Navigation

    Kopano
    • Register
    • Login
    • Search
    • Categories
    • Get Official Kopano Support
    • Recent
    Statement regarding the closure of the Kopano community forum and the end of the community edition

    backendIMAP: S/MIME decryption broken for IOS 12.x devices with z-push

    Z-Push when using other backends
    1
    1
    192
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • xatru
      xatru last edited by

      When receiving encrypted email on IOS 12.x thru z-push, the IOS devices now complains with:

      “This message is encrypted. Install a profile containing your encryption identity to decrypt this message”

      The correct certificate is deployed and was working in previous IOS versions.

      It turns out that IOS 12.x does not like the fix from KD 2015-06-04:

      backend/imap/imap.php:

                    case SYNC_BODYPREFERENCE_MIME:
                        if ($is_smime) {
                            if ($is_encrypted) {
                                // #190, KD 2015-06-04 - If message body is encrypted only send the headers, as data should only be in the attachment
                                // IOS 12.x now doesn't like to get just the headers:
                                // $data = $mail_headers;
                                $data = $mail;
                            }
                            else {
                                $data = $mail;

      returning $mail instead of $mail_headers for encrypted mime fixes message reading again on all our IOS devices, however that patch is sloppy. I think should add version check to either return $mail or $mail_headers. Also not sure at what IOS version exactly needs that change.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post