Return-Path: X-Original-To: notmuch@notmuchmail.org Delivered-To: notmuch@notmuchmail.org Received: from localhost (localhost [127.0.0.1]) by olra.theworths.org (Postfix) with ESMTP id 00112431FB6 for ; Wed, 27 Feb 2013 14:47:02 -0800 (PST) X-Virus-Scanned: Debian amavisd-new at olra.theworths.org X-Spam-Flag: NO X-Spam-Score: -0.7 X-Spam-Level: X-Spam-Status: No, score=-0.7 tagged_above=-999 required=5 tests=[RCVD_IN_DNSWL_LOW=-0.7] autolearn=disabled Received: from olra.theworths.org ([127.0.0.1]) by localhost (olra.theworths.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JiUv9yo+dElF for ; Wed, 27 Feb 2013 14:47:01 -0800 (PST) Received: from mail-la0-f54.google.com (mail-la0-f54.google.com [209.85.215.54]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by olra.theworths.org (Postfix) with ESMTPS id 322FE431FAF for ; Wed, 27 Feb 2013 14:47:01 -0800 (PST) Received: by mail-la0-f54.google.com with SMTP id gw10so1120191lab.41 for ; Wed, 27 Feb 2013 14:46:58 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-received:from:to:subject:in-reply-to:references:user-agent:date :message-id:mime-version:content-type:x-gm-message-state; bh=TtxRpLLI0G9/5YcgxVx8R/HW2eJdwnhhrEjL+pw1W0A=; b=nzaJvkujXGEHYMk+U9Ync4EQsu4TaEoAulOkr+QOYlT1C/jMl2uVVfTC1UOFVhXAj4 fspAwpbSFFtzeZPzeWya7p7pxOe6bcVrc8LmwSKqwNysQVAPF8xEDFXZXF5LmOTtHaDU keKfKVcaNTQjRknEdhsHK1zovlUz62oNzxieNZTl23kAj8m5huJwXI86v0sZo3IOuhp0 mvhFP3L8wqqPB2TPQWBAYfKmIPLcc810khVbfhBvKhqrAqZ3zYglRGDXZF5ugD4R6Xdt DyMb4N1tTlXLlPG1l2y3OhrdycDMDJH4zToLxBFDm3eSfy/G503FE9/TiGNfHqIXPba0 Q69w== X-Received: by 10.112.99.65 with SMTP id eo1mr2832659lbb.78.1362005218272; Wed, 27 Feb 2013 14:46:58 -0800 (PST) Received: from localhost (dsl-hkibrasgw4-50df51-27.dhcp.inet.fi. [80.223.81.27]) by mx.google.com with ESMTPS id m1sm2257361lbh.5.2013.02.27.14.46.55 (version=TLSv1.2 cipher=RC4-SHA bits=128/128); Wed, 27 Feb 2013 14:46:56 -0800 (PST) From: Jani Nikula To: Jameson Graef Rollins , David Bremner , notmuch@notmuchmail.org Subject: Re: [PATCH] cli: crypto: tell gmime to use gpg-agent In-Reply-To: <87ehg1pt2u.fsf@servo.finestructure.net> References: <1361950838-22919-1-git-send-email-jani@nikula.org> <87hakxpwcu.fsf@servo.finestructure.net> <87r4k1znor.fsf@maritornes.cs.unb.ca> <87ehg1pt2u.fsf@servo.finestructure.net> User-Agent: Notmuch/0.15.2+33~g98253a3 (http://notmuchmail.org) Emacs/24.2.1 (x86_64-pc-linux-gnu) Date: Thu, 28 Feb 2013 00:46:57 +0200 Message-ID: <87txoxwf1a.fsf@nikula.org> MIME-Version: 1.0 Content-Type: text/plain X-Gm-Message-State: ALoCoQl0zU3bUvTwwtY86o+YFcwdcMpqIB3Pp3XWqyayvrAjDYaD6B1AXitf8jLZldAeUfAHznUF X-BeenThere: notmuch@notmuchmail.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: "Use and development of the notmuch mail system." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 Feb 2013 22:47:03 -0000 On Wed, 27 Feb 2013, Jameson Graef Rollins wrote: > On Wed, Feb 27 2013, David Bremner wrote: >> But right now we force people to enable the agent globally via use-agent >> if they want to decrypt mail in notmuch-cli/emacs. The proposed change >> allows them to use the agent only for notmuch. > > Doesn't the proposed change actually *force* the user to use gpg-agent? > How can the user opt out? If the user wants to have decryption in notmuch, the user *must* use gpg-agent, regardless of this change or the "use-agent" configuration option. There is no opt out if one wants to have decryption in notmuch, regardless of this change. The proposed change gives the user the possibility to opt out of *globally* using gpg-agent for everything, and still have decryption in notmuch. The proposed change merely passes the --use-agent option to gpg. It does not *force* anything. It tells gpg to *try* to connect to the gpg-agent before it asks for a passphrase. (Except that notmuch will never ask for a passphrase. It will fail if it can't connect to the gpg-agent. Without --use-agent or "use-agent" option it will unconditionally fail.) When I use gpg on the command line, I want it to prompt for the passphrase on the command line instead of popping up a gpg-agent dialog. I don't think that is unreasonable. To achieve that I have disabled the "use-agent" configuration option. Without the proposed change, if I still wanted to have this *and* decryption in notmuch, I would have to pass --no-use-agent on the gpg command line. I think that *is* unreasonable. >> I don't think we should directly care about the presence of an X session >> or not; the agent protocol doesn't depend on how the agent was started >> afaik. > > Maybe, but I would like some example of what happens if you force usage > of an agent and the agent is not present or there is no X session. There is no force anything. It tries to connect to the agent, and if one is not present, decryption fails like it would have failed without this change. Finally, look up the references I provided. The whole function in gmime was provided *exactly* for situations like we have: the caller will fail without the agent, so have a tiny bit of sanity and see if it's there before failing. BR, Jani.