+ GMimeSignatureList **proxy = talloc (node, GMimeSignatureList *);
+ if (proxy) {
+ *proxy = node->sig_list;
+ talloc_set_destructor (proxy, _signature_list_free);
+ }
+}
+
+/* Verify a signed mime node (GMime 2.6) */
+static void
+node_verify (mime_node_t *node, GMimeObject *part,
+ g_mime_3_unused(GMimeCryptoContext *cryptoctx))
+{
+ GError *err = NULL;
+
+ node->verify_attempted = true;
+ node->sig_list = g_mime_multipart_signed_verify
+ (GMIME_MULTIPART_SIGNED (part), cryptoctx, &err);
+
+ if (node->sig_list)
+ set_signature_list_destructor (node);
+ else
+ fprintf (stderr, "Failed to verify signed part: %s\n",
+ err ? err->message : "no error explanation given");
+
+ if (err)
+ g_error_free (err);
+}
+
+/* Decrypt and optionally verify an encrypted mime node (GMime 2.6) */
+static void
+node_decrypt_and_verify (mime_node_t *node, GMimeObject *part,
+ g_mime_3_unused(GMimeCryptoContext *cryptoctx))
+{
+ GError *err = NULL;
+ GMimeDecryptResult *decrypt_result = NULL;
+ GMimeMultipartEncrypted *encrypteddata = GMIME_MULTIPART_ENCRYPTED (part);
+
+ if (! node->decrypted_child) {
+ mime_node_t *parent;
+ for (parent = node; parent; parent = parent->parent)
+ if (parent->envelope_file)
+ break;
+
+ node->decrypt_attempted = true;
+ node->decrypted_child = _notmuch_crypto_decrypt (parent ? parent->envelope_file : NULL,
+ cryptoctx, encrypteddata, &decrypt_result, &err);
+ }
+ if (! node->decrypted_child) {
+ fprintf (stderr, "Failed to decrypt part: %s\n",
+ err ? err->message : "no error explanation given");
+ goto DONE;
+ }
+
+ node->decrypt_success = true;
+ node->verify_attempted = true;
+
+ if (decrypt_result) {
+ /* This may be NULL if the part is not signed. */
+ node->sig_list = g_mime_decrypt_result_get_signatures (decrypt_result);
+ if (node->sig_list) {
+ g_object_ref (node->sig_list);
+ set_signature_list_destructor (node);
+ }
+ g_object_unref (decrypt_result);
+ }
+
+ DONE:
+ if (err)
+ g_error_free (err);