* [PATCH] Add pseudo-compatibility with gmime 2.6
[not found] <8762gbtd6p.fsf@schnouki.net>
@ 2012-01-16 23:56 ` Thomas Jost
2012-01-17 0:43 ` Tim Stoakes
` (3 more replies)
0 siblings, 4 replies; 42+ messages in thread
From: Thomas Jost @ 2012-01-16 23:56 UTC (permalink / raw)
To: notmuch
There are lots of API changes in gmime 2.6 crypto handling. By adding
preprocessor directives, it is however possible to add gmime 2.6 compatibility
while preserving compatibility with gmime 2.4 too.
This is mostly based on id:"8762i8hrb9.fsf@bookbinder.fernseed.info".
This was tested against both gmime 2.6.4 and 2.4.31. With gmime 2.4.31, the
crypto tests all work fine (as expected). With gmime 2.6.4, one crypto test
fails (signature verification with signer key unavailable) but this will be hard
to fix since the new API does not report the reason why a signature verification
fails (other than the human-readable error message).
---
mime-node.c | 50 ++++++++++++++++++++++++++-
notmuch-client.h | 27 ++++++++++++++-
notmuch-reply.c | 7 ++++
notmuch-show.c | 97 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
show-message.c | 4 ++
5 files changed, 181 insertions(+), 4 deletions(-)
diff --git a/mime-node.c b/mime-node.c
index d26bb44..ae2473d 100644
--- a/mime-node.c
+++ b/mime-node.c
@@ -33,7 +33,11 @@ typedef struct mime_node_context {
GMimeMessage *mime_message;
/* Context provided by the caller. */
+#ifdef GMIME_26
+ GMimeCryptoContext *cryptoctx;
+#else
GMimeCipherContext *cryptoctx;
+#endif
notmuch_bool_t decrypt;
} mime_node_context_t;
@@ -57,8 +61,12 @@ _mime_node_context_free (mime_node_context_t *res)
notmuch_status_t
mime_node_open (const void *ctx, notmuch_message_t *message,
- GMimeCipherContext *cryptoctx, notmuch_bool_t decrypt,
- mime_node_t **root_out)
+#ifdef GMIME_26
+ GMimeCryptoContext *cryptoctx,
+#else
+ GMimeCipherContext *cryptoctx,
+#endif
+ notmuch_bool_t decrypt, mime_node_t **root_out)
{
const char *filename = notmuch_message_get_filename (message);
mime_node_context_t *mctx;
@@ -112,12 +120,21 @@ DONE:
return status;
}
+#ifdef GMIME_26
+static int
+_signature_list_free (GMimeSignatureList **proxy)
+{
+ g_object_unref (*proxy);
+ return 0;
+}
+#else
static int
_signature_validity_free (GMimeSignatureValidity **proxy)
{
g_mime_signature_validity_free (*proxy);
return 0;
}
+#endif
static mime_node_t *
_mime_node_create (const mime_node_t *parent, GMimeObject *part)
@@ -165,11 +182,23 @@ _mime_node_create (const mime_node_t *parent, GMimeObject *part)
GMimeMultipartEncrypted *encrypteddata =
GMIME_MULTIPART_ENCRYPTED (part);
node->decrypt_attempted = TRUE;
+#ifdef GMIME_26
+ GMimeDecryptResult *decrypt_result = g_mime_decrypt_result_new ();
+ node->decrypted_child = g_mime_multipart_encrypted_decrypt
+ (encrypteddata, node->ctx->cryptoctx, &decrypt_result, &err);
+ if (node->decrypted_child) {
+ node->decrypt_success = node->verify_attempted = TRUE;
+ node->sig_list = g_mime_decrypt_result_get_signatures (decrypt_result);
+ if (!node->sig_list)
+ fprintf (stderr, "Failed to get signatures: %s\n",
+ (err ? err->message : "no error explanation given"));
+#else
node->decrypted_child = g_mime_multipart_encrypted_decrypt
(encrypteddata, node->ctx->cryptoctx, &err);
if (node->decrypted_child) {
node->decrypt_success = node->verify_attempted = TRUE;
node->sig_validity = g_mime_multipart_encrypted_get_signature_validity (encrypteddata);
+#endif
} else {
fprintf (stderr, "Failed to decrypt part: %s\n",
(err ? err->message : "no error explanation given"));
@@ -182,6 +211,18 @@ _mime_node_create (const mime_node_t *parent, GMimeObject *part)
"(must be exactly 2)\n",
node->nchildren);
} else {
+#ifdef GMIME_26
+ GMimeSignatureList *sig_list = g_mime_multipart_signed_verify
+ (GMIME_MULTIPART_SIGNED (part), node->ctx->cryptoctx, &err);
+ node->verify_attempted = TRUE;
+ node->sig_list = sig_list;
+ if (sig_list) {
+ GMimeSignatureList **proxy =
+ talloc (node, GMimeSignatureList *);
+ *proxy = sig_list;
+ talloc_set_destructor (proxy, _signature_list_free);
+ }
+#else
/* For some reason the GMimeSignatureValidity returned
* here is not a const (inconsistent with that
* returned by
@@ -200,10 +241,15 @@ _mime_node_create (const mime_node_t *parent, GMimeObject *part)
*proxy = sig_validity;
talloc_set_destructor (proxy, _signature_validity_free);
}
+#endif
}
}
+#ifdef GMIME_26
+ if (node->verify_attempted && !node->sig_list)
+#else
if (node->verify_attempted && !node->sig_validity)
+#endif
fprintf (stderr, "Failed to verify signed part: %s\n",
(err ? err->message : "no error explanation given"));
diff --git a/notmuch-client.h b/notmuch-client.h
index 517c010..e85f882 100644
--- a/notmuch-client.h
+++ b/notmuch-client.h
@@ -30,6 +30,12 @@
#include <gmime/gmime.h>
+/* GMIME_CHECK_VERSION is only available in gmime >= 2.5. But so are
+ * GMIME_MAJOR_VERSION and friends. */
+#ifdef GMIME_MAJOR_VERSION
+#define GMIME_26
+#endif
+
#include "notmuch.h"
/* This is separate from notmuch-private.h because we're trying to
@@ -69,7 +75,11 @@ typedef struct notmuch_show_format {
void (*part_start) (GMimeObject *part,
int *part_count);
void (*part_encstatus) (int status);
+#ifdef GMIME_26
+ void (*part_sigstatus) (GMimeSignatureList* siglist);
+#else
void (*part_sigstatus) (const GMimeSignatureValidity* validity);
+#endif
void (*part_content) (GMimeObject *part);
void (*part_end) (GMimeObject *part);
const char *part_sep;
@@ -83,7 +93,11 @@ typedef struct notmuch_show_params {
int entire_thread;
int raw;
int part;
+#ifdef GMIME_26
+ GMimeCryptoContext* cryptoctx;
+#else
GMimeCipherContext* cryptoctx;
+#endif
int decrypt;
} notmuch_show_params_t;
@@ -286,7 +300,12 @@ typedef struct mime_node {
* signature. May be NULL if signature verification failed. If
* there are simply no signatures, this will be non-NULL with an
* empty signers list. */
+#ifdef GMIME_26
+ /* TODO: update the above comment... */
+ GMimeSignatureList* sig_list;
+#else
const GMimeSignatureValidity *sig_validity;
+#endif
/* Internal: Context inherited from the root iterator. */
struct mime_node_context *ctx;
@@ -311,8 +330,12 @@ typedef struct mime_node {
*/
notmuch_status_t
mime_node_open (const void *ctx, notmuch_message_t *message,
- GMimeCipherContext *cryptoctx, notmuch_bool_t decrypt,
- mime_node_t **node_out);
+#ifdef GMIME_26
+ GMimeCryptoContext *cryptoctx,
+#else
+ GMimeCipherContext *cryptoctx,
+#endif
+ notmuch_bool_t decrypt, mime_node_t **node_out);
/* Return a new MIME node for the requested child part of parent.
* parent will be used as the talloc context for the returned child
diff --git a/notmuch-reply.c b/notmuch-reply.c
index da3acce..dc37c51 100644
--- a/notmuch-reply.c
+++ b/notmuch-reply.c
@@ -688,15 +688,22 @@ notmuch_reply_command (void *ctx, int argc, char *argv[])
reply_format_func = notmuch_reply_format_default;
if (decrypt) {
+#ifdef GMIME_26
+ /* TODO: GMimePasswordRequestFunc */
+ params.cryptoctx = g_mime_gpg_context_new (NULL, "gpg");
+#else
GMimeSession* session = g_object_new (g_mime_session_get_type(), NULL);
params.cryptoctx = g_mime_gpg_context_new (session, "gpg");
+#endif
if (params.cryptoctx) {
g_mime_gpg_context_set_always_trust ((GMimeGpgContext*) params.cryptoctx, FALSE);
params.decrypt = TRUE;
} else {
fprintf (stderr, "Failed to construct gpg context.\n");
}
+#ifndef GMIME_26
g_object_unref (session);
+#endif
}
config = notmuch_config_open (ctx, NULL, NULL);
diff --git a/notmuch-show.c b/notmuch-show.c
index d14dac9..263ab72 100644
--- a/notmuch-show.c
+++ b/notmuch-show.c
@@ -76,7 +76,11 @@ static void
format_part_encstatus_json (int status);
static void
+#ifdef GMIME_26
+format_part_sigstatus_json (GMimeSignatureList* siglist);
+#else
format_part_sigstatus_json (const GMimeSignatureValidity* validity);
+#endif
static void
format_part_content_json (GMimeObject *part);
@@ -486,6 +490,21 @@ show_text_part_content (GMimeObject *part, GMimeStream *stream_out)
g_object_unref(stream_filter);
}
+#ifdef GMIME_26
+static const char*
+signature_status_to_string (GMimeSignatureStatus x)
+{
+ switch (x) {
+ case GMIME_SIGNATURE_STATUS_GOOD:
+ return "good";
+ case GMIME_SIGNATURE_STATUS_BAD:
+ return "bad";
+ case GMIME_SIGNATURE_STATUS_ERROR:
+ return "error";
+ }
+ return "unknown";
+}
+#else
static const char*
signer_status_to_string (GMimeSignerStatus x)
{
@@ -501,6 +520,7 @@ signer_status_to_string (GMimeSignerStatus x)
}
return "unknown";
}
+#endif
static void
format_part_start_text (GMimeObject *part, int *part_count)
@@ -592,6 +612,75 @@ format_part_encstatus_json (int status)
printf ("}]");
}
+#ifdef GMIME_26
+static void
+format_part_sigstatus_json (GMimeSignatureList *siglist)
+{
+ printf (", \"sigstatus\": [");
+
+ if (!siglist) {
+ printf ("]");
+ return;
+ }
+
+ void *ctx_quote = talloc_new (NULL);
+ int i;
+ for (i = 0; i < g_mime_signature_list_length (siglist); ++i) {
+ GMimeSignature *signature = g_mime_signature_list_get_signature (siglist, i);
+
+ if (i > 0)
+ printf (", ");
+
+ printf ("{");
+
+ /* status */
+ GMimeSignatureStatus status = g_mime_signature_get_status (signature);
+ printf ("\"status\": %s",
+ json_quote_str (ctx_quote,
+ signature_status_to_string (status)));
+
+ GMimeCertificate *certificate = g_mime_signature_get_certificate (signature);
+ if (status == GMIME_SIGNATURE_STATUS_GOOD)
+ {
+ if (certificate)
+ printf (", \"fingerprint\": %s", json_quote_str (ctx_quote, g_mime_certificate_get_fingerprint (certificate)));
+ /* these dates are seconds since the epoch; should we
+ * provide a more human-readable format string? */
+ time_t created = g_mime_signature_get_created (signature);
+ if (created != -1)
+ printf (", \"created\": %d", (int) created);
+ time_t expires = g_mime_signature_get_expires (signature);
+ if (expires > 0)
+ printf (", \"expires\": %d", (int) expires);
+ /* output user id only if validity is FULL or ULTIMATE. */
+ /* note that gmime is using the term "trust" here, which
+ * is WRONG. It's actually user id "validity". */
+ if (certificate)
+ {
+ const char *name = g_mime_certificate_get_name (certificate);
+ GMimeCertificateTrust trust = g_mime_certificate_get_trust (certificate);
+ if (name && (trust == GMIME_CERTIFICATE_TRUST_FULLY || trust == GMIME_CERTIFICATE_TRUST_ULTIMATE))
+ printf (", \"userid\": %s", json_quote_str (ctx_quote, name));
+ }
+ } else if (certificate) {
+ const char *key_id = g_mime_certificate_get_key_id (certificate);
+ if (key_id)
+ printf (", \"keyid\": %s", json_quote_str (ctx_quote, key_id));
+ }
+
+ GMimeSignatureError errors = g_mime_signature_get_errors (signature);
+ if (errors != GMIME_SIGNATURE_ERROR_NONE) {
+ printf (", \"errors\": %x", errors);
+ }
+
+ printf ("}");
+ }
+
+ printf ("]");
+
+ talloc_free (ctx_quote);
+}
+#else
static void
format_part_sigstatus_json (const GMimeSignatureValidity* validity)
{
@@ -652,6 +741,7 @@ format_part_sigstatus_json (const GMimeSignatureValidity* validity)
talloc_free (ctx_quote);
}
+#endif
static void
format_part_content_json (GMimeObject *part)
@@ -990,13 +1080,20 @@ notmuch_show_command (void *ctx, unused (int argc), unused (char *argv[]))
} else if ((STRNCMP_LITERAL (argv[i], "--verify") == 0) ||
(STRNCMP_LITERAL (argv[i], "--decrypt") == 0)) {
if (params.cryptoctx == NULL) {
+#ifdef GMIME_26
+ /* TODO: GMimePasswordRequestFunc */
+ if (NULL == (params.cryptoctx = g_mime_gpg_context_new(NULL, "gpg")))
+#else
GMimeSession* session = g_object_new(g_mime_session_get_type(), NULL);
if (NULL == (params.cryptoctx = g_mime_gpg_context_new(session, "gpg")))
+#endif
fprintf (stderr, "Failed to construct gpg context.\n");
else
g_mime_gpg_context_set_always_trust((GMimeGpgContext*)params.cryptoctx, FALSE);
+#ifndef GMIME_26
g_object_unref (session);
session = NULL;
+#endif
}
if (STRNCMP_LITERAL (argv[i], "--decrypt") == 0)
params.decrypt = 1;
diff --git a/show-message.c b/show-message.c
index 8768889..65269fd 100644
--- a/show-message.c
+++ b/show-message.c
@@ -48,7 +48,11 @@ show_message_part (mime_node_t *node,
format->part_encstatus (node->decrypt_success);
if (node->verify_attempted && format->part_sigstatus)
+#ifdef GMIME_26
+ format->part_sigstatus (node->sig_list);
+#else
format->part_sigstatus (node->sig_validity);
+#endif
format->part_content (part);
--
1.7.8.3
^ permalink raw reply related [flat|nested] 42+ messages in thread
* Re: [PATCH] Add pseudo-compatibility with gmime 2.6
2012-01-16 23:56 ` [PATCH] Add pseudo-compatibility with gmime 2.6 Thomas Jost
@ 2012-01-17 0:43 ` Tim Stoakes
2012-01-17 1:08 ` Kazuo Teramoto
` (2 subsequent siblings)
3 siblings, 0 replies; 42+ messages in thread
From: Tim Stoakes @ 2012-01-17 0:43 UTC (permalink / raw)
To: Thomas Jost; +Cc: notmuch
Thomas Jost(schnouki@schnouki.net)@170112-00:56:
> There are lots of API changes in gmime 2.6 crypto handling. By adding
> preprocessor directives, it is however possible to add gmime 2.6 compatibility
> while preserving compatibility with gmime 2.4 too.
>
> This is mostly based on id:"8762i8hrb9.fsf@bookbinder.fernseed.info".
>
> This was tested against both gmime 2.6.4 and 2.4.31. With gmime 2.4.31, the
> crypto tests all work fine (as expected). With gmime 2.6.4, one crypto test
> fails (signature verification with signer key unavailable) but this will be hard
> to fix since the new API does not report the reason why a signature verification
> fails (other than the human-readable error message).
+1 from me.
I literally just coded up a similar patch, and the first email I see
with the newly compiled notmuch is this one. I've now tried Thomas's
(better) patch with gmime-2.6.4 and notmuch
7ddd849015759a329bf8fef8c8b5a93359408962, and can confirm it works fine
for me. This build breakage is otherwise quite painful.
Thanks Thomas.
Tim
--
Tim Stoakes
^ permalink raw reply [flat|nested] 42+ messages in thread
* Re: [PATCH] Add pseudo-compatibility with gmime 2.6
2012-01-16 23:56 ` [PATCH] Add pseudo-compatibility with gmime 2.6 Thomas Jost
2012-01-17 0:43 ` Tim Stoakes
@ 2012-01-17 1:08 ` Kazuo Teramoto
2012-01-17 3:47 ` Austin Clements
2012-01-17 10:19 ` Adrian Perez
3 siblings, 0 replies; 42+ messages in thread
From: Kazuo Teramoto @ 2012-01-17 1:08 UTC (permalink / raw)
To: notmuch
[-- Attachment #1: Type: text/plain, Size: 385 bytes --]
On Tue, Jan 17, 2012 at 12:56:39AM +0100, Thomas Jost wrote:
> There are lots of API changes in gmime 2.6 crypto handling. By adding
> preprocessor directives, it is however possible to add gmime 2.6 compatibility
> while preserving compatibility with gmime 2.4 too.
I tested this with gmime 2.4.31 and 2.6.4. Works for me.
In a related note: Arch Linux started to ship gmime 2.6.4.
[-- Attachment #2: Type: application/pgp-signature, Size: 836 bytes --]
^ permalink raw reply [flat|nested] 42+ messages in thread
* Re: [PATCH] Add pseudo-compatibility with gmime 2.6
2012-01-16 23:56 ` [PATCH] Add pseudo-compatibility with gmime 2.6 Thomas Jost
2012-01-17 0:43 ` Tim Stoakes
2012-01-17 1:08 ` Kazuo Teramoto
@ 2012-01-17 3:47 ` Austin Clements
2012-01-17 10:48 ` Adrian Perez
2012-01-17 10:48 ` Thomas Jost
2012-01-17 10:19 ` Adrian Perez
3 siblings, 2 replies; 42+ messages in thread
From: Austin Clements @ 2012-01-17 3:47 UTC (permalink / raw)
To: Thomas Jost; +Cc: notmuch
Quoth Thomas Jost on Jan 17 at 12:56 am:
> There are lots of API changes in gmime 2.6 crypto handling. By adding
> preprocessor directives, it is however possible to add gmime 2.6 compatibility
> while preserving compatibility with gmime 2.4 too.
Awesome. Comments inline below.
> This is mostly based on id:"8762i8hrb9.fsf@bookbinder.fernseed.info".
>
> This was tested against both gmime 2.6.4 and 2.4.31. With gmime 2.4.31, the
> crypto tests all work fine (as expected). With gmime 2.6.4, one crypto test
> fails (signature verification with signer key unavailable) but this will be hard
> to fix since the new API does not report the reason why a signature verification
> fails (other than the human-readable error message).
What is the result of this failing test?
> ---
> mime-node.c | 50 ++++++++++++++++++++++++++-
> notmuch-client.h | 27 ++++++++++++++-
> notmuch-reply.c | 7 ++++
> notmuch-show.c | 97 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
> show-message.c | 4 ++
> 5 files changed, 181 insertions(+), 4 deletions(-)
>
> diff --git a/mime-node.c b/mime-node.c
> index d26bb44..ae2473d 100644
> --- a/mime-node.c
> +++ b/mime-node.c
> @@ -33,7 +33,11 @@ typedef struct mime_node_context {
> GMimeMessage *mime_message;
>
> /* Context provided by the caller. */
> +#ifdef GMIME_26
> + GMimeCryptoContext *cryptoctx;
> +#else
> GMimeCipherContext *cryptoctx;
> +#endif
> notmuch_bool_t decrypt;
> } mime_node_context_t;
>
> @@ -57,8 +61,12 @@ _mime_node_context_free (mime_node_context_t *res)
>
> notmuch_status_t
> mime_node_open (const void *ctx, notmuch_message_t *message,
> - GMimeCipherContext *cryptoctx, notmuch_bool_t decrypt,
> - mime_node_t **root_out)
> +#ifdef GMIME_26
> + GMimeCryptoContext *cryptoctx,
> +#else
> + GMimeCipherContext *cryptoctx,
> +#endif
> + notmuch_bool_t decrypt, mime_node_t **root_out)
> {
> const char *filename = notmuch_message_get_filename (message);
> mime_node_context_t *mctx;
> @@ -112,12 +120,21 @@ DONE:
> return status;
> }
>
> +#ifdef GMIME_26
> +static int
> +_signature_list_free (GMimeSignatureList **proxy)
> +{
> + g_object_unref (*proxy);
> + return 0;
> +}
> +#else
> static int
> _signature_validity_free (GMimeSignatureValidity **proxy)
> {
> g_mime_signature_validity_free (*proxy);
> return 0;
> }
> +#endif
>
> static mime_node_t *
> _mime_node_create (const mime_node_t *parent, GMimeObject *part)
> @@ -165,11 +182,23 @@ _mime_node_create (const mime_node_t *parent, GMimeObject *part)
> GMimeMultipartEncrypted *encrypteddata =
> GMIME_MULTIPART_ENCRYPTED (part);
> node->decrypt_attempted = TRUE;
> +#ifdef GMIME_26
> + GMimeDecryptResult *decrypt_result = g_mime_decrypt_result_new ();
I think g_mime_multipart_encrypted_decrypt allocates the
GMimeDecryptResult for you, so this will just leak memory.
> + node->decrypted_child = g_mime_multipart_encrypted_decrypt
> + (encrypteddata, node->ctx->cryptoctx, &decrypt_result, &err);
> + if (node->decrypted_child) {
> + node->decrypt_success = node->verify_attempted = TRUE;
> + node->sig_list = g_mime_decrypt_result_get_signatures (decrypt_result);
> + if (!node->sig_list)
> + fprintf (stderr, "Failed to get signatures: %s\n",
> + (err ? err->message : "no error explanation given"));
My understanding is that g_mime_decrypt_result_get_signatures returns
NULL if there are no signatures and that this isn't an error. This
differs from 2.4, which would return an empty but non-NULL list.
Also, I believe you have to free the sig_list in both branches now,
which means the talloc_set_destructor can be moved to common logic
outside of the if decrypted/signed.
> +#else
> node->decrypted_child = g_mime_multipart_encrypted_decrypt
> (encrypteddata, node->ctx->cryptoctx, &err);
> if (node->decrypted_child) {
> node->decrypt_success = node->verify_attempted = TRUE;
> node->sig_validity = g_mime_multipart_encrypted_get_signature_validity (encrypteddata);
> +#endif
It's confusing to have the open braces in the #ifdef'd region with a
matching close brace outside of it (and I imagine this confuses
editors and uncrustify, too). You could either copy the else part in
both branches of the #ifdef or avoid duplicated code with something
like
#ifdef GMIME_26
.. node->decrypted_child = ..
#else
.. node->decrypted_child = ..
#endif
if (node->decrypted_child) {
node->decrypt_success = node->verify_attempted = TRUE;
#ifdef GMIME_26
node->sig_list = ..
#else
node->sig_validity = ..
#endif
} else {
fprintf (stderr, ..);
}
> } else {
> fprintf (stderr, "Failed to decrypt part: %s\n",
> (err ? err->message : "no error explanation given"));
> @@ -182,6 +211,18 @@ _mime_node_create (const mime_node_t *parent, GMimeObject *part)
> "(must be exactly 2)\n",
> node->nchildren);
> } else {
> +#ifdef GMIME_26
> + GMimeSignatureList *sig_list = g_mime_multipart_signed_verify
> + (GMIME_MULTIPART_SIGNED (part), node->ctx->cryptoctx, &err);
> + node->verify_attempted = TRUE;
> + node->sig_list = sig_list;
> + if (sig_list) {
> + GMimeSignatureList **proxy =
> + talloc (node, GMimeSignatureList *);
> + *proxy = sig_list;
> + talloc_set_destructor (proxy, _signature_list_free);
> + }
> +#else
> /* For some reason the GMimeSignatureValidity returned
> * here is not a const (inconsistent with that
> * returned by
> @@ -200,10 +241,15 @@ _mime_node_create (const mime_node_t *parent, GMimeObject *part)
> *proxy = sig_validity;
> talloc_set_destructor (proxy, _signature_validity_free);
> }
> +#endif
> }
> }
>
> +#ifdef GMIME_26
> + if (node->verify_attempted && !node->sig_list)
Hmm. This is correct for signed parts, but will incorrectly trigger
for an encrypted part with no signatures. For 2.6, I think this error
checking may have to move into the branches of the if encrypted/signed
since for encrypted parts you have to check if
g_mime_multipart_encrypted_decrypt returned NULL.
> +#else
> if (node->verify_attempted && !node->sig_validity)
> +#endif
> fprintf (stderr, "Failed to verify signed part: %s\n",
> (err ? err->message : "no error explanation given"));
>
> diff --git a/notmuch-client.h b/notmuch-client.h
> index 517c010..e85f882 100644
> --- a/notmuch-client.h
> +++ b/notmuch-client.h
> @@ -30,6 +30,12 @@
>
> #include <gmime/gmime.h>
>
> +/* GMIME_CHECK_VERSION is only available in gmime >= 2.5. But so are
> + * GMIME_MAJOR_VERSION and friends. */
Hah.
> +#ifdef GMIME_MAJOR_VERSION
> +#define GMIME_26
> +#endif
> +
> #include "notmuch.h"
>
> /* This is separate from notmuch-private.h because we're trying to
> @@ -69,7 +75,11 @@ typedef struct notmuch_show_format {
> void (*part_start) (GMimeObject *part,
> int *part_count);
> void (*part_encstatus) (int status);
> +#ifdef GMIME_26
> + void (*part_sigstatus) (GMimeSignatureList* siglist);
> +#else
> void (*part_sigstatus) (const GMimeSignatureValidity* validity);
> +#endif
> void (*part_content) (GMimeObject *part);
> void (*part_end) (GMimeObject *part);
> const char *part_sep;
> @@ -83,7 +93,11 @@ typedef struct notmuch_show_params {
> int entire_thread;
> int raw;
> int part;
> +#ifdef GMIME_26
> + GMimeCryptoContext* cryptoctx;
> +#else
> GMimeCipherContext* cryptoctx;
> +#endif
> int decrypt;
> } notmuch_show_params_t;
>
> @@ -286,7 +300,12 @@ typedef struct mime_node {
> * signature. May be NULL if signature verification failed. If
> * there are simply no signatures, this will be non-NULL with an
> * empty signers list. */
> +#ifdef GMIME_26
> + /* TODO: update the above comment... */
Since this behaves very differently in 2.6, I think documenting it is
important (and being very careful about the differences). Maybe
/* The list of signatures for signed or encrypted containers. If
* there are no signatures, this will be NULL. */
> + GMimeSignatureList* sig_list;
> +#else
> const GMimeSignatureValidity *sig_validity;
> +#endif
>
> /* Internal: Context inherited from the root iterator. */
> struct mime_node_context *ctx;
> @@ -311,8 +330,12 @@ typedef struct mime_node {
> */
> notmuch_status_t
> mime_node_open (const void *ctx, notmuch_message_t *message,
> - GMimeCipherContext *cryptoctx, notmuch_bool_t decrypt,
> - mime_node_t **node_out);
> +#ifdef GMIME_26
> + GMimeCryptoContext *cryptoctx,
> +#else
> + GMimeCipherContext *cryptoctx,
> +#endif
> + notmuch_bool_t decrypt, mime_node_t **node_out);
>
> /* Return a new MIME node for the requested child part of parent.
> * parent will be used as the talloc context for the returned child
> diff --git a/notmuch-reply.c b/notmuch-reply.c
> index da3acce..dc37c51 100644
> --- a/notmuch-reply.c
> +++ b/notmuch-reply.c
> @@ -688,15 +688,22 @@ notmuch_reply_command (void *ctx, int argc, char *argv[])
> reply_format_func = notmuch_reply_format_default;
>
> if (decrypt) {
> +#ifdef GMIME_26
> + /* TODO: GMimePasswordRequestFunc */
> + params.cryptoctx = g_mime_gpg_context_new (NULL, "gpg");
> +#else
> GMimeSession* session = g_object_new (g_mime_session_get_type(), NULL);
> params.cryptoctx = g_mime_gpg_context_new (session, "gpg");
> +#endif
> if (params.cryptoctx) {
> g_mime_gpg_context_set_always_trust ((GMimeGpgContext*) params.cryptoctx, FALSE);
> params.decrypt = TRUE;
> } else {
> fprintf (stderr, "Failed to construct gpg context.\n");
> }
> +#ifndef GMIME_26
> g_object_unref (session);
> +#endif
> }
>
> config = notmuch_config_open (ctx, NULL, NULL);
> diff --git a/notmuch-show.c b/notmuch-show.c
> index d14dac9..263ab72 100644
> --- a/notmuch-show.c
> +++ b/notmuch-show.c
> @@ -76,7 +76,11 @@ static void
> format_part_encstatus_json (int status);
>
> static void
> +#ifdef GMIME_26
> +format_part_sigstatus_json (GMimeSignatureList* siglist);
> +#else
> format_part_sigstatus_json (const GMimeSignatureValidity* validity);
> +#endif
>
> static void
> format_part_content_json (GMimeObject *part);
> @@ -486,6 +490,21 @@ show_text_part_content (GMimeObject *part, GMimeStream *stream_out)
> g_object_unref(stream_filter);
> }
>
> +#ifdef GMIME_26
> +static const char*
> +signature_status_to_string (GMimeSignatureStatus x)
> +{
> + switch (x) {
> + case GMIME_SIGNATURE_STATUS_GOOD:
> + return "good";
> + case GMIME_SIGNATURE_STATUS_BAD:
> + return "bad";
> + case GMIME_SIGNATURE_STATUS_ERROR:
> + return "error";
> + }
> + return "unknown";
> +}
> +#else
> static const char*
> signer_status_to_string (GMimeSignerStatus x)
> {
> @@ -501,6 +520,7 @@ signer_status_to_string (GMimeSignerStatus x)
> }
> return "unknown";
> }
> +#endif
>
> static void
> format_part_start_text (GMimeObject *part, int *part_count)
> @@ -592,6 +612,75 @@ format_part_encstatus_json (int status)
> printf ("}]");
> }
>
> +#ifdef GMIME_26
> +static void
> +format_part_sigstatus_json (GMimeSignatureList *siglist)
> +{
> + printf (", \"sigstatus\": [");
> +
> + if (!siglist) {
> + printf ("]");
> + return;
> + }
> +
> + void *ctx_quote = talloc_new (NULL);
> + int i;
> + for (i = 0; i < g_mime_signature_list_length (siglist); ++i) {
Style nit: notmuch uses i++.
> + GMimeSignature *signature = g_mime_signature_list_get_signature (siglist, i);
> +
> + if (i > 0)
> + printf (", ");
> +
> + printf ("{");
> +
> + /* status */
> + GMimeSignatureStatus status = g_mime_signature_get_status (signature);
> + printf ("\"status\": %s",
> + json_quote_str (ctx_quote,
> + signature_status_to_string (status)));
> +
> + GMimeCertificate *certificate = g_mime_signature_get_certificate (signature);
> + if (status == GMIME_SIGNATURE_STATUS_GOOD)
> + {
Style nit: break after brace.
(Presumably this is copied from the existing
format_part_sigstatus_json, but since it's technically new code
there's no reason not to fix these up.)
> + if (certificate)
> + printf (", \"fingerprint\": %s", json_quote_str (ctx_quote, g_mime_certificate_get_fingerprint (certificate)));
> + /* these dates are seconds since the epoch; should we
> + * provide a more human-readable format string? */
> + time_t created = g_mime_signature_get_created (signature);
> + if (created != -1)
> + printf (", \"created\": %d", (int) created);
> + time_t expires = g_mime_signature_get_expires (signature);
> + if (expires > 0)
> + printf (", \"expires\": %d", (int) expires);
Is it intentional that the two above checks are different? I would
think the second should be expires != -1.
> + /* output user id only if validity is FULL or ULTIMATE. */
> + /* note that gmime is using the term "trust" here, which
> + * is WRONG. It's actually user id "validity". */
> + if (certificate)
> + {
Break after brace.
> + const char *name = g_mime_certificate_get_name (certificate);
> + GMimeCertificateTrust trust = g_mime_certificate_get_trust (certificate);
> + if (name && (trust == GMIME_CERTIFICATE_TRUST_FULLY || trust == GMIME_CERTIFICATE_TRUST_ULTIMATE))
> + printf (", \"userid\": %s", json_quote_str (ctx_quote, name));
> + }
> + } else if (certificate) {
> + const char *key_id = g_mime_certificate_get_key_id (certificate);
> + if (key_id)
> + printf (", \"keyid\": %s", json_quote_str (ctx_quote, key_id));
> + }
> +
> + GMimeSignatureError errors = g_mime_signature_get_errors (signature);
> + if (errors != GMIME_SIGNATURE_ERROR_NONE) {
> + printf (", \"errors\": %x", errors);
This should be %d (I would say 0x%x, but JSON doesn't support hex
literals). I see this bug came from the original
format_part_sigstatus_json. Maybe there should be a quick patch
before this one that fixes the source of the bug?
> + }
> +
> + printf ("}");
> + }
> +
> + printf ("]");
> +
> + talloc_free (ctx_quote);
> +}
> +#else
> static void
> format_part_sigstatus_json (const GMimeSignatureValidity* validity)
> {
> @@ -652,6 +741,7 @@ format_part_sigstatus_json (const GMimeSignatureValidity* validity)
>
> talloc_free (ctx_quote);
> }
> +#endif
>
> static void
> format_part_content_json (GMimeObject *part)
> @@ -990,13 +1080,20 @@ notmuch_show_command (void *ctx, unused (int argc), unused (char *argv[]))
> } else if ((STRNCMP_LITERAL (argv[i], "--verify") == 0) ||
> (STRNCMP_LITERAL (argv[i], "--decrypt") == 0)) {
> if (params.cryptoctx == NULL) {
> +#ifdef GMIME_26
> + /* TODO: GMimePasswordRequestFunc */
> + if (NULL == (params.cryptoctx = g_mime_gpg_context_new(NULL, "gpg")))
> +#else
> GMimeSession* session = g_object_new(g_mime_session_get_type(), NULL);
> if (NULL == (params.cryptoctx = g_mime_gpg_context_new(session, "gpg")))
> +#endif
> fprintf (stderr, "Failed to construct gpg context.\n");
> else
> g_mime_gpg_context_set_always_trust((GMimeGpgContext*)params.cryptoctx, FALSE);
> +#ifndef GMIME_26
> g_object_unref (session);
> session = NULL;
> +#endif
> }
> if (STRNCMP_LITERAL (argv[i], "--decrypt") == 0)
> params.decrypt = 1;
> diff --git a/show-message.c b/show-message.c
> index 8768889..65269fd 100644
> --- a/show-message.c
> +++ b/show-message.c
> @@ -48,7 +48,11 @@ show_message_part (mime_node_t *node,
> format->part_encstatus (node->decrypt_success);
>
> if (node->verify_attempted && format->part_sigstatus)
> +#ifdef GMIME_26
> + format->part_sigstatus (node->sig_list);
> +#else
> format->part_sigstatus (node->sig_validity);
> +#endif
>
> format->part_content (part);
>
^ permalink raw reply [flat|nested] 42+ messages in thread
* Re: [PATCH] Add pseudo-compatibility with gmime 2.6
2012-01-16 23:56 ` [PATCH] Add pseudo-compatibility with gmime 2.6 Thomas Jost
` (2 preceding siblings ...)
2012-01-17 3:47 ` Austin Clements
@ 2012-01-17 10:19 ` Adrian Perez
3 siblings, 0 replies; 42+ messages in thread
From: Adrian Perez @ 2012-01-17 10:19 UTC (permalink / raw)
To: notmuch
[-- Attachment #1: Type: text/plain, Size: 547 bytes --]
Hi,
On Tue, 17 Jan 2012 00:56:39 +0100, Thomas Jost <schnouki@schnouki.net> wrote:
> There are lots of API changes in gmime 2.6 crypto handling. By adding
> preprocessor directives, it is however possible to add gmime 2.6 compatibility
> while preserving compatibility with gmime 2.4 too.
This approach is better than just dropping support for 2.4 (as my patch
does), so I would favor integrating this one instead of mine :D
Br.
--
Adrian Perez <aperez@igalia.com> - Sent from my toaster
Igalia - Free Software Engineering
[-- Attachment #2: Type: application/pgp-signature, Size: 197 bytes --]
^ permalink raw reply [flat|nested] 42+ messages in thread
* Re: [PATCH] Add pseudo-compatibility with gmime 2.6
2012-01-17 3:47 ` Austin Clements
@ 2012-01-17 10:48 ` Adrian Perez
2012-01-17 10:48 ` Thomas Jost
1 sibling, 0 replies; 42+ messages in thread
From: Adrian Perez @ 2012-01-17 10:48 UTC (permalink / raw)
To: notmuch
[-- Attachment #1: Type: text/plain, Size: 17908 bytes --]
Hi,
Just a couple of comments inline :)
On Mon, 16 Jan 2012 22:47:14 -0500, Austin Clements <amdragon@MIT.EDU> wrote:
> Quoth Thomas Jost on Jan 17 at 12:56 am:
> > There are lots of API changes in gmime 2.6 crypto handling. By adding
> > preprocessor directives, it is however possible to add gmime 2.6 compatibility
> > while preserving compatibility with gmime 2.4 too.
>
> Awesome. Comments inline below.
>
> > This is mostly based on id:"8762i8hrb9.fsf@bookbinder.fernseed.info".
> >
> > This was tested against both gmime 2.6.4 and 2.4.31. With gmime 2.4.31, the
> > crypto tests all work fine (as expected). With gmime 2.6.4, one crypto test
> > fails (signature verification with signer key unavailable) but this will be hard
> > to fix since the new API does not report the reason why a signature verification
> > fails (other than the human-readable error message).
>
> What is the result of this failing test?
>
> > ---
> > mime-node.c | 50 ++++++++++++++++++++++++++-
> > notmuch-client.h | 27 ++++++++++++++-
> > notmuch-reply.c | 7 ++++
> > notmuch-show.c | 97 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
> > show-message.c | 4 ++
> > 5 files changed, 181 insertions(+), 4 deletions(-)
> >
> > diff --git a/mime-node.c b/mime-node.c
> > index d26bb44..ae2473d 100644
> > --- a/mime-node.c
> > +++ b/mime-node.c
> > @@ -33,7 +33,11 @@ typedef struct mime_node_context {
> > GMimeMessage *mime_message;
> >
> > /* Context provided by the caller. */
> > +#ifdef GMIME_26
> > + GMimeCryptoContext *cryptoctx;
> > +#else
> > GMimeCipherContext *cryptoctx;
> > +#endif
> > notmuch_bool_t decrypt;
> > } mime_node_context_t;
> >
> > @@ -57,8 +61,12 @@ _mime_node_context_free (mime_node_context_t *res)
> >
> > notmuch_status_t
> > mime_node_open (const void *ctx, notmuch_message_t *message,
> > - GMimeCipherContext *cryptoctx, notmuch_bool_t decrypt,
> > - mime_node_t **root_out)
> > +#ifdef GMIME_26
> > + GMimeCryptoContext *cryptoctx,
> > +#else
> > + GMimeCipherContext *cryptoctx,
> > +#endif
> > + notmuch_bool_t decrypt, mime_node_t **root_out)
> > {
> > const char *filename = notmuch_message_get_filename (message);
> > mime_node_context_t *mctx;
> > @@ -112,12 +120,21 @@ DONE:
> > return status;
> > }
> >
> > +#ifdef GMIME_26
> > +static int
> > +_signature_list_free (GMimeSignatureList **proxy)
> > +{
> > + g_object_unref (*proxy);
> > + return 0;
> > +}
> > +#else
> > static int
> > _signature_validity_free (GMimeSignatureValidity **proxy)
> > {
> > g_mime_signature_validity_free (*proxy);
> > return 0;
> > }
> > +#endif
> >
> > static mime_node_t *
> > _mime_node_create (const mime_node_t *parent, GMimeObject *part)
> > @@ -165,11 +182,23 @@ _mime_node_create (const mime_node_t *parent, GMimeObject *part)
> > GMimeMultipartEncrypted *encrypteddata =
> > GMIME_MULTIPART_ENCRYPTED (part);
> > node->decrypt_attempted = TRUE;
> > +#ifdef GMIME_26
> > + GMimeDecryptResult *decrypt_result = g_mime_decrypt_result_new ();
>
> I think g_mime_multipart_encrypted_decrypt allocates the
> GMimeDecryptResult for you, so this will just leak memory.
Yes, this is a leak. The documentation says that the function is
responsible of allocating the GMimeDecryptResult. The g_object_unref()
is still needed in notmuch's code to free it, though.
See http://git.gnome.org/browse/gmime/tree/gmime/gmime-multipart-encrypted.c#n282
> > + node->decrypted_child = g_mime_multipart_encrypted_decrypt
> > + (encrypteddata, node->ctx->cryptoctx, &decrypt_result, &err);
> > + if (node->decrypted_child) {
> > + node->decrypt_success = node->verify_attempted = TRUE;
> > + node->sig_list = g_mime_decrypt_result_get_signatures (decrypt_result);
> > + if (!node->sig_list)
> > + fprintf (stderr, "Failed to get signatures: %s\n",
> > + (err ? err->message : "no error explanation given"));
>
> My understanding is that g_mime_decrypt_result_get_signatures returns
> NULL if there are no signatures and that this isn't an error. This
> differs from 2.4, which would return an empty but non-NULL list.
>
> Also, I believe you have to free the sig_list in both branches now,
> which means the talloc_set_destructor can be moved to common logic
> outside of the if decrypted/signed.
>
> > +#else
> > node->decrypted_child = g_mime_multipart_encrypted_decrypt
> > (encrypteddata, node->ctx->cryptoctx, &err);
> > if (node->decrypted_child) {
> > node->decrypt_success = node->verify_attempted = TRUE;
> > node->sig_validity = g_mime_multipart_encrypted_get_signature_validity (encrypteddata);
> > +#endif
>
> It's confusing to have the open braces in the #ifdef'd region with a
> matching close brace outside of it (and I imagine this confuses
> editors and uncrustify, too). You could either copy the else part in
> both branches of the #ifdef or avoid duplicated code with something
> like
>
> #ifdef GMIME_26
> .. node->decrypted_child = ..
> #else
> .. node->decrypted_child = ..
> #endif
> if (node->decrypted_child) {
> node->decrypt_success = node->verify_attempted = TRUE;
> #ifdef GMIME_26
> node->sig_list = ..
> #else
> node->sig_validity = ..
> #endif
> } else {
> fprintf (stderr, ..);
> }
>
> > } else {
> > fprintf (stderr, "Failed to decrypt part: %s\n",
> > (err ? err->message : "no error explanation given"));
> > @@ -182,6 +211,18 @@ _mime_node_create (const mime_node_t *parent, GMimeObject *part)
> > "(must be exactly 2)\n",
> > node->nchildren);
> > } else {
> > +#ifdef GMIME_26
> > + GMimeSignatureList *sig_list = g_mime_multipart_signed_verify
> > + (GMIME_MULTIPART_SIGNED (part), node->ctx->cryptoctx, &err);
> > + node->verify_attempted = TRUE;
> > + node->sig_list = sig_list;
> > + if (sig_list) {
> > + GMimeSignatureList **proxy =
> > + talloc (node, GMimeSignatureList *);
> > + *proxy = sig_list;
> > + talloc_set_destructor (proxy, _signature_list_free);
> > + }
> > +#else
> > /* For some reason the GMimeSignatureValidity returned
> > * here is not a const (inconsistent with that
> > * returned by
> > @@ -200,10 +241,15 @@ _mime_node_create (const mime_node_t *parent, GMimeObject *part)
> > *proxy = sig_validity;
> > talloc_set_destructor (proxy, _signature_validity_free);
> > }
> > +#endif
> > }
> > }
> >
> > +#ifdef GMIME_26
> > + if (node->verify_attempted && !node->sig_list)
>
> Hmm. This is correct for signed parts, but will incorrectly trigger
> for an encrypted part with no signatures. For 2.6, I think this error
> checking may have to move into the branches of the if encrypted/signed
> since for encrypted parts you have to check if
> g_mime_multipart_encrypted_decrypt returned NULL.
>
> > +#else
> > if (node->verify_attempted && !node->sig_validity)
> > +#endif
> > fprintf (stderr, "Failed to verify signed part: %s\n",
> > (err ? err->message : "no error explanation given"));
> >
> > diff --git a/notmuch-client.h b/notmuch-client.h
> > index 517c010..e85f882 100644
> > --- a/notmuch-client.h
> > +++ b/notmuch-client.h
> > @@ -30,6 +30,12 @@
> >
> > #include <gmime/gmime.h>
> >
> > +/* GMIME_CHECK_VERSION is only available in gmime >= 2.5. But so are
> > + * GMIME_MAJOR_VERSION and friends. */
>
> Hah.
>
> > +#ifdef GMIME_MAJOR_VERSION
> > +#define GMIME_26
> > +#endif
> > +
> > #include "notmuch.h"
> >
> > /* This is separate from notmuch-private.h because we're trying to
> > @@ -69,7 +75,11 @@ typedef struct notmuch_show_format {
> > void (*part_start) (GMimeObject *part,
> > int *part_count);
> > void (*part_encstatus) (int status);
> > +#ifdef GMIME_26
> > + void (*part_sigstatus) (GMimeSignatureList* siglist);
> > +#else
> > void (*part_sigstatus) (const GMimeSignatureValidity* validity);
> > +#endif
> > void (*part_content) (GMimeObject *part);
> > void (*part_end) (GMimeObject *part);
> > const char *part_sep;
> > @@ -83,7 +93,11 @@ typedef struct notmuch_show_params {
> > int entire_thread;
> > int raw;
> > int part;
> > +#ifdef GMIME_26
> > + GMimeCryptoContext* cryptoctx;
> > +#else
> > GMimeCipherContext* cryptoctx;
> > +#endif
> > int decrypt;
> > } notmuch_show_params_t;
> >
> > @@ -286,7 +300,12 @@ typedef struct mime_node {
> > * signature. May be NULL if signature verification failed. If
> > * there are simply no signatures, this will be non-NULL with an
> > * empty signers list. */
> > +#ifdef GMIME_26
> > + /* TODO: update the above comment... */
>
> Since this behaves very differently in 2.6, I think documenting it is
> important (and being very careful about the differences). Maybe
>
> /* The list of signatures for signed or encrypted containers. If
> * there are no signatures, this will be NULL. */
>
> > + GMimeSignatureList* sig_list;
> > +#else
> > const GMimeSignatureValidity *sig_validity;
> > +#endif
> >
> > /* Internal: Context inherited from the root iterator. */
> > struct mime_node_context *ctx;
> > @@ -311,8 +330,12 @@ typedef struct mime_node {
> > */
> > notmuch_status_t
> > mime_node_open (const void *ctx, notmuch_message_t *message,
> > - GMimeCipherContext *cryptoctx, notmuch_bool_t decrypt,
> > - mime_node_t **node_out);
> > +#ifdef GMIME_26
> > + GMimeCryptoContext *cryptoctx,
> > +#else
> > + GMimeCipherContext *cryptoctx,
> > +#endif
> > + notmuch_bool_t decrypt, mime_node_t **node_out);
> >
> > /* Return a new MIME node for the requested child part of parent.
> > * parent will be used as the talloc context for the returned child
> > diff --git a/notmuch-reply.c b/notmuch-reply.c
> > index da3acce..dc37c51 100644
> > --- a/notmuch-reply.c
> > +++ b/notmuch-reply.c
> > @@ -688,15 +688,22 @@ notmuch_reply_command (void *ctx, int argc, char *argv[])
> > reply_format_func = notmuch_reply_format_default;
> >
> > if (decrypt) {
> > +#ifdef GMIME_26
> > + /* TODO: GMimePasswordRequestFunc */
> > + params.cryptoctx = g_mime_gpg_context_new (NULL, "gpg");
> > +#else
> > GMimeSession* session = g_object_new (g_mime_session_get_type(), NULL);
> > params.cryptoctx = g_mime_gpg_context_new (session, "gpg");
> > +#endif
> > if (params.cryptoctx) {
> > g_mime_gpg_context_set_always_trust ((GMimeGpgContext*) params.cryptoctx, FALSE);
> > params.decrypt = TRUE;
> > } else {
> > fprintf (stderr, "Failed to construct gpg context.\n");
> > }
> > +#ifndef GMIME_26
> > g_object_unref (session);
> > +#endif
> > }
> >
> > config = notmuch_config_open (ctx, NULL, NULL);
> > diff --git a/notmuch-show.c b/notmuch-show.c
> > index d14dac9..263ab72 100644
> > --- a/notmuch-show.c
> > +++ b/notmuch-show.c
> > @@ -76,7 +76,11 @@ static void
> > format_part_encstatus_json (int status);
> >
> > static void
> > +#ifdef GMIME_26
> > +format_part_sigstatus_json (GMimeSignatureList* siglist);
> > +#else
> > format_part_sigstatus_json (const GMimeSignatureValidity* validity);
> > +#endif
> >
> > static void
> > format_part_content_json (GMimeObject *part);
> > @@ -486,6 +490,21 @@ show_text_part_content (GMimeObject *part, GMimeStream *stream_out)
> > g_object_unref(stream_filter);
> > }
> >
> > +#ifdef GMIME_26
> > +static const char*
> > +signature_status_to_string (GMimeSignatureStatus x)
> > +{
> > + switch (x) {
> > + case GMIME_SIGNATURE_STATUS_GOOD:
> > + return "good";
> > + case GMIME_SIGNATURE_STATUS_BAD:
> > + return "bad";
> > + case GMIME_SIGNATURE_STATUS_ERROR:
> > + return "error";
> > + }
> > + return "unknown";
> > +}
> > +#else
> > static const char*
> > signer_status_to_string (GMimeSignerStatus x)
> > {
> > @@ -501,6 +520,7 @@ signer_status_to_string (GMimeSignerStatus x)
> > }
> > return "unknown";
> > }
> > +#endif
> >
> > static void
> > format_part_start_text (GMimeObject *part, int *part_count)
> > @@ -592,6 +612,75 @@ format_part_encstatus_json (int status)
> > printf ("}]");
> > }
> >
> > +#ifdef GMIME_26
> > +static void
> > +format_part_sigstatus_json (GMimeSignatureList *siglist)
> > +{
> > + printf (", \"sigstatus\": [");
> > +
> > + if (!siglist) {
> > + printf ("]");
> > + return;
> > + }
> > +
> > + void *ctx_quote = talloc_new (NULL);
> > + int i;
> > + for (i = 0; i < g_mime_signature_list_length (siglist); ++i) {
>
> Style nit: notmuch uses i++.
>
> > + GMimeSignature *signature = g_mime_signature_list_get_signature (siglist, i);
> > +
> > + if (i > 0)
> > + printf (", ");
> > +
> > + printf ("{");
> > +
> > + /* status */
> > + GMimeSignatureStatus status = g_mime_signature_get_status (signature);
> > + printf ("\"status\": %s",
> > + json_quote_str (ctx_quote,
> > + signature_status_to_string (status)));
> > +
> > + GMimeCertificate *certificate = g_mime_signature_get_certificate (signature);
> > + if (status == GMIME_SIGNATURE_STATUS_GOOD)
> > + {
>
> Style nit: break after brace.
>
> (Presumably this is copied from the existing
> format_part_sigstatus_json, but since it's technically new code
> there's no reason not to fix these up.)
>
> > + if (certificate)
> > + printf (", \"fingerprint\": %s", json_quote_str (ctx_quote, g_mime_certificate_get_fingerprint (certificate)));
> > + /* these dates are seconds since the epoch; should we
> > + * provide a more human-readable format string? */
> > + time_t created = g_mime_signature_get_created (signature);
> > + if (created != -1)
> > + printf (", \"created\": %d", (int) created);
> > + time_t expires = g_mime_signature_get_expires (signature);
> > + if (expires > 0)
> > + printf (", \"expires\": %d", (int) expires);
>
> Is it intentional that the two above checks are different? I would
> think the second should be expires != -1.
Yes, it should check for “expires != -1”. Also, wouldn't it be needed to
cast do “expires != (time_t) -1” to avoid compiler warnings? (time_t may
be different from int.)
> > + /* output user id only if validity is FULL or ULTIMATE. */
> > + /* note that gmime is using the term "trust" here, which
> > + * is WRONG. It's actually user id "validity". */
> > + if (certificate)
> > + {
>
> Break after brace.
>
> > + const char *name = g_mime_certificate_get_name (certificate);
> > + GMimeCertificateTrust trust = g_mime_certificate_get_trust (certificate);
> > + if (name && (trust == GMIME_CERTIFICATE_TRUST_FULLY || trust == GMIME_CERTIFICATE_TRUST_ULTIMATE))
> > + printf (", \"userid\": %s", json_quote_str (ctx_quote, name));
> > + }
> > + } else if (certificate) {
> > + const char *key_id = g_mime_certificate_get_key_id (certificate);
> > + if (key_id)
> > + printf (", \"keyid\": %s", json_quote_str (ctx_quote, key_id));
> > + }
> > +
> > + GMimeSignatureError errors = g_mime_signature_get_errors (signature);
> > + if (errors != GMIME_SIGNATURE_ERROR_NONE) {
> > + printf (", \"errors\": %x", errors);
>
> This should be %d (I would say 0x%x, but JSON doesn't support hex
> literals). I see this bug came from the original
> format_part_sigstatus_json. Maybe there should be a quick patch
> before this one that fixes the source of the bug?
>
> > + }
> > +
> > + printf ("}");
> > + }
> > +
> > + printf ("]");
> > +
> > + talloc_free (ctx_quote);
> > +}
> > +#else
> > static void
> > format_part_sigstatus_json (const GMimeSignatureValidity* validity)
> > {
> > @@ -652,6 +741,7 @@ format_part_sigstatus_json (const GMimeSignatureValidity* validity)
> >
> > talloc_free (ctx_quote);
> > }
> > +#endif
> >
> > static void
> > format_part_content_json (GMimeObject *part)
> > @@ -990,13 +1080,20 @@ notmuch_show_command (void *ctx, unused (int argc), unused (char *argv[]))
> > } else if ((STRNCMP_LITERAL (argv[i], "--verify") == 0) ||
> > (STRNCMP_LITERAL (argv[i], "--decrypt") == 0)) {
> > if (params.cryptoctx == NULL) {
> > +#ifdef GMIME_26
> > + /* TODO: GMimePasswordRequestFunc */
> > + if (NULL == (params.cryptoctx = g_mime_gpg_context_new(NULL, "gpg")))
> > +#else
> > GMimeSession* session = g_object_new(g_mime_session_get_type(), NULL);
> > if (NULL == (params.cryptoctx = g_mime_gpg_context_new(session, "gpg")))
> > +#endif
> > fprintf (stderr, "Failed to construct gpg context.\n");
> > else
> > g_mime_gpg_context_set_always_trust((GMimeGpgContext*)params.cryptoctx, FALSE);
> > +#ifndef GMIME_26
> > g_object_unref (session);
> > session = NULL;
> > +#endif
> > }
> > if (STRNCMP_LITERAL (argv[i], "--decrypt") == 0)
> > params.decrypt = 1;
> > diff --git a/show-message.c b/show-message.c
> > index 8768889..65269fd 100644
> > --- a/show-message.c
> > +++ b/show-message.c
> > @@ -48,7 +48,11 @@ show_message_part (mime_node_t *node,
> > format->part_encstatus (node->decrypt_success);
> >
> > if (node->verify_attempted && format->part_sigstatus)
> > +#ifdef GMIME_26
> > + format->part_sigstatus (node->sig_list);
> > +#else
> > format->part_sigstatus (node->sig_validity);
> > +#endif
> >
> > format->part_content (part);
> >
--
Adrian Perez <aperez@igalia.com> - Sent from my toaster
Igalia - Free Software Engineering
[-- Attachment #2: Type: application/pgp-signature, Size: 197 bytes --]
^ permalink raw reply [flat|nested] 42+ messages in thread
* Re: [PATCH] Add pseudo-compatibility with gmime 2.6
2012-01-17 3:47 ` Austin Clements
2012-01-17 10:48 ` Adrian Perez
@ 2012-01-17 10:48 ` Thomas Jost
2012-01-17 10:50 ` [PATCH v2 1/2] show: don't use hex literals in JSON output Thomas Jost
2012-01-17 20:38 ` [PATCH] " Austin Clements
1 sibling, 2 replies; 42+ messages in thread
From: Thomas Jost @ 2012-01-17 10:48 UTC (permalink / raw)
To: Austin Clements; +Cc: notmuch
[-- Attachment #1: Type: text/plain, Size: 19831 bytes --]
On Mon, 16 Jan 2012 22:47:14 -0500, Austin Clements <amdragon@MIT.EDU> wrote:
> Quoth Thomas Jost on Jan 17 at 12:56 am:
> > There are lots of API changes in gmime 2.6 crypto handling. By adding
> > preprocessor directives, it is however possible to add gmime 2.6 compatibility
> > while preserving compatibility with gmime 2.4 too.
>
> Awesome. Comments inline below.
Thanks for reviewing this so quickly. Replies inline, and new patches
incoming soon.
> > This is mostly based on id:"8762i8hrb9.fsf@bookbinder.fernseed.info".
> >
> > This was tested against both gmime 2.6.4 and 2.4.31. With gmime 2.4.31, the
> > crypto tests all work fine (as expected). With gmime 2.6.4, one crypto test
> > fails (signature verification with signer key unavailable) but this will be hard
> > to fix since the new API does not report the reason why a signature verification
> > fails (other than the human-readable error message).
>
> What is the result of this failing test?
The test looks like that:
FAIL signature verification with signer key unavailable
--- crypto.4.expected 2012-01-16 23:05:06.765651183 +0000
+++ crypto.4.output 2012-01-16 23:05:06.765651183 +0000
@@ -12,9 +12,7 @@
"Bcc": "",
"Date": "01 Jan 2000 12:00:00 -0000"},
"body": [{"id": 1,
- "sigstatus": [{"status": "error",
- "keyid": "6D92612D94E46381",
- "errors": 2}],
+ "sigstatus": [],
"content-type": "multipart/signed",
"content": [{"id": 2,
"content-type": "text/plain",
Failed to verify signed part: gpg: keyblock resource `/home/schnouki/dev/notmuch/test/tmp.crypto/gnupg/pubring.gpg': file open error
gpg: armor header: Version: GnuPG v1.4.11 (GNU/Linux)
gpg: Signature made Mon Jan 16 23:05:06 2012 UTC using RSA key ID 94E46381
gpg: Can't check signature: public key not found
So basically if a signer public key is missing, we can't get the status
signature: empty "sigstatus" field in the JSON output, "Unknown
signature status" in Emacs.
IMHO this is a bug in gmime 2.6, and I think I know what causes it. I'll
file a bug in gmime and hopefully they'll find a cleaner way to fix it
than the one I came up with :)
>
> > ---
> > mime-node.c | 50 ++++++++++++++++++++++++++-
> > notmuch-client.h | 27 ++++++++++++++-
> > notmuch-reply.c | 7 ++++
> > notmuch-show.c | 97 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
> > show-message.c | 4 ++
> > 5 files changed, 181 insertions(+), 4 deletions(-)
> >
> > diff --git a/mime-node.c b/mime-node.c
> > index d26bb44..ae2473d 100644
> > --- a/mime-node.c
> > +++ b/mime-node.c
> > @@ -33,7 +33,11 @@ typedef struct mime_node_context {
> > GMimeMessage *mime_message;
> >
> > /* Context provided by the caller. */
> > +#ifdef GMIME_26
> > + GMimeCryptoContext *cryptoctx;
> > +#else
> > GMimeCipherContext *cryptoctx;
> > +#endif
> > notmuch_bool_t decrypt;
> > } mime_node_context_t;
> >
> > @@ -57,8 +61,12 @@ _mime_node_context_free (mime_node_context_t *res)
> >
> > notmuch_status_t
> > mime_node_open (const void *ctx, notmuch_message_t *message,
> > - GMimeCipherContext *cryptoctx, notmuch_bool_t decrypt,
> > - mime_node_t **root_out)
> > +#ifdef GMIME_26
> > + GMimeCryptoContext *cryptoctx,
> > +#else
> > + GMimeCipherContext *cryptoctx,
> > +#endif
> > + notmuch_bool_t decrypt, mime_node_t **root_out)
> > {
> > const char *filename = notmuch_message_get_filename (message);
> > mime_node_context_t *mctx;
> > @@ -112,12 +120,21 @@ DONE:
> > return status;
> > }
> >
> > +#ifdef GMIME_26
> > +static int
> > +_signature_list_free (GMimeSignatureList **proxy)
> > +{
> > + g_object_unref (*proxy);
> > + return 0;
> > +}
> > +#else
> > static int
> > _signature_validity_free (GMimeSignatureValidity **proxy)
> > {
> > g_mime_signature_validity_free (*proxy);
> > return 0;
> > }
> > +#endif
> >
> > static mime_node_t *
> > _mime_node_create (const mime_node_t *parent, GMimeObject *part)
> > @@ -165,11 +182,23 @@ _mime_node_create (const mime_node_t *parent, GMimeObject *part)
> > GMimeMultipartEncrypted *encrypteddata =
> > GMIME_MULTIPART_ENCRYPTED (part);
> > node->decrypt_attempted = TRUE;
> > +#ifdef GMIME_26
> > + GMimeDecryptResult *decrypt_result = g_mime_decrypt_result_new ();
>
> I think g_mime_multipart_encrypted_decrypt allocates the
> GMimeDecryptResult for you, so this will just leak memory.
You're right, fixed. Will it be freed along with node->decrypted_child,
or do we need to handle this ourself?
>
> > + node->decrypted_child = g_mime_multipart_encrypted_decrypt
> > + (encrypteddata, node->ctx->cryptoctx, &decrypt_result, &err);
> > + if (node->decrypted_child) {
> > + node->decrypt_success = node->verify_attempted = TRUE;
> > + node->sig_list = g_mime_decrypt_result_get_signatures (decrypt_result);
> > + if (!node->sig_list)
> > + fprintf (stderr, "Failed to get signatures: %s\n",
> > + (err ? err->message : "no error explanation given"));
>
> My understanding is that g_mime_decrypt_result_get_signatures returns
> NULL if there are no signatures and that this isn't an error. This
> differs from 2.4, which would return an empty but non-NULL list.
>
> Also, I believe you have to free the sig_list in both branches now,
> which means the talloc_set_destructor can be moved to common logic
> outside of the if decrypted/signed.
Hmmm, you're right about g_mime_decrypt_result_get_signatures. I should
have RTFM.
Also moved talloc_set_destructor outside the if/else, thanks.
>
> > +#else
> > node->decrypted_child = g_mime_multipart_encrypted_decrypt
> > (encrypteddata, node->ctx->cryptoctx, &err);
> > if (node->decrypted_child) {
> > node->decrypt_success = node->verify_attempted = TRUE;
> > node->sig_validity = g_mime_multipart_encrypted_get_signature_validity (encrypteddata);
> > +#endif
>
> It's confusing to have the open braces in the #ifdef'd region with a
> matching close brace outside of it (and I imagine this confuses
> editors and uncrustify, too). You could either copy the else part in
> both branches of the #ifdef or avoid duplicated code with something
> like
>
> #ifdef GMIME_26
> .. node->decrypted_child = ..
> #else
> .. node->decrypted_child = ..
> #endif
> if (node->decrypted_child) {
> node->decrypt_success = node->verify_attempted = TRUE;
> #ifdef GMIME_26
> node->sig_list = ..
> #else
> node->sig_validity = ..
> #endif
> } else {
> fprintf (stderr, ..);
> }
Right. Avoids duplication and makes it easier to read.
>
> > } else {
> > fprintf (stderr, "Failed to decrypt part: %s\n",
> > (err ? err->message : "no error explanation given"));
> > @@ -182,6 +211,18 @@ _mime_node_create (const mime_node_t *parent, GMimeObject *part)
> > "(must be exactly 2)\n",
> > node->nchildren);
> > } else {
> > +#ifdef GMIME_26
> > + GMimeSignatureList *sig_list = g_mime_multipart_signed_verify
> > + (GMIME_MULTIPART_SIGNED (part), node->ctx->cryptoctx, &err);
> > + node->verify_attempted = TRUE;
> > + node->sig_list = sig_list;
> > + if (sig_list) {
> > + GMimeSignatureList **proxy =
> > + talloc (node, GMimeSignatureList *);
> > + *proxy = sig_list;
> > + talloc_set_destructor (proxy, _signature_list_free);
> > + }
> > +#else
> > /* For some reason the GMimeSignatureValidity returned
> > * here is not a const (inconsistent with that
> > * returned by
> > @@ -200,10 +241,15 @@ _mime_node_create (const mime_node_t *parent, GMimeObject *part)
> > *proxy = sig_validity;
> > talloc_set_destructor (proxy, _signature_validity_free);
> > }
> > +#endif
> > }
> > }
> >
> > +#ifdef GMIME_26
> > + if (node->verify_attempted && !node->sig_list)
>
> Hmm. This is correct for signed parts, but will incorrectly trigger
> for an encrypted part with no signatures. For 2.6, I think this error
> checking may have to move into the branches of the if encrypted/signed
> since for encrypted parts you have to check if
> g_mime_multipart_encrypted_decrypt returned NULL.
That sound right. The weird part is that it did not cause anything to
fail in the test suite...
Anyway, for 2.6 I moved this test into the "if signed" branch since it's
perfectly acceptable to have sig_list == NULL for an encrypted part.
>
> > +#else
> > if (node->verify_attempted && !node->sig_validity)
> > +#endif
> > fprintf (stderr, "Failed to verify signed part: %s\n",
> > (err ? err->message : "no error explanation given"));
> >
> > diff --git a/notmuch-client.h b/notmuch-client.h
> > index 517c010..e85f882 100644
> > --- a/notmuch-client.h
> > +++ b/notmuch-client.h
> > @@ -30,6 +30,12 @@
> >
> > #include <gmime/gmime.h>
> >
> > +/* GMIME_CHECK_VERSION is only available in gmime >= 2.5. But so are
> > + * GMIME_MAJOR_VERSION and friends. */
>
> Hah.
>
> > +#ifdef GMIME_MAJOR_VERSION
> > +#define GMIME_26
> > +#endif
> > +
> > #include "notmuch.h"
> >
> > /* This is separate from notmuch-private.h because we're trying to
> > @@ -69,7 +75,11 @@ typedef struct notmuch_show_format {
> > void (*part_start) (GMimeObject *part,
> > int *part_count);
> > void (*part_encstatus) (int status);
> > +#ifdef GMIME_26
> > + void (*part_sigstatus) (GMimeSignatureList* siglist);
> > +#else
> > void (*part_sigstatus) (const GMimeSignatureValidity* validity);
> > +#endif
> > void (*part_content) (GMimeObject *part);
> > void (*part_end) (GMimeObject *part);
> > const char *part_sep;
> > @@ -83,7 +93,11 @@ typedef struct notmuch_show_params {
> > int entire_thread;
> > int raw;
> > int part;
> > +#ifdef GMIME_26
> > + GMimeCryptoContext* cryptoctx;
> > +#else
> > GMimeCipherContext* cryptoctx;
> > +#endif
> > int decrypt;
> > } notmuch_show_params_t;
> >
> > @@ -286,7 +300,12 @@ typedef struct mime_node {
> > * signature. May be NULL if signature verification failed. If
> > * there are simply no signatures, this will be non-NULL with an
> > * empty signers list. */
> > +#ifdef GMIME_26
> > + /* TODO: update the above comment... */
>
> Since this behaves very differently in 2.6, I think documenting it is
> important (and being very careful about the differences). Maybe
>
> /* The list of signatures for signed or encrypted containers. If
> * there are no signatures, this will be NULL. */
Added, thanks.
>
> > + GMimeSignatureList* sig_list;
> > +#else
> > const GMimeSignatureValidity *sig_validity;
> > +#endif
> >
> > /* Internal: Context inherited from the root iterator. */
> > struct mime_node_context *ctx;
> > @@ -311,8 +330,12 @@ typedef struct mime_node {
> > */
> > notmuch_status_t
> > mime_node_open (const void *ctx, notmuch_message_t *message,
> > - GMimeCipherContext *cryptoctx, notmuch_bool_t decrypt,
> > - mime_node_t **node_out);
> > +#ifdef GMIME_26
> > + GMimeCryptoContext *cryptoctx,
> > +#else
> > + GMimeCipherContext *cryptoctx,
> > +#endif
> > + notmuch_bool_t decrypt, mime_node_t **node_out);
> >
> > /* Return a new MIME node for the requested child part of parent.
> > * parent will be used as the talloc context for the returned child
> > diff --git a/notmuch-reply.c b/notmuch-reply.c
> > index da3acce..dc37c51 100644
> > --- a/notmuch-reply.c
> > +++ b/notmuch-reply.c
> > @@ -688,15 +688,22 @@ notmuch_reply_command (void *ctx, int argc, char *argv[])
> > reply_format_func = notmuch_reply_format_default;
> >
> > if (decrypt) {
> > +#ifdef GMIME_26
> > + /* TODO: GMimePasswordRequestFunc */
> > + params.cryptoctx = g_mime_gpg_context_new (NULL, "gpg");
> > +#else
> > GMimeSession* session = g_object_new (g_mime_session_get_type(), NULL);
> > params.cryptoctx = g_mime_gpg_context_new (session, "gpg");
> > +#endif
> > if (params.cryptoctx) {
> > g_mime_gpg_context_set_always_trust ((GMimeGpgContext*) params.cryptoctx, FALSE);
> > params.decrypt = TRUE;
> > } else {
> > fprintf (stderr, "Failed to construct gpg context.\n");
> > }
> > +#ifndef GMIME_26
> > g_object_unref (session);
> > +#endif
> > }
> >
> > config = notmuch_config_open (ctx, NULL, NULL);
> > diff --git a/notmuch-show.c b/notmuch-show.c
> > index d14dac9..263ab72 100644
> > --- a/notmuch-show.c
> > +++ b/notmuch-show.c
> > @@ -76,7 +76,11 @@ static void
> > format_part_encstatus_json (int status);
> >
> > static void
> > +#ifdef GMIME_26
> > +format_part_sigstatus_json (GMimeSignatureList* siglist);
> > +#else
> > format_part_sigstatus_json (const GMimeSignatureValidity* validity);
> > +#endif
> >
> > static void
> > format_part_content_json (GMimeObject *part);
> > @@ -486,6 +490,21 @@ show_text_part_content (GMimeObject *part, GMimeStream *stream_out)
> > g_object_unref(stream_filter);
> > }
> >
> > +#ifdef GMIME_26
> > +static const char*
> > +signature_status_to_string (GMimeSignatureStatus x)
> > +{
> > + switch (x) {
> > + case GMIME_SIGNATURE_STATUS_GOOD:
> > + return "good";
> > + case GMIME_SIGNATURE_STATUS_BAD:
> > + return "bad";
> > + case GMIME_SIGNATURE_STATUS_ERROR:
> > + return "error";
> > + }
> > + return "unknown";
> > +}
> > +#else
> > static const char*
> > signer_status_to_string (GMimeSignerStatus x)
> > {
> > @@ -501,6 +520,7 @@ signer_status_to_string (GMimeSignerStatus x)
> > }
> > return "unknown";
> > }
> > +#endif
> >
> > static void
> > format_part_start_text (GMimeObject *part, int *part_count)
> > @@ -592,6 +612,75 @@ format_part_encstatus_json (int status)
> > printf ("}]");
> > }
> >
> > +#ifdef GMIME_26
> > +static void
> > +format_part_sigstatus_json (GMimeSignatureList *siglist)
> > +{
> > + printf (", \"sigstatus\": [");
> > +
> > + if (!siglist) {
> > + printf ("]");
> > + return;
> > + }
> > +
> > + void *ctx_quote = talloc_new (NULL);
> > + int i;
> > + for (i = 0; i < g_mime_signature_list_length (siglist); ++i) {
>
> Style nit: notmuch uses i++.
Ack.
>
> > + GMimeSignature *signature = g_mime_signature_list_get_signature (siglist, i);
> > +
> > + if (i > 0)
> > + printf (", ");
> > +
> > + printf ("{");
> > +
> > + /* status */
> > + GMimeSignatureStatus status = g_mime_signature_get_status (signature);
> > + printf ("\"status\": %s",
> > + json_quote_str (ctx_quote,
> > + signature_status_to_string (status)));
> > +
> > + GMimeCertificate *certificate = g_mime_signature_get_certificate (signature);
> > + if (status == GMIME_SIGNATURE_STATUS_GOOD)
> > + {
>
> Style nit: break after brace.
>
> (Presumably this is copied from the existing
> format_part_sigstatus_json, but since it's technically new code
> there's no reason not to fix these up.)
Ack too. (Copied from the original patch, which was probably copied from
the existing code...)
>
> > + if (certificate)
> > + printf (", \"fingerprint\": %s", json_quote_str (ctx_quote, g_mime_certificate_get_fingerprint (certificate)));
> > + /* these dates are seconds since the epoch; should we
> > + * provide a more human-readable format string? */
> > + time_t created = g_mime_signature_get_created (signature);
> > + if (created != -1)
> > + printf (", \"created\": %d", (int) created);
> > + time_t expires = g_mime_signature_get_expires (signature);
> > + if (expires > 0)
> > + printf (", \"expires\": %d", (int) expires);
>
> Is it intentional that the two above checks are different? I would
> think the second should be expires != -1.
It was so in the original patch, which caused one of the tests to fail.
-1 means "unknown", and AFAICT 0 means "never expires". The current
behaviour is to add the "expires" field only if there is an expiration
date, so we need to check if expires > 0.
>
> > + /* output user id only if validity is FULL or ULTIMATE. */
> > + /* note that gmime is using the term "trust" here, which
> > + * is WRONG. It's actually user id "validity". */
> > + if (certificate)
> > + {
>
> Break after brace.
>
> > + const char *name = g_mime_certificate_get_name (certificate);
> > + GMimeCertificateTrust trust = g_mime_certificate_get_trust (certificate);
> > + if (name && (trust == GMIME_CERTIFICATE_TRUST_FULLY || trust == GMIME_CERTIFICATE_TRUST_ULTIMATE))
> > + printf (", \"userid\": %s", json_quote_str (ctx_quote, name));
> > + }
> > + } else if (certificate) {
> > + const char *key_id = g_mime_certificate_get_key_id (certificate);
> > + if (key_id)
> > + printf (", \"keyid\": %s", json_quote_str (ctx_quote, key_id));
> > + }
> > +
> > + GMimeSignatureError errors = g_mime_signature_get_errors (signature);
> > + if (errors != GMIME_SIGNATURE_ERROR_NONE) {
> > + printf (", \"errors\": %x", errors);
>
> This should be %d (I would say 0x%x, but JSON doesn't support hex
> literals). I see this bug came from the original
> format_part_sigstatus_json. Maybe there should be a quick patch
> before this one that fixes the source of the bug?
Right. I'll add a first patch to change this in the original format_part_sigstatus_json.
>
> > + }
> > +
> > + printf ("}");
> > + }
> > +
> > + printf ("]");
> > +
> > + talloc_free (ctx_quote);
> > +}
> > +#else
> > static void
> > format_part_sigstatus_json (const GMimeSignatureValidity* validity)
> > {
> > @@ -652,6 +741,7 @@ format_part_sigstatus_json (const GMimeSignatureValidity* validity)
> >
> > talloc_free (ctx_quote);
> > }
> > +#endif
> >
> > static void
> > format_part_content_json (GMimeObject *part)
> > @@ -990,13 +1080,20 @@ notmuch_show_command (void *ctx, unused (int argc), unused (char *argv[]))
> > } else if ((STRNCMP_LITERAL (argv[i], "--verify") == 0) ||
> > (STRNCMP_LITERAL (argv[i], "--decrypt") == 0)) {
> > if (params.cryptoctx == NULL) {
> > +#ifdef GMIME_26
> > + /* TODO: GMimePasswordRequestFunc */
> > + if (NULL == (params.cryptoctx = g_mime_gpg_context_new(NULL, "gpg")))
> > +#else
> > GMimeSession* session = g_object_new(g_mime_session_get_type(), NULL);
> > if (NULL == (params.cryptoctx = g_mime_gpg_context_new(session, "gpg")))
> > +#endif
> > fprintf (stderr, "Failed to construct gpg context.\n");
> > else
> > g_mime_gpg_context_set_always_trust((GMimeGpgContext*)params.cryptoctx, FALSE);
> > +#ifndef GMIME_26
> > g_object_unref (session);
> > session = NULL;
> > +#endif
> > }
> > if (STRNCMP_LITERAL (argv[i], "--decrypt") == 0)
> > params.decrypt = 1;
> > diff --git a/show-message.c b/show-message.c
> > index 8768889..65269fd 100644
> > --- a/show-message.c
> > +++ b/show-message.c
> > @@ -48,7 +48,11 @@ show_message_part (mime_node_t *node,
> > format->part_encstatus (node->decrypt_success);
> >
> > if (node->verify_attempted && format->part_sigstatus)
> > +#ifdef GMIME_26
> > + format->part_sigstatus (node->sig_list);
> > +#else
> > format->part_sigstatus (node->sig_validity);
> > +#endif
> >
> > format->part_content (part);
> >
--
Thomas/Schnouki
[-- Attachment #2: Type: application/pgp-signature, Size: 489 bytes --]
^ permalink raw reply [flat|nested] 42+ messages in thread
* [PATCH v2 1/2] show: don't use hex literals in JSON output
2012-01-17 10:48 ` Thomas Jost
@ 2012-01-17 10:50 ` Thomas Jost
2012-01-17 10:50 ` [PATCH v2 2/2] Add pseudo-compatibility with gmime 2.6 Thomas Jost
2012-01-17 20:38 ` [PATCH] " Austin Clements
1 sibling, 1 reply; 42+ messages in thread
From: Thomas Jost @ 2012-01-17 10:50 UTC (permalink / raw)
To: notmuch
JSON does not support hex literals (0x..) so numbers must be formatted as %d
instead of %x.
---
notmuch-show.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/notmuch-show.c b/notmuch-show.c
index d14dac9..91f566c 100644
--- a/notmuch-show.c
+++ b/notmuch-show.c
@@ -641,7 +641,7 @@ format_part_sigstatus_json (const GMimeSignatureValidity* validity)
printf (", \"keyid\": %s", json_quote_str (ctx_quote, signer->keyid));
}
if (signer->errors != GMIME_SIGNER_ERROR_NONE) {
- printf (", \"errors\": %x", signer->errors);
+ printf (", \"errors\": %d", signer->errors);
}
printf ("}");
--
1.7.8.3
^ permalink raw reply related [flat|nested] 42+ messages in thread
* [PATCH v2 2/2] Add pseudo-compatibility with gmime 2.6
2012-01-17 10:50 ` [PATCH v2 1/2] show: don't use hex literals in JSON output Thomas Jost
@ 2012-01-17 10:50 ` Thomas Jost
2012-01-17 12:48 ` Tomi Ollila
` (2 more replies)
0 siblings, 3 replies; 42+ messages in thread
From: Thomas Jost @ 2012-01-17 10:50 UTC (permalink / raw)
To: notmuch
There are lots of API changes in gmime 2.6 crypto handling. By adding
preprocessor directives, it is however possible to add gmime 2.6 compatibility
while preserving compatibility with gmime 2.4 too.
This is mostly based on id:"8762i8hrb9.fsf@bookbinder.fernseed.info".
This was tested against both gmime 2.6.4 and 2.4.31. With gmime 2.4.31, the
crypto tests all work fine (as expected). With gmime 2.6.4, one crypto test
fails (signature verification with signer key unavailable) but this will be hard
to fix since the new API does not report the reason why a signature verification
fails (other than the human-readable error message).
---
mime-node.c | 56 ++++++++++++++++++++++++++++++--
notmuch-client.h | 28 +++++++++++++++-
notmuch-reply.c | 7 ++++
notmuch-show.c | 95 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
show-message.c | 4 ++
5 files changed, 185 insertions(+), 5 deletions(-)
diff --git a/mime-node.c b/mime-node.c
index d26bb44..e575e1c 100644
--- a/mime-node.c
+++ b/mime-node.c
@@ -33,7 +33,11 @@ typedef struct mime_node_context {
GMimeMessage *mime_message;
/* Context provided by the caller. */
+#ifdef GMIME_26
+ GMimeCryptoContext *cryptoctx;
+#else
GMimeCipherContext *cryptoctx;
+#endif
notmuch_bool_t decrypt;
} mime_node_context_t;
@@ -57,8 +61,12 @@ _mime_node_context_free (mime_node_context_t *res)
notmuch_status_t
mime_node_open (const void *ctx, notmuch_message_t *message,
- GMimeCipherContext *cryptoctx, notmuch_bool_t decrypt,
- mime_node_t **root_out)
+#ifdef GMIME_26
+ GMimeCryptoContext *cryptoctx,
+#else
+ GMimeCipherContext *cryptoctx,
+#endif
+ notmuch_bool_t decrypt, mime_node_t **root_out)
{
const char *filename = notmuch_message_get_filename (message);
mime_node_context_t *mctx;
@@ -112,12 +120,21 @@ DONE:
return status;
}
+#ifdef GMIME_26
+static int
+_signature_list_free (GMimeSignatureList **proxy)
+{
+ g_object_unref (*proxy);
+ return 0;
+}
+#else
static int
_signature_validity_free (GMimeSignatureValidity **proxy)
{
g_mime_signature_validity_free (*proxy);
return 0;
}
+#endif
static mime_node_t *
_mime_node_create (const mime_node_t *parent, GMimeObject *part)
@@ -165,11 +182,22 @@ _mime_node_create (const mime_node_t *parent, GMimeObject *part)
GMimeMultipartEncrypted *encrypteddata =
GMIME_MULTIPART_ENCRYPTED (part);
node->decrypt_attempted = TRUE;
+#ifdef GMIME_26
+ GMimeDecryptResult *decrypt_result = NULL;
+ node->decrypted_child = g_mime_multipart_encrypted_decrypt
+ (encrypteddata, node->ctx->cryptoctx, &decrypt_result, &err);
+#else
node->decrypted_child = g_mime_multipart_encrypted_decrypt
(encrypteddata, node->ctx->cryptoctx, &err);
+#endif
if (node->decrypted_child) {
- node->decrypt_success = node->verify_attempted = TRUE;
+ node->decrypt_success = node->verify_attempted =TRUE;
+#ifdef GMIME_26
+ /* This may be NULL if the part is not signed. */
+ node->sig_list = g_mime_decrypt_result_get_signatures (decrypt_result);
+#else
node->sig_validity = g_mime_multipart_encrypted_get_signature_validity (encrypteddata);
+#endif
} else {
fprintf (stderr, "Failed to decrypt part: %s\n",
(err ? err->message : "no error explanation given"));
@@ -182,6 +210,16 @@ _mime_node_create (const mime_node_t *parent, GMimeObject *part)
"(must be exactly 2)\n",
node->nchildren);
} else {
+#ifdef GMIME_26
+ GMimeSignatureList *sig_list = g_mime_multipart_signed_verify
+ (GMIME_MULTIPART_SIGNED (part), node->ctx->cryptoctx, &err);
+ node->verify_attempted = TRUE;
+ node->sig_list = sig_list;
+
+ if (!sig_list)
+ fprintf (stderr, "Failed to verify signed part: %s\n",
+ (err ? err->message : "no error explanation given"));
+#else
/* For some reason the GMimeSignatureValidity returned
* here is not a const (inconsistent with that
* returned by
@@ -200,12 +238,24 @@ _mime_node_create (const mime_node_t *parent, GMimeObject *part)
*proxy = sig_validity;
talloc_set_destructor (proxy, _signature_validity_free);
}
+#endif
}
}
+#ifdef GMIME_26
+ /* sig_list may be created in both above cases, so we need to
+ * cleanly handle it here. */
+ if (node->sig_list) {
+ GMimeSignatureList **proxy =
+ talloc (node, GMimeSignatureList *);
+ *proxy = node->sig_list;
+ talloc_set_destructor (proxy, _signature_list_free);
+ }
+#else
if (node->verify_attempted && !node->sig_validity)
fprintf (stderr, "Failed to verify signed part: %s\n",
(err ? err->message : "no error explanation given"));
+#endif
if (err)
g_error_free (err);
diff --git a/notmuch-client.h b/notmuch-client.h
index 62ede28..9167042 100644
--- a/notmuch-client.h
+++ b/notmuch-client.h
@@ -30,6 +30,12 @@
#include <gmime/gmime.h>
+/* GMIME_CHECK_VERSION is only available in gmime >= 2.5. But so are
+ * GMIME_MAJOR_VERSION and friends. */
+#ifdef GMIME_MAJOR_VERSION
+#define GMIME_26
+#endif
+
#include "notmuch.h"
/* This is separate from notmuch-private.h because we're trying to
@@ -69,7 +75,11 @@ typedef struct notmuch_show_format {
void (*part_start) (GMimeObject *part,
int *part_count);
void (*part_encstatus) (int status);
+#ifdef GMIME_26
+ void (*part_sigstatus) (GMimeSignatureList* siglist);
+#else
void (*part_sigstatus) (const GMimeSignatureValidity* validity);
+#endif
void (*part_content) (GMimeObject *part);
void (*part_end) (GMimeObject *part);
const char *part_sep;
@@ -83,7 +93,11 @@ typedef struct notmuch_show_params {
int entire_thread;
int raw;
int part;
+#ifdef GMIME_26
+ GMimeCryptoContext* cryptoctx;
+#else
GMimeCipherContext* cryptoctx;
+#endif
int decrypt;
} notmuch_show_params_t;
@@ -290,11 +304,17 @@ typedef struct mime_node {
/* True if signature verification on this part was attempted. */
notmuch_bool_t verify_attempted;
+#ifdef GMIME_26
+ /* The list of signatures for signed or encrypted containers. If
+ * there are no signatures, this will be NULL. */
+ GMimeSignatureList* sig_list;
+#else
/* For signed or encrypted containers, the validity of the
* signature. May be NULL if signature verification failed. If
* there are simply no signatures, this will be non-NULL with an
* empty signers list. */
const GMimeSignatureValidity *sig_validity;
+#endif
/* Internal: Context inherited from the root iterator. */
struct mime_node_context *ctx;
@@ -319,8 +339,12 @@ typedef struct mime_node {
*/
notmuch_status_t
mime_node_open (const void *ctx, notmuch_message_t *message,
- GMimeCipherContext *cryptoctx, notmuch_bool_t decrypt,
- mime_node_t **node_out);
+#ifdef GMIME_26
+ GMimeCryptoContext *cryptoctx,
+#else
+ GMimeCipherContext *cryptoctx,
+#endif
+ notmuch_bool_t decrypt, mime_node_t **node_out);
/* Return a new MIME node for the requested child part of parent.
* parent will be used as the talloc context for the returned child
diff --git a/notmuch-reply.c b/notmuch-reply.c
index 0f682db..b3d7127 100644
--- a/notmuch-reply.c
+++ b/notmuch-reply.c
@@ -688,15 +688,22 @@ notmuch_reply_command (void *ctx, int argc, char *argv[])
reply_format_func = notmuch_reply_format_default;
if (decrypt) {
+#ifdef GMIME_26
+ /* TODO: GMimePasswordRequestFunc */
+ params.cryptoctx = g_mime_gpg_context_new (NULL, "gpg");
+#else
GMimeSession* session = g_object_new (g_mime_session_get_type(), NULL);
params.cryptoctx = g_mime_gpg_context_new (session, "gpg");
+#endif
if (params.cryptoctx) {
g_mime_gpg_context_set_always_trust ((GMimeGpgContext*) params.cryptoctx, FALSE);
params.decrypt = TRUE;
} else {
fprintf (stderr, "Failed to construct gpg context.\n");
}
+#ifndef GMIME_26
g_object_unref (session);
+#endif
}
config = notmuch_config_open (ctx, NULL, NULL);
diff --git a/notmuch-show.c b/notmuch-show.c
index 91f566c..10223e0 100644
--- a/notmuch-show.c
+++ b/notmuch-show.c
@@ -76,7 +76,11 @@ static void
format_part_encstatus_json (int status);
static void
+#ifdef GMIME_26
+format_part_sigstatus_json (GMimeSignatureList* siglist);
+#else
format_part_sigstatus_json (const GMimeSignatureValidity* validity);
+#endif
static void
format_part_content_json (GMimeObject *part);
@@ -486,6 +490,21 @@ show_text_part_content (GMimeObject *part, GMimeStream *stream_out)
g_object_unref(stream_filter);
}
+#ifdef GMIME_26
+static const char*
+signature_status_to_string (GMimeSignatureStatus x)
+{
+ switch (x) {
+ case GMIME_SIGNATURE_STATUS_GOOD:
+ return "good";
+ case GMIME_SIGNATURE_STATUS_BAD:
+ return "bad";
+ case GMIME_SIGNATURE_STATUS_ERROR:
+ return "error";
+ }
+ return "unknown";
+}
+#else
static const char*
signer_status_to_string (GMimeSignerStatus x)
{
@@ -501,6 +520,7 @@ signer_status_to_string (GMimeSignerStatus x)
}
return "unknown";
}
+#endif
static void
format_part_start_text (GMimeObject *part, int *part_count)
@@ -592,6 +612,73 @@ format_part_encstatus_json (int status)
printf ("}]");
}
+#ifdef GMIME_26
+static void
+format_part_sigstatus_json (GMimeSignatureList *siglist)
+{
+ printf (", \"sigstatus\": [");
+
+ if (!siglist) {
+ printf ("]");
+ return;
+ }
+
+ void *ctx_quote = talloc_new (NULL);
+ int i;
+ for (i = 0; i < g_mime_signature_list_length (siglist); i++) {
+ GMimeSignature *signature = g_mime_signature_list_get_signature (siglist, i);
+
+ if (i > 0)
+ printf (", ");
+
+ printf ("{");
+
+ /* status */
+ GMimeSignatureStatus status = g_mime_signature_get_status (signature);
+ printf ("\"status\": %s",
+ json_quote_str (ctx_quote,
+ signature_status_to_string (status)));
+
+ GMimeCertificate *certificate = g_mime_signature_get_certificate (signature);
+ if (status == GMIME_SIGNATURE_STATUS_GOOD) {
+ if (certificate)
+ printf (", \"fingerprint\": %s", json_quote_str (ctx_quote, g_mime_certificate_get_fingerprint (certificate)));
+ /* these dates are seconds since the epoch; should we
+ * provide a more human-readable format string? */
+ time_t created = g_mime_signature_get_created (signature);
+ if (created != -1)
+ printf (", \"created\": %d", (int) created);
+ time_t expires = g_mime_signature_get_expires (signature);
+ if (expires > 0)
+ printf (", \"expires\": %d", (int) expires);
+ /* output user id only if validity is FULL or ULTIMATE. */
+ /* note that gmime is using the term "trust" here, which
+ * is WRONG. It's actually user id "validity". */
+ if (certificate) {
+ const char *name = g_mime_certificate_get_name (certificate);
+ GMimeCertificateTrust trust = g_mime_certificate_get_trust (certificate);
+ if (name && (trust == GMIME_CERTIFICATE_TRUST_FULLY || trust == GMIME_CERTIFICATE_TRUST_ULTIMATE))
+ printf (", \"userid\": %s", json_quote_str (ctx_quote, name));
+ }
+ } else if (certificate) {
+ const char *key_id = g_mime_certificate_get_key_id (certificate);
+ if (key_id)
+ printf (", \"keyid\": %s", json_quote_str (ctx_quote, key_id));
+ }
+
+ GMimeSignatureError errors = g_mime_signature_get_errors (signature);
+ if (errors != GMIME_SIGNATURE_ERROR_NONE) {
+ printf (", \"errors\": %d", errors);
+ }
+
+ printf ("}");
+ }
+
+ printf ("]");
+
+ talloc_free (ctx_quote);
+}
+#else
static void
format_part_sigstatus_json (const GMimeSignatureValidity* validity)
{
@@ -652,6 +739,7 @@ format_part_sigstatus_json (const GMimeSignatureValidity* validity)
talloc_free (ctx_quote);
}
+#endif
static void
format_part_content_json (GMimeObject *part)
@@ -990,13 +1078,20 @@ notmuch_show_command (void *ctx, unused (int argc), unused (char *argv[]))
} else if ((STRNCMP_LITERAL (argv[i], "--verify") == 0) ||
(STRNCMP_LITERAL (argv[i], "--decrypt") == 0)) {
if (params.cryptoctx == NULL) {
+#ifdef GMIME_26
+ /* TODO: GMimePasswordRequestFunc */
+ if (NULL == (params.cryptoctx = g_mime_gpg_context_new(NULL, "gpg")))
+#else
GMimeSession* session = g_object_new(g_mime_session_get_type(), NULL);
if (NULL == (params.cryptoctx = g_mime_gpg_context_new(session, "gpg")))
+#endif
fprintf (stderr, "Failed to construct gpg context.\n");
else
g_mime_gpg_context_set_always_trust((GMimeGpgContext*)params.cryptoctx, FALSE);
+#ifndef GMIME_26
g_object_unref (session);
session = NULL;
+#endif
}
if (STRNCMP_LITERAL (argv[i], "--decrypt") == 0)
params.decrypt = 1;
diff --git a/show-message.c b/show-message.c
index 8768889..65269fd 100644
--- a/show-message.c
+++ b/show-message.c
@@ -48,7 +48,11 @@ show_message_part (mime_node_t *node,
format->part_encstatus (node->decrypt_success);
if (node->verify_attempted && format->part_sigstatus)
+#ifdef GMIME_26
+ format->part_sigstatus (node->sig_list);
+#else
format->part_sigstatus (node->sig_validity);
+#endif
format->part_content (part);
--
1.7.8.3
^ permalink raw reply related [flat|nested] 42+ messages in thread
* Re: [PATCH v2 2/2] Add pseudo-compatibility with gmime 2.6
2012-01-17 10:50 ` [PATCH v2 2/2] Add pseudo-compatibility with gmime 2.6 Thomas Jost
@ 2012-01-17 12:48 ` Tomi Ollila
2012-01-17 13:23 ` Thomas Jost
2012-01-17 22:25 ` Austin Clements
2012-01-18 17:19 ` [PATCH v2 2/2] Add pseudo-compatibility with gmime 2.6 Tom Prince
2 siblings, 1 reply; 42+ messages in thread
From: Tomi Ollila @ 2012-01-17 12:48 UTC (permalink / raw)
To: Thomas Jost, notmuch
On Tue, 17 Jan 2012 11:50:53 +0100, Thomas Jost <schnouki@schnouki.net> wrote:
> There are lots of API changes in gmime 2.6 crypto handling. By adding
> preprocessor directives, it is however possible to add gmime 2.6 compatibility
> while preserving compatibility with gmime 2.4 too.
>
> This is mostly based on id:"8762i8hrb9.fsf@bookbinder.fernseed.info".
>
> This was tested against both gmime 2.6.4 and 2.4.31. With gmime 2.4.31, the
> crypto tests all work fine (as expected). With gmime 2.6.4, one crypto test
> fails (signature verification with signer key unavailable) but this will be hard
> to fix since the new API does not report the reason why a signature verification
> fails (other than the human-readable error message).
> ---
LGTM. Some whitespace things but most of those were there already;
I'd have one uncrustify round to be applied to the source and after
that be more strict about those...
actually gmime 2.4 has GMIME_CHECK_VERSION defined as
g_mime_check_version (major, minor, micro) so the comment about it
is not entirely accurate (it is unusable in our context, though)
Tomi
^ permalink raw reply [flat|nested] 42+ messages in thread
* Re: [PATCH v2 2/2] Add pseudo-compatibility with gmime 2.6
2012-01-17 12:48 ` Tomi Ollila
@ 2012-01-17 13:23 ` Thomas Jost
0 siblings, 0 replies; 42+ messages in thread
From: Thomas Jost @ 2012-01-17 13:23 UTC (permalink / raw)
To: Tomi Ollila, notmuch
[-- Attachment #1: Type: text/plain, Size: 2152 bytes --]
On Tue, 17 Jan 2012 14:48:34 +0200, Tomi Ollila <tomi.ollila@iki.fi> wrote:
> On Tue, 17 Jan 2012 11:50:53 +0100, Thomas Jost <schnouki@schnouki.net> wrote:
> > There are lots of API changes in gmime 2.6 crypto handling. By adding
> > preprocessor directives, it is however possible to add gmime 2.6 compatibility
> > while preserving compatibility with gmime 2.4 too.
> >
> > This is mostly based on id:"8762i8hrb9.fsf@bookbinder.fernseed.info".
> >
> > This was tested against both gmime 2.6.4 and 2.4.31. With gmime 2.4.31, the
> > crypto tests all work fine (as expected). With gmime 2.6.4, one crypto test
> > fails (signature verification with signer key unavailable) but this will be hard
> > to fix since the new API does not report the reason why a signature verification
> > fails (other than the human-readable error message).
> > ---
>
> LGTM. Some whitespace things but most of those were there already;
> I'd have one uncrustify round to be applied to the source and after
> that be more strict about those...
Thanks! I'll fix the whitespace issues in these patches when the source
in Git is uncrustified then.
> actually gmime 2.4 has GMIME_CHECK_VERSION defined as
> g_mime_check_version (major, minor, micro) so the comment about it
> is not entirely accurate (it is unusable in our context, though)
Oops, yes. What I really meant is that GMIME_MAJOR_VERSION is not
available as a preprocessor constant in 2.4, and GMIME_CHECK_VERSION is
unusable in our context since it just calls a runtime function.
By the way, how do you guys feel about setting GMIME_26 in
notmuch-client.h? Is that good enough, or should it be done in configure
so that gcc is called with "-DGMIME_26"?
I filed a bug about gmime 2.6 incorrect handling of signatures with
missing public keys: https://bugzilla.gnome.org/show_bug.cgi?id=668085.
A patch is attached there, feel free to test and comment.
(Arch Linux users: I made a little PKGBUILD that includes this patch if
you want to build your own gmime 2.6.4:
http://fichiers.schnouki.net/tmp/gmime-2.6.4-1.src.tar.gz)
Best regards,
--
Thomas/Schnouki
[-- Attachment #2: Type: application/pgp-signature, Size: 489 bytes --]
^ permalink raw reply [flat|nested] 42+ messages in thread
* Re: [PATCH] Add pseudo-compatibility with gmime 2.6
2012-01-17 10:48 ` Thomas Jost
2012-01-17 10:50 ` [PATCH v2 1/2] show: don't use hex literals in JSON output Thomas Jost
@ 2012-01-17 20:38 ` Austin Clements
2012-01-19 23:52 ` Thomas Jost
1 sibling, 1 reply; 42+ messages in thread
From: Austin Clements @ 2012-01-17 20:38 UTC (permalink / raw)
To: Thomas Jost; +Cc: notmuch
Quoth Thomas Jost on Jan 17 at 11:48 am:
> On Mon, 16 Jan 2012 22:47:14 -0500, Austin Clements <amdragon@MIT.EDU> wrote:
> > Quoth Thomas Jost on Jan 17 at 12:56 am:
> > > This is mostly based on id:"8762i8hrb9.fsf@bookbinder.fernseed.info".
> > >
> > > This was tested against both gmime 2.6.4 and 2.4.31. With gmime 2.4.31, the
> > > crypto tests all work fine (as expected). With gmime 2.6.4, one crypto test
> > > fails (signature verification with signer key unavailable) but this will be hard
> > > to fix since the new API does not report the reason why a signature verification
> > > fails (other than the human-readable error message).
> >
> > What is the result of this failing test?
>
> The test looks like that:
>
> FAIL signature verification with signer key unavailable
> --- crypto.4.expected 2012-01-16 23:05:06.765651183 +0000
> +++ crypto.4.output 2012-01-16 23:05:06.765651183 +0000
> @@ -12,9 +12,7 @@
> "Bcc": "",
> "Date": "01 Jan 2000 12:00:00 -0000"},
> "body": [{"id": 1,
> - "sigstatus": [{"status": "error",
> - "keyid": "6D92612D94E46381",
> - "errors": 2}],
> + "sigstatus": [],
> "content-type": "multipart/signed",
> "content": [{"id": 2,
> "content-type": "text/plain",
> Failed to verify signed part: gpg: keyblock resource `/home/schnouki/dev/notmuch/test/tmp.crypto/gnupg/pubring.gpg': file open error
> gpg: armor header: Version: GnuPG v1.4.11 (GNU/Linux)
> gpg: Signature made Mon Jan 16 23:05:06 2012 UTC using RSA key ID 94E46381
> gpg: Can't check signature: public key not found
>
> So basically if a signer public key is missing, we can't get the status
> signature: empty "sigstatus" field in the JSON output, "Unknown
> signature status" in Emacs.
>
> IMHO this is a bug in gmime 2.6, and I think I know what causes it. I'll
> file a bug in gmime and hopefully they'll find a cleaner way to fix it
> than the one I came up with :)
Oh, okay. That does seem like a bug in GMime. Do you think it would
be possible to mark this test as "broken" if notmuch is using GMime
2.6? Off the top of my head, I can't think of an easy way to plumb
that information through to the test suite. I don't think we should
push any patches that knowingly break a test, even if it's in just one
configuration.
> >
> > > ---
> > > mime-node.c | 50 ++++++++++++++++++++++++++-
> > > notmuch-client.h | 27 ++++++++++++++-
> > > notmuch-reply.c | 7 ++++
> > > notmuch-show.c | 97 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
> > > show-message.c | 4 ++
> > > 5 files changed, 181 insertions(+), 4 deletions(-)
> > >
> > > diff --git a/mime-node.c b/mime-node.c
> > > index d26bb44..ae2473d 100644
> > > --- a/mime-node.c
> > > +++ b/mime-node.c
> > > @@ -33,7 +33,11 @@ typedef struct mime_node_context {
> > > GMimeMessage *mime_message;
> > >
> > > /* Context provided by the caller. */
> > > +#ifdef GMIME_26
> > > + GMimeCryptoContext *cryptoctx;
> > > +#else
> > > GMimeCipherContext *cryptoctx;
> > > +#endif
> > > notmuch_bool_t decrypt;
> > > } mime_node_context_t;
> > >
> > > @@ -57,8 +61,12 @@ _mime_node_context_free (mime_node_context_t *res)
> > >
> > > notmuch_status_t
> > > mime_node_open (const void *ctx, notmuch_message_t *message,
> > > - GMimeCipherContext *cryptoctx, notmuch_bool_t decrypt,
> > > - mime_node_t **root_out)
> > > +#ifdef GMIME_26
> > > + GMimeCryptoContext *cryptoctx,
> > > +#else
> > > + GMimeCipherContext *cryptoctx,
> > > +#endif
> > > + notmuch_bool_t decrypt, mime_node_t **root_out)
> > > {
> > > const char *filename = notmuch_message_get_filename (message);
> > > mime_node_context_t *mctx;
> > > @@ -112,12 +120,21 @@ DONE:
> > > return status;
> > > }
> > >
> > > +#ifdef GMIME_26
> > > +static int
> > > +_signature_list_free (GMimeSignatureList **proxy)
> > > +{
> > > + g_object_unref (*proxy);
> > > + return 0;
> > > +}
> > > +#else
> > > static int
> > > _signature_validity_free (GMimeSignatureValidity **proxy)
> > > {
> > > g_mime_signature_validity_free (*proxy);
> > > return 0;
> > > }
> > > +#endif
> > >
> > > static mime_node_t *
> > > _mime_node_create (const mime_node_t *parent, GMimeObject *part)
> > > @@ -165,11 +182,23 @@ _mime_node_create (const mime_node_t *parent, GMimeObject *part)
> > > GMimeMultipartEncrypted *encrypteddata =
> > > GMIME_MULTIPART_ENCRYPTED (part);
> > > node->decrypt_attempted = TRUE;
> > > +#ifdef GMIME_26
> > > + GMimeDecryptResult *decrypt_result = g_mime_decrypt_result_new ();
> >
> > I think g_mime_multipart_encrypted_decrypt allocates the
> > GMimeDecryptResult for you, so this will just leak memory.
>
> You're right, fixed. Will it be freed along with node->decrypted_child,
> or do we need to handle this ourself?
That would be nice to know. My guess would be that we have to free it
ourselves (or dereference it, at any rate), but the documentation
doesn't say.
> > > } else {
> > > fprintf (stderr, "Failed to decrypt part: %s\n",
> > > (err ? err->message : "no error explanation given"));
> > > @@ -182,6 +211,18 @@ _mime_node_create (const mime_node_t *parent, GMimeObject *part)
> > > "(must be exactly 2)\n",
> > > node->nchildren);
> > > } else {
> > > +#ifdef GMIME_26
> > > + GMimeSignatureList *sig_list = g_mime_multipart_signed_verify
> > > + (GMIME_MULTIPART_SIGNED (part), node->ctx->cryptoctx, &err);
> > > + node->verify_attempted = TRUE;
> > > + node->sig_list = sig_list;
> > > + if (sig_list) {
> > > + GMimeSignatureList **proxy =
> > > + talloc (node, GMimeSignatureList *);
> > > + *proxy = sig_list;
> > > + talloc_set_destructor (proxy, _signature_list_free);
> > > + }
> > > +#else
> > > /* For some reason the GMimeSignatureValidity returned
> > > * here is not a const (inconsistent with that
> > > * returned by
> > > @@ -200,10 +241,15 @@ _mime_node_create (const mime_node_t *parent, GMimeObject *part)
> > > *proxy = sig_validity;
> > > talloc_set_destructor (proxy, _signature_validity_free);
> > > }
> > > +#endif
> > > }
> > > }
> > >
> > > +#ifdef GMIME_26
> > > + if (node->verify_attempted && !node->sig_list)
> >
> > Hmm. This is correct for signed parts, but will incorrectly trigger
> > for an encrypted part with no signatures. For 2.6, I think this error
> > checking may have to move into the branches of the if encrypted/signed
> > since for encrypted parts you have to check if
> > g_mime_multipart_encrypted_decrypt returned NULL.
>
> That sound right. The weird part is that it did not cause anything to
> fail in the test suite...
It would be worth adding a test with an encrypted but unsigned part.
I don't know enough GPG myself to do that.
^ permalink raw reply [flat|nested] 42+ messages in thread
* Re: [PATCH v2 2/2] Add pseudo-compatibility with gmime 2.6
2012-01-17 10:50 ` [PATCH v2 2/2] Add pseudo-compatibility with gmime 2.6 Thomas Jost
2012-01-17 12:48 ` Tomi Ollila
@ 2012-01-17 22:25 ` Austin Clements
2012-01-18 8:15 ` Tomi Ollila
2012-01-19 23:32 ` Thomas Jost
2012-01-18 17:19 ` [PATCH v2 2/2] Add pseudo-compatibility with gmime 2.6 Tom Prince
2 siblings, 2 replies; 42+ messages in thread
From: Austin Clements @ 2012-01-17 22:25 UTC (permalink / raw)
To: Thomas Jost; +Cc: notmuch
Quoth Thomas Jost on Jan 17 at 11:50 am:
> There are lots of API changes in gmime 2.6 crypto handling. By adding
> preprocessor directives, it is however possible to add gmime 2.6 compatibility
> while preserving compatibility with gmime 2.4 too.
>
> This is mostly based on id:"8762i8hrb9.fsf@bookbinder.fernseed.info".
>
> This was tested against both gmime 2.6.4 and 2.4.31. With gmime 2.4.31, the
> crypto tests all work fine (as expected). With gmime 2.6.4, one crypto test
> fails (signature verification with signer key unavailable) but this will be hard
> to fix since the new API does not report the reason why a signature verification
> fails (other than the human-readable error message).
> ---
> mime-node.c | 56 ++++++++++++++++++++++++++++++--
> notmuch-client.h | 28 +++++++++++++++-
> notmuch-reply.c | 7 ++++
> notmuch-show.c | 95 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
> show-message.c | 4 ++
> 5 files changed, 185 insertions(+), 5 deletions(-)
>
> diff --git a/mime-node.c b/mime-node.c
> index d26bb44..e575e1c 100644
> --- a/mime-node.c
> +++ b/mime-node.c
> @@ -33,7 +33,11 @@ typedef struct mime_node_context {
> GMimeMessage *mime_message;
>
> /* Context provided by the caller. */
> +#ifdef GMIME_26
> + GMimeCryptoContext *cryptoctx;
> +#else
> GMimeCipherContext *cryptoctx;
> +#endif
> notmuch_bool_t decrypt;
> } mime_node_context_t;
>
> @@ -57,8 +61,12 @@ _mime_node_context_free (mime_node_context_t *res)
>
> notmuch_status_t
> mime_node_open (const void *ctx, notmuch_message_t *message,
> - GMimeCipherContext *cryptoctx, notmuch_bool_t decrypt,
> - mime_node_t **root_out)
> +#ifdef GMIME_26
> + GMimeCryptoContext *cryptoctx,
> +#else
> + GMimeCipherContext *cryptoctx,
> +#endif
> + notmuch_bool_t decrypt, mime_node_t **root_out)
> {
> const char *filename = notmuch_message_get_filename (message);
> mime_node_context_t *mctx;
> @@ -112,12 +120,21 @@ DONE:
> return status;
> }
>
> +#ifdef GMIME_26
> +static int
> +_signature_list_free (GMimeSignatureList **proxy)
> +{
> + g_object_unref (*proxy);
> + return 0;
> +}
> +#else
> static int
> _signature_validity_free (GMimeSignatureValidity **proxy)
> {
> g_mime_signature_validity_free (*proxy);
> return 0;
> }
> +#endif
>
> static mime_node_t *
> _mime_node_create (const mime_node_t *parent, GMimeObject *part)
> @@ -165,11 +182,22 @@ _mime_node_create (const mime_node_t *parent, GMimeObject *part)
> GMimeMultipartEncrypted *encrypteddata =
> GMIME_MULTIPART_ENCRYPTED (part);
> node->decrypt_attempted = TRUE;
> +#ifdef GMIME_26
> + GMimeDecryptResult *decrypt_result = NULL;
Reading through the GMime code, it looks like we do have to unref
decrypt_result. I think this is easy, though. Right after you call
g_mime_decrypt_result_get_signatures below, do:
g_object_ref (node->sig_list);
g_object_unref (decrypt_result);
> + node->decrypted_child = g_mime_multipart_encrypted_decrypt
> + (encrypteddata, node->ctx->cryptoctx, &decrypt_result, &err);
> +#else
> node->decrypted_child = g_mime_multipart_encrypted_decrypt
> (encrypteddata, node->ctx->cryptoctx, &err);
> +#endif
> if (node->decrypted_child) {
> - node->decrypt_success = node->verify_attempted = TRUE;
> + node->decrypt_success = node->verify_attempted =TRUE;
Whitespace. (There should be no diff on the above line)
> +#ifdef GMIME_26
> + /* This may be NULL if the part is not signed. */
> + node->sig_list = g_mime_decrypt_result_get_signatures (decrypt_result);
> +#else
> node->sig_validity = g_mime_multipart_encrypted_get_signature_validity (encrypteddata);
> +#endif
> } else {
> fprintf (stderr, "Failed to decrypt part: %s\n",
> (err ? err->message : "no error explanation given"));
> @@ -182,6 +210,16 @@ _mime_node_create (const mime_node_t *parent, GMimeObject *part)
> "(must be exactly 2)\n",
> node->nchildren);
> } else {
> +#ifdef GMIME_26
> + GMimeSignatureList *sig_list = g_mime_multipart_signed_verify
> + (GMIME_MULTIPART_SIGNED (part), node->ctx->cryptoctx, &err);
> + node->verify_attempted = TRUE;
> + node->sig_list = sig_list;
Just a nit. This could be
node->sig_list = g_mime_multipart_signed_verify ( ... )
To me, the local variable just makes this code more verbose without
adding anything. Up to you.
> +
> + if (!sig_list)
> + fprintf (stderr, "Failed to verify signed part: %s\n",
> + (err ? err->message : "no error explanation given"));
> +#else
> /* For some reason the GMimeSignatureValidity returned
> * here is not a const (inconsistent with that
> * returned by
> @@ -200,12 +238,24 @@ _mime_node_create (const mime_node_t *parent, GMimeObject *part)
> *proxy = sig_validity;
> talloc_set_destructor (proxy, _signature_validity_free);
> }
> +#endif
> }
> }
>
> +#ifdef GMIME_26
> + /* sig_list may be created in both above cases, so we need to
> + * cleanly handle it here. */
> + if (node->sig_list) {
> + GMimeSignatureList **proxy =
> + talloc (node, GMimeSignatureList *);
This doesn't need to be split into two lines.
> + *proxy = node->sig_list;
> + talloc_set_destructor (proxy, _signature_list_free);
> + }
> +#else
> if (node->verify_attempted && !node->sig_validity)
> fprintf (stderr, "Failed to verify signed part: %s\n",
> (err ? err->message : "no error explanation given"));
> +#endif
I'd rather see the above as a separate #ifdef GMIME_26 and #ifndef
GMIME_26, since they aren't logical alternates of each other.
>
> if (err)
> g_error_free (err);
> diff --git a/notmuch-client.h b/notmuch-client.h
> index 62ede28..9167042 100644
> --- a/notmuch-client.h
> +++ b/notmuch-client.h
> @@ -30,6 +30,12 @@
>
> #include <gmime/gmime.h>
>
> +/* GMIME_CHECK_VERSION is only available in gmime >= 2.5. But so are
> + * GMIME_MAJOR_VERSION and friends. */
> +#ifdef GMIME_MAJOR_VERSION
> +#define GMIME_26
> +#endif
> +
> #include "notmuch.h"
>
> /* This is separate from notmuch-private.h because we're trying to
> @@ -69,7 +75,11 @@ typedef struct notmuch_show_format {
> void (*part_start) (GMimeObject *part,
> int *part_count);
> void (*part_encstatus) (int status);
> +#ifdef GMIME_26
> + void (*part_sigstatus) (GMimeSignatureList* siglist);
> +#else
> void (*part_sigstatus) (const GMimeSignatureValidity* validity);
> +#endif
> void (*part_content) (GMimeObject *part);
> void (*part_end) (GMimeObject *part);
> const char *part_sep;
> @@ -83,7 +93,11 @@ typedef struct notmuch_show_params {
> int entire_thread;
> int raw;
> int part;
> +#ifdef GMIME_26
> + GMimeCryptoContext* cryptoctx;
> +#else
> GMimeCipherContext* cryptoctx;
> +#endif
> int decrypt;
> } notmuch_show_params_t;
>
> @@ -290,11 +304,17 @@ typedef struct mime_node {
>
> /* True if signature verification on this part was attempted. */
> notmuch_bool_t verify_attempted;
> +#ifdef GMIME_26
> + /* The list of signatures for signed or encrypted containers. If
> + * there are no signatures, this will be NULL. */
Spacing.
> + GMimeSignatureList* sig_list;
> +#else
> /* For signed or encrypted containers, the validity of the
> * signature. May be NULL if signature verification failed. If
> * there are simply no signatures, this will be non-NULL with an
> * empty signers list. */
> const GMimeSignatureValidity *sig_validity;
> +#endif
>
> /* Internal: Context inherited from the root iterator. */
> struct mime_node_context *ctx;
> @@ -319,8 +339,12 @@ typedef struct mime_node {
> */
> notmuch_status_t
> mime_node_open (const void *ctx, notmuch_message_t *message,
> - GMimeCipherContext *cryptoctx, notmuch_bool_t decrypt,
> - mime_node_t **node_out);
> +#ifdef GMIME_26
> + GMimeCryptoContext *cryptoctx,
> +#else
> + GMimeCipherContext *cryptoctx,
> +#endif
> + notmuch_bool_t decrypt, mime_node_t **node_out);
>
> /* Return a new MIME node for the requested child part of parent.
> * parent will be used as the talloc context for the returned child
> diff --git a/notmuch-reply.c b/notmuch-reply.c
> index 0f682db..b3d7127 100644
> --- a/notmuch-reply.c
> +++ b/notmuch-reply.c
> @@ -688,15 +688,22 @@ notmuch_reply_command (void *ctx, int argc, char *argv[])
> reply_format_func = notmuch_reply_format_default;
>
> if (decrypt) {
> +#ifdef GMIME_26
> + /* TODO: GMimePasswordRequestFunc */
> + params.cryptoctx = g_mime_gpg_context_new (NULL, "gpg");
> +#else
> GMimeSession* session = g_object_new (g_mime_session_get_type(), NULL);
> params.cryptoctx = g_mime_gpg_context_new (session, "gpg");
> +#endif
> if (params.cryptoctx) {
> g_mime_gpg_context_set_always_trust ((GMimeGpgContext*) params.cryptoctx, FALSE);
> params.decrypt = TRUE;
> } else {
> fprintf (stderr, "Failed to construct gpg context.\n");
> }
> +#ifndef GMIME_26
> g_object_unref (session);
> +#endif
> }
>
> config = notmuch_config_open (ctx, NULL, NULL);
> diff --git a/notmuch-show.c b/notmuch-show.c
> index 91f566c..10223e0 100644
> --- a/notmuch-show.c
> +++ b/notmuch-show.c
> @@ -76,7 +76,11 @@ static void
> format_part_encstatus_json (int status);
>
> static void
> +#ifdef GMIME_26
> +format_part_sigstatus_json (GMimeSignatureList* siglist);
> +#else
> format_part_sigstatus_json (const GMimeSignatureValidity* validity);
> +#endif
>
> static void
> format_part_content_json (GMimeObject *part);
> @@ -486,6 +490,21 @@ show_text_part_content (GMimeObject *part, GMimeStream *stream_out)
> g_object_unref(stream_filter);
> }
>
> +#ifdef GMIME_26
> +static const char*
> +signature_status_to_string (GMimeSignatureStatus x)
> +{
> + switch (x) {
> + case GMIME_SIGNATURE_STATUS_GOOD:
> + return "good";
> + case GMIME_SIGNATURE_STATUS_BAD:
> + return "bad";
> + case GMIME_SIGNATURE_STATUS_ERROR:
> + return "error";
> + }
> + return "unknown";
> +}
> +#else
> static const char*
> signer_status_to_string (GMimeSignerStatus x)
> {
> @@ -501,6 +520,7 @@ signer_status_to_string (GMimeSignerStatus x)
> }
> return "unknown";
> }
> +#endif
>
> static void
> format_part_start_text (GMimeObject *part, int *part_count)
> @@ -592,6 +612,73 @@ format_part_encstatus_json (int status)
> printf ("}]");
> }
>
> +#ifdef GMIME_26
> +static void
> +format_part_sigstatus_json (GMimeSignatureList *siglist)
> +{
> + printf (", \"sigstatus\": [");
> +
> + if (!siglist) {
> + printf ("]");
> + return;
> + }
Indentation.
> +
> + void *ctx_quote = talloc_new (NULL);
> + int i;
> + for (i = 0; i < g_mime_signature_list_length (siglist); i++) {
> + GMimeSignature *signature = g_mime_signature_list_get_signature (siglist, i);
> +
> + if (i > 0)
> + printf (", ");
> +
> + printf ("{");
> +
> + /* status */
> + GMimeSignatureStatus status = g_mime_signature_get_status (signature);
> + printf ("\"status\": %s",
> + json_quote_str (ctx_quote,
> + signature_status_to_string (status)));
> +
> + GMimeCertificate *certificate = g_mime_signature_get_certificate (signature);
> + if (status == GMIME_SIGNATURE_STATUS_GOOD) {
> + if (certificate)
> + printf (", \"fingerprint\": %s", json_quote_str (ctx_quote, g_mime_certificate_get_fingerprint (certificate)));
> + /* these dates are seconds since the epoch; should we
> + * provide a more human-readable format string? */
> + time_t created = g_mime_signature_get_created (signature);
> + if (created != -1)
> + printf (", \"created\": %d", (int) created);
> + time_t expires = g_mime_signature_get_expires (signature);
> + if (expires > 0)
> + printf (", \"expires\": %d", (int) expires);
> + /* output user id only if validity is FULL or ULTIMATE. */
> + /* note that gmime is using the term "trust" here, which
> + * is WRONG. It's actually user id "validity". */
> + if (certificate) {
> + const char *name = g_mime_certificate_get_name (certificate);
> + GMimeCertificateTrust trust = g_mime_certificate_get_trust (certificate);
> + if (name && (trust == GMIME_CERTIFICATE_TRUST_FULLY || trust == GMIME_CERTIFICATE_TRUST_ULTIMATE))
> + printf (", \"userid\": %s", json_quote_str (ctx_quote, name));
> + }
> + } else if (certificate) {
> + const char *key_id = g_mime_certificate_get_key_id (certificate);
> + if (key_id)
> + printf (", \"keyid\": %s", json_quote_str (ctx_quote, key_id));
> + }
> +
> + GMimeSignatureError errors = g_mime_signature_get_errors (signature);
> + if (errors != GMIME_SIGNATURE_ERROR_NONE) {
> + printf (", \"errors\": %d", errors);
> + }
> +
> + printf ("}");
> + }
> +
> + printf ("]");
> +
> + talloc_free (ctx_quote);
> +}
> +#else
> static void
> format_part_sigstatus_json (const GMimeSignatureValidity* validity)
> {
> @@ -652,6 +739,7 @@ format_part_sigstatus_json (const GMimeSignatureValidity* validity)
>
> talloc_free (ctx_quote);
> }
> +#endif
>
> static void
> format_part_content_json (GMimeObject *part)
> @@ -990,13 +1078,20 @@ notmuch_show_command (void *ctx, unused (int argc), unused (char *argv[]))
> } else if ((STRNCMP_LITERAL (argv[i], "--verify") == 0) ||
> (STRNCMP_LITERAL (argv[i], "--decrypt") == 0)) {
> if (params.cryptoctx == NULL) {
> +#ifdef GMIME_26
> + /* TODO: GMimePasswordRequestFunc */
> + if (NULL == (params.cryptoctx = g_mime_gpg_context_new(NULL, "gpg")))
> +#else
> GMimeSession* session = g_object_new(g_mime_session_get_type(), NULL);
> if (NULL == (params.cryptoctx = g_mime_gpg_context_new(session, "gpg")))
> +#endif
> fprintf (stderr, "Failed to construct gpg context.\n");
> else
> g_mime_gpg_context_set_always_trust((GMimeGpgContext*)params.cryptoctx, FALSE);
> +#ifndef GMIME_26
> g_object_unref (session);
> session = NULL;
> +#endif
> }
> if (STRNCMP_LITERAL (argv[i], "--decrypt") == 0)
> params.decrypt = 1;
> diff --git a/show-message.c b/show-message.c
> index 8768889..65269fd 100644
> --- a/show-message.c
> +++ b/show-message.c
> @@ -48,7 +48,11 @@ show_message_part (mime_node_t *node,
> format->part_encstatus (node->decrypt_success);
>
> if (node->verify_attempted && format->part_sigstatus)
> +#ifdef GMIME_26
> + format->part_sigstatus (node->sig_list);
> +#else
> format->part_sigstatus (node->sig_validity);
> +#endif
>
> format->part_content (part);
>
^ permalink raw reply [flat|nested] 42+ messages in thread
* Re: [PATCH v2 2/2] Add pseudo-compatibility with gmime 2.6
2012-01-17 22:25 ` Austin Clements
@ 2012-01-18 8:15 ` Tomi Ollila
2012-01-18 17:35 ` Austin Clements
2012-01-19 23:32 ` Thomas Jost
1 sibling, 1 reply; 42+ messages in thread
From: Tomi Ollila @ 2012-01-18 8:15 UTC (permalink / raw)
To: notmuch
On Tue, 17 Jan 2012 17:25:46 -0500, Austin Clements <amdragon@MIT.EDU> wrote:
> Quoth Thomas Jost on Jan 17 at 11:50 am:
> >
> > +#ifdef GMIME_26
> > + /* sig_list may be created in both above cases, so we need to
> > + * cleanly handle it here. */
> > + if (node->sig_list) {
> > + GMimeSignatureList **proxy =
> > + talloc (node, GMimeSignatureList *);
>
> This doesn't need to be split into two lines.
>
> > + *proxy = node->sig_list;
> > + talloc_set_destructor (proxy, _signature_list_free);
> > + }
> > +#else
> > if (node->verify_attempted && !node->sig_validity)
> > fprintf (stderr, "Failed to verify signed part: %s\n",
> > (err ? err->message : "no error explanation given"));
> > +#endif
>
> I'd rather see the above as a separate #ifdef GMIME_26 and #ifndef
> GMIME_26, since they aren't logical alternates of each other.
That reminds me that it should then be like GMIME_ATLEAST_26, so
that this might be useful when GMIME > 2.6 is available...
Tomi
^ permalink raw reply [flat|nested] 42+ messages in thread
* Re: [PATCH v2 2/2] Add pseudo-compatibility with gmime 2.6
2012-01-17 10:50 ` [PATCH v2 2/2] Add pseudo-compatibility with gmime 2.6 Thomas Jost
2012-01-17 12:48 ` Tomi Ollila
2012-01-17 22:25 ` Austin Clements
@ 2012-01-18 17:19 ` Tom Prince
2012-01-18 18:00 ` Tomi Ollila
2 siblings, 1 reply; 42+ messages in thread
From: Tom Prince @ 2012-01-18 17:19 UTC (permalink / raw)
To: Thomas Jost, notmuch
On Tue, 17 Jan 2012 11:50:53 +0100, Thomas Jost <schnouki@schnouki.net> wrote:
> This was tested against both gmime 2.6.4 and 2.4.31. With gmime 2.4.31, the
> crypto tests all work fine (as expected). With gmime 2.6.4, one crypto test
> fails (signature verification with signer key unavailable) but this will be hard
> to fix since the new API does not report the reason why a signature verification
> fails (other than the human-readable error message).
How did you test against multiple versions? Using different machines? If
there was a way for configure (or something to pick the version, I would
setup the buildbot to test against both, so we don't regress either.
Tom
^ permalink raw reply [flat|nested] 42+ messages in thread
* Re: [PATCH v2 2/2] Add pseudo-compatibility with gmime 2.6
2012-01-18 8:15 ` Tomi Ollila
@ 2012-01-18 17:35 ` Austin Clements
2012-01-19 23:33 ` Thomas Jost
0 siblings, 1 reply; 42+ messages in thread
From: Austin Clements @ 2012-01-18 17:35 UTC (permalink / raw)
To: Tomi Ollila; +Cc: notmuch
Quoth Tomi Ollila on Jan 18 at 10:15 am:
> On Tue, 17 Jan 2012 17:25:46 -0500, Austin Clements <amdragon@MIT.EDU> wrote:
> > Quoth Thomas Jost on Jan 17 at 11:50 am:
> > >
> > > +#ifdef GMIME_26
> > > + /* sig_list may be created in both above cases, so we need to
> > > + * cleanly handle it here. */
> > > + if (node->sig_list) {
> > > + GMimeSignatureList **proxy =
> > > + talloc (node, GMimeSignatureList *);
> >
> > This doesn't need to be split into two lines.
> >
> > > + *proxy = node->sig_list;
> > > + talloc_set_destructor (proxy, _signature_list_free);
> > > + }
> > > +#else
> > > if (node->verify_attempted && !node->sig_validity)
> > > fprintf (stderr, "Failed to verify signed part: %s\n",
> > > (err ? err->message : "no error explanation given"));
> > > +#endif
> >
> > I'd rather see the above as a separate #ifdef GMIME_26 and #ifndef
> > GMIME_26, since they aren't logical alternates of each other.
>
> That reminds me that it should then be like GMIME_ATLEAST_26, so
> that this might be useful when GMIME > 2.6 is available...
Hopefully before GMIME 2.8 comes out, we'll be able to remove all of
the GMIME 2.4 compatibility. But GMIME_ATLEAST_26 would be fine, too.
^ permalink raw reply [flat|nested] 42+ messages in thread
* Re: [PATCH v2 2/2] Add pseudo-compatibility with gmime 2.6
2012-01-18 17:19 ` [PATCH v2 2/2] Add pseudo-compatibility with gmime 2.6 Tom Prince
@ 2012-01-18 18:00 ` Tomi Ollila
2012-01-19 23:47 ` Thomas Jost
0 siblings, 1 reply; 42+ messages in thread
From: Tomi Ollila @ 2012-01-18 18:00 UTC (permalink / raw)
To: Tom Prince, Thomas Jost, notmuch
On Wed, 18 Jan 2012 12:19:45 -0500, Tom Prince <tom.prince@ualberta.net> wrote:
>
> How did you test against multiple versions? Using different machines? If
> there was a way for configure (or something to pick the version, I would
> setup the buildbot to test against both, so we don't regress either.
I currently compile notmuch on Fedora 15 so that I have
LIBRARY_PATH=/my/own/path/to/x86_64-linux/lib
and
CPATH=/my/own/path/to/x86_64-linux/include
and gmime 2.4 development files are located in these
directories. I'll be hiding gmime 2.4 stuff from these
soon in order to build against 2.6 stuff.
Tomi
^ permalink raw reply [flat|nested] 42+ messages in thread
* Re: [PATCH v2 2/2] Add pseudo-compatibility with gmime 2.6
2012-01-17 22:25 ` Austin Clements
2012-01-18 8:15 ` Tomi Ollila
@ 2012-01-19 23:32 ` Thomas Jost
2012-01-20 0:06 ` [PATCH v3 0/2] gmime 2.6 compatibilty, 3rd iteration Thomas Jost
1 sibling, 1 reply; 42+ messages in thread
From: Thomas Jost @ 2012-01-19 23:32 UTC (permalink / raw)
To: Austin Clements; +Cc: notmuch
[-- Attachment #1: Type: text/plain, Size: 16260 bytes --]
Thanks for this review Austin. New version coming soon.
On Tue, 17 Jan 2012 17:25:46 -0500, Austin Clements <amdragon@MIT.EDU> wrote:
> Quoth Thomas Jost on Jan 17 at 11:50 am:
> > There are lots of API changes in gmime 2.6 crypto handling. By adding
> > preprocessor directives, it is however possible to add gmime 2.6 compatibility
> > while preserving compatibility with gmime 2.4 too.
> >
> > This is mostly based on id:"8762i8hrb9.fsf@bookbinder.fernseed.info".
> >
> > This was tested against both gmime 2.6.4 and 2.4.31. With gmime 2.4.31, the
> > crypto tests all work fine (as expected). With gmime 2.6.4, one crypto test
> > fails (signature verification with signer key unavailable) but this will be hard
> > to fix since the new API does not report the reason why a signature verification
> > fails (other than the human-readable error message).
> > ---
> > mime-node.c | 56 ++++++++++++++++++++++++++++++--
> > notmuch-client.h | 28 +++++++++++++++-
> > notmuch-reply.c | 7 ++++
> > notmuch-show.c | 95 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
> > show-message.c | 4 ++
> > 5 files changed, 185 insertions(+), 5 deletions(-)
> >
> > diff --git a/mime-node.c b/mime-node.c
> > index d26bb44..e575e1c 100644
> > --- a/mime-node.c
> > +++ b/mime-node.c
> > @@ -33,7 +33,11 @@ typedef struct mime_node_context {
> > GMimeMessage *mime_message;
> >
> > /* Context provided by the caller. */
> > +#ifdef GMIME_26
> > + GMimeCryptoContext *cryptoctx;
> > +#else
> > GMimeCipherContext *cryptoctx;
> > +#endif
> > notmuch_bool_t decrypt;
> > } mime_node_context_t;
> >
> > @@ -57,8 +61,12 @@ _mime_node_context_free (mime_node_context_t *res)
> >
> > notmuch_status_t
> > mime_node_open (const void *ctx, notmuch_message_t *message,
> > - GMimeCipherContext *cryptoctx, notmuch_bool_t decrypt,
> > - mime_node_t **root_out)
> > +#ifdef GMIME_26
> > + GMimeCryptoContext *cryptoctx,
> > +#else
> > + GMimeCipherContext *cryptoctx,
> > +#endif
> > + notmuch_bool_t decrypt, mime_node_t **root_out)
> > {
> > const char *filename = notmuch_message_get_filename (message);
> > mime_node_context_t *mctx;
> > @@ -112,12 +120,21 @@ DONE:
> > return status;
> > }
> >
> > +#ifdef GMIME_26
> > +static int
> > +_signature_list_free (GMimeSignatureList **proxy)
> > +{
> > + g_object_unref (*proxy);
> > + return 0;
> > +}
> > +#else
> > static int
> > _signature_validity_free (GMimeSignatureValidity **proxy)
> > {
> > g_mime_signature_validity_free (*proxy);
> > return 0;
> > }
> > +#endif
> >
> > static mime_node_t *
> > _mime_node_create (const mime_node_t *parent, GMimeObject *part)
> > @@ -165,11 +182,22 @@ _mime_node_create (const mime_node_t *parent, GMimeObject *part)
> > GMimeMultipartEncrypted *encrypteddata =
> > GMIME_MULTIPART_ENCRYPTED (part);
> > node->decrypt_attempted = TRUE;
> > +#ifdef GMIME_26
> > + GMimeDecryptResult *decrypt_result = NULL;
>
> Reading through the GMime code, it looks like we do have to unref
> decrypt_result. I think this is easy, though. Right after you call
> g_mime_decrypt_result_get_signatures below, do:
>
> g_object_ref (node->sig_list);
> g_object_unref (decrypt_result);
Added, thanks!
>
> > + node->decrypted_child = g_mime_multipart_encrypted_decrypt
> > + (encrypteddata, node->ctx->cryptoctx, &decrypt_result, &err);
> > +#else
> > node->decrypted_child = g_mime_multipart_encrypted_decrypt
> > (encrypteddata, node->ctx->cryptoctx, &err);
> > +#endif
> > if (node->decrypted_child) {
> > - node->decrypt_success = node->verify_attempted = TRUE;
> > + node->decrypt_success = node->verify_attempted =TRUE;
>
> Whitespace. (There should be no diff on the above line)
Oops, my bad.
>
> > +#ifdef GMIME_26
> > + /* This may be NULL if the part is not signed. */
> > + node->sig_list = g_mime_decrypt_result_get_signatures (decrypt_result);
> > +#else
> > node->sig_validity = g_mime_multipart_encrypted_get_signature_validity (encrypteddata);
> > +#endif
> > } else {
> > fprintf (stderr, "Failed to decrypt part: %s\n",
> > (err ? err->message : "no error explanation given"));
> > @@ -182,6 +210,16 @@ _mime_node_create (const mime_node_t *parent, GMimeObject *part)
> > "(must be exactly 2)\n",
> > node->nchildren);
> > } else {
> > +#ifdef GMIME_26
> > + GMimeSignatureList *sig_list = g_mime_multipart_signed_verify
> > + (GMIME_MULTIPART_SIGNED (part), node->ctx->cryptoctx, &err);
> > + node->verify_attempted = TRUE;
> > + node->sig_list = sig_list;
>
> Just a nit. This could be
> node->sig_list = g_mime_multipart_signed_verify ( ... )
> To me, the local variable just makes this code more verbose without
> adding anything. Up to you.
Yep, the local variable is useless. Removed it.
>
> > +
> > + if (!sig_list)
> > + fprintf (stderr, "Failed to verify signed part: %s\n",
> > + (err ? err->message : "no error explanation given"));
> > +#else
> > /* For some reason the GMimeSignatureValidity returned
> > * here is not a const (inconsistent with that
> > * returned by
> > @@ -200,12 +238,24 @@ _mime_node_create (const mime_node_t *parent, GMimeObject *part)
> > *proxy = sig_validity;
> > talloc_set_destructor (proxy, _signature_validity_free);
> > }
> > +#endif
> > }
> > }
> >
> > +#ifdef GMIME_26
> > + /* sig_list may be created in both above cases, so we need to
> > + * cleanly handle it here. */
> > + if (node->sig_list) {
> > + GMimeSignatureList **proxy =
> > + talloc (node, GMimeSignatureList *);
>
> This doesn't need to be split into two lines.
You're right. It was more readable when that piece of code was more
indented, but now one line is fine :)
>
> > + *proxy = node->sig_list;
> > + talloc_set_destructor (proxy, _signature_list_free);
> > + }
> > +#else
> > if (node->verify_attempted && !node->sig_validity)
> > fprintf (stderr, "Failed to verify signed part: %s\n",
> > (err ? err->message : "no error explanation given"));
> > +#endif
>
> I'd rather see the above as a separate #ifdef GMIME_26 and #ifndef
> GMIME_26, since they aren't logical alternates of each other.
Agreed.
>
> >
> > if (err)
> > g_error_free (err);
> > diff --git a/notmuch-client.h b/notmuch-client.h
> > index 62ede28..9167042 100644
> > --- a/notmuch-client.h
> > +++ b/notmuch-client.h
> > @@ -30,6 +30,12 @@
> >
> > #include <gmime/gmime.h>
> >
> > +/* GMIME_CHECK_VERSION is only available in gmime >= 2.5. But so are
> > + * GMIME_MAJOR_VERSION and friends. */
> > +#ifdef GMIME_MAJOR_VERSION
> > +#define GMIME_26
> > +#endif
> > +
> > #include "notmuch.h"
> >
> > /* This is separate from notmuch-private.h because we're trying to
> > @@ -69,7 +75,11 @@ typedef struct notmuch_show_format {
> > void (*part_start) (GMimeObject *part,
> > int *part_count);
> > void (*part_encstatus) (int status);
> > +#ifdef GMIME_26
> > + void (*part_sigstatus) (GMimeSignatureList* siglist);
> > +#else
> > void (*part_sigstatus) (const GMimeSignatureValidity* validity);
> > +#endif
> > void (*part_content) (GMimeObject *part);
> > void (*part_end) (GMimeObject *part);
> > const char *part_sep;
> > @@ -83,7 +93,11 @@ typedef struct notmuch_show_params {
> > int entire_thread;
> > int raw;
> > int part;
> > +#ifdef GMIME_26
> > + GMimeCryptoContext* cryptoctx;
> > +#else
> > GMimeCipherContext* cryptoctx;
> > +#endif
> > int decrypt;
> > } notmuch_show_params_t;
> >
> > @@ -290,11 +304,17 @@ typedef struct mime_node {
> >
> > /* True if signature verification on this part was attempted. */
> > notmuch_bool_t verify_attempted;
> > +#ifdef GMIME_26
> > + /* The list of signatures for signed or encrypted containers. If
> > + * there are no signatures, this will be NULL. */
>
> Spacing.
>
> > + GMimeSignatureList* sig_list;
> > +#else
> > /* For signed or encrypted containers, the validity of the
> > * signature. May be NULL if signature verification failed. If
> > * there are simply no signatures, this will be non-NULL with an
> > * empty signers list. */
> > const GMimeSignatureValidity *sig_validity;
> > +#endif
> >
> > /* Internal: Context inherited from the root iterator. */
> > struct mime_node_context *ctx;
> > @@ -319,8 +339,12 @@ typedef struct mime_node {
> > */
> > notmuch_status_t
> > mime_node_open (const void *ctx, notmuch_message_t *message,
> > - GMimeCipherContext *cryptoctx, notmuch_bool_t decrypt,
> > - mime_node_t **node_out);
> > +#ifdef GMIME_26
> > + GMimeCryptoContext *cryptoctx,
> > +#else
> > + GMimeCipherContext *cryptoctx,
> > +#endif
> > + notmuch_bool_t decrypt, mime_node_t **node_out);
> >
> > /* Return a new MIME node for the requested child part of parent.
> > * parent will be used as the talloc context for the returned child
> > diff --git a/notmuch-reply.c b/notmuch-reply.c
> > index 0f682db..b3d7127 100644
> > --- a/notmuch-reply.c
> > +++ b/notmuch-reply.c
> > @@ -688,15 +688,22 @@ notmuch_reply_command (void *ctx, int argc, char *argv[])
> > reply_format_func = notmuch_reply_format_default;
> >
> > if (decrypt) {
> > +#ifdef GMIME_26
> > + /* TODO: GMimePasswordRequestFunc */
> > + params.cryptoctx = g_mime_gpg_context_new (NULL, "gpg");
> > +#else
> > GMimeSession* session = g_object_new (g_mime_session_get_type(), NULL);
> > params.cryptoctx = g_mime_gpg_context_new (session, "gpg");
> > +#endif
> > if (params.cryptoctx) {
> > g_mime_gpg_context_set_always_trust ((GMimeGpgContext*) params.cryptoctx, FALSE);
> > params.decrypt = TRUE;
> > } else {
> > fprintf (stderr, "Failed to construct gpg context.\n");
> > }
> > +#ifndef GMIME_26
> > g_object_unref (session);
> > +#endif
> > }
> >
> > config = notmuch_config_open (ctx, NULL, NULL);
> > diff --git a/notmuch-show.c b/notmuch-show.c
> > index 91f566c..10223e0 100644
> > --- a/notmuch-show.c
> > +++ b/notmuch-show.c
> > @@ -76,7 +76,11 @@ static void
> > format_part_encstatus_json (int status);
> >
> > static void
> > +#ifdef GMIME_26
> > +format_part_sigstatus_json (GMimeSignatureList* siglist);
> > +#else
> > format_part_sigstatus_json (const GMimeSignatureValidity* validity);
> > +#endif
> >
> > static void
> > format_part_content_json (GMimeObject *part);
> > @@ -486,6 +490,21 @@ show_text_part_content (GMimeObject *part, GMimeStream *stream_out)
> > g_object_unref(stream_filter);
> > }
> >
> > +#ifdef GMIME_26
> > +static const char*
> > +signature_status_to_string (GMimeSignatureStatus x)
> > +{
> > + switch (x) {
> > + case GMIME_SIGNATURE_STATUS_GOOD:
> > + return "good";
> > + case GMIME_SIGNATURE_STATUS_BAD:
> > + return "bad";
> > + case GMIME_SIGNATURE_STATUS_ERROR:
> > + return "error";
> > + }
> > + return "unknown";
> > +}
> > +#else
> > static const char*
> > signer_status_to_string (GMimeSignerStatus x)
> > {
> > @@ -501,6 +520,7 @@ signer_status_to_string (GMimeSignerStatus x)
> > }
> > return "unknown";
> > }
> > +#endif
> >
> > static void
> > format_part_start_text (GMimeObject *part, int *part_count)
> > @@ -592,6 +612,73 @@ format_part_encstatus_json (int status)
> > printf ("}]");
> > }
> >
> > +#ifdef GMIME_26
> > +static void
> > +format_part_sigstatus_json (GMimeSignatureList *siglist)
> > +{
> > + printf (", \"sigstatus\": [");
> > +
> > + if (!siglist) {
> > + printf ("]");
> > + return;
> > + }
>
> Indentation.
>
> > +
> > + void *ctx_quote = talloc_new (NULL);
> > + int i;
> > + for (i = 0; i < g_mime_signature_list_length (siglist); i++) {
> > + GMimeSignature *signature = g_mime_signature_list_get_signature (siglist, i);
> > +
> > + if (i > 0)
> > + printf (", ");
> > +
> > + printf ("{");
> > +
> > + /* status */
> > + GMimeSignatureStatus status = g_mime_signature_get_status (signature);
> > + printf ("\"status\": %s",
> > + json_quote_str (ctx_quote,
> > + signature_status_to_string (status)));
> > +
> > + GMimeCertificate *certificate = g_mime_signature_get_certificate (signature);
> > + if (status == GMIME_SIGNATURE_STATUS_GOOD) {
> > + if (certificate)
> > + printf (", \"fingerprint\": %s", json_quote_str (ctx_quote, g_mime_certificate_get_fingerprint (certificate)));
> > + /* these dates are seconds since the epoch; should we
> > + * provide a more human-readable format string? */
> > + time_t created = g_mime_signature_get_created (signature);
> > + if (created != -1)
> > + printf (", \"created\": %d", (int) created);
> > + time_t expires = g_mime_signature_get_expires (signature);
> > + if (expires > 0)
> > + printf (", \"expires\": %d", (int) expires);
> > + /* output user id only if validity is FULL or ULTIMATE. */
> > + /* note that gmime is using the term "trust" here, which
> > + * is WRONG. It's actually user id "validity". */
> > + if (certificate) {
> > + const char *name = g_mime_certificate_get_name (certificate);
> > + GMimeCertificateTrust trust = g_mime_certificate_get_trust (certificate);
> > + if (name && (trust == GMIME_CERTIFICATE_TRUST_FULLY || trust == GMIME_CERTIFICATE_TRUST_ULTIMATE))
> > + printf (", \"userid\": %s", json_quote_str (ctx_quote, name));
> > + }
> > + } else if (certificate) {
> > + const char *key_id = g_mime_certificate_get_key_id (certificate);
> > + if (key_id)
> > + printf (", \"keyid\": %s", json_quote_str (ctx_quote, key_id));
> > + }
> > +
> > + GMimeSignatureError errors = g_mime_signature_get_errors (signature);
> > + if (errors != GMIME_SIGNATURE_ERROR_NONE) {
> > + printf (", \"errors\": %d", errors);
> > + }
> > +
> > + printf ("}");
> > + }
> > +
> > + printf ("]");
> > +
> > + talloc_free (ctx_quote);
> > +}
> > +#else
> > static void
> > format_part_sigstatus_json (const GMimeSignatureValidity* validity)
> > {
> > @@ -652,6 +739,7 @@ format_part_sigstatus_json (const GMimeSignatureValidity* validity)
> >
> > talloc_free (ctx_quote);
> > }
> > +#endif
> >
> > static void
> > format_part_content_json (GMimeObject *part)
> > @@ -990,13 +1078,20 @@ notmuch_show_command (void *ctx, unused (int argc), unused (char *argv[]))
> > } else if ((STRNCMP_LITERAL (argv[i], "--verify") == 0) ||
> > (STRNCMP_LITERAL (argv[i], "--decrypt") == 0)) {
> > if (params.cryptoctx == NULL) {
> > +#ifdef GMIME_26
> > + /* TODO: GMimePasswordRequestFunc */
> > + if (NULL == (params.cryptoctx = g_mime_gpg_context_new(NULL, "gpg")))
> > +#else
> > GMimeSession* session = g_object_new(g_mime_session_get_type(), NULL);
> > if (NULL == (params.cryptoctx = g_mime_gpg_context_new(session, "gpg")))
> > +#endif
> > fprintf (stderr, "Failed to construct gpg context.\n");
> > else
> > g_mime_gpg_context_set_always_trust((GMimeGpgContext*)params.cryptoctx, FALSE);
> > +#ifndef GMIME_26
> > g_object_unref (session);
> > session = NULL;
> > +#endif
> > }
> > if (STRNCMP_LITERAL (argv[i], "--decrypt") == 0)
> > params.decrypt = 1;
> > diff --git a/show-message.c b/show-message.c
> > index 8768889..65269fd 100644
> > --- a/show-message.c
> > +++ b/show-message.c
> > @@ -48,7 +48,11 @@ show_message_part (mime_node_t *node,
> > format->part_encstatus (node->decrypt_success);
> >
> > if (node->verify_attempted && format->part_sigstatus)
> > +#ifdef GMIME_26
> > + format->part_sigstatus (node->sig_list);
> > +#else
> > format->part_sigstatus (node->sig_validity);
> > +#endif
> >
> > format->part_content (part);
> >
--
Thomas/Schnouki
[-- Attachment #2: Type: application/pgp-signature, Size: 489 bytes --]
^ permalink raw reply [flat|nested] 42+ messages in thread
* Re: [PATCH v2 2/2] Add pseudo-compatibility with gmime 2.6
2012-01-18 17:35 ` Austin Clements
@ 2012-01-19 23:33 ` Thomas Jost
0 siblings, 0 replies; 42+ messages in thread
From: Thomas Jost @ 2012-01-19 23:33 UTC (permalink / raw)
To: Austin Clements, Tomi Ollila; +Cc: notmuch
[-- Attachment #1: Type: text/plain, Size: 1579 bytes --]
On Wed, 18 Jan 2012 12:35:34 -0500, Austin Clements <amdragon@MIT.EDU> wrote:
> Quoth Tomi Ollila on Jan 18 at 10:15 am:
> > On Tue, 17 Jan 2012 17:25:46 -0500, Austin Clements <amdragon@MIT.EDU> wrote:
> > > Quoth Thomas Jost on Jan 17 at 11:50 am:
> > > >
> > > > +#ifdef GMIME_26
> > > > + /* sig_list may be created in both above cases, so we need to
> > > > + * cleanly handle it here. */
> > > > + if (node->sig_list) {
> > > > + GMimeSignatureList **proxy =
> > > > + talloc (node, GMimeSignatureList *);
> > >
> > > This doesn't need to be split into two lines.
> > >
> > > > + *proxy = node->sig_list;
> > > > + talloc_set_destructor (proxy, _signature_list_free);
> > > > + }
> > > > +#else
> > > > if (node->verify_attempted && !node->sig_validity)
> > > > fprintf (stderr, "Failed to verify signed part: %s\n",
> > > > (err ? err->message : "no error explanation given"));
> > > > +#endif
> > >
> > > I'd rather see the above as a separate #ifdef GMIME_26 and #ifndef
> > > GMIME_26, since they aren't logical alternates of each other.
> >
> > That reminds me that it should then be like GMIME_ATLEAST_26, so
> > that this might be useful when GMIME > 2.6 is available...
>
> Hopefully before GMIME 2.8 comes out, we'll be able to remove all of
> the GMIME 2.4 compatibility. But GMIME_ATLEAST_26 would be fine, too.
Heh, maybe things will change again in 2.8 and "ATLEAST_26" will become
"ONLY_26"... But changed to GMIME_ATLEAST_26 anyway, thanks for the
suggestion :)
--
Thomas/Schnouki
[-- Attachment #2: Type: application/pgp-signature, Size: 489 bytes --]
^ permalink raw reply [flat|nested] 42+ messages in thread
* Re: [PATCH v2 2/2] Add pseudo-compatibility with gmime 2.6
2012-01-18 18:00 ` Tomi Ollila
@ 2012-01-19 23:47 ` Thomas Jost
0 siblings, 0 replies; 42+ messages in thread
From: Thomas Jost @ 2012-01-19 23:47 UTC (permalink / raw)
To: Tomi Ollila, Tom Prince, notmuch
[-- Attachment #1: Type: text/plain, Size: 1285 bytes --]
On Wed, 18 Jan 2012 20:00:12 +0200, Tomi Ollila <tomi.ollila@iki.fi> wrote:
> On Wed, 18 Jan 2012 12:19:45 -0500, Tom Prince <tom.prince@ualberta.net> wrote:
> >
> > How did you test against multiple versions? Using different machines? If
> > there was a way for configure (or something to pick the version, I would
> > setup the buildbot to test against both, so we don't regress either.
>
> I currently compile notmuch on Fedora 15 so that I have
>
> LIBRARY_PATH=/my/own/path/to/x86_64-linux/lib
> and
> CPATH=/my/own/path/to/x86_64-linux/include
>
> and gmime 2.4 development files are located in these
> directories. I'll be hiding gmime 2.4 stuff from these
> soon in order to build against 2.6 stuff.
>
> Tomi
For testing gmime 2.4 and 2.6, I just uninstalled 2.6 and reinstalled
2.4 (kept the binary package on purpose -- not a problem since notmuch
is the only package using gmime on my system).
When hacking the gmime git in order to fix
https://bugzilla.gnome.org/show_bug.cgi?id=668085, I set some
environment variables before calling "./configure" and building notmuch:
LDFLAGS="-Wl,-rpath,/home/schnouki/dev/gmime/gmime/.libs" ./configure --prefix=/usr --sysconfdir=/etc
make
ldd ./notmuch
Regards,
--
Thomas/Schnouki
[-- Attachment #2: Type: application/pgp-signature, Size: 489 bytes --]
^ permalink raw reply [flat|nested] 42+ messages in thread
* Re: [PATCH] Add pseudo-compatibility with gmime 2.6
2012-01-17 20:38 ` [PATCH] " Austin Clements
@ 2012-01-19 23:52 ` Thomas Jost
2012-01-20 13:32 ` Tomi Ollila
0 siblings, 1 reply; 42+ messages in thread
From: Thomas Jost @ 2012-01-19 23:52 UTC (permalink / raw)
To: Austin Clements; +Cc: notmuch
[-- Attachment #1: Type: text/plain, Size: 3896 bytes --]
On Tue, 17 Jan 2012 15:38:36 -0500, Austin Clements <amdragon@MIT.EDU> wrote:
> Quoth Thomas Jost on Jan 17 at 11:48 am:
> > On Mon, 16 Jan 2012 22:47:14 -0500, Austin Clements <amdragon@MIT.EDU> wrote:
> > > Quoth Thomas Jost on Jan 17 at 12:56 am:
> > > > This is mostly based on id:"8762i8hrb9.fsf@bookbinder.fernseed.info".
> > > >
> > > > This was tested against both gmime 2.6.4 and 2.4.31. With gmime 2.4.31, the
> > > > crypto tests all work fine (as expected). With gmime 2.6.4, one crypto test
> > > > fails (signature verification with signer key unavailable) but this will be hard
> > > > to fix since the new API does not report the reason why a signature verification
> > > > fails (other than the human-readable error message).
> > >
> > > What is the result of this failing test?
> >
> > The test looks like that:
> >
> > FAIL signature verification with signer key unavailable
> > --- crypto.4.expected 2012-01-16 23:05:06.765651183 +0000
> > +++ crypto.4.output 2012-01-16 23:05:06.765651183 +0000
> > @@ -12,9 +12,7 @@
> > "Bcc": "",
> > "Date": "01 Jan 2000 12:00:00 -0000"},
> > "body": [{"id": 1,
> > - "sigstatus": [{"status": "error",
> > - "keyid": "6D92612D94E46381",
> > - "errors": 2}],
> > + "sigstatus": [],
> > "content-type": "multipart/signed",
> > "content": [{"id": 2,
> > "content-type": "text/plain",
> > Failed to verify signed part: gpg: keyblock resource `/home/schnouki/dev/notmuch/test/tmp.crypto/gnupg/pubring.gpg': file open error
> > gpg: armor header: Version: GnuPG v1.4.11 (GNU/Linux)
> > gpg: Signature made Mon Jan 16 23:05:06 2012 UTC using RSA key ID 94E46381
> > gpg: Can't check signature: public key not found
> >
> > So basically if a signer public key is missing, we can't get the status
> > signature: empty "sigstatus" field in the JSON output, "Unknown
> > signature status" in Emacs.
> >
> > IMHO this is a bug in gmime 2.6, and I think I know what causes it. I'll
> > file a bug in gmime and hopefully they'll find a cleaner way to fix it
> > than the one I came up with :)
>
> Oh, okay. That does seem like a bug in GMime. Do you think it would
> be possible to mark this test as "broken" if notmuch is using GMime
> 2.6? Off the top of my head, I can't think of an easy way to plumb
> that information through to the test suite. I don't think we should
> push any patches that knowingly break a test, even if it's in just one
> configuration.
Here is how I did:
(ldd notmuch | grep -q gmime-2.6) && test_subtest_known_broken
ldd notmuch will show "/path/to/libgmime-2.4.so.*" or
"libgmime-2.6.so.*" so we can easily check this in the test suite.
It's a little hacky but it seems to work. AFAIK ldd is a pretty standard
tool so it should be available (almost) everywhere. However if you have
a better idea I'll be glad to hear it.
> > > > +#ifdef GMIME_26
> > > > + if (node->verify_attempted && !node->sig_list)
> > >
> > > Hmm. This is correct for signed parts, but will incorrectly trigger
> > > for an encrypted part with no signatures. For 2.6, I think this error
> > > checking may have to move into the branches of the if encrypted/signed
> > > since for encrypted parts you have to check if
> > > g_mime_multipart_encrypted_decrypt returned NULL.
> >
> > That sound right. The weird part is that it did not cause anything to
> > fail in the test suite...
>
> It would be worth adding a test with an encrypted but unsigned part.
> I don't know enough GPG myself to do that.
It looks like there's already one: "emacs delivery of encrypted message
with attachment" + following decryptions.
Regards,
--
Thomas/Schnouki
[-- Attachment #2: Type: application/pgp-signature, Size: 489 bytes --]
^ permalink raw reply [flat|nested] 42+ messages in thread
* [PATCH v3 0/2] gmime 2.6 compatibilty, 3rd iteration
2012-01-19 23:32 ` Thomas Jost
@ 2012-01-20 0:06 ` Thomas Jost
2012-01-20 0:06 ` [PATCH v3 1/2] show: don't use hex literals in JSON output Thomas Jost
2012-01-20 0:06 ` [PATCH v3 2/2] Add compatibility with gmime 2.6 Thomas Jost
0 siblings, 2 replies; 42+ messages in thread
From: Thomas Jost @ 2012-01-20 0:06 UTC (permalink / raw)
To: notmuch
Hi list,
Here's another update of the patches to add gmime 2.6 compatibilty
while still preserving compatibility with gmime 2.4.
Any comments or review will be much appreciated.
The changes compared to the previous version ([1] and [2]) are pretty
minor:
- space and indentation fixes
- correctly dereference the instance of GMimeDecryptResult allocated
by g_mime_decrypt_result_get_signatures()
- remove a useless local variable
- rename the preprocessor constant GMIME_26 to GMIME_ATLEAST_26
- mark one crypto test as broken when using gmime 2.6 (because of a
bug in gmime [3])
The first patch is really not specific to gmime so it could probably
be pushed right away.
Thanks to Austin Clements, Tomi Ollila and Adrian Perez for their
reviews of the previous patches!
Best regards,
Thomas
[1] id:"1326797453-9405-1-git-send-email-schnouki@schnouki.net"
[2] id:"1326797453-9405-2-git-send-email-schnouki@schnouki.net"
[3] https://bugzilla.gnome.org/show_bug.cgi?id=668085
Thomas Jost (2):
show: don't use hex literals in JSON output
Add compatibility with gmime 2.6
mime-node.c | 60 +++++++++++++++++++++++++++++++--
notmuch-client.h | 30 +++++++++++++++-
notmuch-reply.c | 7 ++++
notmuch-show.c | 97 +++++++++++++++++++++++++++++++++++++++++++++++++++++-
show-message.c | 4 ++
test/crypto | 2 +
6 files changed, 193 insertions(+), 7 deletions(-)
--
1.7.8.4
^ permalink raw reply [flat|nested] 42+ messages in thread
* [PATCH v3 1/2] show: don't use hex literals in JSON output
2012-01-20 0:06 ` [PATCH v3 0/2] gmime 2.6 compatibilty, 3rd iteration Thomas Jost
@ 2012-01-20 0:06 ` Thomas Jost
2012-01-20 0:06 ` [PATCH v3 2/2] Add compatibility with gmime 2.6 Thomas Jost
1 sibling, 0 replies; 42+ messages in thread
From: Thomas Jost @ 2012-01-20 0:06 UTC (permalink / raw)
To: notmuch
JSON does not support hex literals (0x..) so numbers must be formatted as %d
instead of %x.
---
notmuch-show.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/notmuch-show.c b/notmuch-show.c
index d14dac9..91f566c 100644
--- a/notmuch-show.c
+++ b/notmuch-show.c
@@ -641,7 +641,7 @@ format_part_sigstatus_json (const GMimeSignatureValidity* validity)
printf (", \"keyid\": %s", json_quote_str (ctx_quote, signer->keyid));
}
if (signer->errors != GMIME_SIGNER_ERROR_NONE) {
- printf (", \"errors\": %x", signer->errors);
+ printf (", \"errors\": %d", signer->errors);
}
printf ("}");
--
1.7.8.4
^ permalink raw reply related [flat|nested] 42+ messages in thread
* [PATCH v3 2/2] Add compatibility with gmime 2.6
2012-01-20 0:06 ` [PATCH v3 0/2] gmime 2.6 compatibilty, 3rd iteration Thomas Jost
2012-01-20 0:06 ` [PATCH v3 1/2] show: don't use hex literals in JSON output Thomas Jost
@ 2012-01-20 0:06 ` Thomas Jost
2012-01-20 4:10 ` Austin Clements
1 sibling, 1 reply; 42+ messages in thread
From: Thomas Jost @ 2012-01-20 0:06 UTC (permalink / raw)
To: notmuch
There are lots of API changes in gmime 2.6 crypto handling. By adding
preprocessor directives, it is however possible to add gmime 2.6 compatibility
while preserving compatibility with gmime 2.4 too.
This is mostly based on id:"8762i8hrb9.fsf@bookbinder.fernseed.info".
This was tested against both gmime 2.6.4 and 2.4.31. With gmime 2.4.31, the
crypto tests all work fine (as expected). With gmime 2.6.4, one crypto test is
currently broken (signature verification with signer key unavailable), most
likely because of a bug in gmime which will hopefully be fixed in a future
version.
---
mime-node.c | 60 ++++++++++++++++++++++++++++++++--
notmuch-client.h | 30 ++++++++++++++++-
notmuch-reply.c | 7 ++++
notmuch-show.c | 95 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
show-message.c | 4 ++
test/crypto | 2 +
6 files changed, 192 insertions(+), 6 deletions(-)
diff --git a/mime-node.c b/mime-node.c
index d26bb44..ad19f5e 100644
--- a/mime-node.c
+++ b/mime-node.c
@@ -33,7 +33,11 @@ typedef struct mime_node_context {
GMimeMessage *mime_message;
/* Context provided by the caller. */
+#ifdef GMIME_ATLEAST_26
+ GMimeCryptoContext *cryptoctx;
+#else
GMimeCipherContext *cryptoctx;
+#endif
notmuch_bool_t decrypt;
} mime_node_context_t;
@@ -57,8 +61,12 @@ _mime_node_context_free (mime_node_context_t *res)
notmuch_status_t
mime_node_open (const void *ctx, notmuch_message_t *message,
- GMimeCipherContext *cryptoctx, notmuch_bool_t decrypt,
- mime_node_t **root_out)
+#ifdef GMIME_ATLEAST_26
+ GMimeCryptoContext *cryptoctx,
+#else
+ GMimeCipherContext *cryptoctx,
+#endif
+ notmuch_bool_t decrypt, mime_node_t **root_out)
{
const char *filename = notmuch_message_get_filename (message);
mime_node_context_t *mctx;
@@ -112,12 +120,21 @@ DONE:
return status;
}
+#ifdef GMIME_ATLEAST_26
+static int
+_signature_list_free (GMimeSignatureList **proxy)
+{
+ g_object_unref (*proxy);
+ return 0;
+}
+#else
static int
_signature_validity_free (GMimeSignatureValidity **proxy)
{
g_mime_signature_validity_free (*proxy);
return 0;
}
+#endif
static mime_node_t *
_mime_node_create (const mime_node_t *parent, GMimeObject *part)
@@ -165,11 +182,24 @@ _mime_node_create (const mime_node_t *parent, GMimeObject *part)
GMimeMultipartEncrypted *encrypteddata =
GMIME_MULTIPART_ENCRYPTED (part);
node->decrypt_attempted = TRUE;
+#ifdef GMIME_ATLEAST_26
+ GMimeDecryptResult *decrypt_result = NULL;
+ node->decrypted_child = g_mime_multipart_encrypted_decrypt
+ (encrypteddata, node->ctx->cryptoctx, &decrypt_result, &err);
+#else
node->decrypted_child = g_mime_multipart_encrypted_decrypt
(encrypteddata, node->ctx->cryptoctx, &err);
+#endif
if (node->decrypted_child) {
node->decrypt_success = node->verify_attempted = TRUE;
+#ifdef GMIME_ATLEAST_26
+ /* This may be NULL if the part is not signed. */
+ node->sig_list = g_mime_decrypt_result_get_signatures (decrypt_result);
+ g_object_ref (node->sig_list);
+ g_object_unref (decrypt_result);
+#else
node->sig_validity = g_mime_multipart_encrypted_get_signature_validity (encrypteddata);
+#endif
} else {
fprintf (stderr, "Failed to decrypt part: %s\n",
(err ? err->message : "no error explanation given"));
@@ -182,6 +212,15 @@ _mime_node_create (const mime_node_t *parent, GMimeObject *part)
"(must be exactly 2)\n",
node->nchildren);
} else {
+#ifdef GMIME_ATLEAST_26
+ node->sig_list = g_mime_multipart_signed_verify
+ (GMIME_MULTIPART_SIGNED (part), node->ctx->cryptoctx, &err);
+ node->verify_attempted = TRUE;
+
+ if (!node->sig_list)
+ fprintf (stderr, "Failed to verify signed part: %s\n",
+ (err ? err->message : "no error explanation given"));
+#else
/* For some reason the GMimeSignatureValidity returned
* here is not a const (inconsistent with that
* returned by
@@ -195,17 +234,30 @@ _mime_node_create (const mime_node_t *parent, GMimeObject *part)
node->verify_attempted = TRUE;
node->sig_validity = sig_validity;
if (sig_validity) {
- GMimeSignatureValidity **proxy =
- talloc (node, GMimeSignatureValidity *);
+ GMimeSignatureValidity **proxy = talloc (node, GMimeSignatureValidity *);
*proxy = sig_validity;
talloc_set_destructor (proxy, _signature_validity_free);
}
+#endif
}
}
+#ifdef GMIME_ATLEAST_26
+ /* sig_list may be created in both above cases, so we need to
+ * cleanly handle it here. */
+ if (node->sig_list) {
+ GMimeSignatureList **proxy =
+ talloc (node, GMimeSignatureList *);
+ *proxy = node->sig_list;
+ talloc_set_destructor (proxy, _signature_list_free);
+ }
+#endif
+
+#ifndef GMIME_ATLEAST_26
if (node->verify_attempted && !node->sig_validity)
fprintf (stderr, "Failed to verify signed part: %s\n",
(err ? err->message : "no error explanation given"));
+#endif
if (err)
g_error_free (err);
diff --git a/notmuch-client.h b/notmuch-client.h
index 62ede28..9c1d383 100644
--- a/notmuch-client.h
+++ b/notmuch-client.h
@@ -30,6 +30,14 @@
#include <gmime/gmime.h>
+/* GMIME_CHECK_VERSION in gmime 2.4 is not usable from the
+ * preprocessor (it calls a runtime function). But since
+ * GMIME_MAJOR_VERSION and friends were added in gmime 2.6, we can use
+ * these to check the version number. */
+#ifdef GMIME_MAJOR_VERSION
+#define GMIME_ATLEAST_26
+#endif
+
#include "notmuch.h"
/* This is separate from notmuch-private.h because we're trying to
@@ -69,7 +77,11 @@ typedef struct notmuch_show_format {
void (*part_start) (GMimeObject *part,
int *part_count);
void (*part_encstatus) (int status);
+#ifdef GMIME_ATLEAST_26
+ void (*part_sigstatus) (GMimeSignatureList* siglist);
+#else
void (*part_sigstatus) (const GMimeSignatureValidity* validity);
+#endif
void (*part_content) (GMimeObject *part);
void (*part_end) (GMimeObject *part);
const char *part_sep;
@@ -83,7 +95,11 @@ typedef struct notmuch_show_params {
int entire_thread;
int raw;
int part;
+#ifdef GMIME_ATLEAST_26
+ GMimeCryptoContext* cryptoctx;
+#else
GMimeCipherContext* cryptoctx;
+#endif
int decrypt;
} notmuch_show_params_t;
@@ -290,11 +306,17 @@ typedef struct mime_node {
/* True if signature verification on this part was attempted. */
notmuch_bool_t verify_attempted;
+#ifdef GMIME_ATLEAST_26
+ /* The list of signatures for signed or encrypted containers. If
+ * there are no signatures, this will be NULL. */
+ GMimeSignatureList* sig_list;
+#else
/* For signed or encrypted containers, the validity of the
* signature. May be NULL if signature verification failed. If
* there are simply no signatures, this will be non-NULL with an
* empty signers list. */
const GMimeSignatureValidity *sig_validity;
+#endif
/* Internal: Context inherited from the root iterator. */
struct mime_node_context *ctx;
@@ -319,8 +341,12 @@ typedef struct mime_node {
*/
notmuch_status_t
mime_node_open (const void *ctx, notmuch_message_t *message,
- GMimeCipherContext *cryptoctx, notmuch_bool_t decrypt,
- mime_node_t **node_out);
+#ifdef GMIME_ATLEAST_26
+ GMimeCryptoContext *cryptoctx,
+#else
+ GMimeCipherContext *cryptoctx,
+#endif
+ notmuch_bool_t decrypt, mime_node_t **node_out);
/* Return a new MIME node for the requested child part of parent.
* parent will be used as the talloc context for the returned child
diff --git a/notmuch-reply.c b/notmuch-reply.c
index 0f682db..bf67960 100644
--- a/notmuch-reply.c
+++ b/notmuch-reply.c
@@ -688,15 +688,22 @@ notmuch_reply_command (void *ctx, int argc, char *argv[])
reply_format_func = notmuch_reply_format_default;
if (decrypt) {
+#ifdef GMIME_ATLEAST_26
+ /* TODO: GMimePasswordRequestFunc */
+ params.cryptoctx = g_mime_gpg_context_new (NULL, "gpg");
+#else
GMimeSession* session = g_object_new (g_mime_session_get_type(), NULL);
params.cryptoctx = g_mime_gpg_context_new (session, "gpg");
+#endif
if (params.cryptoctx) {
g_mime_gpg_context_set_always_trust ((GMimeGpgContext*) params.cryptoctx, FALSE);
params.decrypt = TRUE;
} else {
fprintf (stderr, "Failed to construct gpg context.\n");
}
+#ifndef GMIME_ATLEAST_26
g_object_unref (session);
+#endif
}
config = notmuch_config_open (ctx, NULL, NULL);
diff --git a/notmuch-show.c b/notmuch-show.c
index 91f566c..190210c 100644
--- a/notmuch-show.c
+++ b/notmuch-show.c
@@ -76,7 +76,11 @@ static void
format_part_encstatus_json (int status);
static void
+#ifdef GMIME_ATLEAST_26
+format_part_sigstatus_json (GMimeSignatureList* siglist);
+#else
format_part_sigstatus_json (const GMimeSignatureValidity* validity);
+#endif
static void
format_part_content_json (GMimeObject *part);
@@ -486,6 +490,21 @@ show_text_part_content (GMimeObject *part, GMimeStream *stream_out)
g_object_unref(stream_filter);
}
+#ifdef GMIME_ATLEAST_26
+static const char*
+signature_status_to_string (GMimeSignatureStatus x)
+{
+ switch (x) {
+ case GMIME_SIGNATURE_STATUS_GOOD:
+ return "good";
+ case GMIME_SIGNATURE_STATUS_BAD:
+ return "bad";
+ case GMIME_SIGNATURE_STATUS_ERROR:
+ return "error";
+ }
+ return "unknown";
+}
+#else
static const char*
signer_status_to_string (GMimeSignerStatus x)
{
@@ -501,6 +520,7 @@ signer_status_to_string (GMimeSignerStatus x)
}
return "unknown";
}
+#endif
static void
format_part_start_text (GMimeObject *part, int *part_count)
@@ -592,6 +612,73 @@ format_part_encstatus_json (int status)
printf ("}]");
}
+#ifdef GMIME_ATLEAST_26
+static void
+format_part_sigstatus_json (GMimeSignatureList *siglist)
+{
+ printf (", \"sigstatus\": [");
+
+ if (!siglist) {
+ printf ("]");
+ return;
+ }
+
+ void *ctx_quote = talloc_new (NULL);
+ int i;
+ for (i = 0; i < g_mime_signature_list_length (siglist); i++) {
+ GMimeSignature *signature = g_mime_signature_list_get_signature (siglist, i);
+
+ if (i > 0)
+ printf (", ");
+
+ printf ("{");
+
+ /* status */
+ GMimeSignatureStatus status = g_mime_signature_get_status (signature);
+ printf ("\"status\": %s",
+ json_quote_str (ctx_quote,
+ signature_status_to_string (status)));
+
+ GMimeCertificate *certificate = g_mime_signature_get_certificate (signature);
+ if (status == GMIME_SIGNATURE_STATUS_GOOD) {
+ if (certificate)
+ printf (", \"fingerprint\": %s", json_quote_str (ctx_quote, g_mime_certificate_get_fingerprint (certificate)));
+ /* these dates are seconds since the epoch; should we
+ * provide a more human-readable format string? */
+ time_t created = g_mime_signature_get_created (signature);
+ if (created != -1)
+ printf (", \"created\": %d", (int) created);
+ time_t expires = g_mime_signature_get_expires (signature);
+ if (expires > 0)
+ printf (", \"expires\": %d", (int) expires);
+ /* output user id only if validity is FULL or ULTIMATE. */
+ /* note that gmime is using the term "trust" here, which
+ * is WRONG. It's actually user id "validity". */
+ if (certificate) {
+ const char *name = g_mime_certificate_get_name (certificate);
+ GMimeCertificateTrust trust = g_mime_certificate_get_trust (certificate);
+ if (name && (trust == GMIME_CERTIFICATE_TRUST_FULLY || trust == GMIME_CERTIFICATE_TRUST_ULTIMATE))
+ printf (", \"userid\": %s", json_quote_str (ctx_quote, name));
+ }
+ } else if (certificate) {
+ const char *key_id = g_mime_certificate_get_key_id (certificate);
+ if (key_id)
+ printf (", \"keyid\": %s", json_quote_str (ctx_quote, key_id));
+ }
+
+ GMimeSignatureError errors = g_mime_signature_get_errors (signature);
+ if (errors != GMIME_SIGNATURE_ERROR_NONE) {
+ printf (", \"errors\": %d", errors);
+ }
+
+ printf ("}");
+ }
+
+ printf ("]");
+
+ talloc_free (ctx_quote);
+}
+#else
static void
format_part_sigstatus_json (const GMimeSignatureValidity* validity)
{
@@ -652,6 +739,7 @@ format_part_sigstatus_json (const GMimeSignatureValidity* validity)
talloc_free (ctx_quote);
}
+#endif
static void
format_part_content_json (GMimeObject *part)
@@ -990,13 +1078,20 @@ notmuch_show_command (void *ctx, unused (int argc), unused (char *argv[]))
} else if ((STRNCMP_LITERAL (argv[i], "--verify") == 0) ||
(STRNCMP_LITERAL (argv[i], "--decrypt") == 0)) {
if (params.cryptoctx == NULL) {
+#ifdef GMIME_ATLEAST_26
+ /* TODO: GMimePasswordRequestFunc */
+ if (NULL == (params.cryptoctx = g_mime_gpg_context_new(NULL, "gpg")))
+#else
GMimeSession* session = g_object_new(g_mime_session_get_type(), NULL);
if (NULL == (params.cryptoctx = g_mime_gpg_context_new(session, "gpg")))
+#endif
fprintf (stderr, "Failed to construct gpg context.\n");
else
g_mime_gpg_context_set_always_trust((GMimeGpgContext*)params.cryptoctx, FALSE);
+#ifndef GMIME_ATLEAST_26
g_object_unref (session);
session = NULL;
+#endif
}
if (STRNCMP_LITERAL (argv[i], "--decrypt") == 0)
params.decrypt = 1;
diff --git a/show-message.c b/show-message.c
index 8768889..83ecf81 100644
--- a/show-message.c
+++ b/show-message.c
@@ -48,7 +48,11 @@ show_message_part (mime_node_t *node,
format->part_encstatus (node->decrypt_success);
if (node->verify_attempted && format->part_sigstatus)
+#ifdef GMIME_ATLEAST_26
+ format->part_sigstatus (node->sig_list);
+#else
format->part_sigstatus (node->sig_validity);
+#endif
format->part_content (part);
diff --git a/test/crypto b/test/crypto
index 0af4aa8..3779abc 100755
--- a/test/crypto
+++ b/test/crypto
@@ -104,6 +104,8 @@ test_expect_equal \
"$expected"
test_begin_subtest "signature verification with signer key unavailable"
+# this is broken with current versions of gmime-2.6
+(ldd $(which notmuch) | grep -q gmime-2.6) && test_subtest_known_broken
# move the gnupghome temporarily out of the way
mv "${GNUPGHOME}"{,.bak}
output=$(notmuch show --format=json --verify subject:"test signed message 001" \
--
1.7.8.4
^ permalink raw reply related [flat|nested] 42+ messages in thread
* Re: [PATCH v3 2/2] Add compatibility with gmime 2.6
2012-01-20 0:06 ` [PATCH v3 2/2] Add compatibility with gmime 2.6 Thomas Jost
@ 2012-01-20 4:10 ` Austin Clements
2012-01-20 9:37 ` Thomas Jost
0 siblings, 1 reply; 42+ messages in thread
From: Austin Clements @ 2012-01-20 4:10 UTC (permalink / raw)
To: Thomas Jost; +Cc: notmuch
Nearly there. A few more small comments.
Quoth Thomas Jost on Jan 20 at 1:06 am:
> There are lots of API changes in gmime 2.6 crypto handling. By adding
> preprocessor directives, it is however possible to add gmime 2.6 compatibility
> while preserving compatibility with gmime 2.4 too.
>
> This is mostly based on id:"8762i8hrb9.fsf@bookbinder.fernseed.info".
>
> This was tested against both gmime 2.6.4 and 2.4.31. With gmime 2.4.31, the
> crypto tests all work fine (as expected). With gmime 2.6.4, one crypto test is
> currently broken (signature verification with signer key unavailable), most
> likely because of a bug in gmime which will hopefully be fixed in a future
> version.
> ---
> mime-node.c | 60 ++++++++++++++++++++++++++++++++--
> notmuch-client.h | 30 ++++++++++++++++-
> notmuch-reply.c | 7 ++++
> notmuch-show.c | 95 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
> show-message.c | 4 ++
> test/crypto | 2 +
> 6 files changed, 192 insertions(+), 6 deletions(-)
>
> diff --git a/mime-node.c b/mime-node.c
> index d26bb44..ad19f5e 100644
> --- a/mime-node.c
> +++ b/mime-node.c
> @@ -33,7 +33,11 @@ typedef struct mime_node_context {
> GMimeMessage *mime_message;
>
> /* Context provided by the caller. */
> +#ifdef GMIME_ATLEAST_26
> + GMimeCryptoContext *cryptoctx;
> +#else
> GMimeCipherContext *cryptoctx;
> +#endif
> notmuch_bool_t decrypt;
> } mime_node_context_t;
>
> @@ -57,8 +61,12 @@ _mime_node_context_free (mime_node_context_t *res)
>
> notmuch_status_t
> mime_node_open (const void *ctx, notmuch_message_t *message,
> - GMimeCipherContext *cryptoctx, notmuch_bool_t decrypt,
> - mime_node_t **root_out)
> +#ifdef GMIME_ATLEAST_26
> + GMimeCryptoContext *cryptoctx,
> +#else
> + GMimeCipherContext *cryptoctx,
> +#endif
> + notmuch_bool_t decrypt, mime_node_t **root_out)
> {
> const char *filename = notmuch_message_get_filename (message);
> mime_node_context_t *mctx;
> @@ -112,12 +120,21 @@ DONE:
> return status;
> }
>
> +#ifdef GMIME_ATLEAST_26
> +static int
> +_signature_list_free (GMimeSignatureList **proxy)
> +{
> + g_object_unref (*proxy);
> + return 0;
> +}
> +#else
> static int
> _signature_validity_free (GMimeSignatureValidity **proxy)
> {
> g_mime_signature_validity_free (*proxy);
> return 0;
> }
> +#endif
>
> static mime_node_t *
> _mime_node_create (const mime_node_t *parent, GMimeObject *part)
> @@ -165,11 +182,24 @@ _mime_node_create (const mime_node_t *parent, GMimeObject *part)
> GMimeMultipartEncrypted *encrypteddata =
> GMIME_MULTIPART_ENCRYPTED (part);
> node->decrypt_attempted = TRUE;
> +#ifdef GMIME_ATLEAST_26
> + GMimeDecryptResult *decrypt_result = NULL;
> + node->decrypted_child = g_mime_multipart_encrypted_decrypt
> + (encrypteddata, node->ctx->cryptoctx, &decrypt_result, &err);
> +#else
> node->decrypted_child = g_mime_multipart_encrypted_decrypt
> (encrypteddata, node->ctx->cryptoctx, &err);
> +#endif
> if (node->decrypted_child) {
> node->decrypt_success = node->verify_attempted = TRUE;
> +#ifdef GMIME_ATLEAST_26
> + /* This may be NULL if the part is not signed. */
> + node->sig_list = g_mime_decrypt_result_get_signatures (decrypt_result);
> + g_object_ref (node->sig_list);
Apparently you can't g_object_ref NULL, so there should be a
conditional around this. (Does g_mime_decrypt_result_get_signatures
*really* return NULL for an empty list? I feel like various tests
should have failed in various versions of this patch if it did.)
> + g_object_unref (decrypt_result);
> +#else
> node->sig_validity = g_mime_multipart_encrypted_get_signature_validity (encrypteddata);
> +#endif
> } else {
> fprintf (stderr, "Failed to decrypt part: %s\n",
> (err ? err->message : "no error explanation given"));
> @@ -182,6 +212,15 @@ _mime_node_create (const mime_node_t *parent, GMimeObject *part)
> "(must be exactly 2)\n",
> node->nchildren);
> } else {
> +#ifdef GMIME_ATLEAST_26
> + node->sig_list = g_mime_multipart_signed_verify
> + (GMIME_MULTIPART_SIGNED (part), node->ctx->cryptoctx, &err);
> + node->verify_attempted = TRUE;
> +
> + if (!node->sig_list)
> + fprintf (stderr, "Failed to verify signed part: %s\n",
> + (err ? err->message : "no error explanation given"));
> +#else
> /* For some reason the GMimeSignatureValidity returned
> * here is not a const (inconsistent with that
> * returned by
> @@ -195,17 +234,30 @@ _mime_node_create (const mime_node_t *parent, GMimeObject *part)
> node->verify_attempted = TRUE;
> node->sig_validity = sig_validity;
> if (sig_validity) {
> - GMimeSignatureValidity **proxy =
> - talloc (node, GMimeSignatureValidity *);
> + GMimeSignatureValidity **proxy = talloc (node, GMimeSignatureValidity *);
(See below)
> *proxy = sig_validity;
> talloc_set_destructor (proxy, _signature_validity_free);
> }
> +#endif
> }
> }
>
> +#ifdef GMIME_ATLEAST_26
> + /* sig_list may be created in both above cases, so we need to
> + * cleanly handle it here. */
> + if (node->sig_list) {
> + GMimeSignatureList **proxy =
> + talloc (node, GMimeSignatureList *);
Oops. I think you un-split the wrong line. The one up above is now
too long and this one is still unnecessarily split.
> + *proxy = node->sig_list;
> + talloc_set_destructor (proxy, _signature_list_free);
> + }
> +#endif
> +
> +#ifndef GMIME_ATLEAST_26
> if (node->verify_attempted && !node->sig_validity)
> fprintf (stderr, "Failed to verify signed part: %s\n",
> (err ? err->message : "no error explanation given"));
> +#endif
>
> if (err)
> g_error_free (err);
> diff --git a/notmuch-client.h b/notmuch-client.h
> index 62ede28..9c1d383 100644
> --- a/notmuch-client.h
> +++ b/notmuch-client.h
> @@ -30,6 +30,14 @@
>
> #include <gmime/gmime.h>
>
> +/* GMIME_CHECK_VERSION in gmime 2.4 is not usable from the
> + * preprocessor (it calls a runtime function). But since
> + * GMIME_MAJOR_VERSION and friends were added in gmime 2.6, we can use
> + * these to check the version number. */
> +#ifdef GMIME_MAJOR_VERSION
> +#define GMIME_ATLEAST_26
> +#endif
> +
> #include "notmuch.h"
>
> /* This is separate from notmuch-private.h because we're trying to
> @@ -69,7 +77,11 @@ typedef struct notmuch_show_format {
> void (*part_start) (GMimeObject *part,
> int *part_count);
> void (*part_encstatus) (int status);
> +#ifdef GMIME_ATLEAST_26
> + void (*part_sigstatus) (GMimeSignatureList* siglist);
> +#else
> void (*part_sigstatus) (const GMimeSignatureValidity* validity);
> +#endif
> void (*part_content) (GMimeObject *part);
> void (*part_end) (GMimeObject *part);
> const char *part_sep;
> @@ -83,7 +95,11 @@ typedef struct notmuch_show_params {
> int entire_thread;
> int raw;
> int part;
> +#ifdef GMIME_ATLEAST_26
> + GMimeCryptoContext* cryptoctx;
> +#else
> GMimeCipherContext* cryptoctx;
> +#endif
> int decrypt;
> } notmuch_show_params_t;
>
> @@ -290,11 +306,17 @@ typedef struct mime_node {
>
> /* True if signature verification on this part was attempted. */
> notmuch_bool_t verify_attempted;
> +#ifdef GMIME_ATLEAST_26
> + /* The list of signatures for signed or encrypted containers. If
> + * there are no signatures, this will be NULL. */
> + GMimeSignatureList* sig_list;
> +#else
> /* For signed or encrypted containers, the validity of the
> * signature. May be NULL if signature verification failed. If
> * there are simply no signatures, this will be non-NULL with an
> * empty signers list. */
> const GMimeSignatureValidity *sig_validity;
> +#endif
>
> /* Internal: Context inherited from the root iterator. */
> struct mime_node_context *ctx;
> @@ -319,8 +341,12 @@ typedef struct mime_node {
> */
> notmuch_status_t
> mime_node_open (const void *ctx, notmuch_message_t *message,
> - GMimeCipherContext *cryptoctx, notmuch_bool_t decrypt,
> - mime_node_t **node_out);
> +#ifdef GMIME_ATLEAST_26
> + GMimeCryptoContext *cryptoctx,
> +#else
> + GMimeCipherContext *cryptoctx,
> +#endif
> + notmuch_bool_t decrypt, mime_node_t **node_out);
>
> /* Return a new MIME node for the requested child part of parent.
> * parent will be used as the talloc context for the returned child
> diff --git a/notmuch-reply.c b/notmuch-reply.c
> index 0f682db..bf67960 100644
> --- a/notmuch-reply.c
> +++ b/notmuch-reply.c
> @@ -688,15 +688,22 @@ notmuch_reply_command (void *ctx, int argc, char *argv[])
> reply_format_func = notmuch_reply_format_default;
>
> if (decrypt) {
> +#ifdef GMIME_ATLEAST_26
> + /* TODO: GMimePasswordRequestFunc */
> + params.cryptoctx = g_mime_gpg_context_new (NULL, "gpg");
> +#else
> GMimeSession* session = g_object_new (g_mime_session_get_type(), NULL);
> params.cryptoctx = g_mime_gpg_context_new (session, "gpg");
> +#endif
> if (params.cryptoctx) {
> g_mime_gpg_context_set_always_trust ((GMimeGpgContext*) params.cryptoctx, FALSE);
> params.decrypt = TRUE;
> } else {
> fprintf (stderr, "Failed to construct gpg context.\n");
> }
> +#ifndef GMIME_ATLEAST_26
> g_object_unref (session);
> +#endif
> }
>
> config = notmuch_config_open (ctx, NULL, NULL);
> diff --git a/notmuch-show.c b/notmuch-show.c
> index 91f566c..190210c 100644
> --- a/notmuch-show.c
> +++ b/notmuch-show.c
> @@ -76,7 +76,11 @@ static void
> format_part_encstatus_json (int status);
>
> static void
> +#ifdef GMIME_ATLEAST_26
> +format_part_sigstatus_json (GMimeSignatureList* siglist);
> +#else
> format_part_sigstatus_json (const GMimeSignatureValidity* validity);
> +#endif
>
> static void
> format_part_content_json (GMimeObject *part);
> @@ -486,6 +490,21 @@ show_text_part_content (GMimeObject *part, GMimeStream *stream_out)
> g_object_unref(stream_filter);
> }
>
> +#ifdef GMIME_ATLEAST_26
> +static const char*
> +signature_status_to_string (GMimeSignatureStatus x)
> +{
> + switch (x) {
> + case GMIME_SIGNATURE_STATUS_GOOD:
> + return "good";
> + case GMIME_SIGNATURE_STATUS_BAD:
> + return "bad";
> + case GMIME_SIGNATURE_STATUS_ERROR:
> + return "error";
> + }
> + return "unknown";
> +}
> +#else
> static const char*
> signer_status_to_string (GMimeSignerStatus x)
> {
> @@ -501,6 +520,7 @@ signer_status_to_string (GMimeSignerStatus x)
> }
> return "unknown";
> }
> +#endif
>
> static void
> format_part_start_text (GMimeObject *part, int *part_count)
> @@ -592,6 +612,73 @@ format_part_encstatus_json (int status)
> printf ("}]");
> }
>
> +#ifdef GMIME_ATLEAST_26
> +static void
> +format_part_sigstatus_json (GMimeSignatureList *siglist)
> +{
> + printf (", \"sigstatus\": [");
> +
> + if (!siglist) {
> + printf ("]");
> + return;
> + }
> +
> + void *ctx_quote = talloc_new (NULL);
> + int i;
> + for (i = 0; i < g_mime_signature_list_length (siglist); i++) {
> + GMimeSignature *signature = g_mime_signature_list_get_signature (siglist, i);
> +
> + if (i > 0)
> + printf (", ");
> +
> + printf ("{");
> +
> + /* status */
> + GMimeSignatureStatus status = g_mime_signature_get_status (signature);
> + printf ("\"status\": %s",
> + json_quote_str (ctx_quote,
> + signature_status_to_string (status)));
> +
> + GMimeCertificate *certificate = g_mime_signature_get_certificate (signature);
> + if (status == GMIME_SIGNATURE_STATUS_GOOD) {
> + if (certificate)
> + printf (", \"fingerprint\": %s", json_quote_str (ctx_quote, g_mime_certificate_get_fingerprint (certificate)));
> + /* these dates are seconds since the epoch; should we
> + * provide a more human-readable format string? */
> + time_t created = g_mime_signature_get_created (signature);
> + if (created != -1)
> + printf (", \"created\": %d", (int) created);
> + time_t expires = g_mime_signature_get_expires (signature);
> + if (expires > 0)
> + printf (", \"expires\": %d", (int) expires);
> + /* output user id only if validity is FULL or ULTIMATE. */
> + /* note that gmime is using the term "trust" here, which
> + * is WRONG. It's actually user id "validity". */
> + if (certificate) {
> + const char *name = g_mime_certificate_get_name (certificate);
> + GMimeCertificateTrust trust = g_mime_certificate_get_trust (certificate);
> + if (name && (trust == GMIME_CERTIFICATE_TRUST_FULLY || trust == GMIME_CERTIFICATE_TRUST_ULTIMATE))
> + printf (", \"userid\": %s", json_quote_str (ctx_quote, name));
> + }
> + } else if (certificate) {
> + const char *key_id = g_mime_certificate_get_key_id (certificate);
> + if (key_id)
> + printf (", \"keyid\": %s", json_quote_str (ctx_quote, key_id));
> + }
> +
> + GMimeSignatureError errors = g_mime_signature_get_errors (signature);
> + if (errors != GMIME_SIGNATURE_ERROR_NONE) {
> + printf (", \"errors\": %d", errors);
> + }
> +
> + printf ("}");
> + }
> +
> + printf ("]");
> +
> + talloc_free (ctx_quote);
> +}
> +#else
> static void
> format_part_sigstatus_json (const GMimeSignatureValidity* validity)
> {
> @@ -652,6 +739,7 @@ format_part_sigstatus_json (const GMimeSignatureValidity* validity)
>
> talloc_free (ctx_quote);
> }
> +#endif
>
> static void
> format_part_content_json (GMimeObject *part)
> @@ -990,13 +1078,20 @@ notmuch_show_command (void *ctx, unused (int argc), unused (char *argv[]))
> } else if ((STRNCMP_LITERAL (argv[i], "--verify") == 0) ||
> (STRNCMP_LITERAL (argv[i], "--decrypt") == 0)) {
> if (params.cryptoctx == NULL) {
> +#ifdef GMIME_ATLEAST_26
> + /* TODO: GMimePasswordRequestFunc */
> + if (NULL == (params.cryptoctx = g_mime_gpg_context_new(NULL, "gpg")))
> +#else
> GMimeSession* session = g_object_new(g_mime_session_get_type(), NULL);
> if (NULL == (params.cryptoctx = g_mime_gpg_context_new(session, "gpg")))
> +#endif
> fprintf (stderr, "Failed to construct gpg context.\n");
> else
> g_mime_gpg_context_set_always_trust((GMimeGpgContext*)params.cryptoctx, FALSE);
> +#ifndef GMIME_ATLEAST_26
> g_object_unref (session);
> session = NULL;
> +#endif
> }
> if (STRNCMP_LITERAL (argv[i], "--decrypt") == 0)
> params.decrypt = 1;
> diff --git a/show-message.c b/show-message.c
> index 8768889..83ecf81 100644
> --- a/show-message.c
> +++ b/show-message.c
> @@ -48,7 +48,11 @@ show_message_part (mime_node_t *node,
> format->part_encstatus (node->decrypt_success);
>
> if (node->verify_attempted && format->part_sigstatus)
> +#ifdef GMIME_ATLEAST_26
> + format->part_sigstatus (node->sig_list);
> +#else
> format->part_sigstatus (node->sig_validity);
> +#endif
>
> format->part_content (part);
>
> diff --git a/test/crypto b/test/crypto
> index 0af4aa8..3779abc 100755
> --- a/test/crypto
> +++ b/test/crypto
> @@ -104,6 +104,8 @@ test_expect_equal \
> "$expected"
>
> test_begin_subtest "signature verification with signer key unavailable"
> +# this is broken with current versions of gmime-2.6
> +(ldd $(which notmuch) | grep -q gmime-2.6) && test_subtest_known_broken
Just to be nitpicky, you should either escape the . in the regexp or
pass -F to grep. Otherwise I think this hack is fine (though it might
have to get a little fancier once GMime fixes this bug).
> # move the gnupghome temporarily out of the way
> mv "${GNUPGHOME}"{,.bak}
> output=$(notmuch show --format=json --verify subject:"test signed message 001" \
^ permalink raw reply [flat|nested] 42+ messages in thread
* Re: [PATCH v3 2/2] Add compatibility with gmime 2.6
2012-01-20 4:10 ` Austin Clements
@ 2012-01-20 9:37 ` Thomas Jost
2012-01-20 9:39 ` [PATCH v4 1/3] show: don't use hex literals in JSON output Thomas Jost
0 siblings, 1 reply; 42+ messages in thread
From: Thomas Jost @ 2012-01-20 9:37 UTC (permalink / raw)
To: Austin Clements; +Cc: notmuch
[-- Attachment #1: Type: text/plain, Size: 18802 bytes --]
On Thu, 19 Jan 2012 23:10:44 -0500, Austin Clements <amdragon@MIT.EDU> wrote:
> Nearly there. A few more small comments.
Thanks again :) Will post new version soon, including a new patch to
update NEWS and INSTALL.
> Quoth Thomas Jost on Jan 20 at 1:06 am:
> > There are lots of API changes in gmime 2.6 crypto handling. By adding
> > preprocessor directives, it is however possible to add gmime 2.6 compatibility
> > while preserving compatibility with gmime 2.4 too.
> >
> > This is mostly based on id:"8762i8hrb9.fsf@bookbinder.fernseed.info".
> >
> > This was tested against both gmime 2.6.4 and 2.4.31. With gmime 2.4.31, the
> > crypto tests all work fine (as expected). With gmime 2.6.4, one crypto test is
> > currently broken (signature verification with signer key unavailable), most
> > likely because of a bug in gmime which will hopefully be fixed in a future
> > version.
> > ---
> > mime-node.c | 60 ++++++++++++++++++++++++++++++++--
> > notmuch-client.h | 30 ++++++++++++++++-
> > notmuch-reply.c | 7 ++++
> > notmuch-show.c | 95 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
> > show-message.c | 4 ++
> > test/crypto | 2 +
> > 6 files changed, 192 insertions(+), 6 deletions(-)
> >
> > diff --git a/mime-node.c b/mime-node.c
> > index d26bb44..ad19f5e 100644
> > --- a/mime-node.c
> > +++ b/mime-node.c
> > @@ -33,7 +33,11 @@ typedef struct mime_node_context {
> > GMimeMessage *mime_message;
> >
> > /* Context provided by the caller. */
> > +#ifdef GMIME_ATLEAST_26
> > + GMimeCryptoContext *cryptoctx;
> > +#else
> > GMimeCipherContext *cryptoctx;
> > +#endif
> > notmuch_bool_t decrypt;
> > } mime_node_context_t;
> >
> > @@ -57,8 +61,12 @@ _mime_node_context_free (mime_node_context_t *res)
> >
> > notmuch_status_t
> > mime_node_open (const void *ctx, notmuch_message_t *message,
> > - GMimeCipherContext *cryptoctx, notmuch_bool_t decrypt,
> > - mime_node_t **root_out)
> > +#ifdef GMIME_ATLEAST_26
> > + GMimeCryptoContext *cryptoctx,
> > +#else
> > + GMimeCipherContext *cryptoctx,
> > +#endif
> > + notmuch_bool_t decrypt, mime_node_t **root_out)
> > {
> > const char *filename = notmuch_message_get_filename (message);
> > mime_node_context_t *mctx;
> > @@ -112,12 +120,21 @@ DONE:
> > return status;
> > }
> >
> > +#ifdef GMIME_ATLEAST_26
> > +static int
> > +_signature_list_free (GMimeSignatureList **proxy)
> > +{
> > + g_object_unref (*proxy);
> > + return 0;
> > +}
> > +#else
> > static int
> > _signature_validity_free (GMimeSignatureValidity **proxy)
> > {
> > g_mime_signature_validity_free (*proxy);
> > return 0;
> > }
> > +#endif
> >
> > static mime_node_t *
> > _mime_node_create (const mime_node_t *parent, GMimeObject *part)
> > @@ -165,11 +182,24 @@ _mime_node_create (const mime_node_t *parent, GMimeObject *part)
> > GMimeMultipartEncrypted *encrypteddata =
> > GMIME_MULTIPART_ENCRYPTED (part);
> > node->decrypt_attempted = TRUE;
> > +#ifdef GMIME_ATLEAST_26
> > + GMimeDecryptResult *decrypt_result = NULL;
> > + node->decrypted_child = g_mime_multipart_encrypted_decrypt
> > + (encrypteddata, node->ctx->cryptoctx, &decrypt_result, &err);
> > +#else
> > node->decrypted_child = g_mime_multipart_encrypted_decrypt
> > (encrypteddata, node->ctx->cryptoctx, &err);
> > +#endif
> > if (node->decrypted_child) {
> > node->decrypt_success = node->verify_attempted = TRUE;
> > +#ifdef GMIME_ATLEAST_26
> > + /* This may be NULL if the part is not signed. */
> > + node->sig_list = g_mime_decrypt_result_get_signatures (decrypt_result);
> > + g_object_ref (node->sig_list);
>
> Apparently you can't g_object_ref NULL, so there should be a
> conditional around this.
Right, added. Thanks.
> (Does g_mime_decrypt_result_get_signatures *really* return NULL for an
> empty list? I feel like various tests should have failed in various
> versions of this patch if it did.)
Yes it does. I added some fprintf() in gmime (in gpg_decrypt() and
g_mime_decrypt_result_get_signatures()). Decryption tests (after "emacs
delivery of encrypted message with attachment") clearly show that
g_mime_decrypt_result_get_signatures returns NULL when there's no
signatures in an encrypted part.
I guess the reason why tests did not fail is that
format_part_sigstatus_json just displays an empty JSON array if sig_list
is NULL. And that's also what's expected when an encrypted part has no
signature.
I had a quick look at the GObject code; apparently if you pass NULL to
g_object_ref (or anything that is not a GObject) it will just return
NULL. So that's why this one did not fail either.
>
> > + g_object_unref (decrypt_result);
> > +#else
> > node->sig_validity = g_mime_multipart_encrypted_get_signature_validity (encrypteddata);
> > +#endif
> > } else {
> > fprintf (stderr, "Failed to decrypt part: %s\n",
> > (err ? err->message : "no error explanation given"));
> > @@ -182,6 +212,15 @@ _mime_node_create (const mime_node_t *parent, GMimeObject *part)
> > "(must be exactly 2)\n",
> > node->nchildren);
> > } else {
> > +#ifdef GMIME_ATLEAST_26
> > + node->sig_list = g_mime_multipart_signed_verify
> > + (GMIME_MULTIPART_SIGNED (part), node->ctx->cryptoctx, &err);
> > + node->verify_attempted = TRUE;
> > +
> > + if (!node->sig_list)
> > + fprintf (stderr, "Failed to verify signed part: %s\n",
> > + (err ? err->message : "no error explanation given"));
> > +#else
> > /* For some reason the GMimeSignatureValidity returned
> > * here is not a const (inconsistent with that
> > * returned by
> > @@ -195,17 +234,30 @@ _mime_node_create (const mime_node_t *parent, GMimeObject *part)
> > node->verify_attempted = TRUE;
> > node->sig_validity = sig_validity;
> > if (sig_validity) {
> > - GMimeSignatureValidity **proxy =
> > - talloc (node, GMimeSignatureValidity *);
> > + GMimeSignatureValidity **proxy = talloc (node, GMimeSignatureValidity *);
>
> (See below)
>
> > *proxy = sig_validity;
> > talloc_set_destructor (proxy, _signature_validity_free);
> > }
> > +#endif
> > }
> > }
> >
> > +#ifdef GMIME_ATLEAST_26
> > + /* sig_list may be created in both above cases, so we need to
> > + * cleanly handle it here. */
> > + if (node->sig_list) {
> > + GMimeSignatureList **proxy =
> > + talloc (node, GMimeSignatureList *);
>
> Oops. I think you un-split the wrong line. The one up above is now
> too long and this one is still unnecessarily split.
Argh. Sorry about that. (I guess hacking while watching DS9 is not a
good idea: too distracting. Won't do it again until next time.)
>
> > + *proxy = node->sig_list;
> > + talloc_set_destructor (proxy, _signature_list_free);
> > + }
> > +#endif
> > +
> > +#ifndef GMIME_ATLEAST_26
> > if (node->verify_attempted && !node->sig_validity)
> > fprintf (stderr, "Failed to verify signed part: %s\n",
> > (err ? err->message : "no error explanation given"));
> > +#endif
> >
> > if (err)
> > g_error_free (err);
> > diff --git a/notmuch-client.h b/notmuch-client.h
> > index 62ede28..9c1d383 100644
> > --- a/notmuch-client.h
> > +++ b/notmuch-client.h
> > @@ -30,6 +30,14 @@
> >
> > #include <gmime/gmime.h>
> >
> > +/* GMIME_CHECK_VERSION in gmime 2.4 is not usable from the
> > + * preprocessor (it calls a runtime function). But since
> > + * GMIME_MAJOR_VERSION and friends were added in gmime 2.6, we can use
> > + * these to check the version number. */
> > +#ifdef GMIME_MAJOR_VERSION
> > +#define GMIME_ATLEAST_26
> > +#endif
> > +
> > #include "notmuch.h"
> >
> > /* This is separate from notmuch-private.h because we're trying to
> > @@ -69,7 +77,11 @@ typedef struct notmuch_show_format {
> > void (*part_start) (GMimeObject *part,
> > int *part_count);
> > void (*part_encstatus) (int status);
> > +#ifdef GMIME_ATLEAST_26
> > + void (*part_sigstatus) (GMimeSignatureList* siglist);
> > +#else
> > void (*part_sigstatus) (const GMimeSignatureValidity* validity);
> > +#endif
> > void (*part_content) (GMimeObject *part);
> > void (*part_end) (GMimeObject *part);
> > const char *part_sep;
> > @@ -83,7 +95,11 @@ typedef struct notmuch_show_params {
> > int entire_thread;
> > int raw;
> > int part;
> > +#ifdef GMIME_ATLEAST_26
> > + GMimeCryptoContext* cryptoctx;
> > +#else
> > GMimeCipherContext* cryptoctx;
> > +#endif
> > int decrypt;
> > } notmuch_show_params_t;
> >
> > @@ -290,11 +306,17 @@ typedef struct mime_node {
> >
> > /* True if signature verification on this part was attempted. */
> > notmuch_bool_t verify_attempted;
> > +#ifdef GMIME_ATLEAST_26
> > + /* The list of signatures for signed or encrypted containers. If
> > + * there are no signatures, this will be NULL. */
> > + GMimeSignatureList* sig_list;
> > +#else
> > /* For signed or encrypted containers, the validity of the
> > * signature. May be NULL if signature verification failed. If
> > * there are simply no signatures, this will be non-NULL with an
> > * empty signers list. */
> > const GMimeSignatureValidity *sig_validity;
> > +#endif
> >
> > /* Internal: Context inherited from the root iterator. */
> > struct mime_node_context *ctx;
> > @@ -319,8 +341,12 @@ typedef struct mime_node {
> > */
> > notmuch_status_t
> > mime_node_open (const void *ctx, notmuch_message_t *message,
> > - GMimeCipherContext *cryptoctx, notmuch_bool_t decrypt,
> > - mime_node_t **node_out);
> > +#ifdef GMIME_ATLEAST_26
> > + GMimeCryptoContext *cryptoctx,
> > +#else
> > + GMimeCipherContext *cryptoctx,
> > +#endif
> > + notmuch_bool_t decrypt, mime_node_t **node_out);
> >
> > /* Return a new MIME node for the requested child part of parent.
> > * parent will be used as the talloc context for the returned child
> > diff --git a/notmuch-reply.c b/notmuch-reply.c
> > index 0f682db..bf67960 100644
> > --- a/notmuch-reply.c
> > +++ b/notmuch-reply.c
> > @@ -688,15 +688,22 @@ notmuch_reply_command (void *ctx, int argc, char *argv[])
> > reply_format_func = notmuch_reply_format_default;
> >
> > if (decrypt) {
> > +#ifdef GMIME_ATLEAST_26
> > + /* TODO: GMimePasswordRequestFunc */
> > + params.cryptoctx = g_mime_gpg_context_new (NULL, "gpg");
> > +#else
> > GMimeSession* session = g_object_new (g_mime_session_get_type(), NULL);
> > params.cryptoctx = g_mime_gpg_context_new (session, "gpg");
> > +#endif
> > if (params.cryptoctx) {
> > g_mime_gpg_context_set_always_trust ((GMimeGpgContext*) params.cryptoctx, FALSE);
> > params.decrypt = TRUE;
> > } else {
> > fprintf (stderr, "Failed to construct gpg context.\n");
> > }
> > +#ifndef GMIME_ATLEAST_26
> > g_object_unref (session);
> > +#endif
> > }
> >
> > config = notmuch_config_open (ctx, NULL, NULL);
> > diff --git a/notmuch-show.c b/notmuch-show.c
> > index 91f566c..190210c 100644
> > --- a/notmuch-show.c
> > +++ b/notmuch-show.c
> > @@ -76,7 +76,11 @@ static void
> > format_part_encstatus_json (int status);
> >
> > static void
> > +#ifdef GMIME_ATLEAST_26
> > +format_part_sigstatus_json (GMimeSignatureList* siglist);
> > +#else
> > format_part_sigstatus_json (const GMimeSignatureValidity* validity);
> > +#endif
> >
> > static void
> > format_part_content_json (GMimeObject *part);
> > @@ -486,6 +490,21 @@ show_text_part_content (GMimeObject *part, GMimeStream *stream_out)
> > g_object_unref(stream_filter);
> > }
> >
> > +#ifdef GMIME_ATLEAST_26
> > +static const char*
> > +signature_status_to_string (GMimeSignatureStatus x)
> > +{
> > + switch (x) {
> > + case GMIME_SIGNATURE_STATUS_GOOD:
> > + return "good";
> > + case GMIME_SIGNATURE_STATUS_BAD:
> > + return "bad";
> > + case GMIME_SIGNATURE_STATUS_ERROR:
> > + return "error";
> > + }
> > + return "unknown";
> > +}
> > +#else
> > static const char*
> > signer_status_to_string (GMimeSignerStatus x)
> > {
> > @@ -501,6 +520,7 @@ signer_status_to_string (GMimeSignerStatus x)
> > }
> > return "unknown";
> > }
> > +#endif
> >
> > static void
> > format_part_start_text (GMimeObject *part, int *part_count)
> > @@ -592,6 +612,73 @@ format_part_encstatus_json (int status)
> > printf ("}]");
> > }
> >
> > +#ifdef GMIME_ATLEAST_26
> > +static void
> > +format_part_sigstatus_json (GMimeSignatureList *siglist)
> > +{
> > + printf (", \"sigstatus\": [");
> > +
> > + if (!siglist) {
> > + printf ("]");
> > + return;
> > + }
> > +
> > + void *ctx_quote = talloc_new (NULL);
> > + int i;
> > + for (i = 0; i < g_mime_signature_list_length (siglist); i++) {
> > + GMimeSignature *signature = g_mime_signature_list_get_signature (siglist, i);
> > +
> > + if (i > 0)
> > + printf (", ");
> > +
> > + printf ("{");
> > +
> > + /* status */
> > + GMimeSignatureStatus status = g_mime_signature_get_status (signature);
> > + printf ("\"status\": %s",
> > + json_quote_str (ctx_quote,
> > + signature_status_to_string (status)));
> > +
> > + GMimeCertificate *certificate = g_mime_signature_get_certificate (signature);
> > + if (status == GMIME_SIGNATURE_STATUS_GOOD) {
> > + if (certificate)
> > + printf (", \"fingerprint\": %s", json_quote_str (ctx_quote, g_mime_certificate_get_fingerprint (certificate)));
> > + /* these dates are seconds since the epoch; should we
> > + * provide a more human-readable format string? */
> > + time_t created = g_mime_signature_get_created (signature);
> > + if (created != -1)
> > + printf (", \"created\": %d", (int) created);
> > + time_t expires = g_mime_signature_get_expires (signature);
> > + if (expires > 0)
> > + printf (", \"expires\": %d", (int) expires);
> > + /* output user id only if validity is FULL or ULTIMATE. */
> > + /* note that gmime is using the term "trust" here, which
> > + * is WRONG. It's actually user id "validity". */
> > + if (certificate) {
> > + const char *name = g_mime_certificate_get_name (certificate);
> > + GMimeCertificateTrust trust = g_mime_certificate_get_trust (certificate);
> > + if (name && (trust == GMIME_CERTIFICATE_TRUST_FULLY || trust == GMIME_CERTIFICATE_TRUST_ULTIMATE))
> > + printf (", \"userid\": %s", json_quote_str (ctx_quote, name));
> > + }
> > + } else if (certificate) {
> > + const char *key_id = g_mime_certificate_get_key_id (certificate);
> > + if (key_id)
> > + printf (", \"keyid\": %s", json_quote_str (ctx_quote, key_id));
> > + }
> > +
> > + GMimeSignatureError errors = g_mime_signature_get_errors (signature);
> > + if (errors != GMIME_SIGNATURE_ERROR_NONE) {
> > + printf (", \"errors\": %d", errors);
> > + }
> > +
> > + printf ("}");
> > + }
> > +
> > + printf ("]");
> > +
> > + talloc_free (ctx_quote);
> > +}
> > +#else
> > static void
> > format_part_sigstatus_json (const GMimeSignatureValidity* validity)
> > {
> > @@ -652,6 +739,7 @@ format_part_sigstatus_json (const GMimeSignatureValidity* validity)
> >
> > talloc_free (ctx_quote);
> > }
> > +#endif
> >
> > static void
> > format_part_content_json (GMimeObject *part)
> > @@ -990,13 +1078,20 @@ notmuch_show_command (void *ctx, unused (int argc), unused (char *argv[]))
> > } else if ((STRNCMP_LITERAL (argv[i], "--verify") == 0) ||
> > (STRNCMP_LITERAL (argv[i], "--decrypt") == 0)) {
> > if (params.cryptoctx == NULL) {
> > +#ifdef GMIME_ATLEAST_26
> > + /* TODO: GMimePasswordRequestFunc */
> > + if (NULL == (params.cryptoctx = g_mime_gpg_context_new(NULL, "gpg")))
> > +#else
> > GMimeSession* session = g_object_new(g_mime_session_get_type(), NULL);
> > if (NULL == (params.cryptoctx = g_mime_gpg_context_new(session, "gpg")))
> > +#endif
> > fprintf (stderr, "Failed to construct gpg context.\n");
> > else
> > g_mime_gpg_context_set_always_trust((GMimeGpgContext*)params.cryptoctx, FALSE);
> > +#ifndef GMIME_ATLEAST_26
> > g_object_unref (session);
> > session = NULL;
> > +#endif
> > }
> > if (STRNCMP_LITERAL (argv[i], "--decrypt") == 0)
> > params.decrypt = 1;
> > diff --git a/show-message.c b/show-message.c
> > index 8768889..83ecf81 100644
> > --- a/show-message.c
> > +++ b/show-message.c
> > @@ -48,7 +48,11 @@ show_message_part (mime_node_t *node,
> > format->part_encstatus (node->decrypt_success);
> >
> > if (node->verify_attempted && format->part_sigstatus)
> > +#ifdef GMIME_ATLEAST_26
> > + format->part_sigstatus (node->sig_list);
> > +#else
> > format->part_sigstatus (node->sig_validity);
> > +#endif
> >
> > format->part_content (part);
> >
> > diff --git a/test/crypto b/test/crypto
> > index 0af4aa8..3779abc 100755
> > --- a/test/crypto
> > +++ b/test/crypto
> > @@ -104,6 +104,8 @@ test_expect_equal \
> > "$expected"
> >
> > test_begin_subtest "signature verification with signer key unavailable"
> > +# this is broken with current versions of gmime-2.6
> > +(ldd $(which notmuch) | grep -q gmime-2.6) && test_subtest_known_broken
>
> Just to be nitpicky, you should either escape the . in the regexp or
> pass -F to grep. Otherwise I think this hack is fine (though it might
> have to get a little fancier once GMime fixes this bug).
Added -F :)
I guess we could also use pkg-config to test if gmime 2.6 is present. It
would also be simpler to test the version number once gmime fixes this
bug:
pkg-config --atleast-version=2.6.x gmime-2.6 || test_subtest_known_broken
But this would mean assuming that notmuch is built against a system-wide
gmime. Or it would require setting PKG_CONFIG_PATH before tests...
Complicated.
So IMHO once gmime fixes this bug we should just remove the
test_subtest_known_broken and maybe add something like this in
notmuch-client.h:
#ifdef GMIME_MAJOR_VERSION
#define GMIME_ATLEAST_26
#if !GMIME_CHECK_VERSION(2, 6, x)
#warning "Building against an old and buggy version of gmime. Please update to 2.6.x."
#endif
#endif
>
> > # move the gnupghome temporarily out of the way
> > mv "${GNUPGHOME}"{,.bak}
> > output=$(notmuch show --format=json --verify subject:"test signed message 001" \
--
Thomas/Schnouki
[-- Attachment #2: Type: application/pgp-signature, Size: 489 bytes --]
^ permalink raw reply [flat|nested] 42+ messages in thread
* [PATCH v4 1/3] show: don't use hex literals in JSON output
2012-01-20 9:37 ` Thomas Jost
@ 2012-01-20 9:39 ` Thomas Jost
2012-01-20 9:39 ` [PATCH v4 2/3] Add compatibility with gmime 2.6 Thomas Jost
` (2 more replies)
0 siblings, 3 replies; 42+ messages in thread
From: Thomas Jost @ 2012-01-20 9:39 UTC (permalink / raw)
To: notmuch
JSON does not support hex literals (0x..) so numbers must be formatted as %d
instead of %x.
---
notmuch-show.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/notmuch-show.c b/notmuch-show.c
index d14dac9..91f566c 100644
--- a/notmuch-show.c
+++ b/notmuch-show.c
@@ -641,7 +641,7 @@ format_part_sigstatus_json (const GMimeSignatureValidity* validity)
printf (", \"keyid\": %s", json_quote_str (ctx_quote, signer->keyid));
}
if (signer->errors != GMIME_SIGNER_ERROR_NONE) {
- printf (", \"errors\": %x", signer->errors);
+ printf (", \"errors\": %d", signer->errors);
}
printf ("}");
--
1.7.8.4
^ permalink raw reply related [flat|nested] 42+ messages in thread
* [PATCH v4 2/3] Add compatibility with gmime 2.6
2012-01-20 9:39 ` [PATCH v4 1/3] show: don't use hex literals in JSON output Thomas Jost
@ 2012-01-20 9:39 ` Thomas Jost
2012-01-20 16:33 ` Austin Clements
` (2 more replies)
2012-01-20 9:39 ` [PATCH v4 3/3] Update NEWS and INSTALL about " Thomas Jost
2012-01-20 11:55 ` [PATCH v4 1/3] show: don't use hex literals in JSON output David Bremner
2 siblings, 3 replies; 42+ messages in thread
From: Thomas Jost @ 2012-01-20 9:39 UTC (permalink / raw)
To: notmuch
There are lots of API changes in gmime 2.6 crypto handling. By adding
preprocessor directives, it is however possible to add gmime 2.6 compatibility
while preserving compatibility with gmime 2.4 too.
This is mostly based on id:"8762i8hrb9.fsf@bookbinder.fernseed.info".
This was tested against both gmime 2.6.4 and 2.4.31. With gmime 2.4.31, the
crypto tests all work fine (as expected). With gmime 2.6.4, one crypto test is
currently broken (signature verification with signer key unavailable), most
likely because of a bug in gmime which will hopefully be fixed in a future
version.
---
mime-node.c | 57 +++++++++++++++++++++++++++++++-
notmuch-client.h | 30 ++++++++++++++++-
notmuch-reply.c | 7 ++++
notmuch-show.c | 95 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
show-message.c | 4 ++
test/crypto | 2 +
6 files changed, 191 insertions(+), 4 deletions(-)
diff --git a/mime-node.c b/mime-node.c
index d26bb44..27077f7 100644
--- a/mime-node.c
+++ b/mime-node.c
@@ -33,7 +33,11 @@ typedef struct mime_node_context {
GMimeMessage *mime_message;
/* Context provided by the caller. */
+#ifdef GMIME_ATLEAST_26
+ GMimeCryptoContext *cryptoctx;
+#else
GMimeCipherContext *cryptoctx;
+#endif
notmuch_bool_t decrypt;
} mime_node_context_t;
@@ -57,8 +61,12 @@ _mime_node_context_free (mime_node_context_t *res)
notmuch_status_t
mime_node_open (const void *ctx, notmuch_message_t *message,
- GMimeCipherContext *cryptoctx, notmuch_bool_t decrypt,
- mime_node_t **root_out)
+#ifdef GMIME_ATLEAST_26
+ GMimeCryptoContext *cryptoctx,
+#else
+ GMimeCipherContext *cryptoctx,
+#endif
+ notmuch_bool_t decrypt, mime_node_t **root_out)
{
const char *filename = notmuch_message_get_filename (message);
mime_node_context_t *mctx;
@@ -112,12 +120,21 @@ DONE:
return status;
}
+#ifdef GMIME_ATLEAST_26
+static int
+_signature_list_free (GMimeSignatureList **proxy)
+{
+ g_object_unref (*proxy);
+ return 0;
+}
+#else
static int
_signature_validity_free (GMimeSignatureValidity **proxy)
{
g_mime_signature_validity_free (*proxy);
return 0;
}
+#endif
static mime_node_t *
_mime_node_create (const mime_node_t *parent, GMimeObject *part)
@@ -165,11 +182,25 @@ _mime_node_create (const mime_node_t *parent, GMimeObject *part)
GMimeMultipartEncrypted *encrypteddata =
GMIME_MULTIPART_ENCRYPTED (part);
node->decrypt_attempted = TRUE;
+#ifdef GMIME_ATLEAST_26
+ GMimeDecryptResult *decrypt_result = NULL;
+ node->decrypted_child = g_mime_multipart_encrypted_decrypt
+ (encrypteddata, node->ctx->cryptoctx, &decrypt_result, &err);
+#else
node->decrypted_child = g_mime_multipart_encrypted_decrypt
(encrypteddata, node->ctx->cryptoctx, &err);
+#endif
if (node->decrypted_child) {
node->decrypt_success = node->verify_attempted = TRUE;
+#ifdef GMIME_ATLEAST_26
+ /* This may be NULL if the part is not signed. */
+ node->sig_list = g_mime_decrypt_result_get_signatures (decrypt_result);
+ if (node->sig_list)
+ g_object_ref (node->sig_list);
+ g_object_unref (decrypt_result);
+#else
node->sig_validity = g_mime_multipart_encrypted_get_signature_validity (encrypteddata);
+#endif
} else {
fprintf (stderr, "Failed to decrypt part: %s\n",
(err ? err->message : "no error explanation given"));
@@ -182,6 +213,15 @@ _mime_node_create (const mime_node_t *parent, GMimeObject *part)
"(must be exactly 2)\n",
node->nchildren);
} else {
+#ifdef GMIME_ATLEAST_26
+ node->sig_list = g_mime_multipart_signed_verify
+ (GMIME_MULTIPART_SIGNED (part), node->ctx->cryptoctx, &err);
+ node->verify_attempted = TRUE;
+
+ if (!node->sig_list)
+ fprintf (stderr, "Failed to verify signed part: %s\n",
+ (err ? err->message : "no error explanation given"));
+#else
/* For some reason the GMimeSignatureValidity returned
* here is not a const (inconsistent with that
* returned by
@@ -200,12 +240,25 @@ _mime_node_create (const mime_node_t *parent, GMimeObject *part)
*proxy = sig_validity;
talloc_set_destructor (proxy, _signature_validity_free);
}
+#endif
}
}
+#ifdef GMIME_ATLEAST_26
+ /* sig_list may be created in both above cases, so we need to
+ * cleanly handle it here. */
+ if (node->sig_list) {
+ GMimeSignatureList **proxy = talloc (node, GMimeSignatureList *);
+ *proxy = node->sig_list;
+ talloc_set_destructor (proxy, _signature_list_free);
+ }
+#endif
+
+#ifndef GMIME_ATLEAST_26
if (node->verify_attempted && !node->sig_validity)
fprintf (stderr, "Failed to verify signed part: %s\n",
(err ? err->message : "no error explanation given"));
+#endif
if (err)
g_error_free (err);
diff --git a/notmuch-client.h b/notmuch-client.h
index 62ede28..9c1d383 100644
--- a/notmuch-client.h
+++ b/notmuch-client.h
@@ -30,6 +30,14 @@
#include <gmime/gmime.h>
+/* GMIME_CHECK_VERSION in gmime 2.4 is not usable from the
+ * preprocessor (it calls a runtime function). But since
+ * GMIME_MAJOR_VERSION and friends were added in gmime 2.6, we can use
+ * these to check the version number. */
+#ifdef GMIME_MAJOR_VERSION
+#define GMIME_ATLEAST_26
+#endif
+
#include "notmuch.h"
/* This is separate from notmuch-private.h because we're trying to
@@ -69,7 +77,11 @@ typedef struct notmuch_show_format {
void (*part_start) (GMimeObject *part,
int *part_count);
void (*part_encstatus) (int status);
+#ifdef GMIME_ATLEAST_26
+ void (*part_sigstatus) (GMimeSignatureList* siglist);
+#else
void (*part_sigstatus) (const GMimeSignatureValidity* validity);
+#endif
void (*part_content) (GMimeObject *part);
void (*part_end) (GMimeObject *part);
const char *part_sep;
@@ -83,7 +95,11 @@ typedef struct notmuch_show_params {
int entire_thread;
int raw;
int part;
+#ifdef GMIME_ATLEAST_26
+ GMimeCryptoContext* cryptoctx;
+#else
GMimeCipherContext* cryptoctx;
+#endif
int decrypt;
} notmuch_show_params_t;
@@ -290,11 +306,17 @@ typedef struct mime_node {
/* True if signature verification on this part was attempted. */
notmuch_bool_t verify_attempted;
+#ifdef GMIME_ATLEAST_26
+ /* The list of signatures for signed or encrypted containers. If
+ * there are no signatures, this will be NULL. */
+ GMimeSignatureList* sig_list;
+#else
/* For signed or encrypted containers, the validity of the
* signature. May be NULL if signature verification failed. If
* there are simply no signatures, this will be non-NULL with an
* empty signers list. */
const GMimeSignatureValidity *sig_validity;
+#endif
/* Internal: Context inherited from the root iterator. */
struct mime_node_context *ctx;
@@ -319,8 +341,12 @@ typedef struct mime_node {
*/
notmuch_status_t
mime_node_open (const void *ctx, notmuch_message_t *message,
- GMimeCipherContext *cryptoctx, notmuch_bool_t decrypt,
- mime_node_t **node_out);
+#ifdef GMIME_ATLEAST_26
+ GMimeCryptoContext *cryptoctx,
+#else
+ GMimeCipherContext *cryptoctx,
+#endif
+ notmuch_bool_t decrypt, mime_node_t **node_out);
/* Return a new MIME node for the requested child part of parent.
* parent will be used as the talloc context for the returned child
diff --git a/notmuch-reply.c b/notmuch-reply.c
index 0f682db..bf67960 100644
--- a/notmuch-reply.c
+++ b/notmuch-reply.c
@@ -688,15 +688,22 @@ notmuch_reply_command (void *ctx, int argc, char *argv[])
reply_format_func = notmuch_reply_format_default;
if (decrypt) {
+#ifdef GMIME_ATLEAST_26
+ /* TODO: GMimePasswordRequestFunc */
+ params.cryptoctx = g_mime_gpg_context_new (NULL, "gpg");
+#else
GMimeSession* session = g_object_new (g_mime_session_get_type(), NULL);
params.cryptoctx = g_mime_gpg_context_new (session, "gpg");
+#endif
if (params.cryptoctx) {
g_mime_gpg_context_set_always_trust ((GMimeGpgContext*) params.cryptoctx, FALSE);
params.decrypt = TRUE;
} else {
fprintf (stderr, "Failed to construct gpg context.\n");
}
+#ifndef GMIME_ATLEAST_26
g_object_unref (session);
+#endif
}
config = notmuch_config_open (ctx, NULL, NULL);
diff --git a/notmuch-show.c b/notmuch-show.c
index 91f566c..190210c 100644
--- a/notmuch-show.c
+++ b/notmuch-show.c
@@ -76,7 +76,11 @@ static void
format_part_encstatus_json (int status);
static void
+#ifdef GMIME_ATLEAST_26
+format_part_sigstatus_json (GMimeSignatureList* siglist);
+#else
format_part_sigstatus_json (const GMimeSignatureValidity* validity);
+#endif
static void
format_part_content_json (GMimeObject *part);
@@ -486,6 +490,21 @@ show_text_part_content (GMimeObject *part, GMimeStream *stream_out)
g_object_unref(stream_filter);
}
+#ifdef GMIME_ATLEAST_26
+static const char*
+signature_status_to_string (GMimeSignatureStatus x)
+{
+ switch (x) {
+ case GMIME_SIGNATURE_STATUS_GOOD:
+ return "good";
+ case GMIME_SIGNATURE_STATUS_BAD:
+ return "bad";
+ case GMIME_SIGNATURE_STATUS_ERROR:
+ return "error";
+ }
+ return "unknown";
+}
+#else
static const char*
signer_status_to_string (GMimeSignerStatus x)
{
@@ -501,6 +520,7 @@ signer_status_to_string (GMimeSignerStatus x)
}
return "unknown";
}
+#endif
static void
format_part_start_text (GMimeObject *part, int *part_count)
@@ -592,6 +612,73 @@ format_part_encstatus_json (int status)
printf ("}]");
}
+#ifdef GMIME_ATLEAST_26
+static void
+format_part_sigstatus_json (GMimeSignatureList *siglist)
+{
+ printf (", \"sigstatus\": [");
+
+ if (!siglist) {
+ printf ("]");
+ return;
+ }
+
+ void *ctx_quote = talloc_new (NULL);
+ int i;
+ for (i = 0; i < g_mime_signature_list_length (siglist); i++) {
+ GMimeSignature *signature = g_mime_signature_list_get_signature (siglist, i);
+
+ if (i > 0)
+ printf (", ");
+
+ printf ("{");
+
+ /* status */
+ GMimeSignatureStatus status = g_mime_signature_get_status (signature);
+ printf ("\"status\": %s",
+ json_quote_str (ctx_quote,
+ signature_status_to_string (status)));
+
+ GMimeCertificate *certificate = g_mime_signature_get_certificate (signature);
+ if (status == GMIME_SIGNATURE_STATUS_GOOD) {
+ if (certificate)
+ printf (", \"fingerprint\": %s", json_quote_str (ctx_quote, g_mime_certificate_get_fingerprint (certificate)));
+ /* these dates are seconds since the epoch; should we
+ * provide a more human-readable format string? */
+ time_t created = g_mime_signature_get_created (signature);
+ if (created != -1)
+ printf (", \"created\": %d", (int) created);
+ time_t expires = g_mime_signature_get_expires (signature);
+ if (expires > 0)
+ printf (", \"expires\": %d", (int) expires);
+ /* output user id only if validity is FULL or ULTIMATE. */
+ /* note that gmime is using the term "trust" here, which
+ * is WRONG. It's actually user id "validity". */
+ if (certificate) {
+ const char *name = g_mime_certificate_get_name (certificate);
+ GMimeCertificateTrust trust = g_mime_certificate_get_trust (certificate);
+ if (name && (trust == GMIME_CERTIFICATE_TRUST_FULLY || trust == GMIME_CERTIFICATE_TRUST_ULTIMATE))
+ printf (", \"userid\": %s", json_quote_str (ctx_quote, name));
+ }
+ } else if (certificate) {
+ const char *key_id = g_mime_certificate_get_key_id (certificate);
+ if (key_id)
+ printf (", \"keyid\": %s", json_quote_str (ctx_quote, key_id));
+ }
+
+ GMimeSignatureError errors = g_mime_signature_get_errors (signature);
+ if (errors != GMIME_SIGNATURE_ERROR_NONE) {
+ printf (", \"errors\": %d", errors);
+ }
+
+ printf ("}");
+ }
+
+ printf ("]");
+
+ talloc_free (ctx_quote);
+}
+#else
static void
format_part_sigstatus_json (const GMimeSignatureValidity* validity)
{
@@ -652,6 +739,7 @@ format_part_sigstatus_json (const GMimeSignatureValidity* validity)
talloc_free (ctx_quote);
}
+#endif
static void
format_part_content_json (GMimeObject *part)
@@ -990,13 +1078,20 @@ notmuch_show_command (void *ctx, unused (int argc), unused (char *argv[]))
} else if ((STRNCMP_LITERAL (argv[i], "--verify") == 0) ||
(STRNCMP_LITERAL (argv[i], "--decrypt") == 0)) {
if (params.cryptoctx == NULL) {
+#ifdef GMIME_ATLEAST_26
+ /* TODO: GMimePasswordRequestFunc */
+ if (NULL == (params.cryptoctx = g_mime_gpg_context_new(NULL, "gpg")))
+#else
GMimeSession* session = g_object_new(g_mime_session_get_type(), NULL);
if (NULL == (params.cryptoctx = g_mime_gpg_context_new(session, "gpg")))
+#endif
fprintf (stderr, "Failed to construct gpg context.\n");
else
g_mime_gpg_context_set_always_trust((GMimeGpgContext*)params.cryptoctx, FALSE);
+#ifndef GMIME_ATLEAST_26
g_object_unref (session);
session = NULL;
+#endif
}
if (STRNCMP_LITERAL (argv[i], "--decrypt") == 0)
params.decrypt = 1;
diff --git a/show-message.c b/show-message.c
index 8768889..83ecf81 100644
--- a/show-message.c
+++ b/show-message.c
@@ -48,7 +48,11 @@ show_message_part (mime_node_t *node,
format->part_encstatus (node->decrypt_success);
if (node->verify_attempted && format->part_sigstatus)
+#ifdef GMIME_ATLEAST_26
+ format->part_sigstatus (node->sig_list);
+#else
format->part_sigstatus (node->sig_validity);
+#endif
format->part_content (part);
diff --git a/test/crypto b/test/crypto
index 0af4aa8..446a58b 100755
--- a/test/crypto
+++ b/test/crypto
@@ -104,6 +104,8 @@ test_expect_equal \
"$expected"
test_begin_subtest "signature verification with signer key unavailable"
+# this is broken with current versions of gmime-2.6
+(ldd $(which notmuch) | grep -Fq gmime-2.6) && test_subtest_known_broken
# move the gnupghome temporarily out of the way
mv "${GNUPGHOME}"{,.bak}
output=$(notmuch show --format=json --verify subject:"test signed message 001" \
--
1.7.8.4
^ permalink raw reply related [flat|nested] 42+ messages in thread
* [PATCH v4 3/3] Update NEWS and INSTALL about gmime 2.6
2012-01-20 9:39 ` [PATCH v4 1/3] show: don't use hex literals in JSON output Thomas Jost
2012-01-20 9:39 ` [PATCH v4 2/3] Add compatibility with gmime 2.6 Thomas Jost
@ 2012-01-20 9:39 ` Thomas Jost
2012-01-20 16:39 ` Austin Clements
2012-01-21 13:11 ` [PATCH v4 3/3] Update NEWS and INSTALL " David Bremner
2012-01-20 11:55 ` [PATCH v4 1/3] show: don't use hex literals in JSON output David Bremner
2 siblings, 2 replies; 42+ messages in thread
From: Thomas Jost @ 2012-01-20 9:39 UTC (permalink / raw)
To: notmuch
---
INSTALL | 12 ++++++------
NEWS | 9 +++++++++
2 files changed, 15 insertions(+), 6 deletions(-)
diff --git a/INSTALL b/INSTALL
index e51b397..bc98f1d 100644
--- a/INSTALL
+++ b/INSTALL
@@ -20,8 +20,8 @@ configure stage.
Dependencies
------------
-Notmuch depends on three libraries: Xapian, GMime 2.4, and Talloc
-which are each described below:
+Notmuch depends on three libraries: Xapian, GMime 2.4 or 2.6, and
+Talloc which are each described below:
Xapian
------
@@ -39,14 +39,14 @@ which are each described below:
reading mail while notmuch would wait for Xapian when removing
the "inbox" and "unread" tags from messages in a thread.
- GMime 2.4
- ---------
- GMime 2.4 provides decoding of MIME email messages for Notmuch.
+ GMime 2.4 or 2.6
+ ----------------
+ GMime provides decoding of MIME email messages for Notmuch.
Without GMime, Notmuch would not be able to extract and index
the actual text from email message encoded as BASE64, etc.
- GMime 2.4 is available from http://spruce.sourceforge.net/gmime/
+ GMime is available from http://spruce.sourceforge.net/gmime/
Talloc
------
diff --git a/NEWS b/NEWS
index 6afa912..e78472c 100644
--- a/NEWS
+++ b/NEWS
@@ -36,6 +36,15 @@ New functions
notmuch_query_add_tag_exclude supports the new tag exclusion
feature.
+Build fixes
+-----------
+
+Compatibility with GMime 2.6
+
+ It is now possible to build notmuch against both GMime 2.4 and 2.6.
+ However they may be some issues in PGP signature verification
+ because of a bug in current versions of GMime 2.6.
+
Notmuch 0.11 (2012-01-13)
=========================
--
1.7.8.4
^ permalink raw reply related [flat|nested] 42+ messages in thread
* Re: [PATCH v4 1/3] show: don't use hex literals in JSON output
2012-01-20 9:39 ` [PATCH v4 1/3] show: don't use hex literals in JSON output Thomas Jost
2012-01-20 9:39 ` [PATCH v4 2/3] Add compatibility with gmime 2.6 Thomas Jost
2012-01-20 9:39 ` [PATCH v4 3/3] Update NEWS and INSTALL about " Thomas Jost
@ 2012-01-20 11:55 ` David Bremner
2012-01-20 12:33 ` Thomas Jost
2 siblings, 1 reply; 42+ messages in thread
From: David Bremner @ 2012-01-20 11:55 UTC (permalink / raw)
To: Thomas Jost, notmuch
On Fri, 20 Jan 2012 10:39:23 +0100, Thomas Jost <schnouki@schnouki.net> wrote:
> JSON does not support hex literals (0x..) so numbers must be formatted as %d
> instead of %x.
> ---
> notmuch-show.c | 2 +-
> 1 files changed, 1 insertions(+), 1 deletions(-)
Probably I'm just being lazy here, but can you explain why this change
does not require a corresponding change on the emacs side?
d
^ permalink raw reply [flat|nested] 42+ messages in thread
* Re: [PATCH v4 1/3] show: don't use hex literals in JSON output
2012-01-20 11:55 ` [PATCH v4 1/3] show: don't use hex literals in JSON output David Bremner
@ 2012-01-20 12:33 ` Thomas Jost
2012-01-20 13:20 ` David Bremner
0 siblings, 1 reply; 42+ messages in thread
From: Thomas Jost @ 2012-01-20 12:33 UTC (permalink / raw)
To: David Bremner, notmuch
[-- Attachment #1: Type: text/plain, Size: 1581 bytes --]
On Fri, 20 Jan 2012 07:55:03 -0400, David Bremner <david@tethera.net> wrote:
> On Fri, 20 Jan 2012 10:39:23 +0100, Thomas Jost <schnouki@schnouki.net> wrote:
> > JSON does not support hex literals (0x..) so numbers must be formatted as %d
> > instead of %x.
> > ---
> > notmuch-show.c | 2 +-
> > 1 files changed, 1 insertions(+), 1 deletions(-)
>
> Probably I'm just being lazy here, but can you explain why this change
> does not require a corresponding change on the emacs side?
Because Emacs already does the right thing. JSON numbers are supposed to
be decimal only (see http://json.org/: digits are 0-9 only), but the
current code could result in displaying a hexadecimal number instead
("c" instead of "12"). This would then trigger an error in Emacs, or in
any other correct JSON parser.
However we are quite lucky: because of the possible values of the gmime
error codes, such an error cannot happen.
The most common gmime error codes are 1 (expired signature), 2 (no
public key), 4 (expired key) and 8 (revoked key). The other possible
value is 16 (unsupported algorithm) but obviously it is much more rare.
If this happens, the current code will add '"errors": 10' (hex for
16...). This is valid JSON (it looks like a decimal number) but it is
incorrect (should be 16, not 10).
With this patch, notmuch will correctly display '"errors": 16' if such a
case happens.
(By the way, this issue was spotted by Austin Clements in
id:"20120117034714.GG16740@mit.edu", so he deserves the credits :))
Regards,
--
Thomas/Schnouki
[-- Attachment #2: Type: application/pgp-signature, Size: 489 bytes --]
^ permalink raw reply [flat|nested] 42+ messages in thread
* Re: [PATCH v4 1/3] show: don't use hex literals in JSON output
2012-01-20 12:33 ` Thomas Jost
@ 2012-01-20 13:20 ` David Bremner
2012-01-22 0:20 ` [PATCH] " Thomas Jost
0 siblings, 1 reply; 42+ messages in thread
From: David Bremner @ 2012-01-20 13:20 UTC (permalink / raw)
To: Thomas Jost, notmuch
On Fri, 20 Jan 2012 13:33:58 +0100, Thomas Jost <schnouki@schnouki.net> wrote:
> The most common gmime error codes are 1 (expired signature), 2 (no
> public key), 4 (expired key) and 8 (revoked key). The other possible
> value is 16 (unsupported algorithm) but obviously it is much more rare.
> If this happens, the current code will add '"errors": 10' (hex for
> 16...). This is valid JSON (it looks like a decimal number) but it is
> incorrect (should be 16, not 10).
Maybe something like this for the commit message?
d
^ permalink raw reply [flat|nested] 42+ messages in thread
* Re: [PATCH] Add pseudo-compatibility with gmime 2.6
2012-01-19 23:52 ` Thomas Jost
@ 2012-01-20 13:32 ` Tomi Ollila
0 siblings, 0 replies; 42+ messages in thread
From: Tomi Ollila @ 2012-01-20 13:32 UTC (permalink / raw)
To: Thomas Jost; +Cc: notmuch
On Fri, 20 Jan 2012 00:52:47 +0100, Thomas Jost <schnouki@schnouki.net> wrote:
>
> Here is how I did:
>
> (ldd notmuch | grep -q gmime-2.6) && test_subtest_known_broken
>
> ldd notmuch will show "/path/to/libgmime-2.4.so.*" or
> "libgmime-2.6.so.*" so we can easily check this in the test suite.
> It's a little hacky but it seems to work. AFAIK ldd is a pretty standard
> tool so it should be available (almost) everywhere. However if you have
> a better idea I'll be glad to hear it.
The "hack" is good in a sense that if that check fails in any case
the test_subtest_known_broken is not executed and we get FAIL instead of
BROKEN.
The subshell is unneeded:
ldd notmuch | grep -q gmime-2.6 && test_subtest_known_broken
does the trick (potentially less forks)... ok now I have to test ;)
haha:
$ rm xfoo.* xbar.*
$ strace -ff -o xfoo sh -c '(ldd /bin/ls | grep -q libc) && echo foo'
foo
$ ls xfoo.*
xfoo.14277 xfoo.14279 xfoo.14281 xfoo.14283 xfoo.14285
xfoo.14278 xfoo.14280 xfoo.14282 xfoo.14284
$ strace -ff -o xbar sh -c 'ldd /bin/ls | grep -q libc && echo foo'
foo
$ ls xbar.*
xbar.14292 xbar.14294 xbar.14296 xbar.14298
xbar.14293 xbar.14295 xbar.14297 xbar.14299
Tomi
^ permalink raw reply [flat|nested] 42+ messages in thread
* Re: [PATCH v4 2/3] Add compatibility with gmime 2.6
2012-01-20 9:39 ` [PATCH v4 2/3] Add compatibility with gmime 2.6 Thomas Jost
@ 2012-01-20 16:33 ` Austin Clements
2012-01-20 22:45 ` Tomi Ollila
2012-01-21 13:10 ` David Bremner
2 siblings, 0 replies; 42+ messages in thread
From: Austin Clements @ 2012-01-20 16:33 UTC (permalink / raw)
To: Thomas Jost; +Cc: notmuch
LGTM!
Quoth Thomas Jost on Jan 20 at 10:39 am:
> There are lots of API changes in gmime 2.6 crypto handling. By adding
> preprocessor directives, it is however possible to add gmime 2.6 compatibility
> while preserving compatibility with gmime 2.4 too.
>
> This is mostly based on id:"8762i8hrb9.fsf@bookbinder.fernseed.info".
>
> This was tested against both gmime 2.6.4 and 2.4.31. With gmime 2.4.31, the
> crypto tests all work fine (as expected). With gmime 2.6.4, one crypto test is
> currently broken (signature verification with signer key unavailable), most
> likely because of a bug in gmime which will hopefully be fixed in a future
> version.
^ permalink raw reply [flat|nested] 42+ messages in thread
* Re: [PATCH v4 3/3] Update NEWS and INSTALL about gmime 2.6
2012-01-20 9:39 ` [PATCH v4 3/3] Update NEWS and INSTALL about " Thomas Jost
@ 2012-01-20 16:39 ` Austin Clements
2012-01-22 0:29 ` [PATCH] Fix NEWS " Thomas Jost
2012-01-21 13:11 ` [PATCH v4 3/3] Update NEWS and INSTALL " David Bremner
1 sibling, 1 reply; 42+ messages in thread
From: Austin Clements @ 2012-01-20 16:39 UTC (permalink / raw)
To: Thomas Jost; +Cc: notmuch
Quoth Thomas Jost on Jan 20 at 10:39 am:
> ---
> INSTALL | 12 ++++++------
> NEWS | 9 +++++++++
> 2 files changed, 15 insertions(+), 6 deletions(-)
>
> diff --git a/INSTALL b/INSTALL
> index e51b397..bc98f1d 100644
> --- a/INSTALL
> +++ b/INSTALL
> @@ -20,8 +20,8 @@ configure stage.
>
> Dependencies
> ------------
> -Notmuch depends on three libraries: Xapian, GMime 2.4, and Talloc
> -which are each described below:
> +Notmuch depends on three libraries: Xapian, GMime 2.4 or 2.6, and
> +Talloc which are each described below:
>
> Xapian
> ------
> @@ -39,14 +39,14 @@ which are each described below:
> reading mail while notmuch would wait for Xapian when removing
> the "inbox" and "unread" tags from messages in a thread.
>
> - GMime 2.4
> - ---------
> - GMime 2.4 provides decoding of MIME email messages for Notmuch.
> + GMime 2.4 or 2.6
> + ----------------
> + GMime provides decoding of MIME email messages for Notmuch.
>
> Without GMime, Notmuch would not be able to extract and index
> the actual text from email message encoded as BASE64, etc.
>
> - GMime 2.4 is available from http://spruce.sourceforge.net/gmime/
> + GMime is available from http://spruce.sourceforge.net/gmime/
>
> Talloc
> ------
> diff --git a/NEWS b/NEWS
> index 6afa912..e78472c 100644
> --- a/NEWS
> +++ b/NEWS
> @@ -36,6 +36,15 @@ New functions
> notmuch_query_add_tag_exclude supports the new tag exclusion
> feature.
>
> +Build fixes
> +-----------
> +
> +Compatibility with GMime 2.6
> +
> + It is now possible to build notmuch against both GMime 2.4 and 2.6.
> + However they may be some issues in PGP signature verification
Typo and comma: "However, there". It would be good to describe the
bug, lest people hold off on upgrading because they think it's
something more dire. Maybe
"However, a bug in current GMime 2.6 causes notmuch not to report
signatures where the signer key is unavailable (GNOME bug 668085)."
> + because of a bug in current versions of GMime 2.6.
> +
> Notmuch 0.11 (2012-01-13)
> =========================
>
^ permalink raw reply [flat|nested] 42+ messages in thread
* Re: [PATCH v4 2/3] Add compatibility with gmime 2.6
2012-01-20 9:39 ` [PATCH v4 2/3] Add compatibility with gmime 2.6 Thomas Jost
2012-01-20 16:33 ` Austin Clements
@ 2012-01-20 22:45 ` Tomi Ollila
2012-01-21 13:10 ` David Bremner
2 siblings, 0 replies; 42+ messages in thread
From: Tomi Ollila @ 2012-01-20 22:45 UTC (permalink / raw)
To: Thomas Jost, notmuch
On Fri, 20 Jan 2012 10:39:24 +0100, Thomas Jost <schnouki@schnouki.net> wrote:
> There are lots of API changes in gmime 2.6 crypto handling. By adding
> preprocessor directives, it is however possible to add gmime 2.6 compatibility
> while preserving compatibility with gmime 2.4 too.
>
> This is mostly based on id:"8762i8hrb9.fsf@bookbinder.fernseed.info".
>
> This was tested against both gmime 2.6.4 and 2.4.31. With gmime 2.4.31, the
> crypto tests all work fine (as expected). With gmime 2.6.4, one crypto test is
> currently broken (signature verification with signer key unavailable), most
> likely because of a bug in gmime which will hopefully be fixed in a future
> version.
> ---
+1
Tomi
^ permalink raw reply [flat|nested] 42+ messages in thread
* Re: [PATCH v4 2/3] Add compatibility with gmime 2.6
2012-01-20 9:39 ` [PATCH v4 2/3] Add compatibility with gmime 2.6 Thomas Jost
2012-01-20 16:33 ` Austin Clements
2012-01-20 22:45 ` Tomi Ollila
@ 2012-01-21 13:10 ` David Bremner
2 siblings, 0 replies; 42+ messages in thread
From: David Bremner @ 2012-01-21 13:10 UTC (permalink / raw)
To: Thomas Jost, notmuch
On Fri, 20 Jan 2012 10:39:24 +0100, Thomas Jost <schnouki@schnouki.net> wrote:
> There are lots of API changes in gmime 2.6 crypto handling. By adding
> preprocessor directives, it is however possible to add gmime 2.6 compatibility
> while preserving compatibility with gmime 2.4 too.
>
pushed.
d
^ permalink raw reply [flat|nested] 42+ messages in thread
* Re: [PATCH v4 3/3] Update NEWS and INSTALL about gmime 2.6
2012-01-20 9:39 ` [PATCH v4 3/3] Update NEWS and INSTALL about " Thomas Jost
2012-01-20 16:39 ` Austin Clements
@ 2012-01-21 13:11 ` David Bremner
1 sibling, 0 replies; 42+ messages in thread
From: David Bremner @ 2012-01-21 13:11 UTC (permalink / raw)
To: Thomas Jost, notmuch
On Fri, 20 Jan 2012 10:39:25 +0100, Thomas Jost <schnouki@schnouki.net> wrote:
> ---
> INSTALL | 12 ++++++------
> NEWS | 9 +++++++++
> 2 files changed, 15 insertions(+), 6 deletions(-)
Pushed.
Note, I'm still waiting for an update of 1/3, or to convinced otherwise.
d
^ permalink raw reply [flat|nested] 42+ messages in thread
* [PATCH] show: don't use hex literals in JSON output
2012-01-20 13:20 ` David Bremner
@ 2012-01-22 0:20 ` Thomas Jost
2012-01-22 12:56 ` David Bremner
0 siblings, 1 reply; 42+ messages in thread
From: Thomas Jost @ 2012-01-22 0:20 UTC (permalink / raw)
To: notmuch
JSON does not support hex literals (0x..) so numbers must be formatted
as %d instead of %x.
Currently, the possible values for the gmime error code are 1 (expired
signature), 2 (no public key), 4 (expired key) and 8 (revoked key).
The other possible value is 16 (unsupported algorithm) but obviously
it is much more rare. If this happens, the current code will add
'"errors": 10'. This is valid JSON (it looks like a decimal number)
but it is incorrect (should be 16, not 10).
Since this is just an issue in the JSON encoder, no changes are needed
on the Emacs side (or in other UIs using the JSON output).
---
notmuch-show.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/notmuch-show.c b/notmuch-show.c
index 43ee211..7b40568 100644
--- a/notmuch-show.c
+++ b/notmuch-show.c
@@ -728,7 +728,7 @@ format_part_sigstatus_json (const GMimeSignatureValidity* validity)
printf (", \"keyid\": %s", json_quote_str (ctx_quote, signer->keyid));
}
if (signer->errors != GMIME_SIGNER_ERROR_NONE) {
- printf (", \"errors\": %x", signer->errors);
+ printf (", \"errors\": %d", signer->errors);
}
printf ("}");
--
1.7.8.4
^ permalink raw reply related [flat|nested] 42+ messages in thread
* [PATCH] Fix NEWS about gmime 2.6
2012-01-20 16:39 ` Austin Clements
@ 2012-01-22 0:29 ` Thomas Jost
2012-01-22 12:55 ` David Bremner
0 siblings, 1 reply; 42+ messages in thread
From: Thomas Jost @ 2012-01-22 0:29 UTC (permalink / raw)
To: notmuch
Previous version had a typo ("they may be" instead of "there may be")
and was lacking a proper description of the gmime bug.
---
Argh. Did not know how to tell it in proper English, ended with a huge
typo. Sorry about that, and thanks for noticing and fixing it :)
NEWS | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/NEWS b/NEWS
index e78472c..2c2d9e9 100644
--- a/NEWS
+++ b/NEWS
@@ -42,8 +42,8 @@ Build fixes
Compatibility with GMime 2.6
It is now possible to build notmuch against both GMime 2.4 and 2.6.
- However they may be some issues in PGP signature verification
- because of a bug in current versions of GMime 2.6.
+ However, a bug in current GMime 2.6 causes notmuch not to report
+ signatures where the signer key is unavailable (GNOME bug 668085).
Notmuch 0.11 (2012-01-13)
=========================
--
1.7.8.4
^ permalink raw reply related [flat|nested] 42+ messages in thread
* Re: [PATCH] Fix NEWS about gmime 2.6
2012-01-22 0:29 ` [PATCH] Fix NEWS " Thomas Jost
@ 2012-01-22 12:55 ` David Bremner
0 siblings, 0 replies; 42+ messages in thread
From: David Bremner @ 2012-01-22 12:55 UTC (permalink / raw)
To: Thomas Jost, notmuch
On Sun, 22 Jan 2012 01:29:41 +0100, Thomas Jost <schnouki@schnouki.net> wrote:
> Previous version had a typo ("they may be" instead of "there may be")
> and was lacking a proper description of the gmime bug.
> ---
pushed,
d
^ permalink raw reply [flat|nested] 42+ messages in thread
* Re: [PATCH] show: don't use hex literals in JSON output
2012-01-22 0:20 ` [PATCH] " Thomas Jost
@ 2012-01-22 12:56 ` David Bremner
0 siblings, 0 replies; 42+ messages in thread
From: David Bremner @ 2012-01-22 12:56 UTC (permalink / raw)
To: Thomas Jost, notmuch
On Sun, 22 Jan 2012 01:20:57 +0100, Thomas Jost <schnouki@schnouki.net> wrote:
> JSON does not support hex literals (0x..) so numbers must be formatted
> as %d instead of %x.
pushed,
d
^ permalink raw reply [flat|nested] 42+ messages in thread
end of thread, other threads:[~2012-01-22 12:56 UTC | newest]
Thread overview: 42+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <8762gbtd6p.fsf@schnouki.net>
2012-01-16 23:56 ` [PATCH] Add pseudo-compatibility with gmime 2.6 Thomas Jost
2012-01-17 0:43 ` Tim Stoakes
2012-01-17 1:08 ` Kazuo Teramoto
2012-01-17 3:47 ` Austin Clements
2012-01-17 10:48 ` Adrian Perez
2012-01-17 10:48 ` Thomas Jost
2012-01-17 10:50 ` [PATCH v2 1/2] show: don't use hex literals in JSON output Thomas Jost
2012-01-17 10:50 ` [PATCH v2 2/2] Add pseudo-compatibility with gmime 2.6 Thomas Jost
2012-01-17 12:48 ` Tomi Ollila
2012-01-17 13:23 ` Thomas Jost
2012-01-17 22:25 ` Austin Clements
2012-01-18 8:15 ` Tomi Ollila
2012-01-18 17:35 ` Austin Clements
2012-01-19 23:33 ` Thomas Jost
2012-01-19 23:32 ` Thomas Jost
2012-01-20 0:06 ` [PATCH v3 0/2] gmime 2.6 compatibilty, 3rd iteration Thomas Jost
2012-01-20 0:06 ` [PATCH v3 1/2] show: don't use hex literals in JSON output Thomas Jost
2012-01-20 0:06 ` [PATCH v3 2/2] Add compatibility with gmime 2.6 Thomas Jost
2012-01-20 4:10 ` Austin Clements
2012-01-20 9:37 ` Thomas Jost
2012-01-20 9:39 ` [PATCH v4 1/3] show: don't use hex literals in JSON output Thomas Jost
2012-01-20 9:39 ` [PATCH v4 2/3] Add compatibility with gmime 2.6 Thomas Jost
2012-01-20 16:33 ` Austin Clements
2012-01-20 22:45 ` Tomi Ollila
2012-01-21 13:10 ` David Bremner
2012-01-20 9:39 ` [PATCH v4 3/3] Update NEWS and INSTALL about " Thomas Jost
2012-01-20 16:39 ` Austin Clements
2012-01-22 0:29 ` [PATCH] Fix NEWS " Thomas Jost
2012-01-22 12:55 ` David Bremner
2012-01-21 13:11 ` [PATCH v4 3/3] Update NEWS and INSTALL " David Bremner
2012-01-20 11:55 ` [PATCH v4 1/3] show: don't use hex literals in JSON output David Bremner
2012-01-20 12:33 ` Thomas Jost
2012-01-20 13:20 ` David Bremner
2012-01-22 0:20 ` [PATCH] " Thomas Jost
2012-01-22 12:56 ` David Bremner
2012-01-18 17:19 ` [PATCH v2 2/2] Add pseudo-compatibility with gmime 2.6 Tom Prince
2012-01-18 18:00 ` Tomi Ollila
2012-01-19 23:47 ` Thomas Jost
2012-01-17 20:38 ` [PATCH] " Austin Clements
2012-01-19 23:52 ` Thomas Jost
2012-01-20 13:32 ` Tomi Ollila
2012-01-17 10:19 ` Adrian Perez
Code repositories for project(s) associated with this public inbox
https://yhetil.org/notmuch.git/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).