Re: [PATCH 2/2] emacs: postpone/resume support

2016-10-01 Thread David Bremner
Mark Walters  writes:

> This provides preliminary support for postponing and resuming in the
> emacs frontend. On postponing it uses notmuch insert to put the
> message in the notmuch database; resume gets the raw file from notmuch
> and using the emacs function mime-to-mml reconstructs the message
> (including attachments).

I was thinking about this a bit more, in the context of your other patch
to scan for #secure, and it occured to me one option would be would be
to add a header to the draft being written with the secure (and other
relevant info). As a proof of concept I added a constant header to all
drafts [1].  An outline of the approach would be

- scan for #secure tags, error if they are not in the right place
- if found at the top of the document, extract the contents, remove the
  mml tag and put in a header like
  e.g.

  X-Notmuch-Emacs-Secure: method=pgpmime mode=sign

- on reading back, check for, remove that header, add the corresponding
  #secure tag.

It might be possible to re-use functions e.g. mml-secure-message and
mml-unsecure-message from mml-sec.el

Compared to the other approach we discussed (using message-properties to
store the data), this has the advantage of not requiring new features in
the CLI. Also, it would probably be a potential source of user error to
sync drafts between machines via some imap/rsync mechanism, without
syncing message metadata.

Our usual distaste for writing headers is that we don't want to modify
delivered mail; this seems a non-issue here to me since there is no
delivered mail. Others might disagree, of course.

[1]
diff --git a/emacs/notmuch-maildir-fcc.el b/emacs/notmuch-maildir-fcc.el
index 95e5650..412da94 100644
--- a/emacs/notmuch-maildir-fcc.el
+++ b/emacs/notmuch-maildir-fcc.el
@@ -163,6 +163,7 @@ by notmuch-mua-mail"
   "Setup message for saving. Should be called on a temporary copy.
 
 This is taken from the function message-do-fcc."
+  (message-add-header "X-Notmuch-Emacs-Draft: true")
   (message-encode-message-body)
   (save-restriction
 (message-narrow-to-headers)



signature.asc
Description: PGP signature
___
notmuch mailing list
notmuch@notmuchmail.org
https://notmuchmail.org/mailman/listinfo/notmuch


Re: [PATCH 2/2] emacs: postpone/resume support

2016-09-21 Thread David Bremner
Daniel Kahn Gillmor  writes:

>
> So this failure that bremner's reporting appears to happen only when
> combining the #secure mode with a message with attachments.  It doesn't
> happen when the draft itself is just plaintext and one of the #secure
> flags is set.  And there's no problem if there are attachments without
> the #secure flag.
>
> Bremner, can you confirm this?

Yes, that sounds about right. Although the emacs bug I reported does not
have to do with attachments per se, just the requirement that the
#secure tag is at the top of the message

>
> I also noticed that if you rearrange the text before sending so that the
> #secure flag is at the top of the message, the structure of the message
> looks weird -- in particular, there's a double layer of multipart/mixed
> just within the crypto transformation, instead of a single layer.
>
> that said, these patches are really useful to me even in their current
> form, since most of my draft messages don't deal with both crypto and
> attachments.  Is there some way to get the benefits here without the bug
> at the intersection?

We could (and I think emacs should) abort if it detects #secure anywhere
but on the first line.

d
___
notmuch mailing list
notmuch@notmuchmail.org
https://notmuchmail.org/mailman/listinfo/notmuch


Re: [PATCH 2/2] emacs: postpone/resume support

2016-09-20 Thread Daniel Kahn Gillmor
On Sun 2016-09-11 08:05:20 -0400, David Bremner wrote:
> Mark Walters  writes:
>
>> This provides preliminary support for postponing and resuming in the
>> emacs frontend. On postponing it uses notmuch insert to put the
>> message in the notmuch database; resume gets the raw file from notmuch
>> and using the emacs function mime-to-mml reconstructs the message
>> (including attachments).
>
> I haven't really reviewed this yet, but I noticed it seems to need some
> special handling for signed/encrypted messages.
>
> I created a test message consisting of the mml tag
>
>   "#secure method=pgpmime mode=sign"
>
> (added with C-c C-m C-s) and a pdf attachment.
>
> Saving with C-x C-s created a text/plain part with the #secure tag in
> it. When I edited (and sent) the saved draft, it did not sign
> anything. This might be related to a bug/undocumented-feature of mml
> only parsing #secure tags at the top of the message.

So this failure that bremner's reporting appears to happen only when
combining the #secure mode with a message with attachments.  It doesn't
happen when the draft itself is just plaintext and one of the #secure
flags is set.  And there's no problem if there are attachments without
the #secure flag.

Bremner, can you confirm this?

I also noticed that if you rearrange the text before sending so that the
#secure flag is at the top of the message, the structure of the message
looks weird -- in particular, there's a double layer of multipart/mixed
just within the crypto transformation, instead of a single layer.

that said, these patches are really useful to me even in their current
form, since most of my draft messages don't deal with both crypto and
attachments.  Is there some way to get the benefits here without the bug
at the intersection?

   --dkg


signature.asc
Description: PGP signature
___
notmuch mailing list
notmuch@notmuchmail.org
https://notmuchmail.org/mailman/listinfo/notmuch


Re: [PATCH 2/2] emacs: postpone/resume support

2016-09-11 Thread David Bremner
David Bremner  writes:

> Actually, I just tested with
>  "#secure method=pgpmime mode=signencrypt"
> and the same thing happens, which is an even bigger footgun.
>
> this behaviour should really be fixed upstream in emacs, but we probably
> don't want block on that, so some kind of workaround seems to be needed.

I've reported the emacs bug at

 https://debbugs.gnu.org/cgi/bugreport.cgi?bug=24411

We'll have to see what upstream thinks.
___
notmuch mailing list
notmuch@notmuchmail.org
https://notmuchmail.org/mailman/listinfo/notmuch


Re: [PATCH 2/2] emacs: postpone/resume support

2016-09-11 Thread David Bremner
Mark Walters  writes:

> This provides preliminary support for postponing and resuming in the
> emacs frontend. On postponing it uses notmuch insert to put the
> message in the notmuch database; resume gets the raw file from notmuch
> and using the emacs function mime-to-mml reconstructs the message
> (including attachments).

I haven't really reviewed this yet, but I noticed it seems to need some
special handling for signed/encrypted messages.

I created a test message consisting of the mml tag

  "#secure method=pgpmime mode=sign"

(added with C-c C-m C-s) and a pdf attachment.

Saving with C-x C-s created a text/plain part with the #secure tag in
it. When I edited (and sent) the saved draft, it did not sign
anything. This might be related to a bug/undocumented-feature of mml
only parsing #secure tags at the top of the message.

Actually, I just tested with
 "#secure method=pgpmime mode=signencrypt"
and the same thing happens, which is an even bigger footgun.

this behaviour should really be fixed upstream in emacs, but we probably
don't want block on that, so some kind of workaround seems to be needed.



1473594252.M451803P952.zancas:2,DS
Description: test message


signature.asc
Description: PGP signature
___
notmuch mailing list
notmuch@notmuchmail.org
https://notmuchmail.org/mailman/listinfo/notmuch