From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp2 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id 6AoMJBQgx17lYAAA0tVLHw (envelope-from ) for ; Fri, 22 May 2020 00:43:00 +0000 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp2 with LMTPS id LvzyHxQgx17VTwAAB5/wlQ (envelope-from ) for ; Fri, 22 May 2020 00:43:00 +0000 Received: from arlo.cworth.org (arlo.cworth.org [50.126.95.6]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id F052F9400C3 for ; Fri, 22 May 2020 00:42:58 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by arlo.cworth.org (Postfix) with ESMTP id 6B0A16DE1372; Thu, 21 May 2020 17:42:53 -0700 (PDT) X-Virus-Scanned: Debian amavisd-new at cworth.org Received: from arlo.cworth.org ([127.0.0.1]) by localhost (arlo.cworth.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rhOpOpS-SYix; Thu, 21 May 2020 17:42:52 -0700 (PDT) Received: from arlo.cworth.org (localhost [IPv6:::1]) by arlo.cworth.org (Postfix) with ESMTP id 8CB1C6DE104A; Thu, 21 May 2020 17:42:51 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by arlo.cworth.org (Postfix) with ESMTP id A742D6DE1055 for ; Thu, 21 May 2020 17:42:49 -0700 (PDT) X-Virus-Scanned: Debian amavisd-new at cworth.org Received: from arlo.cworth.org ([127.0.0.1]) by localhost (arlo.cworth.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YdHDdBPe13gq for ; Thu, 21 May 2020 17:42:47 -0700 (PDT) Received: from che.mayfirst.org (unknown [162.247.75.117]) by arlo.cworth.org (Postfix) with ESMTPS id DA6DE6DE104A for ; Thu, 21 May 2020 17:42:46 -0700 (PDT) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019; t=1590108164; h=from : to : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=D7tq7gPYWR5OAe9+8XXDB7CXrKEEHGhUJ1AnAvO9ePc=; b=a+qoyxAb6fDzpPibMZOaFStizefJVK+XGKqE53qLP0iSkeHLoUZQigtbjvGHXtx7OoAEl YGClZfN9TDt3ZoJAA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019rsa; t=1590108164; h=from : to : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=D7tq7gPYWR5OAe9+8XXDB7CXrKEEHGhUJ1AnAvO9ePc=; b=EgYjt4yzXjMamUFXnf1/vqpz5f79zFmGvzM5RDb4vABwJgfVOhUG3NNIIJ5Gmo0kj9BwQ WsJkiNt6LMsMizszS8jQya9Z/vkMWml80YY6EkaQA2BXdWVXhotQBYF7gGULpwT+KWuJrRl b9wU/DKVzquaYfc29sXEvxBKYJGCro2cueYRKo1Bkw03T/4/RlsD/6nbgCFYGbPNaV4w8Sz CG1zfUNFUw5bGPkAsFzagJyapoUm5+rD9+aU1xzjRpPMNV1C+sJeVKcSZZamxvI1KrRMEE8 7tzE23S/8+9hiJvyF8EdaNt9B/yODceT5nZxLazU7O+DcDNW/tQyzUnP3D7A== Received: from fifthhorseman.net (unknown [IPv6:2001:470:1f07:60d:f2de:f1ff:fec3:d109]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by che.mayfirst.org (Postfix) with ESMTPSA id 81201F9A6; Thu, 21 May 2020 20:42:44 -0400 (EDT) Received: by fifthhorseman.net (Postfix, from userid 1000) id 95570202CB; Thu, 21 May 2020 20:41:14 -0400 (EDT) From: Daniel Kahn Gillmor To: David Bremner , Notmuch Mail Subject: Re: [PATCH 2/2 v2] smime: tests of X.509 certificate validity are known-broken on GMime < 3.2.7 In-Reply-To: <875zcovpdq.fsf@tethera.net> References: <20200506235438.100518-2-dkg@fifthhorseman.net> <20200512222010.371054-1-dkg@fifthhorseman.net> <875zcovpdq.fsf@tethera.net> Autocrypt: addr=dkg@fifthhorseman.net; prefer-encrypt=mutual; keydata= mDMEXEK/AhYJKwYBBAHaRw8BAQdAr/gSROcn+6m8ijTN0DV9AahoHGafy52RRkhCZVwxhEe0K0Rh bmllbCBLYWhuIEdpbGxtb3IgPGRrZ0BmaWZ0aGhvcnNlbWFuLm5ldD6ImQQTFggAQQIbAQULCQgH AgYVCgkICwIEFgIDAQIeAQIXgAIZARYhBMS8Lds4zOlkhevpwvIGkReQOOXGBQJd5Hw3BQkFpJWB AAoJEPIGkReQOOXGDYEA/j0ERjPxDleKMZ2LDcWc/3o5cLFwAVzBKQHppu0Be5IWAP0aeTnyEqlp RTE7M8zugwkhYeUYfYu0BjecDUMnYz6iDLgzBF3kewUWCSsGAQQB2kcPAQEHQK1IuW0GZmcrs2mx CYMl8IHse0tMF8cP7eBNXevrlx2ZiPUEGBYIACYCGwIWIQTEvC3bOMzpZIXr6cLyBpEXkDjlxgUC XeR7TwUJAiGl/gCBdiAEGRYIAB0WIQQsv6x2UaqQJzY+dXHEDyVUMvKBDwUCXeR7BQAKCRDEDyVU MvKBD7KmAQCHs+7588C4jto6fMje0Nu97zzoppjJM7lrGF2rVnbHvwD+MgmGUbHzPSUrTWnZBQDi /QM595bxNrBA4N1CiXhs2AMJEPIGkReQOOXGpp0BAM7YeBnt/UNvxJAGm4DidSfHU7RDMWe6Tgux HrH21cDkAQC9leNFXJsQ7F2ZniRPHa8CkictcQEKPL8VCWpfe8LbArg4BF3ke5wSCisGAQQBl1UB BQEBB0Cf+EiAXtntQMf51xpqb6uZ5O0eCLAZtkg0SXHjA1JlEwMBCAeIfgQYFggAJhYhBMS8Lds4 zOlkhevpwvIGkReQOOXGBQJd5HucAhsMBQkCIaVkAAoJEPIGkReQOOXGdYcBANYnW7VyL2CncKH1 iO4Zr0IwfdIv6rai1PUHL98pVi3cAP9tMh85CKGDa0Xi/fptQH41meollLW5tLb/bEWMuUNuBQ== Date: Thu, 21 May 2020 20:41:13 -0400 Message-ID: <87tv08iyxi.fsf@fifthhorseman.net> MIME-Version: 1.0 X-BeenThere: notmuch@notmuchmail.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Use and development of the notmuch mail system." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============0670732421930611011==" Errors-To: notmuch-bounces@notmuchmail.org Sender: "notmuch" X-Scanner: scn0 Authentication-Results: aspmx1.migadu.com; dkim=fail (body hash did not verify) header.d=fifthhorseman.net header.s=2019 header.b=a+qoyxAb; dkim=fail (body hash did not verify) header.d=fifthhorseman.net header.s=2019rsa header.b=EgYjt4yz; dmarc=fail reason="SPF not aligned (relaxed)" header.from=fifthhorseman.net (policy=none); spf=pass (aspmx1.migadu.com: domain of notmuch-bounces@notmuchmail.org designates 50.126.95.6 as permitted sender) smtp.mailfrom=notmuch-bounces@notmuchmail.org X-Spam-Score: -2.01 X-TUID: HA6esv1XRv9t --===============0670732421930611011== Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha256; protocol="application/pgp-signature" --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Thanks for the review, and for the poke about out-of-tree builds on IRC, Bremner. Another revision is coming in a minute. Notes below=E2=80=A6 On Thu 2020-05-21 20:29:05 -0300, David Bremner wrote: > I find these long lines with !! in the middle pretty surprising. Is > there some reason for this style? It doesn't seem to fit with the usual > conventions. Hm, do we even have conventions for inlined C in ./configure? If you'd rather i expand these to something more verbose, i can do so, but i was under the impression that we wanted to keep these C interstitials fairly compact so that ./configure is still (somewhat) readable as a shell script. The "return !! fprintf=E2=80=A6" idiom is a compact way to get a non-zero process error code and an error message to stderr without introducing a code block. The only way for fprintf to return 0 (which would result in the process returning 0) is if 0 bytes are written and no error occurred, which isn't possible with any of the format strings supplied here. Another approach would be to pull the C entirely out of ./configure, but that could have a problem when dealing with out-of-tree builds. (i just noticed a problem for this test with out-of-tree builds, which i'll revise in a minute) > This line in particular has a tab in the middle. i dunno how that got there, i'll have it fixed in the upcoming revision. >> + elif ${CC} ${CFLAGS} ${gmime_cflags} _check_x509_validity.c ${gmime= _ldflags} -o _check_x509_validity \ > > The other test files are cleaned up in configure (source and binary) > once we are done with them. good point, i'll ensure that they get cleaned up alongside _check_session_keys* in the upcoming revision. > As far as I could follow, the changes to the tests themselves look > reasonable. thanks for the thoughtful review! --dkg --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iHUEARYIAB0WIQQsv6x2UaqQJzY+dXHEDyVUMvKBDwUCXscfqgAKCRDEDyVUMvKB D7HRAQCU8cvqQyXdQzBacnH3Wpj1CYbR5WclOgrh5FXioLlkswD/az7XFJBbXzPV jjjahEWKbuB2MDKrPoHVe4UIfnY7bQ4= =T1H1 -----END PGP SIGNATURE----- --=-=-=-- --===============0670732421930611011== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline --===============0670732421930611011==--