Commit 900995e4 authored by Ingo Klöcker's avatar Ingo Klöcker
Browse files

Ignore protocol-specific overrides if common overrides are given

If a common override for an address is given, then the protocol-specific
overrides for this address are ignored.

GnuPG-bug-id: 5283
parent ff7dbb41
......@@ -381,6 +381,39 @@ private Q_SLOTS:
QCOMPARE(resolver.encryptionKeys().value(UnknownProtocol).value("sender-mixed@example.net")[1].primaryFingerprint(), override2);
}
void test_common_overrides_override_protocol_specific_overrides()
{
const QString override1 = testKey("full-validity@example.net", OpenPGP).primaryFingerprint();
const QString override2 = testKey("full-validity@example.net", CMS).primaryFingerprint();
KeyResolverCore resolver(/*encrypt=*/ true, /*sign=*/ true);
resolver.setSender(QStringLiteral("sender-mixed@example.net"));
resolver.setRecipients({"sender-openpgp@example.net", "sender-smime@example.net"});
resolver.setOverrideKeys({
{OpenPGP, {
{QStringLiteral("sender-openpgp@example.net"), {testKey("prefer-openpgp@example.net", OpenPGP).primaryFingerprint()}}
}},
{CMS, {
{QStringLiteral("sender-smime@example.net"), {testKey("prefer-smime@example.net", CMS).primaryFingerprint()}}
}},
{UnknownProtocol, {
{QStringLiteral("sender-openpgp@example.net"), {override1}},
{QStringLiteral("sender-smime@example.net"), {override2}}
}}
});
const bool success = resolver.resolve();
QVERIFY(success);
QCOMPARE(resolver.encryptionKeys().value(OpenPGP).value("sender-openpgp@example.net").size(), 1);
QCOMPARE(resolver.encryptionKeys().value(OpenPGP).value("sender-openpgp@example.net")[0].primaryFingerprint(), override1);
QCOMPARE(resolver.encryptionKeys().value(UnknownProtocol).value("sender-openpgp@example.net").size(), 1);
QCOMPARE(resolver.encryptionKeys().value(UnknownProtocol).value("sender-openpgp@example.net")[0].primaryFingerprint(), override1);
QCOMPARE(resolver.encryptionKeys().value(CMS).value("sender-smime@example.net").size(), 1);
QCOMPARE(resolver.encryptionKeys().value(CMS).value("sender-smime@example.net")[0].primaryFingerprint(), override2);
QCOMPARE(resolver.encryptionKeys().value(UnknownProtocol).value("sender-smime@example.net").size(), 1);
QCOMPARE(resolver.encryptionKeys().value(UnknownProtocol).value("sender-smime@example.net")[0].primaryFingerprint(), override2);
}
private:
Key testKey(const char *email, Protocol protocol = UnknownProtocol)
{
......
......@@ -224,7 +224,30 @@ void KeyResolverCore::Private::setOverrideKeys(const QMap<Protocol, QMap<QString
}
}
// Apply the overrides this is also where specific formats come in
namespace
{
std::vector<Key> resolveOverride(const QString &address, Protocol protocol, const QStringList &fingerprints)
{
std::vector<Key> keys;
for (const auto &fprOrId: fingerprints) {
const Key key = KeyCache::instance()->findByKeyIDOrFingerprint(fprOrId.toUtf8().constData());
if (key.isNull()) {
// FIXME: Report to caller
qCDebug (LIBKLEO_LOG) << "Failed to find override key for:" << address << "fpr:" << fprOrId;
continue;
}
if (protocol != UnknownProtocol && key.protocol() != protocol) {
qCDebug(LIBKLEO_LOG) << "Ignoring key" << Formatting::summaryLine(key) << "given as" << Formatting::displayName(protocol) << "override for"
<< address;
continue;
}
qCDebug(LIBKLEO_LOG) << "Using key" << Formatting::summaryLine(key) << "as" << Formatting::displayName(protocol) << "override for" << address;
keys.push_back(key);
}
return keys;
}
}
void KeyResolverCore::Private::resolveOverrides()
{
if (!mEncrypt) {
......@@ -241,31 +264,22 @@ void KeyResolverCore::Private::resolveOverrides()
continue;
}
for (auto protocolIt = protocolFingerprintsMap.cbegin(); protocolIt != protocolFingerprintsMap.cend(); ++protocolIt) {
const Protocol protocol = protocolIt.key();
const QStringList &fingerprints = protocolIt.value();
if ((mFormat == OpenPGP && protocol == CMS) ||
(mFormat == CMS && protocol == OpenPGP)) {
// Skip overrides for the wrong format
continue;
const QStringList commonOverride = protocolFingerprintsMap.value(UnknownProtocol);
if (!commonOverride.empty()) {
mEncKeys[address][UnknownProtocol] = resolveOverride(address, UnknownProtocol, commonOverride);
if (protocolFingerprintsMap.contains(OpenPGP)) {
qCDebug(LIBKLEO_LOG) << "Ignoring OpenPGP-specific override for" << address << "in favor of common override";
}
std::vector<Key> keys;
for (const auto &fprOrId: fingerprints) {
const Key key = mCache->findByKeyIDOrFingerprint(fprOrId.toUtf8().constData());
if (key.isNull()) {
qCDebug (LIBKLEO_LOG) << "Failed to find override key for:" << address
<< "fpr:" << fprOrId;
continue;
}
if (protocol != UnknownProtocol && key.protocol() != protocol) {
qCDebug(LIBKLEO_LOG) << "Ignoring key" << Formatting::summaryLine(key) << "given as" << Formatting::displayName(protocol) << "override for"
<< address;
continue;
}
qCDebug(LIBKLEO_LOG) << "Using key" << Formatting::summaryLine(key) << "as" << Formatting::displayName(protocol) << "override for" << address;
keys.push_back(key);
if (protocolFingerprintsMap.contains(CMS)) {
qCDebug(LIBKLEO_LOG) << "Ignoring S/MIME-specific override for" << address << "in favor of common override";
}
} else {
if (mFormat != CMS) {
mEncKeys[address][OpenPGP] = resolveOverride(address, OpenPGP, protocolFingerprintsMap.value(OpenPGP));
}
if (mFormat != OpenPGP) {
mEncKeys[address][CMS] = resolveOverride(address, CMS, protocolFingerprintsMap.value(CMS));
}
mEncKeys[address][protocol] = keys;
}
}
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment