fix: Ignore protected headers in outer message part (#6357)

Delta Chat always adds protected headers to the inner encrypted or signed message, so if a protected header is only present in the outer part, it should be ignored because it's probably added by the server or somebody else. The exceptions are Subject and List-ID because there are known cases when they are only present in the outer message part. Also treat any Chat-* headers as protected. This fixes e.g. a case when the server injects a "Chat-Version" IMF header tricking Delta Chat into thinking that it's a chat message. Also handle "Auto-Submitted" and "Autocrypt-Setup-Message" as protected headers on the receiver side, this was apparently forgotten.
2026-05-03 21:36:29 +03:00 · 2024-12-27 22:20:44 -03:00
parent a0f6bdffeb
commit 6d8dff54a7
4 changed files with 81 additions and 21 deletions
--- a/src/decrypt.rs
+++ b/src/decrypt.rs
@@ -178,7 +178,8 @@ mod tests {
        let bob = TestContext::new_bob().await;
        receive_imf(&bob, attachment_mime, false).await?;
        let msg = bob.get_last_msg().await;
-        assert_eq!(msg.text, "Hello from Thunderbird!");
+        // Subject should be prepended because the attachment doesn't have "Chat-Version".
+        assert_eq!(msg.text, "Hello, Bob! – Hello from Thunderbird!");

        Ok(())
    }