David Bremner [Sat, 11 Jul 2020 18:30:04 +0000 (15:30 -0300)]
cli/search: replace deprecated notmuch_message_get_flag
Our handling of errors is all or nothing here, but it's an improvement
on the status quo, and it avoids rippling internal API changes.
David Bremner [Sat, 4 Jul 2020 15:18:05 +0000 (12:18 -0300)]
lib: catch exceptions in n_m_get_flag, provide n_m_get_flag_st
It's not very nice to return FALSE for an error, so provide
notmuch_message_get_flag_st as a migration path.
Bump LIBNOTMUCH_MINOR_VERSION because the API is extended.
David Bremner [Thu, 16 Jul 2020 18:59:45 +0000 (15:59 -0300)]
configure: make sure WITH_PYTHON_DOCS is initialized
Thanks to pazz for reporting the problem.
David Bremner [Sat, 11 Jul 2020 13:20:27 +0000 (10:20 -0300)]
doc: add new python bindings to main documentation tree.
A separate conf.py and doc directory (or will be needed if someone wants
to build the bindings docs separately from notmuch.
David Bremner [Sat, 11 Jul 2020 13:20:26 +0000 (10:20 -0300)]
doc: replace use of environment variables with a generated config
It is getting unwieldy to pass configuration options on the
sphinx-build command line, and I anticipate further use of
conditionals.
As far as I could tell, execing a string is the idiomatic way to
emulate include in Python.
David Bremner [Sun, 5 Jul 2020 13:00:26 +0000 (10:00 -0300)]
lib: use COERCE_STATUS in n_m_{add,remove}_tag
Currently I don't know of a good way of testing this, but at least in
principle a Xapian exception in _notmuch_message_{add,remove}_term
would cause an abort in the library.
David Bremner [Sun, 5 Jul 2020 13:00:25 +0000 (10:00 -0300)]
lib: catch Xapian exceptions in n_m_remove_tag
The churn here is again mainly re-indentation.
David Bremner [Sun, 5 Jul 2020 13:00:24 +0000 (10:00 -0300)]
test: add broken test for n_m_remove_tag
Exception will be caught in next commit.
David Bremner [Sun, 5 Jul 2020 13:00:23 +0000 (10:00 -0300)]
lib: catch Xapian exceptions in n_m_add_tag
This is mostly just (horizontal) code movement due to wrapping
everything in a try / catch.
David Bremner [Sun, 5 Jul 2020 13:00:22 +0000 (10:00 -0300)]
test: add known broken test for n_m_add_tag with closed db
Exception will be caught in next commit.
David Bremner [Sun, 5 Jul 2020 13:00:21 +0000 (10:00 -0300)]
lib: catch Xapian exceptions in n_m_count_files
This will require some care for the caller to check the sign, and not
just add error returns into a running total.
David Bremner [Sun, 5 Jul 2020 13:00:20 +0000 (10:00 -0300)]
test: add known broken test for n_m_count_files
This will be fixed in the next commit.
David Bremner [Sun, 5 Jul 2020 13:00:19 +0000 (10:00 -0300)]
lib: catch Xapian exceptions in n_m_get_tags
This allows the function to return an error value rather than
crashing.
David Bremner [Sun, 5 Jul 2020 13:00:18 +0000 (10:00 -0300)]
test: add known broken test for n_m_get_tags
This will be fixed in the next commit.
David Bremner [Sun, 5 Jul 2020 13:00:17 +0000 (10:00 -0300)]
lib: use LOG_XAPIAN_EXCEPTION in n_m_get_date
This should not change functionality, but does slightly reduce code
duplication. Perhaps more importantly it allows consistent changes to
all of the similar exception handling in message.cc.
David Bremner [Sun, 5 Jul 2020 13:00:16 +0000 (10:00 -0300)]
lib: add regression test for n_m_get_date; clarify API
This function catches Xapian exceptions. The test is intended to make
sure it stays that way.
David Bremner [Sat, 4 Jul 2020 14:22:25 +0000 (11:22 -0300)]
test: add known broken for n_m_get_flag on closed db
Exception caught in next commit. Note that FLAG_GHOST is the only one
that triggers the I/O code path.
David Bremner [Sat, 4 Jul 2020 14:09:09 +0000 (11:09 -0300)]
lib: catch exceptions in n_m_get_filenames
This is essentially copied from the change to notmuch_message_get_filename
David Bremner [Sat, 4 Jul 2020 14:06:37 +0000 (11:06 -0300)]
test: add known broken test for n_m_get_filenames
This will be fixed in the next commit
David Bremner [Sat, 4 Jul 2020 12:20:31 +0000 (09:20 -0300)]
lib/n_m_g_filename: catch Xapian exceptions, document NULL return
This is the same machinery as applied for
notmuch_message_get_{thread,message}_id
David Bremner [Sat, 4 Jul 2020 12:16:30 +0000 (09:16 -0300)]
lib: add known broken test for notmuch_message_get_filename
This will be fixed in the next commit
David Bremner [Sat, 4 Jul 2020 12:09:09 +0000 (09:09 -0300)]
lib/n_m_get_replies: doc return, initial regression test
We need to to set a query and retrieve the threads to meaningfully
test this function.
David Bremner [Sat, 4 Jul 2020 11:35:08 +0000 (08:35 -0300)]
test: add regression test for n_m_get_header
This function already catches Xapian exceptions, and we want to make
sure it stays that way.
David Bremner [Sat, 4 Jul 2020 11:33:41 +0000 (08:33 -0300)]
lib/message: use LOG_XAPIAN_EXCEPTION in n_m_get_header
This is just for consistency, and a small reduction in the amount of
boilerplate.
David Bremner [Sat, 4 Jul 2020 12:29:41 +0000 (09:29 -0300)]
test: drop use of assert in closed db tests
Instead of printing the same static string for each test, can replace
the assert with something simpler (or at least easier to integrate
into the test suite).
David Bremner [Sat, 4 Jul 2020 11:12:21 +0000 (08:12 -0300)]
test: remove unused backup_database calls
Since these backups are never restored, they should be safe to remove.
David Bremner [Sat, 11 Jul 2020 22:52:21 +0000 (19:52 -0300)]
debian: drop ValueRangeProcessor symbols
These are not used since
b90d852
David Bremner [Tue, 7 Jul 2020 10:56:47 +0000 (07:56 -0300)]
test: drop upgrade from v1 tests
These are less crucial since we stopped generating new database
versions and relied primarily on features. They also rely on a
pre-generated v1 database which happens to be chert format. This
backend is not supported by Xapian 1.5.
Also drop the tool gen-testdb.sh, which is currently broken, due to
changes in the testing infrastructure.
David Bremner [Tue, 7 Jul 2020 10:56:46 +0000 (07:56 -0300)]
lib: migrate from Xapian ValueRangeProcessor to RangeProcessor
This will be mandatory as of Xapian 1.5. The API is also more
consistent with the FieldProcessor API, which helps code re-use a bit.
Note that this switches to using the built-in Xapian support for
prefixes on ranges (i.e. deleted code at beginning of
ParseTimeRangeProcessor::operator(), added prefix to constructor).
Another side effect of the migration is that we are generating smaller
queries, using one OP_VALUE_RANGE instead of an AND of two OP_VALUE_*
queries.
David Bremner [Tue, 7 Jul 2020 10:56:45 +0000 (07:56 -0300)]
lib: migrate to post Xapian 1.3.4 compact support
The old API was deprecated in Xapian 1.3.4 and (will be) removed in 1.5.0
Jonas Witschel [Sat, 11 Jul 2020 16:04:35 +0000 (18:04 +0200)]
doc: make gzipped man pages reproducible
gzip includes the name of the uncompressed file and its modification
timestamp into the compressed archive. The latter makes it hard to
reproduce the generated files bit for bit at a later time, so omit this
information from the archive using the "--no-name" option. This is a
reproducibility best practice, see
https://wiki.debian.org/ReproducibleBuilds/TimestampsInGzipHeaders
David Bremner [Sat, 11 Jul 2020 02:24:41 +0000 (23:24 -0300)]
Merge branch 'release'
David Bremner [Sat, 11 Jul 2020 01:25:04 +0000 (22:25 -0300)]
NEWS: update date for release
David Bremner [Sat, 11 Jul 2020 01:24:41 +0000 (22:24 -0300)]
debian: changelog for 0.30
David Bremner [Sat, 11 Jul 2020 01:21:19 +0000 (22:21 -0300)]
version: set to 0.30
David Bremner [Tue, 30 Jun 2020 01:14:11 +0000 (22:14 -0300)]
lib/message: catch exception in n_m_get_thread_id
This allows us to return an error value from the library.
David Bremner [Tue, 30 Jun 2020 01:14:10 +0000 (22:14 -0300)]
test: add known broken test for n_m_get_thread_id on closed db
This will be fixed in the next commit.
David Bremner [Tue, 30 Jun 2020 01:14:09 +0000 (22:14 -0300)]
lib: catch error from closed db in n_m_get_message_id
By catching it at the library top level, we can return an error value.
David Bremner [Tue, 30 Jun 2020 01:14:08 +0000 (22:14 -0300)]
test: add known broken test for error handling on closed database
Based on id:87d05je1j6.fsf@powell.devork.be
David Bremner [Tue, 16 Jun 2020 14:17:55 +0000 (11:17 -0300)]
build: produce signatures for release candidate tarballs.
Today Defalos on #notmuch asked for a signed tarball for
0.30~rc2. This is a minimal change to support this in the future. The
question of automagically uploading will need more thought; currently
I like the fact that tags from pre-releases are only pushed manually.
David Bremner [Fri, 3 Jul 2020 10:23:32 +0000 (07:23 -0300)]
test: fix python 3.8.4 related regression in T210-raw
It seems (at least in 3.8.4~rc1-1 on Debian) that set_content requires
at least one line.
David Bremner [Fri, 3 Jul 2020 09:50:16 +0000 (06:50 -0300)]
debian: changelog fo 0.30~rc3-1
David Bremner [Fri, 3 Jul 2020 09:45:17 +0000 (06:45 -0300)]
version: bump to 0.30~rc3
David Bremner [Tue, 30 Jun 2020 00:22:47 +0000 (21:22 -0300)]
bindings/python-cffi: copy version file into bindings dir
Attempt to avoid breaking "pip install ."
As far as I can tell, we need to have a copy (not just a relative
symlink) of the version file.
David Bremner [Fri, 26 Jun 2020 11:11:00 +0000 (08:11 -0300)]
doc: update install suggestions for fedora derivatives
Fedora still has an old gmime-devel which is 2.6.x. This is no longer
supported by notmuch. Also apparently dnf is a better choice than yum.
Daniel Kahn Gillmor [Thu, 2 Jul 2020 18:00:49 +0000 (14:00 -0400)]
tests: mark sig verification known-broken with session keys on buggy gpgme
We make use of the just-introduced configure test.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Daniel Kahn Gillmor [Thu, 2 Jul 2020 18:00:48 +0000 (14:00 -0400)]
configure: can gpgme can verify signatures when decrypting with a session key?
If https://dev.gnupg.org/T3464 is unresolved in the version of gpgme
we are testing against, then we should know about it, because it
affects the behavior of notmuch.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
David Bremner [Wed, 24 Jun 2020 14:32:34 +0000 (11:32 -0300)]
test: mark two tests broken on machines with 32 bit time_t
I haven't traced the code path as exhaustively for the SMIME test, but
the expiry date in question is larger then representable in a signed
32 bit integer.
David Bremner [Wed, 24 Jun 2020 14:32:33 +0000 (11:32 -0300)]
configure: detect 64 bit time_t
Certain tests involving timestamps > 32 bits cannot pass with the
current libnotmuch API. We will avoid this issue for now by disabling
those tests on "old" architectures with 32 bit time_t.
Tomi Ollila [Wed, 24 Jun 2020 20:11:20 +0000 (23:11 +0300)]
Makefile.global: drop -std=gnu99. C11 (or later) compiler required
Since October 2018 building notmuch has actually required compiler
that knows C11.
Also this -std=gnu99 was not used in code compiled by configure,
so in theory this could have caused problems...
...but no related reports have been sent, perhaps ever.
Both gcc and clang has been shipping compilers supporting C11
(or later) by default for more than four years now.
Therefore, just dropping -std=gnu99 (and not checking C11
compatibility for now, for simplicity) is easiest to do,
and removes inconsistency between configure and build time
compilations.
Floris Bruynooghe [Fri, 19 Jun 2020 09:46:28 +0000 (11:46 +0200)]
python-cffi: read version from notmuch version file
This keeps it in sync with the main notmuch version which is less
confusing to users.
David Bremner [Tue, 16 Jun 2020 11:32:51 +0000 (08:32 -0300)]
debian: changelog stanza for 0.30~rc2-1
David Bremner [Tue, 16 Jun 2020 11:29:39 +0000 (08:29 -0300)]
version: update to 0.30~rc2
David Bremner [Tue, 16 Jun 2020 11:28:08 +0000 (08:28 -0300)]
debian/copyright: update to match AUTHORS
David Bremner [Tue, 16 Jun 2020 11:26:55 +0000 (08:26 -0300)]
update AUTHORS
Yay, we gained a new author, thanks Anton.
Floris Bruynooghe [Sun, 14 Jun 2020 15:23:19 +0000 (17:23 +0200)]
Support aborting the atomic context
Since it is possible to use an atomic context to abort a number of
changes support this usage. Because the only way to actually abort
the transaction is to close the database this must also do so.
Amended by db: Note the limitation requiring close is a limitation of
the underlying notmuch API, which should be fixed in a future notmuch
release.
Floris Bruynooghe [Mon, 15 Jun 2020 20:58:50 +0000 (22:58 +0200)]
Make messages returned by Thread objects owned
This reverses the logic of StandaloneMessage to instead create a
OwnedMessage. Only the Thread class allows retrieving messages more
then once so it can explicitly create such messages.
The added test fails with SIGABRT without the fix for the message
re-use in threads being present.
Anton Khirnov [Mon, 15 Jun 2020 20:58:49 +0000 (22:58 +0200)]
python/notmuch2: do not destroy messages owned by a query
Any messages retrieved from a query - either directly via
search_messages() or indirectly via thread objects - are owned by that
query. Retrieving the same message (i.e. corresponding to the same
message ID / database object) several times will always yield the same
C object.
The caller is allowed to destroy message objects owned by a query before
the query itself - which can save memory for long-lived queries.
However, that message must then never be retrieved again from that
query.
The python-notmuch2 bindings will currently destroy every message object
in Message._destroy(), which will lead to an invalid free if the same
message is then retrieved again. E.g. the following python program leads
to libtalloc abort()ing:
import notmuch2
db = notmuch2.Database(mode = notmuch2.Database.MODE.READ_ONLY)
t = next(db.threads('*'))
msgs = list(zip(t.toplevel(), t.toplevel()))
msgs = list(zip(t.toplevel(), t.toplevel()))
Fix this issue by creating a subclass of Message, which is used for
"standalone" message which have to be freed by the caller. Message class
is then used only for messages descended from a query, which do not need
to be freed by the caller.
Floris Bruynooghe [Mon, 15 Jun 2020 21:55:53 +0000 (23:55 +0200)]
python config access: fix style and KeyError bug
This fixes some minor style/pep8 things and adds tests for the new
config support. Also fixes a bug where KeyError was never raised
on a missing key.
Anton Khirnov [Mon, 15 Jun 2020 21:55:52 +0000 (23:55 +0200)]
python/notmuch2: add bindings for the database config strings
Floris Bruynooghe [Sun, 14 Jun 2020 19:25:46 +0000 (21:25 +0200)]
Update tox.ini for python3.8 and fix pypy3.6
Python 3.8 has been released for a while now, make sure we keep
supporting it correctly.
PyPy 3.6 wasn not configured correctly.
Floris Bruynooghe [Sun, 14 Jun 2020 18:33:55 +0000 (20:33 +0200)]
Add missing set methods to tagsets
Even though we use collections.abc.Set which implements all these
methods under their operator names, the actual named variations of
these methods are shockingly missing. So let's add them manually.
Tomi Ollila [Tue, 9 Jun 2020 12:32:27 +0000 (15:32 +0300)]
configure: use cffi.FFI().verify() to test buildability of CFFI bindings
Checking existence of pyconfig.h to determine whether CFFI-based
notmuch bindings are buildable is not enough; for example Fedora 32
ships pyconfig.h in python3-libs package, but python3-devel is required
to be installed for the bindings to build.
Executing cffi.FFI().verify() is pretty close to what is done in
bindings/python-cffi/notmuch2/_build.py to get the c code part of the
bindings built.
David Bremner [Sat, 6 Jun 2020 11:03:25 +0000 (08:03 -0300)]
debian: changelog stanza for 0.30~rc1-1
David Bremner [Sat, 6 Jun 2020 11:02:16 +0000 (08:02 -0300)]
version: bump to 0.30~rc1
Tomi Ollila [Sun, 24 May 2020 19:17:56 +0000 (22:17 +0300)]
emacs docstrings: consistent indentation, newlines, periods
Fixed emacs docstrings to be consistent. No functional change.
- removed some (accidental) indentation
- removed some trailing newlines
- added trailing periods where missing (some exclusions)
Tomi Ollila [Tue, 2 Jun 2020 20:21:59 +0000 (23:21 +0300)]
doc: field processor support now always included, adjust manual pages
The features that require field processor support, are now just
documented w/o mentioning **Xapian Field Processors**' is needed
for those.
Replaced "compact" and "field_processor" with "retry_lock" in
build_with config option, as it is currently the only one that
is optionally excluded. The former 2 are now documented as
features always included.
Dropped one 'we' "passive" in notmuch-search-terms.rst. It was the
only one, and inconsistent with rest of the documentation in that
file.
Dropped message about conditional open-ended ranges support, as
those are now always supported.
Tomi Ollila [Fri, 5 Jun 2020 21:57:55 +0000 (00:57 +0300)]
configure: require python 3.5 for CFFI-based notmuch bindings
Also tell users what the consequences of a "No" answer is when
python version is less than 3.5, cffi or setuptools is missing,
or no pytest >= 3.0 is available.
David Bremner [Thu, 4 Jun 2020 11:53:27 +0000 (08:53 -0300)]
debian: update debian/copyright
This is based on the updated AUTHORS file.
David Bremner [Thu, 4 Jun 2020 11:36:39 +0000 (08:36 -0300)]
doc: update AUTHORS file
I tried to be inclusive, and did not delete anyone from Carl's
original file. I also reworded the acknowledgement of Google LLC.
David Bremner [Wed, 3 Jun 2020 16:05:12 +0000 (13:05 -0300)]
devel: script to calculate a list of authors.
As an initial heuristic, report anyone with at least 15 lines of code
in the current source tree. Test corpora are excluded, although
probabably this doesn't change much about the list of authors
produced.
David Bremner [Fri, 5 Jun 2020 09:58:31 +0000 (06:58 -0300)]
tweaks to NEWS suggest by Tomi
See id:m27dwp40sx.fsf@guru.guru-group.fi
Tomi Ollila [Thu, 4 Jun 2020 19:38:35 +0000 (22:38 +0300)]
NEWS: The minimum supported version of Xapian is now 1.4.0
Daniel Kahn Gillmor [Tue, 2 Jun 2020 01:54:56 +0000 (21:54 -0400)]
add NEWS for 0.30
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
David Bremner [Tue, 2 Jun 2020 02:16:09 +0000 (23:16 -0300)]
debian: bump debian revision
second, with binaries upload
David Bremner [Tue, 2 Jun 2020 00:38:02 +0000 (21:38 -0300)]
debian: Add build dependency on doxygen
David Bremner [Tue, 2 Jun 2020 00:32:23 +0000 (21:32 -0300)]
debian: add desktop-file-utils dependency
This enables installation of notmuch-emacs-mua.desktop
David Bremner [Tue, 2 Jun 2020 00:09:28 +0000 (21:09 -0300)]
NEWS: stub for 0.30
David Bremner [Tue, 2 Jun 2020 00:03:06 +0000 (21:03 -0300)]
debian: add changelog for release candidate
David Bremner [Tue, 2 Jun 2020 00:00:04 +0000 (21:00 -0300)]
version: bump to 0.30~rc0
David Bremner [Mon, 1 Jun 2020 23:58:52 +0000 (20:58 -0300)]
bump date in documentation
David Bremner [Sun, 31 May 2020 16:15:03 +0000 (13:15 -0300)]
doc: fix for out-of-tree builds of notmuch-emacs docs
The sphinx-doc include directive does not have the ability to include
files from the build tree, so we replace the include with reading the
files in conf.py. The non-trivial downside of this is that the emacs
docstrings are now defined for every rst source file. They are
namespaced with docstring::, so hopefully there will not be any
surprises. One thing that is noticable is a small (absolute) time
penalty in running sphinx-doc.
Tomi Ollila [Mon, 1 Jun 2020 05:31:42 +0000 (08:31 +0300)]
configure: check existence of python3 setuptools and dev package
The notmuch2 CFFI-based Python interface is not buildable unless
python3 dev package and python3 setuptools are installed.
Check that these exist in configure (and disable notmuch2 bindings
build if not) so that build of these bindings don't fail when make(1)
is executed.
Sean Whitton [Mon, 1 Jun 2020 06:17:04 +0000 (23:17 -0700)]
emacs: Respect `load-prefer-newer` when loading `notmuch-init-file'
Before this change, `load-prefer-newer' was ignored.
Set NOERROR and MUST-SUFFIX arguments of `load' to t, and NOSUFFIX
argument to nil, to preserve the behaviour of the deleted `let' form.
Daniel Kahn Gillmor [Tue, 26 May 2020 17:06:02 +0000 (13:06 -0400)]
tests/ruby: Ensure that test works for out-of-tree builds
Daniel Kahn Gillmor [Fri, 22 May 2020 01:03:59 +0000 (21:03 -0400)]
python-cffi: enable out-of-tree builds
This is a simple hack to enable out-of-tree builds, a concern raised
by Tomi in id:m24kzjib9a.fsf@guru.guru-group.fi
This change at least enables "make check" to complete without error,
but I'm sure it could be improved. I am not expert enough in
setuptools to know how.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Amended by db per id:87d06usa31.fsf@powell.devork.be
Tomi Ollila [Thu, 23 Apr 2020 21:26:43 +0000 (00:26 +0300)]
test/test-lib.sh: fix two out of tree test issues
json_check_nodes.py exists in source tree, not in out of tree
build tree. Added -B to the execution so source tree is not
"polluted" by a .pyc file when json_check_nodes.py is executed.
When creating run_emacs.sh make it load .elc files from out of
tree build tree, not from source tree if such files existed.
If existed, those may be outdated, or even created by some other
emacs than the one that was used to build .elc files in out of
tree build dir.
Jonas Bernoulli [Sat, 25 Apr 2020 20:18:09 +0000 (22:18 +0200)]
emacs: Use `dolist' instead of `mapcar' for side-effects
As recommended by the byte-compiler.
Daniel Kahn Gillmor [Tue, 12 May 2020 22:29:39 +0000 (18:29 -0400)]
smime: Index cleartext of envelopedData when requested
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Daniel Kahn Gillmor [Tue, 12 May 2020 22:29:38 +0000 (18:29 -0400)]
smime: Pass PKCS#7 envelopedData to node_decrypt_and_verify
This change means we can support "notmuch show --decrypt=true" for
S/MIME encrypted messages, resolving several outstanding broken tests,
including all the remaining S/MIME protected header examples.
We do not yet handle indexing the cleartext of S/MIME encrypted
messages, though.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Daniel Kahn Gillmor [Tue, 12 May 2020 22:29:37 +0000 (18:29 -0400)]
crypto: handle PKCS#7 envelopedData in _notmuch_crypto_decrypt
In the two places where _notmuch_crypto_decrypt handles
multipart/encrypted messages (PGP/MIME), we should also handle PKCS#7
envelopedData (S/MIME).
This is insufficient for fully handling S/MIME encrypted data because
_notmuch_crypto_decrypt isn't yet actually invoked for envelopedData
parts, but that will happen in the following changes.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Daniel Kahn Gillmor [Tue, 12 May 2020 22:29:36 +0000 (18:29 -0400)]
crypto: Make _notmuch_crypto_decrypt take a GMimeObject
As we prepare to handle S/MIME-encrypted PKCS#7 EnvelopedData (which
is not multipart), we don't want to be limited to passing only
GMimeMultipartEncrypted MIME parts to _notmuch_crypto_decrypt.
There is no functional change here, just a matter of adjusting how we
pass arguments internally.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Daniel Kahn Gillmor [Tue, 12 May 2020 22:29:35 +0000 (18:29 -0400)]
cli/reply: Ignore PKCS#7 wrapper parts when replying
When composing a reply, no one wants to see this line in the proposed
message:
Non-text part: application/pkcs7-mime
So we hide it, the same way we hide PGP/MIME cruft.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Daniel Kahn Gillmor [Tue, 12 May 2020 22:29:34 +0000 (18:29 -0400)]
cli/show: If a leaf part has children, show them instead of omitting
Until we did PKCS#7 unwrapping, no leaf MIME part could have a child.
Now, we treat the unwrapped MIME part as the child of the PKCS#7
SignedData object. So in that case, we want to show it instead of
deliberately omitting the content.
This fixes the test of the protected subject in
id:smime-onepart-signed@protected-headers.example.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Daniel Kahn Gillmor [Tue, 12 May 2020 22:29:33 +0000 (18:29 -0400)]
cli: include wrapped part of PKCS#7 SignedData in the MIME tree
Unwrap a PKCS#7 SignedData part unconditionally when the cli is
traversing the MIME tree, and return it as a "child" of what would
otherwise be a leaf in the tree.
Unfortunately, this also breaks the JSON output. We will fix that
next.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Daniel Kahn Gillmor [Tue, 12 May 2020 22:29:32 +0000 (18:29 -0400)]
smime: Identify encrypted S/MIME parts during indexing
We don't handle them correctly yet, but we can at least mark them as
being encrypted.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Daniel Kahn Gillmor [Tue, 12 May 2020 22:29:31 +0000 (18:29 -0400)]
lib: index PKCS7 SignedData parts
When we are indexing, we should treat SignedData parts the same way
that we treat a multipart object, indexing the wrapped part as a
distinct MIME object.
Unfortunately, this means doing some sort of cryptographic
verification whose results we throw away, because GMime doesn't offer
us any way to unwrap without doing signature verification.
I've opened https://github.com/jstedfast/gmime/issues/67 to request
the capability from GMime but for now, we'll just accept the
additional performance hit.
As we do this indexing, we also apply the "signed" tag, by analogy
with how we handle multipart/signed messages. These days, that kind
of change should probably be done with a property instead, but that's
a different set of changes. This one is just for consistency.
Note that we are currently *only* handling signedData parts, which are
basically clearsigned messages. PKCS#7 parts can also be
envelopedData and authEnvelopedData (which are effectively encryption
layers), and compressedData (which afaict isn't implemented anywhere,
i've never encountered it). We're laying the groundwork for indexing
these other S/MIME types here, but we're only dealing with signedData
for now.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Daniel Kahn Gillmor [Tue, 12 May 2020 21:17:09 +0000 (17:17 -0400)]
configure: report GMime minimum version in ./configure output
We already report the minimum version for Glib, zlib, and Xapian
development libraries. For consistency, report it for GMime as well.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Daniel Kahn Gillmor [Fri, 22 May 2020 00:42:41 +0000 (20:42 -0400)]
smime: tests of X.509 certificate validity are known-broken on GMime < 3.2.7
When checking cryptographic signatures, Notmuch relies on GMime to
tell it whether the certificate that signs a message has a valid User
ID or not.
If the User ID is not valid, then notmuch does not report the signer's
User ID to the user. This means that the consumer of notmuch's
cryptographic summary of a message (or of its protected headers) can
be confident in relaying the reported identity to the user.
However, some versions of GMime before 3.2.7 cannot report Certificate
validity for X.509 certificates. This is resolved upstream in GMime
at https://github.com/jstedfast/gmime/pull/90.
We adapt to this by marking tests of reported User IDs for
S/MIME-signed messages as known-broken if GMime is older than 3.2.7
and has not been patched.
If GMime >= 3.2.7 and certificate validity still doesn't work for
X.509 certs, then there has likely been a regression in GMime and we
should fail early, during ./configure.
To break out these specific User ID checks from other checks, i had to
split some tests into two parts, and reuse $output across the two
subtests.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Daniel Kahn Gillmor [Fri, 8 May 2020 23:24:38 +0000 (19:24 -0400)]
test-lib: mark function variables as local
Several functions in test/test-lib.sh used variable names that are
also used outside of those functions (e.g. $output and $expected are
used in many of the test scripts), but they are not expected to
communicate via those variables.
We mark those variables "local" within test-lib.sh so that they do not
get clobbered when used outside test-lib.
We also move the local variable declarations to beginning of each
function, to avoid weird gotchas with local variable declarations as
described in https://tldp.org/LDP/abs/html/localvar.html.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>