mirror of
https://git.notmuchmail.org/git/notmuch
synced 2024-11-22 02:48:08 +01:00
indexing: Change from try_decrypt to decrypt
the command-line interface for indexing (reindex, new, insert) used --try-decrypt; and the configuration records used index.try_decrypt. But by comparison with "show" and "reply", there doesn't seem to be any reason for the "try" prefix. This changeset adjusts the command-line interface and the configuration interface. For the moment, i've left indexopts_{set,get}_try_decrypt alone. The subsequent changeset will address those.
This commit is contained in:
parent
de80ede3df
commit
d3964e81ac
12 changed files with 40 additions and 40 deletions
4
NEWS
4
NEWS
|
@ -19,9 +19,9 @@ Indexing cleartext of encrypted e-mails
|
||||||
It's now possible to include the cleartext of encrypted e-mails in
|
It's now possible to include the cleartext of encrypted e-mails in
|
||||||
the notmuch index. This makes it possible to search your encrypted
|
the notmuch index. This makes it possible to search your encrypted
|
||||||
e-mails with the same ease as searching cleartext. This can be done
|
e-mails with the same ease as searching cleartext. This can be done
|
||||||
on a per-message basis with the --try-decrypt argument to indexing
|
on a per-message basis with the --decrypt argument to indexing
|
||||||
commands (new, insert, reindex), or by default by running "notmuch
|
commands (new, insert, reindex), or by default by running "notmuch
|
||||||
config set index.try_decrypt true".
|
config set index.decrypt true".
|
||||||
|
|
||||||
Note that the contents of the index are sufficient to roughly
|
Note that the contents of the index are sufficient to roughly
|
||||||
reconstruct the cleartext of the message itself, so please ensure
|
reconstruct the cleartext of the message itself, so please ensure
|
||||||
|
|
|
@ -287,7 +287,7 @@ _notmuch_insert()
|
||||||
sed "s|^$path/||" | grep -v "\(^\|/\)\(cur\|new\|tmp\)$" ) )
|
sed "s|^$path/||" | grep -v "\(^\|/\)\(cur\|new\|tmp\)$" ) )
|
||||||
return
|
return
|
||||||
;;
|
;;
|
||||||
--try-decrypt)
|
--decrypt)
|
||||||
COMPREPLY=( $( compgen -W "true false" -- "${cur}" ) )
|
COMPREPLY=( $( compgen -W "true false" -- "${cur}" ) )
|
||||||
return
|
return
|
||||||
;;
|
;;
|
||||||
|
@ -296,7 +296,7 @@ _notmuch_insert()
|
||||||
! $split &&
|
! $split &&
|
||||||
case "${cur}" in
|
case "${cur}" in
|
||||||
--*)
|
--*)
|
||||||
local options="--create-folder --folder= --keep --no-hooks --try-decrypt= ${_notmuch_shared_options}"
|
local options="--create-folder --folder= --keep --no-hooks --decrypt= ${_notmuch_shared_options}"
|
||||||
compopt -o nospace
|
compopt -o nospace
|
||||||
COMPREPLY=( $(compgen -W "$options" -- ${cur}) )
|
COMPREPLY=( $(compgen -W "$options" -- ${cur}) )
|
||||||
return
|
return
|
||||||
|
@ -319,7 +319,7 @@ _notmuch_new()
|
||||||
|
|
||||||
$split &&
|
$split &&
|
||||||
case "${prev}" in
|
case "${prev}" in
|
||||||
--try-decrypt)
|
--decrypt)
|
||||||
COMPREPLY=( $( compgen -W "true false" -- "${cur}" ) )
|
COMPREPLY=( $( compgen -W "true false" -- "${cur}" ) )
|
||||||
return
|
return
|
||||||
;;
|
;;
|
||||||
|
@ -328,7 +328,7 @@ _notmuch_new()
|
||||||
! $split &&
|
! $split &&
|
||||||
case "${cur}" in
|
case "${cur}" in
|
||||||
-*)
|
-*)
|
||||||
local options="--no-hooks --try-decrypt= --quiet ${_notmuch_shared_options}"
|
local options="--no-hooks --decrypt= --quiet ${_notmuch_shared_options}"
|
||||||
compopt -o nospace
|
compopt -o nospace
|
||||||
COMPREPLY=( $(compgen -W "${options}" -- ${cur}) )
|
COMPREPLY=( $(compgen -W "${options}" -- ${cur}) )
|
||||||
;;
|
;;
|
||||||
|
@ -437,7 +437,7 @@ _notmuch_reindex()
|
||||||
|
|
||||||
$split &&
|
$split &&
|
||||||
case "${prev}" in
|
case "${prev}" in
|
||||||
--try-decrypt)
|
--decrypt)
|
||||||
COMPREPLY=( $( compgen -W "true false" -- "${cur}" ) )
|
COMPREPLY=( $( compgen -W "true false" -- "${cur}" ) )
|
||||||
return
|
return
|
||||||
;;
|
;;
|
||||||
|
@ -446,7 +446,7 @@ _notmuch_reindex()
|
||||||
! $split &&
|
! $split &&
|
||||||
case "${cur}" in
|
case "${cur}" in
|
||||||
-*)
|
-*)
|
||||||
local options="--try-decrypt= ${_notmuch_shared_options}"
|
local options="--decrypt= ${_notmuch_shared_options}"
|
||||||
compopt -o nospace
|
compopt -o nospace
|
||||||
COMPREPLY=( $(compgen -W "$options" -- ${cur}) )
|
COMPREPLY=( $(compgen -W "$options" -- ${cur}) )
|
||||||
;;
|
;;
|
||||||
|
|
|
@ -138,7 +138,7 @@ The available configuration items are described below.
|
||||||
|
|
||||||
Default: ``gpg``.
|
Default: ``gpg``.
|
||||||
|
|
||||||
**index.try_decrypt**
|
**index.decrypt**
|
||||||
|
|
||||||
**[STORED IN DATABASE]**
|
**[STORED IN DATABASE]**
|
||||||
When indexing an encrypted e-mail message, if this variable is
|
When indexing an encrypted e-mail message, if this variable is
|
||||||
|
@ -146,7 +146,7 @@ The available configuration items are described below.
|
||||||
the cleartext. Be aware that the index is likely sufficient
|
the cleartext. Be aware that the index is likely sufficient
|
||||||
to reconstruct the cleartext of the message itself, so please
|
to reconstruct the cleartext of the message itself, so please
|
||||||
ensure that the notmuch message index is adequately protected.
|
ensure that the notmuch message index is adequately protected.
|
||||||
DO NOT USE ``index.try_decrypt=true`` without considering the
|
DO NOT USE ``index.decrypt=true`` without considering the
|
||||||
security of your index.
|
security of your index.
|
||||||
|
|
||||||
Default: ``false``.
|
Default: ``false``.
|
||||||
|
|
|
@ -51,7 +51,7 @@ Supported options for **insert** include
|
||||||
``--no-hooks``
|
``--no-hooks``
|
||||||
Prevent hooks from being run.
|
Prevent hooks from being run.
|
||||||
|
|
||||||
``--try-decrypt=(true|false)``
|
``--decrypt=(true|false)``
|
||||||
|
|
||||||
If true and the message is encrypted, try to decrypt the
|
If true and the message is encrypted, try to decrypt the
|
||||||
message while indexing. If decryption is successful, index
|
message while indexing. If decryption is successful, index
|
||||||
|
@ -60,10 +60,10 @@ Supported options for **insert** include
|
||||||
that the index is likely sufficient to reconstruct the
|
that the index is likely sufficient to reconstruct the
|
||||||
cleartext of the message itself, so please ensure that the
|
cleartext of the message itself, so please ensure that the
|
||||||
notmuch message index is adequately protected. DO NOT USE
|
notmuch message index is adequately protected. DO NOT USE
|
||||||
``--try-decrypt=true`` without considering the security of
|
``--decrypt=true`` without considering the security of
|
||||||
your index.
|
your index.
|
||||||
|
|
||||||
See also ``index.try_decrypt`` in **notmuch-config(1)**.
|
See also ``index.decrypt`` in **notmuch-config(1)**.
|
||||||
|
|
||||||
EXIT STATUS
|
EXIT STATUS
|
||||||
===========
|
===========
|
||||||
|
|
|
@ -43,17 +43,17 @@ Supported options for **new** include
|
||||||
``--quiet``
|
``--quiet``
|
||||||
Do not print progress or results.
|
Do not print progress or results.
|
||||||
|
|
||||||
``--try-decrypt=(true|false)``
|
``--decrypt=(true|false)``
|
||||||
|
|
||||||
If true, when encountering an encrypted message, try to
|
If true, when encountering an encrypted message, try to
|
||||||
decrypt it while indexing. If decryption is successful, index
|
decrypt it while indexing. If decryption is successful, index
|
||||||
the cleartext itself. Be aware that the index is likely
|
the cleartext itself. Be aware that the index is likely
|
||||||
sufficient to reconstruct the cleartext of the message itself,
|
sufficient to reconstruct the cleartext of the message itself,
|
||||||
so please ensure that the notmuch message index is adequately
|
so please ensure that the notmuch message index is adequately
|
||||||
protected. DO NOT USE ``--try-decrypt=true`` without
|
protected. DO NOT USE ``--decrypt=true`` without
|
||||||
considering the security of your index.
|
considering the security of your index.
|
||||||
|
|
||||||
See also ``index.try_decrypt`` in **notmuch-config(1)**.
|
See also ``index.decrypt`` in **notmuch-config(1)**.
|
||||||
|
|
||||||
EXIT STATUS
|
EXIT STATUS
|
||||||
===========
|
===========
|
||||||
|
|
|
@ -21,17 +21,17 @@ messages using the supplied options.
|
||||||
|
|
||||||
Supported options for **reindex** include
|
Supported options for **reindex** include
|
||||||
|
|
||||||
``--try-decrypt=(true|false)``
|
``--decrypt=(true|false)``
|
||||||
|
|
||||||
If true, when encountering an encrypted message, try to
|
If true, when encountering an encrypted message, try to
|
||||||
decrypt it while reindexing. If decryption is successful,
|
decrypt it while reindexing. If decryption is successful,
|
||||||
index the cleartext itself. Be aware that the index is likely
|
index the cleartext itself. Be aware that the index is likely
|
||||||
sufficient to reconstruct the cleartext of the message itself,
|
sufficient to reconstruct the cleartext of the message itself,
|
||||||
so please ensure that the notmuch message index is adequately
|
so please ensure that the notmuch message index is adequately
|
||||||
protected. DO NOT USE ``--try-decrypt=true`` without
|
protected. DO NOT USE ``--decrypt=true`` without
|
||||||
considering the security of your index.
|
considering the security of your index.
|
||||||
|
|
||||||
See also ``index.try_decrypt`` in **notmuch-config(1)**.
|
See also ``index.decrypt`` in **notmuch-config(1)**.
|
||||||
|
|
||||||
SEE ALSO
|
SEE ALSO
|
||||||
========
|
========
|
||||||
|
|
|
@ -70,7 +70,7 @@ of its normal activity.
|
||||||
properties will be set on the message as a whole.
|
properties will be set on the message as a whole.
|
||||||
|
|
||||||
If notmuch never tried to decrypt an encrypted message during
|
If notmuch never tried to decrypt an encrypted message during
|
||||||
indexing (which is the default, see ``index.try_decrypt`` in
|
indexing (which is the default, see ``index.decrypt`` in
|
||||||
**notmuch-config(1)**), then this property will not be set on that
|
**notmuch-config(1)**), then this property will not be set on that
|
||||||
message.
|
message.
|
||||||
|
|
||||||
|
|
|
@ -27,18 +27,18 @@ notmuch_database_get_default_indexopts (notmuch_database_t *db)
|
||||||
if (!ret)
|
if (!ret)
|
||||||
return ret;
|
return ret;
|
||||||
|
|
||||||
char * try_decrypt;
|
char * decrypt;
|
||||||
notmuch_status_t err = notmuch_database_get_config (db, "index.try_decrypt", &try_decrypt);
|
notmuch_status_t err = notmuch_database_get_config (db, "index.decrypt", &decrypt);
|
||||||
if (err)
|
if (err)
|
||||||
return ret;
|
return ret;
|
||||||
|
|
||||||
if (try_decrypt &&
|
if (decrypt &&
|
||||||
((!(strcasecmp(try_decrypt, "true"))) ||
|
((!(strcasecmp(decrypt, "true"))) ||
|
||||||
(!(strcasecmp(try_decrypt, "yes"))) ||
|
(!(strcasecmp(decrypt, "yes"))) ||
|
||||||
(!(strcasecmp(try_decrypt, "1")))))
|
(!(strcasecmp(decrypt, "1")))))
|
||||||
notmuch_indexopts_set_try_decrypt (ret, true);
|
notmuch_indexopts_set_try_decrypt (ret, true);
|
||||||
|
|
||||||
free (try_decrypt);
|
free (decrypt);
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -813,7 +813,7 @@ static bool
|
||||||
_stored_in_db (const char *item)
|
_stored_in_db (const char *item)
|
||||||
{
|
{
|
||||||
const char * db_configs[] = {
|
const char * db_configs[] = {
|
||||||
"index.try_decrypt",
|
"index.decrypt",
|
||||||
};
|
};
|
||||||
if (STRNCMP_LITERAL (item, "query.") == 0)
|
if (STRNCMP_LITERAL (item, "query.") == 0)
|
||||||
return true;
|
return true;
|
||||||
|
|
|
@ -101,7 +101,7 @@ struct _notmuch_client_indexing_cli_choices indexing_cli_choices = { };
|
||||||
const notmuch_opt_desc_t notmuch_shared_indexing_options [] = {
|
const notmuch_opt_desc_t notmuch_shared_indexing_options [] = {
|
||||||
{ .opt_bool = &indexing_cli_choices.try_decrypt,
|
{ .opt_bool = &indexing_cli_choices.try_decrypt,
|
||||||
.present = &indexing_cli_choices.try_decrypt_set,
|
.present = &indexing_cli_choices.try_decrypt_set,
|
||||||
.name = "try-decrypt" },
|
.name = "decrypt" },
|
||||||
{ }
|
{ }
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -117,7 +117,7 @@ notmuch_process_shared_indexing_options (notmuch_database_t *notmuch, g_mime_3_u
|
||||||
return NOTMUCH_STATUS_OUT_OF_MEMORY;
|
return NOTMUCH_STATUS_OUT_OF_MEMORY;
|
||||||
status = notmuch_indexopts_set_try_decrypt (indexing_cli_choices.opts, indexing_cli_choices.try_decrypt);
|
status = notmuch_indexopts_set_try_decrypt (indexing_cli_choices.opts, indexing_cli_choices.try_decrypt);
|
||||||
if (status != NOTMUCH_STATUS_SUCCESS) {
|
if (status != NOTMUCH_STATUS_SUCCESS) {
|
||||||
fprintf (stderr, "Error: Failed to set try_decrypt to %s. (%s)\n",
|
fprintf (stderr, "Error: Failed to set index decryption policy to %s. (%s)\n",
|
||||||
indexing_cli_choices.try_decrypt ? "True" : "False", notmuch_status_to_string (status));
|
indexing_cli_choices.try_decrypt ? "True" : "False", notmuch_status_to_string (status));
|
||||||
notmuch_indexopts_destroy (indexing_cli_choices.opts);
|
notmuch_indexopts_destroy (indexing_cli_choices.opts);
|
||||||
indexing_cli_choices.opts = NULL;
|
indexing_cli_choices.opts = NULL;
|
||||||
|
|
|
@ -29,7 +29,7 @@ test_expect_equal \
|
||||||
# create a test encrypted message that is indexed in the clear
|
# create a test encrypted message that is indexed in the clear
|
||||||
test_begin_subtest 'emacs delivery of encrypted message'
|
test_begin_subtest 'emacs delivery of encrypted message'
|
||||||
test_expect_success \
|
test_expect_success \
|
||||||
'emacs_fcc_message --try-decrypt=true \
|
'emacs_fcc_message --decrypt=true \
|
||||||
"test encrypted message for cleartext index 002" \
|
"test encrypted message for cleartext index 002" \
|
||||||
"This is a test encrypted message with a wumpus.\n" \
|
"This is a test encrypted message with a wumpus.\n" \
|
||||||
"(mml-secure-message-encrypt)"'
|
"(mml-secure-message-encrypt)"'
|
||||||
|
@ -71,8 +71,8 @@ test_expect_equal \
|
||||||
|
|
||||||
# try reinserting it with decryption, should appear again, but now we
|
# try reinserting it with decryption, should appear again, but now we
|
||||||
# have two copies of the message:
|
# have two copies of the message:
|
||||||
test_begin_subtest "message cleartext is present after reinserting with --try-decrypt"
|
test_begin_subtest "message cleartext is present after reinserting with --decrypt"
|
||||||
notmuch insert --folder=sent --try-decrypt <<<"$contents"
|
notmuch insert --folder=sent --decrypt <<<"$contents"
|
||||||
output=$(notmuch search wumpus)
|
output=$(notmuch search wumpus)
|
||||||
expected='thread:0000000000000003 2000-01-01 [1/1(2)] Notmuch Test Suite; test encrypted message for cleartext index 002 (encrypted inbox unread)'
|
expected='thread:0000000000000003 2000-01-01 [1/1(2)] Notmuch Test Suite; test encrypted message for cleartext index 002 (encrypted inbox unread)'
|
||||||
test_expect_equal \
|
test_expect_equal \
|
||||||
|
@ -93,8 +93,8 @@ test_expect_equal \
|
||||||
# try inserting it with decryption, should appear as a single copy
|
# try inserting it with decryption, should appear as a single copy
|
||||||
# (note: i think thread id skips 4 because of duplicate message-id
|
# (note: i think thread id skips 4 because of duplicate message-id
|
||||||
# insertion, above)
|
# insertion, above)
|
||||||
test_begin_subtest "message cleartext is present with insert --try-decrypt"
|
test_begin_subtest "message cleartext is present with insert --decrypt"
|
||||||
notmuch insert --folder=sent --try-decrypt <<<"$contents"
|
notmuch insert --folder=sent --decrypt <<<"$contents"
|
||||||
output=$(notmuch search wumpus)
|
output=$(notmuch search wumpus)
|
||||||
expected='thread:0000000000000005 2000-01-01 [1/1] Notmuch Test Suite; test encrypted message for cleartext index 002 (encrypted inbox unread)'
|
expected='thread:0000000000000005 2000-01-01 [1/1] Notmuch Test Suite; test encrypted message for cleartext index 002 (encrypted inbox unread)'
|
||||||
test_expect_equal \
|
test_expect_equal \
|
||||||
|
@ -113,9 +113,9 @@ test_expect_equal \
|
||||||
"$output" \
|
"$output" \
|
||||||
"$expected"
|
"$expected"
|
||||||
|
|
||||||
# see if first message shows up after reindexing with --try-decrypt=true (same $expected, untouched):
|
# see if first message shows up after reindexing with --decrypt=true (same $expected, untouched):
|
||||||
test_begin_subtest 'reindex old messages'
|
test_begin_subtest 'reindex old messages'
|
||||||
test_expect_success 'notmuch reindex --try-decrypt=true tag:encrypted and not property:index.decryption=success'
|
test_expect_success 'notmuch reindex --decrypt=true tag:encrypted and not property:index.decryption=success'
|
||||||
test_begin_subtest "reindexed encrypted message, including cleartext"
|
test_begin_subtest "reindexed encrypted message, including cleartext"
|
||||||
output=$(notmuch search wumpus)
|
output=$(notmuch search wumpus)
|
||||||
test_expect_equal \
|
test_expect_equal \
|
||||||
|
@ -159,7 +159,7 @@ test_expect_equal \
|
||||||
add_email_corpus crypto
|
add_email_corpus crypto
|
||||||
|
|
||||||
test_begin_subtest "indexing message fails when secret key not available"
|
test_begin_subtest "indexing message fails when secret key not available"
|
||||||
notmuch reindex --try-decrypt id:simple-encrypted@crypto.notmuchmail.org
|
notmuch reindex --decrypt id:simple-encrypted@crypto.notmuchmail.org
|
||||||
output=$(notmuch dump )
|
output=$(notmuch dump )
|
||||||
expected='#notmuch-dump batch-tag:3 config,properties,tags
|
expected='#notmuch-dump batch-tag:3 config,properties,tags
|
||||||
+encrypted +inbox +unread -- id:simple-encrypted@crypto.notmuchmail.org
|
+encrypted +inbox +unread -- id:simple-encrypted@crypto.notmuchmail.org
|
||||||
|
@ -180,7 +180,7 @@ notmuch restore <<EOF
|
||||||
#notmuch-dump batch-tag:3 config,properties,tags
|
#notmuch-dump batch-tag:3 config,properties,tags
|
||||||
#= simple-encrypted@crypto.notmuchmail.org session-key=9%3AFC09987F5F927CC0CC0EE80A96E4C5BBF4A499818FB591207705DFDDD6112CF9
|
#= simple-encrypted@crypto.notmuchmail.org session-key=9%3AFC09987F5F927CC0CC0EE80A96E4C5BBF4A499818FB591207705DFDDD6112CF9
|
||||||
EOF
|
EOF
|
||||||
notmuch reindex --try-decrypt id:simple-encrypted@crypto.notmuchmail.org
|
notmuch reindex --decrypt id:simple-encrypted@crypto.notmuchmail.org
|
||||||
output=$(notmuch search sekrit)
|
output=$(notmuch search sekrit)
|
||||||
expected='thread:0000000000000001 2016-12-22 [1/1] Daniel Kahn Gillmor; encrypted message (encrypted inbox unread)'
|
expected='thread:0000000000000001 2016-12-22 [1/1] Daniel Kahn Gillmor; encrypted message (encrypted inbox unread)'
|
||||||
if [ $NOTMUCH_HAVE_GMIME_SESSION_KEYS -eq 0 ]; then
|
if [ $NOTMUCH_HAVE_GMIME_SESSION_KEYS -eq 0 ]; then
|
||||||
|
|
|
@ -347,7 +347,7 @@ emacs_deliver_message ()
|
||||||
# before sending, which is useful to doing things like attaching files
|
# before sending, which is useful to doing things like attaching files
|
||||||
# to the message and encrypting/signing.
|
# to the message and encrypting/signing.
|
||||||
#
|
#
|
||||||
# If any GNU-style long-arguments (like --quiet or --try-decrypt=true) are
|
# If any GNU-style long-arguments (like --quiet or --decrypt=true) are
|
||||||
# at the head of the argument list, they are sent directly to "notmuch
|
# at the head of the argument list, they are sent directly to "notmuch
|
||||||
# new" after message delivery
|
# new" after message delivery
|
||||||
emacs_fcc_message ()
|
emacs_fcc_message ()
|
||||||
|
|
Loading…
Reference in a new issue