cli/reply: use decryption policy "auto" by default.

If the user doesn't specify --decrypt= at all, but a stashed session key is known to notmuch, when replying to an encrypted message, notmuch should just go ahead and decrypt. The user can disable this at the command line with --decrypt=false, though it's not clear why they would ever want to do that.
2024-11-21 18:38:08 +01:00 · 2017-12-08 01:23:54 -05:00 · 2017-12-08 01:23:54 -05:00 · 6802b333eb
commit 6802b333eb
parent e4890b5bf9
4 changed files with 25 additions and 6 deletions
--- a/completion/notmuch-completion.bash
+++ b/completion/notmuch-completion.bash
@ -350,12 +350,16 @@ _notmuch_reply()
 	    COMPREPLY=( $( compgen -W "all sender" -- "${cur}" ) )
 	    return
 	    ;;
+	--decrypt)
+	    COMPREPLY=( $( compgen -W "true false" -- "${cur}" ) )
+	    return
+	    ;;
    esac

    ! $split &&
    case "${cur}" in
 	-*)
-	    local options="--format= --format-version= --reply-to= --decrypt ${_notmuch_shared_options}"
+	    local options="--format= --format-version= --reply-to= --decrypt= ${_notmuch_shared_options}"
 	    compopt -o nospace
 	    COMPREPLY=( $(compgen -W "$options" -- ${cur}) )
 	    ;;
--- a/doc/man1/notmuch-reply.rst
+++ b/doc/man1/notmuch-reply.rst
@ -80,8 +80,12 @@ Supported options for **reply** include
        multipart/encrypted part will be replaced by the decrypted
        content.

+        If a session key is already known for the message, then it
+        will be decrypted automatically unless the user explicitly
+        sets ``--decrypt=false``.
+
        Decryption expects a functioning **gpg-agent(1)** to provide any
-        needed credentials. Without one, the decryption will fail.
+        needed credentials. Without one, the decryption will likely fail.

 See **notmuch-search-terms(7)** for details of the supported syntax for
 <search-terms>.
--- a/notmuch-reply.c
+++ b/notmuch-reply.c
@ -700,11 +700,12 @@ notmuch_reply_command (notmuch_config_t *config, int argc, char *argv[])
    int opt_index;
    notmuch_show_params_t params = {
 	.part = -1,
-	.crypto = { .decrypt = NOTMUCH_DECRYPT_FALSE },
+	.crypto = { .decrypt = NOTMUCH_DECRYPT_AUTO },
    };
    int format = FORMAT_DEFAULT;
    int reply_all = true;
    bool decrypt = false;
+    bool decrypt_set = false;

    notmuch_opt_desc_t options[] = {
 	{ .opt_keyword = &format, .name = "format", .keywords =
@ -718,7 +719,7 @@ notmuch_reply_command (notmuch_config_t *config, int argc, char *argv[])
 	  (notmuch_keyword_t []){ { "all", true },
 				  { "sender", false },
 				  { 0, 0 } } },
-	{ .opt_bool = &decrypt, .name = "decrypt" },
+	{ .opt_bool = &decrypt, .name = "decrypt", .present = &decrypt_set },
 	{ .opt_inherit = notmuch_shared_options },
 	{ }
    };
@ -728,8 +729,8 @@ notmuch_reply_command (notmuch_config_t *config, int argc, char *argv[])
 	return EXIT_FAILURE;

    notmuch_process_shared_options (argv[0]);
-    if (decrypt)
-	params.crypto.decrypt = NOTMUCH_DECRYPT_TRUE;
+    if (decrypt_set)
+	params.crypto.decrypt = decrypt ? NOTMUCH_DECRYPT_TRUE : NOTMUCH_DECRYPT_FALSE;

    notmuch_exit_if_unsupported_format ();

--- a/test/T357-index-decryption.sh
+++ b/test/T357-index-decryption.sh
@ -200,6 +200,16 @@ test_expect_equal \
    "$output" \
    "$expected"

+test_begin_subtest "notmuch reply should show cleartext if session key is present"
+output=$(notmuch reply id:simple-encrypted@crypto.notmuchmail.org | grep '^>')
+expected='> This is a top sekrit message.'
+if [ $NOTMUCH_HAVE_GMIME_SESSION_KEYS -eq 0 ]; then
+    test_subtest_known_broken
+fi
+test_expect_equal \
+    "$output" \
+    "$expected"
+

 # TODO: test removal of a message from the message store between
 # indexing and reindexing.