[PATCH 2/4] Introduce a generic tree-like abstraction for MIME traversal.

Jani Nikula jani at nikula.org
Tue Nov 29 11:11:49 PST 2011


Hi, generally looks good to me, but please find a few comments below.

BR,
Jani.

On Sun, 27 Nov 2011 21:21:09 -0500, Austin Clements <amdragon at MIT.EDU> wrote:
> This wraps all of the complex MIME part handling in a single, simple
> function that gets part N from *any* MIME object, so traversing a MIME
> part tree becomes a two-line for loop.  Furthermore, the MIME node
> structure provides easy access to envelopes for message parts as well
> as cryptographic information.
> 
> This code is directly derived from the current show_message_body code
> (much of it is identical), but the control relation is inverted:
> instead of show_message_body controlling the traversal of the MIME
> structure and invoking callbacks, the caller controls the traversal of
> the MIME structure.
> ---
>  Makefile.local   |    1 +
>  mime-node.c      |  234 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
>  notmuch-client.h |   80 ++++++++++++++++++
>  3 files changed, 315 insertions(+), 0 deletions(-)
>  create mode 100644 mime-node.c
> 
> diff --git a/Makefile.local b/Makefile.local
> index c94402b..c46ed26 100644
> --- a/Makefile.local
> +++ b/Makefile.local
> @@ -312,6 +312,7 @@ notmuch_client_srcs =		\
>  	notmuch-time.c		\
>  	query-string.c		\
>  	show-message.c		\
> +	mime-node.c		\
>  	json.c
>  
>  notmuch_client_modules = $(notmuch_client_srcs:.c=.o)
> diff --git a/mime-node.c b/mime-node.c
> new file mode 100644
> index 0000000..942738b
> --- /dev/null
> +++ b/mime-node.c
> @@ -0,0 +1,234 @@
> +/* notmuch - Not much of an email program, (just index and search)
> + *
> + * Copyright © 2009 Carl Worth
> + * Copyright © 2009 Keith Packard
> + *
> + * This program is free software: you can redistribute it and/or modify
> + * it under the terms of the GNU General Public License as published by
> + * the Free Software Foundation, either version 3 of the License, or
> + * (at your option) any later version.
> + *
> + * This program is distributed in the hope that it will be useful,
> + * but WITHOUT ANY WARRANTY; without even the implied warranty of
> + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
> + * GNU General Public License for more details.
> + *
> + * You should have received a copy of the GNU General Public License
> + * along with this program.  If not, see http://www.gnu.org/licenses/ .
> + *
> + * Authors: Carl Worth <cworth at cworth.org>
> + *          Keith Packard <keithp at keithp.com>
> + *          Austin Clements <aclements at csail.mit.edu>
> + */
> +
> +#include "notmuch-client.h"
> +
> +/* Context that gets inherited from the root node. */
> +typedef struct mime_node_context {
> +    /* Per-message resources.  These are allocated internally and must
> +     * be destroyed. */
> +    FILE *file;
> +    GMimeStream *stream;
> +    GMimeParser *parser;
> +    GMimeMessage *mime_message;
> +    

Leftover indentation spaces above.

> +    /* Context provided by the caller. */
> +    GMimeCipherContext *cryptoctx;
> +    notmuch_bool_t decrypt;
> +} mime_node_context_t;
> +
> +static int
> +_mime_node_context_free (mime_node_context_t *res)
> +{
> +    if (res->mime_message)
> +	g_object_unref (res->mime_message);
> +
> +    if (res->parser)
> +	g_object_unref (res->parser);
> +
> +    if (res->stream)
> +	g_object_unref (res->stream);
> +
> +    if (res->file)
> +	fclose (res->file);
> +
> +    return 0;
> +}
> +
> +notmuch_status_t
> +mime_node_open (const void *ctx, notmuch_message_t *message,
> +		GMimeCipherContext* cryptoctx, notmuch_bool_t decrypt,

The style here seems to be * next to the variable name, not type.

> +		mime_node_t **root_out)
> +{
> +    const char *filename = notmuch_message_get_filename (message);
> +    mime_node_context_t *mctx;
> +    mime_node_t *root = NULL;

No need to initialize as it's initialized right away below.

> +    notmuch_status_t status;
> +
> +    root = talloc_zero (ctx, mime_node_t);
> +    if (root == NULL) {
> +	fprintf (stderr, "Out of memory.\n");
> +	status = NOTMUCH_STATUS_OUT_OF_MEMORY;
> +	goto DONE;
> +    }
> +
> +    /* Create the tree-wide context */
> +    mctx = talloc_zero (root, mime_node_context_t);
> +    if (mctx == NULL) {
> +	fprintf (stderr, "Out of memory.\n");
> +	status = NOTMUCH_STATUS_OUT_OF_MEMORY;
> +	goto DONE;
> +    }
> +    talloc_set_destructor (mctx, _mime_node_context_free);
> +
> +    mctx->file = fopen (filename, "r");
> +    if (! mctx->file) {
> +	fprintf (stderr, "Error opening %s: %s\n", filename, strerror (errno));
> +	status = NOTMUCH_STATUS_FILE_ERROR;
> +	goto DONE;
> +    }
> +
> +    mctx->stream = g_mime_stream_file_new (mctx->file);

AFAICT the GMimeStreamFile object owns the FILE * pointer now, and
closes it later. Calling fclose() on it in _mime_node_context_free()
would be undefined behaviour. But please don't just take my word for it.

> +    g_mime_stream_file_set_owner (GMIME_STREAM_FILE (mctx->stream), FALSE);
> +
> +    mctx->parser = g_mime_parser_new_with_stream (mctx->stream);
> +
> +    mctx->mime_message = g_mime_parser_construct_message (mctx->parser);
> +
> +    mctx->cryptoctx = cryptoctx;
> +    mctx->decrypt = decrypt;
> +
> +    /* Create the root node */
> +    root->part = GMIME_OBJECT (mctx->mime_message);
> +    root->envelope_file = message;
> +    root->children = 1;
> +    root->ctx = mctx;
> +
> +    *root_out = root;
> +    return NOTMUCH_STATUS_SUCCESS;
> +
> +DONE:
> +    talloc_free (root);
> +    return status;
> +}
> +
> +static int
> +_signature_validity_free (GMimeSignatureValidity **proxy)
> +{
> +    g_mime_signature_validity_free (*proxy);
> +    return 0;
> +}
> +
> +static mime_node_t *
> +_mime_node_create (const mime_node_t *parent, GMimeObject *part)
> +{
> +    mime_node_t *out = talloc_zero (parent, mime_node_t);
> +    GError *err = NULL;
> +
> +    /* Set basic node properties */
> +    out->part = part;
> +    out->ctx = parent->ctx;
> +    if (!talloc_reference (out, out->ctx)) {
> +	fprintf (stderr, "Out of memory.\n");
> +	talloc_free (out);
> +	return NULL;
> +    }
> +
> +    /* Deal with the different types of parts */
> +    if (GMIME_IS_PART (part)) {
> +	out->children = 0;
> +    } else if (GMIME_IS_MULTIPART (part)) {
> +	out->children = g_mime_multipart_get_count (GMIME_MULTIPART (part));
> +    } else if (GMIME_IS_MESSAGE_PART (part)) {
> +	/* Promote part to an envelope and open it */
> +	GMimeMessagePart *message_part = GMIME_MESSAGE_PART (part);
> +	GMimeMessage *message = g_mime_message_part_get_message (message_part);
> +	out->envelope_part = message_part;
> +	out->part = GMIME_OBJECT (message);
> +	out->children = 1;
> +    } else {
> +	fprintf (stderr, "Warning: Unknown mime part type: %s.\n",
> +		 g_type_name (G_OBJECT_TYPE (part)));
> +	talloc_free (out);
> +	return NULL;
> +    }
> +
> +    /* Handle PGP/MIME parts */
> +    if (GMIME_IS_MULTIPART_ENCRYPTED (part) && out->ctx->decrypt) {
> +	if (out->children != 2) {
> +	    /* this violates RFC 3156 section 4, so we won't bother with it. */
> +	    fprintf (stderr, "Error: %d part(s) for a multipart/encrypted "
> +		     "message (should be exactly 2)\n",
> +		     out->children);
> +	} else {
> +	    out->is_encrypted = TRUE;
> +	    GMimeMultipartEncrypted *encrypteddata =
> +		GMIME_MULTIPART_ENCRYPTED (part);
> +	    out->decrypted_child = g_mime_multipart_encrypted_decrypt
> +		(encrypteddata, out->ctx->cryptoctx, &err);
> +	    if (out->decrypted_child) {
> +		out->decrypt_success = TRUE;
> +		out->is_signed = TRUE;
> +		out->sig_validity = g_mime_multipart_encrypted_get_signature_validity (encrypteddata);
> +	    } else {
> +		fprintf (stderr, "Failed to decrypt part: %s\n",
> +			 (err ? err->message : "no error explanation given"));
> +	    }
> +	}
> +    } else if (GMIME_IS_MULTIPART_SIGNED (part) && out->ctx->cryptoctx) {
> +	if (out->children != 2) {
> +	    /* this violates RFC 3156 section 5, so we won't bother with it. */
> +	    fprintf (stderr, "Error: %d part(s) for a multipart/signed message "
> +		     "(should be exactly 2)\n",
> +		     out->children);
> +	} else {
> +	    out->is_signed = TRUE;
> +	    /* For some reason the GMimeSignatureValidity returned
> +	     * here is not a const (inconsistent with that
> +	     * returned by
> +	     * g_mime_multipart_encrypted_get_signature_validity,
> +	     * and therefore needs to be properly disposed of.
> +	     * Hopefully the API will become more consistent. */
> +	    GMimeSignatureValidity *sig_validity = g_mime_multipart_signed_verify
> +		(GMIME_MULTIPART_SIGNED (part), out->ctx->cryptoctx, &err);
> +	    out->sig_validity = sig_validity;
> +	    if (sig_validity) {
> +		GMimeSignatureValidity **proxy =
> +		    talloc (out, GMimeSignatureValidity *);
> +		*proxy = sig_validity;
> +		talloc_set_destructor (proxy, _signature_validity_free);
> +	    }
> +	}
> +    }
> +
> +    if (out->is_signed && !out->sig_validity)
> +	fprintf (stderr, "Failed to verify signed part: %s\n",
> +		 (err ? err->message : "no error explanation given"));
> +
> +    if (err)
> +	g_error_free (err);
> +
> +    return out;
> +}
> +
> +mime_node_t *
> +mime_node_child (const mime_node_t *parent, int child)
> +{
> +    if (!parent || child < 0 || child >= parent->children)
> +	return NULL;
> +
> +    if (GMIME_IS_MULTIPART (parent->part)) {
> +	GMimeMultipart *multipart = GMIME_MULTIPART (parent->part);
> +	if (child == 1 && parent->decrypted_child)
> +	    return _mime_node_create (parent, parent->decrypted_child);
> +	return _mime_node_create (parent, g_mime_multipart_get_part (multipart, child));
> +    } else if (GMIME_IS_MESSAGE (parent->part)) {
> +	GMimeMessage *message = GMIME_MESSAGE (parent->part);
> +	GMimeObject *child = g_mime_message_get_mime_part (message);
> +	return _mime_node_create (parent, child);
> +    } else {
> +	/* This should have been caught by message_part_create */
> +	INTERNAL_ERROR ("Unexpected GMimeObject type: %s",
> +			g_type_name (G_OBJECT_TYPE (parent->part)));
> +    }
> +}
> diff --git a/notmuch-client.h b/notmuch-client.h
> index d7fb6ee..58bd21c 100644
> --- a/notmuch-client.h
> +++ b/notmuch-client.h
> @@ -238,4 +238,84 @@ notmuch_config_set_maildir_synchronize_flags (notmuch_config_t *config,
>  notmuch_bool_t
>  debugger_is_active (void);
>  
> +/* mime-node.c */
> +
> +/* mime_node_t represents a single node in a MIME tree.  A MIME tree
> + * abstracts the different ways of traversing different types of MIME
> + * parts, allowing a MIME message to be viewed as a generic tree of
> + * parts.  Message-type parts have one child, multipart-type parts
> + * have multiple children, and leaf parts have zero children.
> + */
> +typedef struct mime_node {
> +    /* The MIME object of this part.  This will be a GMimeMessage,
> +     * GMimePart, GMimeMultipart, or a subclass of one of these.
> +     *
> +     * This will never be a GMimeMessagePart because GMimeMessagePart
> +     * is structurally redundant with GMimeMessage.  If this part is a
> +     * message (that is, 'part' is a GMimeMessage), then either
> +     * envelope_file will be set to a notmuch_message_t (for top-level
> +     * messages) or envelope_part will be set to a GMimeMessagePart
> +     * (for embedded message parts).
> +     */
> +    GMimeObject *part;
> +
> +    /* If part is a GMimeMessage, these record the envelope of the
> +     * message: either a notmuch_message_t representing a top-level
> +     * message, or a GMimeMessagePart representing a MIME part
> +     * containing a message.
> +     */
> +    notmuch_message_t *envelope_file;
> +    GMimeMessagePart *envelope_part;
> +
> +    /* The number of children of this part. */
> +    int children;
> +
> +    /* True if this is the container for an encrypted or signed part.
> +     * This does *not* mean that decryption or signature verification
> +     * succeeded. */
> +    notmuch_bool_t is_encrypted, is_signed;
> +    /* True if decryption of this part's child succeeded.  In this
> +     * case, the decrypted part is substituted for the second child of
> +     * this part (which would usually be the encrypted data). */
> +    notmuch_bool_t decrypt_success;
> +    /* For signed or encrypted containers, the validity of the
> +     * signature.  May be NULL if signature verification failed. */
> +    const GMimeSignatureValidity *sig_validity;
> +
> +    /* Internal: Context inherited from the root iterator. */
> +    struct mime_node_context *ctx;
> +
> +    /* Internal: For successfully decrypted multipart parts, the
> +     * decrypted part to substitute for the second child. */
> +    GMimeObject *decrypted_child;
> +} mime_node_t;
> +
> +/* Construct a new MIME node pointing to the root message part of
> + * message.  If cryptoctx is non-NULL, it will be used to verify
> + * signatures on any child parts.  If decrypt is true, then cryptoctx
> + * will additionally be used to decrypt any encrypted child parts.
> + *
> + * Return value:
> + *
> + * NOTMUCH_STATUS_SUCCESS: Root node is returned in *node_out.
> + *
> + * NOTMUCH_STATUS_FILE_ERROR: Failed to open message file.
> + *
> + * NOTMUCH_STATUS_OUT_OF_MEMORY: Out of memory.
> + */
> +notmuch_status_t
> +mime_node_open (const void *ctx, notmuch_message_t *message,
> +		GMimeCipherContext* cryptoctx, notmuch_bool_t decrypt,
> +		mime_node_t **node_out);
> +
> +/* Return a new MIME node for the requested child part of parent.
> + * parent will be used as the talloc context for the returned child
> + * node.
> + *
> + * In case of any failure, this function returns NULL, (after printing
> + * an error message on stderr).
> + */
> +mime_node_t *
> +mime_node_child (const mime_node_t *parent, int child);
> +
>  #endif
> -- 
> 1.7.5.4
> 
> _______________________________________________
> notmuch mailing list
> notmuch at notmuchmail.org
> http://notmuchmail.org/mailman/listinfo/notmuch


More information about the notmuch mailing list