From bb0b119358e4d6df5cc085a48cb3d2e09e396922 Mon Sep 17 00:00:00 2001
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Thu, 2 May 2019 09:19:37 -0400
Subject: [PATCH] gmime-cleanup: always support session keys

Our minimum version of GMime 3.0 always supports good session key
handling.

signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
---
 configure                     |  9 ---------
 lib/built-with.c              |  2 +-
 lib/index.cc                  |  4 +---
 mime-node.c                   |  2 --
 notmuch-show.c                |  2 --
 test/T357-index-decryption.sh | 18 ------------------
 util/crypto.c                 | 18 ------------------
 7 files changed, 2 insertions(+), 53 deletions(-)

diff --git a/configure b/configure
index e6f33575..16bb0863 100755
--- a/configure
+++ b/configure
@@ -498,10 +498,8 @@ if pkg-config --exists "gmime-3.0 > $GMIME_MINVER"; then
     gmime_cflags=$(pkg-config --cflags gmime-3.0)
     gmime_ldflags=$(pkg-config --libs gmime-3.0)
     gmime_major=3
-    have_gmime_session_keys=1
 else
     have_gmime=0
-    have_gmime_session_keys=0
     printf "No.\n"
     errors=$((errors + 1))
 fi
@@ -1160,9 +1158,6 @@ HAVE_TIMEGM = ${have_timegm}
 # Whether struct dirent has d_type (if not, then notmuch will use stat)
 HAVE_D_TYPE = ${have_d_type}
 
-# Whether the GMime version can handle extraction and reuse of session keys
-HAVE_GMIME_SESSION_KEYS = ${have_gmime_session_keys}
-
 # Whether the Xapian version in use supports compaction
 HAVE_XAPIAN_COMPACT = ${have_xapian_compact}
 
@@ -1249,7 +1244,6 @@ COMMON_CONFIGURE_CFLAGS = \\
 	-DHAVE_D_TYPE=\$(HAVE_D_TYPE)				\\
 	-DSTD_GETPWUID=\$(STD_GETPWUID)				\\
 	-DSTD_ASCTIME=\$(STD_ASCTIME)				\\
-	-DHAVE_GMIME_SESSION_KEYS=\$(HAVE_GMIME_SESSION_KEYS)	\\
 	-DHAVE_XAPIAN_COMPACT=\$(HAVE_XAPIAN_COMPACT)		\\
 	-DSILENCE_XAPIAN_DEPRECATION_WARNINGS			\\
 	-DHAVE_XAPIAN_FIELD_PROCESSOR=\$(HAVE_XAPIAN_FIELD_PROCESSOR) \\
@@ -1278,9 +1272,6 @@ NOTMUCH_HAVE_XAPIAN_FIELD_PROCESSOR=${have_xapian_field_processor}
 # Whether the Xapian version in use supports lock retry
 NOTMUCH_HAVE_XAPIAN_DB_RETRY_LOCK=${have_xapian_db_retry_lock}
 
-# Whether the GMime version can handle extraction and reuse of session keys
-NOTMUCH_HAVE_GMIME_SESSION_KEYS=${have_gmime_session_keys}
-
 # Which backend will Xapian use by default?
 NOTMUCH_DEFAULT_XAPIAN_BACKEND=${default_xapian_backend}
 
diff --git a/lib/built-with.c b/lib/built-with.c
index 9cffd9f9..320be6c5 100644
--- a/lib/built-with.c
+++ b/lib/built-with.c
@@ -31,7 +31,7 @@ notmuch_built_with (const char *name)
     } else if (STRNCMP_LITERAL (name, "retry_lock") == 0) {
 	return HAVE_XAPIAN_DB_RETRY_LOCK;
     } else if (STRNCMP_LITERAL (name, "session_key") == 0) {
-	return HAVE_GMIME_SESSION_KEYS;
+	return true;
     } else {
 	return false;
     }
diff --git a/lib/index.cc b/lib/index.cc
index 0e98984c..6b6fbb8f 100644
--- a/lib/index.cc
+++ b/lib/index.cc
@@ -531,7 +531,7 @@ _index_encrypted_mime_part (notmuch_message_t *message,
     GMimeCryptoContext* crypto_ctx = NULL;
     bool attempted = false;
     GMimeDecryptResult *decrypt_result = NULL;
-    bool get_sk = (HAVE_GMIME_SESSION_KEYS && notmuch_indexopts_get_decrypt_policy (indexopts) == NOTMUCH_DECRYPT_TRUE);
+    bool get_sk = (notmuch_indexopts_get_decrypt_policy (indexopts) == NOTMUCH_DECRYPT_TRUE);
     clear = _notmuch_crypto_decrypt (&attempted, notmuch_indexopts_get_decrypt_policy (indexopts),
 				     message, crypto_ctx, encrypted_data, get_sk ? &decrypt_result : NULL, &err);
     if (!attempted)
@@ -554,7 +554,6 @@ _index_encrypted_mime_part (notmuch_message_t *message,
 	return;
     }
     if (decrypt_result) {
-#if HAVE_GMIME_SESSION_KEYS
 	if (get_sk) {
 	    status = notmuch_message_add_property (message, "session-key",
 						   g_mime_decrypt_result_get_session_key (decrypt_result));
@@ -562,7 +561,6 @@ _index_encrypted_mime_part (notmuch_message_t *message,
 		_notmuch_database_log (notmuch, "failed to add session-key "
 				       "property (%d)\n", status);
 	}
-#endif
 	g_object_unref (decrypt_result);
     }
     _index_mime_part (message, indexopts, clear);
diff --git a/mime-node.c b/mime-node.c
index a8005f70..95dc5132 100644
--- a/mime-node.c
+++ b/mime-node.c
@@ -228,7 +228,6 @@ node_decrypt_and_verify (mime_node_t *node, GMimeObject *part,
 	    set_signature_list_destructor (node);
 	}
 
-#if HAVE_GMIME_SESSION_KEYS
 	if (node->ctx->crypto->decrypt == NOTMUCH_DECRYPT_TRUE && message) {
 	    notmuch_database_t *db = notmuch_message_get_database (message);
 	    const char *session_key = g_mime_decrypt_result_get_session_key (decrypt_result);
@@ -238,7 +237,6 @@ node_decrypt_and_verify (mime_node_t *node, GMimeObject *part,
 				      notmuch_message_add_property (message, "session-key",
 								    session_key));
 	}
-#endif
 	g_object_unref (decrypt_result);
     }
 
diff --git a/notmuch-show.c b/notmuch-show.c
index 436c1741..730a91f8 100644
--- a/notmuch-show.c
+++ b/notmuch-show.c
@@ -894,7 +894,6 @@ show_message (void *ctx,
     part = mime_node_seek_dfs (root, (params->part < 0 ? 0 : params->part));
     if (part)
 	status = format->part (local, sp, part, indent, params);
-#if HAVE_GMIME_SESSION_KEYS
     if (params->crypto.decrypt == NOTMUCH_DECRYPT_TRUE && session_key_count_error == NOTMUCH_STATUS_SUCCESS) {
 	unsigned int new_session_keys = 0;
 	if (notmuch_message_count_properties (message, "session-key", &new_session_keys) == NOTMUCH_STATUS_SUCCESS &&
@@ -908,7 +907,6 @@ show_message (void *ctx,
 	    }
 	}
     }
-#endif
   DONE:
     talloc_free (local);
     return status;
diff --git a/test/T357-index-decryption.sh b/test/T357-index-decryption.sh
index c5435f4f..0a602e50 100755
--- a/test/T357-index-decryption.sh
+++ b/test/T357-index-decryption.sh
@@ -52,9 +52,6 @@ test_begin_subtest "show the message body of the encrypted message"
 notmuch dump wumpus
 output=$(notmuch show wumpus | notmuch_show_part 3)
 expected='This is a test encrypted message with a wumpus.'
-if [ $NOTMUCH_HAVE_GMIME_SESSION_KEYS -eq 0 ]; then
-    test_subtest_known_broken
-fi
 test_expect_equal \
     "$output" \
     "$expected"
@@ -91,9 +88,6 @@ test_expect_equal \
 test_begin_subtest "search should now find the contents"
 output=$(notmuch search wumpus)
 expected='thread:0000000000000003   2000-01-01 [1/1] Notmuch Test Suite; test encrypted message for cleartext index 002 (encrypted inbox unread)'
-if [ $NOTMUCH_HAVE_GMIME_SESSION_KEYS -eq 0 ]; then
-    test_subtest_known_broken
-fi
 test_expect_equal \
     "$output" \
     "$expected"
@@ -163,9 +157,6 @@ test_begin_subtest 'reindex in auto mode'
 test_expect_success 'notmuch reindex tag:encrypted and property:index.decryption=success'
 test_begin_subtest "reindexed encrypted messages, should not have changed"
 output=$(notmuch search wumpus)
-if [ $NOTMUCH_HAVE_GMIME_SESSION_KEYS -eq 0 ]; then
-    test_subtest_known_broken
-fi
 test_expect_equal \
     "$output" \
     "$expected"
@@ -256,9 +247,6 @@ EOF
 notmuch reindex id:simple-encrypted@crypto.notmuchmail.org
 output=$(notmuch search sekrit)
 expected='thread:0000000000000001   2016-12-22 [1/1] Daniel Kahn Gillmor; encrypted message (encrypted inbox unread)'
-if [ $NOTMUCH_HAVE_GMIME_SESSION_KEYS -eq 0 ]; then
-    test_subtest_known_broken
-fi
 test_expect_equal \
     "$output" \
     "$expected"
@@ -266,9 +254,6 @@ test_expect_equal \
 test_begin_subtest "notmuch reply should show cleartext if session key is present"
 output=$(notmuch reply id:simple-encrypted@crypto.notmuchmail.org | grep '^>')
 expected='> This is a top sekrit message.'
-if [ $NOTMUCH_HAVE_GMIME_SESSION_KEYS -eq 0 ]; then
-    test_subtest_known_broken
-fi
 test_expect_equal \
     "$output" \
     "$expected"
@@ -276,9 +261,6 @@ test_expect_equal \
 test_begin_subtest "notmuch show should show cleartext if session key is present"
 output=$(notmuch show id:simple-encrypted@crypto.notmuchmail.org | notmuch_show_part 3)
 expected='This is a top sekrit message.'
-if [ $NOTMUCH_HAVE_GMIME_SESSION_KEYS -eq 0 ]; then
-    test_subtest_known_broken
-fi
 test_expect_equal \
     "$output" \
     "$expected"
diff --git a/util/crypto.c b/util/crypto.c
index da9256f2..8104263d 100644
--- a/util/crypto.c
+++ b/util/crypto.c
@@ -42,7 +42,6 @@ _notmuch_crypto_decrypt (bool *attempted,
 	return NULL;
 
     /* the versions of notmuch that can support session key decryption */
-#if HAVE_GMIME_SESSION_KEYS
     if (message) {
 	notmuch_message_properties_t *list = NULL;
 
@@ -66,7 +65,6 @@ _notmuch_crypto_decrypt (bool *attempted,
 	if (ret)
 	    return ret;
     }
-#endif
 
     if (err && *err) {
 	g_error_free (*err);
@@ -78,26 +76,10 @@ _notmuch_crypto_decrypt (bool *attempted,
 
     if (attempted)
 	*attempted = true;
-#if (GMIME_MAJOR_VERSION < 3)
-#if HAVE_GMIME_SESSION_KEYS
-    gboolean oldgetsk = g_mime_crypto_context_get_retrieve_session_key (crypto_ctx);
-    gboolean newgetsk = (decrypt == NOTMUCH_DECRYPT_TRUE && decrypt_result);
-    if (newgetsk != oldgetsk)
-	/* This could return an error, but we can't do anything about it, so ignore it */
-	g_mime_crypto_context_set_retrieve_session_key (crypto_ctx, newgetsk, NULL);
-#endif
-    ret = g_mime_multipart_encrypted_decrypt(part, crypto_ctx,
-					     decrypt_result, err);
-#if HAVE_GMIME_SESSION_KEYS
-    if (newgetsk != oldgetsk)
-	g_mime_crypto_context_set_retrieve_session_key (crypto_ctx, oldgetsk, NULL);
-#endif
-#else
     GMimeDecryptFlags flags = GMIME_DECRYPT_NONE;
     if (decrypt == NOTMUCH_DECRYPT_TRUE && decrypt_result)
 	flags |= GMIME_DECRYPT_EXPORT_SESSION_KEY;
     ret = g_mime_multipart_encrypted_decrypt(part, flags, NULL,
 					     decrypt_result, err);
-#endif
     return ret;
 }
-- 
2.43.0