In our consolidation of _notmuch_crypto_decrypt, the callers lost
track a little bit of whether any actual decryption was attempted.
Now that we have the more-subtle "auto" policy, it's possible that
_notmuch_crypto_decrypt could be called without having any actual
decryption take place.
This change lets the callers be a little bit smarter about whether or
not any decryption was actually attempted.
---
lib/index.cc | 17 ++++++++++++-----
mime-node.c | 4 ++--
util/crypto.c | 7 ++++++-
util/crypto.h | 3 ++-
4 files changed, 22 insertions(+), 9 deletions(-)
diff --git a/lib/index.cc b/lib/index.cc
index d9a0018c..e2701755 100644
--- a/lib/index.cc
+++ b/lib/index.cc
@@ -548,12 +548,19 @@ _index_encrypted_mime_part (notmuch_message_t *message,
}
}
#endif
- clear = _notmuch_crypto_decrypt (notmuch_indexopts_get_try_decrypt
(indexopts),
+ bool attempted = false;
+ clear = _notmuch_crypto_decrypt (&attempted,
notmuch_indexopts_get_try_decrypt (indexopts),
message, crypto_ctx, encrypted_data, NULL,
&err);
- if (err) {
- _notmuch_database_log (notmuch, "Failed to decrypt during indexing.
(%d:%d) [%s]\n",
- err->domain, err->code, err->message);
- g_error_free(err);
+ if (!attempted)
+ return;
+ if (err || !clear) {
+ if (err) {
+ _notmuch_database_log (notmuch, "Failed to decrypt during indexing.
(%d:%d) [%s]\n",
+ err->domain, err->code, err->message);
+ g_error_free(err);
+ } else {
+ _notmuch_database_log (notmuch, "Failed to decrypt during indexing.
(unknown error)\n");
+ }
/* Indicate that we failed to decrypt during indexing */
status = notmuch_message_add_property (message, "index.decryption",
"failure");
if (status)
diff --git a/mime-node.c b/mime-node.c
index 815c1787..6d3d5f69 100644
--- a/mime-node.c
+++ b/mime-node.c
@@ -204,8 +204,8 @@ node_decrypt_and_verify (mime_node_t *node, GMimeObject
*part,
if (parent->envelope_file)
break;
- node->decrypt_attempted = true;
- node->decrypted_child = _notmuch_crypto_decrypt
(node->ctx->crypto->decrypt,
+ node->decrypted_child = _notmuch_crypto_decrypt
(&node->decrypt_attempted,
+
node->ctx->crypto->decrypt,
parent ?
parent->envelope_file : NULL,
cryptoctx,
encrypteddata, &decrypt_result, &err);
}
diff --git a/util/crypto.c b/util/crypto.c
index 9789f203..ae6b94be 100644
--- a/util/crypto.c
+++ b/util/crypto.c
@@ -140,7 +140,8 @@ void _notmuch_crypto_cleanup (unused(_notmuch_crypto_t
*crypto))
#endif
GMimeObject *
-_notmuch_crypto_decrypt (notmuch_decryption_policy_t decrypt,
+_notmuch_crypto_decrypt (bool *attempted,
+ notmuch_decryption_policy_t decrypt,
notmuch_message_t *message,
g_mime_3_unused(GMimeCryptoContext* crypto_ctx),
GMimeMultipartEncrypted *part,
@@ -158,6 +159,8 @@ _notmuch_crypto_decrypt (notmuch_decryption_policy_t
decrypt,
for (list = notmuch_message_get_properties (message, "session-key",
TRUE);
notmuch_message_properties_valid (list);
notmuch_message_properties_move_to_next (list)) {
+ if (attempted)
+ *attempted = true;
#if (GMIME_MAJOR_VERSION < 3)
ret = g_mime_multipart_encrypted_decrypt_session (part,
crypto_ctx,
@@ -182,6 +185,8 @@ _notmuch_crypto_decrypt (notmuch_decryption_policy_t
decrypt,
if (decrypt == NOTMUCH_DECRYPT_AUTO)
return ret;
+ if (attempted)
+ *attempted = true;
#if (GMIME_MAJOR_VERSION < 3)
ret = g_mime_multipart_encrypted_decrypt(part, crypto_ctx,
decrypt_result, err);
diff --git a/util/crypto.h b/util/crypto.h
index dc95b4ca..c384601c 100644
--- a/util/crypto.h
+++ b/util/crypto.h
@@ -16,7 +16,8 @@ typedef struct _notmuch_crypto {
} _notmuch_crypto_t;
GMimeObject *
-_notmuch_crypto_decrypt (notmuch_decryption_policy_t decrypt,
+_notmuch_crypto_decrypt (bool *attempted,
+ notmuch_decryption_policy_t decrypt,
notmuch_message_t *message,
GMimeCryptoContext* crypto_ctx,
GMimeMultipartEncrypted *part,
--
2.14.2
_______________________________________________
notmuch mailing list
notmuch@notmuchmail.org
https://notmuchmail.org/mailman/listinfo/notmuch
