From 379f7fd742d1e79a575f0f723bcddb01cc611067 Mon Sep 17 00:00:00 2001
From: drebs <drebs@leap.se>
Date: Tue, 21 Jan 2014 16:18:15 -0200
Subject: Prevent double base64 encoding of attachments when signing (#5014).

---
 src/leap/mail/smtp/rfc3156.py | 28 ++++++++++++++++++++--------
 1 file changed, 20 insertions(+), 8 deletions(-)

(limited to 'src/leap/mail/smtp')

diff --git a/src/leap/mail/smtp/rfc3156.py b/src/leap/mail/smtp/rfc3156.py
index 9739531..2c6d4a7 100644
--- a/src/leap/mail/smtp/rfc3156.py
+++ b/src/leap/mail/smtp/rfc3156.py
@@ -24,6 +24,7 @@ import base64
 from abc import ABCMeta, abstractmethod
 from StringIO import StringIO
 
+from twisted.python import log
 from email.mime.application import MIMEApplication
 from email.mime.multipart import MIMEMultipart
 from email import errors
@@ -145,14 +146,25 @@ def encode_base64(msg):
     :param msg: The non-multipart message to be encoded.
     :type msg: email.message.Message
     """
-    orig = msg.get_payload()
-    encdata = _bencode(orig)
-    msg.set_payload(encdata)
-    # replace or set the Content-Transfer-Encoding header.
-    try:
-        msg.replace_header('Content-Transfer-Encoding', 'base64')
-    except KeyError:
-        msg['Content-Transfer-Encoding'] = 'base64'
+    encoding = msg.get('Content-Transfer-Encoding', None)
+    # XXX Python's email module can only decode quoted-printable, base64 and
+    # uuencoded data, so we might have to implement other decoding schemes in
+    # order to support RFC 3156 properly and correctly calculate signatures
+    # for multipart attachments (eg. 7bit or 8bit encoded attachments). For
+    # now, if content is already encoded as base64 or if it is encoded with
+    # some unknown encoding, we just pass.
+    if encoding is None or encoding.lower() in ['quoted-printable',
+            'x-uuencode', 'uue', 'x-uue']:
+        orig = msg.get_payload(decode=True)
+        encdata = _bencode(orig)
+        msg.set_payload(encdata)
+        # replace or set the Content-Transfer-Encoding header.
+        try:
+            msg.replace_header('Content-Transfer-Encoding', 'base64')
+        except KeyError:
+            msg['Content-Transfer-Encoding'] = 'base64'
+    elif encoding is not 'base64':
+        log.err('Unknown content-transfer-encoding: %s' % encoding)
 
 
 def encode_base64_rec(msg):
-- 
cgit v1.2.3