summaryrefslogtreecommitdiffstats
path: root/extensions
diff options
context:
space:
mode:
authorByron Jones <bjones@mozilla.com>2012-03-22 07:08:43 +0100
committerByron Jones <bjones@mozilla.com>2012-03-22 07:08:43 +0100
commit26013888080a0b969390e119d99ddbfb3b1b6b46 (patch)
treedbffa374745f7641acdf09e13a978693709c96f2 /extensions
parente1097806541f0cab4e0abff765a1db8cd4d723c2 (diff)
downloadbugzilla-26013888080a0b969390e119d99ddbfb3b1b6b46.tar.gz
bugzilla-26013888080a0b969390e119d99ddbfb3b1b6b46.tar.xz
Bug 737401: include the real subject inside encrypted body
Diffstat (limited to 'extensions')
-rw-r--r--extensions/SecureMail/Extension.pm54
1 files changed, 27 insertions, 27 deletions
diff --git a/extensions/SecureMail/Extension.pm b/extensions/SecureMail/Extension.pm
index 5abc1eeb1..7cf51e544 100644
--- a/extensions/SecureMail/Extension.pm
+++ b/extensions/SecureMail/Extension.pm
@@ -258,40 +258,31 @@ sub mailer_before_send {
}
sub _make_secure {
- my ($email, $key, $is_bugmail) = @_;
+ my ($email, $key, $sanitise_subject) = @_;
- my $bug_id = undef;
my $subject = $email->header('Subject');
+ my ($bug_id) = $subject =~ /^\D+(\d+)/;
- # We only change the subject if it's a bugmail; password mails don't have
- # confidential information in the subject.
- if ($is_bugmail) {
- $subject =~ /^[^\d]+(\d+)/;
- $bug_id = $1;
-
- my $new_subject = $subject;
- # This is designed to still work if the admin changes the word
- # 'bug' to something else. However, it could break if they change
- # the format of the subject line in another way.
- $new_subject =~ s/($bug_id\])\s+(.*)$/$1 (Secure bug updated)/;
- $email->header_set('Subject', $new_subject);
+ my $key_type = 0;
+ if ($key && $key =~ /PUBLIC KEY/) {
+ $key_type = 'PGP';
+ }
+ elsif ($key && $key =~ /BEGIN CERTIFICATE/) {
+ $key_type = 'S/MIME';
}
- if ($key && $key =~ /PUBLIC KEY/) {
+ if ($key_type && $sanitise_subject) {
+ # Subject gets placed in the body so it can still be read
+ my $body = $email->body_str;
+ $body = "Subject: $subject\015\012\015\012" . $body;
+ $email->body_str_set($body);
+ }
+
+ if ($key_type eq 'PGP') {
##################
# PGP Encryption #
##################
- # We need to work with the body as a decoded string as we may
- # modify it
- my $body = $email->body_str;
- if ($is_bugmail) {
- # Subject gets placed in the body so it can still be read
- $body = "Subject: $subject\n\n" . $body;
- }
- # Crypt::OpenPGP requires an encoded string
- $body = encode('UTF8', $body);
-
my $pubring = new Crypt::OpenPGP::KeyRing(Data => $key);
my $pgp = new Crypt::OpenPGP(PubRing => $pubring);
@@ -301,7 +292,7 @@ sub _make_secure {
# We use the CAST5 cipher because the Rijndael (AES) module doesn't
# like us for some reason I don't have time to debug fully.
# ("key must be an untainted string scalar")
- my $encrypted = $pgp->encrypt(Data => $body,
+ my $encrypted = $pgp->encrypt(Data => $email->body,
Recipients => "@",
Cipher => 'CAST5',
Armour => 1);
@@ -312,8 +303,9 @@ sub _make_secure {
else {
$email->body_set('Error during Encryption: ' . $pgp->errstr);
}
+
}
- elsif ($key && $key =~ /BEGIN CERTIFICATE/) {
+ elsif ($key_type eq 'S/MIME') {
#####################
# S/MIME Encryption #
#####################
@@ -352,6 +344,14 @@ sub _make_secure {
$email->body_set($message);
}
+
+ if ($sanitise_subject) {
+ # This is designed to still work if the admin changes the word
+ # 'bug' to something else. However, it could break if they change
+ # the format of the subject line in another way.
+ $subject =~ s/($bug_id\])\s+(.*)$/$1 (Secure bug updated)/;
+ $email->header_set('Subject', $subject);
+ }
}
__PACKAGE__->NAME;