Tickets :: [#865] Encryption only works for one recipient

6.0.0-beta1

7/29/25

Summary	Encryption only works for one recipient
Queue	IMP
Queue Version	HEAD
Type	Enhancement
State	Resolved
Priority	1. Low
Owners	slusarz (at) horde (dot) org
Requester	ctnpublic-horde (at) yahoo (dot) com
Created	11/20/2004 (7556 days ago)
Due
Updated	11/30/2004 (7546 days ago)
Assigned	11/20/2004 (7556 days ago)
Resolved	11/30/2004 (7546 days ago)
Milestone
Patch	No

11/30/2004 01:14:00 AM	Michael Slusarz	Comment #9 State ⇒ Resolved	Reply to this comment
This has been implemented in IMP H3 (4.0 RC2).

11/24/2004 09:07:26 PM	Michael Slusarz	Comment #8	Reply to this comment
Fixed the bug in a slightly different way, which is much more robust - your way of splitting isn't RFC822 compliant since it may split in the middle of the name part of the email address (i.e. '"Bar, Foo" <foobar@example.com>' would be split to '"Bar' and ' Foo" <foobar@example.com'. Additionally, compose.php does not recognize a semicolon as a valid delimiter (as stated in the help window).

11/24/2004 12:33:51 PM	ctnpublic-horde (at) yahoo (dot) com	Comment #7	Reply to this comment
Thanks for the quick responses. imp/compose.php now needs this for multiple recipients to work. Without it, $recipientArray[0] still contains the entire "to" list, $recipientArray[1] the entire "cc" list, etc. Index: imp/compose.php =================================================================== RCS file: /repository/imp/compose.php,v retrieving revision 2.791 diff -u -r2.791 compose.php --- imp/compose.php 24 Nov 2004 07:51:24 -0000 2.791 +++ imp/compose.php 24 Nov 2004 12:29:04 -0000 @@ -772,6 +772,7 @@ break; } $recipients = implode(', ', $recipientArray); + $recipientArray = split("[,;]", $recipients); /* Get identity information now as it is needed for some of the encryption * code. */

11/24/2004 07:52:20 AM	Michael Slusarz	Comment #6	Reply to this comment
Just committed code to allow us to do the things I mentioned previously. Hopefully this will fix this bug - let me know if there are any problems.

11/24/2004 05:53:12 AM	Michael Slusarz	Comment #5	Reply to this comment
Then again, the more I think about this the more I think we need to implement this. Retricting a user to one recipient when sending an encrypted message, and not allowing the user to be able to decrypt the sent message, is an awfully big limitation...

11/23/2004 07:39:49 PM	Michael Slusarz	Comment #4 State ⇒ Accepted Priority ⇒ 1. Low	Reply to this comment
I'm going to hold off on this until after 4.0 released. This would touch too much code that currently works fine this late in the release cycle. I have already fixed the S/MIME/public key error checking code.

11/20/2004 05:00:07 AM	Chuck Hagenbuch	Assigned to Michael Slusarz State ⇒ Assigned

11/20/2004 04:49:20 AM	ctnpublic-horde (at) yahoo (dot) com	Comment #3 New Attachment: imp.compose.php.diff.2	Reply to this comment
I found that the imp/compose.php S/MIME encryption was not doing error-checking for, e.g., not having recipient's public key. The attached patches that in addition to the previous comment's.

11/20/2004 03:37:18 AM	ctnpublic-horde (at) yahoo (dot) com	Comment #2 New Attachment: imp.compose.php.diff	Reply to this comment
This patch rearranges the send_message actionID handling to accomplish that. It works for me, but is not fully tested.

11/20/2004 03:32:28 AM	ctnpublic-horde (at) yahoo (dot) com	Comment #1 Priority ⇒ 3. High Type ⇒ Enhancement Summary ⇒ Encryption only works for one recipient Queue ⇒ IMP State ⇒ New	Reply to this comment
While you're at it please look into this enhancement. Currently imp/compose.php can only encrypt for one recipient. Also, the saved message is encrypted for that same recipient, meaning the sender cannot read it. Suggestion is to target encryption to each recipient, as well as target the saved message for the sender. Fail if any of the encryption fails, which is a reasonable response.