From: Aki Tuomi Date: Fri, 18 Mar 2022 08:01:49 +0000 (+0200) Subject: mail-crypt: fs-crypt - Require public_key for encryption X-Git-Tag: 2.4.0~4208 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=bfbf360caadc9404a4d68dfb3c489fe916359d22;p=thirdparty%2Fdovecot%2Fcore.git mail-crypt: fs-crypt - Require public_key for encryption Adds parameter maybe to allow not requiring it. --- diff --git a/src/plugins/mail-crypt/fs-crypt-common.c b/src/plugins/mail-crypt/fs-crypt-common.c index 72cde6dd90..8ce18d98e6 100644 --- a/src/plugins/mail-crypt/fs-crypt-common.c +++ b/src/plugins/mail-crypt/fs-crypt-common.c @@ -18,6 +18,7 @@ struct crypt_fs { struct fs fs; struct mail_crypt_global_keys keys; bool keys_loaded; + bool allow_missing_keys; char *enc_algo; char *set_prefix; @@ -77,7 +78,11 @@ fs_crypt_init(struct fs *_fs, const char *args, const struct fs_settings *set, if (p == NULL) break; arg = t_strdup_until(args, p); - if ((value = strchr(arg, '=')) == NULL) + if (strcmp(arg, "maybe") == 0) { + fs->allow_missing_keys = TRUE; + args = p + 1; + continue; + } else if ((value = strchr(arg, '=')) == NULL) break; arg = t_strdup_until(arg, value++); args = p+1; @@ -293,7 +298,11 @@ static void fs_crypt_write_stream(struct fs_file *_file) } if (file->fs->keys.public_key == NULL) { - if (_file->fs->set.debug) + if (!file->fs->allow_missing_keys) { + _file->output = o_stream_create_error_str(EINVAL, + "Encryption required, but no public key available"); + return; + } else if (_file->fs->set.debug) i_debug("No public key provided, " "NOT encrypting stream %s", fs_file_path(_file));