fix: Don't treat forged outgoing messages as Autocrypt-encrypted

This commit is contained in:
iequidoo
2024-02-10 13:55:51 -03:00
committed by link2xt
parent f0be7daae9
commit 6cee295a5d
4 changed files with 67 additions and 4 deletions

View File

@@ -12,7 +12,7 @@ use crate::authres::{self, DkimResults};
use crate::contact::addr_cmp;
use crate::context::Context;
use crate::headerdef::{HeaderDef, HeaderDefMap};
use crate::key::{DcKey, Fingerprint, SignedPublicKey, SignedSecretKey};
use crate::key::{self, DcKey, Fingerprint, SignedPublicKey, SignedSecretKey};
use crate::peerstate::Peerstate;
use crate::pgp;
@@ -264,16 +264,22 @@ pub(crate) fn validate_detached_signature<'a, 'b>(
}
}
pub(crate) fn keyring_from_peerstate(peerstate: Option<&Peerstate>) -> Vec<SignedPublicKey> {
/// Returns public keyring for `peerstate`.
pub(crate) async fn keyring_from_peerstate(
context: &Context,
peerstate: Option<&Peerstate>,
) -> Result<Vec<SignedPublicKey>> {
let mut public_keyring_for_validate = Vec::new();
if let Some(peerstate) = peerstate {
if let Some(key) = &peerstate.public_key {
public_keyring_for_validate.push(key.clone());
} else if let Some(key) = &peerstate.gossip_key {
public_keyring_for_validate.push(key.clone());
} else if context.is_self_addr(&peerstate.addr).await? {
public_keyring_for_validate = key::load_self_public_keyring(context).await?;
}
}
public_keyring_for_validate
Ok(public_keyring_for_validate)
}
/// Applies Autocrypt header to Autocrypt peer state and saves it into the database.
@@ -292,6 +298,7 @@ pub(crate) async fn get_autocrypt_peerstate(
message_time: i64,
allow_change: bool,
) -> Result<Option<Peerstate>> {
let allow_change = allow_change && !context.is_self_addr(from).await?;
let mut peerstate;
// Apply Autocrypt header