diff --git a/completion/notmuch-completion.bash b/completion/notmuch-completion.bash index f94dbeed..272131e6 100644 --- a/completion/notmuch-completion.bash +++ b/completion/notmuch-completion.bash @@ -288,7 +288,7 @@ _notmuch_insert() return ;; --decrypt) - COMPREPLY=( $( compgen -W "true false" -- "${cur}" ) ) + COMPREPLY=( $( compgen -W "true false auto" -- "${cur}" ) ) return ;; esac @@ -320,7 +320,7 @@ _notmuch_new() $split && case "${prev}" in --decrypt) - COMPREPLY=( $( compgen -W "true false" -- "${cur}" ) ) + COMPREPLY=( $( compgen -W "true false auto" -- "${cur}" ) ) return ;; esac @@ -442,7 +442,7 @@ _notmuch_reindex() $split && case "${prev}" in --decrypt) - COMPREPLY=( $( compgen -W "true false" -- "${cur}" ) ) + COMPREPLY=( $( compgen -W "true false auto" -- "${cur}" ) ) return ;; esac diff --git a/doc/man1/notmuch-insert.rst b/doc/man1/notmuch-insert.rst index eb9ff11b..b22be863 100644 --- a/doc/man1/notmuch-insert.rst +++ b/doc/man1/notmuch-insert.rst @@ -51,14 +51,18 @@ Supported options for **insert** include ``--no-hooks`` Prevent hooks from being run. - ``--decrypt=(true|false)`` + ``--decrypt=(true|auto|false)`` - If true and the message is encrypted, try to decrypt the - message while indexing. If decryption is successful, index + If ``true`` and the message is encrypted, try to decrypt the + message while indexing. If ``auto``, and notmuch already + knows about a session key for the message, it will try + decrypting using that session key but will not try to access + the user's secret keys. If decryption is successful, index the cleartext itself. Either way, the message is always - stored to disk in its original form (ciphertext). Be aware - that the index is likely sufficient to reconstruct the - cleartext of the message itself, so please ensure that the + stored to disk in its original form (ciphertext). + + Be aware that the index is likely sufficient to reconstruct + the cleartext of the message itself, so please ensure that the notmuch message index is adequately protected. DO NOT USE ``--decrypt=true`` without considering the security of your index. diff --git a/doc/man1/notmuch-new.rst b/doc/man1/notmuch-new.rst index 1df86f06..71df31d7 100644 --- a/doc/man1/notmuch-new.rst +++ b/doc/man1/notmuch-new.rst @@ -43,11 +43,15 @@ Supported options for **new** include ``--quiet`` Do not print progress or results. - ``--decrypt=(true|false)`` + ``--decrypt=(true|auto|false)`` - If true, when encountering an encrypted message, try to + If ``true``, when encountering an encrypted message, try to decrypt it while indexing. If decryption is successful, index - the cleartext itself. Be aware that the index is likely + the cleartext itself. If ``auto``, try to use any session key + already known to belong to this message, but do not attempt to + use the user's secret keys. + + Be aware that the index is likely sufficient to reconstruct the cleartext of the message itself, so please ensure that the notmuch message index is adequately protected. DO NOT USE ``--decrypt=true`` without diff --git a/doc/man1/notmuch-reindex.rst b/doc/man1/notmuch-reindex.rst index 782b0d7b..d87e9d85 100644 --- a/doc/man1/notmuch-reindex.rst +++ b/doc/man1/notmuch-reindex.rst @@ -21,15 +21,20 @@ messages using the supplied options. Supported options for **reindex** include - ``--decrypt=(true|false)`` + ``--decrypt=(true|auto|false)`` - If true, when encountering an encrypted message, try to - decrypt it while reindexing. If decryption is successful, - index the cleartext itself. Be aware that the index is likely - sufficient to reconstruct the cleartext of the message itself, - so please ensure that the notmuch message index is adequately - protected. DO NOT USE ``--decrypt=true`` without - considering the security of your index. + If ``true``, when encountering an encrypted message, try to + decrypt it while reindexing. If ``auto``, and notmuch already + knows about a session key for the message, it will try + decrypting using that session key but will not try to access + the user's secret keys. If decryption is successful, index + the cleartext itself. + + Be aware that the index is likely sufficient to reconstruct + the cleartext of the message itself, so please ensure that the + notmuch message index is adequately protected. DO NOT USE + ``--decrypt=true`` without considering the security of your + index. See also ``index.decrypt`` in **notmuch-config(1)**.