From: Kevin McCarthy Date: Wed, 2 Dec 2015 02:20:27 +0000 (-0800) Subject: Loosen mutt_signed_handler() protocol value consistency check. (closes #3639) X-Git-Tag: neomutt-20160404~91 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=3a48715c674da743a38f757e353565e24430420a;p=neomutt Loosen mutt_signed_handler() protocol value consistency check. (closes #3639) Apparently, for S/MIME, some MUAs mismatch the protocol value of the multipart/signed and the content-type of the signature: putting "pkcs7-signature" in one and "x-pkcs7-signature" in the other. Change mutt_signed_handler() to independently verify the values of the protocol and the content-type. This still checks for correct values but doesn't ensure they match between the two (for S/MIME). --- diff --git a/crypt.c b/crypt.c index cec5f88b2..7891c03e4 100644 --- a/crypt.c +++ b/crypt.c @@ -879,9 +879,8 @@ static void crypt_fetch_signatures (BODY ***signatures, BODY *a, int *n) int mutt_signed_handler (BODY *a, STATE *s) { char tempfile[_POSIX_PATH_MAX]; - char *protocol; - int protocol_major = TYPEOTHER; - char *protocol_minor = NULL; + int signed_type; + int inconsistent = 0; BODY *b = a; BODY **signatures = NULL; @@ -893,29 +892,44 @@ int mutt_signed_handler (BODY *a, STATE *s) if (!WithCrypto) return -1; - protocol = mutt_get_parameter ("protocol", a->parameter); a = a->parts; - - /* extract the protocol information */ - - if (protocol) + signed_type = mutt_is_multipart_signed (b); + if (!signed_type) { - char major[STRING]; - char *t; - - if ((protocol_minor = strchr (protocol, '/'))) protocol_minor++; - - strfcpy (major, protocol, sizeof(major)); - if((t = strchr(major, '/'))) - *t = '\0'; - - protocol_major = mutt_check_mime_type (major); + /* A null protocol value is already checked for in mutt_body_handler() */ + state_printf (s, _("[-- Error: " + "Unknown multipart/signed protocol %s! --]\n\n"), + mutt_get_parameter ("protocol", b->parameter)); + return mutt_body_handler (a, s); } - /* consistency check */ - - if (!(a && a->next && a->next->type == protocol_major && - !mutt_strcasecmp (a->next->subtype, protocol_minor))) + if (!(a && a->next)) + inconsistent = 1; + else + { + switch (signed_type) + { + case SIGN: + if (a->next->type != TYPEMULTIPART || + ascii_strcasecmp (a->next->subtype, "mixed")) + inconsistent = 1; + break; + case PGPSIGN: + if (a->next->type != TYPEAPPLICATION || + ascii_strcasecmp (a->next->subtype, "pgp-signature")) + inconsistent = 1; + break; + case SMIMESIGN: + if (a->next->type != TYPEAPPLICATION || + (ascii_strcasecmp (a->next->subtype, "x-pkcs7-signature") && + ascii_strcasecmp (a->next->subtype, "pkcs7-signature"))) + inconsistent = 1; + break; + default: + inconsistent = 1; + } + } + if (inconsistent) { state_attach_puts (_("[-- Error: " "Inconsistent multipart/signed structure! --]\n\n"), @@ -923,27 +937,6 @@ int mutt_signed_handler (BODY *a, STATE *s) return mutt_body_handler (a, s); } - - if ((WithCrypto & APPLICATION_PGP) - && protocol_major == TYPEAPPLICATION - && !ascii_strcasecmp (protocol_minor, "pgp-signature")) - ; - else if ((WithCrypto & APPLICATION_SMIME) - && protocol_major == TYPEAPPLICATION - && !(ascii_strcasecmp (protocol_minor, "x-pkcs7-signature") - && ascii_strcasecmp (protocol_minor, "pkcs7-signature"))) - ; - else if (protocol_major == TYPEMULTIPART - && !ascii_strcasecmp (protocol_minor, "mixed")) - ; - else - { - state_printf (s, _("[-- Error: " - "Unknown multipart/signed protocol %s! --]\n\n"), - protocol); - return mutt_body_handler (a, s); - } - if (s->flags & M_DISPLAY) {