From bd0551b22076b82a6d49e9f7a2b2e0c90a1b2326 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Fri, 05 Feb 2016 07:25:27 -0500
Subject: [PATCH] Secure also downloads of addressbook exports, managesieve script exports and Enigma keys exports
---
plugins/enigma/lib/enigma_ui.php | 14 ++++++++++----
1 files changed, 10 insertions(+), 4 deletions(-)
diff --git a/plugins/enigma/lib/enigma_ui.php b/plugins/enigma/lib/enigma_ui.php
index e596fde..9c138f2 100644
--- a/plugins/enigma/lib/enigma_ui.php
+++ b/plugins/enigma/lib/enigma_ui.php
@@ -398,10 +398,10 @@
$now = time();
$date_format = $this->rc->config->get('date_format', 'Y-m-d');
$usage_map = array(
- enigma_key::CAN_ENCRYPT => $this->enigma->gettext('typeencrypt'),
- enigma_key::CAN_SIGN => $this->enigma->gettext('typesign'),
- enigma_key::CAN_CERTIFY => $this->enigma->gettext('typecert'),
- enigma_key::CAN_AUTH => $this->enigma->gettext('typeauth'),
+ enigma_key::CAN_ENCRYPT => $this->enigma->gettext('typeencrypt'),
+ enigma_key::CAN_SIGN => $this->enigma->gettext('typesign'),
+ enigma_key::CAN_CERTIFY => $this->enigma->gettext('typecert'),
+ enigma_key::CAN_AUTHENTICATE => $this->enigma->gettext('typeauth'),
);
foreach ($this->data->subkeys as $subkey) {
@@ -459,6 +459,8 @@
*/
private function key_export()
{
+ $this->rc->request_security_check(rcube_utils::INPUT_GET);
+
$keys = rcube_utils::get_input_value('_keys', rcube_utils::INPUT_GPC);
$engine = $this->enigma->load_engine();
$list = $keys == '*' ? $engine->list_keys() : explode(',', $keys);
@@ -999,6 +1001,10 @@
$this->rc->output->show_message($msg, 'error');
}
+ // Check sign/ecrypt options for signed/encrypted drafts
+ $this->rc->output->set_env('enigma_force_encrypt', !empty($engine->decryptions));
+ $this->rc->output->set_env('enigma_force_sign', !empty($engine->signatures));
+
return $p;
}
}
--
Gitblit v1.9.1