Mirrors/chatmail-core
1
0
Fork 0
mirror of https://github.com/chatmail/core.git synced 2026-05-08 09:26:29 +03:00
Code Issues Packages Projects Releases Wiki Activity

fix: never encrypt {vc,vg}-request

Browse Source 
Even if 1:1 chat with alice is protected,
we should send vc-request unencrypted.
This happens if Alice changed the key
and QR-code Bob scans contains fingerprint
that is different from the verified fingerprint.
Sending vc-request encrypted to the old key
does not help because Alice is not able
to decrypt it in this case.
This commit is contained in:
link2xt
2024-02-19 12:05:22 +00:00
parent bce22edfe3
commit 9427f7b587
2 changed files with 20 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
deltachat-rpc-client/tests/test_securejoin.py
View File

@@ -164,6 +164,21 @@ def test_qr_readreceipt(acfactory) -> None:
assert not bob.get_chat_by_contact(bob_contact_charlie) assert not bob.get_chat_by_contact(bob_contact_charlie)
def test_setup_contact_resetup(acfactory) -> None:
"""Tests that setup contact works after Alice resets the device and changes the key."""
alice, bob = acfactory.get_online_accounts(2)
qr_code, _svg = alice.get_qr_code()
bob.secure_join(qr_code)
bob.wait_for_securejoin_joiner_success()
alice = acfactory.resetup_account(alice)
qr_code, _svg = alice.get_qr_code()
bob.secure_join(qr_code)
bob.wait_for_securejoin_joiner_success()
def test_verified_group_recovery(acfactory) -> None: def test_verified_group_recovery(acfactory) -> None:
"""Tests verified group recovery by reverifying a member and sending a message in a group.""" """Tests verified group recovery by reverifying a member and sending a message in a group."""
ac1, ac2, ac3 = acfactory.get_online_accounts(3) ac1, ac2, ac3 = acfactory.get_online_accounts(3)

17
src/mimefactory.rs
View File

@@ -338,18 +338,11 @@ impl<'a> MimeFactory<'a> {
fn should_force_plaintext(&self) -> bool { fn should_force_plaintext(&self) -> bool {
match &self.loaded { match &self.loaded {
Loaded::Message { chat } => { Loaded::Message { chat } => {
if chat.is_protected() { self.msg
false .param
} else if chat.typ == Chattype::Broadcast { .get_bool(Param::ForcePlaintext)
// encryption may disclose recipients; .unwrap_or_default()
// this is probably a worse issue than not opportunistically (!) encrypting || chat.typ == Chattype::Broadcast
true
} else {
self.msg
.param
.get_bool(Param::ForcePlaintext)
.unwrap_or_default()
}
} }
Loaded::Mdn { .. } => false, Loaded::Mdn { .. } => false,
} }