thread-based email index, search, and tagging https://git.notmuchmail.org/git/notmuch/atom?h=0.34 2021-06-26T16:07:47Z 2021-06-26T16:07:47Z Daniel Kahn Gillmor dkg@fifthhorseman.net 2021-05-27T01:44:58Z urn:sha1:8c29a5da096b0314c6cca8889b740b79a9a548ed When the certificate that signs a message is known to be valid, GMime is capable of reporting on the e-mail address embedded in the certificate. We pass this information along to the caller of "notmuch show", as often only the e-mail address of the certificate has actually been checked/verified. Furthermore, signature verification should probably at some point compare the e-mail address of the caller against the sender address of the message itself. Having to parse what gmime thinks is a "userid" to extract an e-mail address seems clunky and unnecessary if gmime already thinks it knows what the e-mail address is. See id:878s41ax6t.fsf@fifthhorseman.net for more motivation and discussion. Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net> 2021-06-03T12:29:27Z Tomi Ollila tomi.ollila@iki.fi 2021-05-23T07:34:43Z urn:sha1:572af2795007464ffbf9cd4656e0e5736d78d362 Sourcing test-lib.sh will cd to TMP_DIRECTORY, so relative path in $0 will not work in previous version . $(dirname "$0")/test-lib-emacs.sh Now individual test scripts -- e.g. ./test/T310-emacs.sh will work. 2021-05-17T10:29:04Z Felipe Contreras felipe.contreras@gmail.com 2021-05-15T20:47:44Z urn:sha1:92454bc0935604f4a623e75dec9506c0283eee70 This way it's easier to identify the tests that do require emacs stuff. Signed-off-by: Felipe Contreras <felipe.contreras@gmail.com> 2021-05-02T00:15:27Z Felipe Contreras felipe.contreras@gmail.com 2021-05-01T11:54:16Z urn:sha1:fe9616aef19a1584de550ea536dfc7b42a13636a The tests fail otherwise. Signed-off-by: Felipe Contreras <felipe.contreras@gmail.com> 2019-05-26T11:20:23Z Daniel Kahn Gillmor dkg@fifthhorseman.net 2019-05-25T18:04:06Z urn:sha1:4cb789aa090fb6ba3c7897584ecbcc0a547b2f81 This allows MUAs that don't want to think about per-mime-part cryptographic status to have a simple high-level overview of the message's cryptographic state. Sensibly structured encrypted and/or signed messages will work fine with this. The only requirement for the simplest encryption + signing is that the message have all of its encryption and signing protection (the "cryptographic envelope") in a contiguous set of MIME layers at the very outside of the message itself. This is because messages with some subparts signed or encrypted, but with other subparts with no cryptographic protection is very difficult to reason about, and even harder for the user to make sense of or work with. For further characterization of the Cryptographic Envelope and some of the usability tradeoffs, see here: https://dkg.fifthhorseman.net/blog/e-mail-cryptography.html#cryptographic-envelope 2019-05-07T09:42:21Z Daniel Kahn Gillmor dkg@fifthhorseman.net 2019-05-04T21:33:28Z urn:sha1:7d48604157477054624d010fca496f7eb0d1168b The typical use case for gpg is that if you control a secret key, you mark it with "ultimate" ownertrust. The opaque --import-ownertrust mechanism is GnuPG's standard mechanism to set up ultimate ownertrust (the ":6:" means "ultimate", for whatever reason). We adjust the test suite to match this change, inverting the sense of one test: since the default is now that the user ID of the suite's own key is valid, we change the test to make sure that the user ID is not emitted when it is *not* valid. Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net> 2019-05-07T09:42:11Z Daniel Kahn Gillmor dkg@fifthhorseman.net 2019-05-04T21:33:27Z urn:sha1:93e699e5c86bb93b2992f4ab3a15680824b7ee2d The user ID on the self-test is a little bit clunky-looking. It also may end up showing up elsewhere in the test suite. Centralizing the user ID in one place should make it easier to handle if it ever changes, and should make tests easier to read. Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net> 2019-05-07T09:42:01Z Daniel Kahn Gillmor dkg@fifthhorseman.net 2019-05-04T21:33:26Z urn:sha1:9f05ceb994d1d674cf2f433f0d794b671fef38ec This is a subtle difference, but the output of notmuch shouldn't ever change based on ownertrust itself -- notmuch is intended to show valid User IDs, and to avoid showing invalid User IDs. It so happens that setting ownertrust of a key to ultimate sets all associated user IDs to "full" validity, so the test is correct, but just misnamed. Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net> 2019-05-03T09:55:44Z Daniel Kahn Gillmor dkg@fifthhorseman.net 2019-05-02T13:19:38Z urn:sha1:652baa6fe6a93e401463e17a4ce6577efd3f7fea note that "notmuch-show for message with invalid From" is still broken in T310-emacs.sh. It would be good to debug what's going on there and try to get it fixed! signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net> 2019-04-26T11:03:15Z Daniel Kahn Gillmor dkg@fifthhorseman.net 2019-04-20T17:02:57Z urn:sha1:afb0b11dcd08aa9091be1d89e1c2a9fe6b0e11f0 Unsigned encrypted mail shows up with a weird empty signature list. If we successfully decrypted and there was no signature in it, we should just not show a sigstatus at all. The documentation for g_mime_decrypt_result_get_signatures says: a GMimeSignatureList or NULL if the stream was not signed.