View Issue Details

IDProjectCategoryView StatusLast Update
0004433SOGoBackend Mailpublic2018-08-01 14:51
Reporterjordi Assigned Toludovic  
PrioritynormalSeverityminorReproducibilityalways
Status resolvedResolutionfixed 
PlatformLinuxOSDebianOS Versionstretch
Product Version4.0.0 
Fixed in Version4.0.2 
Summary0004433: S/MIME emails are rendered blank when using GnuTLS
Description

With 4.0.0, emails that are signed with S/MIME appear blank if GNUTLS was used to build SOGo like in Debian and Ubuntu.

Steps To Reproduce

Install Debian packages from ftp.debian.org. Open an email with a S/MIME signature.

Additional Information

I saw this codepath:

https://salsa.debian.org/debian/sogo/commit/915fad335a2c37319dab8979e3708f5c02fb6dfe

Is missing a GNUTLS hunk. Could it be the culprit?

I haven't had time to test it.

TagsNo tags attached.

Activities

tb

tb

2018-07-31 22:15

reporter   ~0012988

Last edited: 2018-07-31 22:17

I debugged this issue today (although I was sure the backend was OpenSSL, huh), the ultimate problem is that SOGo

a) fails to call SSL_load_error_strings(), and

b) assumes ERR_reason_error_string() can never return NULL (but it can, for unknown error codes). When SSL_load_error_strings() wasn't called, a lot of error codes are unknown, but I still wouldn't assume /every/ code to be valid even if it was called.

The NULL returned from ERR_reason_error_string() is passed to NSString's "stringWithUTF8String"-constructor which then fires an NSInvalidArgumentException (which makes it into the logfile).

Here's my patch that fixes the issue:

--- sogo-4.0.0.orig/UI/MailPartViewers/UIxMailPartSignedViewer.m
+++ sogo-4.0.0/UI/MailPartViewers/UIxMailPartSignedViewer.m
@@ -170,8 +170,9 @@
if (err)
{
ERR_load_crypto_strings();

  • SSL_load_error_strings();
    sslError = ERR_reason_error_string(err);
  • validationMessage = [[self labelForKey: [NSString stringWithUTF8String: sslError]] retain];
  • validationMessage = [[self labelForKey: [NSString stringWithUTF8String: sslError ? sslError : "(no error information available)"]] retain];
    }
    }

Edit: Oh well. Uploaded the patch as an attachment, too.

tb

tb

2018-07-31 22:16

reporter  

sogo-smime.patch (713 bytes)   
https://rt.fhr.fraunhofer.de/rt/Ticket/Display.html?id=1301
This is a comment.  It is not sent to the Requestor(s):

Und hier der Patch.
--- sogo-4.0.0.orig/UI/MailPartViewers/UIxMailPartSignedViewer.m
+++ sogo-4.0.0/UI/MailPartViewers/UIxMailPartSignedViewer.m
@@ -170,8 +170,9 @@
       if (err)
         {
           ERR_load_crypto_strings();
+          SSL_load_error_strings();
           sslError = ERR_reason_error_string(err);
-          validationMessage = [[self labelForKey: [NSString stringWithUTF8String: sslError]] retain];
+          validationMessage = [[self labelForKey: [NSString stringWithUTF8String: sslError ? sslError : "(no error information available)"]] retain];
         }
     }
 


sogo-smime.patch (713 bytes)   

Related Changesets

sogo: master 5a48fca4

2018-08-01 10:47

ludovic


Details Diff
(fix) avoid displaying empty signed emails when using GNU TLS (fixes 0004433) Affected Issues
0004433
mod - NEWS Diff File
mod - UI/MailPartViewers/UIxMailPartSignedViewer.m Diff File

Issue History

Date Modified Username Field Change
2018-03-29 17:16 jordi New Issue
2018-07-31 22:15 tb Note Added: 0012988
2018-07-31 22:16 tb File Added: sogo-smime.patch
2018-07-31 22:17 tb Note Edited: 0012988
2018-08-01 14:51 ludovic Changeset attached => sogo master 5a48fca4
2018-08-01 14:51 ludovic Assigned To => ludovic
2018-08-01 14:51 ludovic Resolution open => fixed
2018-08-01 14:51 ludovic Status new => resolved
2018-08-01 14:51 ludovic Fixed in Version => 4.0.2