• Skip to content
• Skip to link menu

KDE 4.2 API Reference

• KDE API Reference
• kdepim

• Sitemap
• Contact Us

 

kmail

objecttreeparser.cpp

Go to the documentation of this file.

/*  -*- mode: C++; c-file-style: "gnu" -*-
    objecttreeparser.cpp

    This file is part of KMail, the KDE mail client.
    Copyright (c) 2002-2004 Klarälvdalens Datakonsult AB
    Copyright (c) 2003      Marc Mutz <mutz@kde.org>

    KMail is free software; you can redistribute it and/or modify it
    under the terms of the GNU General Public License, version 2, as
    published by the Free Software Foundation.

    KMail is distributed in the hope that it will be useful, but
    WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
    General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with this program; if not, write to the Free Software
    Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA

    In addition, as a special exception, the copyright holders give
    permission to link the code of this program with any edition of
    the Qt library by Trolltech AS, Norway (or with modified versions
    of Qt that use the same license as Qt), and distribute linked
    combinations including the two.  You must obey the GNU General
    Public License in all respects for all of the code used other than
    Qt.  If you modify this file, you may extend this exception to
    your version of the file, but you are not obligated to do so.  If
    you do not wish to do so, delete this exception statement from
    your version.
*/

// my header file
#include "objecttreeparser.h"

// other KMail headers
#include "kmkernel.h"
#include "kmreaderwin.h"
#include "partNode.h"
#include <kpimutils/email.h>
#include "partmetadata.h"
#include "attachmentstrategy.h"
#include "interfaces/htmlwriter.h"
#include "htmlstatusbar.h"
#include "csshelper.h"
#include "bodypartformatter.h"
#include "bodypartformatterfactory.h"
#include "partnodebodypart.h"
#include "interfaces/bodypartformatter.h"
#include "globalsettings.h"
#include "util.h"
#include "kleojobexecutor.h"

// other module headers
#include <mimelib/enum.h>
#include <mimelib/bodypart.h>
#include <mimelib/string.h>
#include <mimelib/text.h>

#include <kleo/specialjob.h>
#include <kleo/cryptobackendfactory.h>
#include <kleo/decryptverifyjob.h>
#include <kleo/verifydetachedjob.h>
#include <kleo/verifyopaquejob.h>
#include <kleo/keylistjob.h>
#include <kleo/importjob.h>
#include <kleo/dn.h>

#include <gpgme++/importresult.h>
#include <gpgme++/decryptionresult.h>
#include <gpgme++/key.h>
#include <gpgme++/keylistresult.h>
#include <gpgme.h>

#include <libkpgp/kpgpblock.h>
#include <libkpgp/kpgp.h>
#include <kpimutils/linklocator.h>
using KPIMUtils::LinkLocator;

#include <ktnef/ktnefparser.h>
#include <ktnef/ktnefmessage.h>
#include <ktnef/ktnefattach.h>

// other KDE headers
#include <kdebug.h>
#include <klocale.h>
#include <kmimetype.h>
#include <kglobal.h>
#include <khtml_part.h>
#include <ktemporaryfile.h>
#include <kstandarddirs.h>
#include <kmessagebox.h>
#include <kiconloader.h>
#include <kcodecs.h>
#include <kconfiggroup.h>
#include <kstyle.h>

// other Qt headers
#include <QApplication>
#include <QDir>
#include <QFile>
#include <QTextCodec>
#include <QByteArray>
#include <QBuffer>
#include <QPixmap>
#include <QPainter>
#include <QPointer>

// other headers
#include <sys/stat.h>
#include <sys/types.h>
#include <unistd.h>
#include <memory>
#include "chiasmuskeyselector.h"

namespace KMail {

  // A small class that eases temporary CryptPlugWrapper changes:
  class ObjectTreeParser::CryptoProtocolSaver {
    ObjectTreeParser * otp;
    const Kleo::CryptoBackend::Protocol * protocol;
  public:
    CryptoProtocolSaver( ObjectTreeParser * _otp, const Kleo::CryptoBackend::Protocol* _w )
      : otp( _otp ), protocol( _otp ? _otp->cryptoProtocol() : 0 )
    {
      if ( otp )
        otp->setCryptoProtocol( _w );
    }

    ~CryptoProtocolSaver() {
      if ( otp )
        otp->setCryptoProtocol( protocol );
    }
  };


  ObjectTreeParser::ObjectTreeParser( KMReaderWin * reader, const Kleo::CryptoBackend::Protocol * protocol,
                                      bool showOnlyOneMimePart, bool keepEncryptions,
                                      bool includeSignatures,
                                      const AttachmentStrategy * strategy,
                                      HtmlWriter * htmlWriter,
                                      CSSHelper * cssHelper )
    : mReader( reader ),
      mCryptoProtocol( protocol ),
      mShowOnlyOneMimePart( showOnlyOneMimePart ),
      mKeepEncryptions( keepEncryptions ),
      mIncludeSignatures( includeSignatures ),
      mAttachmentStrategy( strategy ),
      mHtmlWriter( htmlWriter ),
      mCSSHelper( cssHelper )
  {
    if ( !attachmentStrategy() )
      mAttachmentStrategy = reader ? reader->attachmentStrategy()
                                   : AttachmentStrategy::smart();
    if ( reader && !this->htmlWriter() )
      mHtmlWriter = reader->htmlWriter();
    if ( reader && !this->cssHelper() )
      mCSSHelper = reader->mCSSHelper;
  }

  ObjectTreeParser::ObjectTreeParser( const ObjectTreeParser & other )
    : mReader( other.mReader ),
      mCryptoProtocol( other.cryptoProtocol() ),
      mShowOnlyOneMimePart( other.showOnlyOneMimePart() ),
      mKeepEncryptions( other.keepEncryptions() ),
      mIncludeSignatures( other.includeSignatures() ),
      mAttachmentStrategy( other.attachmentStrategy() ),
      mHtmlWriter( other.htmlWriter() ),
      mCSSHelper( other.cssHelper() )
  {

  }

  ObjectTreeParser::~ObjectTreeParser() {}

  void ObjectTreeParser::insertAndParseNewChildNode( partNode& startNode,
                                                     const char* content,
                                                     const char* cntDesc,
                                                     bool append )
  {
    DwBodyPart* myBody = new DwBodyPart( DwString( content ), 0 );
    myBody->Parse();

    if ( ( !myBody->Body().FirstBodyPart() ||
           myBody->Body().AsString().length() == 0 ) &&
         startNode.dwPart() &&
         startNode.dwPart()->Body().Message() &&
         startNode.dwPart()->Body().Message()->Body().FirstBodyPart() )
    {
      // if encapsulated imap messages are loaded the content-string is not complete
      // so we need to keep the child dwparts
      myBody = new DwBodyPart( *(startNode.dwPart()->Body().Message()) );
    }

    if ( myBody->hasHeaders() ) {
      DwText& desc = myBody->Headers().ContentDescription();
      desc.FromString( cntDesc );
      desc.SetModified();
      myBody->Headers().Parse();
    }

    partNode* parentNode = &startNode;
    partNode* newNode = new partNode(false, myBody);
    if ( append && parentNode->firstChild() ) {
      parentNode = parentNode->firstChild();
      while( parentNode->nextSibling() )
        parentNode = parentNode->nextSibling();
      parentNode->setNext( newNode );
    } else
      parentNode->setFirstChild( newNode );

    newNode->buildObjectTree( false );

    if ( startNode.mimePartTreeItem() ) {
      kDebug() << "\n     ----->  Inserting items into MimePartTree";
      newNode->fillMimePartTree( startNode.mimePartTreeItem(), 0,
                                 QString(), QString(), QString(), 0,
                                 append );
      kDebug() << "\n     <-----  Finished inserting items into MimePartTree";
    } else {
      kDebug() << "\n     ------  Sorry, node.mimePartTreeItem() returns ZERO so"
               << "\n                    we cannot insert new lines into MimePartTree. :-(\n";
    }
    kDebug() << "\n     ----->  Now parsing the MimePartTree";
    ObjectTreeParser otp( mReader, cryptoProtocol() );
    otp.parseObjectTree( newNode );
    mRawReplyString += otp.rawReplyString();
    mTextualContent += otp.textualContent();
    if ( !otp.textualContentCharset().isEmpty() )
      mTextualContentCharset = otp.textualContentCharset();
    kDebug() << "\n     <-----  Finished parsing the MimePartTree in insertAndParseNewChildNode()";
  }


//-----------------------------------------------------------------------------

  void ObjectTreeParser::parseObjectTree( partNode * node ) {
    kDebug() << (node ? "node OK, " : "no node, ")
             << "showOnlyOneMimePart: " << (showOnlyOneMimePart() ? "TRUE" : "FALSE");

    if ( !node )
      return;

    // reset "processed" flags for...
    if ( showOnlyOneMimePart() ) {
      // ... this node and all descendants
      node->setProcessed( false, false );
      if ( partNode * child = node->firstChild() )
        child->setProcessed( false, true );
    } else if ( mReader && !node->parentNode() ) {
      // ...this node and all it's siblings and descendants
      node->setProcessed( false, true );
    }

    for ( ; node ; node = node->nextSibling() ) {
      if ( node->processed() )
        continue;

      ProcessResult processResult;

      if ( mReader )
        htmlWriter()->queue( QString::fromLatin1("<a name=\"att%1\"/>").arg( node->nodeId() ) );
      if ( const Interface::BodyPartFormatter * formatter
           = BodyPartFormatterFactory::instance()->createFor( node->typeString(), node->subTypeString() ) ) {
        PartNodeBodyPart part( *node, codecFor( node ) );
        // Set the default display strategy for this body part relying on the
        // identity of KMail::Interface::BodyPart::Display and AttachmentStrategy::Display
        part.setDefaultDisplay( (KMail::Interface::BodyPart::Display) attachmentStrategy()->defaultDisplay( node ) );
        const Interface::BodyPartFormatter::Result result = formatter->format( &part, htmlWriter() );
        if ( mReader && node->bodyPartMemento() )
          if ( Interface::Observable * obs = node->bodyPartMemento()->asObservable() )
            obs->attach( mReader );
        switch ( result ) {
        case Interface::BodyPartFormatter::AsIcon:
          processResult.setNeverDisplayInline( true );
          // fall through:
        case Interface::BodyPartFormatter::Failed:
          defaultHandling( node, processResult );
          break;
        case Interface::BodyPartFormatter::Ok:
        case Interface::BodyPartFormatter::NeedContent:
          // FIXME: incomplete content handling
          ;
        }
      } else {
        const BodyPartFormatter * bpf
          = BodyPartFormatter::createFor( node->type(), node->subType() );
        kFatal( !bpf, 5006 ) <<"THIS SHOULD NO LONGER HAPPEN ("
                              << node->typeString() << '/' << node->subTypeString() << ')';

        if ( bpf && !bpf->process( this, node, processResult ) )
          defaultHandling( node, processResult );
      }
      node->setProcessed( true, false );

      // adjust signed/encrypted flags if inline PGP was found
      processResult.adjustCryptoStatesOfNode( node );

      if ( showOnlyOneMimePart() )
        break;
    }
  }

  void ObjectTreeParser::defaultHandling( partNode * node, ProcessResult & result ) {
    // ### (mmutz) default handling should go into the respective
    // ### bodypartformatters.
    if ( !mReader )
      return;
    if ( attachmentStrategy() == AttachmentStrategy::hidden() &&
         !showOnlyOneMimePart() &&
         node->parentNode() /* message is not an attachment */ )
      return;

    bool asIcon = true;
    if ( showOnlyOneMimePart() )
      // ### (mmutz) this is wrong! If I click on an image part, I
      // want the equivalent of "view...", except for the extra
      // window!
      asIcon = !node->hasContentDispositionInline();
    else if ( !result.neverDisplayInline() )
      if ( const AttachmentStrategy * as = attachmentStrategy() )
        asIcon = as->defaultDisplay( node ) == AttachmentStrategy::AsIcon;
    // neither image nor text -> show as icon
    if ( !result.isImage()
         && node->type() != DwMime::kTypeText )
      asIcon = true;
    // if the image is not complete do not try to show it inline
    if ( result.isImage() && !node->msgPart().isComplete() )
      asIcon = true;
    if ( asIcon ) {
      if ( attachmentStrategy() != AttachmentStrategy::hidden()
           || showOnlyOneMimePart() )
        writePartIcon( &node->msgPart(), node->nodeId() );
    } else if ( result.isImage() )
      writePartIcon( &node->msgPart(), node->nodeId(), true );
    else
      writeBodyString( node->msgPart().bodyDecoded(),
                       node->trueFromAddress(),
                       codecFor( node ), result, false );
    // end of ###
  }

  void ProcessResult::adjustCryptoStatesOfNode( partNode * node ) const {
    if ( ( inlineSignatureState()  != KMMsgNotSigned ) ||
         ( inlineEncryptionState() != KMMsgNotEncrypted ) ) {
      node->setSignatureState( inlineSignatureState() );
      node->setEncryptionState( inlineEncryptionState() );
    }
  }


  static int signatureToStatus( const GpgME::Signature &sig )
  {
    switch ( sig.status().code() ) {
      case GPG_ERR_NO_ERROR:
        return GPGME_SIG_STAT_GOOD;
      case GPG_ERR_BAD_SIGNATURE:
        return GPGME_SIG_STAT_BAD;
      case GPG_ERR_NO_PUBKEY:
        return GPGME_SIG_STAT_NOKEY;
      case GPG_ERR_NO_DATA:
        return GPGME_SIG_STAT_NOSIG;
      case GPG_ERR_SIG_EXPIRED:
        return GPGME_SIG_STAT_GOOD_EXP;
      case GPG_ERR_KEY_EXPIRED:
        return GPGME_SIG_STAT_GOOD_EXPKEY;
      default:
        return GPGME_SIG_STAT_ERROR;
    }
  }

  bool ObjectTreeParser::writeOpaqueOrMultipartSignedData( partNode* data,
                                                      partNode& sign,
                                                      const QString& fromAddress,
                                                      bool doCheck,
                                                      QByteArray* cleartextData,
                                                      std::vector<GpgME::Signature> paramSignatures,
                                                      bool hideErrors )
  {
    bool bIsOpaqueSigned = false;
    enum { NO_PLUGIN, NOT_INITIALIZED, CANT_VERIFY_SIGNATURES }
      cryptPlugError = NO_PLUGIN;

    const Kleo::CryptoBackend::Protocol* cryptProto = cryptoProtocol();

    QString cryptPlugLibName;
    QString cryptPlugDisplayName;
    if ( cryptProto ) {
      cryptPlugLibName = cryptProto->name();
      cryptPlugDisplayName = cryptProto->displayName();
    }

#ifndef NDEBUG
    if ( !doCheck )
      kDebug() << "showing OpenPGP (Encrypted+Signed) data";
    else
      if ( data )
        kDebug() << "processing Multipart Signed data";
      else
        kDebug() << "processing Opaque Signed data";
#endif

    if ( doCheck && cryptProto ) {
      kDebug() << "going to call CRYPTPLUG" << cryptPlugLibName;
    }

    QByteArray cleartext;
    QByteArray signaturetext;

    if ( doCheck && cryptProto ) {
      if ( data ) {
        cleartext = KMail::Util::ByteArray( data->dwPart()->AsString() );

        dumpToFile( "dat_01_reader_signedtext_before_canonicalization",
                    cleartext.data(), cleartext.length() );

        // replace simple LFs by CRLSs
        // according to RfC 2633, 3.1.1 Canonicalization
        kDebug() <<"Converting LF to CRLF (see RfC 2633, 3.1.1 Canonicalization)";
        cleartext = Util::lf2crlf( cleartext );
        kDebug() <<"                                                       done.";
      }

      dumpToFile( "dat_02_reader_signedtext_after_canonicalization",
                  cleartext.data(), cleartext.length() );

      signaturetext = sign.msgPart().bodyDecodedBinary();
      dumpToFile( "dat_03_reader.sig", signaturetext.data(),
                  signaturetext.size() );
    }

    std::vector<GpgME::Signature> signatures;
    if ( doCheck )
      signatures = paramSignatures;

    PartMetaData messagePart;
    messagePart.isSigned = true;
    messagePart.technicalProblem = ( cryptProto == 0 );
    messagePart.isGoodSignature = false;
    messagePart.isEncrypted = false;
    messagePart.isDecryptable = false;
    messagePart.keyTrust = Kpgp::KPGP_VALIDITY_UNKNOWN;
    messagePart.status = i18n("Wrong Crypto Plug-In.");
    messagePart.status_code = GPGME_SIG_STAT_NONE;

    if ( doCheck && cryptProto ) {
      GpgME::VerificationResult result;
      if ( data ) { // detached
        if ( Kleo::VerifyDetachedJob * const job = cryptProto->verifyDetachedJob() ) {
          KleoJobExecutor executor;
          result = executor.exec( job, signaturetext, cleartext );
          messagePart.auditLog = executor.auditLogAsHtml();
        } else {
          cryptPlugError = CANT_VERIFY_SIGNATURES;
        }
      } else { // opaque
        if ( Kleo::VerifyOpaqueJob * const job = cryptProto->verifyOpaqueJob() ) {
          KleoJobExecutor executor;
          result = executor.exec( job, signaturetext, cleartext );
          messagePart.auditLog = executor.auditLogAsHtml();
        } else {
          cryptPlugError = CANT_VERIFY_SIGNATURES;
        }
      }
      signatures = result.signatures();
    }

    if ( doCheck )
      kDebug() << "returned from CRYPTPLUG";

    // ### only one signature supported
    if ( !signatures.empty() ) {
      kDebug() << "\nFound signature";
      GpgME::Signature signature = signatures.front();

      messagePart.status_code = signatureToStatus( signature );
      messagePart.status = QString::fromLocal8Bit( signature.status().asString() );
      for ( uint i = 1; i < signatures.size(); ++i ) {
        if ( signatureToStatus( signatures[i] ) != messagePart.status_code ) {
          messagePart.status_code = GPGME_SIG_STAT_DIFF;
          messagePart.status = i18n("Different results for signatures");
        }
      }
      if ( messagePart.status_code & GPGME_SIG_STAT_GOOD )
        messagePart.isGoodSignature = true;

      // get key for this signature
      Kleo::KeyListJob *job = cryptProto->keyListJob();
      std::vector<GpgME::Key> keys;
      if ( signature.fingerprint() ) // if the fingerprint is empty, the keylisting would return all available keys
        GpgME::KeyListResult keyListRes = job->exec( QStringList( QString::fromLatin1( signature.fingerprint() ) ),
                                                     false, keys );
      GpgME::Key key;
      if ( keys.size() == 1 )
        key = keys[0];
      else if ( keys.size() > 1 )
        assert( false ); // ### wtf, what should we do in this case??

      // save extended signature status flags
      messagePart.sigSummary = signature.summary();

      if ( key.keyID() )
        messagePart.keyId = key.keyID();
      if ( messagePart.keyId.isEmpty() )
        messagePart.keyId = signature.fingerprint();
      // ### Ugh. We depend on two enums being in sync:
      messagePart.keyTrust = (Kpgp::Validity)signature.validity();
      if ( key.numUserIDs() > 0 && key.userID( 0 ).id() )
        messagePart.signer = Kleo::DN( key.userID( 0 ).id() ).prettyDN();
      for ( uint iMail = 0; iMail < key.numUserIDs(); ++iMail ) {
        // The following if /should/ always result in TRUE but we
        // won't trust implicitely the plugin that gave us these data.
        if ( key.userID( iMail ).email() ) {
          QString email = QString::fromUtf8( key.userID( iMail ).email() );
          // ### work around gpgme 0.3.x / cryptplug bug where the
          // ### email addresses are specified as angle-addr, not addr-spec:
          if ( email.startsWith( '<' ) && email.endsWith( '>' ) )
            email = email.mid( 1, email.length() - 2 );
          if ( !email.isEmpty() )
            messagePart.signerMailAddresses.append( email );
        }
      }

      if ( signature.creationTime() )
        messagePart.creationTime.setTime_t( signature.creationTime() );
      else
        messagePart.creationTime = QDateTime();
      if ( messagePart.signer.isEmpty() ) {
        if ( key.numUserIDs() > 0 && key.userID( 0 ).name() )
          messagePart.signer = Kleo::DN( key.userID( 0 ).name() ).prettyDN();
        if ( !messagePart.signerMailAddresses.empty() ) {
          if ( messagePart.signer.isEmpty() )
            messagePart.signer = messagePart.signerMailAddresses.front();
          else
            messagePart.signer += " <" + messagePart.signerMailAddresses.front() + '>';
        }
      }

      kDebug() << "\n  key id:" << messagePart.keyId
               << "\n  key trust:" << messagePart.keyTrust
               << "\n  signer:" << messagePart.signer;

    } else {
      messagePart.creationTime = QDateTime();
    }

    if ( !doCheck || !data ){
      if ( cleartextData || !cleartext.isEmpty() ) {
        if ( mReader )
          htmlWriter()->queue( writeSigstatHeader( messagePart,
                                                   cryptProto,
                                                   fromAddress ) );
        bIsOpaqueSigned = true;

        CryptoProtocolSaver cpws( this, cryptProto );
        insertAndParseNewChildNode( sign, doCheck ? cleartext.data() : cleartextData->data(),
                                    "opaqued signed data" );

        if ( mReader )
          htmlWriter()->queue( writeSigstatFooter( messagePart ) );

      }
      else if ( !hideErrors ) {
        QString txt;
        txt = "<hr><b><h2>";
        txt.append( i18n( "The crypto engine returned no cleartext data." ) );
        txt.append( "</h2></b>" );
        txt.append( "<br>&nbsp;<br>" );
        txt.append( i18n( "Status: " ) );
        if ( !messagePart.status.isEmpty() ) {
          txt.append( "<i>" );
          txt.append( messagePart.status );
          txt.append( "</i>" );
        }
        else
          txt.append( i18n("(unknown)") );
        if ( mReader )
          htmlWriter()->queue(txt);
      }
    }
    else {
      if ( mReader ) {
        if ( !cryptProto ) {
          QString errorMsg;
          switch ( cryptPlugError ) {
          case NOT_INITIALIZED:
            errorMsg = i18n( "Crypto plug-in \"%1\" is not initialized.",
                         cryptPlugLibName );
            break;
          case CANT_VERIFY_SIGNATURES:
            errorMsg = i18n( "Crypto plug-in \"%1\" cannot verify signatures.",
                         cryptPlugLibName );
            break;
          case NO_PLUGIN:
            if ( cryptPlugDisplayName.isEmpty() )
              errorMsg = i18n( "No appropriate crypto plug-in was found." );
            else
              errorMsg = i18nc( "%1 is either 'OpenPGP' or 'S/MIME'",
                               "No %1 plug-in was found.",
                             cryptPlugDisplayName );
            break;
          }
          messagePart.errorText = i18n( "The message is signed, but the "
                                        "validity of the signature cannot be "
                                        "verified.<br />"
                                        "Reason: %1",
                                    errorMsg );
        }

        if ( mReader )
          htmlWriter()->queue( writeSigstatHeader( messagePart,
                                                   cryptProto,
                                                 fromAddress ) );
      }

      ObjectTreeParser otp( mReader, cryptProto, true );
      otp.parseObjectTree( data );
      mRawReplyString += otp.rawReplyString();
      mTextualContent += otp.textualContent();
      if ( !otp.textualContentCharset().isEmpty() )
        mTextualContentCharset = otp.textualContentCharset();

      if ( mReader )
        htmlWriter()->queue( writeSigstatFooter( messagePart ) );
    }

    kDebug() << "done, returning" << ( bIsOpaqueSigned ? "TRUE" : "FALSE" );
    return bIsOpaqueSigned;
  }


bool ObjectTreeParser::okDecryptMIME( partNode& data,
                                      QByteArray& decryptedData,
                                      bool& signatureFound,
                                      std::vector<GpgME::Signature> &signatures,
                                      bool showWarning,
                                      bool& passphraseError,
                                      bool& actuallyEncrypted,
                                      QString& aErrorText,
                                      QString& auditLog )
{
  passphraseError = false;
  aErrorText.clear();
  auditLog.clear();
  bool bDecryptionOk = false;
  enum { NO_PLUGIN, NOT_INITIALIZED, CANT_DECRYPT }
    cryptPlugError = NO_PLUGIN;

  const Kleo::CryptoBackend::Protocol* cryptProto = cryptoProtocol();

  QString cryptPlugLibName;
  if ( cryptProto )
    cryptPlugLibName = cryptProto->name();

  if ( mReader && !mReader->decryptMessage() ) {
    QString iconName = KIconLoader::global()->iconPath( "document-decrypt",
                                                        KIconLoader::Small );
    decryptedData = "<div style=\"font-size:large; text-align:center;"
                      "padding-top:20pt;\">"
                    + i18n("This message is encrypted.").toUtf8()
                    + "</div>"
                      "<div style=\"text-align:center; padding-bottom:20pt;\">"
                      "<a href=\"kmail:decryptMessage\">"
                      "<img src=\"" + iconName.toUtf8() + "\"/>"
                    + i18n("Decrypt Message").toUtf8()
                    + "</a></div>";
    return false;
  }

  if ( cryptProto && !kmkernel->contextMenuShown() ) {
    QByteArray ciphertext = data.msgPart().bodyDecodedBinary();
#ifdef MARCS_DEBUG
    QString cipherStr = QString::fromLatin1( ciphertext );
    bool cipherIsBinary = ( !cipherStr.contains("BEGIN ENCRYPTED MESSAGE", Qt::CaseInsensitive ) ) &&
                          ( !cipherStr.contains("BEGIN PGP ENCRYPTED MESSAGE", Qt::CaseInsensitive ) ) &&
                          ( !cipherStr.contains("BEGIN PGP MESSAGE", Qt::CaseInsensitive ) );

    dumpToFile( "dat_04_reader.encrypted", ciphertext.data(), ciphertext.size() );

    QByteArray deb;
    deb =  "\n\nE N C R Y P T E D    D A T A = ";
    if ( cipherIsBinary )
      deb += "[binary data]";
    else {
      deb += "\"";
      deb += cipherStr;
      deb += "\"";
    }
    deb += "\n\n";
    kDebug() << deb;
#endif


    kDebug() << "going to call CRYPTPLUG" << cryptPlugLibName;
    if ( mReader )
      emit mReader->noDrag(); // in case pineentry pops up, don't let kmheaders start a drag afterwards

    Kleo::DecryptVerifyJob* job = cryptProto->decryptVerifyJob();
    if ( !job ) {
      cryptPlugError = CANT_DECRYPT;
      cryptProto = 0;
    } else {
      QByteArray plainText;
      KleoJobExecutor executor;
      const std::pair<GpgME::DecryptionResult,GpgME::VerificationResult> res = executor.exec( job, ciphertext, plainText );
      const GpgME::DecryptionResult decryptResult = res.first;
      const GpgME::VerificationResult verifyResult = res.second;
      signatureFound = verifyResult.signatures().size() > 0;
      signatures = verifyResult.signatures();
      bDecryptionOk = !decryptResult.error();
      passphraseError =  decryptResult.error().isCanceled()
        || decryptResult.error().code() == GPG_ERR_NO_SECKEY;
      actuallyEncrypted = decryptResult.error().code() != GPG_ERR_NO_DATA;
      aErrorText = QString::fromLocal8Bit( decryptResult.error().asString() );
      auditLog = executor.auditLogAsHtml();

      kDebug() << "ObjectTreeParser::decryptMIME: returned from CRYPTPLUG";
      if ( bDecryptionOk )
        decryptedData = plainText;
      else if ( mReader && showWarning ) {
        decryptedData = "<div style=\"font-size:x-large; text-align:center;"
                        "padding:20pt;\">"
                      + i18n("Encrypted data not shown.").toUtf8()
                      + "</div>";
        if ( !passphraseError )
          aErrorText = i18n("Crypto plug-in \"%1\" could not decrypt the data.", cryptPlugLibName )
                    + "<br />"
                    + i18n("Error: %1", aErrorText );
      }
    }
  }

  if ( !cryptProto ) {
    decryptedData = "<div style=\"text-align:center; padding:20pt;\">"
                  + i18n("Encrypted data not shown.").toUtf8()
                  + "</div>";
    switch ( cryptPlugError ) {
    case NOT_INITIALIZED:
      aErrorText = i18n( "Crypto plug-in \"%1\" is not initialized.",
                       cryptPlugLibName );
      break;
    case CANT_DECRYPT:
      aErrorText = i18n( "Crypto plug-in \"%1\" cannot decrypt messages.",
                       cryptPlugLibName );
      break;
    case NO_PLUGIN:
      aErrorText = i18n( "No appropriate crypto plug-in was found." );
      break;
    }
  } else if ( kmkernel->contextMenuShown() ) {
    // ### Workaround for bug 56693 (kmail freeze with the complete desktop
    // ### while pinentry-qt appears)
    QByteArray ciphertext( data.msgPart().bodyDecodedBinary() );
    QString cipherStr = QString::fromLatin1( ciphertext );
    bool cipherIsBinary = ( !cipherStr.contains("BEGIN ENCRYPTED MESSAGE", Qt::CaseInsensitive ) ) &&
                          ( !cipherStr.contains("BEGIN PGP ENCRYPTED MESSAGE", Qt::CaseInsensitive ) ) &&
                          ( !cipherStr.contains("BEGIN PGP MESSAGE", Qt::CaseInsensitive ) );
    if ( !cipherIsBinary ) {
      decryptedData = ciphertext;
    }
    else {
      decryptedData = "<div style=\"font-size:x-large; text-align:center;"
                      "padding:20pt;\">"
                    + i18n("Encrypted data not shown.").toUtf8()
                    + "</div>";
    }
  }

  dumpToFile( "dat_05_reader.decrypted", decryptedData.data(), decryptedData.size() );

  return bDecryptionOk;
}

  //static
  bool ObjectTreeParser::containsExternalReferences( const QString & str )
  {
    int httpPos = str.indexOf( "\"http:", Qt::CaseInsensitive );
    int httpsPos = str.indexOf( "\"https:", Qt::CaseInsensitive );

    while ( httpPos >= 0 || httpsPos >= 0 ) {
      // pos = index of next occurrence of "http: or "https: whichever comes first
      int pos = ( httpPos < httpsPos )
                ? ( ( httpPos >= 0 ) ? httpPos : httpsPos )
                : ( ( httpsPos >= 0 ) ? httpsPos : httpPos );
      // look backwards for "href"
      if ( pos > 5 ) {
        int hrefPos = str.lastIndexOf( "href", pos - 5, Qt::CaseInsensitive );
        // if no 'href' is found or the distance between 'href' and '"http[s]:'
        // is larger than 7 (7 is the distance in 'href = "http[s]:') then
        // we assume that we have found an external reference
        if ( ( hrefPos == -1 ) || ( pos - hrefPos > 7 ) ) {

          // HTML messages created by KMail itself for now contain the following:
          // <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
          // Make sure not to show an external references warning for this string
          int dtdPos = str.indexOf( "http://www.w3.org/TR/REC-html40/strict.dtd", pos + 1 );
          if ( dtdPos != ( pos + 1 ) )
            return true;
        }
      }
      // find next occurrence of "http: or "https:
      if ( pos == httpPos ) {
        httpPos = str.indexOf( "\"http:", httpPos + 6, Qt::CaseInsensitive );
      }
      else {
        httpsPos = str.indexOf( "\"https:", httpsPos + 7, Qt::CaseInsensitive );
      }
    }
    return false;
  }

  bool ObjectTreeParser::processTextHtmlSubtype( partNode * curNode, ProcessResult & ) {
    const QByteArray partBody( curNode->msgPart().bodyDecoded() );

    mRawReplyString = partBody;
    if ( curNode->isFirstTextPart() ) {
      mTextualContent += curNode->msgPart().bodyToUnicode();
      mTextualContentCharset = curNode->msgPart().charset();
    }

    if ( !mReader )
      return true;

    QString bodyText;
    if ( mReader->htmlMail() )
      bodyText = codecFor( curNode )->toUnicode( partBody );
    else
      bodyText = KMMessage::html2source( partBody );

    if ( curNode->isFirstTextPart() ||
         attachmentStrategy()->defaultDisplay( curNode ) == AttachmentStrategy::Inline ||
         showOnlyOneMimePart() )
    {
      if ( mReader->htmlMail() ) {

        // Strip <html>, <head>, and <body>, so we don't end up having those tags
        // twice, which confuses KHTML (especially with a signed
        // multipart/alternative message, the signature bars get rendered at the
        // wrong place)
        bodyText = bodyText.replace( "<html>", QString(), Qt::CaseInsensitive );
        bodyText = bodyText.replace( "<head>", QString(), Qt::CaseInsensitive );
        bodyText = bodyText.replace( "</head>", QString(), Qt::CaseInsensitive );
        QRegExp bodyRegExp( "<body.*>" ); //the body tag might have additional attributes,
        bodyRegExp.setMinimal( true );    //so make sure to match them as well
        bodyRegExp.setCaseSensitivity( Qt::CaseInsensitive );
        bodyText = bodyText.replace( bodyRegExp, QString() );

        // Strip </BODY> and </HTML> from end.
        // We must do this, or else the message will not be displayed correctly
        // because we have two </body> or </html> tags in the generated HTML.
        // It is IMHO enough to search only for </BODY> and put \0 there.
        int i = bodyText.lastIndexOf( "</body>", -1, Qt::CaseInsensitive );
        if ( 0 <= i )
          bodyText.truncate(i);
        else { // just in case - search for </html>
          i = bodyText.lastIndexOf( "</html>", -1, Qt::CaseInsensitive );
          if ( 0 <= i )
            bodyText.truncate(i);
        }

        // Show the "external references" warning (with possibility to load
        // external references only if loading external references is disabled
        // and the HTML code contains obvious external references). For
        // messages where the external references are obfuscated the user won't
        // have an easy way to load them but that shouldn't be a problem
        // because only spam contains obfuscated external references.
        if ( !mReader->htmlLoadExternal() &&
             containsExternalReferences( bodyText ) ) {
          htmlWriter()->queue( "<div class=\"htmlWarn\">\n" );
          htmlWriter()->queue( i18n("<b>Note:</b> This HTML message may contain external "
                                    "references to images etc. For security/privacy reasons "
                                    "external references are not loaded. If you trust the "
                                    "sender of this message then you can load the external "
                                    "references for this message "
                                    "<a href=\"kmail:loadExternal\">by clicking here</a>.") );
          htmlWriter()->queue( "</div><br><br>" );
        }
      } else {
        htmlWriter()->queue( "<div class=\"htmlWarn\">\n" );
        htmlWriter()->queue( i18n("<b>Note:</b> This is an HTML message. For "
                                  "security reasons, only the raw HTML code "
                                  "is shown. If you trust the sender of this "
                                  "message then you can activate formatted "
                                  "HTML display for this message "
                                  "<a href=\"kmail:showHTML\">by clicking here</a>.") );
        htmlWriter()->queue( "</div><br><br>" );
      }
      htmlWriter()->queue( bodyText );
      mReader->mColorBar->setHtmlMode();
      return true;
    }
    return false;
  }
} // namespace KMail

static bool isMailmanMessage( partNode * curNode ) {
  if ( !curNode->dwPart() || !curNode->dwPart()->hasHeaders() )
    return false;
  DwHeaders & headers = curNode->dwPart()->Headers();
  if ( headers.HasField("X-Mailman-Version") )
    return true;
  if ( headers.HasField("X-Mailer") &&
       0 == QString::fromLatin1( headers.FieldBody("X-Mailer").AsString().c_str() )
       .contains("MAILMAN", Qt::CaseInsensitive ) )
    return true;
  return false;
}

namespace KMail {

  bool ObjectTreeParser::processMailmanMessage( partNode * curNode ) {
    const QString str = QString::fromLatin1( curNode->msgPart().bodyDecoded() );

    //###
    const QLatin1String delim1( "--__--__--\n\nMessage:");
    const QLatin1String delim2( "--__--__--\r\n\r\nMessage:");
    const QLatin1String delimZ2("--__--__--\n\n_____________");
    const QLatin1String delimZ1("--__--__--\r\n\r\n_____________");
    QString partStr, digestHeaderStr;
    int thisDelim = str.indexOf(delim1, Qt::CaseInsensitive );
    if ( thisDelim == -1 )
      thisDelim = str.indexOf(delim2, Qt::CaseInsensitive );
    if ( thisDelim == -1 ) {
      kDebug() << "        Sorry: Old style Mailman message but no delimiter found.";
      return false;
    }

    int nextDelim = str.indexOf( delim1, thisDelim+1, Qt::CaseInsensitive );
    if ( -1 == nextDelim )
      nextDelim = str.indexOf( delim2, thisDelim+1, Qt::CaseInsensitive );
    if ( -1 == nextDelim )
      nextDelim = str.indexOf( delimZ1, thisDelim+1, Qt::CaseInsensitive );
    if ( -1 == nextDelim )
      nextDelim = str.indexOf( delimZ2, thisDelim+1, Qt::CaseInsensitive );
    if ( nextDelim < 0)
      return false;

    kDebug() << "        processing old style Mailman digest";
    //if ( curNode->mRoot )
    //  curNode = curNode->mRoot;

    // at least one message found: build a mime tree
    digestHeaderStr = "Content-Type=text/plain\nContent-Description=digest header\n\n";
    digestHeaderStr += str.mid( 0, thisDelim );
    insertAndParseNewChildNode( *curNode,
                                digestHeaderStr.toLatin1(),
                                "Digest Header", true );
    //mReader->queueHtml("<br><hr><br>");
    // temporarily change curent node's Content-Type
    // to get our embedded RfC822 messages properly inserted
    curNode->setType(    DwMime::kTypeMultipart );
    curNode->setSubType( DwMime::kSubtypeDigest );
    while( -1 < nextDelim ){
      int thisEoL = str.indexOf("\nMessage:", thisDelim, Qt::CaseInsensitive );
      if ( -1 < thisEoL )
        thisDelim = thisEoL+1;
      else{
        thisEoL = str.indexOf("\n_____________", thisDelim, Qt::CaseInsensitive );
        if ( -1 < thisEoL )
          thisDelim = thisEoL+1;
      }
      thisEoL = str.indexOf( '\n', thisDelim );
      if ( -1 < thisEoL )
        thisDelim = thisEoL+1;
      else
        thisDelim = thisDelim+1;
      //while( thisDelim < cstr.size() && '\n' == cstr[thisDelim] )
      //  ++thisDelim;

      partStr = "Content-Type=message/rfc822\nContent-Description=embedded message\n";
      partStr += str.mid( thisDelim, nextDelim-thisDelim );
      QString subject = QString::fromLatin1("embedded message");
      QString subSearch = QString::fromLatin1("\nSubject:");
      int subPos = partStr.indexOf(subSearch, 0, Qt::CaseInsensitive );
      if ( -1 < subPos ){
        subject = partStr.mid(subPos+subSearch.length());
        thisEoL = subject.indexOf('\n');
        if ( -1 < thisEoL )
          subject.truncate( thisEoL );
      }
      kDebug() << "        embedded message found: \"" << subject <<"\"";
      insertAndParseNewChildNode( *curNode,
                                  partStr.toLatin1(),
                                  subject.toLatin1(), true );
      //mReader->queueHtml("<br><hr><br>");
      thisDelim = nextDelim+1;
      nextDelim = str.indexOf(delim1, thisDelim, Qt::CaseInsensitive );
      if ( -1 == nextDelim )
        nextDelim = str.indexOf(delim2, thisDelim, Qt::CaseInsensitive);
      if ( -1 == nextDelim )
        nextDelim = str.indexOf(delimZ1, thisDelim, Qt::CaseInsensitive);
      if ( -1 == nextDelim )
        nextDelim = str.indexOf(delimZ2, thisDelim, Qt::CaseInsensitive);
    }
    // reset curent node's Content-Type
    curNode->setType(    DwMime::kTypeText );
    curNode->setSubType( DwMime::kSubtypePlain );
    int thisEoL = str.indexOf( "_____________", thisDelim );
    if ( -1 < thisEoL ){
      thisDelim = thisEoL;
      thisEoL = str.indexOf( '\n', thisDelim );
      if ( -1 < thisEoL )
        thisDelim = thisEoL+1;
    }
    else
      thisDelim = thisDelim+1;
    partStr = "Content-Type=text/plain\nContent-Description=digest footer\n\n";
    partStr += str.mid( thisDelim );
    insertAndParseNewChildNode( *curNode,
                                partStr.toLatin1(),
                                "Digest Footer", true );
    return true;
  }

  bool ObjectTreeParser::processTextPlainSubtype( partNode * curNode, ProcessResult & result ) {
    if ( !mReader ) {
      mRawReplyString = curNode->msgPart().bodyDecoded();
      if ( curNode->isFirstTextPart() ) {
        mTextualContent += curNode->msgPart().bodyToUnicode();
        mTextualContentCharset = curNode->msgPart().charset();
      }
      return true;
    }

    if ( !curNode->isFirstTextPart() &&
         attachmentStrategy()->defaultDisplay( curNode ) !=