e2ee-api: Drop message if no body and no stanza encryption

To avoid leaking data when plugin doesn't do stanza encryption. This
will inevitably reduce the number of features available, but users want
to send "secure" messages right.

Signed-off-by: Maxime “pep” Buquet <pep@bouah.net>

1 files changed, 11 insertions, 0 deletions

diff --git a/poezio/plugin_e2ee.py b/poezio/plugin_e2ee.py
index 66a8bd97..0c9c9256 100644
--- a/poezio/plugin_e2ee.py
+++ b/poezio/plugin_e2ee.py
@@ -179,6 +179,17 @@ class E2EEPlugin(BasePlugin):
 
         has_body = message.xml.find('{%s}%s' % (JCLIENT_NS, 'body')) is not None
 
+        # Drop all messages that don't contain a body if the plugin doesn't do
+        # Stanza Encryption
+        if not self.stanza_encryption and not has_body:
+            log.debug(
+                '%s plugin: Dropping message as it contains no body, and is '
+                'not doesn\'t do stanza encryption: %r',
+                self.encryption_name,
+                message,
+            )
+            return None
+
         # Call the enabled encrypt method
         self._enabled_tabs[jid](message, tab)