Changeset 2354e9a


Ignore:
Timestamp:
May 10, 2012, 1:18:33 AM (12 years ago)
Author:
David Benjamin <davidben@mit.edu>
Branches:
master, release-1.10, release-1.9
Children:
7a51fb4, 06470d7, 70a76f3
Parents:
3442788
Message:
If zcrypt fails to decrypt, strip away the zcrypt opcode

Otherwise you can make a message look encrypted by sending it with a
faked 'crypt' opcode. It also confuses the reply command. Replace it
with 'failed-decrypt' just so it shows up in the UI somehow. Perhaps
someone can write perl code to retry zcrypt on all messages with that
opcode.

Also has the side effect of marking gibberish so the user has some hope
of realizing what happened if they sub to a zcrypted class without the
key.

And initialize out to NULL since there's actually a codepath where that
value never gets set.

Reported-by: Melissa Hunt <wings@mit.edu>
File:
1 edited

Legend:

Unmodified
Added
Removed
  • message.c

    r97cdbaf5 r2354e9a  
    881881      NULL
    882882    };
    883     char *out;
     883    char *out = NULL;
    884884    int rv;
    885885    int status;
     
    898898      }
    899899      owl_message_set_body(m, out);
    900       g_free(out);
    901     } else if(out) {
    902       g_free(out);
    903     }
     900    } else {
     901      /* Replace the opcode. Otherwise the UI and other bits of code think the
     902       * message was encrypted. */
     903      owl_message_set_opcode(m, "failed-decrypt");
     904    }
     905    g_free(out);
    904906  }
    905907
Note: See TracChangeset for help on using the changeset viewer.