[PATCH 12/20] cli/show: add information about which headers were protected
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Thu May 10 22:55:36 PDT 2018
This allows a clever UI frontend to mark whether a header was
protected (or not), and if it was protected, to show the details to
an interested user.
As before, we only handle Subject for now, but we might be able to
handle other headers in the future.
---
devel/schemata | 6 ++++++
notmuch-show.c | 21 +++++++++++++++++++++
test/T356-protected-headers.sh | 4 ++--
3 files changed, 29 insertions(+), 2 deletions(-)
diff --git a/devel/schemata b/devel/schemata
index 6370eeac..5e59b806 100644
--- a/devel/schemata
+++ b/devel/schemata
@@ -89,9 +89,15 @@ crypto = {
status: sigstatus,
# was the set of signatures described under encrypted cover?
encrypted: bool,
+ # which of the headers is covered by sigstatus?
+ headers: [header_name*]
},
decrypted?: {
status: msgdecstatus,
+ # map encrypted headers that differed from the outside headers.
+ # the value of each item in the map is what that field showed externally
+ # (maybe null if it was not present in the external headers).
+ masked-headers: { header_name: string|null,*}
}
}
diff --git a/notmuch-show.c b/notmuch-show.c
index 190e9128..4cc1ce8c 100644
--- a/notmuch-show.c
+++ b/notmuch-show.c
@@ -631,6 +631,12 @@ format_part_sprinter (const void *ctx, sprinter_t *sp, mime_node_t *node,
sp->map_key (sp, "encrypted");
sp->boolean (sp, msg_crypto->signature_encrypted);
}
+ if (msg_crypto->payload_subject) {
+ sp->map_key (sp, "headers");
+ sp->begin_list (sp);
+ sp->string (sp, "Subject");
+ sp->end (sp);
+ }
sp->end (sp);
}
if (msg_crypto->decryption_status != NOTMUCH_MESSAGE_DECRYPTED_NONE) {
@@ -638,6 +644,21 @@ format_part_sprinter (const void *ctx, sprinter_t *sp, mime_node_t *node,
sp->begin_map (sp);
sp->map_key (sp, "status");
sp->string (sp, msg_crypto->decryption_status == NOTMUCH_MESSAGE_DECRYPTED_FULL ? "full" : "partial");
+
+ if (msg_crypto->payload_subject) {
+ const char *subject = g_mime_message_get_subject GMIME_MESSAGE (node->part);
+ if (subject == NULL || strcmp (subject, msg_crypto->payload_subject)) {
+ /* protected subject differs from the external header */
+ sp->map_key (sp, "masked-headers");
+ sp->begin_map (sp);
+ sp->map_key (sp, "Subject");
+ if (subject == NULL)
+ sp->null (sp);
+ else
+ sp->string (sp, subject);
+ sp->end (sp);
+ }
+ }
sp->end (sp);
}
sp->end (sp);
diff --git a/test/T356-protected-headers.sh b/test/T356-protected-headers.sh
index 242ad105..c6838995 100755
--- a/test/T356-protected-headers.sh
+++ b/test/T356-protected-headers.sh
@@ -24,7 +24,7 @@ test_json_nodes <<<"$output" \
test_begin_subtest "verify protected header is visible with decryption"
output=$(notmuch show --decrypt=true --format=json id:protected-header at crypto.notmuchmail.org)
test_json_nodes <<<"$output" \
- 'crypto:[0][0][0]["crypto"]={"decrypted": {"status": "full"}}' \
+ 'crypto:[0][0][0]["crypto"]={"decrypted": {"status": "full", "masked-headers": {"Subject": "encrypted message"}}}' \
'subject:[0][0][0]["headers"]["Subject"]="This is a protected header"'
test_begin_subtest "misplaced protected headers should not be made visible during decryption"
@@ -60,7 +60,7 @@ test_json_nodes <<<"$output" \
test_begin_subtest "verify nested message/rfc822 protected header is visible"
output=$(notmuch show --decrypt=true --format=json id:nested-rfc822-message at crypto.notmuchmail.org)
test_json_nodes <<<"$output" \
- 'crypto:[0][0][0]["crypto"]={"decrypted": {"status": "full"}}' \
+ 'crypto:[0][0][0]["crypto"]={"decrypted": {"status": "full", "masked-headers": {"Subject": "encrypted message"}}}' \
'subject:[0][0][0]["headers"]["Subject"]="This is a message using draft-melnikov-smime-header-signing"'
test_done
--
2.17.0
More information about the notmuch
mailing list