[PATCH 02/20] crypto: Avoid pretending to verify signatures on unsigned encrypted mail
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Thu May 10 22:55:26 PDT 2018
Unsigned encrypted mail shows up with a weird empty signature list.
If we successfully decrypted and there was no signature in it, we
should just not show a sigstatus at all.
The documentation for g_mime_decrypt_result_get_signatures says:
a GMimeSignatureList or NULL if the stream was not signed.
---
mime-node.c | 2 +-
test/T350-crypto.sh | 1 -
2 files changed, 1 insertion(+), 2 deletions(-)
diff --git a/mime-node.c b/mime-node.c
index 11df082b..74f40417 100644
--- a/mime-node.c
+++ b/mime-node.c
@@ -216,12 +216,12 @@ node_decrypt_and_verify (mime_node_t *node, GMimeObject *part,
}
node->decrypt_success = true;
- node->verify_attempted = true;
if (decrypt_result) {
/* This may be NULL if the part is not signed. */
node->sig_list = g_mime_decrypt_result_get_signatures (decrypt_result);
if (node->sig_list) {
+ node->verify_attempted = true;
g_object_ref (node->sig_list);
set_signature_list_destructor (node);
}
diff --git a/test/T350-crypto.sh b/test/T350-crypto.sh
index a776ec35..b5067346 100755
--- a/test/T350-crypto.sh
+++ b/test/T350-crypto.sh
@@ -271,7 +271,6 @@ expected='[[[{"id": "XXXXX",
"Date": "Sat, 01 Jan 2000 12:00:00 +0000"},
"body": [{"id": 1,
"encstatus": [{"status": "good"}],
- "sigstatus": [],
"content-type": "multipart/encrypted",
"content": [{"id": 2,
"content-type": "application/pgp-encrypted",
--
2.17.0
More information about the notmuch
mailing list