:38 v4 of legacy-display cleanup Daniel Kahn Gillmor
2019-08-29 15:38 ` [PATCH v4 1/8] mime-node: split out _mime_node_set_up_part Daniel Kahn Gillmor
2019-08-29 15:38 ` [PATCH v4 2/8] repair: set up codebase for repair functionality Daniel Kahn Gillmor
2019-08-29 15:38 ` [PATCH v4 3/8] test: avoid showing legacy-display parts Daniel Kahn Gillmor
2019-08-29 15:38 ` [PATCH v4 4/8] util/crypto: _n_m_crypto_potential_payload: rename "payload" arg to "part" Daniel Kahn Gillmor
2019-08-29 15:38 ` [PATCH v4 5/8] util/crypto: _n_m_crypto_potential_payload returns whether part is the payload Daniel Kahn Gillmor
2019-08-29 15:38 ` Daniel Kahn Gillmor [this message]
2019-08-29 15:38 ` [PATCH v4 7/8] cli/{show,reply}: skip over legacy-display parts Daniel Kahn Gillmor
2019-08-29 15:38 ` [PATCH v4 8/8] index: avoid indexing " Daniel Kahn Gillmor
2019-09-03 23:34 ` v4 of legacy-display cleanup David Bremner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://notmuchmail.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190829153853.12199-7-dkg@fifthhorseman.net \
--to=dkg@fifthhorseman.net \
--cc=notmuch@notmuchmail.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://yhetil.org/notmuch.git/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).