From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: Notmuch Mail <notmuch@notmuchmail.org>
Subject: [PATCH v2 07/21] indexing: Change from try_decrypt to decrypt
Date: Thu, 30 Nov 2017 03:59:32 -0500 [thread overview]
Message-ID: <20171130085946.11332-8-dkg@fifthhorseman.net> (raw)
In-Reply-To: <20171130085946.11332-1-dkg@fifthhorseman.net>
the command-line interface for indexing (reindex, new, insert) used
--try-decrypt; and the configuration records used index.try_decrypt.
But by comparison with "show" and "reply", there doesn't seem to be
any reason for the "try" prefix.
This changeset adjusts the command-line interface and the
configuration interface.
For the moment, i've left indexopts_{set,get}_try_decrypt alone. The
subsequent changeset will address those.
---
NEWS | 4 ++--
completion/notmuch-completion.bash | 12 ++++++------
doc/man1/notmuch-config.rst | 4 ++--
doc/man1/notmuch-insert.rst | 6 +++---
doc/man1/notmuch-new.rst | 6 +++---
doc/man1/notmuch-reindex.rst | 6 +++---
doc/man7/notmuch-properties.rst | 2 +-
lib/indexopts.c | 14 +++++++-------
notmuch-config.c | 2 +-
notmuch.c | 4 ++--
test/T357-index-decryption.sh | 18 +++++++++---------
test/test-lib.sh | 2 +-
12 files changed, 40 insertions(+), 40 deletions(-)
diff --git a/NEWS b/NEWS
index 412c678d..0465b9e8 100644
--- a/NEWS
+++ b/NEWS
@@ -19,9 +19,9 @@ Indexing cleartext of encrypted e-mails
It's now possible to include the cleartext of encrypted e-mails in
the notmuch index. This makes it possible to search your encrypted
e-mails with the same ease as searching cleartext. This can be done
- on a per-message basis with the --try-decrypt argument to indexing
+ on a per-message basis with the --decrypt argument to indexing
commands (new, insert, reindex), or by default by running "notmuch
- config set index.try_decrypt true".
+ config set index.decrypt true".
Note that the contents of the index are sufficient to roughly
reconstruct the cleartext of the message itself, so please ensure
diff --git a/completion/notmuch-completion.bash b/completion/notmuch-completion.bash
index 7aae4297..e462a82a 100644
--- a/completion/notmuch-completion.bash
+++ b/completion/notmuch-completion.bash
@@ -287,7 +287,7 @@ _notmuch_insert()
sed "s|^$path/||" | grep -v "\(^\|/\)\(cur\|new\|tmp\)$" ) )
return
;;
- --try-decrypt)
+ --decrypt)
COMPREPLY=( $( compgen -W "true false" -- "${cur}" ) )
return
;;
@@ -296,7 +296,7 @@ _notmuch_insert()
! $split &&
case "${cur}" in
--*)
- local options="--create-folder --folder= --keep --no-hooks --try-decrypt= ${_notmuch_shared_options}"
+ local options="--create-folder --folder= --keep --no-hooks --decrypt= ${_notmuch_shared_options}"
compopt -o nospace
COMPREPLY=( $(compgen -W "$options" -- ${cur}) )
return
@@ -319,7 +319,7 @@ _notmuch_new()
$split &&
case "${prev}" in
- --try-decrypt)
+ --decrypt)
COMPREPLY=( $( compgen -W "true false" -- "${cur}" ) )
return
;;
@@ -328,7 +328,7 @@ _notmuch_new()
! $split &&
case "${cur}" in
-*)
- local options="--no-hooks --try-decrypt= --quiet ${_notmuch_shared_options}"
+ local options="--no-hooks --decrypt= --quiet ${_notmuch_shared_options}"
compopt -o nospace
COMPREPLY=( $(compgen -W "${options}" -- ${cur}) )
;;
@@ -437,7 +437,7 @@ _notmuch_reindex()
$split &&
case "${prev}" in
- --try-decrypt)
+ --decrypt)
COMPREPLY=( $( compgen -W "true false" -- "${cur}" ) )
return
;;
@@ -446,7 +446,7 @@ _notmuch_reindex()
! $split &&
case "${cur}" in
-*)
- local options="--try-decrypt= ${_notmuch_shared_options}"
+ local options="--decrypt= ${_notmuch_shared_options}"
compopt -o nospace
COMPREPLY=( $(compgen -W "$options" -- ${cur}) )
;;
diff --git a/doc/man1/notmuch-config.rst b/doc/man1/notmuch-config.rst
index 6961737f..ea3d9754 100644
--- a/doc/man1/notmuch-config.rst
+++ b/doc/man1/notmuch-config.rst
@@ -138,7 +138,7 @@ The available configuration items are described below.
Default: ``gpg``.
- **index.try_decrypt**
+ **index.decrypt**
**[STORED IN DATABASE]**
When indexing an encrypted e-mail message, if this variable is
@@ -146,7 +146,7 @@ The available configuration items are described below.
the cleartext. Be aware that the index is likely sufficient
to reconstruct the cleartext of the message itself, so please
ensure that the notmuch message index is adequately protected.
- DO NOT USE ``index.try_decrypt=true`` without considering the
+ DO NOT USE ``index.decrypt=true`` without considering the
security of your index.
Default: ``false``.
diff --git a/doc/man1/notmuch-insert.rst b/doc/man1/notmuch-insert.rst
index c500b251..eb9ff11b 100644
--- a/doc/man1/notmuch-insert.rst
+++ b/doc/man1/notmuch-insert.rst
@@ -51,7 +51,7 @@ Supported options for **insert** include
``--no-hooks``
Prevent hooks from being run.
- ``--try-decrypt=(true|false)``
+ ``--decrypt=(true|false)``
If true and the message is encrypted, try to decrypt the
message while indexing. If decryption is successful, index
@@ -60,10 +60,10 @@ Supported options for **insert** include
that the index is likely sufficient to reconstruct the
cleartext of the message itself, so please ensure that the
notmuch message index is adequately protected. DO NOT USE
- ``--try-decrypt=true`` without considering the security of
+ ``--decrypt=true`` without considering the security of
your index.
- See also ``index.try_decrypt`` in **notmuch-config(1)**.
+ See also ``index.decrypt`` in **notmuch-config(1)**.
EXIT STATUS
===========
diff --git a/doc/man1/notmuch-new.rst b/doc/man1/notmuch-new.rst
index bc26aa48..1df86f06 100644
--- a/doc/man1/notmuch-new.rst
+++ b/doc/man1/notmuch-new.rst
@@ -43,17 +43,17 @@ Supported options for **new** include
``--quiet``
Do not print progress or results.
- ``--try-decrypt=(true|false)``
+ ``--decrypt=(true|false)``
If true, when encountering an encrypted message, try to
decrypt it while indexing. If decryption is successful, index
the cleartext itself. Be aware that the index is likely
sufficient to reconstruct the cleartext of the message itself,
so please ensure that the notmuch message index is adequately
- protected. DO NOT USE ``--try-decrypt=true`` without
+ protected. DO NOT USE ``--decrypt=true`` without
considering the security of your index.
- See also ``index.try_decrypt`` in **notmuch-config(1)**.
+ See also ``index.decrypt`` in **notmuch-config(1)**.
EXIT STATUS
===========
diff --git a/doc/man1/notmuch-reindex.rst b/doc/man1/notmuch-reindex.rst
index 21f6c7a9..782b0d7b 100644
--- a/doc/man1/notmuch-reindex.rst
+++ b/doc/man1/notmuch-reindex.rst
@@ -21,17 +21,17 @@ messages using the supplied options.
Supported options for **reindex** include
- ``--try-decrypt=(true|false)``
+ ``--decrypt=(true|false)``
If true, when encountering an encrypted message, try to
decrypt it while reindexing. If decryption is successful,
index the cleartext itself. Be aware that the index is likely
sufficient to reconstruct the cleartext of the message itself,
so please ensure that the notmuch message index is adequately
- protected. DO NOT USE ``--try-decrypt=true`` without
+ protected. DO NOT USE ``--decrypt=true`` without
considering the security of your index.
- See also ``index.try_decrypt`` in **notmuch-config(1)**.
+ See also ``index.decrypt`` in **notmuch-config(1)**.
SEE ALSO
========
diff --git a/doc/man7/notmuch-properties.rst b/doc/man7/notmuch-properties.rst
index 49602b73..f27dd607 100644
--- a/doc/man7/notmuch-properties.rst
+++ b/doc/man7/notmuch-properties.rst
@@ -70,7 +70,7 @@ of its normal activity.
properties will be set on the message as a whole.
If notmuch never tried to decrypt an encrypted message during
- indexing (which is the default, see ``index.try_decrypt`` in
+ indexing (which is the default, see ``index.decrypt`` in
**notmuch-config(1)**), then this property will not be set on that
message.
diff --git a/lib/indexopts.c b/lib/indexopts.c
index 15c31d24..ca6bf6c9 100644
--- a/lib/indexopts.c
+++ b/lib/indexopts.c
@@ -27,18 +27,18 @@ notmuch_database_get_default_indexopts (notmuch_database_t *db)
if (!ret)
return ret;
- char * try_decrypt;
- notmuch_status_t err = notmuch_database_get_config (db, "index.try_decrypt", &try_decrypt);
+ char * decrypt;
+ notmuch_status_t err = notmuch_database_get_config (db, "index.decrypt", &decrypt);
if (err)
return ret;
- if (try_decrypt &&
- ((!(strcasecmp(try_decrypt, "true"))) ||
- (!(strcasecmp(try_decrypt, "yes"))) ||
- (!(strcasecmp(try_decrypt, "1")))))
+ if (decrypt &&
+ ((!(strcasecmp(decrypt, "true"))) ||
+ (!(strcasecmp(decrypt, "yes"))) ||
+ (!(strcasecmp(decrypt, "1")))))
notmuch_indexopts_set_try_decrypt (ret, true);
- free (try_decrypt);
+ free (decrypt);
return ret;
}
diff --git a/notmuch-config.c b/notmuch-config.c
index 1cba2661..e1b16609 100644
--- a/notmuch-config.c
+++ b/notmuch-config.c
@@ -813,7 +813,7 @@ static bool
_stored_in_db (const char *item)
{
const char * db_configs[] = {
- "index.try_decrypt",
+ "index.decrypt",
};
if (STRNCMP_LITERAL (item, "query.") == 0)
return true;
diff --git a/notmuch.c b/notmuch.c
index 539ac58c..5f5ac38a 100644
--- a/notmuch.c
+++ b/notmuch.c
@@ -101,7 +101,7 @@ struct _notmuch_client_indexing_cli_choices indexing_cli_choices = { };
const notmuch_opt_desc_t notmuch_shared_indexing_options [] = {
{ .opt_bool = &indexing_cli_choices.try_decrypt,
.present = &indexing_cli_choices.try_decrypt_set,
- .name = "try-decrypt" },
+ .name = "decrypt" },
{ }
};
@@ -117,7 +117,7 @@ notmuch_process_shared_indexing_options (notmuch_database_t *notmuch, g_mime_3_u
return NOTMUCH_STATUS_OUT_OF_MEMORY;
status = notmuch_indexopts_set_try_decrypt (indexing_cli_choices.opts, indexing_cli_choices.try_decrypt);
if (status != NOTMUCH_STATUS_SUCCESS) {
- fprintf (stderr, "Error: Failed to set try_decrypt to %s. (%s)\n",
+ fprintf (stderr, "Error: Failed to set index decryption policy to %s. (%s)\n",
indexing_cli_choices.try_decrypt ? "True" : "False", notmuch_status_to_string (status));
notmuch_indexopts_destroy (indexing_cli_choices.opts);
indexing_cli_choices.opts = NULL;
diff --git a/test/T357-index-decryption.sh b/test/T357-index-decryption.sh
index 11ea2074..078ec668 100755
--- a/test/T357-index-decryption.sh
+++ b/test/T357-index-decryption.sh
@@ -29,7 +29,7 @@ test_expect_equal \
# create a test encrypted message that is indexed in the clear
test_begin_subtest 'emacs delivery of encrypted message'
test_expect_success \
-'emacs_fcc_message --try-decrypt=true \
+'emacs_fcc_message --decrypt=true \
"test encrypted message for cleartext index 002" \
"This is a test encrypted message with a wumpus.\n" \
"(mml-secure-message-encrypt)"'
@@ -71,8 +71,8 @@ test_expect_equal \
# try reinserting it with decryption, should appear again, but now we
# have two copies of the message:
-test_begin_subtest "message cleartext is present after reinserting with --try-decrypt"
-notmuch insert --folder=sent --try-decrypt <<<"$contents"
+test_begin_subtest "message cleartext is present after reinserting with --decrypt"
+notmuch insert --folder=sent --decrypt <<<"$contents"
output=$(notmuch search wumpus)
expected='thread:0000000000000003 2000-01-01 [1/1(2)] Notmuch Test Suite; test encrypted message for cleartext index 002 (encrypted inbox unread)'
test_expect_equal \
@@ -93,8 +93,8 @@ test_expect_equal \
# try inserting it with decryption, should appear as a single copy
# (note: i think thread id skips 4 because of duplicate message-id
# insertion, above)
-test_begin_subtest "message cleartext is present with insert --try-decrypt"
-notmuch insert --folder=sent --try-decrypt <<<"$contents"
+test_begin_subtest "message cleartext is present with insert --decrypt"
+notmuch insert --folder=sent --decrypt <<<"$contents"
output=$(notmuch search wumpus)
expected='thread:0000000000000005 2000-01-01 [1/1] Notmuch Test Suite; test encrypted message for cleartext index 002 (encrypted inbox unread)'
test_expect_equal \
@@ -113,9 +113,9 @@ test_expect_equal \
"$output" \
"$expected"
-# see if first message shows up after reindexing with --try-decrypt=true (same $expected, untouched):
+# see if first message shows up after reindexing with --decrypt=true (same $expected, untouched):
test_begin_subtest 'reindex old messages'
-test_expect_success 'notmuch reindex --try-decrypt=true tag:encrypted and not property:index.decryption=success'
+test_expect_success 'notmuch reindex --decrypt=true tag:encrypted and not property:index.decryption=success'
test_begin_subtest "reindexed encrypted message, including cleartext"
output=$(notmuch search wumpus)
test_expect_equal \
@@ -159,7 +159,7 @@ test_expect_equal \
add_email_corpus crypto
test_begin_subtest "indexing message fails when secret key not available"
-notmuch reindex --try-decrypt id:simple-encrypted@crypto.notmuchmail.org
+notmuch reindex --decrypt id:simple-encrypted@crypto.notmuchmail.org
output=$(notmuch dump )
expected='#notmuch-dump batch-tag:3 config,properties,tags
+encrypted +inbox +unread -- id:simple-encrypted@crypto.notmuchmail.org
@@ -180,7 +180,7 @@ notmuch restore <<EOF
#notmuch-dump batch-tag:3 config,properties,tags
#= simple-encrypted@crypto.notmuchmail.org session-key=9%3AFC09987F5F927CC0CC0EE80A96E4C5BBF4A499818FB591207705DFDDD6112CF9
EOF
-notmuch reindex --try-decrypt id:simple-encrypted@crypto.notmuchmail.org
+notmuch reindex --decrypt id:simple-encrypted@crypto.notmuchmail.org
output=$(notmuch search sekrit)
expected='thread:0000000000000001 2016-12-22 [1/1] Daniel Kahn Gillmor; encrypted message (encrypted inbox unread)'
test_expect_equal \
diff --git a/test/test-lib.sh b/test/test-lib.sh
index 42a45f15..ea8bf721 100644
--- a/test/test-lib.sh
+++ b/test/test-lib.sh
@@ -347,7 +347,7 @@ emacs_deliver_message ()
# before sending, which is useful to doing things like attaching files
# to the message and encrypting/signing.
#
-# If any GNU-style long-arguments (like --quiet or --try-decrypt=true) are
+# If any GNU-style long-arguments (like --quiet or --decrypt=true) are
# at the head of the argument list, they are sent directly to "notmuch
# new" after message delivery
emacs_fcc_message ()
--
2.15.0
next prev parent reply other threads:[~2017-11-30 9:00 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-11-30 8:59 session keys, version 2 Daniel Kahn Gillmor
2017-11-30 8:59 ` [PATCH v2 01/21] mime-node: handle decrypt_result more safely Daniel Kahn Gillmor
2017-11-30 8:59 ` [PATCH v2 02/21] crypto: add _notmuch_crypto_decrypt wrapper function Daniel Kahn Gillmor
2017-11-30 8:59 ` [PATCH v2 03/21] configure: session key handling in gmime maps to built_with("session_key") Daniel Kahn Gillmor
2017-11-30 8:59 ` [PATCH v2 04/21] crypto: use stashed session-key properties for decryption, if available Daniel Kahn Gillmor
2017-11-30 15:06 ` Daniel Kahn Gillmor
2017-12-05 1:47 ` David Bremner
2017-11-30 8:59 ` [PATCH v2 05/21] test/corpora: add an encrypted message for index decryption tests Daniel Kahn Gillmor
2017-11-30 8:59 ` [PATCH v2 06/21] crypto: Test restore of cleartext index from stashed session keys Daniel Kahn Gillmor
2017-12-05 1:59 ` David Bremner
2017-12-06 2:12 ` Daniel Kahn Gillmor
2017-12-07 8:20 ` Jameson Graef Rollins
2017-12-08 7:03 ` Daniel Kahn Gillmor
2017-11-30 8:59 ` Daniel Kahn Gillmor [this message]
2017-11-30 8:59 ` [PATCH v2 08/21] indexopts: change _try_decrypt to _decrypt_policy Daniel Kahn Gillmor
2017-11-30 8:59 ` [PATCH v2 09/21] lib: convert notmuch decryption policy to an enum Daniel Kahn Gillmor
2017-11-30 8:59 ` [PATCH v2 10/21] crypto: new decryption policy "auto" Daniel Kahn Gillmor
2017-11-30 8:59 ` [PATCH v2 11/21] cli/reply: use decryption policy "auto" by default Daniel Kahn Gillmor
2017-11-30 8:59 ` [PATCH v2 12/21] cli/show: " Daniel Kahn Gillmor
2017-11-30 8:59 ` [PATCH v2 13/21] cli/show, reply: document use of stashed session keys in notmuch-properties Daniel Kahn Gillmor
2017-11-30 8:59 ` [PATCH v2 14/21] cli/new, insert, reindex: update documentation for --decrypt=auto Daniel Kahn Gillmor
2017-11-30 8:59 ` [PATCH v2 15/21] crypto: record whether an actual decryption attempt happened Daniel Kahn Gillmor
2017-11-30 8:59 ` [PATCH v2 16/21] cli/new, insert, reindex: change index.decrypt to "auto" by default Daniel Kahn Gillmor
2017-11-30 8:59 ` [PATCH v2 17/21] cli/reindex: destroy stashed session keys when --decrypt=false Daniel Kahn Gillmor
2017-11-30 8:59 ` [PATCH v2 18/21] crypto: actually stash session keys when decrypt=true Daniel Kahn Gillmor
2017-11-30 8:59 ` [PATCH v2 19/21] crypto: add --decrypt=nostash to avoid stashing session keys Daniel Kahn Gillmor
2017-11-30 8:59 ` [PATCH v2 20/21] docs: clean up documentation about decryption policies Daniel Kahn Gillmor
2017-11-30 8:59 ` [PATCH v2 21/21] python: add decrypt_policy argument to Database.index_file() Daniel Kahn Gillmor
2017-11-30 15:05 ` Daniel Kahn Gillmor
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://notmuchmail.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20171130085946.11332-8-dkg@fifthhorseman.net \
--to=dkg@fifthhorseman.net \
--cc=notmuch@notmuchmail.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://yhetil.org/notmuch.git/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).