Bug 340312

Summary: Attachments are not encrypted when "automatic encryption" is selected
Product: [Applications] kmail2 Reporter: Mike Schneider <mike2.schneider>
Component: cryptoAssignee: kdepim bugs <pim-bugs-null>
Status: RESOLVED FIXED    
Severity: major CC: montel, samir
Priority: NOR    
Version First Reported In: 4.11.5   
Target Milestone: ---   
Platform: openSUSE   
OS: Linux   
Latest Commit: http://commits.kde.org/kdepim/626c857eb30c0533a4de7836ee843caaa8c00a26 Version Fixed/Implemented In: 14.12
Sentry Crash Report:

Description Mike Schneider 2014-10-24 18:40:36 UTC 
When composing a new message, selecting "encrypt message" will cause attachments to be also encrypted. This is the correct, expected behavior.

However, if encryption is not manually selected and a message comprising attachments is sent AND the option "automatic encryption" ("Nachrichten möglichst automatisch verschlüsseln")is selected and the key of the receiver is known, a pop-up is displayed, asking whether you want to encrypt the mail. This is also correct.

HOWEVER: if you select yes, kmail will only encrypt the message body, not the attachments and will send out the unencrypted attachment without asking further questions.
 
Expected behaviour: attachments are also encrypted

Reproducible: Always

Steps to Reproduce:
1. In the settings, under security, select "automatic encryption" ("Nachrichten möglichst automatisch verschlüsseln")
2. Compose a mail to a sender having a known gpg key
3. Attach a file to the message
4. send the massage, when asked whether you want to encrypt the message, select yes

Actual Results:  
Message body will be encrypted, attachment will be sent in clear , defeating the purpose of sending encrypted mails

Expected Results:  
Message body ant attachments are encrypted
Comment 1 Samir Nassar 2014-12-02 14:55:56 UTC 
I just confirmed this with KMail2 4.14.3 on Arch linux. I sent a message and was able to read the attachment in the clear from my mail client. If confirmed further, this is a serious problem.
Comment 2 Laurent Montel 2014-12-03 12:21:20 UTC 
I confirm it.
I look at it.
Comment 3 Laurent Montel 2014-12-03 21:57:11 UTC 
Git commit 626c857eb30c0533a4de7836ee843caaa8c00a26 by Montel Laurent.
Committed on 03/12/2014 at 21:54.
Pushed by mlaurent into branch 'KDE/4.14'.

Fix Bug 340312 - Attachments are not encrypted when "automatic encryption" is selected

FIXED-IN: 14.12

M  +2    -6    messagecomposer/composer/composerviewbase.cpp

http://commits.kde.org/kdepim/626c857eb30c0533a4de7836ee843caaa8c00a26