debian/notmuch
1
0
Fork 0
mirror of https://git.notmuchmail.org/git/notmuch synced 2024-11-21 18:38:08 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

cli/new: add --try-decrypt=(true|false)

Browse source 
Enable override of the index.try_decrypt setting during "notmuch new"
on a per-invocation basis.

We update the documentation and tab completion, and also add a test.
This commit is contained in:
Daniel Kahn Gillmor 2017-10-20 22:25:46 -04:00 committed by David Bremner
parent 92f318abe4
commit 35456d4b0c
4 changed files with 83 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
completion/notmuch-completion.bash
View file

@ -311,11 +311,20 @@ _notmuch_insert()
_notmuch_new() _notmuch_new()
{ {
local cur prev words cword split local cur prev words cword split
_init_completion || return _init_completion -s || return
$split &&
case "${prev}" in
--try-decrypt)
COMPREPLY=( $( compgen -W "true false" -- "${cur}" ) )
return
;;
esac
! $split &&
case "${cur}" in case "${cur}" in
-*) -*)
local options="--no-hooks --quiet ${_notmuch_shared_options}" local options="--no-hooks --try-decrypt= --quiet ${_notmuch_shared_options}"
compopt -o nospace compopt -o nospace
COMPREPLY=( $(compgen -W "${options}" -- ${cur}) ) COMPREPLY=( $(compgen -W "${options}" -- ${cur}) )
;; ;;

12
doc/man1/notmuch-new.rst
View file

@ -43,6 +43,18 @@ Supported options for **new** include
``--quiet`` ``--quiet``
Do not print progress or results. Do not print progress or results.
``--try-decrypt=(true|false)``
If true, when encountering an encrypted message, try to
decrypt it while indexing. If decryption is successful, index
the cleartext itself. Be aware that the index is likely
sufficient to reconstruct the cleartext of the message itself,
so please ensure that the notmuch message index is adequately
protected. DO NOT USE ``--try-decrypt=true`` without
considering the security of your index.
See also ``index.try_decrypt`` in **notmuch-config(1)**.
EXIT STATUS EXIT STATUS
=========== ===========

10
notmuch-new.c
View file

@ -267,7 +267,7 @@ add_file (notmuch_database_t *notmuch, const char *filename,
if (status) if (status)
goto DONE; goto DONE;
status = notmuch_database_index_file (notmuch, filename, NULL, &message); status = notmuch_database_index_file (notmuch, filename, indexing_cli_choices.opts, &message);
switch (status) { switch (status) {
/* Success. */ /* Success. */
case NOTMUCH_STATUS_SUCCESS: case NOTMUCH_STATUS_SUCCESS:
@ -963,6 +963,7 @@ notmuch_new_command (notmuch_config_t *config, int argc, char *argv[])
{ .opt_bool = &verbose, .name = "verbose" }, { .opt_bool = &verbose, .name = "verbose" },
{ .opt_bool = &add_files_state.debug, .name = "debug" }, { .opt_bool = &add_files_state.debug, .name = "debug" },
{ .opt_bool = &no_hooks, .name = "no-hooks" }, { .opt_bool = &no_hooks, .name = "no-hooks" },
{ .opt_inherit = notmuch_shared_indexing_options },
{ .opt_inherit = notmuch_shared_options }, { .opt_inherit = notmuch_shared_options },
{ } { }
}; };
@ -1080,6 +1081,13 @@ notmuch_new_command (notmuch_config_t *config, int argc, char *argv[])
if (notmuch == NULL) if (notmuch == NULL)
return EXIT_FAILURE; return EXIT_FAILURE;
status = notmuch_process_shared_indexing_options (notmuch, config);
if (status != NOTMUCH_STATUS_SUCCESS) {
fprintf (stderr, "Error: Failed to process index options. (%s)\n",
notmuch_status_to_string (status));
return EXIT_FAILURE;
}
/* Set up our handler for SIGINT. We do this after having /* Set up our handler for SIGINT. We do this after having
* potentially done a database upgrade we this interrupt handler * potentially done a database upgrade we this interrupt handler
* won't support. */ * won't support. */

51
test/T357-index-decryption.sh Executable file
View file

@ -0,0 +1,51 @@
#!/usr/bin/env bash
# TODO: test index.decryption=failed
test_description='indexing decrypted mail'
. $(dirname "$0")/test-lib.sh || exit 1
##################################################
add_gnupg_home
# get key fingerprint
FINGERPRINT=$(gpg --no-tty --list-secret-keys --with-colons --fingerprint | grep '^fpr:' | cut -d: -f10)
# create a test encrypted message
test_begin_subtest 'emacs delivery of encrypted message'
test_expect_success \
'emacs_fcc_message \
"test encrypted message for cleartext index 001" \
"This is a test encrypted message with a wumpus.\n" \
"(mml-secure-message-encrypt)"'
test_begin_subtest "search for unindexed cleartext"
output=$(notmuch search wumpus)
expected=''
test_expect_equal \
"$output" \
"$expected"
# create a test encrypted message that is indexed in the clear
test_begin_subtest 'emacs delivery of encrypted message'
test_expect_success \
'emacs_fcc_message --try-decrypt=true \
"test encrypted message for cleartext index 002" \
"This is a test encrypted message with a wumpus.\n" \
"(mml-secure-message-encrypt)"'
test_begin_subtest "emacs delivery of encrypted message, indexed cleartext"
output=$(notmuch search wumpus)
expected='thread:0000000000000002 2000-01-01 [1/1] Notmuch Test Suite; test encrypted message for cleartext index 002 (encrypted inbox)'
test_expect_equal \
"$output" \
"$expected"
# and the same search, but by property ($expected is untouched):
test_begin_subtest "emacs search by property for one message"
output=$(notmuch search property:index.decryption=success)
test_expect_equal \
"$output" \
"$expected"
test_done