author Krista 'DarthMama' Bennett <krista@pep.foundation>

Wed, 04 Sep 2019 18:51:10 +0200

branch sender-fpr-checks

changeset 4049 193b649cb621

parent 4048 1b987bcd8efe

child 4075 11a4b0c917c6

src/message_api.c file | annotate | diff | revisions
     1.1 --- a/src/message_api.c	Wed Sep 04 17:35:22 2019 +0200
     1.2 +++ b/src/message_api.c	Wed Sep 04 18:51:10 2019 +0200
     1.3 @@ -3934,6 +3934,8 @@
     1.4      *dst = msg;
     1.5      *keylist = _keylist;
     1.6  
     1.7 +    bool reenc_signer_key_is_own_key = false; // only matters for reencrypted messages 
     1.8 +    
     1.9      // 5. Reencrypt if necessary
    1.10      if (reencrypt) {
    1.11          if (decrypt_status == PEP_DECRYPTED || decrypt_status == PEP_DECRYPTED_AND_VERIFIED) {
    1.12 @@ -3942,10 +3944,9 @@
    1.13                  sfpr = _keylist->value;
    1.14               
    1.15              if (sfpr && decrypt_status == PEP_DECRYPTED_AND_VERIFIED) {
    1.16 -                bool key_is_own_key = false;
    1.17 -                own_key_is_listed(session, sfpr, &key_is_own_key);
    1.18 +                own_key_is_listed(session, sfpr, &reenc_signer_key_is_own_key);
    1.19                  
    1.20 -                if (!key_is_own_key) {
    1.21 +                if (!reenc_signer_key_is_own_key) {
    1.22                      message* reencrypt_msg = NULL;
    1.23                      PEP_STATUS reencrypt_status = PEP_CANNOT_REENCRYPT;
    1.24                      char* own_id = NULL;
    1.25 @@ -3984,17 +3985,19 @@
    1.26          }
    1.27      }
    1.28      
    1.29 -    // Double-check for message 2.1:
    1.30 -    if (major_ver > 2 || (major_ver == 2 && minor_ver > 0)) {
    1.31 -        if (EMPTYSTR((*dst)->_sender_fpr) || 
    1.32 -           (!EMPTYSTR(_keylist->value) && (strcasecmp((*dst)->_sender_fpr, _keylist->value) != 0))) {
    1.33 -            if (decrypt_status == PEP_DECRYPTED_AND_VERIFIED)
    1.34 -                decrypt_status = PEP_DECRYPTED;
    1.35 -            if (*rating > PEP_rating_unreliable)
    1.36 -                *rating = PEP_rating_unreliable;
    1.37 +    // Double-check for message 2.1: (note, we don't do this for already-reencrypted-messages)
    1.38 +    if (!(reencrypt && reenc_signer_key_is_own_key)) { 
    1.39 +        if (major_ver > 2 || (major_ver == 2 && minor_ver > 0)) {
    1.40 +            if (EMPTYSTR((*dst)->_sender_fpr) || 
    1.41 +               (!EMPTYSTR(_keylist->value) && (strcasecmp((*dst)->_sender_fpr, _keylist->value) != 0))) {
    1.42 +                if (decrypt_status == PEP_DECRYPTED_AND_VERIFIED)
    1.43 +                    decrypt_status = PEP_DECRYPTED;
    1.44 +                if (*rating > PEP_rating_unreliable)
    1.45 +                    *rating = PEP_rating_unreliable;
    1.46 +            }
    1.47          }
    1.48      }
    1.49 -        
    1.50 +    
    1.51      if (decrypt_status == PEP_DECRYPTED_AND_VERIFIED)
    1.52          return PEP_STATUS_OK;
    1.53      else
author	Krista 'DarthMama' Bennett <krista@pep.foundation>
	Wed, 04 Sep 2019 18:51:10 +0200
branch	sender-fpr-checks
changeset 4049	193b649cb621
parent 4048	1b987bcd8efe
child 4075	11a4b0c917c6