[evolution-data-server] I#377 - Camel: Use contact certificate unconditionally in S/MIME encryption

From: Milan Crha <mcrha src gnome org>
To: commits-list gnome org
Cc:
Subject: [evolution-data-server] I#377 - Camel: Use contact certificate unconditionally in S/MIME encryption
Date: Mon, 21 Feb 2022 16:31:33 +0000 (UTC)

commit a133279cebe9a2c5ccea82024f65853a1b4c1e0c
Author: Milan Crha <mcrha redhat com>
Date:   Mon Feb 21 17:29:55 2022 +0100

    I#377 - Camel: Use contact certificate unconditionally in S/MIME encryption
    
    Closes https://gitlab.gnome.org/GNOME/evolution-data-server/-/issues/377

 src/camel/camel-smime-context.c | 28 ++++++++++++++++------------
 1 file changed, 16 insertions(+), 12 deletions(-)
---
diff --git a/src/camel/camel-smime-context.c b/src/camel/camel-smime-context.c
index 7b05f00e2..bc2a24f7e 100644
--- a/src/camel/camel-smime-context.c
+++ b/src/camel/camel-smime-context.c
@@ -1250,18 +1250,12 @@ smime_context_encrypt_sync (CamelCipherContext *context,
                goto fail;
        }
 
-       frd.recipients_table = g_hash_table_new (camel_strcase_hash, camel_strcase_equal);
-       for (i = 0; i < recipients->len; i++) {
-               g_hash_table_insert (
-                               frd.recipients_table,
-                               recipients->pdata[i],
-                               &recipient_certs[i]);
-       }
-       frd.certs_missing = g_hash_table_size (frd.recipients_table);
        frd.now = PR_Now();
+       frd.recipients_table = g_hash_table_new (camel_strcase_hash, camel_strcase_equal);
+       frd.certs_missing = recipients->len;
 
-       for (link = gathered_certificates; link; link = g_slist_next (link)) {
-               const gchar *certstr = link->data;
+       for (i = 0, link = gathered_certificates; i < recipients->len; i++, link = g_slist_next (link)) {
+               const gchar *certstr = link ? link->data : NULL;
 
                if (certstr && *certstr) {
                        CERTCertificate *cert = NULL;
@@ -1275,11 +1269,21 @@ smime_context_encrypt_sync (CamelCipherContext *context,
 
                        g_free (data);
 
+                       /* Default to the provided certificate, if valid */
                        if (cert) {
-                               camel_smime_find_recipients_certs (cert, NULL, &frd);
-                               CERT_DestroyCertificate (cert);
+                               if (CERT_CheckCertValidTimes (cert, frd.now, PR_FALSE) == secCertTimeValid) {
+                                       recipient_certs[i] = cert;
+                                       frd.certs_missing--;
+                               } else {
+                                       CERT_DestroyCertificate (cert);
+                               }
                        }
                }
+
+               g_hash_table_insert (
+                               frd.recipients_table,
+                               recipients->pdata[i],
+                               &recipient_certs[i]);
        }
 
        g_slist_free_full (gathered_certificates, g_free);

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]