[PATCH] crypto: Avoid pretending to verify signatures on unsigned encrypted mail
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Sat Apr 20 10:02:57 PDT 2019
Unsigned encrypted mail shows up with a weird empty signature list.
If we successfully decrypted and there was no signature in it, we
should just not show a sigstatus at all.
The documentation for g_mime_decrypt_result_get_signatures says:
a GMimeSignatureList or NULL if the stream was not signed.
---
mime-node.c | 2 +-
test/T350-crypto.sh | 1 -
2 files changed, 1 insertion(+), 2 deletions(-)
This was originally sent to the list as part of a longer patch series
in id:20180511055544.13676-3-dkg at fifthhorseman.net but i think it
stands alone, and it would help me to reduce the size of the
outstanding patch series to get it applied to master :)
diff --git a/mime-node.c b/mime-node.c
index 2a24e537..1bfb479b 100644
--- a/mime-node.c
+++ b/mime-node.c
@@ -218,12 +218,12 @@ node_decrypt_and_verify (mime_node_t *node, GMimeObject *part,
}
node->decrypt_success = true;
- node->verify_attempted = true;
if (decrypt_result) {
/* This may be NULL if the part is not signed. */
node->sig_list = g_mime_decrypt_result_get_signatures (decrypt_result);
if (node->sig_list) {
+ node->verify_attempted = true;
g_object_ref (node->sig_list);
set_signature_list_destructor (node);
}
diff --git a/test/T350-crypto.sh b/test/T350-crypto.sh
index 73aa58de..80d57847 100755
--- a/test/T350-crypto.sh
+++ b/test/T350-crypto.sh
@@ -271,7 +271,6 @@ expected='[[[{"id": "XXXXX",
"Date": "Sat, 01 Jan 2000 12:00:00 +0000"},
"body": [{"id": 1,
"encstatus": [{"status": "good"}],
- "sigstatus": [],
"content-type": "multipart/encrypted",
"content": [{"id": 2,
"content-type": "application/pgp-encrypted",
--
2.20.1
More information about the notmuch
mailing list