Re: [PATCH 03/18] crypto: use stashed session-key properties for decryption, if available

Thu, 26 Oct 2017 12:32:36 -0700 

On Wed 2017-10-25 02:51:48 -0400, Daniel Kahn Gillmor wrote:
> diff --git a/util/crypto.c b/util/crypto.c
> index 087536ec..e014db5d 100644
> --- a/util/crypto.c
> +++ b/util/crypto.c
> @@ -140,13 +140,42 @@ void _notmuch_crypto_cleanup (unused(_notmuch_crypto_t 
> *crypto))
>  #endif
>  
>  GMimeObject *
> -_notmuch_crypto_decrypt (g_mime_3_unused(GMimeCryptoContext* crypto_ctx),
> +_notmuch_crypto_decrypt (notmuch_message_t *message,
> +                      g_mime_3_unused(GMimeCryptoContext* crypto_ctx),
>                        GMimeMultipartEncrypted *part,
>                        GMimeDecryptResult **decrypt_result,
>                        GError **err)
>  {
>      GMimeObject *ret = NULL;
>  
> +    /* the versions of notmuch that can support session key decryption */
> +#if (GMIME_MAJOR_VERSION >= 3 || (GMIME_MAJOR_VERSION == 2 && 
> GMIME_MINOR_VERSION == 6 && GMIME_MICRO_VERSION >= 21))
> +    if (message) {
> +     notmuch_message_properties_t *list = NULL;
> +
> +     for (list = notmuch_message_get_properties (message, "session-key", 
> TRUE);
> +          notmuch_message_properties_valid (list); 
> notmuch_message_properties_move_to_next (list)) {
> +#if (GMIME_MAJOR_VERSION < 3)
> +         ret = g_mime_multipart_encrypted_decrypt_session (part,
> +                                                           crypto_ctx,
> +                                                           
> notmuch_message_properties_value (list),
> +                                                           decrypt_result, 
> err);
> +#else
> +         ret = g_mime_multipart_encrypted_decrypt (part,
> +                                                   GMIME_DECRYPT_NONE,
> +                                                   
> notmuch_message_properties_value (list),
> +                                                   decrypt_result, err);
> +#endif
> +         if (ret)
> +             break;
> +     }
> +     if (list)
> +         notmuch_message_properties_destroy (list);
> +     if (ret)
> +         return ret;
> +    }
> +#endif
> +
>  #if (GMIME_MAJOR_VERSION < 3)
>      ret = g_mime_multipart_encrypted_decrypt(part, crypto_ctx,
>                                            decrypt_result, err);

In the change above, i realized that we might accidentally clobber the
GError of any intermediate failed decryption attempt, which would
produce a GLib warning to stderr.

In my revised/updated series ("session-keys" on
https://gitlab.com/dkg/notmuch), i clear err (if present) before each
attempted decryption.  This effectively throws away all errors except
for the last one, but i think that's the right thing to do -- we'll try
whatever we can for decrypting, but if the final decryption fails,
that's the error we'd want reported back anyway.

           --dkg the self-reviewer :)

Attachment: signature.asc
Description: PGP signature

_______________________________________________
notmuch mailing list
notmuch@notmuchmail.org
https://notmuchmail.org/mailman/listinfo/notmuch

Reply via email to