fix: Switch to EncryptionPreference::Mutual on a receipt of encrypted+signed message (#4707)

2026-05-03 21:36:29 +03:00 · 2023-11-01 23:50:20 -03:00
parent d840a7e6b9
commit 9cd3a7550b
4 changed files with 291 additions and 0 deletions
--- a/src/mimeparser.rs
+++ b/src/mimeparser.rs
@@ -376,6 +376,12 @@ impl MimeMessage {
        if !encrypted {
            signatures.clear();
        }
+        if let Some(peerstate) = &mut decryption_info.peerstate {
+            if peerstate.prefer_encrypt != EncryptPreference::Mutual && !signatures.is_empty() {
+                peerstate.prefer_encrypt = EncryptPreference::Mutual;
+                peerstate.save_to_db(&context.sql).await?;
+            }
+        }

        // Auto-submitted is also set by holiday-notices so we also check `chat-version`
        let is_bot = headers.contains_key("auto-submitted") && headers.contains_key("chat-version");
--- a/src/receive_imf/tests.rs
+++ b/src/receive_imf/tests.rs
@@ -3117,6 +3117,46 @@ async fn test_thunderbird_autocrypt() -> Result<()> {
    Ok(())
 }

+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn test_prefer_encrypt_mutual_if_encrypted() -> Result<()> {
+    let t = TestContext::new_bob().await;
+
+    let raw =
+        include_bytes!("../../test-data/message/thunderbird_encrypted_signed_with_pubkey.eml");
+    receive_imf(&t, raw, false).await?;
+    let peerstate = Peerstate::from_addr(&t, "alice@example.org")
+        .await?
+        .unwrap();
+    assert_eq!(peerstate.prefer_encrypt, EncryptPreference::Mutual);
+
+    receive_imf(
+        &t,
+        b"From: alice@example.org\n\
+          To: bob@example.net\n\
+          Subject: foo\n\
+          Message-ID: <message@example.org>\n\
+          Date: Thu, 2 Nov 2023 02:20:28 -0300\n\
+          \n\
+          unencrypted\n",
+        false,
+    )
+    .await?;
+    let peerstate = Peerstate::from_addr(&t, "alice@example.org")
+        .await?
+        .unwrap();
+    assert_eq!(peerstate.prefer_encrypt, EncryptPreference::Reset);
+
+    let raw = include_bytes!("../../test-data/message/thunderbird_encrypted_signed.eml");
+    receive_imf(&t, raw, false).await?;
+    let peerstate = Peerstate::from_addr(&t, "alice@example.org")
+        .await?
+        .unwrap();
+    assert!(peerstate.public_key.is_some());
+    assert_eq!(peerstate.prefer_encrypt, EncryptPreference::Mutual);
+
+    Ok(())
+}
+
 #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
 async fn test_thunderbird_autocrypt_unencrypted() -> Result<()> {
    let t = TestContext::new_bob().await;