diff options
| author | Byron Jones <bjones@mozilla.com> | 2012-03-22 07:08:43 +0100 |
|---|---|---|
| committer | Byron Jones <bjones@mozilla.com> | 2012-03-22 07:08:43 +0100 |
| commit | 26013888080a0b969390e119d99ddbfb3b1b6b46 (patch) | |
| tree | dbffa374745f7641acdf09e13a978693709c96f2 | |
| parent | e1097806541f0cab4e0abff765a1db8cd4d723c2 (diff) | |
| download | bugzilla-26013888080a0b969390e119d99ddbfb3b1b6b46.tar.gz bugzilla-26013888080a0b969390e119d99ddbfb3b1b6b46.tar.xz | |
Bug 737401: include the real subject inside encrypted body
| -rw-r--r-- | extensions/SecureMail/Extension.pm | 54 |
1 files changed, 27 insertions, 27 deletions
diff --git a/extensions/SecureMail/Extension.pm b/extensions/SecureMail/Extension.pm index 5abc1eeb1..7cf51e544 100644 --- a/extensions/SecureMail/Extension.pm +++ b/extensions/SecureMail/Extension.pm @@ -258,40 +258,31 @@ sub mailer_before_send { } sub _make_secure { - my ($email, $key, $is_bugmail) = @_; + my ($email, $key, $sanitise_subject) = @_; - my $bug_id = undef; my $subject = $email->header('Subject'); + my ($bug_id) = $subject =~ /^\D+(\d+)/; - # We only change the subject if it's a bugmail; password mails don't have - # confidential information in the subject. - if ($is_bugmail) { - $subject =~ /^[^\d]+(\d+)/; - $bug_id = $1; - - my $new_subject = $subject; - # This is designed to still work if the admin changes the word - # 'bug' to something else. However, it could break if they change - # the format of the subject line in another way. - $new_subject =~ s/($bug_id\])\s+(.*)$/$1 (Secure bug updated)/; - $email->header_set('Subject', $new_subject); + my $key_type = 0; + if ($key && $key =~ /PUBLIC KEY/) { + $key_type = 'PGP'; + } + elsif ($key && $key =~ /BEGIN CERTIFICATE/) { + $key_type = 'S/MIME'; } - if ($key && $key =~ /PUBLIC KEY/) { + if ($key_type && $sanitise_subject) { + # Subject gets placed in the body so it can still be read + my $body = $email->body_str; + $body = "Subject: $subject\015\012\015\012" . $body; + $email->body_str_set($body); + } + + if ($key_type eq 'PGP') { ################## # PGP Encryption # ################## - # We need to work with the body as a decoded string as we may - # modify it - my $body = $email->body_str; - if ($is_bugmail) { - # Subject gets placed in the body so it can still be read - $body = "Subject: $subject\n\n" . $body; - } - # Crypt::OpenPGP requires an encoded string - $body = encode('UTF8', $body); - my $pubring = new Crypt::OpenPGP::KeyRing(Data => $key); my $pgp = new Crypt::OpenPGP(PubRing => $pubring); @@ -301,7 +292,7 @@ sub _make_secure { # We use the CAST5 cipher because the Rijndael (AES) module doesn't # like us for some reason I don't have time to debug fully. # ("key must be an untainted string scalar") - my $encrypted = $pgp->encrypt(Data => $body, + my $encrypted = $pgp->encrypt(Data => $email->body, Recipients => "@", Cipher => 'CAST5', Armour => 1); @@ -312,8 +303,9 @@ sub _make_secure { else { $email->body_set('Error during Encryption: ' . $pgp->errstr); } + } - elsif ($key && $key =~ /BEGIN CERTIFICATE/) { + elsif ($key_type eq 'S/MIME') { ##################### # S/MIME Encryption # ##################### @@ -352,6 +344,14 @@ sub _make_secure { $email->body_set($message); } + + if ($sanitise_subject) { + # This is designed to still work if the admin changes the word + # 'bug' to something else. However, it could break if they change + # the format of the subject line in another way. + $subject =~ s/($bug_id\])\s+(.*)$/$1 (Secure bug updated)/; + $email->header_set('Subject', $subject); + } } __PACKAGE__->NAME; |