leap_mail.git/src, branch develop [leap_mail] [feat] Remove senders X-Leap-* headers if the email came with them 2016-08-01T17:08:56+00:00 Ruben Pollan meskio@sindominio.net 2016-08-01T16:51:08+00:00 f39a5284ee208a8ba8194b4317b77114e38d73d9 We use the X-Leap-Signature and X-Leap-Encryption to signal the signature and encryption status of emails. An attacker could add this headers and trick bitmask to believe that the email was signed and/or encrypted. Now we remove this headers from the original email if they are present before adding ours. - Resolves: #7429 
We use the X-Leap-Signature and X-Leap-Encryption to signal the
signature and encryption status of emails. An attacker could add this
headers and trick bitmask to believe that the email was signed and/or
encrypted. Now we remove this headers from the original email if they
are present before adding ours.

- Resolves: #7429
[refactor] deprecating u1db, using l2db instead. 2016-08-01T08:35:04+00:00 NavaL ayoyo@thoughtworks.com 2016-07-24T21:15:01+00:00 ee978045e6420377c908c4d4b4400dd3c18a2909 To keep compatibility with soledad upgrades. It will namely cause version conflicts to not be properly handled otherwise. 
To keep compatibility with soledad upgrades. It will namely cause version conflicts
to not be properly handled otherwise.
[bug] initialize OpenSSL context just once in leap.mail 2016-06-18T00:14:18+00:00 NavaL ayoyo@thoughtworks.com 2016-06-17T19:37:24+00:00 5992172f58684ff21bffec9ed9414aaa9b26cd31 Do not initialize the openssl context on each call to get mail payload phash. The openSSL backend should only be initialized once because it is activating the os random engine which in turn unregister and free current engine first. This is very tricky when operations are running in threads as it essentially momentarily unregister the openssl crypto callbacks that makes openssl thread safe. - Resolves: #8180 with the soledad PR #324 
Do not initialize the openssl context on each call to get mail payload phash.

The openSSL backend should only be initialized once because it is activating the os random engine
which in turn unregister and free current engine first. This is very tricky when operations are running in threads
as it essentially momentarily unregister the openssl crypto callbacks that makes openssl thread safe.

- Resolves: #8180 with the soledad PR #324
[tests] keymanager._fetcher doesn't exist anymore 2016-06-08T14:48:09+00:00 Ruben Pollan meskio@sindominio.net 2016-06-08T10:43:29+00:00 0cef35297c8a38d27f390b27ec3d0be0a84230ad - Resolves: #8177 
- Resolves: #8177
Merge branch 'pixelated/fix_sign_apple_mail' into develop 2016-06-08T14:47:29+00:00 Ruben Pollan meskio@sindominio.net 2016-06-08T14:47:29+00:00 736ea864f0b6e8148ecca7f003f8d6997319c3b3 






Merge branch 'pixelated/fix_test_decrypt_email' into develop
2016-06-07T19:02:17+00:00

Ruben Pollan
meskio@sindominio.net

2016-06-07T19:02:17+00:00

c3ecebbd26637e628047d71cd1ddd9338efbdc60












[refactor] change the check to validate signature from Apple Mail
2016-05-25T19:11:34+00:00

Caio Carrara
ccarrara@thoughtworks.com

2016-05-25T19:11:34+00:00

1a6aa67ea31b4bedb2a59a84659f7e19b385ec12

It changes the way that incoming service checks if a additional
verification is needed to validate signature. The way before was
checking by the type of signature object and calling the verify
signature method if the type is different from OpenPGPKey. However it
could be more readable if we check the type of decrypted message. If
it's a multipart/signed message and not a plain/text we need to verify
the signature because keymanager couldn't do it during the decryption
process.





It changes the way that incoming service checks if a additional
verification is needed to validate signature. The way before was
checking by the type of signature object and calling the verify
signature method if the type is different from OpenPGPKey. However it
could be more readable if we check the type of decrypted message. If
it's a multipart/signed message and not a plain/text we need to verify
the signature because keymanager couldn't do it during the decryption
process.







[tests] add test to validate signature from apple mail
2016-05-24T18:56:00+00:00

Caio Carrara
ccarrara@thoughtworks.com

2016-05-24T18:56:00+00:00

ff75ceecbff76bc9142516c198d726422c050797

This change adds test to validate signature of encrypted email created
by apple mail. It's important to note that apple mail has a specific way
to encrypt signed messages. First it sign the email and then encrypt the
previous signed message. It was also added a message file with the
expected data.





This change adds test to validate signature of encrypted email created
by apple mail. It's important to note that apple mail has a specific way
to encrypt signed messages. First it sign the email and then encrypt the
previous signed message. It was also added a message file with the
expected data.







[feat] Adapt to the new KeyManager API without key types.
2016-05-18T20:58:19+00:00

Ruben Pollan
meskio@sindominio.net

2016-05-03T14:49:38+00:00

a681acde5bdd757ea7be33426660c0cb41cf01d8

- Related: #8031





- Related: #8031







Add not called asserts to testDecryptEmail
2016-05-18T20:17:21+00:00

Thais Siqueira
thais.siqueira@gmail.com

2016-05-18T20:17:21+00:00

736edc16f5ce9d977586d25d60f423ac9d847b15

The functions decryption_error_not_called and add_decrypted_header_called
were not being called on testDecryptEmail. So the asserts was not being
called as well.

This change adds the above functions as callbacks to be called after the
fetch method.





The functions decryption_error_not_called and add_decrypted_header_called
were not being called on testDecryptEmail. So the asserts was not being
called as well.

This change adds the above functions as callbacks to be called after the
fetch method.