diff options
| author | Kevin McCarthy <kevin@8t8.us> | 2019-02-22 13:50:52 -0800 |
|---|---|---|
| committer | Kevin McCarthy <kevin@8t8.us> | 2019-03-04 12:24:43 +0800 |
| commit | 67bdfa3110d22c00fe658ce464a6eb515fbfc590 (patch) | |
| tree | 4ed0693fa4af23db431ea61e60e4b5fc952132f5 /handler.c | |
| parent | 128baa52e5ad912e3127926937934e1cb8d31c5f (diff) | |
Add $include_encrypted config to prevent reply-decryption attack.
@jensvoid, in cooperation with Ruhr-Uni Bochum and FH Münster,
Germany, reported a possible "Oracle decryption" attack on various
mail clients. An attacker could include previously encrypted contents
they obtained access to, and include it in a message. Replying
without trimming would include the decrypted contents.
This attack relies on several "ifs", and is more dangerous for clients
that compose HTML mail. However, it is still an issue that an
unwary/busy Mutt user could fall for.
Add a new config $include_encrytped, defaulting off, to reduce the
possibility of the user being unaware of previously encrypted parts in
the reply. Only the main initial encrypted part will be included in
the reply.
Diffstat (limited to 'handler.c')
| -rw-r--r-- | handler.c | 21 |
1 files changed, 15 insertions, 6 deletions
@@ -1750,7 +1750,7 @@ static int malformed_pgp_encrypted_handler (BODY *b, STATE *s) int mutt_body_handler (BODY *b, STATE *s) { int plaintext = 0; - handler_t handler = NULL; + handler_t handler = NULL, encrypted_handler = NULL; int rc = 0; int oflags = s->flags; @@ -1770,7 +1770,7 @@ int mutt_body_handler (BODY *b, STATE *s) * the only operation needed. */ if ((WithCrypto & APPLICATION_PGP) && mutt_is_application_pgp (b)) - handler = crypt_pgp_application_pgp_handler; + encrypted_handler = handler = crypt_pgp_application_pgp_handler; else if (option(OPTREFLOWTEXT) && ascii_strcasecmp ("flowed", mutt_get_parameter ("format", b->parameter)) == 0) handler = rfc3676_handler; else @@ -1806,9 +1806,9 @@ int mutt_body_handler (BODY *b, STATE *s) handler = mutt_signed_handler; } else if (mutt_is_valid_multipart_pgp_encrypted (b)) - handler = valid_pgp_encrypted_handler; + encrypted_handler = handler = valid_pgp_encrypted_handler; else if (mutt_is_malformed_multipart_pgp_encrypted (b)) - handler = malformed_pgp_encrypted_handler; + encrypted_handler = handler = malformed_pgp_encrypted_handler; if (!handler) handler = multipart_handler; @@ -1830,9 +1830,9 @@ int mutt_body_handler (BODY *b, STATE *s) plaintext = 1; } else if ((WithCrypto & APPLICATION_PGP) && mutt_is_application_pgp (b)) - handler = crypt_pgp_application_pgp_handler; + encrypted_handler = handler = crypt_pgp_application_pgp_handler; else if ((WithCrypto & APPLICATION_SMIME) && mutt_is_application_smime(b)) - handler = crypt_smime_application_smime_handler; + encrypted_handler = handler = crypt_smime_application_smime_handler; } /* only respect disposition == attachment if we're not @@ -1841,6 +1841,14 @@ int mutt_body_handler (BODY *b, STATE *s) option(OPTVIEWATTACH))) && (plaintext || handler)) { + /* Prevent encrypted attachments from being included in replies + * unless $include_encrypted is set. */ + if ((s->flags & MUTT_REPLYING) && + (s->flags & MUTT_FIRSTDONE) && + encrypted_handler && + !option (OPTINCLUDEENCRYPTED)) + goto cleanup; + rc = run_decode_and_handler (b, s, handler, plaintext); } /* print hint to use attachment menu for disposition == attachment @@ -1868,6 +1876,7 @@ int mutt_body_handler (BODY *b, STATE *s) fputs (" --]\n", s->fpout); } +cleanup: s->flags = oflags | (s->flags & MUTT_FIRSTDONE); if (rc) { |