fix: process Autocrypt-Gossip only after merging protected headers

link2xt · link2xt · commit 457111301f6d · 2025-03-12T05:10:23.000Z
Otherwise no Autocrypt-Gossip is applied if To header is protected
by replacing with "hidden-recipients".
diff --git a/src/mimeparser.rs b/src/mimeparser.rs
@@ -421,19 +421,6 @@ impl MimeMessage {
             timestamp_sent =
                 Self::get_timestamp_sent(&mail.headers, timestamp_sent, timestamp_rcvd);
             if !signatures.is_empty() {
-                // Handle any gossip headers if the mail was encrypted. See section
-                // "3.6 Key Gossip" of <https://autocrypt.org/autocrypt-spec-1.1.0.pdf>
-                // but only if the mail was correctly signed. Probably it's ok to not require
-                // encryption here, but let's follow the standard.
-                let gossip_headers = mail.headers.get_all_values("Autocrypt-Gossip");
-                gossiped_keys = update_gossip_peerstates(
-                    context,
-                    timestamp_sent,
-                    &from.addr,
-                    &recipients,
-                    gossip_headers,
-                )
-                .await?;
                 // Remove unsigned opportunistically protected headers from messages considered
                 // Autocrypt-encrypted / displayed with padlock.
                 // For "Subject" see <https://github.com/deltachat/deltachat-core-rust/issues/1790>.
@@ -474,6 +461,22 @@ impl MimeMessage {
                 &mail.headers,
             );
 
+            if !signatures.is_empty() {
+                // Handle any gossip headers if the mail was encrypted. See section
+                // "3.6 Key Gossip" of <https://autocrypt.org/autocrypt-spec-1.1.0.pdf>
+                // but only if the mail was correctly signed. Probably it's ok to not require
+                // encryption here, but let's follow the standard.
+                let gossip_headers = mail.headers.get_all_values("Autocrypt-Gossip");
+                gossiped_keys = update_gossip_peerstates(
+                    context,
+                    timestamp_sent,
+                    &from.addr,
+                    &recipients,
+                    gossip_headers,
+                )
+                .await?;
+            }
+
             if let Some(inner_from) = inner_from {
                 if !addr_cmp(&inner_from.addr, &from.addr) {
                     // There is a From: header in the encrypted
