Mirrors/chatmail-core
1
0
Fork 0
mirror of https://github.com/chatmail/core.git synced 2026-04-19 14:36:29 +03:00
Code Issues Packages Projects Releases Wiki Activity

feat: Don't affect MimeMessage with "From" and secured headers from encrypted unsigned messages

Browse Source 
If a message is encrypted, but unsigned:
- Don't set `MimeMessage::from_is_signed`.
- Remove "secure-join-fingerprint" and "chat-verified" headers from `MimeMessage`.
- Minor: Preserve "Subject" from the unencrypted top level if there's no "Subject" in the encrypted
  part, this message is displayed w/o a padlock anyway.

Apparently it didn't lead to any vulnerabilities because there are checks for
`MimeMessage::signatures.is_empty()` in all necessary places, but still the code looked dangerous,
especially because `from_is_singed` var name didn't correspond to its actual value (it was rather
`from_is_encrypted_maybe_signed`).
This commit is contained in:
iequidoo
2023-11-18 21:46:55 -03:00
committed by iequidoo
parent 9cc9579b2d
commit ebfbc11973
5 changed files with 148 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
src/receive_imf/tests.rs
View File

@@ -3110,7 +3110,8 @@ async fn test_thunderbird_autocrypt() -> Result<()> {
let t = TestContext::new_bob().await;
let raw = include_bytes!("../../test-data/message/thunderbird_with_autocrypt.eml");
receive_imf(&t, raw, false).await?;
let received_msg = receive_imf(&t, raw, false).await?.unwrap();
assert!(received_msg.from_is_signed);
let peerstate = Peerstate::from_addr(&t, "alice@example.org")
.await?
@@ -3191,7 +3192,8 @@ async fn test_thunderbird_unsigned() -> Result<()> {
// Alice receives an unsigned message from Bob.
let raw = include_bytes!("../../test-data/message/thunderbird_encrypted_unsigned.eml");
receive_imf(&alice, raw, false).await?;
let received_msg = receive_imf(&alice, raw, false).await?.unwrap();
assert!(!received_msg.from_is_signed);
let msg = alice.get_last_msg().await;
assert!(!msg.get_showpadlock());
@@ -3200,6 +3202,27 @@ async fn test_thunderbird_unsigned() -> Result<()> {
Ok(())
}
/// Bob receives an encrypted unsigned message with only an unencrypted Subject.
///
/// Test that the message is displayed without any errors,
/// but also without a padlock, but with the Subject.
#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
async fn test_thunderbird_unsigned_with_unencrypted_subject() -> Result<()> {
let bob = TestContext::new_bob().await;
let raw = include_bytes!(
"../../test-data/message/thunderbird_encrypted_unsigned_with_unencrypted_subject.eml"
);
receive_imf(&bob, raw, false).await?;
let msg = bob.get_last_msg().await;
assert!(!msg.get_showpadlock());
assert!(msg.error().is_none());
assert_eq!(msg.get_subject(), "Hello!");
Ok(())
}
#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
async fn test_mua_user_adds_member() -> Result<()> {
let t = TestContext::new_alice().await;