Add latest changes from gitlab-org/gitlab@master

author: GitLab Bot <gitlab-bot@gitlab.com> 2020-02-18 15:09:15 +0300
committer: GitLab Bot <gitlab-bot@gitlab.com> 2020-02-18 15:09:15 +0300
commit: 0637ba1e6e9024f35b2cbf561d9002ec17350bb3 (patch)
tree: 960cebf0e892710c1b40f25e249d04aaf8f9b868 /lib/gitlab/email
parent: 4720b569f0fcbb47e9f1a60e95172ae63b6f065a (diff)
1 files changed, 17 insertions, 1 deletions
diff --git a/lib/gitlab/email/attachment_uploader.rb b/lib/gitlab/email/attachment_uploader.rb
index 0a14a909e31..d8962ec0d20 100644
--- a/lib/gitlab/email/attachment_uploader.rb
+++ b/lib/gitlab/email/attachment_uploader.rb
@@ -12,7 +12,7 @@ module Gitlab
       def execute(upload_parent:, uploader_class:)
         attachments = []
 
-        message.attachments.each do |attachment|
+        filter_signature_attachments(message).each do |attachment|
           tmp = Tempfile.new("gitlab-email-attachment")
           begin
             File.open(tmp.path, "w+b") { |f| f.write attachment.body.decoded }
@@ -32,6 +32,22 @@ module Gitlab
 
         attachments
       end
+
+      private
+
+      # If this is a signed message (e.g. S/MIME or PGP), remove the signature
+      # from the uploaded attachments
+      def filter_signature_attachments(message)
+        attachments = message.attachments
+
+        if message.content_type&.starts_with?('multipart/signed')
+          signature_protocol = message.content_type_parameters[:protocol]
+
+          attachments.delete_if { |attachment| attachment.content_type.starts_with?(signature_protocol) } if signature_protocol.present?
+        end
+
+        attachments
+      end
     end
   end
 end
author	GitLab Bot <gitlab-bot@gitlab.com>	2020-02-18 15:09:15 +0300
committer	GitLab Bot <gitlab-bot@gitlab.com>	2020-02-18 15:09:15 +0300
commit	0637ba1e6e9024f35b2cbf561d9002ec17350bb3 (patch)
tree	960cebf0e892710c1b40f25e249d04aaf8f9b868 /lib/gitlab/email
parent	4720b569f0fcbb47e9f1a60e95172ae63b6f065a (diff)