Mirrors/chatmail-core
1
0
Fork 0
mirror of https://github.com/chatmail/core.git synced 2026-05-12 11:26:29 +03:00
Code Issues Packages Projects Releases Wiki Activity

Re-disable DKIM-checks (#4076)

Browse Source
This commit is contained in:
Hocuri
2023-02-22 16:03:20 +01:00
committed by GitHub
parent adb5bc77c4
commit 7c099c19c8
4 changed files with 14 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG.md
View File

@@ -10,6 +10,7 @@
- Use transaction in `update_blocked_mailinglist_contacts`. #4058 - Use transaction in `update_blocked_mailinglist_contacts`. #4058
- Remove `Sql.get_conn()` interface in favor of `.call()` and `.transaction()`. #4055 - Remove `Sql.get_conn()` interface in favor of `.call()` and `.transaction()`. #4055
- Updated provider database. - Updated provider database.
- Disable DKIM-Checks again #4076
### Fixes ### Fixes
- Start SQL transactions with IMMEDIATE behaviour rather than default DEFERRED one. #4063 - Start SQL transactions with IMMEDIATE behaviour rather than default DEFERRED one. #4063

4
src/authres.rs
View File

@@ -644,6 +644,7 @@ Authentication-Results: dkim=";
.unwrap(); .unwrap();
} }
#[ignore = "Disallowing keychanges is disabled for now"]
#[tokio::test(flavor = "multi_thread", worker_threads = 2)] #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
async fn test_handle_authres_fails() -> Result<()> { async fn test_handle_authres_fails() -> Result<()> {
let mut tcm = TestContextManager::new(); let mut tcm = TestContextManager::new();
@@ -821,7 +822,8 @@ Authentication-Results: dkim=";
.insert_str(0, "Authentication-Results: example.net; dkim=fail\n"); .insert_str(0, "Authentication-Results: example.net; dkim=fail\n");
let rcvd = bob.recv_msg(&sent).await; let rcvd = bob.recv_msg(&sent).await;
assert!(rcvd.error.unwrap().contains("DKIM failed")); // Disallowing keychanges is disabled for now:
// assert!(rcvd.error.unwrap().contains("DKIM failed"));
// The message info should contain a warning: // The message info should contain a warning:
assert!(message::get_msg_info(&bob, rcvd.id) assert!(message::get_msg_info(&bob, rcvd.id)
.await .await

3
src/decrypt.rs
View File

@@ -99,7 +99,8 @@ pub(crate) async fn prepare_decryption(
from, from,
autocrypt_header.as_ref(), autocrypt_header.as_ref(),
message_time, message_time,
dkim_results.allow_keychange, // Disallowing keychanges is disabled for now:
true, // dkim_results.allow_keychange,
) )
.await?; .await?;

14
src/mimeparser.rs
View File

@@ -342,7 +342,8 @@ impl MimeMessage {
if let (Some(peerstate), Ok(mail)) = (&mut decryption_info.peerstate, mail) { if let (Some(peerstate), Ok(mail)) = (&mut decryption_info.peerstate, mail) {
if message_time > peerstate.last_seen_autocrypt if message_time > peerstate.last_seen_autocrypt
&& mail.ctype.mimetype != "multipart/report" && mail.ctype.mimetype != "multipart/report"
&& decryption_info.dkim_results.allow_keychange // Disallowing keychanges is disabled for now:
// && decryption_info.dkim_results.allow_keychange
{ {
peerstate.degrade_encryption(message_time); peerstate.degrade_encryption(message_time);
} }
@@ -413,11 +414,12 @@ impl MimeMessage {
parser.heuristically_parse_ndn(context).await; parser.heuristically_parse_ndn(context).await;
parser.parse_headers(context).await?; parser.parse_headers(context).await?;
if !parser.decryption_info.dkim_results.allow_keychange { // Disallowing keychanges is disabled for now
for part in parser.parts.iter_mut() { // if !decryption_info.dkim_results.allow_keychange {
part.error = Some("Seems like DKIM failed, this either is an attack or (more likely) a bug in Authentication-Results checking. Please tell us about this at https://support.delta.chat.".to_string()); // for part in parser.parts.iter_mut() {
} // part.error = Some("Seems like DKIM failed, this either is an attack or (more likely) a bug in Authentication-Results checking. Please tell us about this at https://support.delta.chat.".to_string());
} // }
// }
if parser.is_mime_modified { if parser.is_mime_modified {
parser.decoded_data = mail_raw; parser.decoded_data = mail_raw;