From 8a7492940f23b6308f15f8f11b960702e00f3684 Mon Sep 17 00:00:00 2001 From: drebs Date: Tue, 21 Jan 2014 16:18:15 -0200 Subject: Prevent double base64 encoding of attachments when signing (#5014). --- ...bug_5014_fix-attachment-processing-when-signing | 1 + mail/src/leap/mail/smtp/rfc3156.py | 28 +++++++++++++++------- 2 files changed, 21 insertions(+), 8 deletions(-) create mode 100644 mail/changes/bug_5014_fix-attachment-processing-when-signing diff --git a/mail/changes/bug_5014_fix-attachment-processing-when-signing b/mail/changes/bug_5014_fix-attachment-processing-when-signing new file mode 100644 index 00000000..c12e35ef --- /dev/null +++ b/mail/changes/bug_5014_fix-attachment-processing-when-signing @@ -0,0 +1 @@ + o Correctly process attachments when signing. Fixes #5014. diff --git a/mail/src/leap/mail/smtp/rfc3156.py b/mail/src/leap/mail/smtp/rfc3156.py index 97395316..2c6d4a7e 100644 --- a/mail/src/leap/mail/smtp/rfc3156.py +++ b/mail/src/leap/mail/smtp/rfc3156.py @@ -24,6 +24,7 @@ import base64 from abc import ABCMeta, abstractmethod from StringIO import StringIO +from twisted.python import log from email.mime.application import MIMEApplication from email.mime.multipart import MIMEMultipart from email import errors @@ -145,14 +146,25 @@ def encode_base64(msg): :param msg: The non-multipart message to be encoded. :type msg: email.message.Message """ - orig = msg.get_payload() - encdata = _bencode(orig) - msg.set_payload(encdata) - # replace or set the Content-Transfer-Encoding header. - try: - msg.replace_header('Content-Transfer-Encoding', 'base64') - except KeyError: - msg['Content-Transfer-Encoding'] = 'base64' + encoding = msg.get('Content-Transfer-Encoding', None) + # XXX Python's email module can only decode quoted-printable, base64 and + # uuencoded data, so we might have to implement other decoding schemes in + # order to support RFC 3156 properly and correctly calculate signatures + # for multipart attachments (eg. 7bit or 8bit encoded attachments). For + # now, if content is already encoded as base64 or if it is encoded with + # some unknown encoding, we just pass. + if encoding is None or encoding.lower() in ['quoted-printable', + 'x-uuencode', 'uue', 'x-uue']: + orig = msg.get_payload(decode=True) + encdata = _bencode(orig) + msg.set_payload(encdata) + # replace or set the Content-Transfer-Encoding header. + try: + msg.replace_header('Content-Transfer-Encoding', 'base64') + except KeyError: + msg['Content-Transfer-Encoding'] = 'base64' + elif encoding is not 'base64': + log.err('Unknown content-transfer-encoding: %s' % encoding) def encode_base64_rec(msg): -- cgit v1.2.3 From e99af33d1cefe4797f72b4939bf775348df2586e Mon Sep 17 00:00:00 2001 From: drebs Date: Tue, 21 Jan 2014 16:32:24 -0200 Subject: Restrict adding outgoing footer to text/plain messages. --- ...g_restrict-adding-outgoing-footer-to-text-plain-messages | 1 + mail/src/leap/mail/smtp/gateway.py | 13 ++++++++----- 2 files changed, 9 insertions(+), 5 deletions(-) create mode 100644 mail/changes/bug_restrict-adding-outgoing-footer-to-text-plain-messages diff --git a/mail/changes/bug_restrict-adding-outgoing-footer-to-text-plain-messages b/mail/changes/bug_restrict-adding-outgoing-footer-to-text-plain-messages new file mode 100644 index 00000000..9983404e --- /dev/null +++ b/mail/changes/bug_restrict-adding-outgoing-footer-to-text-plain-messages @@ -0,0 +1 @@ + o Restrict adding outgoing footer to text/plain messages. diff --git a/mail/src/leap/mail/smtp/gateway.py b/mail/src/leap/mail/smtp/gateway.py index bef5c6d2..ef398d1f 100644 --- a/mail/src/leap/mail/smtp/gateway.py +++ b/mail/src/leap/mail/smtp/gateway.py @@ -600,13 +600,16 @@ class EncryptedMessage(object): self._msg = self._origmsg return - # add a nice footer to the outgoing message from_address = validate_address(self._fromAddress.addrstr) username, domain = from_address.split('@') - self.lines.append('--') - self.lines.append('%s - https://%s/key/%s' % - (self.FOOTER_STRING, domain, username)) - self.lines.append('') + + # add a nice footer to the outgoing message + if self._origmsg.get_content_type() == 'text/plain': + self.lines.append('--') + self.lines.append('%s - https://%s/key/%s' % + (self.FOOTER_STRING, domain, username)) + self.lines.append('') + self._origmsg = self.parseMessage() # get sender and recipient data -- cgit v1.2.3