fix: process Autocrypt-Gossip only after merging protected headers

Otherwise no Autocrypt-Gossip is applied if To header is protected by replacing with "hidden-recipients".
2026-05-04 05:46:29 +03:00 · 2025-03-12 05:04:19 +00:00
parent c825b2584b
commit f8c4662c9a
1 changed files with 16 additions and 13 deletions
--- a/src/mimeparser.rs
+++ b/src/mimeparser.rs
@@ -421,19 +421,6 @@ impl MimeMessage {
            timestamp_sent =
                Self::get_timestamp_sent(&mail.headers, timestamp_sent, timestamp_rcvd);
            if !signatures.is_empty() {
-                // Handle any gossip headers if the mail was encrypted. See section
-                // "3.6 Key Gossip" of <https://autocrypt.org/autocrypt-spec-1.1.0.pdf>
-                // but only if the mail was correctly signed. Probably it's ok to not require
-                // encryption here, but let's follow the standard.
-                let gossip_headers = mail.headers.get_all_values("Autocrypt-Gossip");
-                gossiped_keys = update_gossip_peerstates(
-                    context,
-                    timestamp_sent,
-                    &from.addr,
-                    &recipients,
-                    gossip_headers,
-                )
-                .await?;
                // Remove unsigned opportunistically protected headers from messages considered
                // Autocrypt-encrypted / displayed with padlock.
                // For "Subject" see <https://github.com/deltachat/deltachat-core-rust/issues/1790>.
@@ -474,6 +461,22 @@ impl MimeMessage {
                &mail.headers,
            );

+            if !signatures.is_empty() {
+                // Handle any gossip headers if the mail was encrypted. See section
+                // "3.6 Key Gossip" of <https://autocrypt.org/autocrypt-spec-1.1.0.pdf>
+                // but only if the mail was correctly signed. Probably it's ok to not require
+                // encryption here, but let's follow the standard.
+                let gossip_headers = mail.headers.get_all_values("Autocrypt-Gossip");
+                gossiped_keys = update_gossip_peerstates(
+                    context,
+                    timestamp_sent,
+                    &from.addr,
+                    &recipients,
+                    gossip_headers,
+                )
+                .await?;
+            }
+
            if let Some(inner_from) = inner_from {
                if !addr_cmp(&inner_from.addr, &from.addr) {
                    // There is a From: header in the encrypted