Enable override of the index.try_decrypt setting on a per-message basis when invoking "notmuch insert".
We also update the documentation and tab completion. --- completion/notmuch-completion.bash | 6 +++++- doc/man1/notmuch-insert.rst | 14 ++++++++++++++ notmuch-insert.c | 14 +++++++++++--- 3 files changed, 30 insertions(+), 4 deletions(-) diff --git a/completion/notmuch-completion.bash b/completion/notmuch-completion.bash index 17be6b8f..72a75a94 100644 --- a/completion/notmuch-completion.bash +++ b/completion/notmuch-completion.bash @@ -287,12 +287,16 @@ _notmuch_insert() sed "s|^$path/||" | grep -v "\(^\|/\)\(cur\|new\|tmp\)$" ) ) return ;; + --try-decrypt) + COMPREPLY=( $( compgen -W "true false" -- "${cur}" ) ) + return + ;; esac ! $split && case "${cur}" in --*) - local options="--create-folder --folder= --keep --no-hooks ${_notmuch_shared_options}" + local options="--create-folder --folder= --keep --no-hooks --try-decrypt= ${_notmuch_shared_options}" compopt -o nospace COMPREPLY=( $(compgen -W "$options" -- ${cur}) ) return diff --git a/doc/man1/notmuch-insert.rst b/doc/man1/notmuch-insert.rst index f83a7385..e2bf37d0 100644 --- a/doc/man1/notmuch-insert.rst +++ b/doc/man1/notmuch-insert.rst @@ -50,6 +50,20 @@ Supported options for **insert** include ``--no-hooks`` Prevent hooks from being run. + ``--try-decrypt=(true|false)`` + + If true and the message is encrypted, try to decrypt the + message while indexing. If decryption is successful, index + the cleartext itself. Either way, the message is always + stored to disk in its original form (ciphertext). Be aware + that the index is likely sufficient to reconstruct the + cleartext of the message itself, so please ensure that the + notmuch message index is adequately protected. DO NOT USE + ``--try-decrypt=true`` without considering the security of + your index. + + See also ``index.try_decrypt`` in **notmuch-config(1)**. + EXIT STATUS =========== diff --git a/notmuch-insert.c b/notmuch-insert.c index 32be7419..e64655cc 100644 --- a/notmuch-insert.c +++ b/notmuch-insert.c @@ -379,12 +379,13 @@ FAIL: */ static notmuch_status_t add_file (notmuch_database_t *notmuch, const char *path, tag_op_list_t *tag_ops, - bool synchronize_flags, bool keep) + bool synchronize_flags, bool keep, + notmuch_indexopts_t *indexopts) { notmuch_message_t *message; notmuch_status_t status; - status = notmuch_database_index_file (notmuch, path, NULL, &message); + status = notmuch_database_index_file (notmuch, path, indexopts, &message); if (status == NOTMUCH_STATUS_SUCCESS) { status = tag_op_list_apply (message, tag_ops, 0); if (status) { @@ -467,6 +468,7 @@ notmuch_insert_command (notmuch_config_t *config, int argc, char *argv[]) { .opt_bool = &create_folder, .name = "create-folder" }, { .opt_bool = &keep, .name = "keep" }, { .opt_bool = &no_hooks, .name = "no-hooks" }, + { .opt_inherit = notmuch_index_options }, { .opt_inherit = notmuch_shared_options }, { } }; @@ -545,9 +547,15 @@ notmuch_insert_command (notmuch_config_t *config, int argc, char *argv[]) notmuch_exit_if_unmatched_db_uuid (notmuch); + status = notmuch_process_index_options (notmuch, config); + if (status != NOTMUCH_STATUS_SUCCESS) { + fprintf (stderr, "Error: Failed to process index options. (%s)\n", + notmuch_status_to_string (status)); + return EXIT_FAILURE; + } /* Index the message. */ - status = add_file (notmuch, newpath, tag_ops, synchronize_flags, keep); + status = add_file (notmuch, newpath, tag_ops, synchronize_flags, keep, index_options.opts); /* Commit changes. */ close_status = notmuch_database_destroy (notmuch); -- 2.14.2 _______________________________________________ notmuch mailing list notmuch@notmuchmail.org https://notmuchmail.org/mailman/listinfo/notmuch