Allow an incoming message to be delivered while indexing the
cleartext, on a per-message basis.

This requires the secret keys for the message to be available.  For
the moment, the most functional approach is to ensure that gpg-agent
is running and knows about any secret keys that might be useful to
decrypt incoming mail.

Any additional recommendations for how to phrase the caveat for this
option are welcome.

Note: if the deprecated crypto.gpg_path is set to anything other than
"gpg", we ignore it (and print a warning on stderr, if built against
gmime < 3.0).
---
 completion/notmuch-completion.bash |  6 +++++-
 doc/man1/notmuch-insert.rst        | 14 ++++++++++++++
 notmuch-insert.c                   | 33 ++++++++++++++++++++++++++++++---
 3 files changed, 49 insertions(+), 4 deletions(-)

diff --git a/completion/notmuch-completion.bash 
b/completion/notmuch-completion.bash
index 17be6b8f..72a75a94 100644
--- a/completion/notmuch-completion.bash
+++ b/completion/notmuch-completion.bash
@@ -287,12 +287,16 @@ _notmuch_insert()
                sed "s|^$path/||" | grep -v "\(^\|/\)\(cur\|new\|tmp\)$" ) )
            return
            ;;
+       --try-decrypt)
+           COMPREPLY=( $( compgen -W "true false" -- "${cur}" ) )
+           return
+           ;;
     esac
 
     ! $split &&
     case "${cur}" in
        --*)
-           local options="--create-folder --folder= --keep --no-hooks 
${_notmuch_shared_options}"
+           local options="--create-folder --folder= --keep --no-hooks 
--try-decrypt= ${_notmuch_shared_options}"
            compopt -o nospace
            COMPREPLY=( $(compgen -W "$options" -- ${cur}) )
            return
diff --git a/doc/man1/notmuch-insert.rst b/doc/man1/notmuch-insert.rst
index f79600d6..647dac06 100644
--- a/doc/man1/notmuch-insert.rst
+++ b/doc/man1/notmuch-insert.rst
@@ -50,6 +50,20 @@ Supported options for **insert** include
     ``--no-hooks``
         Prevent hooks from being run.
 
+    ``--try-decrypt=(true|false)``
+
+        If true and the message is encrypted, try to decrypt the
+        message while indexing.  If decryption is successful, index
+        the cleartext itself.  Either way, the message is always
+        stored to disk in its original form (ciphertext).  Be aware
+        that the index is likely sufficient to reconstruct the
+        cleartext of the message itself, so please ensure that the
+        notmuch message index is adequately protected. DO NOT USE
+        ``--try-decrypt=true`` without considering the security of
+        your index.
+
+        See also ``index.try_decrypt`` in **notmuch-config(1)**.
+
 EXIT STATUS
 ===========
 
diff --git a/notmuch-insert.c b/notmuch-insert.c
index 32be7419..79f9cb7d 100644
--- a/notmuch-insert.c
+++ b/notmuch-insert.c
@@ -379,12 +379,13 @@ FAIL:
  */
 static notmuch_status_t
 add_file (notmuch_database_t *notmuch, const char *path, tag_op_list_t 
*tag_ops,
-         bool synchronize_flags, bool keep)
+         bool synchronize_flags, bool keep,
+         notmuch_indexopts_t *indexopts)
 {
     notmuch_message_t *message;
     notmuch_status_t status;
 
-    status = notmuch_database_index_file (notmuch, path, NULL, &message);
+    status = notmuch_database_index_file (notmuch, path, indexopts, &message);
     if (status == NOTMUCH_STATUS_SUCCESS) {
        status = tag_op_list_apply (message, tag_ops, 0);
        if (status) {
@@ -456,17 +457,21 @@ notmuch_insert_command (notmuch_config_t *config, int 
argc, char *argv[])
     bool create_folder = false;
     bool keep = false;
     bool no_hooks = false;
+    bool try_decrypt = false, try_decrypt_set = false;
     bool synchronize_flags;
     char *maildir;
     char *newpath;
     int opt_index;
     unsigned int i;
+    notmuch_indexopts_t *indexopts;
 
     notmuch_opt_desc_t options[] = {
        { .opt_string = &folder, .name = "folder" },
        { .opt_bool = &create_folder, .name = "create-folder" },
        { .opt_bool = &keep, .name = "keep" },
        { .opt_bool =  &no_hooks, .name = "no-hooks" },
+       { .opt_bool =  &try_decrypt, .name = "try-decrypt",
+         .present = &try_decrypt_set },
        { .opt_inherit = notmuch_shared_options },
        { }
     };
@@ -545,9 +550,31 @@ notmuch_insert_command (notmuch_config_t *config, int 
argc, char *argv[])
 
     notmuch_exit_if_unmatched_db_uuid (notmuch);
 
+    indexopts = notmuch_database_get_default_indexopts (notmuch);
+    if (!indexopts) {
+       fprintf (stderr, "Error: could not create index options.\n");
+       return EXIT_FAILURE;
+    }
+    if (try_decrypt_set) {
+       status = notmuch_indexopts_set_try_decrypt (indexopts, try_decrypt);
+       if (status != NOTMUCH_STATUS_SUCCESS) {
+           fprintf (stderr, "Error: Failed to set try_decrypt to %s. (%s)\n",
+                    try_decrypt ? "True" : "False", notmuch_status_to_string 
(status));
+           notmuch_indexopts_destroy (indexopts);
+           return EXIT_FAILURE;
+       }
+    }
+#if (GMIME_MAJOR_VERSION < 3)
+    if (notmuch_indexopts_get_try_decrypt (indexopts)) {
+       const char* gpg_path = notmuch_config_get_crypto_gpg_path (config);
+       if (gpg_path && strcmp(gpg_path, "gpg"))
+           fprintf (stderr, "Warning: deprecated crypto.gpg_path is set to 
'%s'\n"
+                    "\tbut ignoring (use $PATH instead)\n", gpg_path);
+    }
+#endif
 
     /* Index the message. */
-    status = add_file (notmuch, newpath, tag_ops, synchronize_flags, keep);
+    status = add_file (notmuch, newpath, tag_ops, synchronize_flags, keep, 
indexopts);
 
     /* Commit changes. */
     close_status = notmuch_database_destroy (notmuch);
-- 
2.14.2

_______________________________________________
notmuch mailing list
notmuch@notmuchmail.org
https://notmuchmail.org/mailman/listinfo/notmuch

Reply via email to