1
0
mirror of https://github.com/profanity-im/profanity.git synced 2024-12-04 14:46:46 -05:00

Mark messages received from a session as trusted

This commit is contained in:
Paul Fariello 2019-06-25 06:23:57 +02:00
parent 684fdf68ac
commit f081766913
3 changed files with 25 additions and 10 deletions

View File

@ -890,15 +890,26 @@ omemo_on_message_recv(const char *const from_jid, uint32_t sid,
goto out; goto out;
} }
omemo_ctx.identity_key_store.recv = true;
if (key->prekey) { if (key->prekey) {
log_debug("OMEMO: decrypting message with prekey"); log_debug("OMEMO: decrypting message with prekey");
pre_key_signal_message *message; pre_key_signal_message *message;
ec_public_key *their_identity_key;
signal_buffer *identity_buffer = NULL;
omemo_ctx.identity_key_store.recv = true;
pre_key_signal_message_deserialize(&message, key->data, key->length, omemo_ctx.signal); pre_key_signal_message_deserialize(&message, key->data, key->length, omemo_ctx.signal);
their_identity_key = pre_key_signal_message_get_identity_key(message);
res = session_cipher_decrypt_pre_key_signal_message(cipher, message, NULL, &plaintext_key); res = session_cipher_decrypt_pre_key_signal_message(cipher, message, NULL, &plaintext_key);
omemo_ctx.identity_key_store.recv = false;
/* Perform a real check of the identity */
ec_public_key_serialize(&identity_buffer, their_identity_key);
*trusted = is_trusted_identity(&address, signal_buffer_data(identity_buffer),
signal_buffer_len(identity_buffer), &omemo_ctx.identity_key_store);
/* Replace used pre_key in bundle */ /* Replace used pre_key in bundle */
uint32_t pre_key_id = pre_key_signal_message_get_pre_key_id(message); uint32_t pre_key_id = pre_key_signal_message_get_pre_key_id(message);
ec_key_pair *ec_pair; ec_key_pair *ec_pair;
@ -918,18 +929,18 @@ omemo_on_message_recv(const char *const from_jid, uint32_t sid,
} else { } else {
log_debug("OMEMO: decrypting message with existing session"); log_debug("OMEMO: decrypting message with existing session");
signal_message *message = NULL; signal_message *message = NULL;
res = signal_message_deserialize(&message, key->data, key->length, omemo_ctx.signal); res = signal_message_deserialize(&message, key->data, key->length, omemo_ctx.signal);
if (res < 0) { if (res < 0) {
log_error("OMEMO: cannot deserialize message"); log_error("OMEMO: cannot deserialize message");
} else { } else {
res = session_cipher_decrypt_signal_message(cipher, message, NULL, &plaintext_key); res = session_cipher_decrypt_signal_message(cipher, message, NULL, &plaintext_key);
*trusted = true;
SIGNAL_UNREF(message); SIGNAL_UNREF(message);
} }
} }
omemo_ctx.identity_key_store.recv = false;
*trusted = omemo_ctx.identity_key_store.trusted_msg;
session_cipher_free(cipher); session_cipher_free(cipher);
if (res != 0) { if (res != 0) {
log_error("OMEMO: cannot decrypt message key"); log_error("OMEMO: cannot decrypt message key");

View File

@ -362,9 +362,16 @@ save_identity(const signal_protocol_address *address, uint8_t *key_data,
{ {
identity_key_store_t *identity_key_store = (identity_key_store_t *)user_data; identity_key_store_t *identity_key_store = (identity_key_store_t *)user_data;
if (identity_key_store->recv && !identity_key_store->trusted_msg) { if (identity_key_store->recv) {
/* Do not trust identity automatically */ /* Do not trust identity automatically */
return SG_SUCCESS; /* Instead we perform a real trust check */
identity_key_store->recv = false;
int trusted = is_trusted_identity(address, key_data, key_len, user_data);
identity_key_store->recv = true;
if (trusted == 0) {
/* If not trusted we just don't save the identity */
return SG_SUCCESS;
}
} }
signal_buffer *buffer = signal_buffer_create(key_data, key_len); signal_buffer *buffer = signal_buffer_create(key_data, key_len);
@ -398,7 +405,6 @@ is_trusted_identity(const signal_protocol_address *address, uint8_t *key_data,
GHashTable *trusted = g_hash_table_lookup(identity_key_store->trusted, address->name); GHashTable *trusted = g_hash_table_lookup(identity_key_store->trusted, address->name);
if (!trusted) { if (!trusted) {
if (identity_key_store->recv) { if (identity_key_store->recv) {
identity_key_store->trusted_msg = false;
return 1; return 1;
} else { } else {
return 0; return 0;
@ -414,7 +420,6 @@ is_trusted_identity(const signal_protocol_address *address, uint8_t *key_data,
if (identity_key_store->recv) { if (identity_key_store->recv) {
identity_key_store->trusted_msg = ret;
return 1; return 1;
} else { } else {
return ret; return ret;

View File

@ -49,7 +49,6 @@ typedef struct {
uint32_t registration_id; uint32_t registration_id;
GHashTable *trusted; GHashTable *trusted;
bool recv; bool recv;
bool trusted_msg;
} identity_key_store_t; } identity_key_store_t;
GHashTable * session_store_new(void); GHashTable * session_store_new(void);