From 9b7b4e7595ca7a2798f48555d78f7242c42fde55 Mon Sep 17 00:00:00 2001 From: Vsevolod Stakhov Date: Sun, 5 Oct 2025 15:57:35 +0100 Subject: [PATCH] [Fix] Add fallback when only one specific encryption key is set When only read_encryption_key or write_encryption_key is configured without a general encryption_key, the unspecified operation type was left with NULL keys. Now if only one specific key is set, it's used for both read and write operations as a fallback, ensuring encryption works in all configurations. --- src/plugins/fuzzy_check.c | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/src/plugins/fuzzy_check.c b/src/plugins/fuzzy_check.c index f924ac8716..b5fcd5b4cd 100644 --- a/src/plugins/fuzzy_check.c +++ b/src/plugins/fuzzy_check.c @@ -687,6 +687,20 @@ fuzzy_parse_rule(struct rspamd_config *cfg, const ucl_object_t *obj, rule->write_local_key = rspamd_keypair_ref(rule->local_key); } + /* Fallback: if only one specific key is set, use it for both operations */ + if (!rule->read_peer_key && rule->write_peer_key) { + /* No read key, but write key exists - use write key for read */ + rule->read_peer_key = rspamd_pubkey_ref(rule->write_peer_key); + rule->read_local_key = rspamd_keypair_ref(rule->write_local_key); + msg_info_config("using write encryption key for read operations in rule %s", name); + } + if (!rule->write_peer_key && rule->read_peer_key) { + /* No write key, but read key exists - use read key for write */ + rule->write_peer_key = rspamd_pubkey_ref(rule->read_peer_key); + rule->write_local_key = rspamd_keypair_ref(rule->read_local_key); + msg_info_config("using read encryption key for write operations in rule %s", name); + } + if ((value = ucl_object_lookup(obj, "learn_condition")) != NULL) { lua_script = ucl_object_tostring(value); -- 2.47.3