Mirrors/chatmail-core
1
0
Fork 0
mirror of https://github.com/chatmail/core.git synced 2026-05-07 08:56:30 +03:00
Code Issues Packages Projects Releases Wiki Activity

protect against attackers dropping the protect-this-chat message by not showing unprotected messages directly; this is done by checking the Chat-Verified flag on each incoming message. moreover, make sure, the flag is signed+encrypted (it must be read from the protected headers).

Browse Source
This commit is contained in:
B. Petersen
2020-10-06 15:19:58 +02:00
parent f144426bf5
commit 45dae1ff0c
2 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/dc_receive_imf.rs
View File

@@ -1679,6 +1679,11 @@ async fn check_verified_properties(
ensure!(mimeparser.was_encrypted(), "This message is not encrypted."); ensure!(mimeparser.was_encrypted(), "This message is not encrypted.");
ensure!(
mimeparser.get(HeaderDef::ChatVerified).is_some(),
"Sender did not mark the message as protected."
);
// ensure, the contact is verified // ensure, the contact is verified
// and the message is signed with a verified key of the sender. // and the message is signed with a verified key of the sender.
// this check is skipped for SELF as there is no proper SELF-peerstate // this check is skipped for SELF as there is no proper SELF-peerstate

1
src/mimeparser.rs
View File

@@ -127,6 +127,7 @@ impl MimeMessage {
// remove headers that are allowed _only_ in the encrypted part // remove headers that are allowed _only_ in the encrypted part
headers.remove("secure-join-fingerprint"); headers.remove("secure-join-fingerprint");
headers.remove("chat-verified");
// Memory location for a possible decrypted message. // Memory location for a possible decrypted message.
let mail_raw; let mail_raw;