From 6adcfccbce3a18928e66b7886695a44cbb1a5b75 Mon Sep 17 00:00:00 2001 From: Eduardo Chappa Date: Wed, 15 Aug 2018 21:08:56 -0600 Subject: * S/MIME: Some clients do not transform messages to canonical form when signing first and encrypting second, which makes Alpine fail to parse the signed data after encryption. Reported by Holger Trapp. --- pith/pine.hlp | 6 +++++- pith/smime.c | 34 +++++++++++++++++++++++++++++++--- 2 files changed, 36 insertions(+), 4 deletions(-) (limited to 'pith') diff --git a/pith/pine.hlp b/pith/pine.hlp index 158e8dc8..074558fe 100644 --- a/pith/pine.hlp +++ b/pith/pine.hlp @@ -140,7 +140,7 @@ with help text for the config screen and the composer that didn't have any reasonable place to be called from. Dummy change to get revision in pine.hlp ============= h_revision ================= -Alpine Commit 300 2018-08-12 22:34:18 +Alpine Commit 301 2018-08-15 21:08:38 ============= h_news ================= @@ -211,6 +211,10 @@ and wait for the connection to recover. multipart/signed, Alpine will include the text of the original message in a reply message, instead of including a multipart attachment. Suggested by Barry Landy. + +
  • S/MIME: Some clients do not transform messages to canonical form when +signing first and encrypting second, which makes Alpine fail to parse the +signed data after encryption. Reported by Holger Trapp.

    diff --git a/pith/smime.c b/pith/smime.c index f8e5829d..77376d5a 100644 --- a/pith/smime.c +++ b/pith/smime.c @@ -3418,14 +3418,40 @@ do_decoding(BODY *b, long msgno, const char *section) char *bstart; STRING s; BUF_MEM *bptr = NULL; + int we_free = 0; BIO_get_mem_ptr(out, &bptr); if(bptr) - h = bptr->data; + h = bptr->data; /* look for start of body */ bstart = strstr(h, "\r\n\r\n"); + if(!bstart){ + /* + * Some clients do not canonicalize before encrypting, so + * look for "\n\n" instead. + */ + bstart = strstr(h, "\n\n"); + if(bstart){ + int lines; + char *s, *t; + for(lines = 0, bstart = h; (bstart = strchr(bstart, '\n')) != NULL; + bstart++, lines++); + h = t = fs_get(strlen(bptr->data) + lines + 1); + we_free++; + for(s = bptr->data; *s != '\0'; s++) + if(*s == '\n' && *(s-1) != '\r'){ + *t++ = '\r'; + *t++ = '\n'; + } + else + *t++ = *s; + *t = '\0'; + bstart = strstr(h, "\r\n\r\n"); + } + } + if(!bstart){ q_status_message(SM_ORDER, 3, 3, _("Encrypted data couldn't be parsed.")); } @@ -3463,7 +3489,7 @@ do_decoding(BODY *b, long msgno, const char *section) b->type = TYPEMULTIPART; if(b->subtype) - fs_give((void**) &b->subtype); + fs_give((void **) &b->subtype); /* * This subtype is used in mailview.c to annotate the display of @@ -3474,7 +3500,7 @@ do_decoding(BODY *b, long msgno, const char *section) b->encoding = ENC8BIT; if(b->description) - fs_give((void**) &b->description); + fs_give((void **) &b->description); b->description = cpystr(what_we_did); @@ -3503,6 +3529,8 @@ do_decoding(BODY *b, long msgno, const char *section) modified_the_body = 1; } + if(we_free) + fs_give((void **) &h); } end: -- cgit v1.2.3-54-g00ecf