From 2fb0cdbb88e0bef398a1073f91187815897286ab Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Maxime=20=E2=80=9Cpep=E2=80=9D=20Buquet?= Date: Mon, 1 Jul 2019 12:17:14 +0200 Subject: e2ee-api: Drop message if no body and no stanza encryption MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit To avoid leaking data when plugin doesn't do stanza encryption. This will inevitably reduce the number of features available, but users want to send "secure" messages right. Signed-off-by: Maxime “pep” Buquet --- poezio/plugin_e2ee.py | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/poezio/plugin_e2ee.py b/poezio/plugin_e2ee.py index 66a8bd97..0c9c9256 100644 --- a/poezio/plugin_e2ee.py +++ b/poezio/plugin_e2ee.py @@ -179,6 +179,17 @@ class E2EEPlugin(BasePlugin): has_body = message.xml.find('{%s}%s' % (JCLIENT_NS, 'body')) is not None + # Drop all messages that don't contain a body if the plugin doesn't do + # Stanza Encryption + if not self.stanza_encryption and not has_body: + log.debug( + '%s plugin: Dropping message as it contains no body, and is ' + 'not doesn\'t do stanza encryption: %r', + self.encryption_name, + message, + ) + return None + # Call the enabled encrypt method self._enabled_tabs[jid](message, tab) -- cgit v1.2.3