diff --git a/CHANGELOG b/CHANGELOG index 1182327ec..c3e90d0db 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -28,6 +28,7 @@ CHANGELOG Roundcube Webmail - Managesieve: Fix bug where global includes were requested for vacation (#6716) - Managesieve: Use RFC-compliant line endings, CRLF instead of LF (#6686) - Managesieve: Fix so "Create filter" option does not show up when Filters menu is disabled (#6723) +- Enigma: For verified signatures, display the user id associated with the sender address (#5958) - Enigma: Fix bug where revoked users/keys were not greyed out in key info - Enigma: Fix error message when trying to encrypt with a revoked key (#6607) - Enigma: Fix "decryption oracle" bug [CVE-2019-10740] (#6638) diff --git a/plugins/enigma/lib/enigma_signature.php b/plugins/enigma/lib/enigma_signature.php index a93edc60d..d2a580a10 100644 --- a/plugins/enigma/lib/enigma_signature.php +++ b/plugins/enigma/lib/enigma_signature.php @@ -28,4 +28,61 @@ class enigma_signature // Set it to true if signature is valid, but part of the message // was out of the signed block public $partial; + + /** + * Find key user id matching the email message sender + * + * @param enigma_engine $engine Enigma engine + * @param rcube_message $message Message object + * @param string $part_id Message part identifier + * + * @return string User identifier (name + email) + */ + public function get_sender($engine, $message, $part_id = null) + { + if (!$this->email) { + return $this->name; + } + + if ($this->fingerprint && ($key = $engine->get_key($this->fingerprint))) { + $from = $message->headers->from; + $charset = $message->charset; + + // Get From: header from the parent part, if it's a forwarded message + if ($part_id && strpos($part_id, '.') !== false) { + $level = explode('.', $part_id); + $parts = $message->mime_parts(); + + while (array_pop($level) !== null) { + $parent = join('.', $level); + if ($parts[$parent] && $parts[$parent]->mimetype == 'message/rfc822') { + $from = $parts[$parent]->headers['from']; + $charset = $parts[$parent]->charset; + break; + } + } + } + + $from = rcube_mime::decode_address_list($from, 1, true, $charset); + $from = (array) $from[1]; + + if (!empty($from)) { + // Compare name and email + foreach ($key->users as $user) { + if ($user->name == $from['name'] && $user->email == $from['mailto']) { + return sprintf('%s <%s>', $user->name, $user->email); + } + } + + // Compare only email + foreach ($key->users as $user) { + if ($user->email === $from['mailto']) { + return sprintf('%s <%s>', $this->name, $user->email); + } + } + } + } + + return sprintf('%s <%s>', $this->name, $this->email); + } } diff --git a/plugins/enigma/lib/enigma_ui.php b/plugins/enigma/lib/enigma_ui.php index 347159e83..f0e97b4e2 100644 --- a/plugins/enigma/lib/enigma_ui.php +++ b/plugins/enigma/lib/enigma_ui.php @@ -978,10 +978,7 @@ class enigma_ui $attrib['id'] = 'enigma-message'; if ($sig instanceof enigma_signature) { - $sender = $sig->name ?: ''; - if ($sig->email) { - $sender .= ' <' . $sig->email . '>'; - } + $sender = $sig->get_sender($engine, $p['message'], $part_id); if ($sig->valid === enigma_error::UNVERIFIED) { $attrib['class'] = 'boxwarning enigmawarning signed'; diff --git a/program/steps/mail/show.inc b/program/steps/mail/show.inc index c9cf12deb..4f6e5845c 100644 --- a/program/steps/mail/show.inc +++ b/program/steps/mail/show.inc @@ -656,7 +656,7 @@ function rcmail_message_body($attrib) } $plugin = $RCMAIL->plugins->exec_hook('message_body_prefix', - array('part' => $part, 'prefix' => '')); + array('part' => $part, 'prefix' => '', 'message' => $MESSAGE)); // Set attributes of the part container $container_class = $part->ctype_secondary == 'html' ? 'message-htmlpart' : 'message-part';