When indexing the cleartext of an encrypted message, record any
protected subject in the database, which should make it findable and
visible in search.
---
lib/index.cc | 42 ++++++++++++++++++++++++++--------
lib/message.cc | 8 +++++++
lib/notmuch-private.h | 4 ++++
test/T356-protected-headers.sh | 20 ++++++++++++++++
4 files changed, 65 insertions(+), 9 deletions(-)
diff --git a/lib/index.cc b/lib/index.cc
index 0ad683fa..db16b6f8 100644
--- a/lib/index.cc
+++ b/lib/index.cc
@@ -367,13 +367,15 @@ _index_content_type (notmuch_message_t *message,
GMimeObject *part)
static void
_index_encrypted_mime_part (notmuch_message_t *message, notmuch_indexopts_t
*indexopts,
GMimeContentType *content_type,
- GMimeMultipartEncrypted *part);
+ GMimeMultipartEncrypted *part,
+ _notmuch_message_crypto_t *msg_crypto);
/* Callback to generate terms for each mime part of a message. */
static void
_index_mime_part (notmuch_message_t *message,
notmuch_indexopts_t *indexopts,
- GMimeObject *part)
+ GMimeObject *part,
+ _notmuch_message_crypto_t *msg_crypto)
{
GMimeStream *stream, *filter;
GMimeFilter *discard_non_term_filter;
@@ -404,6 +406,8 @@ _index_mime_part (notmuch_message_t *message,
_notmuch_message_add_term (message, "tag", "encrypted");
for (i = 0; i < g_mime_multipart_get_count (multipart); i++) {
+ notmuch_status_t status;
+ GMimeObject *child;
if (GMIME_IS_MULTIPART_SIGNED (multipart)) {
/* Don't index the signature, but index its content type. */
if (i == GMIME_MULTIPART_SIGNED_SIGNATURE) {
@@ -421,7 +425,8 @@ _index_mime_part (notmuch_message_t *message,
if (i == GMIME_MULTIPART_ENCRYPTED_CONTENT) {
_index_encrypted_mime_part(message, indexopts,
content_type,
- GMIME_MULTIPART_ENCRYPTED
(part));
+ GMIME_MULTIPART_ENCRYPTED (part),
+ msg_crypto);
} else {
if (i != GMIME_MULTIPART_ENCRYPTED_VERSION) {
_notmuch_database_log (_notmuch_message_database
(message),
@@ -430,8 +435,13 @@ _index_mime_part (notmuch_message_t *message,
}
continue;
}
- _index_mime_part (message, indexopts,
- g_mime_multipart_get_part (multipart, i));
+ child = g_mime_multipart_get_part (multipart, i);
+ status = _notmuch_message_crypto_potential_payload (msg_crypto,
child, part, i);
+ if (status)
+ _notmuch_database_log (_notmuch_message_database (message),
+ "Warning: failed to mark the potential
cryptographic payload (%s).\n",
+ notmuch_status_to_string (status));
+ _index_mime_part (message, indexopts, child, msg_crypto);
}
return;
}
@@ -441,7 +451,7 @@ _index_mime_part (notmuch_message_t *message,
mime_message = g_mime_message_part_get_message (GMIME_MESSAGE_PART
(part));
- _index_mime_part (message, indexopts, g_mime_message_get_mime_part
(mime_message));
+ _index_mime_part (message, indexopts, g_mime_message_get_mime_part
(mime_message), msg_crypto);
return;
}
@@ -518,7 +528,8 @@ static void
_index_encrypted_mime_part (notmuch_message_t *message,
notmuch_indexopts_t *indexopts,
g_mime_3_unused(GMimeContentType *content_type),
- GMimeMultipartEncrypted *encrypted_data)
+ GMimeMultipartEncrypted *encrypted_data,
+ _notmuch_message_crypto_t *msg_crypto)
{
notmuch_status_t status;
GError *err = NULL;
@@ -573,6 +584,10 @@ _index_encrypted_mime_part (notmuch_message_t *message,
return;
}
if (decrypt_result) {
+ status = _notmuch_message_crypto_successful_decryption (msg_crypto);
+ if (status)
+ _notmuch_database_log_append (notmuch, "failed to mark the message
as decrypted (%s)\n",
+ notmuch_status_to_string (status));
#if HAVE_GMIME_SESSION_KEYS
if (get_sk) {
status = notmuch_message_add_property (message, "session-key",
@@ -584,7 +599,8 @@ _index_encrypted_mime_part (notmuch_message_t *message,
#endif
g_object_unref (decrypt_result);
}
- _index_mime_part (message, indexopts, clear);
+ status = _notmuch_message_crypto_potential_payload (msg_crypto, clear,
GMIME_OBJECT (encrypted_data), GMIME_MULTIPART_ENCRYPTED_CONTENT);
+ _index_mime_part (message, indexopts, clear, msg_crypto);
g_object_unref (clear);
status = notmuch_message_add_property (message, "index.decryption",
"success");
@@ -603,6 +619,7 @@ _notmuch_message_index_file (notmuch_message_t *message,
InternetAddressList *addresses;
const char *subject;
notmuch_status_t status;
+ _notmuch_message_crypto_t *msg_crypto;
status = _notmuch_message_file_get_mime_message (message_file,
&mime_message);
@@ -624,7 +641,14 @@ _notmuch_message_index_file (notmuch_message_t *message,
subject = g_mime_message_get_subject (mime_message);
_notmuch_message_gen_terms (message, "subject", subject);
- _index_mime_part (message, indexopts, g_mime_message_get_mime_part
(mime_message));
+ msg_crypto = _notmuch_message_crypto_new (NULL);
+ _index_mime_part (message, indexopts, g_mime_message_get_mime_part
(mime_message), msg_crypto);
+ if (msg_crypto && msg_crypto->payload_subject) {
+ _notmuch_message_gen_terms (message, "subject",
msg_crypto->payload_subject);
+ _notmuch_message_update_subject (message, msg_crypto->payload_subject);
+ }
+
+ _notmuch_message_crypto_cleanup (msg_crypto);
return NOTMUCH_STATUS_SUCCESS;
}
diff --git a/lib/message.cc b/lib/message.cc
index b2067076..3f919180 100644
--- a/lib/message.cc
+++ b/lib/message.cc
@@ -1135,6 +1135,14 @@ _notmuch_message_set_header_values (notmuch_message_t
*message,
message->modified = true;
}
+void
+_notmuch_message_update_subject (notmuch_message_t *message,
+ const char *subject)
+{
+ message->doc.add_value (NOTMUCH_VALUE_SUBJECT, subject);
+ message->modified = true;
+}
+
/* Upgrade a message to support NOTMUCH_FEATURE_LAST_MOD. The caller
* must call _notmuch_message_sync. */
void
diff --git a/lib/notmuch-private.h b/lib/notmuch-private.h
index 4598577f..1351fecb 100644
--- a/lib/notmuch-private.h
+++ b/lib/notmuch-private.h
@@ -318,6 +318,10 @@ _notmuch_message_set_header_values (notmuch_message_t
*message,
const char *from,
const char *subject);
+void
+_notmuch_message_update_subject (notmuch_message_t *message,
+ const char *subject);
+
void
_notmuch_message_upgrade_last_mod (notmuch_message_t *message);
diff --git a/test/T356-protected-headers.sh b/test/T356-protected-headers.sh
index a77dae6d..035b3e01 100755
--- a/test/T356-protected-headers.sh
+++ b/test/T356-protected-headers.sh
@@ -92,4 +92,24 @@ test_json_nodes <<<"$output" \
'subject:["original"]["headers"]["Subject"]="This is a
protected header"' \
'reply-subject:["reply-headers"]["Subject"]="Re: This is a
protected header"'
+test_begin_subtest "protected subject is not indexed by default"
+output=$(notmuch search --output=messages 'subject:"This is a protected
header"')
+test_expect_equal "$output" ''
+
+test_begin_subtest "protected subject is indexed when cleartext is indexed"
+notmuch reindex --decrypt=true id:protected-hea...@crypto.notmuchmail.org
+output=$(notmuch search --output=messages 'subject:"This is a protected
header"')
+test_expect_equal "$output" 'id:protected-hea...@crypto.notmuchmail.org'
+
+test_begin_subtest "indexed protected subject is visible in search"
+notmuch reindex --decrypt=true id:protected-hea...@crypto.notmuchmail.org
+output=$(notmuch search --format=json
'id:protected-hea...@crypto.notmuchmail.org')
+test_json_nodes <<<"$output" \
+ 'subject:[0]["subject"]="This is a protected header"'
+
+test_begin_subtest "protected subject is indexed when cleartext is indexed"
+notmuch reindex --decrypt=true id:protected-hea...@crypto.notmuchmail.org
+output=$(notmuch search --output=messages 'subject:"This is a protected
header"')
+test_expect_equal "$output" 'id:protected-hea...@crypto.notmuchmail.org'
+
test_done
--
2.17.0
_______________________________________________
notmuch mailing list
notmuch@notmuchmail.org
https://notmuchmail.org/mailman/listinfo/notmuch
