From afb0b11dcd08aa9091be1d89e1c2a9fe6b0e11f0 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Sat, 20 Apr 2019 13:02:57 -0400 Subject: [PATCH] crypto: Avoid pretending to verify signatures on unsigned encrypted mail Unsigned encrypted mail shows up with a weird empty signature list. If we successfully decrypted and there was no signature in it, we should just not show a sigstatus at all. The documentation for g_mime_decrypt_result_get_signatures says: a GMimeSignatureList or NULL if the stream was not signed. --- mime-node.c | 2 +- test/T350-crypto.sh | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/mime-node.c b/mime-node.c index 2a24e537..1bfb479b 100644 --- a/mime-node.c +++ b/mime-node.c @@ -218,12 +218,12 @@ node_decrypt_and_verify (mime_node_t *node, GMimeObject *part, } node->decrypt_success = true; - node->verify_attempted = true; if (decrypt_result) { /* This may be NULL if the part is not signed. */ node->sig_list = g_mime_decrypt_result_get_signatures (decrypt_result); if (node->sig_list) { + node->verify_attempted = true; g_object_ref (node->sig_list); set_signature_list_destructor (node); } diff --git a/test/T350-crypto.sh b/test/T350-crypto.sh index 7b10f434..2f793e96 100755 --- a/test/T350-crypto.sh +++ b/test/T350-crypto.sh @@ -269,7 +269,6 @@ expected='[[[{"id": "XXXXX", "Date": "Sat, 01 Jan 2000 12:00:00 +0000"}, "body": [{"id": 1, "encstatus": [{"status": "good"}], - "sigstatus": [], "content-type": "multipart/encrypted", "content": [{"id": 2, "content-type": "application/pgp-encrypted", -- 2.43.0