By default, notmuch won't try to decrypt on indexing. With this patch, we make it possible to indicate a per-database preference using the config variable "index.try_decrypt", which by default will be false. --- doc/man1/notmuch-config.rst | 12 ++++++++++++ lib/indexopts.c | 18 +++++++++++++++++- 2 files changed, 29 insertions(+), 1 deletion(-) diff --git a/doc/man1/notmuch-config.rst b/doc/man1/notmuch-config.rst index 6a51e64f..6f35d127 100644 --- a/doc/man1/notmuch-config.rst +++ b/doc/man1/notmuch-config.rst @@ -134,6 +134,18 @@ The available configuration items are described below. Default: ``gpg``. + **index.try_decrypt** + + When indexing an encrypted e-mail message, if this variable is + set to true, notmuch will try to decrypt the message and index + the cleartext. Be aware that the index is likely sufficient + to reconstruct the cleartext of the message itself, so please + ensure that the notmuch message index is adequately protected. + DO NOT USE ``index.try_decrypt=true`` without considering the + security of your index. + + Default: ``false``. + **built_with.<name>** Compile time feature <name>. Current possibilities include diff --git a/lib/indexopts.c b/lib/indexopts.c index cc1d6422..987d8952 100644 --- a/lib/indexopts.c +++ b/lib/indexopts.c @@ -23,7 +23,23 @@ notmuch_indexopts_t * notmuch_database_get_default_indexopts (notmuch_database_t *db) { - return talloc_zero (db, notmuch_indexopts_t); + notmuch_indexopts_t *ret = talloc_zero (db, notmuch_indexopts_t); + if (!ret) + return ret; + + char * try_decrypt; + notmuch_status_t err = notmuch_database_get_config (db, "index.try_decrypt", &try_decrypt); + if (err) + return ret; + + if (try_decrypt && + ((!(strcasecmp(try_decrypt, "true"))) || + (!(strcasecmp(try_decrypt, "yes"))) || + (!(strcasecmp(try_decrypt, "1"))))) + notmuch_indexopts_set_try_decrypt (ret, true); + + free (try_decrypt); + return ret; } notmuch_status_t -- 2.14.2 _______________________________________________ notmuch mailing list notmuch@notmuchmail.org https://notmuchmail.org/mailman/listinfo/notmuch