The oppenc changes allow security bits to be set even when not
encrypting or signing (for instance, OPPENCRYPT and INLINE).
mutt_protect() assumed that if INLINE is set, then either ENCRYPT or
SIGN must also be set. Specifically, it would end up inline-signing
the message even though neither was set.
Ensure mutt_protect() is a noop if neither SIGN or ENCRYPT are set.
In ci_send_message(), check for sign or encrypt before calling the
crypt_get_keys() / mutt_protect() block, and also in the fcc section
(since clear_content would be NULL if not).
The second change to the fcc part is somewhat redundant, but better to
be explicit and avoid the case where the subtype is somehow
"encrypted" or "signed" even though msg->security wasn't set thus.
if (!WithCrypto)
return -1;
+ if (!(msg->security & (ENCRYPT | SIGN)))
+ return 0;
+
if ((msg->security & SIGN) && !crypt_valid_passphrase (msg->security))
return (-1);
if (WithCrypto)
{
- if (msg->security)
+ if (msg->security & (ENCRYPT | SIGN))
{
/* save the decrypted attachments */
clear_content = msg->content;
BODY *save_sig = NULL;
BODY *save_parts = NULL;
- if (WithCrypto && msg->security && option (OPTFCCCLEAR))
+ if (WithCrypto && (msg->security & (ENCRYPT | SIGN)) && option (OPTFCCCLEAR))
msg->content = clear_content;
/* check to see if the user wants copies of all attachments */
msg->content->type == TYPEMULTIPART)
{
if (WithCrypto
+ && (msg->security & (ENCRYPT | SIGN))
&& (mutt_strcmp (msg->content->subtype, "encrypted") == 0 ||
mutt_strcmp (msg->content->subtype, "signed") == 0))
{
projects / neomutt / commitdiff