Mirrors/chatmail-core
1
0
Fork 0
mirror of https://github.com/chatmail/core.git synced 2026-05-08 17:36:29 +03:00
Code Issues Packages Projects Releases Wiki Activity

fix: process Autocrypt-Gossip only after merging protected headers

Browse Source 
Otherwise no Autocrypt-Gossip is applied if To header is protected
by replacing with "hidden-recipients".
This commit is contained in:
link2xt
2025-03-12 05:04:19 +00:00
committed by l
parent c825b2584b
commit f8c4662c9a
1 changed files with 16 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
src/mimeparser.rs
View File

@@ -421,19 +421,6 @@ impl MimeMessage {
timestamp_sent = timestamp_sent =
Self::get_timestamp_sent(&mail.headers, timestamp_sent, timestamp_rcvd); Self::get_timestamp_sent(&mail.headers, timestamp_sent, timestamp_rcvd);
if !signatures.is_empty() { if !signatures.is_empty() {
// Handle any gossip headers if the mail was encrypted. See section
// "3.6 Key Gossip" of <https://autocrypt.org/autocrypt-spec-1.1.0.pdf>
// but only if the mail was correctly signed. Probably it's ok to not require
// encryption here, but let's follow the standard.
let gossip_headers = mail.headers.get_all_values("Autocrypt-Gossip");
gossiped_keys = update_gossip_peerstates(
context,
timestamp_sent,
&from.addr,
&recipients,
gossip_headers,
)
.await?;
// Remove unsigned opportunistically protected headers from messages considered // Remove unsigned opportunistically protected headers from messages considered
// Autocrypt-encrypted / displayed with padlock. // Autocrypt-encrypted / displayed with padlock.
// For "Subject" see <https://github.com/deltachat/deltachat-core-rust/issues/1790>. // For "Subject" see <https://github.com/deltachat/deltachat-core-rust/issues/1790>.
@@ -474,6 +461,22 @@ impl MimeMessage {
&mail.headers, &mail.headers,
); );
if !signatures.is_empty() {
// Handle any gossip headers if the mail was encrypted. See section
// "3.6 Key Gossip" of <https://autocrypt.org/autocrypt-spec-1.1.0.pdf>
// but only if the mail was correctly signed. Probably it's ok to not require
// encryption here, but let's follow the standard.
let gossip_headers = mail.headers.get_all_values("Autocrypt-Gossip");
gossiped_keys = update_gossip_peerstates(
context,
timestamp_sent,
&from.addr,
&recipients,
gossip_headers,
)
.await?;
}
if let Some(inner_from) = inner_from { if let Some(inner_from) = inner_from {
if !addr_cmp(&inner_from.addr, &from.addr) { if !addr_cmp(&inner_from.addr, &from.addr) {
// There is a From: header in the encrypted // There is a From: header in the encrypted