diff --git a/CHANGELOG.md b/CHANGELOG.md index 83959c2f3..f440d5549 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -40,6 +40,7 @@ ### Fixes - `dc_search_msgs()` returns unaccepted requests #3694 - emit "contacts changed" event when the contact is no longer "seen recently" #3703 +- do not allow peerstate reset if DKIM check failed #3731 ## 1.98.0 diff --git a/src/authres.rs b/src/authres.rs index 55a3dc636..d1a31636f 100644 --- a/src/authres.rs +++ b/src/authres.rs @@ -357,6 +357,7 @@ mod tests { use super::*; + use crate::aheader::EncryptPreference; use crate::e2ee; use crate::mimeparser; use crate::peerstate::Peerstate; @@ -665,6 +666,10 @@ Authentication-Results: box.hispanilandia.net; spf=pass smtp.mailfrom=adbenitez@ tcm.section("An attacker, bob2, sends a from-forged email to Alice!"); + // Sleep to make sure key reset is ignored because of DKIM failure + // and not because reordering is suspected. + tokio::time::sleep(std::time::Duration::from_millis(1100)).await; + let bob2 = tcm.unconfigured().await; bob2.configure_addr("bob@example.net").await; e2ee::ensure_secret_key_exists(&bob2).await?; @@ -686,6 +691,9 @@ Authentication-Results: box.hispanilandia.net; spf=pass smtp.mailfrom=adbenitez@ .await? .unwrap(); + // Encryption preference is still mutual. + assert_eq!(bob_state.prefer_encrypt, EncryptPreference::Mutual); + // Also check that the keypair was not changed assert_eq!( bob_state.public_key.unwrap(), diff --git a/src/mimeparser.rs b/src/mimeparser.rs index 10696e617..c87c627e2 100644 --- a/src/mimeparser.rs +++ b/src/mimeparser.rs @@ -298,6 +298,7 @@ impl MimeMessage { if let Some(peerstate) = &mut decryption_info.peerstate { if message_time > peerstate.last_seen_autocrypt && mail.ctype.mimetype != "multipart/report" + && decryption_info.dkim_results.allow_keychange { peerstate.degrade_encryption(message_time); peerstate.save_to_db(&context.sql, false).await?;