]> git.notmuchmail.org Git - notmuch/commit
projects / notmuch / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 29648a1) | patch
crypto: add --decrypt=nostash to avoid stashing session keys
authorDaniel Kahn Gillmor <dkg@fifthhorseman.net>
Fri, 8 Dec 2017 06:24:02 +0000 (01:24 -0500)
committerDavid Bremner <david@tethera.net>
Fri, 8 Dec 2017 12:08:47 +0000 (08:08 -0400)
commitfccebbaeef1e4b6489425afb13f419543d53d285
treeca92f729931994c2fd6f290c25092b35618cd9c9tree | snapshot
parent29648a137c5807135ab168917b4a51d5e19e51c2commit | diff
crypto: add --decrypt=nostash to avoid stashing session keys

Here's the configuration choice for people who want a cleartext index,
but don't want stashed session keys.

Interestingly, this "nostash" decryption policy is actually the same
policy that should be used by "notmuch show" and "notmuch reply",
since they never modify the index or database when they are invoked
with --decrypt.

We take advantage of this parallel to tune the behavior of those
programs so that we're not requesting session keys from GnuPG during
"show" and "reply" that we would then otherwise just throw away.
12 files changed:
completion/notmuch-completion.bash diff | blob | history
doc/man1/notmuch-config.rst diff | blob | history
doc/man1/notmuch-insert.rst diff | blob | history
doc/man1/notmuch-new.rst diff | blob | history
doc/man1/notmuch-reindex.rst diff | blob | history
lib/indexopts.c diff | blob | history
lib/notmuch.h diff | blob | history
notmuch-reply.c diff | blob | history
notmuch-show.c diff | blob | history
notmuch.c diff | blob | history
test/T357-index-decryption.sh diff | blob | history
util/crypto.c diff | blob | history
Notmuch source code