Commit 8dc47e60 authored by Roger Meier's avatar Roger Meier

Fix SMIME signed email sending, do not overwrite Content-Disposition

If signed email sending was enabled the Content-Disposition was set
but empty. This could cause issues with SMTP servers, in particular
sending via Amazon SES did not work at all as they expect a non-empty
Content-Disposition header. Response from SES with empty header was:
  554 Transaction failed: Expected disposition,
  got null (in reply to end of DATA command))

With this fix the Content-Disposition field is no longer overwritten
within the smime_signature_interceptor hook and the mails could be
delivered properly.

Changelog: fixed
parent c4dfb7ca
...@@ -45,7 +45,6 @@ module Gitlab ...@@ -45,7 +45,6 @@ module Gitlab
end end
def overwrite_headers(message, signed_email) def overwrite_headers(message, signed_email)
message.content_disposition = signed_email.content_disposition
message.content_transfer_encoding = signed_email.content_transfer_encoding message.content_transfer_encoding = signed_email.content_transfer_encoding
message.content_type = signed_email.content_type message.content_type = signed_email.content_type
end end
......
...@@ -50,6 +50,7 @@ RSpec.describe Gitlab::Email::Hook::SmimeSignatureInterceptor do ...@@ -50,6 +50,7 @@ RSpec.describe Gitlab::Email::Hook::SmimeSignatureInterceptor do
expect(mail.header['To'].value).to eq('test@example.com') expect(mail.header['To'].value).to eq('test@example.com')
expect(mail.header['From'].value).to eq('info@example.com') expect(mail.header['From'].value).to eq('info@example.com')
expect(mail.header['Content-Type'].value).to match('multipart/signed').and match('protocol="application/x-pkcs7-signature"') expect(mail.header['Content-Type'].value).to match('multipart/signed').and match('protocol="application/x-pkcs7-signature"')
expect(mail.header.include?('Content-Disposition')).to eq(false)
# verify signature and obtain pkcs7 encoded content # verify signature and obtain pkcs7 encoded content
p7enc = Gitlab::Email::Smime::Signer.verify_signature( p7enc = Gitlab::Email::Smime::Signer.verify_signature(
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment