Re: [PATCH v2 2/2] test/smime: fix signature verification test with newer gmime.
Thanks, Michael-- This LGTM. It is more narrowly-targeted at permitting this specific variation than Bremner's earlier version of the patch (and it doesn't have any tests marked BROKEN), which is nice. It might be marginally cleaner to swap out the LEFT_ANGLE RIGHT_ANGLE variables for a single replacement variable like so: if [ $NOTMUCH_GMIME_EMITS_ANGLE_BRACKETS == 1 ]; then EXPECTED_EMAIL_ADDR='' else EXPECTED_EMAIL_ADDR='test_su...@notmuchmail.org' fi This makes for only one variable substitution in the json comparison tests, if i'm looking at it right. Any of these approaches is fine with me. --dkg On Tue 2022-04-12 22:15:56 +0200, michaeljgruber+grubix+...@gmail.com wrote: > From: David Bremner > > The extra machinery to check for the actual output format is justified > by the possibility that distros may patch this newer output format > into older versions of gmime. > > Amended-by: Michael J Gruber > Signed-off-by: Michael J Gruber > --- > Here is what I meant with my comments: We have everything in place to > adjust the expected test output to the detected gmime behaviour. This > also takes into account dkg's remarks on the variable names. > > [And yes, I have list bounces again, please forgive my mess and multiple > subscriptions to work around it.] > > configure | 17 + > test/T355-smime.sh | 11 +-- > 2 files changed, 26 insertions(+), 2 deletions(-) > > diff --git a/configure b/configure > index d6e1200e..056f9232 100755 > --- a/configure > +++ b/configure > @@ -588,6 +588,11 @@ int main () { > #ifdef CHECK_VALIDITY > validity = g_mime_certificate_get_id_validity (cert); > if (validity != GMIME_VALIDITY_FULL) return !! fprintf (stderr, "Got > validity %d, expected %d\n", validity, GMIME_VALIDITY_FULL); > +#endif > +#ifdef CHECK_EMAIL > +const char *email = g_mime_certificate_get_email (cert); > +if (! email) return !! fprintf (stderr, "no email returned"); > +if (email[0] == '<') return 2; > #endif > return 0; > } > @@ -622,6 +627,15 @@ EOF > errors=$((errors + 1)) > fi > fi > + printf "Checking whether GMime emits email addresses with angle > brackets... " > + if ${CC} -DCHECK_EMAIL ${CFLAGS} ${gmime_cflags} _check_gmime_cert.c > ${gmime_ldflags} -o _check_email && > + GNUPGHOME=${TEMP_GPG} ./_check_email; then > + gmime_emits_angle_brackets=0 > + printf "No.\n" > + else > + gmime_emits_angle_brackets=1 > + printf "Yes.\n" > + fi > else > printf 'No.\nFailed to set up gpgsm for testing X.509 certificate > validity support.\n' > errors=$((errors + 1)) > @@ -1559,6 +1573,9 @@ NOTMUCH_HAVE_XAPIAN_DB_RETRY_LOCK=${WITH_RETRY_LOCK} > # Whether GMime can verify X.509 certificate validity > NOTMUCH_GMIME_X509_CERT_VALIDITY=${gmime_x509_cert_validity} > > +# Whether GMime emits addresses with angle brackets (with <>) > +NOTMUCH_GMIME_EMITS_ANGLE_BRACKETS=${gmime_emits_angle_brackets} > + > # Whether GMime can verify signatures when decrypting with a session key: > NOTMUCH_GMIME_VERIFY_WITH_SESSION_KEY=${gmime_verify_with_session_key} > > diff --git a/test/T355-smime.sh b/test/T355-smime.sh > index 31fa4b4e..b15169b7 100755 > --- a/test/T355-smime.sh > +++ b/test/T355-smime.sh > @@ -35,6 +35,13 @@ EOF > test_expect_equal_file EXPECTED OUTPUT > > test_begin_subtest "signature verification (notmuch CLI)" > +if [ $NOTMUCH_GMIME_EMITS_ANGLE_BRACKETS == 1 ]; then > +LEFT_ANGLE='<' > +RIGHT_ANGLE='>' > +else > +LEFT_ANGLE='' > +RIGHT_ANGLE='' > +fi > output=$(notmuch show --format=json --verify subject:"test signed message > 001" \ > | notmuch_json_show_sanitize \ > | sed -e 's|"created": [-1234567890]*|"created": 946728000|g' \ > @@ -46,7 +53,7 @@ expected='[[[{"id": "X", > "timestamp": 946728000, > "date_relative": "2000-01-01", > "tags": ["inbox","signed"], > - "crypto": {"signed": {"status": [{"fingerprint": "'$FINGERPRINT'", > "status": "good","userid": "CN=Notmuch Test Suite", "email": > "", "expires": 424242424, "created": > 946728000}]}}, > + "crypto": {"signed": {"status": [{"fingerprint": "'$FINGERPRINT'", > "status": "good","userid": "CN=Notmuch Test Suite", "email": > "'$LEFT_ANGLE'test_su...@notmuchmail.org'$RIGHT_ANGLE'", "expires": > 424242424, "created": 946728000}]}}, > "headers": {"Subject": "test signed message 001", > "From": "Notmuch Test Suite ", > "To": "test_su...@notmuchmail.org", > @@ -55,7 +62,7 @@ expected='[[[{"id": "X", > "sigstatus": [{"fingerprint": "'$FINGERPRINT'", > "status": "good", > "userid": "CN=Notmuch Test Suite", > - "email": "", > + "email": "'$LEFT_ANGLE'test_su...@notmuchmail.org'$RIGHT_ANGLE'", > "expires": 424242424, > "created": 946728000}], > "content-type": "multipart/signed", > -- > 2.36.0.rc0.457.gf4fc0d8e4e signature.asc Description: PGP signature ___
[PATCH v2 2/2] test/smime: fix signature verification test with newer gmime.
From: David Bremner The extra machinery to check for the actual output format is justified by the possibility that distros may patch this newer output format into older versions of gmime. Amended-by: Michael J Gruber Signed-off-by: Michael J Gruber --- Here is what I meant with my comments: We have everything in place to adjust the expected test output to the detected gmime behaviour. This also takes into account dkg's remarks on the variable names. [And yes, I have list bounces again, please forgive my mess and multiple subscriptions to work around it.] configure | 17 + test/T355-smime.sh | 11 +-- 2 files changed, 26 insertions(+), 2 deletions(-) diff --git a/configure b/configure index d6e1200e..056f9232 100755 --- a/configure +++ b/configure @@ -588,6 +588,11 @@ int main () { #ifdef CHECK_VALIDITY validity = g_mime_certificate_get_id_validity (cert); if (validity != GMIME_VALIDITY_FULL) return !! fprintf (stderr, "Got validity %d, expected %d\n", validity, GMIME_VALIDITY_FULL); +#endif +#ifdef CHECK_EMAIL +const char *email = g_mime_certificate_get_email (cert); +if (! email) return !! fprintf (stderr, "no email returned"); +if (email[0] == '<') return 2; #endif return 0; } @@ -622,6 +627,15 @@ EOF errors=$((errors + 1)) fi fi + printf "Checking whether GMime emits email addresses with angle brackets... " + if ${CC} -DCHECK_EMAIL ${CFLAGS} ${gmime_cflags} _check_gmime_cert.c ${gmime_ldflags} -o _check_email && + GNUPGHOME=${TEMP_GPG} ./_check_email; then + gmime_emits_angle_brackets=0 + printf "No.\n" + else + gmime_emits_angle_brackets=1 + printf "Yes.\n" + fi else printf 'No.\nFailed to set up gpgsm for testing X.509 certificate validity support.\n' errors=$((errors + 1)) @@ -1559,6 +1573,9 @@ NOTMUCH_HAVE_XAPIAN_DB_RETRY_LOCK=${WITH_RETRY_LOCK} # Whether GMime can verify X.509 certificate validity NOTMUCH_GMIME_X509_CERT_VALIDITY=${gmime_x509_cert_validity} +# Whether GMime emits addresses with angle brackets (with <>) +NOTMUCH_GMIME_EMITS_ANGLE_BRACKETS=${gmime_emits_angle_brackets} + # Whether GMime can verify signatures when decrypting with a session key: NOTMUCH_GMIME_VERIFY_WITH_SESSION_KEY=${gmime_verify_with_session_key} diff --git a/test/T355-smime.sh b/test/T355-smime.sh index 31fa4b4e..b15169b7 100755 --- a/test/T355-smime.sh +++ b/test/T355-smime.sh @@ -35,6 +35,13 @@ EOF test_expect_equal_file EXPECTED OUTPUT test_begin_subtest "signature verification (notmuch CLI)" +if [ $NOTMUCH_GMIME_EMITS_ANGLE_BRACKETS == 1 ]; then +LEFT_ANGLE='<' +RIGHT_ANGLE='>' +else +LEFT_ANGLE='' +RIGHT_ANGLE='' +fi output=$(notmuch show --format=json --verify subject:"test signed message 001" \ | notmuch_json_show_sanitize \ | sed -e 's|"created": [-1234567890]*|"created": 946728000|g' \ @@ -46,7 +53,7 @@ expected='[[[{"id": "X", "timestamp": 946728000, "date_relative": "2000-01-01", "tags": ["inbox","signed"], - "crypto": {"signed": {"status": [{"fingerprint": "'$FINGERPRINT'", "status": "good","userid": "CN=Notmuch Test Suite", "email": "", "expires": 424242424, "created": 946728000}]}}, + "crypto": {"signed": {"status": [{"fingerprint": "'$FINGERPRINT'", "status": "good","userid": "CN=Notmuch Test Suite", "email": "'$LEFT_ANGLE'test_su...@notmuchmail.org'$RIGHT_ANGLE'", "expires": 424242424, "created": 946728000}]}}, "headers": {"Subject": "test signed message 001", "From": "Notmuch Test Suite ", "To": "test_su...@notmuchmail.org", @@ -55,7 +62,7 @@ expected='[[[{"id": "X", "sigstatus": [{"fingerprint": "'$FINGERPRINT'", "status": "good", "userid": "CN=Notmuch Test Suite", - "email": "", + "email": "'$LEFT_ANGLE'test_su...@notmuchmail.org'$RIGHT_ANGLE'", "expires": 424242424, "created": 946728000}], "content-type": "multipart/signed", -- 2.36.0.rc0.457.gf4fc0d8e4e ___ notmuch mailing list -- notmuch@notmuchmail.org To unsubscribe send an email to notmuch-le...@notmuchmail.org
Re: [PATCH] emacs/smime: render decrypted MIME entities in notmuch-show
Hello David, David Bremner writes: > [...] > I'm not sure it's less effort, > [...] Neither am I... ;-)) It might perhaps seem easier to run the tests I have added to the attached, updated patch in your complete environment? --alexander >From ba6f00bbd1803f5cccfafdb262f17b79b6c95252 Mon Sep 17 00:00:00 2001 From: Alexander Adolf Date: Fri, 25 Mar 2022 14:13:28 +0100 Subject: [PATCH] emacs/smime: render decrypted MIME entities in notmuch-show When processing encrypted S/MIME messages, after decryption the "last resort" handler notmuch-show-insert-part-*/* was called, because there was no application/pkcs7-mime handler, resulting in the decrypted contents not being displayed. This commit adds a new function notmuch-show-insert-part-application/pkcs7-mime (and an alias notmuch-show-insert-part-application/x-pkcs7-mime for the legacy MIME type) to render the S/MIME protected part after decryption. --- emacs/notmuch-show.el | 17 +++ test/T450-emacs-show.sh | 11 +++- .../crypto/smime-encrypted-signed-multipart | 51 +++ ...much-show-smime-encrypted-signed-multipart | 15 ++ 4 files changed, 93 insertions(+), 1 deletion(-) create mode 100644 test/corpora/crypto/smime-encrypted-signed-multipart create mode 100644 test/emacs-show.expected-output/notmuch-show-smime-encrypted-signed-multipart diff --git a/emacs/notmuch-show.el b/emacs/notmuch-show.el index 7c1f02c9..b7edfc98 100644 --- a/emacs/notmuch-show.el +++ b/emacs/notmuch-show.el @@ -712,6 +712,23 @@ will return nil if the CID is unknown or cannot be retrieved." (defun notmuch-show-insert-part-application/pgp-encrypted (_msg _part _content-type _nth _depth _button) t) +(defun notmuch-show-insert-part-application/pkcs7-mime (msg part _content-type _nth depth _button) + "Render S/MIME protected content after decryption. + +An alias for this function is also defined to handle entities +using the legacy application/x-pkcs7-mime MIME type." + (let* ((encstatus (car (plist-get part :encstatus))) + (inner-part (car (plist-get part :content +;; Insert a button detailing the encryption status. +(notmuch-crypto-insert-encstatus-button encstatus) +(if (not (string= (plist-get encstatus :status) "bad")) +;; Show all decrypted parts. +(notmuch-show-insert-bodypart msg inner-part depth + +;; Support for the legacy "x-" type. +(fset 'notmuch-show-insert-part-application/x-pkcs7-mime + 'notmuch-show-insert-part-application/pkcs7-mime) + (defun notmuch-show-insert-part-multipart/* (msg part _content-type _nth depth _button) (let ((inner-parts (plist-get part :content)) (start (point))) diff --git a/test/T450-emacs-show.sh b/test/T450-emacs-show.sh index 057ad37e..5c4bdd7e 100755 --- a/test/T450-emacs-show.sh +++ b/test/T450-emacs-show.sh @@ -49,7 +49,7 @@ test_emacs '(let ((notmuch-crypto-process-mime nil)) (test-visible-output))' test_expect_equal_file $EXPECTED/notmuch-show-process-crypto-mime-parts-off OUTPUT -test_begin_subtest "process cryptographic MIME parts" +test_begin_subtest "process cryptographic MIME parts (PGP)" test_emacs '(let ((notmuch-crypto-process-mime t)) (notmuch-show "id:20091117203301.gv3...@dottiness.seas.harvard.edu") (test-visible-output))' @@ -245,4 +245,13 @@ test_emacs "(test-log-error (notmuch-show \"$tid\")))" test_expect_equal "$(cat MESSAGES)" "COMPLETE" +# more crypto tests, using S/MIME from here on: +add_gpgsm_home + +test_begin_subtest "process cryptographic MIME parts (S/MIME)" +test_emacs '(let ((notmuch-crypto-process-mime t)) + (notmuch-show "id:575ddaaf0b234fd85e077cfb4d44d...@notmuchmail.org") + (test-visible-output))' +test_expect_equal_file $EXPECTED/notmuch-show-smime-encrypted-signed-multipart OUTPUT + test_done diff --git a/test/corpora/crypto/smime-encrypted-signed-multipart b/test/corpora/crypto/smime-encrypted-signed-multipart new file mode 100644 index ..f0bd6c51 --- /dev/null +++ b/test/corpora/crypto/smime-encrypted-signed-multipart @@ -0,0 +1,51 @@ +Message-Id: <575ddaaf0b234fd85e077cfb4d44d...@notmuchmail.org> +From: test_su...@notmuchmail.org +To: test_su...@notmuchmail.org +Subject: notmuch-show S/MIME test +Date: Tue, 12 Apr 2022 16:57:30 +0200 +MIME-Version: 1.0 +Content-Type: application/pkcs7-mime; + smime-type=enveloped-data; + name=smime.p7m +Content-Transfer-Encoding: base64 +Content-Disposition: attachment; filename=smime.p7m + +MIAGCSqGSIb3DQEHA6CAMIACAQAxggFFMIIBQQIBADApMB0xGzAZBgNVBAMTEk5vdG11Y2ggVGVz +dCBTdWl0ZQIIb3SMlL0MZ6kwDQYJKoZIhvcNAQEBBQAEggEAeCEItxJpxL5frDmEeuMRpi8TcCCw +WHraQ//IDMkA6fcbDIA8hfJpRNpiL5AvqQBipPELtb95rHKxOes7fUPMbT5FVA7dm72hur5N9VRj +kN8Jgs6BjpXRKBA4S5eEzu9J2DJYnTWueZUItKlUzXUXg9AWwyEOKtlXfpOEGZ8FSTNQaE4thipO +hmElscsz1tGmw2+8E1dFeXZyHArruqMAxzqOtiM6G3Y5dj1i8V+s6BSRLzep0JQZ0T/Jq5LE5T+E +rYpgjopj1IT7IOwOP6B+YuhkalXjX7ursH9CNsDg+YjvWPn8RblAH5BRKLHNo1jMm9JLPFH9/0qJ +IJAD0U2q4jCABgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBbgb
Re: Display tags on separate lines on notmuch-hello screen
Ishe Chinyoka writes: > Hi list, > > Is it possible to have my tags---whether under saved searches or all > tagss---displayed as a literal list, that is each tag along with its > uncounted number on its own line? Currently I see them all listed on a > single line. > Try setting the variable notmuch-column-control to 1.0 (e.g. with M-x customize-variable). See the docstring for more options. d ___ notmuch mailing list -- notmuch@notmuchmail.org To unsubscribe send an email to notmuch-le...@notmuchmail.org