diff --git a/CHANGELOG b/CHANGELOG index 21a3d84c3..a9ea67b93 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -8,6 +8,7 @@ CHANGELOG Roundcube Webmail - Fix bug where only attachments with the same name would be ignored on zip download (#6301) - Fix bug where unicode contact names could have been broken/emptied or caused DB errors (#6299) - Fix bug where after "mark all folders as read" action message counters were not reset (#6307) +- Enigma: [EFAIL] Don't decrypt PGP messages with no MDC protection (#6289) RELEASE 1.3.6 ------------- diff --git a/INSTALL b/INSTALL index fea856ebb..318cdedb1 100644 --- a/INSTALL +++ b/INSTALL @@ -24,7 +24,7 @@ REQUIREMENTS - Net_IDNA2 0.1.1 or newer - Auth_SASL 1.0.6 or newer - Net_Sieve 1.3.2 or newer (for managesieve plugin) - - Crypt_GPG 1.6.0 or newer (for enigma plugin) + - Crypt_GPG 1.6.3 or newer (for enigma plugin) - Endroid/QrCode 1.6.0 or newer (https://github.com/endroid/QrCode) * php.ini options (see .htaccess file): - error_reporting E_ALL & ~E_NOTICE & ~E_STRICT diff --git a/composer.json-dist b/composer.json-dist index ad4aed741..537cbb595 100644 --- a/composer.json-dist +++ b/composer.json-dist @@ -20,7 +20,7 @@ "pear/net_idna2": "~0.2.0", "pear/mail_mime": "~1.10.0", "pear/net_smtp": "~1.7.1", - "pear/crypt_gpg": "~1.6.0", + "pear/crypt_gpg": "~1.6.3", "pear/net_sieve": "~1.4.0", "roundcube/plugin-installer": "~0.1.6", "endroid/qr-code": "~1.6.5" diff --git a/plugins/enigma/lib/enigma_driver_gnupg.php b/plugins/enigma/lib/enigma_driver_gnupg.php index a8d84ebea..09c2c8582 100644 --- a/plugins/enigma/lib/enigma_driver_gnupg.php +++ b/plugins/enigma/lib/enigma_driver_gnupg.php @@ -159,6 +159,16 @@ class enigma_driver_gnupg extends enigma_driver $signature = $this->parse_signature($result['signatures'][0]); } + // EFAIL vulnerability mitigation (#6289) + // Handle MDC warning as an exception, this is the default for gpg 2.3. + if (method_exists($this->gpg, 'getWarnings')) { + foreach ($this->gpg->getWarnings() as $warning_msg) { + if (strpos($warning_msg, 'not integrity protected') !== false) { + return new enigma_error(enigma_error::NOMDC, ucfirst($warning_msg)); + } + } + } + return $result['data']; } catch (Exception $e) { diff --git a/plugins/enigma/lib/enigma_error.php b/plugins/enigma/lib/enigma_error.php index d5f190b2f..4c6931570 100644 --- a/plugins/enigma/lib/enigma_error.php +++ b/plugins/enigma/lib/enigma_error.php @@ -30,6 +30,7 @@ class enigma_error const BADPASS = 5; const EXPIRED = 6; const UNVERIFIED = 7; + const NOMDC = 8; function __construct($code = null, $message = '', $data = array()) diff --git a/plugins/enigma/lib/enigma_ui.php b/plugins/enigma/lib/enigma_ui.php index 11bbdadff..2d5d376f1 100644 --- a/plugins/enigma/lib/enigma_ui.php +++ b/plugins/enigma/lib/enigma_ui.php @@ -894,6 +894,9 @@ class enigma_ui $msg = rcube::Q($this->enigma->gettext($label)); $this->password_prompt($status); } + else if ($code == enigma_error::NOMDC) { + $msg = rcube::Q($this->enigma->gettext('decryptnomdc')); + } else { $msg = rcube::Q($this->enigma->gettext('decrypterror')); } diff --git a/plugins/enigma/localization/en_US.inc b/plugins/enigma/localization/en_US.inc index 7e121a0ce..b515b378e 100644 --- a/plugins/enigma/localization/en_US.inc +++ b/plugins/enigma/localization/en_US.inc @@ -102,6 +102,7 @@ $messages['sigerror'] = 'Unverified signature. Internal error.'; $messages['decryptok'] = 'Message decrypted.'; $messages['decrypterror'] = 'Decryption failed.'; $messages['decryptnokey'] = 'Decryption failed. Private key not found. Key ID: $keyid.'; +$messages['decryptnomdc'] = 'Decryption skipped. Message is not integrity protected.'; $messages['decryptbadpass'] = 'Decryption failed. Invalid password.'; $messages['decryptnopass'] = 'Decryption failed. Key password required.'; $messages['decryptpartial'] = 'Message decrypted, but part of the body was not encrypted.';