[PATCH 2/4] Introduce a generic tree-like abstraction for MIME traversal.
Jani Nikula
jani at nikula.org
Tue Nov 29 11:11:49 PST 2011
Hi, generally looks good to me, but please find a few comments below.
BR,
Jani.
On Sun, 27 Nov 2011 21:21:09 -0500, Austin Clements <amdragon at MIT.EDU> wrote:
> This wraps all of the complex MIME part handling in a single, simple
> function that gets part N from *any* MIME object, so traversing a MIME
> part tree becomes a two-line for loop. Furthermore, the MIME node
> structure provides easy access to envelopes for message parts as well
> as cryptographic information.
>
> This code is directly derived from the current show_message_body code
> (much of it is identical), but the control relation is inverted:
> instead of show_message_body controlling the traversal of the MIME
> structure and invoking callbacks, the caller controls the traversal of
> the MIME structure.
> ---
> Makefile.local | 1 +
> mime-node.c | 234 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
> notmuch-client.h | 80 ++++++++++++++++++
> 3 files changed, 315 insertions(+), 0 deletions(-)
> create mode 100644 mime-node.c
>
> diff --git a/Makefile.local b/Makefile.local
> index c94402b..c46ed26 100644
> --- a/Makefile.local
> +++ b/Makefile.local
> @@ -312,6 +312,7 @@ notmuch_client_srcs = \
> notmuch-time.c \
> query-string.c \
> show-message.c \
> + mime-node.c \
> json.c
>
> notmuch_client_modules = $(notmuch_client_srcs:.c=.o)
> diff --git a/mime-node.c b/mime-node.c
> new file mode 100644
> index 0000000..942738b
> --- /dev/null
> +++ b/mime-node.c
> @@ -0,0 +1,234 @@
> +/* notmuch - Not much of an email program, (just index and search)
> + *
> + * Copyright © 2009 Carl Worth
> + * Copyright © 2009 Keith Packard
> + *
> + * This program is free software: you can redistribute it and/or modify
> + * it under the terms of the GNU General Public License as published by
> + * the Free Software Foundation, either version 3 of the License, or
> + * (at your option) any later version.
> + *
> + * This program is distributed in the hope that it will be useful,
> + * but WITHOUT ANY WARRANTY; without even the implied warranty of
> + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
> + * GNU General Public License for more details.
> + *
> + * You should have received a copy of the GNU General Public License
> + * along with this program. If not, see http://www.gnu.org/licenses/ .
> + *
> + * Authors: Carl Worth <cworth at cworth.org>
> + * Keith Packard <keithp at keithp.com>
> + * Austin Clements <aclements at csail.mit.edu>
> + */
> +
> +#include "notmuch-client.h"
> +
> +/* Context that gets inherited from the root node. */
> +typedef struct mime_node_context {
> + /* Per-message resources. These are allocated internally and must
> + * be destroyed. */
> + FILE *file;
> + GMimeStream *stream;
> + GMimeParser *parser;
> + GMimeMessage *mime_message;
> +
Leftover indentation spaces above.
> + /* Context provided by the caller. */
> + GMimeCipherContext *cryptoctx;
> + notmuch_bool_t decrypt;
> +} mime_node_context_t;
> +
> +static int
> +_mime_node_context_free (mime_node_context_t *res)
> +{
> + if (res->mime_message)
> + g_object_unref (res->mime_message);
> +
> + if (res->parser)
> + g_object_unref (res->parser);
> +
> + if (res->stream)
> + g_object_unref (res->stream);
> +
> + if (res->file)
> + fclose (res->file);
> +
> + return 0;
> +}
> +
> +notmuch_status_t
> +mime_node_open (const void *ctx, notmuch_message_t *message,
> + GMimeCipherContext* cryptoctx, notmuch_bool_t decrypt,
The style here seems to be * next to the variable name, not type.
> + mime_node_t **root_out)
> +{
> + const char *filename = notmuch_message_get_filename (message);
> + mime_node_context_t *mctx;
> + mime_node_t *root = NULL;
No need to initialize as it's initialized right away below.
> + notmuch_status_t status;
> +
> + root = talloc_zero (ctx, mime_node_t);
> + if (root == NULL) {
> + fprintf (stderr, "Out of memory.\n");
> + status = NOTMUCH_STATUS_OUT_OF_MEMORY;
> + goto DONE;
> + }
> +
> + /* Create the tree-wide context */
> + mctx = talloc_zero (root, mime_node_context_t);
> + if (mctx == NULL) {
> + fprintf (stderr, "Out of memory.\n");
> + status = NOTMUCH_STATUS_OUT_OF_MEMORY;
> + goto DONE;
> + }
> + talloc_set_destructor (mctx, _mime_node_context_free);
> +
> + mctx->file = fopen (filename, "r");
> + if (! mctx->file) {
> + fprintf (stderr, "Error opening %s: %s\n", filename, strerror (errno));
> + status = NOTMUCH_STATUS_FILE_ERROR;
> + goto DONE;
> + }
> +
> + mctx->stream = g_mime_stream_file_new (mctx->file);
AFAICT the GMimeStreamFile object owns the FILE * pointer now, and
closes it later. Calling fclose() on it in _mime_node_context_free()
would be undefined behaviour. But please don't just take my word for it.
> + g_mime_stream_file_set_owner (GMIME_STREAM_FILE (mctx->stream), FALSE);
> +
> + mctx->parser = g_mime_parser_new_with_stream (mctx->stream);
> +
> + mctx->mime_message = g_mime_parser_construct_message (mctx->parser);
> +
> + mctx->cryptoctx = cryptoctx;
> + mctx->decrypt = decrypt;
> +
> + /* Create the root node */
> + root->part = GMIME_OBJECT (mctx->mime_message);
> + root->envelope_file = message;
> + root->children = 1;
> + root->ctx = mctx;
> +
> + *root_out = root;
> + return NOTMUCH_STATUS_SUCCESS;
> +
> +DONE:
> + talloc_free (root);
> + return status;
> +}
> +
> +static int
> +_signature_validity_free (GMimeSignatureValidity **proxy)
> +{
> + g_mime_signature_validity_free (*proxy);
> + return 0;
> +}
> +
> +static mime_node_t *
> +_mime_node_create (const mime_node_t *parent, GMimeObject *part)
> +{
> + mime_node_t *out = talloc_zero (parent, mime_node_t);
> + GError *err = NULL;
> +
> + /* Set basic node properties */
> + out->part = part;
> + out->ctx = parent->ctx;
> + if (!talloc_reference (out, out->ctx)) {
> + fprintf (stderr, "Out of memory.\n");
> + talloc_free (out);
> + return NULL;
> + }
> +
> + /* Deal with the different types of parts */
> + if (GMIME_IS_PART (part)) {
> + out->children = 0;
> + } else if (GMIME_IS_MULTIPART (part)) {
> + out->children = g_mime_multipart_get_count (GMIME_MULTIPART (part));
> + } else if (GMIME_IS_MESSAGE_PART (part)) {
> + /* Promote part to an envelope and open it */
> + GMimeMessagePart *message_part = GMIME_MESSAGE_PART (part);
> + GMimeMessage *message = g_mime_message_part_get_message (message_part);
> + out->envelope_part = message_part;
> + out->part = GMIME_OBJECT (message);
> + out->children = 1;
> + } else {
> + fprintf (stderr, "Warning: Unknown mime part type: %s.\n",
> + g_type_name (G_OBJECT_TYPE (part)));
> + talloc_free (out);
> + return NULL;
> + }
> +
> + /* Handle PGP/MIME parts */
> + if (GMIME_IS_MULTIPART_ENCRYPTED (part) && out->ctx->decrypt) {
> + if (out->children != 2) {
> + /* this violates RFC 3156 section 4, so we won't bother with it. */
> + fprintf (stderr, "Error: %d part(s) for a multipart/encrypted "
> + "message (should be exactly 2)\n",
> + out->children);
> + } else {
> + out->is_encrypted = TRUE;
> + GMimeMultipartEncrypted *encrypteddata =
> + GMIME_MULTIPART_ENCRYPTED (part);
> + out->decrypted_child = g_mime_multipart_encrypted_decrypt
> + (encrypteddata, out->ctx->cryptoctx, &err);
> + if (out->decrypted_child) {
> + out->decrypt_success = TRUE;
> + out->is_signed = TRUE;
> + out->sig_validity = g_mime_multipart_encrypted_get_signature_validity (encrypteddata);
> + } else {
> + fprintf (stderr, "Failed to decrypt part: %s\n",
> + (err ? err->message : "no error explanation given"));
> + }
> + }
> + } else if (GMIME_IS_MULTIPART_SIGNED (part) && out->ctx->cryptoctx) {
> + if (out->children != 2) {
> + /* this violates RFC 3156 section 5, so we won't bother with it. */
> + fprintf (stderr, "Error: %d part(s) for a multipart/signed message "
> + "(should be exactly 2)\n",
> + out->children);
> + } else {
> + out->is_signed = TRUE;
> + /* For some reason the GMimeSignatureValidity returned
> + * here is not a const (inconsistent with that
> + * returned by
> + * g_mime_multipart_encrypted_get_signature_validity,
> + * and therefore needs to be properly disposed of.
> + * Hopefully the API will become more consistent. */
> + GMimeSignatureValidity *sig_validity = g_mime_multipart_signed_verify
> + (GMIME_MULTIPART_SIGNED (part), out->ctx->cryptoctx, &err);
> + out->sig_validity = sig_validity;
> + if (sig_validity) {
> + GMimeSignatureValidity **proxy =
> + talloc (out, GMimeSignatureValidity *);
> + *proxy = sig_validity;
> + talloc_set_destructor (proxy, _signature_validity_free);
> + }
> + }
> + }
> +
> + if (out->is_signed && !out->sig_validity)
> + fprintf (stderr, "Failed to verify signed part: %s\n",
> + (err ? err->message : "no error explanation given"));
> +
> + if (err)
> + g_error_free (err);
> +
> + return out;
> +}
> +
> +mime_node_t *
> +mime_node_child (const mime_node_t *parent, int child)
> +{
> + if (!parent || child < 0 || child >= parent->children)
> + return NULL;
> +
> + if (GMIME_IS_MULTIPART (parent->part)) {
> + GMimeMultipart *multipart = GMIME_MULTIPART (parent->part);
> + if (child == 1 && parent->decrypted_child)
> + return _mime_node_create (parent, parent->decrypted_child);
> + return _mime_node_create (parent, g_mime_multipart_get_part (multipart, child));
> + } else if (GMIME_IS_MESSAGE (parent->part)) {
> + GMimeMessage *message = GMIME_MESSAGE (parent->part);
> + GMimeObject *child = g_mime_message_get_mime_part (message);
> + return _mime_node_create (parent, child);
> + } else {
> + /* This should have been caught by message_part_create */
> + INTERNAL_ERROR ("Unexpected GMimeObject type: %s",
> + g_type_name (G_OBJECT_TYPE (parent->part)));
> + }
> +}
> diff --git a/notmuch-client.h b/notmuch-client.h
> index d7fb6ee..58bd21c 100644
> --- a/notmuch-client.h
> +++ b/notmuch-client.h
> @@ -238,4 +238,84 @@ notmuch_config_set_maildir_synchronize_flags (notmuch_config_t *config,
> notmuch_bool_t
> debugger_is_active (void);
>
> +/* mime-node.c */
> +
> +/* mime_node_t represents a single node in a MIME tree. A MIME tree
> + * abstracts the different ways of traversing different types of MIME
> + * parts, allowing a MIME message to be viewed as a generic tree of
> + * parts. Message-type parts have one child, multipart-type parts
> + * have multiple children, and leaf parts have zero children.
> + */
> +typedef struct mime_node {
> + /* The MIME object of this part. This will be a GMimeMessage,
> + * GMimePart, GMimeMultipart, or a subclass of one of these.
> + *
> + * This will never be a GMimeMessagePart because GMimeMessagePart
> + * is structurally redundant with GMimeMessage. If this part is a
> + * message (that is, 'part' is a GMimeMessage), then either
> + * envelope_file will be set to a notmuch_message_t (for top-level
> + * messages) or envelope_part will be set to a GMimeMessagePart
> + * (for embedded message parts).
> + */
> + GMimeObject *part;
> +
> + /* If part is a GMimeMessage, these record the envelope of the
> + * message: either a notmuch_message_t representing a top-level
> + * message, or a GMimeMessagePart representing a MIME part
> + * containing a message.
> + */
> + notmuch_message_t *envelope_file;
> + GMimeMessagePart *envelope_part;
> +
> + /* The number of children of this part. */
> + int children;
> +
> + /* True if this is the container for an encrypted or signed part.
> + * This does *not* mean that decryption or signature verification
> + * succeeded. */
> + notmuch_bool_t is_encrypted, is_signed;
> + /* True if decryption of this part's child succeeded. In this
> + * case, the decrypted part is substituted for the second child of
> + * this part (which would usually be the encrypted data). */
> + notmuch_bool_t decrypt_success;
> + /* For signed or encrypted containers, the validity of the
> + * signature. May be NULL if signature verification failed. */
> + const GMimeSignatureValidity *sig_validity;
> +
> + /* Internal: Context inherited from the root iterator. */
> + struct mime_node_context *ctx;
> +
> + /* Internal: For successfully decrypted multipart parts, the
> + * decrypted part to substitute for the second child. */
> + GMimeObject *decrypted_child;
> +} mime_node_t;
> +
> +/* Construct a new MIME node pointing to the root message part of
> + * message. If cryptoctx is non-NULL, it will be used to verify
> + * signatures on any child parts. If decrypt is true, then cryptoctx
> + * will additionally be used to decrypt any encrypted child parts.
> + *
> + * Return value:
> + *
> + * NOTMUCH_STATUS_SUCCESS: Root node is returned in *node_out.
> + *
> + * NOTMUCH_STATUS_FILE_ERROR: Failed to open message file.
> + *
> + * NOTMUCH_STATUS_OUT_OF_MEMORY: Out of memory.
> + */
> +notmuch_status_t
> +mime_node_open (const void *ctx, notmuch_message_t *message,
> + GMimeCipherContext* cryptoctx, notmuch_bool_t decrypt,
> + mime_node_t **node_out);
> +
> +/* Return a new MIME node for the requested child part of parent.
> + * parent will be used as the talloc context for the returned child
> + * node.
> + *
> + * In case of any failure, this function returns NULL, (after printing
> + * an error message on stderr).
> + */
> +mime_node_t *
> +mime_node_child (const mime_node_t *parent, int child);
> +
> #endif
> --
> 1.7.5.4
>
> _______________________________________________
> notmuch mailing list
> notmuch at notmuchmail.org
> http://notmuchmail.org/mailman/listinfo/notmuch
More information about the notmuch
mailing list