diff options
| -rw-r--r-- | doc/man1/notmuch-config.rst | 13 | ||||
| -rw-r--r-- | doc/man7/notmuch-properties.rst | 6 | ||||
| -rw-r--r-- | lib/indexopts.c | 18 | ||||
| -rw-r--r-- | notmuch-config.c | 6 |
4 files changed, 40 insertions, 3 deletions
diff --git a/doc/man1/notmuch-config.rst b/doc/man1/notmuch-config.rst index 539199c2..6961737f 100644 --- a/doc/man1/notmuch-config.rst +++ b/doc/man1/notmuch-config.rst @@ -138,6 +138,19 @@ The available configuration items are described below. Default: ``gpg``. + **index.try_decrypt** + + **[STORED IN DATABASE]** + When indexing an encrypted e-mail message, if this variable is + set to true, notmuch will try to decrypt the message and index + the cleartext. Be aware that the index is likely sufficient + to reconstruct the cleartext of the message itself, so please + ensure that the notmuch message index is adequately protected. + DO NOT USE ``index.try_decrypt=true`` without considering the + security of your index. + + Default: ``false``. + **built_with.<name>** Compile time feature <name>. Current possibilities include diff --git a/doc/man7/notmuch-properties.rst b/doc/man7/notmuch-properties.rst index 4b47e8d7..68121359 100644 --- a/doc/man7/notmuch-properties.rst +++ b/doc/man7/notmuch-properties.rst @@ -70,13 +70,15 @@ of its normal activity. properties will be set on the message as a whole. If notmuch never tried to decrypt an encrypted message during - indexing (which is the default), then this property will not be - set on that message. + indexing (which is the default, see ``index.try_decrypt`` in + **notmuch-config(1)**), then this property will not be set on that + message. SEE ALSO ======== **notmuch(1)**, +**notmuch-config(1)**, **notmuch-dump(1)**, **notmuch-insert(1)**, **notmuch-new(1)**, diff --git a/lib/indexopts.c b/lib/indexopts.c index 51b56dd7..15c31d24 100644 --- a/lib/indexopts.c +++ b/lib/indexopts.c @@ -23,7 +23,23 @@ notmuch_indexopts_t * notmuch_database_get_default_indexopts (notmuch_database_t *db) { - return talloc_zero (db, notmuch_indexopts_t); + notmuch_indexopts_t *ret = talloc_zero (db, notmuch_indexopts_t); + if (!ret) + return ret; + + char * try_decrypt; + notmuch_status_t err = notmuch_database_get_config (db, "index.try_decrypt", &try_decrypt); + if (err) + return ret; + + if (try_decrypt && + ((!(strcasecmp(try_decrypt, "true"))) || + (!(strcasecmp(try_decrypt, "yes"))) || + (!(strcasecmp(try_decrypt, "1"))))) + notmuch_indexopts_set_try_decrypt (ret, true); + + free (try_decrypt); + return ret; } notmuch_status_t diff --git a/notmuch-config.c b/notmuch-config.c index 74668718..1cba2661 100644 --- a/notmuch-config.c +++ b/notmuch-config.c @@ -812,8 +812,14 @@ _item_split (char *item, char **group, char **key) static bool _stored_in_db (const char *item) { + const char * db_configs[] = { + "index.try_decrypt", + }; if (STRNCMP_LITERAL (item, "query.") == 0) return true; + for (size_t i = 0; i < ARRAY_SIZE (db_configs); i++) + if (strcmp (item, db_configs[i]) == 0) + return true; return false; } |