notmuch/test/T350-crypto.sh, branch 0.30 thread-based email index, search, and tagging https://git.notmuchmail.org/git/notmuch/atom?h=0.30 2019-05-26T11:20:23Z cli/show: emit new whole-message crypto status output 2019-05-26T11:20:23Z Daniel Kahn Gillmor dkg@fifthhorseman.net 2019-05-25T18:04:06Z urn:sha1:4cb789aa090fb6ba3c7897584ecbcc0a547b2f81 This allows MUAs that don't want to think about per-mime-part cryptographic status to have a simple high-level overview of the message's cryptographic state. Sensibly structured encrypted and/or signed messages will work fine with this. The only requirement for the simplest encryption + signing is that the message have all of its encryption and signing protection (the "cryptographic envelope") in a contiguous set of MIME layers at the very outside of the message itself. This is because messages with some subparts signed or encrypted, but with other subparts with no cryptographic protection is very difficult to reason about, and even harder for the user to make sense of or work with. For further characterization of the Cryptographic Envelope and some of the usability tradeoffs, see here: https://dkg.fifthhorseman.net/blog/e-mail-cryptography.html#cryptographic-envelope test/crypto: add_gnupg_home should have ultimate trust on "its own" key 2019-05-07T09:42:21Z Daniel Kahn Gillmor dkg@fifthhorseman.net 2019-05-04T21:33:28Z urn:sha1:7d48604157477054624d010fca496f7eb0d1168b The typical use case for gpg is that if you control a secret key, you mark it with "ultimate" ownertrust. The opaque --import-ownertrust mechanism is GnuPG's standard mechanism to set up ultimate ownertrust (the ":6:" means "ultimate", for whatever reason). We adjust the test suite to match this change, inverting the sense of one test: since the default is now that the user ID of the suite's own key is valid, we change the test to make sure that the user ID is not emitted when it is *not* valid. Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net> test: simplify user ID handling 2019-05-07T09:42:11Z Daniel Kahn Gillmor dkg@fifthhorseman.net 2019-05-04T21:33:27Z urn:sha1:93e699e5c86bb93b2992f4ab3a15680824b7ee2d The user ID on the self-test is a little bit clunky-looking. It also may end up showing up elsewhere in the test suite. Centralizing the user ID in one place should make it easier to handle if it ever changes, and should make tests easier to read. Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net> test/crypto: clarify the difference between ownertrust and validity 2019-05-07T09:42:01Z Daniel Kahn Gillmor dkg@fifthhorseman.net 2019-05-04T21:33:26Z urn:sha1:9f05ceb994d1d674cf2f433f0d794b671fef38ec This is a subtle difference, but the output of notmuch shouldn't ever change based on ownertrust itself -- notmuch is intended to show valid User IDs, and to avoid showing invalid User IDs. It so happens that setting ownertrust of a key to ultimate sets all associated user IDs to "full" validity, so the test is correct, but just misnamed. Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net> gmime-cleanup: tests should only care about gmime 3 2019-05-03T09:55:44Z Daniel Kahn Gillmor dkg@fifthhorseman.net 2019-05-02T13:19:38Z urn:sha1:652baa6fe6a93e401463e17a4ce6577efd3f7fea note that "notmuch-show for message with invalid From" is still broken in T310-emacs.sh. It would be good to debug what's going on there and try to get it fixed! signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net> crypto: Avoid pretending to verify signatures on unsigned encrypted mail 2019-04-26T11:03:15Z Daniel Kahn Gillmor dkg@fifthhorseman.net 2019-04-20T17:02:57Z urn:sha1:afb0b11dcd08aa9091be1d89e1c2a9fe6b0e11f0 Unsigned encrypted mail shows up with a weird empty signature list. If we successfully decrypted and there was no signature in it, we should just not show a sigstatus at all. The documentation for g_mime_decrypt_result_get_signatures says: a GMimeSignatureList or NULL if the stream was not signed. tests: move FINGERPRINT definition to add_gnupg_home 2019-04-24T10:16:46Z Daniel Kahn Gillmor dkg@fifthhorseman.net 2019-04-20T17:40:39Z urn:sha1:22ec4a36e60052b7de70a7b88df212ccaf249374 If a test has added a GnuPG homedir, it may well want to know the fingerprint. This saves us from having to redefine this magic string in multiple places when more tests eventually use the GnuPG homedir. reply: Include sender as recipient if they were the original recipient 2018-12-07T12:03:50Z David Edmondson dme@dme.org 2018-10-01T16:50:47Z urn:sha1:576cff7654a4c3e0c94498977ce7b28ce8f00251 When generating a reply message, if the user was the originator and only recipient of the original message, include the user as a recipient of the reply. cli/reply: make --decrypt take a keyword 2017-12-29T20:45:55Z Daniel Kahn Gillmor dkg@fifthhorseman.net 2017-12-19T16:40:55Z urn:sha1:af8255fb7159652a7d4e1fe4f1398302e1746cce This brings the --decrypt argument to "notmuch reply" into line with the other --decrypt arguments (in "show", "new", "insert", and "reindex"). This patch is really just about bringing consistency to the user interface. We also use the recommended form in the emacs MUA when replying, and update test T350 to match. cli/show: make --decrypt take a keyword. 2017-12-29T20:45:46Z Daniel Kahn Gillmor dkg@fifthhorseman.net 2017-12-19T16:40:54Z urn:sha1:8ea4a99d74737929f58568505e41c94f65a14743 We also expand tab completion for it, update the emacs bindings, and update T350, T357, and T450 to match. Make use of the bool-to-keyword backward-compatibility feature.