Now that we can decrypt headers, we want to make sure that clients using "notmuch reply" to prepare a reply don't leak cleartext in their subject lines. In particular, the ["reply-headers"]["Subject"] should by default show the external Subject. --- test/T356-protected-headers.sh | 7 +++++++ 1 file changed, 7 insertions(+)
diff --git a/test/T356-protected-headers.sh b/test/T356-protected-headers.sh index 67d2e0cb..687681ff 100755 --- a/test/T356-protected-headers.sh +++ b/test/T356-protected-headers.sh @@ -78,4 +78,11 @@ output=$(notmuch show --verify --format=json id:signed-protected-header@crypto.n test_json_nodes <<<"$output" \ 'crypto:[0][0][0]["crypto"]={"signed": {"status": [{"created": 1525350527, "fingerprint": "5AEAB11F5E33DCE875DDB75B6D92612D94E46381", "status": "good"}], "headers": ["Subject"]}}' +test_begin_subtest "protected subject does not leak by default in replies" +output=$(notmuch reply --decrypt=true --format=json id:protected-hea...@crypto.notmuchmail.org) +test_json_nodes <<<"$output" \ + 'crypto:["original"]["crypto"]={"decrypted": {"status": "full", "masked-headers": {"Subject": "encrypted message"}}}' \ + 'subject:["original"]["headers"]["Subject"]="This is a protected header"' \ + 'reply-subject:["reply-headers"]["Subject"]="Re: encrypted message"' + test_done -- 2.17.0 _______________________________________________ notmuch mailing list notmuch@notmuchmail.org https://notmuchmail.org/mailman/listinfo/notmuch