[PATCH 1/2] mime-node: rename decrypted_child to unwrapped_child

2020-03-18 Thread Daniel Kahn Gillmor 
When walking the MIME tree, we might need to extract a new MIME
object.  Thus far, we've only done it when decrypting
multipart/encrypted messages, but PKCS#7 (RFC 8551, S/MIME) has
several other transformations that warrant a comparable form of
unwrapping.

Make this member re-usable for PKCS#7 unwrappings as well as
multipart/encrypted decryptions.

This change is just a naming change, it has no effect on function.

Signed-off-by: Daniel Kahn Gillmor 
---
 mime-node.c  | 10 +-
 notmuch-client.h |  6 --
 2 files changed, 9 insertions(+), 7 deletions(-)

diff --git a/mime-node.c b/mime-node.c
index e531078c..2a823dfd 100644
--- a/mime-node.c
+++ b/mime-node.c
@@ -227,19 +227,19 @@ node_decrypt_and_verify (mime_node_t *node, GMimeObject 
*part)
 GMimeMultipartEncrypted *encrypteddata = GMIME_MULTIPART_ENCRYPTED (part);
 notmuch_message_t *message = NULL;
 
-if (! node->decrypted_child) {
+if (! node->unwrapped_child) {
for (mime_node_t *parent = node; parent; parent = parent->parent)
if (parent->envelope_file) {
message = parent->envelope_file;
break;
}
 
-   node->decrypted_child = _notmuch_crypto_decrypt 
(>decrypt_attempted,
+   node->unwrapped_child = _notmuch_crypto_decrypt 
(>decrypt_attempted,
 
node->ctx->crypto->decrypt,
 message,
 encrypteddata, 
_result, );
 }
-if (! node->decrypted_child) {
+if (! node->unwrapped_child) {
fprintf (stderr, "Failed to decrypt part: %s\n",
 err ? err->message : "no error explanation given");
goto DONE;
@@ -380,8 +380,8 @@ mime_node_child (mime_node_t *parent, int child)
return NULL;
 
 if (GMIME_IS_MULTIPART (parent->part)) {
-   if (child == GMIME_MULTIPART_ENCRYPTED_CONTENT && 
parent->decrypted_child)
-   sub = parent->decrypted_child;
+   if (child == GMIME_MULTIPART_ENCRYPTED_CONTENT && 
parent->unwrapped_child)
+   sub = parent->unwrapped_child;
else
sub = g_mime_multipart_get_part (
GMIME_MULTIPART (parent->part), child);
diff --git a/notmuch-client.h b/notmuch-client.h
index 74690054..89e15ba6 100644
--- a/notmuch-client.h
+++ b/notmuch-client.h
@@ -395,8 +395,10 @@ struct mime_node {
 struct mime_node_context *ctx;
 
 /* Internal: For successfully decrypted multipart parts, the
- * decrypted part to substitute for the second child. */
-GMimeObject *decrypted_child;
+ * decrypted part to substitute for the second child; or, for
+ * PKCS#7 parts, the part returned after removing/processing the
+ * PKCS#7 transformation */
+GMimeObject *unwrapped_child;
 
 /* Internal: The next child for depth-first traversal and the part
  * number to assign it (or -1 if unknown). */
-- 
2.25.1

___
notmuch mailing list
notmuch@notmuchmail.org
https://notmuchmail.org/mailman/listinfo/notmuch

[PATCH 2/2] mime-node: Clean up unwrapped MIME parts correctly.

2020-03-18 Thread Daniel Kahn Gillmor 
Avoid a memory leak in the notmuch command line.

gmime_multipart_encrypted_decrypt returns a GMimeObject marked by
GMime as "transfer full", so we are supposed to clean up after it.

When parsing a message, notmuch would leak one GMimeObject part per
multipart/encrypted MIME layer.  We clean it up by analogy with
cleaning up the signature list associated with a MIME node.

Signed-off-by: Daniel Kahn Gillmor 
---
 mime-node.c | 22 ++
 1 file changed, 22 insertions(+)

diff --git a/mime-node.c b/mime-node.c
index 2a823dfd..ff6805bf 100644
--- a/mime-node.c
+++ b/mime-node.c
@@ -192,6 +192,26 @@ set_signature_list_destructor (mime_node_t *node)
 }
 }
 
+/* Unwrapped MIME part destructor */
+static int
+_unwrapped_child_free (GMimeObject **proxy)
+{
+g_object_unref (*proxy);
+return 0;
+}
+
+/* Set up unwrapped MIME part destructor */
+static void
+set_unwrapped_child_destructor (mime_node_t *node)
+{
+GMimeObject **proxy = talloc (node, GMimeObject *);
+
+if (proxy) {
+   *proxy = node->unwrapped_child;
+   talloc_set_destructor (proxy, _unwrapped_child_free);
+}
+}
+
 /* Verify a signed mime node */
 static void
 node_verify (mime_node_t *node, GMimeObject *part)
@@ -238,6 +258,8 @@ node_decrypt_and_verify (mime_node_t *node, GMimeObject 
*part)
 
node->ctx->crypto->decrypt,
 message,
 encrypteddata, 
_result, );
+   if (node->unwrapped_child)
+   set_unwrapped_child_destructor (node);
 }
 if (! node->unwrapped_child) {
fprintf (stderr, "Failed to decrypt part: %s\n",
-- 
2.25.1

___
notmuch mailing list
notmuch@notmuchmail.org
https://notmuchmail.org/mailman/listinfo/notmuch

Minor cleanup to mime-node.c

2020-03-18 Thread Daniel Kahn Gillmor 
This simple 2-patch series is a bit of cleanup that i noticed while
completing the work on handling S/MIME messages.

It's not strictly part of the S/MIME series, so breaking out this
minor cleanup separately should make it easier to review.

Regards,

--dkg


___
notmuch mailing list
notmuch@notmuchmail.org
https://notmuchmail.org/mailman/listinfo/notmuch

Weird tagging issue

2020-03-18 Thread Brian May 
Hello,

I am having a problem with certain messages, in that I remove the tag
and it still shows up in search results.

e.g.

$ notmuch search tag:important
[...]
thread:aaff 40 mins. ago [37/38(43)] Lucas Liendo, Ricardo Perez; 
[Bitbucket] Pull request #88: Add webdriver support (wspdigital/bupaoshc) 
(important inbox unread)
[...]

but if I view the thread:

$ notmuch show thread:aaff

I see one message, it has no tags, and it is not the message referenced
in the search results (i.e. it was sent hours ago, not 40 minutes).

It only happens with this thread. Sometimes if I play around enough I
can fix it, but the fix doesn't last. I get similar problems for other
tags, such as inbox and important also. I suspect the root problem is it
isn't showing the entire thread.

I have tried:

$ notmuch reindex thread:aaff
$ notmuch reindex 'Pull request #88: Add webdriver support' 

But it doesn't help.

The emacs reader is getting rather confused as a result. It says the
message has the tags when it doesn't and won't let me see the entire
thread.

Is this a sign my tag database is corrupt? If so how do I fix? Or maybe
there is some problem with the message - it looks OK to me. Was
generated from bitbucket.

It is not 100% important that I preserve my existing tags, but would
like to know what is going on.

This is notmuch version 0.28.4-1 from Debian buster using Maildir.

Thanks
-- 
Brian May 
https://linuxpenguins.xyz/brian/
___
notmuch mailing list
notmuch@notmuchmail.org
https://notmuchmail.org/mailman/listinfo/notmuch

Re: [PATCH] mime-node: Pass the correct flags to g_mime_multipart_signed_verify

2020-03-18 Thread Tomi Ollila 
On Wed, Mar 18 2020, Daniel Kahn Gillmor wrote:

> GMIME_ENCRYPT_NONE and GMIME_VERIFY_NONE have the same value, but they
> are different enumerated types.  So in C, this is a cosmetic change,
> but it is technically correct if we only had stricter typing.

Change consistent with '@@ node_verify', LGTM.

Tomi

>
> Signed-off-by: Daniel Kahn Gillmor 
> ---
>  mime-node.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/mime-node.c b/mime-node.c
> index d4996a33..e531078c 100644
> --- a/mime-node.c
> +++ b/mime-node.c
> @@ -201,7 +201,7 @@ node_verify (mime_node_t *node, GMimeObject *part)
>  
>  node->verify_attempted = true;
>  node->sig_list = g_mime_multipart_signed_verify (
> - GMIME_MULTIPART_SIGNED (part), GMIME_ENCRYPT_NONE, );
> + GMIME_MULTIPART_SIGNED (part), GMIME_VERIFY_NONE, );
>  
>  if (node->sig_list)
>   set_signature_list_destructor (node);
> -- 
> 2.25.1
___
notmuch mailing list
notmuch@notmuchmail.org
https://notmuchmail.org/mailman/listinfo/notmuch

[PATCH] emacs: avoid warning about notmuch-show-get-message-id

2020-03-18 Thread Daniel Kahn Gillmor 
Without this change, we see the following warning when compiling the
elisp:

```
EMACS emacs/notmuch-crypto.elc

In end of data:
emacs/notmuch-crypto.el:266:1:Warning: the function
‘notmuch-show-get-message-id’ is not known to be defined.
```

Thanks to Örjan Ekeberg and David Edmondson for their followup about
this.

Signed-off-by: Daniel Kahn Gillmor 
---
 emacs/notmuch-crypto.el | 1 +
 1 file changed, 1 insertion(+)

diff --git a/emacs/notmuch-crypto.el b/emacs/notmuch-crypto.el
index 4035ee37..928de0bb 100644
--- a/emacs/notmuch-crypto.el
+++ b/emacs/notmuch-crypto.el
@@ -163,6 +163,7 @@ by user FROM."
   (recenter -1
 
 (declare-function notmuch-show-refresh-view "notmuch-show" ( 
reset-state))
+(declare-function notmuch-show-get-message-id "notmuch-show" ( bare))
 
 (defun notmuch-crypto--async-key-sentinel (process event)
   "When the user asks for a GPG key to be retrieved
-- 
2.25.1

___
notmuch mailing list
notmuch@notmuchmail.org
https://notmuchmail.org/mailman/listinfo/notmuch

Re: notmuch-crypto.el: "‘notmuch-show-get-message-id’ is not known to be defined"

2020-03-18 Thread David Edmondson 
On Wednesday, 2020-03-18 at 10:49:14 +01, Örjan Ekeberg wrote:

> Daniel Kahn Gillmor  writes:
>
>> When building the current version of notmuch on debian testing/unstable,
>> i see the following warning:
>>
>> ```
>> EMACS emacs/notmuch-crypto.elc
>>
>> In end of data:
>> emacs/notmuch-crypto.el:266:1:Warning: the function
>> ‘notmuch-show-get-message-id’ is not known to be defined.
>> ```
>>
>> No part of the test suite fails so i assume it's not a problem, but
>> having spurious warnings makes it harder to notice real warnings in the
>> future.
>>
>> I don't know what the warning means exactly, but maybe someone who is
>> better with elisp than i am could take a look at it and try to resolve
>> it?
>
> Adding this line in notmuch-crypto.el solves this:
>
> (declare-function notmuch-show-get-message-id "notmuch-show" ( bare))
>
> As a matter of style, I am not sure where to put it.  Normally, these
> declarations are put in the beginning of the file; right after the
> require-statements.  In notmuch-crypto.el, however, the only other
> declaration is put just in front of where the function is called.

As you say, we normally gather them near to the top of the file.

dme.
-- 
My girl Friday, she no square.
___
notmuch mailing list
notmuch@notmuchmail.org
https://notmuchmail.org/mailman/listinfo/notmuch

Re: notmuch-crypto.el: "‘notmuch-show-get-message-id’ is not known to be defined"

2020-03-18 Thread Örjan Ekeberg 
Daniel Kahn Gillmor  writes:

> When building the current version of notmuch on debian testing/unstable,
> i see the following warning:
>
> ```
> EMACS emacs/notmuch-crypto.elc
>
> In end of data:
> emacs/notmuch-crypto.el:266:1:Warning: the function
> ‘notmuch-show-get-message-id’ is not known to be defined.
> ```
>
> No part of the test suite fails so i assume it's not a problem, but
> having spurious warnings makes it harder to notice real warnings in the
> future.
>
> I don't know what the warning means exactly, but maybe someone who is
> better with elisp than i am could take a look at it and try to resolve
> it?

Adding this line in notmuch-crypto.el solves this:

(declare-function notmuch-show-get-message-id "notmuch-show" ( bare))

As a matter of style, I am not sure where to put it.  Normally, these
declarations are put in the beginning of the file; right after the
require-statements.  In notmuch-crypto.el, however, the only other
declaration is put just in front of where the function is called.

/Örjan
___
notmuch mailing list
notmuch@notmuchmail.org
https://notmuchmail.org/mailman/listinfo/notmuch

[PATCH] configure: Check GMime version properly

2020-03-18 Thread Daniel Kahn Gillmor 
Signed-off-by: Daniel Kahn Gillmor 
---
 configure | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/configure b/configure
index c16d18dc..70031d14 100755
--- a/configure
+++ b/configure
@@ -513,7 +513,7 @@ fi
 GMIME_MINVER=3.0.3
 
 printf "Checking for GMime development files... "
-if pkg-config --exists "gmime-3.0 > $GMIME_MINVER"; then
+if pkg-config --exists "gmime-3.0 >= $GMIME_MINVER"; then
 printf "Yes.\n"
 have_gmime=1
 gmime_cflags=$(pkg-config --cflags gmime-3.0)
-- 
2.25.1

___
notmuch mailing list
notmuch@notmuchmail.org
https://notmuchmail.org/mailman/listinfo/notmuch

[PATCH] tests/smime: fix typo in README

2020-03-18 Thread Daniel Kahn Gillmor 
Signed-off-by: Daniel Kahn Gillmor 
---
 test/smime/README | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/test/smime/README b/test/smime/README
index 92803c77..46211922 100644
--- a/test/smime/README
+++ b/test/smime/README
@@ -2,6 +2,6 @@ test.crt: self signed certificated
 % gpgsm --gen-key # needs gpgsm 2.1
 
 key+cert.pem: cert + unencryped private
-% gpsm --import test.crt
+% gpgsm --import test.crt
 % gpgsm --export-private-key-p12 -out foo.p12  (no passphrase)
 % openssl pkcs12 -in ns.p12 -clcerts -nodes > key+cert.pem
-- 
2.25.1

___
notmuch mailing list
notmuch@notmuchmail.org
https://notmuchmail.org/mailman/listinfo/notmuch

[PATCH] mime-node: Pass the correct flags to g_mime_multipart_signed_verify

2020-03-18 Thread Daniel Kahn Gillmor 
GMIME_ENCRYPT_NONE and GMIME_VERIFY_NONE have the same value, but they
are different enumerated types.  So in C, this is a cosmetic change,
but it is technically correct if we only had stricter typing.

Signed-off-by: Daniel Kahn Gillmor 
---
 mime-node.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/mime-node.c b/mime-node.c
index d4996a33..e531078c 100644
--- a/mime-node.c
+++ b/mime-node.c
@@ -201,7 +201,7 @@ node_verify (mime_node_t *node, GMimeObject *part)
 
 node->verify_attempted = true;
 node->sig_list = g_mime_multipart_signed_verify (
-   GMIME_MULTIPART_SIGNED (part), GMIME_ENCRYPT_NONE, );
+   GMIME_MULTIPART_SIGNED (part), GMIME_VERIFY_NONE, );
 
 if (node->sig_list)
set_signature_list_destructor (node);
-- 
2.25.1

___
notmuch mailing list
notmuch@notmuchmail.org
https://notmuchmail.org/mailman/listinfo/notmuch