6.0.0-git
2019-03-19

[#11085] PGP Encrypted e-mails are only encrypted with the senders public key
Summary PGP Encrypted e-mails are only encrypted with the senders public key
Queue IMP
Queue Version Git master
Type Bug
State No Feedback
Priority 2. Medium
Owners jan (at) horde (dot) org, slusarz (at) horde (dot) org
Requester peter.meier+horde (at) immerda (dot) ch
Created 2012-03-18 (2557 days ago)
Due
Updated 2012-06-01 (2482 days ago)
Assigned 2012-04-18 (2526 days ago)
Resolved 2012-06-01 (2482 days ago)
Milestone
Patch Yes

History
2012-06-01 16:44:55 Jan Schneider State ⇒ No Feedback
 
2012-04-19 06:09:54 Git Commit Comment #13 Reply to this comment
Changes have been made in Git (develop):

commit 0a3d57b3ff73564b79bf35640c3c34bbf9a1732a
Author: Jan Schneider <jan@horde.org>
Date:   Tue Apr 17 15:21:30 2012 +0200

     Revert "[mms] Fix regression in sending PGP encrypted messages 
(Bug #11085)."

     This reverts commit c5540771fc376b2e770d49f8a7a4e0cdfacf65ba.

     Conflicts:

             imp/docs/CHANGES
             imp/lib/Compose.php
             imp/package.xml

  imp/lib/Compose.php |   29 +++++++++++------------------
  1 files changed, 11 insertions(+), 18 deletions(-)

http://git.horde.org/horde-git/-/commit/0a3d57b3ff73564b79bf35640c3c34bbf9a1732a
2012-04-18 10:45:38 Jan Schneider Comment #12
State ⇒ Feedback
Reply to this comment

[Show Quoted Text - 30 lines]
I tracked the code and can't for the life of me see how such a struct 
would end up in the line.
Are you sure you are using the latest IMP *including* my recent 
commit? Are the other libraries up-to-date?
If yes, you need to track down yourself, where this array is coming from.

[Show Quoted Text - 16 lines]
2012-04-17 22:57:36 peter (dot) meier+horde (at) immerda (dot) ch Comment #11 Reply to this comment

[Show Quoted Text - 13 lines]
It's definately weird. Although others had the exact same problem [1] 
& [2], not all seemed to be able to use my patch. But I hoped that my 
proposal will be properly verified and cleaned up if necessary, as I'm 
not very familiar with the horde framework, nor a php programmer. 
Which is what I thought Michael did.

Anyway, let's properly figure out, what goes wrong here and get a fix 
for it. We should probably reopen that ticket, or create a proper one.

[1] http://comments.gmane.org/gmane.comp.horde.user/27529
[2] http://comments.gmane.org/gmane.comp.horde.imp/29408
2012-04-17 22:50:06 peter (dot) meier+horde (at) immerda (dot) ch Comment #10 Reply to this comment
How can we debug that further and provide you with the necessary
information to fix it properly?
Track down where the data is coming from.

Horde::debug() documentation: http://wiki.horde.org/Doc/Dev/DebugH4
Added a
   Horde::debug($to)

statement right in the beginning of _createMimeMessage.

2012-04-18T00:44:01+02:00 DEBUG: Variable information:
array(1) {
   [0]=>
   array(5) {
     ["comment"]=>
     array(0) {
     }
     ["host"]=>
     string(10) "example.com"
     ["mailbox"]=>
     string(2) "foo"
     ["personal"]=>
     NULL
     ["route"]=>
     array(0) {
     }
   }
}

Backtrace:
1. IMP_Ajax_Application->doAction() 
/var/www/vhosts/horde.example.com/www/services/ajax.php:60
2. Horde_Core_Ajax_Application->doAction() 
/var/www/vhosts/horde.example.com/www/imp/lib/Ajax/Application.php:95
3. call_user_func() 
/var/www/vhosts/horde.example.com/pear/php/Horde/Core/Ajax/Application.php:95
4. IMP_Ajax_Application->sendMessage()
5. IMP_Compose->buildAndSendMessage() 
/var/www/vhosts/horde.example.com/www/imp/lib/Ajax/Application.php:1583
6. IMP_Compose->_createMimeMessage() 
/var/www/vhosts/horde.example.com/www/imp/lib/Compose.php:614
7. Horde::debug() 
/var/www/vhosts/horde.example.com/www/imp/lib/Compose.php:1162

If I should provide you with any further information, please let me know.
2012-04-17 16:36:53 Jan Schneider Comment #9 Reply to this comment
How can we debug that further and provide you with the necessary
information to fix it properly?
Also note the remark in #11150 comment 1:
This error does not appear when installing app by app.
So there seems to be some kind of difference what one install.
This doesn't make any sense, webmail *is* the apps installed 
individually. The only difference is that the address book preferences 
in IMP are pre-set. But that doesn't change the data exchanged between 
Turba and IMP.
2012-04-17 16:34:11 Jan Schneider Comment #8 Reply to this comment

[Show Quoted Text - 20 lines]
Track down where the data is coming from.

Horde::debug() documentation: http://wiki.horde.org/Doc/Dev/DebugH4
2012-04-17 15:24:58 peter (dot) meier+horde (at) immerda (dot) ch Comment #7 Reply to this comment
How can we debug that further and provide you with the necessary 
information to fix it properly?
Also note the remark in #11150 comment 1:
This error does not appear when installing app by app.
So there seems to be some kind of difference what one install.
2012-04-17 15:21:19 peter (dot) meier+horde (at) immerda (dot) ch Comment #6 Reply to this comment
Simply reverting Michael's commit (which is an adaption of my proposed 
patch) won't solve this problem. So can we reopen that ticket? PGP 
Encryption is imho in that way still broken, but just at another part.
$to *is* an array of address strings. How did you get address 
objects? This change actually breaks encrypting for the senders, see 
bug #11150.
I don't know how AddressObjects arrive at that part of the codebase, 
but I figured that out, by using var_dump at that location. What I can 
confirm is that my patched solved our problem and works well.

Note my provided log warning about array_flip that fails, how would 
that appear if we would receive an array of strings?
We simply installed horde webmail via pear and had this problem. No 
other modifications were made.

How can we debug that further and provide you with the necessary 
information to fix it properly?
2012-04-17 13:27:03 Jan Schneider Assigned to Jan Schneider
State ⇒ Resolved
 
2012-04-17 13:26:20 Git Commit Comment #5 Reply to this comment
Changes have been made in Git (master):

commit 0a3d57b3ff73564b79bf35640c3c34bbf9a1732a
Author: Jan Schneider <jan@horde.org>
Date:   Tue Apr 17 15:21:30 2012 +0200

     Revert "[mms] Fix regression in sending PGP encrypted messages 
(Bug #11085)."

     This reverts commit c5540771fc376b2e770d49f8a7a4e0cdfacf65ba.

     Conflicts:

             imp/docs/CHANGES
             imp/lib/Compose.php
             imp/package.xml

  imp/lib/Compose.php |   29 +++++++++++------------------
  1 files changed, 11 insertions(+), 18 deletions(-)

http://git.horde.org/horde-git/-/commit/0a3d57b3ff73564b79bf35640c3c34bbf9a1732a
2012-04-17 13:10:26 Jan Schneider Comment #4
State ⇒ Feedback
Reply to this comment
$to *is* an array of address strings. How did you get address objects? 
This change actually breaks encrypting for the senders, see bug #11150.
2012-03-27 19:04:13 Git Commit Comment #3 Reply to this comment
Changes have been made in Git (develop):

commit c5540771fc376b2e770d49f8a7a4e0cdfacf65ba
Author: Michael M Slusarz <slusarz@horde.org>
Date:   Tue Mar 27 13:00:24 2012 -0600

     [mms] Fix regression in sending PGP encrypted messages (Bug #11085).

  imp/docs/CHANGES    |    1 +
  imp/lib/Compose.php |   29 ++++++++++++++++++-----------
  imp/package.xml     |    2 ++
  3 files changed, 21 insertions(+), 11 deletions(-)

http://git.horde.org/horde-git/-/commit/c5540771fc376b2e770d49f8a7a4e0cdfacf65ba
2012-03-27 19:01:23 Michael Slusarz State ⇒ Resolved
Priority ⇒ 2. Medium
 
2012-03-27 19:01:18 Git Commit Comment #2 Reply to this comment
Changes have been made in Git (master):

commit c5540771fc376b2e770d49f8a7a4e0cdfacf65ba
Author: Michael M Slusarz <slusarz@horde.org>
Date:   Tue Mar 27 13:00:24 2012 -0600

     [mms] Fix regression in sending PGP encrypted messages (Bug #11085).

  imp/docs/CHANGES    |    1 +
  imp/lib/Compose.php |   29 ++++++++++++++++++-----------
  imp/package.xml     |    2 ++
  3 files changed, 21 insertions(+), 11 deletions(-)

http://git.horde.org/horde-git/-/commit/c5540771fc376b2e770d49f8a7a4e0cdfacf65ba
2012-03-19 21:16:10 Jan Schneider Assigned to Michael Slusarz
State ⇒ Assigned
 
2012-03-18 17:39:39 peter (dot) meier+horde (at) immerda (dot) ch Comment #1
Type ⇒ Bug
State ⇒ Unconfirmed
Priority ⇒ 3. High
Summary ⇒ PGP Encrypted e-mails are only encrypted with the senders public key
Queue ⇒ IMP
Milestone ⇒
Patch ⇒ Yes
Reply to this comment
https://github.com/duritong/horde/commit/060d02e78824a420235e23327c5883b0ee28fcf2

All e-mails that should be encrypted got only be encrypted with
the senders public key.
This happened, because $to wasn't an array of addresses but rather
an array of AddressObjects, leading to the following warning, when
sending an encrypted e-mail:

WARN: HORDE [imp] PHP ERROR: array_flip() [<a 
href='function.array-flip'>function.array-flip</a>]: Can only flip 
STRING and INTEGER values! [pid 1982 on line 1352 of 
"/var/www/vhosts/horde.example.com/www/imp/lib/Compose.php"]

However, this also means that all the recipients are omitted and
the e-mail is only encrypted with the senders public key.

This patch converts the address objects to e-mail addresses before
passing them to the PGP library.

Saved Queries