Re: cope with inline PGP encrypted messages

[Daniel Kahn Gillmor]

On Tue 2017-12-12 01:15:48 -0500, Daniel Kahn Gillmor wrote:
> Inline PGP encrypted messages are clearly worse than PGP/MIME
> structured encrypted messages.  There are no standards for how they
> are formed, and they don't offer any structured metadata about how to
> interpret the bytestream produced by decrypting them.
>
> However, some other MUAs and end-user workflows may make creation of
> inline PGP encrypted messages the only available option for message
> encryption, and when Notmuch encounters such a message, it should make
> a reasonable best-effort to render the cleartext to the user.

Jamie Rollins points out that I need to think more about some of the
security implications of this patch series, so i'd prefer to withdraw it
from consideration for notmuch at the moment.  i'd say it's a WIP but
really not ready for general consumption.  Not sure how to best
represent that in nmbug -- but for now i've removed
notmuch::needs-review and added notmuch::wip.  bremner, let me know if
you think i should have done something different.

I do think that we need to come up with *some* way of letting people
read messages with inline PGP encrypted chunks in them safely.
Otherwise, notmuch users will resort to dirty tricks (because they want
to read the mail), and those dirty tricks will possibly be worse than
anything we come up with.

But higher-priority issues are drawing my attention right now, and i
don't want this series to distract from them.

  --dkg
___
notmuch mailing list
notmuch@notmuchmail.org
https://notmuchmail.org/mailman/listinfo/notmuch

Re: [PATCH v2 4/5] cli/show: reindex when we learned new session keys about a message

[Daniel Kahn Gillmor]

On Tue 2018-05-01 22:36:31 -0300, David Bremner wrote:
> Daniel Kahn Gillmor  writes:
>
>> +
>> +if (params->crypto.decrypt == NOTMUCH_DECRYPT_TRUE && 
>> session_key_count_error == NOTMUCH_STATUS_SUCCESS) {
>> +unsigned int new_session_keys = 0;
>> +if (notmuch_message_count_properties (message, "session-key", 
>> _session_keys) == NOTMUCH_STATUS_SUCCESS &&
>> +new_session_keys > session_keys) {
>> +/* try a quiet re-indexing */
>> +notmuch_indexopts_t *indexopts = 
>> notmuch_database_get_default_indexopts (notmuch_message_get_database 
>> (message));
>> +if (indexopts) {
>> +notmuch_indexopts_set_decrypt_policy (indexopts, 
>> NOTMUCH_DECRYPT_AUTO);
>> +status = notmuch_message_reindex (message, indexopts);
>> +if (status)
>> +fprintf (stderr, "Error re-indexing message with 
>> --decrypt=stash. (%d) %s\n", status, notmuch_status_to_string (status));
>> +}
>> +}
>> +}
>
> I'm wondering about the lack of #if HAVE_GMIME_SESSION_KEYS here.  Are
> you relying here on the number of session keys not increasing when
> running a binary without session key support? Is there some advantage to
> doing it this way? It seems a bit harder to reason about.

yes, i'm relying on the number of session keys not increasing if we
don't know how to extract the session keys.  I suppose i could also
imagine some other way that session keys get supplied during a "show",
but then i guess that'd make the reindex moot, which would be a Bad
Thing.

I avoided #if'ing out these sections because i thought the general
strategy was to avoid preprocessor shenanigans where possible, as it
makes the code harder to think about given the combinatorial explosion
of #define options.  But I don't mind wrapping the hunks of this patch
in an #if if the consensus is that this approach is preferable.

   --dkg
___
notmuch mailing list
notmuch@notmuchmail.org
https://notmuchmail.org/mailman/listinfo/notmuch

Re: emacs: Split wide window vertically for tree mode message pane

[David Bremner]

Prof Jayanth R Varma  writes:

> This patch modifies the function notmuch-tree-show-message-in in 
> notmuch-tree.el to split the window vertically while creating a 
> message pane in tree-mode if the window is wider than 160 (so that 
> after splitting, the message pane can show the standard 76 
> character plain text email lines without wrapping).

First, I'm sorry to take so long to review this.  A few comments.

1) I'm reluctant to add new features to notmuch without corresponding
   tests. Currently all of our emacs tests use a standard terminal width
   (I think 80). Perhaps Tomi knows how hard it would be to override for
   a single test.

2) I noticed that the horizontal splitting leads to truncation of tag
   display. So I think not everyone will want this (it would be pretty
   frustrating to widen the emacs frame to see a full tag list, just to
   have it truncated). One option would be to control the splitting by a
   variable specifying the minimum width at which to switch to horizonal
   splitting.

3) The commit message / NEWS talks about splitting the window
   vertically, but that seems contrary to the emacs terminology (as
   evinced by the source code in the patch)


___
notmuch mailing list
notmuch@notmuchmail.org
https://notmuchmail.org/mailman/listinfo/notmuch

[PATCH] WIP: overload 'is:' prefix to support matching all, and roots

[David Bremner]

- "*" is problematic because it is not composable. is:* works as part
  of any valid query

- is:root matches messages w/o replyto terms in the database. Except
  for the case of reference loops, these correspond to roots of
  threads.
---

this is a quick prototype. It's not clear the constructor really needs
the query parser and the database, currently they are unused.

I'm not sure how people feel about overloading is. Personally I never
use it, so the threat of collisions is small. We could also choose a
different prefix.

Also this version doesn't deal with regular expressions for is://, but
it could. I'd have to think about how to limit code duplication.

 lib/Makefile.local |  3 ++-
 lib/database.cc|  3 +++
 lib/is-fp.cc   | 50 ++
 lib/is-fp.h| 42 ++
 4 files changed, 97 insertions(+), 1 deletion(-)
 create mode 100644 lib/is-fp.cc
 create mode 100644 lib/is-fp.h

diff --git a/lib/Makefile.local b/lib/Makefile.local
index 5dc057c0..e2b60ee0 100644
--- a/lib/Makefile.local
+++ b/lib/Makefile.local
@@ -59,7 +59,8 @@ libnotmuch_cxx_srcs = \
$(dir)/config.cc\
$(dir)/regexp-fields.cc \
$(dir)/thread.cc \
-   $(dir)/thread-fp.cc
+   $(dir)/thread-fp.cc \
+   $(dir)/is-fp.cc
 
 libnotmuch_modules := $(libnotmuch_c_srcs:.c=.o) $(libnotmuch_cxx_srcs:.cc=.o)
 
diff --git a/lib/database.cc b/lib/database.cc
index 9cf8062c..4c3ca281 100644
--- a/lib/database.cc
+++ b/lib/database.cc
@@ -22,6 +22,7 @@
 #include "parse-time-vrp.h"
 #include "query-fp.h"
 #include "thread-fp.h"
+#include "is-fp.h"
 #include "regexp-fields.h"
 #include "string-util.h"
 
@@ -321,6 +322,8 @@ _setup_query_field (const prefix_t *prefix, 
notmuch_database_t *notmuch)
fp = (new QueryFieldProcessor (*notmuch->query_parser, 
notmuch))->release ();
else if (STRNCMP_LITERAL(prefix->name, "thread") == 0)
fp = (new ThreadFieldProcessor (*notmuch->query_parser, 
notmuch))->release ();
+   else if (STRNCMP_LITERAL(prefix->name, "is") == 0)
+   fp = (new IsFieldProcessor (*notmuch->query_parser, 
notmuch))->release ();
else
fp = (new RegexpFieldProcessor (prefix->name, prefix->flags,
*notmuch->query_parser, 
notmuch))->release ();
diff --git a/lib/is-fp.cc b/lib/is-fp.cc
new file mode 100644
index ..23c62c9b
--- /dev/null
+++ b/lib/is-fp.cc
@@ -0,0 +1,50 @@
+/* is-fp.cc - "is:" field processor glue
+ *
+ * This file is part of notmuch.
+ *
+ * Copyright © 2018 David Bremner
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see https://www.gnu.org/licenses/ .
+ *
+ * Author: David Bremner 
+ */
+
+#include "database-private.h"
+#include "is-fp.h"
+#include 
+
+#if HAVE_XAPIAN_FIELD_PROCESSOR
+
+Xapian::Query
+IsFieldProcessor::operator() (const std::string & str)
+{
+if (str == "root") {
+   const char *reply_to_prefix = _find_prefix("replyto");
+   return Xapian::Query (Xapian::Query::OP_AND_NOT,
+ Xapian::Query::MatchAll,
+ Xapian::Query(Xapian::Query::OP_WILDCARD,
+   reply_to_prefix,
+   1,
+   
Xapian::Query::WILDCARD_LIMIT_FIRST));
+} else if (str == "*") {
+   return Xapian::Query::MatchAll;
+} else {
+   /* fall back on tag */
+   const char *is_prefix = _find_prefix ("is");
+   std::string term = is_prefix + str;
+   return Xapian::Query (term);
+}
+
+}
+#endif
diff --git a/lib/is-fp.h b/lib/is-fp.h
new file mode 100644
index ..635e2931
--- /dev/null
+++ b/lib/is-fp.h
@@ -0,0 +1,42 @@
+/* is-fp.h - thread field processor glue
+ *
+ * This file is part of notmuch.
+ *
+ * Copyright © 2018 David Bremner
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU 

Re: [PATCH] doc: fix notmuch-search example

[David Bremner]

David Bremner  writes:

> For some reason the searched tag did not match the displayed results.

pushed,

d
___
notmuch mailing list
notmuch@notmuchmail.org
https://notmuchmail.org/mailman/listinfo/notmuch

[PATCH] build: Allow user to specify ruby executable

[Thomas Schneider]

This way, one can build for a different Ruby than $PATH/ruby
(e. g. different versions, or Ruby in other paths).

Signed-off-by: Thomas Schneider 
---
 bindings/Makefile.local |  2 +-
 configure   | 11 ++-
 test/test-lib.sh|  2 +-
 3 files changed, 12 insertions(+), 3 deletions(-)

diff --git a/bindings/Makefile.local b/bindings/Makefile.local
index 17b561ca..2ba2775c 100644
--- a/bindings/Makefile.local
+++ b/bindings/Makefile.local
@@ -9,7 +9,7 @@ ifeq ($(HAVE_RUBY_DEV),1)
EXTRA_LDFLAGS="$(NO_UNDEFINED_LDFLAGS)" \
LIBNOTMUCH="../../lib/$(LINKER_NAME)" \
NOTMUCH_SRCDIR='$(NOTMUCH_SRCDIR)' \
-   ruby extconf.rb --vendor
+   $(RUBY) extconf.rb --vendor
$(MAKE) -C $(dir)/ruby
 endif
 
diff --git a/configure b/configure
index b177b141..392213b6 100755
--- a/configure
+++ b/configure
@@ -62,6 +62,7 @@ CXXFLAGS=${CXXFLAGS:-\$(CFLAGS)}
 LDFLAGS=${LDFLAGS:-}
 XAPIAN_CONFIG=${XAPIAN_CONFIG:-}
 PYTHON=${PYTHON:-}
+RUBY=${RUBY:-ruby}
 
 # We don't allow the EMACS or GZIP Makefile variables inherit values
 # from the environment as we do with CC and CXX above. The reason is
@@ -118,6 +119,8 @@ Other environment variables can be used to control 
configure itself,
library. [$XAPIAN_CONFIG]
PYTHON  Name of python command to use in
configure and the test suite.
+   RUBYName of ruby command to use in
+   configure and the test suite.
 
 Additionally, various options can be specified on the configure
 command line.
@@ -621,7 +624,7 @@ fi
 have_ruby_dev=0
 if [ $WITH_RUBY = "1" ] ; then
 printf "Checking for ruby development files... "
-if ruby -e "require 'mkmf'"> /dev/null 2>&1; then
+if ${RUBY} -e "require 'mkmf'"> /dev/null 2>&1; then
printf "Yes.\n"
have_ruby_dev=1
 else
@@ -1027,6 +1030,9 @@ WARN_CFLAGS=${WARN_CFLAGS}
 # Name of python interpreter
 PYTHON = ${python}
 
+# Name of ruby interpreter
+RUBY = ${RUBY}
+
 # The prefix to which notmuch should be installed
 # Note: If you change this value here, be sure to ensure that the
 # LIBDIR_IN_LDCONFIG value below is still set correctly.
@@ -1234,6 +1240,9 @@ NOTMUCH_HAVE_MAN=$((have_sphinx))
 # Name of python interpreter
 NOTMUCH_PYTHON=${python}
 
+# Name of ruby interpreter
+NOTMUCH_RUBY=${RUBY}
+
 # Are the ruby development files (and ruby) available? If not skip
 # building/testing ruby bindings.
 NOTMUCH_HAVE_RUBY_DEV=${have_ruby_dev}
diff --git a/test/test-lib.sh b/test/test-lib.sh
index 5b212514..7e064021 100644
--- a/test/test-lib.sh
+++ b/test/test-lib.sh
@@ -1003,7 +1003,7 @@ test_python() {
 }
 
 test_ruby() {
-MAIL_DIR=$MAIL_DIR ruby -I $NOTMUCH_SRCDIR/bindings/ruby> OUTPUT
+MAIL_DIR=$MAIL_DIR $NOTMUCH_RUBY -I $NOTMUCH_SRCDIR/bindings/ruby> OUTPUT
 }
 
 test_C () {
-- 
2.17.0

___
notmuch mailing list
notmuch@notmuchmail.org
https://notmuchmail.org/mailman/listinfo/notmuch