From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from localhost (localhost [127.0.0.1]) by arlo.cworth.org (Postfix) with ESMTP id D3E306DE11EC for ; Tue, 24 Oct 2017 23:52:24 -0700 (PDT) X-Virus-Scanned: Debian amavisd-new at cworth.org X-Spam-Flag: NO X-Spam-Score: -0.037 X-Spam-Level: X-Spam-Status: No, score=-0.037 tagged_above=-999 required=5 tests=[AWL=-0.037] autolearn=disabled Received: from arlo.cworth.org ([127.0.0.1]) by localhost (arlo.cworth.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 31FYeHcYH_8I for ; Tue, 24 Oct 2017 23:52:24 -0700 (PDT) Received: from che.mayfirst.org (che.mayfirst.org [162.247.75.118]) by arlo.cworth.org (Postfix) with ESMTP id 4C3B46DE1003 for ; Tue, 24 Oct 2017 23:52:13 -0700 (PDT) Received: from fifthhorseman.net (unknown [38.109.115.130]) by che.mayfirst.org (Postfix) with ESMTPSA id 960D6F9A9 for ; Wed, 25 Oct 2017 02:52:12 -0400 (EDT) Received: by fifthhorseman.net (Postfix, from userid 1000) id DF26821347; Wed, 25 Oct 2017 02:52:06 -0400 (EDT) From: Daniel Kahn Gillmor To: Notmuch Mail Subject: [PATCH 08/18] cli/reply: use decryption policy "auto" by default. Date: Wed, 25 Oct 2017 02:51:53 -0400 Message-Id: <20171025065203.24403-9-dkg@fifthhorseman.net> X-Mailer: git-send-email 2.14.2 In-Reply-To: <20171025065203.24403-1-dkg@fifthhorseman.net> References: <20171025065203.24403-1-dkg@fifthhorseman.net> X-BeenThere: notmuch@notmuchmail.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Use and development of the notmuch mail system." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 25 Oct 2017 06:52:24 -0000 If the user doesn't specify --decrypt= at all, but a stashed session key is known to notmuch, when replying to an encrypted message, notmuch should just go ahead and decrypt. The user can disable this at the command line with --decrypt=false, though it's not clear why they would ever want to do that. --- completion/notmuch-completion.bash | 6 +++++- doc/man1/notmuch-reply.rst | 6 +++++- notmuch-reply.c | 9 +++++---- test/T357-index-decryption.sh | 7 +++++++ 4 files changed, 22 insertions(+), 6 deletions(-) diff --git a/completion/notmuch-completion.bash b/completion/notmuch-completion.bash index 7aae4297..5e408b9d 100644 --- a/completion/notmuch-completion.bash +++ b/completion/notmuch-completion.bash @@ -350,12 +350,16 @@ _notmuch_reply() COMPREPLY=( $( compgen -W "all sender" -- "${cur}" ) ) return ;; + --decrypt) + COMPREPLY=( $( compgen -W "true false" -- "${cur}" ) ) + return + ;; esac ! $split && case "${cur}" in -*) - local options="--format= --format-version= --reply-to= --decrypt ${_notmuch_shared_options}" + local options="--format= --format-version= --reply-to= --decrypt= ${_notmuch_shared_options}" compopt -o nospace COMPREPLY=( $(compgen -W "$options" -- ${cur}) ) ;; diff --git a/doc/man1/notmuch-reply.rst b/doc/man1/notmuch-reply.rst index b6aec3c8..ede77930 100644 --- a/doc/man1/notmuch-reply.rst +++ b/doc/man1/notmuch-reply.rst @@ -80,8 +80,12 @@ Supported options for **reply** include multipart/encrypted part will be replaced by the decrypted content. + If a session key is already known for the message, then it + will be decrypted automatically unless the user explicitly + sets ``--decrypt=false``. + Decryption expects a functioning **gpg-agent(1)** to provide any - needed credentials. Without one, the decryption will fail. + needed credentials. Without one, the decryption will likely fail. See **notmuch-search-terms(7)** for details of the supported syntax for . diff --git a/notmuch-reply.c b/notmuch-reply.c index eec34bed..fd990a9a 100644 --- a/notmuch-reply.c +++ b/notmuch-reply.c @@ -700,11 +700,12 @@ notmuch_reply_command (notmuch_config_t *config, int argc, char *argv[]) int opt_index; notmuch_show_params_t params = { .part = -1, - .crypto = { .decrypt = NOTMUCH_DECRYPT_FALSE }, + .crypto = { .decrypt = NOTMUCH_DECRYPT_AUTO }, }; int format = FORMAT_DEFAULT; int reply_all = true; bool decrypt = false; + bool decrypt_set = false; notmuch_opt_desc_t options[] = { { .opt_keyword = &format, .name = "format", .keywords = @@ -718,7 +719,7 @@ notmuch_reply_command (notmuch_config_t *config, int argc, char *argv[]) (notmuch_keyword_t []){ { "all", true }, { "sender", false }, { 0, 0 } } }, - { .opt_bool = &decrypt, .name = "decrypt" }, + { .opt_bool = &decrypt, .name = "decrypt", .present = &decrypt_set }, { .opt_inherit = notmuch_shared_options }, { } }; @@ -728,8 +729,8 @@ notmuch_reply_command (notmuch_config_t *config, int argc, char *argv[]) return EXIT_FAILURE; notmuch_process_shared_options (argv[0]); - if (decrypt) - params.crypto.decrypt = NOTMUCH_DECRYPT_TRUE; + if (decrypt_set) + params.crypto.decrypt = decrypt ? NOTMUCH_DECRYPT_TRUE : NOTMUCH_DECRYPT_FALSE; notmuch_exit_if_unsupported_format (); diff --git a/test/T357-index-decryption.sh b/test/T357-index-decryption.sh index d453d568..61360e42 100755 --- a/test/T357-index-decryption.sh +++ b/test/T357-index-decryption.sh @@ -197,6 +197,13 @@ test_expect_equal \ "$output" \ "$expected" +test_begin_subtest "notmuch reply should show cleartext if session key is present" +output=$(notmuch reply id:simple-encrypted@crypto.notmuchmail.org | grep '^>') +expected='> This is a top sekrit message.' +test_expect_equal \ + "$output" \ + "$expected" + # TODO: test removal of a message from the message store between # indexing and reindexing. -- 2.14.2