crypto: actually stash session keys when decrypt=true
[notmuch] / lib / index.cc
index 3914012afddc1a25832e180ec6e3cae2be467483..0ad683fac51b7704b1f15ee0c6c24b331dcfd02f 100644 (file)
@@ -549,11 +549,15 @@ _index_encrypted_mime_part (notmuch_message_t *message,
     }
 #endif
     bool attempted = false;
+    GMimeDecryptResult *decrypt_result = NULL;
+    bool get_sk = (HAVE_GMIME_SESSION_KEYS && notmuch_indexopts_get_decrypt_policy (indexopts) == NOTMUCH_DECRYPT_TRUE);
     clear = _notmuch_crypto_decrypt (&attempted, notmuch_indexopts_get_decrypt_policy (indexopts),
-                                    message, crypto_ctx, encrypted_data, NULL, &err);
+                                    message, crypto_ctx, encrypted_data, get_sk ? &decrypt_result : NULL, &err);
     if (!attempted)
        return;
     if (err || !clear) {
+       if (decrypt_result)
+           g_object_unref (decrypt_result);
        if (err) {
            _notmuch_database_log (notmuch, "Failed to decrypt during indexing. (%d:%d) [%s]\n",
                                   err->domain, err->code, err->message);
@@ -568,6 +572,18 @@ _index_encrypted_mime_part (notmuch_message_t *message,
                                          "property (%d)\n", status);
        return;
     }
+    if (decrypt_result) {
+#if HAVE_GMIME_SESSION_KEYS
+       if (get_sk) {
+           status = notmuch_message_add_property (message, "session-key",
+                                                  g_mime_decrypt_result_get_session_key (decrypt_result));
+           if (status)
+               _notmuch_database_log (notmuch, "failed to add session-key "
+                                      "property (%d)\n", status);
+       }
+#endif
+       g_object_unref (decrypt_result);
+    }
     _index_mime_part (message, indexopts, clear);
     g_object_unref (clear);