COMPREPLY=( $( compgen -W "text json sexp mbox raw" -- "${cur}" ) )
return
;;
- --exclude|--body|--decrypt)
+ --exclude|--body)
COMPREPLY=( $( compgen -W "true false" -- "${cur}" ) )
return
;;
+ --decrypt)
+ COMPREPLY=( $( compgen -W "true auto false" -- "${cur}" ) )
+ return
+ ;;
esac
! $split &&
supported with --format=json and --format=sexp), and the
multipart/signed part will be replaced by the signed data.
- ``--decrypt``
- Decrypt any MIME encrypted parts found in the selected content
- (ie. "multipart/encrypted" parts). Status of the decryption will
- be reported (currently only supported with --format=json and
- --format=sexp) and on successful decryption the
- multipart/encrypted part will be replaced by the decrypted
- content.
-
- If a session key is already known for the message, then it
- will be decrypted automatically unless the user explicitly
- sets ``--decrypt=false``.
-
- Decryption expects a functioning **gpg-agent(1)** to provide any
- needed credentials. Without one, the decryption will fail.
-
- Implies --verify.
+ ``--decrypt=(false|auto|true)``
+ If ``true``, decrypt any MIME encrypted parts found in the
+ selected content (i.e. "multipart/encrypted" parts). Status of
+ the decryption will be reported (currently only supported
+ with --format=json and --format=sexp) and on successful
+ decryption the multipart/encrypted part will be replaced by
+ the decrypted content.
+
+ If ``auto``, and a session key is already known for the
+ message, then it will be decrypted, but notmuch will not try
+ to access the user's keys.
+
+ Use ``false`` to avoid even automatic decryption.
+
+ Non-automatic decryption expects a functioning
+ **gpg-agent(1)** to provide any needed credentials. Without
+ one, the decryption will fail.
+
+ Note: ``true`` implies --verify.
+
+ Default: ``auto``
``--exclude=(true|false)``
Specify whether to omit threads only matching
(set-buffer-multibyte nil))
(let ((args `("show" "--format=raw"
,(format "--part=%s" (plist-get part :id))
- ,@(when process-crypto '("--decrypt"))
+ ,@(when process-crypto '("--decrypt=true"))
,(notmuch-id-to-query (plist-get msg :id))))
(coding-system-for-read
(if binaryp 'no-conversion
"
(let ((args '("show" "--format=sexp" "--format-version=4")))
(if notmuch-show-process-crypto
- (setq args (append args '("--decrypt"))))
+ (setq args (append args '("--decrypt=true"))))
(setq args (append args search-terms))
(apply #'notmuch-call-notmuch-sexp args)))
bool exclude = true;
bool entire_thread_set = false;
bool single_message;
- bool decrypt = false;
- bool decrypt_set = false;
notmuch_opt_desc_t options[] = {
{ .opt_keyword = &format, .name = "format", .keywords =
{ .opt_bool = ¶ms.entire_thread, .name = "entire-thread",
.present = &entire_thread_set },
{ .opt_int = ¶ms.part, .name = "part" },
- { .opt_bool = &decrypt, .name = "decrypt", .present = &decrypt_set },
+ { .opt_keyword = (int*)(¶ms.crypto.decrypt), .name = "decrypt",
+ .keyword_no_arg_value = "true", .keywords =
+ (notmuch_keyword_t []){ { "false", NOTMUCH_DECRYPT_FALSE },
+ { "auto", NOTMUCH_DECRYPT_AUTO },
+ { "true", NOTMUCH_DECRYPT_NOSTASH },
+ { 0, 0 } } },
{ .opt_bool = ¶ms.crypto.verify, .name = "verify" },
{ .opt_bool = ¶ms.output_body, .name = "body" },
{ .opt_bool = ¶ms.include_html, .name = "include-html" },
notmuch_process_shared_options (argv[0]);
- if (decrypt_set) {
- if (decrypt) {
- /* we do not need or want to ask for session keys */
- params.crypto.decrypt = NOTMUCH_DECRYPT_NOSTASH;
- /* decryption implies verification */
- params.crypto.verify = true;
- } else {
- params.crypto.decrypt = NOTMUCH_DECRYPT_FALSE;
- }
- }
+ /* explicit decryption implies verification */
+ if (params.crypto.decrypt == NOTMUCH_DECRYPT_NOSTASH)
+ params.crypto.verify = true;
/* specifying a part implies single message display */
single_message = params.part >= 0;
test_expect_equal "$output" "thread:XXX 2000-01-01 [1/1] Notmuch Test Suite; test encrypted message 001 (encrypted inbox)"
test_begin_subtest "decryption, --format=text"
-output=$(notmuch show --format=text --decrypt subject:"test encrypted message 001" \
+output=$(notmuch show --format=text --decrypt=true subject:"test encrypted message 001" \
| notmuch_show_sanitize_all \
| sed -e 's|"created": [1234567890]*|"created": 946728000|')
expected='\fmessage{ id:XXXXX depth:0 match:1 excluded:0 filename:XXXXX
"$expected"
test_begin_subtest "decryption, --format=json"
-output=$(notmuch show --format=json --decrypt subject:"test encrypted message 001" \
+output=$(notmuch show --format=json --decrypt=true subject:"test encrypted message 001" \
| notmuch_json_show_sanitize \
| sed -e 's|"created": [1234567890]*|"created": 946728000|')
expected='[[[{"id": "XXXXX",
"$expected"
test_begin_subtest "decryption, --format=json, --part=4"
-output=$(notmuch show --format=json --part=4 --decrypt subject:"test encrypted message 001" \
+output=$(notmuch show --format=json --part=4 --decrypt=true subject:"test encrypted message 001" \
| notmuch_json_show_sanitize \
| sed -e 's|"created": [1234567890]*|"created": 946728000|')
expected='{"id": 4,
notmuch show \
--format=raw \
--part=5 \
- --decrypt \
+ --decrypt=true \
subject:"test encrypted message 001" >OUTPUT
test_expect_equal_file TESTATTACHMENT OUTPUT
test_begin_subtest "decryption failure with missing key"
mv "${GNUPGHOME}"{,.bak}
-output=$(notmuch show --format=json --decrypt subject:"test encrypted message 001" \
+output=$(notmuch show --format=json --decrypt=true subject:"test encrypted message 001" \
| notmuch_json_show_sanitize \
| sed -e 's|"created": [1234567890]*|"created": 946728000|')
expected='[[[{"id": "XXXXX",
test_begin_subtest "decryption + signature verification"
test_subtest_broken_gmime_2
-output=$(notmuch show --format=json --decrypt subject:"test encrypted message 002" \
+output=$(notmuch show --format=json --decrypt=true subject:"test encrypted message 002" \
| notmuch_json_show_sanitize \
| sed -e 's|"created": [1234567890]*|"created": 946728000|')
expected='[[[{"id": "XXXXX",
"$output" \
"$expected"
-test_begin_subtest "show one of the messages with --decrypt"
-output=$(notmuch show --decrypt thread:0000000000000001 | awk '/^\014part}/{ f=0 }; { if (f) { print $0 } } /^\014part{ ID: 3/{ f=1 }')
+test_begin_subtest "show one of the messages with --decrypt=true"
+output=$(notmuch show --decrypt=true thread:0000000000000001 | awk '/^\014part}/{ f=0 }; { if (f) { print $0 } } /^\014part{ ID: 3/{ f=1 }')
expected='This is a test encrypted message with a wumpus.'
test_expect_equal \
"$output" \
"$expected"
-test_begin_subtest "Ensure that we cannot show the message without --decrypt"
+test_begin_subtest "Ensure that we cannot show the message with --decrypt=auto"
output=$(notmuch show thread:0000000000000001 | awk '/^\014part}/{ f=0 }; { if (f) { print $0 } } /^\014part{ ID: 3/{ f=1 }')
expected='Non-text part: application/octet-stream'
test_expect_equal \
=== ERROR ===
[XXX]
This is an error
-command: YYY/notmuch_fail show --format\\=sexp --format-version\\=4 --decrypt --exclude\\=false \\' \\* \\'
+command: YYY/notmuch_fail show --format\\=sexp --format-version\\=4 --decrypt\\=true --exclude\\=false \\' \\* \\'
exit status: 1
stderr:
This is an error
projects / notmuch / commitdiff