moved private key import out from 'decrypted-but-not-yet-verified' block. import_priv_keys_fix
authorKrista Bennett <krista@pep-project.org>
Tue, 21 Nov 2017 18:10:20 +0100
branchimport_priv_keys_fix
changeset 22901cc3770407e0
parent 2284 fa00137505b8
child 2291 322669cc0ec6
moved private key import out from 'decrypted-but-not-yet-verified' block.
src/message_api.c
     1.1 --- a/src/message_api.c	Thu Nov 09 17:57:29 2017 +0100
     1.2 +++ b/src/message_api.c	Tue Nov 21 18:10:20 2017 +0100
     1.3 @@ -2413,17 +2413,20 @@
     1.4                      src->shortmsg = strdup(msg->shortmsg);
     1.5                  }
     1.6  
     1.7 +                // check for private key in decrypted message attachment while importing
     1.8 +                // N.B. Apparently, we always import private keys into the keyring; however,
     1.9 +                // we do NOT always allow those to be used for encryption. THAT is controlled
    1.10 +                // by setting it as an own identity associated with the key in the DB.
    1.11 +                status = import_priv_keys_from_decrypted_msg(session, src, msg,
    1.12 +                                                             &imported_keys,
    1.13 +                                                             &imported_private_key_address,
    1.14 +                                                             private_il);
    1.15 +                if (status != PEP_STATUS_OK)
    1.16 +                    GOTO(pep_error);            
    1.17 +
    1.18                  /* if decrypted, but not verified... */
    1.19                  if (decrypt_status == PEP_DECRYPTED) {
    1.20 -                    
    1.21 -                    // check for private key in decrypted message attachment while importing
    1.22 -                    status = import_priv_keys_from_decrypted_msg(session, src, msg,
    1.23 -                                                                 &imported_keys,
    1.24 -                                                                 &imported_private_key_address,
    1.25 -                                                                 private_il);
    1.26 -                    if (status != PEP_STATUS_OK)
    1.27 -                        GOTO(pep_error);            
    1.28 -                                                                 
    1.29 +                                                                                     
    1.30                      status = verify_decrypted(session,
    1.31                                                src, msg,
    1.32                                                ptext, psize,