diff --git a/Makefile.am b/Makefile.am index adf1a721..c97c06e8 100644 --- a/Makefile.am +++ b/Makefile.am @@ -115,8 +115,11 @@ c_sources = \ git_sources = \ src/gitversion.c -otr_sources = \ - src/otr.c src/otr.h +otr3_sources = \ + src/otr3.c src/otr.h + +otr4_sources = \ + src/otr4.c src/otr.h if BUILD_PYTHON_API with_python_sources = $(core_sources) $(python_sources) @@ -159,8 +162,14 @@ tests_with_git_sources = $(tests_with_c_sources) endif if BUILD_OTR -with_otr_sources = $(with_git_sources) $(otr_sources) -tests_with_otr_sources = $(tests_with_git_sources) $(otr_sources) +if BUILD_OTR3 +with_otr_sources = $(with_git_sources) $(otr3_sources) +tests_with_otr_sources = $(tests_with_git_sources) $(otr3_sources) +endif +if BUILD_OTR4 +with_otr_sources = $(with_git_sources) $(otr4_sources) +tests_with_otr_sources = $(tests_with_git_sources) $(otr4_sources) +endif else with_otr_sources = $(with_git_sources) tests_with_otr_sources = $(tests_with_git_sources) diff --git a/configure.ac b/configure.ac index 66df05c5..c8cf7e38 100644 --- a/configure.ac +++ b/configure.ac @@ -230,17 +230,39 @@ elif test "x$with_xscreensaver" = x; then [AC_MSG_NOTICE([libX11 not found, falling back to profanity auto-away])]) fi -AM_CONDITIONAL([BUILD_OTR], [true]) +AM_CONDITIONAL([BUILD_OTR], [false]) +AM_CONDITIONAL([BUILD_OTR3], [false]) +AM_CONDITIONAL([BUILD_OTR4], [false]) if test "x$enable_otr" = xyes; then - AC_CHECK_LIB([otr], [main], [], + AC_SEARCH_LIBS([otrl_init], [otr], + [AC_COMPILE_IFELSE( + [AC_LANG_PROGRAM([[ + #include + ]],[[ + #if OTRL_VERSION_MAJOR == 4 + // OK + #else + # assume version 3 + #endif + ]])], + [AM_CONDITIONAL([BUILD_OTR], [true]) AM_CONDITIONAL([BUILD_OTR4], [true]) AC_DEFINE([HAVE_LIBOTR], [1], [Have libotr])], + [AM_CONDITIONAL([BUILD_OTR], [true]) AM_CONDITIONAL([BUILD_OTR3], [true]) AC_DEFINE([HAVE_LIBOTR], [1], [Have libotr])])], [AC_MSG_ERROR([libotr is required for otr encryption support])]) -elif test "x$enable_otr" = xno; then - AM_CONDITIONAL([BUILD_OTR], [false]) elif test "x$enable_otr" = x; then - AM_CONDITIONAL([BUILD_OTR], [false]) -### Add the following back in once libotr 4.0.0 support is enabled -### AC_CHECK_LIB([otr], [main], [], -### [AM_CONDITIONAL([BUILD_OTR], [false]) AC_MSG_NOTICE([libotr not found, otr entryption support not enabled])]) + AC_SEARCH_LIBS([otrl_init], [otr], + [AC_COMPILE_IFELSE( + [AC_LANG_PROGRAM([[ + #include + ]],[[ + #if OTRL_VERSION_MAJOR == 4 + // OK + #else + # assume version 3 + #endif + ]])], + [AM_CONDITIONAL([BUILD_OTR], [true]) AM_CONDITIONAL([BUILD_OTR4], [true]) AC_DEFINE([HAVE_LIBOTR], [1], [Have libotr])], + [AM_CONDITIONAL([BUILD_OTR], [true]) AM_CONDITIONAL([BUILD_OTR3], [true]) AC_DEFINE([HAVE_LIBOTR], [1], [Have libotr])])], + [AC_MSG_NOTICE([libotr not found, otr entryption support not enabled])]) fi ### cmocka is required only for tests, profanity shouldn't be linked with it diff --git a/src/command/command.c b/src/command/command.c index 4bc6d9ed..4830c5c9 100644 --- a/src/command/command.c +++ b/src/command/command.c @@ -592,9 +592,9 @@ static struct cmd_t command_defs[] = { "/otr", cmd_otr, parse_args, 1, 2, NULL, - { "/otr gen|myfp|theirfp|start|end|trust|untrust|log|warn", "Off The Record encryption commands.", - { "/otr gen|myfp|theirfp|start|end|trust|untrust|log|warn", - "------------------------------------------------------", + { "/otr gen|myfp|theirfp|start|end|trust|untrust|log|warn|libver", "Off The Record encryption commands.", + { "/otr gen|myfp|theirfp|start|end|trust|untrust|log|warn|libver", + "-------------------------------------------------------------", "gen - Generate your private key.", "myfp - Show your fingerprint.", "theirfp - Show contacts fingerprint.", @@ -604,6 +604,7 @@ static struct cmd_t command_defs[] = "untrust - Indicate the the contact's fingerprint is not verified,", "log - How to log OTR messages, options are 'on', 'off' and 'redact', with redaction being the default.", "warn - Show when unencrypted messaging is being used in the title bar, options are 'on' and 'off' with 'on' being the default.", + "libver - Show which version of the libotr library is being used.", NULL } } }, { "/outtype", @@ -1063,6 +1064,7 @@ cmd_init(void) autocomplete_add(otr_ac, "untrust"); autocomplete_add(otr_ac, "log"); autocomplete_add(otr_ac, "warn"); + autocomplete_add(otr_ac, "libver"); otr_log_ac = autocomplete_new(); autocomplete_add(otr_log_ac, "on"); diff --git a/src/command/commands.c b/src/command/commands.c index eb980da9..0efe4243 100644 --- a/src/command/commands.c +++ b/src/command/commands.c @@ -2617,6 +2617,10 @@ cmd_otr(gchar **args, struct cmd_help_t help) // update the current window ui_switch_win(wins_get_current_num()); return result; + } else if (strcmp(args[0], "libver") == 0) { + char *version = otr_libotr_version(); + cons_show("Using libotr version %s", version); + return TRUE; } if (jabber_get_connection_status() != JABBER_CONNECTED) { diff --git a/src/otr.h b/src/otr.h index 404e7e07..85ae09cc 100644 --- a/src/otr.h +++ b/src/otr.h @@ -26,6 +26,7 @@ #include "config/accounts.h" void otr_init(void); +char* otr_libotr_version(void); void otr_on_connect(ProfAccount *account); void otr_keygen(ProfAccount *account); diff --git a/src/otr.c b/src/otr3.c similarity index 99% rename from src/otr.c rename to src/otr3.c index f8e96283..6d5c9496 100644 --- a/src/otr.c +++ b/src/otr3.c @@ -1,5 +1,5 @@ /* - * otr.c + * otr3.c * * Copyright (C) 2012, 2013 James Booth * @@ -100,6 +100,12 @@ cb_gone_secure(void *opdata, ConnContext *context) ui_gone_secure(context->username, otr_is_trusted(context->username)); } +char * +otr_libotr_version(void) +{ + return OTRL_VERSION; +} + void otr_init(void) { diff --git a/src/otr4.c b/src/otr4.c new file mode 100644 index 00000000..ddd4aeeb --- /dev/null +++ b/src/otr4.c @@ -0,0 +1,525 @@ +/* + * otr4.c + * + * Copyright (C) 2012, 2013 James Booth + * + * This file is part of Profanity. + * + * Profanity is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * Profanity is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Profanity. If not, see . + * + */ + +#include +#include +#include +#include + +#include "otr.h" +#include "log.h" +#include "roster_list.h" +#include "contact.h" +#include "ui/ui.h" + +static OtrlUserState user_state; +static OtrlMessageAppOps ops; +static char *jid; +static gboolean data_loaded; + +// ops callbacks +static OtrlPolicy +cb_policy(void *opdata, ConnContext *context) +{ + return OTRL_POLICY_ALLOW_V1 | OTRL_POLICY_ALLOW_V2 | OTRL_POLICY_ALLOW_V3; +} + +static int +cb_is_logged_in(void *opdata, const char *accountname, + const char *protocol, const char *recipient) +{ + PContact contact = roster_get_contact(recipient); + if (g_strcmp0(p_contact_presence(contact), "offline") == 0) { + return 0; + } else { + return 1; + } +} + +static void +cb_inject_message(void *opdata, const char *accountname, + const char *protocol, const char *recipient, const char *message) +{ + message_send(message, recipient); +} + +static const char* +cb_otr_error_message(void *opdata, ConnContext *context, + OtrlErrorCode err_code) +{ + switch(err_code) + { + case OTRL_ERRCODE_ENCRYPTION_ERROR: + return strdup("OTR Error: occured while encrypting a message"); + case OTRL_ERRCODE_MSG_NOT_IN_PRIVATE: + return strdup("OTR Error: Sent encrypted message to somebody who is not in a mutual OTR session"); + case OTRL_ERRCODE_MSG_UNREADABLE: + return strdup("OTR Error: sent an unreadable encrypted message"); + case OTRL_ERRCODE_MSG_MALFORMED: + return strdup("OTR Error: message sent is malformed"); + default: + return strdup("OTR Error: unknown"); + } +} + +static void +cb_otr_error_message_free(void *opdata, const char *err_msg) +{ + free((char *)err_msg); +} + +static void +cb_handle_msg_event(void *opdata, OtrlMessageEvent msg_event, + ConnContext *context, const char *message, + gcry_error_t err) +{ + if (message != NULL) { + cons_show_error("%s", message); + } else { + cons_show_error("OTR error event with no message."); + } +} + +static void +cb_write_fingerprints(void *opdata) +{ + gcry_error_t err = 0; + gchar *data_home = xdg_get_data_home(); + gchar *account_dir = str_replace(jid, "@", "_at_"); + + GString *basedir = g_string_new(data_home); + g_string_append(basedir, "/profanity/otr/"); + g_string_append(basedir, account_dir); + g_string_append(basedir, "/"); + free(account_dir); + + GString *fpsfilename = g_string_new(basedir->str); + g_string_append(fpsfilename, "fingerprints.txt"); + err = otrl_privkey_write_fingerprints(user_state, fpsfilename->str); + if (!err == GPG_ERR_NO_ERROR) { + log_error("Failed to write fingerprints file"); + cons_show_error("Failed to create fingerprints file"); + } + g_string_free(basedir, TRUE); + g_string_free(fpsfilename, TRUE); +} + +static void +cb_gone_secure(void *opdata, ConnContext *context) +{ + ui_gone_secure(context->username, otr_is_trusted(context->username)); +} + +char * +otr_libotr_version(void) +{ + return OTRL_VERSION; +} + +void +otr_init(void) +{ + log_info("Initialising OTR"); + OTRL_INIT; + + ops.policy = cb_policy; + ops.is_logged_in = cb_is_logged_in; + ops.inject_message = cb_inject_message; + ops.otr_error_message = cb_otr_error_message; + ops.otr_error_message_free = cb_otr_error_message_free; + ops.handle_msg_event = cb_handle_msg_event; + ops.write_fingerprints = cb_write_fingerprints; + ops.gone_secure = cb_gone_secure; + + data_loaded = FALSE; +} + +void +otr_on_connect(ProfAccount *account) +{ + jid = strdup(account->jid); + log_info("Loading OTR key for %s", jid); + + gchar *data_home = xdg_get_data_home(); + gchar *account_dir = str_replace(jid, "@", "_at_"); + + GString *basedir = g_string_new(data_home); + g_string_append(basedir, "/profanity/otr/"); + g_string_append(basedir, account_dir); + g_string_append(basedir, "/"); + free(account_dir); + + if (!mkdir_recursive(basedir->str)) { + log_error("Could not create %s for account %s.", basedir->str, jid); + cons_show_error("Could not create %s for account %s.", basedir->str, jid); + g_string_free(basedir, TRUE); + return; + } + + user_state = otrl_userstate_create(); + + gcry_error_t err = 0; + + GString *keysfilename = g_string_new(basedir->str); + g_string_append(keysfilename, "keys.txt"); + if (!g_file_test(keysfilename->str, G_FILE_TEST_IS_REGULAR)) { + log_info("No private key file found %s", keysfilename->str); + data_loaded = FALSE; + } else { + log_info("Loading OTR private key %s", keysfilename->str); + err = otrl_privkey_read(user_state, keysfilename->str); + if (!err == GPG_ERR_NO_ERROR) { + g_string_free(basedir, TRUE); + g_string_free(keysfilename, TRUE); + log_error("Failed to load private key"); + return; + } else { + log_info("Loaded private key"); + data_loaded = TRUE; + } + } + + GString *fpsfilename = g_string_new(basedir->str); + g_string_append(fpsfilename, "fingerprints.txt"); + if (!g_file_test(fpsfilename->str, G_FILE_TEST_IS_REGULAR)) { + log_info("No fingerprints file found %s", fpsfilename->str); + data_loaded = FALSE; + } else { + log_info("Loading fingerprints %s", fpsfilename->str); + err = otrl_privkey_read_fingerprints(user_state, fpsfilename->str, NULL, NULL); + if (!err == GPG_ERR_NO_ERROR) { + g_string_free(basedir, TRUE); + g_string_free(keysfilename, TRUE); + g_string_free(fpsfilename, TRUE); + log_error("Failed to load fingerprints"); + return; + } else { + log_info("Loaded fingerprints"); + data_loaded = TRUE; + } + } + + if (data_loaded) { + cons_show("Loaded OTR private key for %s", jid); + } + + g_string_free(basedir, TRUE); + g_string_free(keysfilename, TRUE); + g_string_free(fpsfilename, TRUE); + return; +} + +void +otr_keygen(ProfAccount *account) +{ + if (data_loaded) { + cons_show("OTR key already generated."); + return; + } + + jid = strdup(account->jid); + log_info("Generating OTR key for %s", jid); + + jid = strdup(account->jid); + + gchar *data_home = xdg_get_data_home(); + gchar *account_dir = str_replace(jid, "@", "_at_"); + + GString *basedir = g_string_new(data_home); + g_string_append(basedir, "/profanity/otr/"); + g_string_append(basedir, account_dir); + g_string_append(basedir, "/"); + free(account_dir); + + if (!mkdir_recursive(basedir->str)) { + log_error("Could not create %s for account %s.", basedir->str, jid); + cons_show_error("Could not create %s for account %s.", basedir->str, jid); + g_string_free(basedir, TRUE); + return; + } + + gcry_error_t err = 0; + + GString *keysfilename = g_string_new(basedir->str); + g_string_append(keysfilename, "keys.txt"); + log_debug("Generating private key file %s for %s", keysfilename->str, jid); + cons_show("Generating private key, this may take some time."); + cons_show("Moving the mouse randomly around the screen may speed up the process!"); + ui_current_page_off(); + ui_refresh(); + err = otrl_privkey_generate(user_state, keysfilename->str, account->jid, "xmpp"); + if (!err == GPG_ERR_NO_ERROR) { + g_string_free(basedir, TRUE); + g_string_free(keysfilename, TRUE); + log_error("Failed to generate private key"); + cons_show_error("Failed to generate private key"); + return; + } + log_info("Private key generated"); + cons_show(""); + cons_show("Private key generation complete."); + + GString *fpsfilename = g_string_new(basedir->str); + g_string_append(fpsfilename, "fingerprints.txt"); + log_debug("Generating fingerprints file %s for %s", fpsfilename->str, jid); + err = otrl_privkey_write_fingerprints(user_state, fpsfilename->str); + if (!err == GPG_ERR_NO_ERROR) { + g_string_free(basedir, TRUE); + g_string_free(keysfilename, TRUE); + log_error("Failed to create fingerprints file"); + cons_show_error("Failed to create fingerprints file"); + return; + } + log_info("Fingerprints file created"); + + err = otrl_privkey_read(user_state, keysfilename->str); + if (!err == GPG_ERR_NO_ERROR) { + g_string_free(basedir, TRUE); + g_string_free(keysfilename, TRUE); + log_error("Failed to load private key"); + data_loaded = FALSE; + return; + } + + err = otrl_privkey_read_fingerprints(user_state, fpsfilename->str, NULL, NULL); + if (!err == GPG_ERR_NO_ERROR) { + g_string_free(basedir, TRUE); + g_string_free(keysfilename, TRUE); + log_error("Failed to load fingerprints"); + data_loaded = FALSE; + return; + } + + data_loaded = TRUE; + + g_string_free(basedir, TRUE); + g_string_free(keysfilename, TRUE); + g_string_free(fpsfilename, TRUE); + return; +} + +gboolean +otr_key_loaded(void) +{ + return data_loaded; +} + +gboolean +otr_is_secure(const char * const recipient) +{ + ConnContext *context = otrl_context_find(user_state, recipient, jid, "xmpp", + OTRL_INSTAG_MASTER, 0, NULL, NULL, NULL); + + if (context == NULL) { + return FALSE; + } + + if (context->msgstate != OTRL_MSGSTATE_ENCRYPTED) { + return FALSE; + } else { + return TRUE; + } +} + +gboolean +otr_is_trusted(const char * const recipient) +{ + ConnContext *context = otrl_context_find(user_state, recipient, jid, "xmpp", + OTRL_INSTAG_MASTER, 0, NULL, NULL, NULL); + + if (context == NULL) { + return FALSE; + } + + if (context->msgstate != OTRL_MSGSTATE_ENCRYPTED) { + return TRUE; + } + + if (context->active_fingerprint && + g_strcmp0(context->active_fingerprint->trust, "trusted") == 0) { + return TRUE; + } + + return FALSE; +} + +void +otr_trust(const char * const recipient) +{ + ConnContext *context = otrl_context_find(user_state, recipient, jid, "xmpp", + OTRL_INSTAG_MASTER, 0, NULL, NULL, NULL); + + if (context == NULL) { + return; + } + + if (context->msgstate != OTRL_MSGSTATE_ENCRYPTED) { + return; + } + + if (context->active_fingerprint) { + context->active_fingerprint->trust = "trusted"; + cb_write_fingerprints(NULL); + } + + return; +} + +void +otr_untrust(const char * const recipient) +{ + ConnContext *context = otrl_context_find(user_state, recipient, jid, "xmpp", + OTRL_INSTAG_MASTER, 0, NULL, NULL, NULL); + + if (context == NULL) { + return; + } + + if (context->msgstate != OTRL_MSGSTATE_ENCRYPTED) { + return; + } + + if (context->active_fingerprint) { + context->active_fingerprint->trust = NULL; + cb_write_fingerprints(NULL); + } + + return; +} + +void +otr_end_session(const char * const recipient) +{ + ConnContext *context = otrl_context_find(user_state, recipient, jid, "xmpp", + OTRL_INSTAG_MASTER, 0, NULL, NULL, NULL); + + if (context != NULL) { + otrl_message_disconnect(user_state, &ops, NULL, jid, "xmpp", recipient, 0); + } +} + +char * +otr_get_my_fingerprint(void) +{ + char fingerprint[45]; + otrl_privkey_fingerprint(user_state, fingerprint, jid, "xmpp"); + char *result = strdup(fingerprint); + + return result; +} + +char * +otr_get_their_fingerprint(const char * const recipient) +{ + ConnContext *context = otrl_context_find(user_state, recipient, jid, "xmpp", + OTRL_INSTAG_MASTER, 0, NULL, NULL, NULL); + + if (context != NULL) { + Fingerprint *fingerprint = context->active_fingerprint; + char readable[45]; + otrl_privkey_hash_to_human(readable, fingerprint->fingerprint); + return strdup(readable); + } else { + return NULL; + } +} + +char * +otr_encrypt_message(const char * const to, const char * const message) +{ + gcry_error_t err; + char *newmessage = NULL; + + err = otrl_message_sending( + user_state, + &ops, + NULL, + jid, + "xmpp", + to, + OTRL_INSTAG_MASTER, + message, + 0, + &newmessage, + OTRL_FRAGMENT_SEND_SKIP, + NULL, + NULL, + NULL); + + if (!err == GPG_ERR_NO_ERROR) { + return NULL; + } else { + return newmessage; + } +} + +char * +otr_decrypt_message(const char * const from, const char * const message, gboolean *was_decrypted) +{ + char *decrypted = NULL; + OtrlTLV *tlvs = NULL; + OtrlTLV *tlv = NULL; + int result = otrl_message_receiving( + user_state, + &ops, + NULL, + jid, + "xmpp", + from, + message, + &decrypted, + &tlvs, + NULL, + NULL, + NULL); + + // internal libotr message + if (result == 1) { + tlv = otrl_tlv_find(tlvs, OTRL_TLV_DISCONNECTED); + if (tlv) { + ConnContext *context = otrl_context_find(user_state, from, jid, "xmpp", + OTRL_INSTAG_MASTER, 0, NULL, NULL, NULL); + + if (context != NULL) { + otrl_context_force_plaintext(context); + ui_gone_insecure(from); + } + } + return NULL; + + // message was decrypted, return to user + } else if (decrypted != NULL) { + *was_decrypted = TRUE; + return decrypted; + + // normal non OTR message + } else { + *was_decrypted = FALSE; + return strdup(message); + } +} + +void +otr_free_message(char *message) +{ + otrl_message_free(message); +}