This is intended to decrease the chance of people ending up with a bunch of plaintext drafts of encrypted messages without knowing it.
The check is intentionally overcautious; I think the false positive of misplaced #secure tag is probably OK here. --- This is somewhat RFC. The regex needs to be double checked, and the variable name is not ideal. However it does solve reduce a worry I have about this code saving drafts of sensitive messages in plaintext that are effectively invisible because they are tagged deleted. emacs/notmuch-message.el | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/emacs/notmuch-message.el b/emacs/notmuch-message.el index a503296..a2b079d 100644 --- a/emacs/notmuch-message.el +++ b/emacs/notmuch-message.el @@ -80,6 +80,12 @@ postponing and resuming a message." :type '(repeat string) :group 'notmuch-send) +(defcustom notmuch-message-warn-encryption t + "Warn if the user postpones or saves a message with an mml encryption tag in it" + :type 'boolean + :group 'notmuch-send + :group 'notmuch-crypto) + (defvar notmuch-message-draft-id nil "Message-id of the most recent saved draft of this message") (make-variable-buffer-local 'notmuch-message-draft-id) @@ -140,6 +146,22 @@ Used when a new version is saved, or the message is sent." (when secure-tag (insert secure-tag "\n"))))) +(defun notmuch-message-check-encryption () + "Query user if there an mml tag that looks like it might indicate encryption. + +Returns t if there is no such tag, or the user confirms they mean +it." + (save-excursion + (message-goto-body) + (or + ;; We fine if there is no secure tag, and no #part encryption + (not (re-search-forward "<#\\(part encrypt\\|secure.*mode=.*encrypt>\\)" nil 't)) + ;; The user confirms they means it. + (yes-or-no-p "\ +This message contains mml tags that suggest it is intended to be encrypted. +Really save and index an unencrypted copy? +(Customize `notmuch-message-warn-encrypted' to avoid this warning)")))) + (defun notmuch-message-save-draft () "Save the current draft message in the notmuch database. @@ -147,6 +169,9 @@ This saves the current message in the database with tags `notmuch-message-draft-tags` (in addition to any default tags applied to newly inserted messages)." (interactive) + (when (and notmuch-message-warn-encryption + (not (notmuch-message-check-encryption)) + (error "Save aborted"))) (let (;; We need the message id as we need it for tagging. Note ;; message-make-message-id gives the id inside a "<" ">" pair, ;; but notmuch doesn't want that form, so remove them. -- 2.10.1 _______________________________________________ notmuch mailing list notmuch@notmuchmail.org https://notmuchmail.org/mailman/listinfo/notmuch