aboutsummaryrefslogtreecommitdiffstats
path: root/worker/lib
diff options
context:
space:
mode:
authorKoni Marti <koni.marti@gmail.com>2022-04-22 13:38:41 +0200
committerRobin Jarry <robin@jarry.cc>2022-04-25 12:31:33 +0200
commit698c0957d7f7ad6a4461120853102b38a76d0780 (patch)
treeca339fa48b0ba2e658c33ae5662a5e8dc4ec72e1 /worker/lib
parent5e5d5a0d1f2d8ba6b7224a665248b0d22176d3a9 (diff)
downloadaerc-698c0957d7f7ad6a4461120853102b38a76d0780.tar.gz
pgp: ensure CRLF line endings in pgpmail reader
Ensure CRLF line endings in the pgpmail reader. Fix the pgp signature verification for maildir and notmuch. These backends do not return the full message body with CRLF line endings. But the accepted OpenPGP convention is for signed data to end with a <CR><LF> sequence (see RFC3156). If this is not the case the signed and transmitted data are considered not the same and thus signature verification fails. Link: https://datatracker.ietf.org/doc/html/rfc3156 Reported-by: Tim Culverhouse <tim@timculverhouse.com> Signed-off-by: Koni Marti <koni.marti@gmail.com> Tested-by: Tim Culverhouse <tim@timculverhouse.com>
Diffstat (limited to 'worker/lib')
-rw-r--r--worker/lib/parse.go11
1 files changed, 11 insertions, 0 deletions
diff --git a/worker/lib/parse.go b/worker/lib/parse.go
index 1c0e413c..5d95046c 100644
--- a/worker/lib/parse.go
+++ b/worker/lib/parse.go
@@ -1,6 +1,7 @@
package lib
import (
+ "bufio"
"bytes"
"errors"
"fmt"
@@ -271,3 +272,13 @@ func MessageInfo(raw RawMessage) (*models.MessageInfo, error) {
Error: parseErr,
}, nil
}
+
+// NewCRLFReader returns a reader with CRLF line endings
+func NewCRLFReader(r io.Reader) io.Reader {
+ var buf bytes.Buffer
+ scanner := bufio.NewScanner(r)
+ for scanner.Scan() {
+ buf.WriteString(scanner.Text() + "\r\n")
+ }
+ return &buf
+}