[PATCH v6 13/14] cli/insert: add --try-decrypt=(true|false)
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Tue Oct 17 12:10:07 PDT 2017
Enable override of the index.try_decrypt setting on a per-message
basis when invoking "notmuch insert".
We also update the documentation and tab completion.
---
completion/notmuch-completion.bash | 6 +++++-
doc/man1/notmuch-insert.rst | 14 ++++++++++++++
notmuch-insert.c | 14 +++++++++++---
3 files changed, 30 insertions(+), 4 deletions(-)
diff --git a/completion/notmuch-completion.bash b/completion/notmuch-completion.bash
index 17be6b8f..72a75a94 100644
--- a/completion/notmuch-completion.bash
+++ b/completion/notmuch-completion.bash
@@ -287,12 +287,16 @@ _notmuch_insert()
sed "s|^$path/||" | grep -v "\(^\|/\)\(cur\|new\|tmp\)$" ) )
return
;;
+ --try-decrypt)
+ COMPREPLY=( $( compgen -W "true false" -- "${cur}" ) )
+ return
+ ;;
esac
! $split &&
case "${cur}" in
--*)
- local options="--create-folder --folder= --keep --no-hooks ${_notmuch_shared_options}"
+ local options="--create-folder --folder= --keep --no-hooks --try-decrypt= ${_notmuch_shared_options}"
compopt -o nospace
COMPREPLY=( $(compgen -W "$options" -- ${cur}) )
return
diff --git a/doc/man1/notmuch-insert.rst b/doc/man1/notmuch-insert.rst
index f83a7385..e2bf37d0 100644
--- a/doc/man1/notmuch-insert.rst
+++ b/doc/man1/notmuch-insert.rst
@@ -50,6 +50,20 @@ Supported options for **insert** include
``--no-hooks``
Prevent hooks from being run.
+ ``--try-decrypt=(true|false)``
+
+ If true and the message is encrypted, try to decrypt the
+ message while indexing. If decryption is successful, index
+ the cleartext itself. Either way, the message is always
+ stored to disk in its original form (ciphertext). Be aware
+ that the index is likely sufficient to reconstruct the
+ cleartext of the message itself, so please ensure that the
+ notmuch message index is adequately protected. DO NOT USE
+ ``--try-decrypt=true`` without considering the security of
+ your index.
+
+ See also ``index.try_decrypt`` in **notmuch-config(1)**.
+
EXIT STATUS
===========
diff --git a/notmuch-insert.c b/notmuch-insert.c
index 32be7419..e64655cc 100644
--- a/notmuch-insert.c
+++ b/notmuch-insert.c
@@ -379,12 +379,13 @@ FAIL:
*/
static notmuch_status_t
add_file (notmuch_database_t *notmuch, const char *path, tag_op_list_t *tag_ops,
- bool synchronize_flags, bool keep)
+ bool synchronize_flags, bool keep,
+ notmuch_indexopts_t *indexopts)
{
notmuch_message_t *message;
notmuch_status_t status;
- status = notmuch_database_index_file (notmuch, path, NULL, &message);
+ status = notmuch_database_index_file (notmuch, path, indexopts, &message);
if (status == NOTMUCH_STATUS_SUCCESS) {
status = tag_op_list_apply (message, tag_ops, 0);
if (status) {
@@ -467,6 +468,7 @@ notmuch_insert_command (notmuch_config_t *config, int argc, char *argv[])
{ .opt_bool = &create_folder, .name = "create-folder" },
{ .opt_bool = &keep, .name = "keep" },
{ .opt_bool = &no_hooks, .name = "no-hooks" },
+ { .opt_inherit = notmuch_index_options },
{ .opt_inherit = notmuch_shared_options },
{ }
};
@@ -545,9 +547,15 @@ notmuch_insert_command (notmuch_config_t *config, int argc, char *argv[])
notmuch_exit_if_unmatched_db_uuid (notmuch);
+ status = notmuch_process_index_options (notmuch, config);
+ if (status != NOTMUCH_STATUS_SUCCESS) {
+ fprintf (stderr, "Error: Failed to process index options. (%s)\n",
+ notmuch_status_to_string (status));
+ return EXIT_FAILURE;
+ }
/* Index the message. */
- status = add_file (notmuch, newpath, tag_ops, synchronize_flags, keep);
+ status = add_file (notmuch, newpath, tag_ops, synchronize_flags, keep, index_options.opts);
/* Commit changes. */
close_status = notmuch_database_destroy (notmuch);
--
2.14.2
More information about the notmuch
mailing list