sp->map_key (sp, "expires");
sp->integer (sp, expires);
}
- /* output user id only if validity is FULL or ULTIMATE. */
- /* note that gmime is using the term "trust" here, which
- * is WRONG. It's actually user id "validity". */
if (certificate) {
- const char *name = g_mime_certificate_get_uid (certificate);
- GMimeCertificateTrust trust = g_mime_certificate_get_trust (certificate);
- if (name && (trust == GMIME_CERTIFICATE_TRUST_FULLY || trust == GMIME_CERTIFICATE_TRUST_ULTIMATE)) {
+ const char *uid = g_mime_certificate_get_valid_userid (certificate);
+ if (uid) {
sp->map_key (sp, "userid");
- sp->string (sp, name);
+ sp->string (sp, uid);
}
}
} else if (certificate) {
void *local = talloc_new (ctx);
mime_node_t *root, *part;
notmuch_status_t status;
+ unsigned int session_keys = 0;
+ notmuch_status_t session_key_count_error = NOTMUCH_STATUS_SUCCESS;
+
+ if (params->crypto.decrypt == NOTMUCH_DECRYPT_TRUE)
+ session_key_count_error = notmuch_message_count_properties (message, "session-key", &session_keys);
status = mime_node_open (local, message, &(params->crypto), &root);
if (status)
part = mime_node_seek_dfs (root, (params->part < 0 ? 0 : params->part));
if (part)
status = format->part (local, sp, part, indent, params);
+#if HAVE_GMIME_SESSION_KEYS
+ if (params->crypto.decrypt == NOTMUCH_DECRYPT_TRUE && session_key_count_error == NOTMUCH_STATUS_SUCCESS) {
+ unsigned int new_session_keys = 0;
+ if (notmuch_message_count_properties (message, "session-key", &new_session_keys) == NOTMUCH_STATUS_SUCCESS &&
+ new_session_keys > session_keys) {
+ /* try a quiet re-indexing */
+ notmuch_indexopts_t *indexopts = notmuch_database_get_default_indexopts (notmuch_message_get_database (message));
+ if (indexopts) {
+ notmuch_indexopts_set_decrypt_policy (indexopts, NOTMUCH_DECRYPT_AUTO);
+ print_status_message ("Error re-indexing message with --decrypt=stash",
+ message, notmuch_message_reindex (message, indexopts));
+ }
+ }
+ }
+#endif
DONE:
talloc_free (local);
return status;
bool exclude = true;
bool entire_thread_set = false;
bool single_message;
- bool decrypt = false;
- bool decrypt_set = false;
notmuch_opt_desc_t options[] = {
{ .opt_keyword = &format, .name = "format", .keywords =
{ .opt_bool = ¶ms.entire_thread, .name = "entire-thread",
.present = &entire_thread_set },
{ .opt_int = ¶ms.part, .name = "part" },
- { .opt_bool = &decrypt, .name = "decrypt", .present = &decrypt_set },
+ { .opt_keyword = (int*)(¶ms.crypto.decrypt), .name = "decrypt",
+ .keyword_no_arg_value = "true", .keywords =
+ (notmuch_keyword_t []){ { "false", NOTMUCH_DECRYPT_FALSE },
+ { "auto", NOTMUCH_DECRYPT_AUTO },
+ { "true", NOTMUCH_DECRYPT_NOSTASH },
+ { "stash", NOTMUCH_DECRYPT_TRUE },
+ { 0, 0 } } },
{ .opt_bool = ¶ms.crypto.verify, .name = "verify" },
{ .opt_bool = ¶ms.output_body, .name = "body" },
{ .opt_bool = ¶ms.include_html, .name = "include-html" },
notmuch_process_shared_options (argv[0]);
- if (decrypt_set) {
- if (decrypt) {
- params.crypto.decrypt = NOTMUCH_DECRYPT_TRUE;
- /* decryption implies verification */
- params.crypto.verify = true;
- } else {
- params.crypto.decrypt = NOTMUCH_DECRYPT_FALSE;
- }
- }
+ /* explicit decryption implies verification */
+ if (params.crypto.decrypt == NOTMUCH_DECRYPT_NOSTASH ||
+ params.crypto.decrypt == NOTMUCH_DECRYPT_TRUE)
+ params.crypto.verify = true;
/* specifying a part implies single message display */
single_message = params.part >= 0;
params.crypto.gpgpath = notmuch_config_get_crypto_gpg_path (config);
#endif
+ notmuch_database_mode_t mode = NOTMUCH_DATABASE_MODE_READ_ONLY;
+ if (params.crypto.decrypt == NOTMUCH_DECRYPT_TRUE)
+ mode = NOTMUCH_DATABASE_MODE_READ_WRITE;
if (notmuch_database_open (notmuch_config_get_database_path (config),
- NOTMUCH_DATABASE_MODE_READ_ONLY, ¬much))
+ mode, ¬much))
return EXIT_FAILURE;
notmuch_exit_if_unmatched_db_uuid (notmuch);