From: David Bremner <david@tethera.net>
To: notmuch@notmuchmail.org
Subject: [Patch v5 3/4] emacs: check drafts for encryption tags before saving
Date: Mon, 7 Nov 2016 08:52:10 -0400 [thread overview]
Message-ID: <20161107125211.23405-4-david@tethera.net> (raw)
In-Reply-To: <20161107125211.23405-1-david@tethera.net>
In general the user may not want to save plaintext copies of messages
that they are sending encrypted, so give them a chance to abort.
---
emacs/notmuch-draft.el | 40 ++++++++++++++++++++++++++++++++++++++++
test/T630-emacs-draft.sh | 13 +++++++++++++
2 files changed, 53 insertions(+)
diff --git a/emacs/notmuch-draft.el b/emacs/notmuch-draft.el
index 11d906b..5a230e8 100644
--- a/emacs/notmuch-draft.el
+++ b/emacs/notmuch-draft.el
@@ -70,6 +70,21 @@ postponing and resuming a message."
:type '(repeat string)
:group 'notmuch-send)
+(defcustom notmuch-draft-save-plaintext 'ask
+ "Should notmuch save/postpone in plaintext messages that seem
+ like they are intended to be sent encrypted
+(i.e with an mml encryption tag in it)."
+ :type '(radio
+ (const :tag "Never" nil)
+ (const :tag "Ask every time" ask)
+ (const :tag "Always" t))
+ :group 'notmuch-draft
+ :group 'notmuch-crypto)
+
+(defvar notmuch-draft-encryption-tag-regex
+ "<#\\(part encrypt\\|secure.*mode=.*encrypt>\\)"
+ "Regular expression matching mml tags indicating encryption of part or message")
+
(defvar notmuch-draft-id nil
"Message-id of the most recent saved draft of this message")
(make-variable-buffer-local 'notmuch-draft-id)
@@ -102,6 +117,22 @@ Used when a new version is saved, or the message is sent."
(goto-char (+ (match-beginning 0) 2))
(insert "!"))))))
+(defun notmuch-draft--check-encryption-tag (&optional ask)
+ "Query user if there an mml tag that looks like it might indicate encryption.
+
+Returns t if there is no such tag, or the user confirms they mean
+it."
+ (save-excursion
+ (message-goto-body)
+ (or
+ ;; We are fine if no relevant tag is found, or
+ (not (re-search-forward notmuch-draft-encryption-tag-regex nil 't))
+ ;; The user confirms they means it.
+ (and ask
+ (yes-or-no-p "(Customize `notmuch-draft-save-plaintext' to avoid this warning)
+This message contains mml tags that suggest it is intended to be encrypted.
+Really save and index an unencrypted copy? ")))))
+
(defun notmuch-draft-save ()
"Save the current draft message in the notmuch database.
@@ -109,6 +140,15 @@ This saves the current message in the database with tags
`notmuch-draft-tags` (in addition to any default tags
applied to newly inserted messages)."
(interactive)
+ (case notmuch-draft-save-plaintext
+ ((ask)
+ (unless (notmuch-draft--check-encryption-tag t)
+ (error "Save aborted")))
+ ((t)
+ (ignore))
+ ((nil)
+ (unless (notmuch-draft--check-encryption-tag nil)
+ (error "Refusing to save draft with encryption tags (see `notmuch-draft-save-plaintext')"))))
(let (;; We need the message id as we need it for tagging. Note
;; message-make-message-id gives the id inside a "<" ">" pair,
;; but notmuch doesn't want that form, so remove them.
diff --git a/test/T630-emacs-draft.sh b/test/T630-emacs-draft.sh
index e39690c..689ccfb 100755
--- a/test/T630-emacs-draft.sh
+++ b/test/T630-emacs-draft.sh
@@ -39,4 +39,17 @@ header_count=$(notmuch show --format=raw subject:draft-test-0003 | grep -c ^X-No
body_count=$(notmuch notmuch show --format=raw subject:draft-test-0003 | grep -c '^\<#secure')
test_expect_equal "$header_count,$body_count" "1,0"
+test_begin_subtest "Refusing to save an encrypted draft"
+test_emacs '(notmuch-mua-mail)
+ (message-goto-subject)
+ (insert "draft-test-0004")
+ (mml-secure-message-sign-encrypt)
+ (let ((notmuch-draft-save-plaintext nil))
+ (notmuch-draft-save))
+ (test-output)'
+count1=$(notmuch count tag:draft)
+count2=$(notmuch count subject:draft-test-0004)
+
+test_expect_equal "$count1,$count2" "3,0"
+
test_done
--
2.10.2
next prev parent reply other threads:[~2016-11-07 12:52 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-11-07 12:52 v5 emacs postpone/resume patches David Bremner
2016-11-07 12:52 ` [Patch v5 1/4] emacs: tree: remove binding for pressing button in message pane David Bremner
2016-11-07 12:52 ` [Patch v5 2/4] emacs: postpone a message David Bremner
2016-11-12 12:30 ` David Bremner
2016-11-13 9:36 ` Mark Walters
2016-11-07 12:52 ` David Bremner [this message]
2016-11-07 19:47 ` [Patch v5 3/4] emacs: check drafts for encryption tags before saving Mark Walters
2016-11-12 12:48 ` David Bremner
2016-11-07 12:52 ` [Patch v5 4/4] emacs: resume messages David Bremner
2016-11-12 13:10 ` David Bremner
2016-11-13 9:41 ` Mark Walters
2016-11-13 13:13 ` David Bremner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://notmuchmail.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20161107125211.23405-4-david@tethera.net \
--to=david@tethera.net \
--cc=notmuch@notmuchmail.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://yhetil.org/notmuch.git/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).