[PATCH 7/9] add a gpg_path value for notmuch_database_t

Fri Dec 11 14:02:33 PST 2015

On Thu, Dec 10 2015, Daniel Kahn Gillmor <dkg at fifthhorseman.net> wrote:

> Exposing this to the user of the library lets the user point to
> arbitrary gpg executables when trying to decrypt.
> ---
>  lib/database-private.h |  3 ++
>  lib/database.cc        | 93 +++++++++++++++++++++++++++++++++++++++++++-------
>  lib/notmuch.h          | 31 +++++++++++++++++
>  3 files changed, 115 insertions(+), 12 deletions(-)
>
......

> +
> +static notmuch_bool_t
> +_find_in_path(const char* path)
> +{
> +    char *c = NULL, *save = NULL, *tok;
> +    size_t n;
> +    int dfd = -1;
> +    notmuch_bool_t ret = FALSE;
> +    
> +    n = confstr(_CS_PATH, NULL, 0);
> +    c = (char*)talloc_size(NULL, n);
> +    if (!c)
> +	return FALSE;
> +    confstr(_CS_PATH, c, n);
> +
> +    tok = strtok_r(c, ":", &save);
> +    while (tok) {
> +	dfd = open(tok, O_DIRECTORY | O_RDONLY);
> +	if (dfd != -1) {
> +	    if (!faccessat(dfd, path, X_OK, 0)) {
> +		ret = TRUE;
> +		goto done;
> +	    }
> +	    close(dfd);
> +	}
> +	tok = strtok_r(NULL, ":", &save);
> +    }

The above code finds gpg/gpg2 (when called w/ these args) from
_CS_PATH (seems to be /bin:/usr/bin by default in linux (tried to
look how this set in *BSD -- initially it looks like /usr/local/bin
not included but... maybe we let them to complain if this is the case
... :/)
... anyway, the full found path is not set anywhere -- how is it found
when used (exec*p() using $PATH? :O)

> +done:
> +    if (dfd != -1)
> +	close(dfd);
> +    if (c)
> +	talloc_free(c);
> +    return ret;
> +}
> +
> +notmuch_status_t
> +notmuch_database_set_gpg_path (notmuch_database_t *notmuch, const char* path)
> +{
> +    /* return success if this matches what is already configured */
> +    if ((!path && !notmuch->gpg_path) ||
> +	(path && notmuch->gpg_path && 0 == strcmp(path, notmuch->gpg_path)))
> +	return NOTMUCH_STATUS_SUCCESS;
> +    
> +    if (!path && !_find_in_path(path))
> +	return NOTMUCH_STATUS_FILE_ERROR;
> +
> +    /* clear any existing gpg_crypto_ctx, since things are changing */
> +    if (notmuch->gpg_crypto_ctx) {
> +	g_object_unref (notmuch->gpg_crypto_ctx);
> +	notmuch->gpg_crypto_ctx = NULL;
> +    }
> +
> +    if (notmuch->gpg_path) {
> +	talloc_free(notmuch->gpg_path);
> +	notmuch->gpg_path = NULL;
> +    }
> +
> +    if (path)
> +	notmuch->gpg_path = talloc_strdup (notmuch, path);
> +    
> +    return NOTMUCH_STATUS_SUCCESS;
> +}
> +
> +const char*
> +notmuch_database_get_gpg_path (const notmuch_database_t *notmuch)
> +{
> +    if (notmuch->gpg_path)
> +	return notmuch->gpg_path;
> +
> +#define try_gpg_path(z) if (_find_in_path(z)) return z
> +    try_gpg_path("gpg2");
> +    try_gpg_path("gpg");
> +    return NULL;
> +}