ENGINE-390: Fixes for legacy mail - exchange vs. imap, plus encrypted keys to import
authorKrista Bennett <krista@pep-project.org>
Thu, 29 Mar 2018 12:16:58 +0200
changeset 2587b7eb979f90f5
parent 2586 9749e509f3ec
child 2588 858909bcf85b
ENGINE-390: Fixes for legacy mail - exchange vs. imap, plus encrypted keys to import
src/message_api.c
     1.1 --- a/src/message_api.c	Tue Mar 27 11:57:37 2018 +0200
     1.2 +++ b/src/message_api.c	Thu Mar 29 12:16:58 2018 +0200
     1.3 @@ -1357,13 +1357,42 @@
     1.4          if (bl && bl->value && bl->size && bl->size < MAX_KEY_SIZE
     1.5                  && is_key(bl))
     1.6          {
     1.7 +            char* blob_value = bl->value;
     1.8 +            size_t blob_size = bl->size;
     1.9 +            bool free_blobval = false;
    1.10 +            
    1.11 +            if (is_encrypted_attachment(bl)) {
    1.12 +                char* bl_ptext = NULL;
    1.13 +                size_t bl_psize = 0;
    1.14 +                stringlist_t* bl_keylist = NULL;
    1.15 +                PEP_STATUS _status = decrypt_and_verify(session, 
    1.16 +                                                        blob_value, blob_size,
    1.17 +                                                        NULL, 0,
    1.18 +                                                        &bl_ptext, &bl_psize, 
    1.19 +                                                        &bl_keylist);
    1.20 +                free_stringlist(bl_keylist); // we don't care about key encryption as long as we decrypt
    1.21 +                if (_status == PEP_DECRYPTED || _status == PEP_DECRYPTED_AND_VERIFIED) {
    1.22 +                    free_blobval = true;
    1.23 +                    blob_value = bl_ptext;
    1.24 +                    blob_size = bl_psize;
    1.25 +                }
    1.26 +                else {
    1.27 +                    // This is an encrypted attachment we can do nothing with.
    1.28 +                    // We shouldn't delete it or import it, because we can't
    1.29 +                    // do the latter.
    1.30 +                    free(bl_ptext);
    1.31 +                    continue;
    1.32 +                }
    1.33 +            }
    1.34              identity_list *local_private_idents = NULL;
    1.35 -            import_key(session, bl->value, bl->size, &local_private_idents);
    1.36 +            import_key(session, blob_value, blob_size, &local_private_idents);
    1.37              remove = true;
    1.38              if (private_idents && *private_idents == NULL && local_private_idents != NULL)
    1.39                  *private_idents = local_private_idents;
    1.40              else
    1.41                  free_identity_list(local_private_idents);
    1.42 +            if (free_blobval)
    1.43 +                free(blob_value);
    1.44          }
    1.45      }
    1.46      return remove;
    1.47 @@ -2351,8 +2380,8 @@
    1.48          //                                         &verify_keylist);
    1.49          free_stringlist(*keylist);
    1.50          *decrypt_status = decrypt_and_verify(session, ctext, csize,
    1.51 -                                            NULL, 0,
    1.52 -                                            &ptext, &psize, keylist);
    1.53 +                                             NULL, 0,
    1.54 +                                             &ptext, &psize, keylist);
    1.55          
    1.56      }
    1.57  
    1.58 @@ -2377,7 +2406,7 @@
    1.59  
    1.60      message* msg = *msg_ptr;
    1.61  
    1.62 -    msg->longmsg = ptext;
    1.63 +    msg->longmsg = strdup(ptext);
    1.64      ptext = NULL;
    1.65  
    1.66      bloblist_t *_m = msg->attachments;
    1.67 @@ -2402,11 +2431,10 @@
    1.68              free(ptext);
    1.69              ptext = NULL;
    1.70  
    1.71 -            // FIXME: What about attachments with separate sigs???
    1.72              status = decrypt_and_verify(session, attctext, attcsize,
    1.73                                          NULL, 0,
    1.74                                          &ptext, &psize, &_keylist);
    1.75 -            free_stringlist(_keylist); // FIXME: Why do we do this?
    1.76 +            free_stringlist(_keylist);
    1.77  
    1.78              if (ptext) {
    1.79                  if (is_encrypted_html_attachment(_s)) {
    1.80 @@ -2657,6 +2685,7 @@
    1.81      /*** Begin init ***/
    1.82      PEP_STATUS status = PEP_STATUS_OK;
    1.83      PEP_STATUS decrypt_status = PEP_CANNOT_DECRYPT_UNKNOWN;
    1.84 +    PEP_STATUS _decrypt_in_pieces_status = PEP_CANNOT_DECRYPT_UNKNOWN;
    1.85      message *msg = NULL;
    1.86      char *ctext;
    1.87      size_t csize;
    1.88 @@ -2803,15 +2832,25 @@
    1.89                  break;
    1.90  
    1.91              case PEP_enc_pieces:
    1.92 -                decrypt_status = _decrypt_in_pieces(session, src, &msg, ptext, psize);
    1.93 +                status = PEP_STATUS_OK;
    1.94 +                
    1.95 +                _decrypt_in_pieces_status = _decrypt_in_pieces(session, src, &msg, ptext, psize);
    1.96              
    1.97 -                if (decrypt_status == PEP_OUT_OF_MEMORY)
    1.98 -                    goto enomem;
    1.99 -                else
   1.100 -                    status = PEP_STATUS_OK;
   1.101 -                     
   1.102 +                switch (_decrypt_in_pieces_status) {
   1.103 +                    case PEP_DECRYPTED:
   1.104 +                    case PEP_DECRYPTED_AND_VERIFIED:
   1.105 +                        if (decrypt_status <= PEP_DECRYPTED_AND_VERIFIED)
   1.106 +                            decrypt_status = _MIN(decrypt_status, _decrypt_in_pieces_status);
   1.107 +                        break;
   1.108 +                    case PEP_STATUS_OK:
   1.109 +                        break;    
   1.110 +                    case PEP_OUT_OF_MEMORY:
   1.111 +                        goto enomem;
   1.112 +                    default:
   1.113 +                        decrypt_status = _decrypt_in_pieces_status;
   1.114 +                        break;
   1.115 +                }
   1.116                  break;
   1.117 -
   1.118              default:
   1.119                  // BUG: must implement more
   1.120                  NOT_IMPLEMENTED