On Wed 2017-10-25 02:51:48 -0400, Daniel Kahn Gillmor wrote: > diff --git a/util/crypto.c b/util/crypto.c > index 087536ec..e014db5d 100644 > --- a/util/crypto.c > +++ b/util/crypto.c > @@ -140,13 +140,42 @@ void _notmuch_crypto_cleanup (unused(_notmuch_crypto_t *crypto)) > #endif > > GMimeObject * > -_notmuch_crypto_decrypt (g_mime_3_unused(GMimeCryptoContext* crypto_ctx), > +_notmuch_crypto_decrypt (notmuch_message_t *message, > + g_mime_3_unused(GMimeCryptoContext* crypto_ctx), > GMimeMultipartEncrypted *part, > GMimeDecryptResult **decrypt_result, > GError **err) > { > GMimeObject *ret = NULL; > > + /* the versions of notmuch that can support session key decryption */ > +#if (GMIME_MAJOR_VERSION >= 3 || (GMIME_MAJOR_VERSION == 2 && GMIME_MINOR_VERSION == 6 && GMIME_MICRO_VERSION >= 21)) > + if (message) { > + notmuch_message_properties_t *list = NULL; > + > + for (list = notmuch_message_get_properties (message, "session-key", TRUE); > + notmuch_message_properties_valid (list); notmuch_message_properties_move_to_next (list)) { > +#if (GMIME_MAJOR_VERSION < 3) > + ret = g_mime_multipart_encrypted_decrypt_session (part, > + crypto_ctx, > + notmuch_message_properties_value (list), > + decrypt_result, err); > +#else > + ret = g_mime_multipart_encrypted_decrypt (part, > + GMIME_DECRYPT_NONE, > + notmuch_message_properties_value (list), > + decrypt_result, err); > +#endif > + if (ret) > + break; > + } > + if (list) > + notmuch_message_properties_destroy (list); > + if (ret) > + return ret; > + } > +#endif > + > #if (GMIME_MAJOR_VERSION < 3) > ret = g_mime_multipart_encrypted_decrypt(part, crypto_ctx, > decrypt_result, err); In the change above, i realized that we might accidentally clobber the GError of any intermediate failed decryption attempt, which would produce a GLib warning to stderr. In my revised/updated series ("session-keys" on https://gitlab.com/dkg/notmuch), i clear err (if present) before each attempted decryption. This effectively throws away all errors except for the last one, but i think that's the right thing to do -- we'll try whatever we can for decrypting, but if the final decryption fails, that's the error we'd want reported back anyway. --dkg the self-reviewer :)