[PATCH v5 08/12] config: define new option index.try_decrypt
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Sat Oct 14 23:48:03 PDT 2017
By default, notmuch won't try to decrypt on indexing. With this
patch, we make it possible to indicate a per-database preference using
the config variable "index.try_decrypt", which by default will be
false.
---
doc/man1/notmuch-config.rst | 12 ++++++++++++
lib/indexopts.c | 18 +++++++++++++++++-
2 files changed, 29 insertions(+), 1 deletion(-)
diff --git a/doc/man1/notmuch-config.rst b/doc/man1/notmuch-config.rst
index 6a51e64f..6f35d127 100644
--- a/doc/man1/notmuch-config.rst
+++ b/doc/man1/notmuch-config.rst
@@ -134,6 +134,18 @@ The available configuration items are described below.
Default: ``gpg``.
+ **index.try_decrypt**
+
+ When indexing an encrypted e-mail message, if this variable is
+ set to true, notmuch will try to decrypt the message and index
+ the cleartext. Be aware that the index is likely sufficient
+ to reconstruct the cleartext of the message itself, so please
+ ensure that the notmuch message index is adequately protected.
+ DO NOT USE ``index.try_decrypt=true`` without considering the
+ security of your index.
+
+ Default: ``false``.
+
**built_with.<name>**
Compile time feature <name>. Current possibilities include
diff --git a/lib/indexopts.c b/lib/indexopts.c
index cc1d6422..987d8952 100644
--- a/lib/indexopts.c
+++ b/lib/indexopts.c
@@ -23,7 +23,23 @@
notmuch_indexopts_t *
notmuch_database_get_default_indexopts (notmuch_database_t *db)
{
- return talloc_zero (db, notmuch_indexopts_t);
+ notmuch_indexopts_t *ret = talloc_zero (db, notmuch_indexopts_t);
+ if (!ret)
+ return ret;
+
+ char * try_decrypt;
+ notmuch_status_t err = notmuch_database_get_config (db, "index.try_decrypt", &try_decrypt);
+ if (err)
+ return ret;
+
+ if (try_decrypt &&
+ ((!(strcasecmp(try_decrypt, "true"))) ||
+ (!(strcasecmp(try_decrypt, "yes"))) ||
+ (!(strcasecmp(try_decrypt, "1")))))
+ notmuch_indexopts_set_try_decrypt (ret, true);
+
+ free (try_decrypt);
+ return ret;
}
notmuch_status_t
--
2.14.2
More information about the notmuch
mailing list