♟ knauss

It looks fine now. The two open issues will be addressed separately.

overall I like this patch - that is great an brings postgresql more to a usable db interface.

Merge branch 'Applications/19.04'

enable TemplateParserJobTest::test_replyPlain again.

Merge branch 'CVE-2019-10732' into Applications/19.04

Decryption Oracle based on forwarding PGP or S/MIME mails (CVE-2019-10732)

Refresh TemplateParserJobTest::test_convertedHtml logic

Make unexpected data leak harder via reply.

Rename convertedHtmlContent-> convertedHtmlContent for reply_Plain

TemplateParser: test htmlReply.

Add test cases for a Decryption Oracle based on PGP inline.

templateparserjobtest: HTML mime parts are handled differently

Add test for a normal encrypted message, to make sure decrpytion works.

Test mails for Decryption Oracle based on replying to PGP or S/MIME.

Distinguish between mMsg and mOrigMsg.

MimeTreeParser returns wrong content for inline mesasges with multiple…

@security-team: should I split the commits code/test so they are easier to backport? On the other side adding the tests also to old code makes it more clear that this is fixed.

The review is getting a little bit messy, because of all those new test data.

Add test cases for a Decryption Oracle based on PGP inline.
TemplateParser: test htmlReply.
Rename convertedHtmlContent-> convertedHtmlContent for reply_Plain
Make unexpected data leak harder via reply.

Add test for a normal encrypted message, to make sure decrpytion works.
templateparserjobtest: HTML mime parts are handled differently
WIP: Decryption Oracle is also possible with PGP inline.
TemplateParser: test htmlReply.
Rename convertedHtmlContent-> convertedHtmlContent for reply_Plain
Make unexpected data leak harder via reply.

Please add a simple test case to make sure we catch those changes by tests.

Remove unused ObjectTreeParser::copyContentFrom.

Add tests for ObjectTreeParser::htmlContent.

Move most of UnencryptedMessageTest tests to MimeTreeParser.

MimeTreeParser returns wrong content for inline mesasges with multiple encrypted blocks.
TemplateParser: test htmlReply.

Add test for a normal encrypted message, to make sure decryption works.
templateparserjobtest: HTML mime parts are handled differently
WIP: Decryption Oracle is also possible with PGP inline.

Refresh TemplateParserJobTest::test_convertedHtml logic

Unique names for test rows.

enable TemplateParserJobTest::test_replyPlain again.

In D20757#454735, @vkrause wrote:

This makes sense I think (and should go in IMHO), but I'm not sure if it is complete to cover all of bug 404698.

Do we need to be concerned about forwarding (which does include attachments AFAIK)?

make sense, yes.

In D20757#454566, @aacid wrote:

Sorry if this is a stupid question :D

But does this test make sense?

I mean how is the test supposed to decrypt the encrypted part of it? How does it know the keys/password/whatever to decrypt it?

This is git logic, that it defines this as a copy. And I think git it more or less right, as we can't move every tests because some tests need MessageViewer::BufferedHtmlWriter. Only

In D20757#454549, @dfaure wrote:

So these pass? There's no bug?

pidgin
- use the proxy settings from the preferences and make use every account is taking the general proxy setting.
- nice thing about this, that you can enable/disable tor on an account base.

@vkrause: I havn't found the tool you mentioned "tcpconnect"?

Prepare environment to be able to test grantleeheaderstyle.

messup different Review requests

Grantleetheme should always prefer files that are located in DataLocation.

knauss (Sandro Knauß)
User

Projects (14)
View All

Calendar

Today

Tomorrow

Tuesday

User Details

Recent Activity
View All

Tue, May 28

Sun, May 19

May 14 2019

May 13 2019

May 12 2019

Apr 26 2019

Apr 25 2019

Apr 24 2019

Apr 23 2019

Apr 22 2019

Mar 26 2019

Mar 25 2019

knauss (Sandro Knauß)User

Projects (14)View All