/* notmuch - Not much of an email program, (just index and search) * * Copyright © 2012 Jameson Rollins * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see http://www.gnu.org/licenses/ . * * Authors: Jameson Rollins */ #include "notmuch-client.h" #ifdef GMIME_ATLEAST_26 #define NOTMUCH_PASSWORD_DATA_KEY "notmuch-password-data" typedef struct { int status_fd; GIOChannel *command_channel; } notmuch_password_data_t; static void free_password_data_cb (void *data_ptr) { notmuch_password_data_t *data = data_ptr; g_io_channel_unref (data->command_channel); free (data); } static void escape_string (GString *buf, const char *str) { const char *p; g_string_append_c (buf, '"'); for (p = str; *p; p++) switch (*p) { case '\n': g_string_append (buf, "\\n"); break; case '\t': g_string_append (buf, "\\t"); break; case '\r': g_string_append (buf, "\\t"); break; case '"': g_string_append (buf, "\\\""); break; default: if (*p < 32) g_string_append_printf (buf, "\\0%o", *p); else g_string_append_c (buf, *p); break; } g_string_append_c (buf, '"'); } static gboolean write_all (const char *buf, size_t length, int fd) { ssize_t wrote; while (length > 0) { wrote = write (fd, buf, length); if (wrote == -1) return FALSE; buf += wrote; length -= wrote; } return TRUE; } static gboolean password_request_cb (GMimeCryptoContext *ctx, const char *user_id, const char *prompt_ctx, gboolean reprompt, GMimeStream *response, GError **err) { notmuch_password_data_t *data; GString *buf; gboolean write_result; char *line = NULL; gsize line_length; ssize_t wrote; data = g_object_get_data (G_OBJECT (ctx), NOTMUCH_PASSWORD_DATA_KEY); buf = g_string_new ("[NOTMUCH:] GET_HIDDEN "); escape_string (buf, user_id); g_string_append_c (buf, ' '); escape_string (buf, prompt_ctx); g_string_append_c (buf, ' '); g_string_append_c (buf, (!!reprompt) + '0'); g_string_append_c (buf, '\n'); write_result = write_all (buf->str, buf->len, data->status_fd); g_string_free (buf, TRUE); if (!write_result) { g_set_error_literal (err, G_FILE_ERROR, g_file_error_from_errno (errno), strerror (errno)); return FALSE; } if (!g_io_channel_read_line (data->command_channel, &line, &line_length, NULL, /* terminator_pos */ err)) return FALSE; wrote = g_mime_stream_write (response, line, line_length); /* TODO: is there a more reliable way to clear the memory * containing a password? */ memset (line, 0, line_length); g_free (line); if (wrote < (ssize_t) line_length) { g_set_error_literal (err, G_FILE_ERROR, G_FILE_ERROR_FAILED, "Failed to write password response"); return FALSE; } return TRUE; } /* Create a GPG context (GMime 2.6) */ static notmuch_bool_t create_gpg_context (notmuch_crypto_t *crypto) { notmuch_crypto_context_t *gpgctx; GMimePasswordRequestFunc password_func; notmuch_password_data_t *password_data; /* If the --status-fd and --command-fd options were specified then * we can handle password requests by forwarding them on to the * application that invoked notmuch */ if (crypto->status_fd != -1 && crypto->command_fd != -1) { password_func = password_request_cb; password_data = malloc (sizeof (*password_data)); if (password_data == NULL) return FALSE; password_data->status_fd = crypto->status_fd; password_data->command_channel = g_io_channel_unix_new (crypto->command_fd); } else { password_func = NULL; password_data = NULL; } gpgctx = g_mime_gpg_context_new (password_func, "gpg"); if (! gpgctx) return FALSE; /* The password callback for GMime doesn't seem to provide any * user data pointer so we'll work around it by attaching the data * to the gpg context, which it does pass */ if (password_data) { g_object_set_data_full (G_OBJECT (gpgctx), NOTMUCH_PASSWORD_DATA_KEY, password_data, free_password_data_cb); } g_mime_gpg_context_set_use_agent ((GMimeGpgContext *) gpgctx, TRUE); g_mime_gpg_context_set_always_trust ((GMimeGpgContext *) gpgctx, FALSE); crypto->gpgctx = gpgctx; return TRUE; } #else /* GMIME_ATLEAST_26 */ /* Create a GPG context (GMime 2.4) */ static notmuch_bool_t create_gpg_context (notmuch_crypto_t *crypto) { GMimeSession *session; notmuch_crypto_context_t *gpgctx; session = g_object_new (g_mime_session_get_type (), NULL); gpgctx = g_mime_gpg_context_new (session, "gpg"); g_object_unref (session); if (! gpgctx) return FALSE; g_mime_gpg_context_set_always_trust ((GMimeGpgContext *) gpgctx, FALSE); crypto->gpgctx = gpgctx; return TRUE; } #endif /* GMIME_ATLEAST_26 */ /* for the specified protocol return the context pointer (initializing * if needed) */ notmuch_crypto_context_t * notmuch_crypto_get_context (notmuch_crypto_t *crypto, const char *protocol) { notmuch_crypto_context_t *cryptoctx = NULL; /* As per RFC 1847 section 2.1: "the [protocol] value token is * comprised of the type and sub-type tokens of the Content-Type". * As per RFC 1521 section 2: "Content-Type values, subtypes, and * parameter names as defined in this document are * case-insensitive." Thus, we use strcasecmp for the protocol. */ if (strcasecmp (protocol, "application/pgp-signature") == 0 || strcasecmp (protocol, "application/pgp-encrypted") == 0) { if (! crypto->gpgctx) { create_gpg_context (crypto); if (! crypto->gpgctx) fprintf (stderr, "Failed to construct gpg context.\n"); } cryptoctx = crypto->gpgctx; } else { fprintf (stderr, "Unknown or unsupported cryptographic protocol.\n"); } return cryptoctx; } int notmuch_crypto_cleanup (notmuch_crypto_t *crypto) { if (crypto->gpgctx) { g_object_unref (crypto->gpgctx); crypto->gpgctx = NULL; } return 0; }