aboutsummaryrefslogtreecommitdiff
path: root/plugins/omemo
diff options
context:
space:
mode:
Diffstat (limited to 'plugins/omemo')
-rw-r--r--plugins/omemo/CMakeLists.txt3
-rw-r--r--plugins/omemo/data/contact_details_dialog.ui173
-rw-r--r--plugins/omemo/src/account_settings_dialog.vala2
-rw-r--r--plugins/omemo/src/contact_details_dialog.vala203
-rw-r--r--plugins/omemo/src/contact_details_provider.vala28
-rw-r--r--plugins/omemo/src/database.vala65
-rw-r--r--plugins/omemo/src/device_notification_populator.vala92
-rw-r--r--plugins/omemo/src/manager.vala95
-rw-r--r--plugins/omemo/src/plugin.vala3
-rw-r--r--plugins/omemo/src/stream_module.vala95
10 files changed, 663 insertions, 96 deletions
diff --git a/plugins/omemo/CMakeLists.txt b/plugins/omemo/CMakeLists.txt
index 50cd6627..bcec941b 100644
--- a/plugins/omemo/CMakeLists.txt
+++ b/plugins/omemo/CMakeLists.txt
@@ -13,6 +13,7 @@ find_packages(OMEMO_PACKAGES REQUIRED
set(RESOURCE_LIST
account_settings_dialog.ui
+ contact_details_dialog.ui
)
compile_gresources(
@@ -32,7 +33,9 @@ SOURCES
src/account_settings_widget.vala
src/bundle.vala
src/contact_details_provider.vala
+ src/contact_details_dialog.vala
src/database.vala
+ src/device_notification_populator.vala
src/encrypt_state.vala
src/encryption_list_entry.vala
src/manager.vala
diff --git a/plugins/omemo/data/contact_details_dialog.ui b/plugins/omemo/data/contact_details_dialog.ui
new file mode 100644
index 00000000..4844fdb9
--- /dev/null
+++ b/plugins/omemo/data/contact_details_dialog.ui
@@ -0,0 +1,173 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<interface>
+ <template class="DinoPluginsOmemoContactDetailsDialog">
+ <property name="modal">True</property>
+ <property name="title" translatable="yes">OMEMO Keys</property>
+ <property name="resizable">False</property>
+ <child internal-child="vbox">
+ <object class="GtkBox">
+ <property name="visible">True</property>
+ <property name="margin-left">40</property>
+ <property name="margin-right">40</property>
+ <child>
+ <object class="GtkBox">
+ <property name="margin-top">12</property>
+ <property name="orientation">horizontal</property>
+ <property name="visible">True</property>
+ <child>
+ <object class="GtkLabel">
+ <property name="visible">True</property>
+ <property name="halign">start</property>
+ <property name="hexpand">True</property>
+ <property name="label" translatable="yes">Enable Key Management</property>
+ </object>
+ </child>
+ <child>
+ <object class="GtkSwitch" id="key_mgmnt">
+ <property name="visible">True</property>
+ <property name="halign">end</property>
+ </object>
+ </child>
+ </object>
+ </child>
+ <child>
+ <object class="GtkBox" id="fingerprints_prompt_label">
+ <property name="margin-top">12</property>
+ <property name="orientation">horizontal</property>
+ <property name="visible">False</property>
+ <child>
+ <object class="GtkLabel">
+ <property name="visible">True</property>
+ <property name="halign">start</property>
+ <property name="valign">center</property>
+ <property name="hexpand">True</property>
+ <property name="label" translatable="yes">New Devices</property>
+ <property name="margin-bottom">2</property>
+ <attributes>
+ <attribute name="weight" value="PANGO_WEIGHT_BOLD"/>
+ </attributes>
+ </object>
+ </child>
+ </object>
+ </child>
+ <child>
+ <object class="GtkFrame" id="fingerprints_prompt_container">
+ <property name="visible">False</property>
+ <property name="margin-bottom">18</property>
+ <child>
+ <object class="GtkScrolledWindow">
+ <property name="hscrollbar_policy">never</property>
+ <property name="vscrollbar_policy">automatic</property>
+ <property name="visible">True</property>
+ <property name="propagate_natural_height">True</property>
+ <child>
+ <object class="GtkGrid" id="fingerprints_prompt">
+ <property name="visible">True</property>
+ <property name="vexpand">True</property>
+ </object>
+ </child>
+ </object>
+ </child>
+ </object>
+ </child>
+ <child>
+ <object class="GtkBox" id="fingerprints_verified_label">
+ <property name="margin-top">12</property>
+ <property name="orientation">horizontal</property>
+ <property name="visible">False</property>
+ <child>
+ <object class="GtkLabel">
+ <property name="visible">True</property>
+ <property name="halign">start</property>
+ <property name="valign">center</property>
+ <property name="hexpand">True</property>
+ <property name="label" translatable="yes">Verified Devices</property>
+ <property name="margin-bottom">2</property>
+ <attributes>
+ <attribute name="weight" value="PANGO_WEIGHT_BOLD"/>
+ </attributes>
+ </object>
+ </child>
+ </object>
+ </child>
+ <child>
+ <object class="GtkFrame" id="fingerprints_verified_container">
+ <property name="visible">False</property>
+ <property name="margin-bottom">18</property>
+ <child>
+ <object class="GtkScrolledWindow">
+ <property name="hscrollbar_policy">never</property>
+ <property name="vscrollbar_policy">automatic</property>
+ <property name="visible">True</property>
+ <property name="propagate_natural_height">True</property>
+ <child>
+ <object class="GtkGrid" id="fingerprints_verified">
+ <property name="visible">True</property>
+ <property name="vexpand">True</property>
+ </object>
+ </child>
+ </object>
+ </child>
+ </object>
+ </child>
+ <child>
+ <object class="GtkBox">
+ <property name="margin-top">12</property>
+ <property name="orientation">horizontal</property>
+ <property name="visible">True</property>
+ <child>
+ <object class="GtkLabel">
+ <property name="visible">True</property>
+ <property name="halign">start</property>
+ <property name="valign">center</property>
+ <property name="hexpand">True</property>
+ <property name="label" translatable="yes">Devices</property>
+ <property name="margin-bottom">2</property>
+ <attributes>
+ <attribute name="weight" value="PANGO_WEIGHT_BOLD"/>
+ </attributes>
+ </object>
+ </child>
+ <!-- TODO: implement QR code verification !-->
+ <!--<child>
+ <object class="GtkButton" id="scan_button">
+ <property name="visible">True</property>
+ <property name="can-focus">False</property>
+ <style>
+ <class name="flat"/>
+ </style>
+ <child>
+ <object class="GtkImage">
+ <property name="icon-name">camera-photo-symbolic</property>
+ <property name="icon-size">1</property>
+ <property name="visible">True</property>
+ </object>
+ </child>
+ </object>
+ </child>!-->
+ </object>
+ </child>
+ <child>
+ <object class="GtkFrame">
+ <property name="visible">True</property>
+ <property name="margin-bottom">18</property>
+ <child>
+ <object class="GtkScrolledWindow">
+ <property name="hscrollbar_policy">never</property>
+ <property name="vscrollbar_policy">automatic</property>
+ <property name="visible">True</property>
+ <property name="propagate_natural_height">True</property>
+ <child>
+ <object class="GtkGrid" id="fingerprints">
+ <property name="visible">True</property>
+ <property name="vexpand">True</property>
+ </object>
+ </child>
+ </object>
+ </child>
+ </object>
+ </child>
+ </object>
+ </child>
+ </template>
+</interface>
diff --git a/plugins/omemo/src/account_settings_dialog.vala b/plugins/omemo/src/account_settings_dialog.vala
index f0262c31..76357dbb 100644
--- a/plugins/omemo/src/account_settings_dialog.vala
+++ b/plugins/omemo/src/account_settings_dialog.vala
@@ -26,7 +26,7 @@ public class AccountSettingsDialog : Gtk.Dialog {
int own_id = plugin.db.identity.row_with(plugin.db.identity.account_id, account.id)[plugin.db.identity.device_id];
int i = 0;
- foreach (Row row in plugin.db.identity_meta.with_address(account.bare_jid.to_string())) {
+ foreach (Row row in plugin.db.identity_meta.with_address(account.id, account.bare_jid.to_string())) {
if (row[plugin.db.identity_meta.device_id] == own_id) continue;
if (i == 0) {
other_list.foreach((widget) => { widget.destroy(); });
diff --git a/plugins/omemo/src/contact_details_dialog.vala b/plugins/omemo/src/contact_details_dialog.vala
new file mode 100644
index 00000000..aa1b2a5f
--- /dev/null
+++ b/plugins/omemo/src/contact_details_dialog.vala
@@ -0,0 +1,203 @@
+using Gtk;
+using Xmpp;
+using Gee;
+using Qlite;
+using Dino.Entities;
+
+namespace Dino.Plugins.Omemo {
+
+[GtkTemplate (ui = "/im/dino/Dino/omemo/contact_details_dialog.ui")]
+public class ContactDetailsDialog : Gtk.Dialog {
+
+ private Plugin plugin;
+ private Account account;
+ private Jid jid;
+
+ private Gee.List<Widget> toggles;
+
+ [GtkChild] private Grid fingerprints;
+ [GtkChild] private Box fingerprints_prompt_label;
+ [GtkChild] private Frame fingerprints_prompt_container;
+ [GtkChild] private Grid fingerprints_prompt;
+ [GtkChild] private Box fingerprints_verified_label;
+ [GtkChild] private Frame fingerprints_verified_container;
+ [GtkChild] private Grid fingerprints_verified;
+ [GtkChild] private Switch key_mgmnt;
+
+
+ private void set_device_trust(Row device, bool trust) {
+ Database.IdentityMetaTable.TrustLevel trust_level = trust ? Database.IdentityMetaTable.TrustLevel.TRUSTED : Database.IdentityMetaTable.TrustLevel.UNTRUSTED;
+ plugin.db.identity_meta.update()
+ .with(plugin.db.identity_meta.identity_id, "=", account.id)
+ .with(plugin.db.identity_meta.address_name, "=", device[plugin.db.identity_meta.address_name])
+ .with(plugin.db.identity_meta.device_id, "=", device[plugin.db.identity_meta.device_id])
+ .set(plugin.db.identity_meta.trust_level, trust_level).perform();
+
+ if(!trust) {
+ plugin.app.stream_interactor.module_manager.get_module(account, StreamModule.IDENTITY).untrust_device(jid, device[plugin.db.identity_meta.device_id]);
+ } else {
+ plugin.app.stream_interactor.module_manager.get_module(account, StreamModule.IDENTITY).trust_device(jid, device[plugin.db.identity_meta.device_id]);
+ }
+ }
+
+ private void add_fingerprint(Row device, int row, Database.IdentityMetaTable.TrustLevel trust) {
+ string res = fingerprint_markup(fingerprint_from_base64(device[plugin.db.identity_meta.identity_key_public_base64]));
+ Label lbl = new Label(res)
+ { use_markup=true, justify=Justification.RIGHT, visible=true, margin = 8, halign = Align.START, valign = Align.CENTER };
+ //TODO: handle display of verified devices
+ Switch tgl = new Switch() {visible = true, halign = Align.END, valign = Align.CENTER, margin = 8, hexpand = true, active = (trust == Database.IdentityMetaTable.TrustLevel.TRUSTED) };
+ tgl.state_set.connect((active) => {
+ set_device_trust(device, active);
+
+ return false;
+ });
+ toggles.add(tgl);
+
+ fingerprints.attach(lbl, 0, row);
+ fingerprints.attach(tgl, 1, row);
+ }
+
+ public ContactDetailsDialog(Plugin plugin, Account account, Jid jid) {
+ Object(use_header_bar : 1);
+ this.plugin = plugin;
+ this.account = account;
+ this.jid = jid;
+
+ toggles = new ArrayList<Widget>();
+
+ int i = 0;
+ foreach (Row device in plugin.db.identity_meta.with_address(account.id, jid.to_string()).with(plugin.db.identity_meta.trust_level, "!=", Database.IdentityMetaTable.TrustLevel.UNKNOWN).with(plugin.db.identity_meta.trust_level, "!=", Database.IdentityMetaTable.TrustLevel.VERIFIED)) {
+ if (device[plugin.db.identity_meta.identity_key_public_base64] == null) {
+ continue;
+ }
+ add_fingerprint(device, i, (Database.IdentityMetaTable.TrustLevel) device[plugin.db.identity_meta.trust_level]);
+
+ i++;
+
+ }
+
+ int j = 0;
+ foreach (Row device in plugin.db.identity_meta.with_address(account.id, jid.to_string()).with(plugin.db.identity_meta.trust_level, "=", Database.IdentityMetaTable.TrustLevel.UNKNOWN)) {
+ if (device[plugin.db.identity_meta.identity_key_public_base64] == null) {
+ continue;
+ }
+
+ string res = fingerprint_markup(fingerprint_from_base64(device[plugin.db.identity_meta.identity_key_public_base64]));
+ Label lbl = new Label(res)
+ { use_markup=true, justify=Justification.RIGHT, visible=true, margin = 8, halign = Align.START };
+
+ Box box = new Box(Gtk.Orientation.HORIZONTAL, 0) { visible = true, valign = Align.CENTER, hexpand = true, margin = 8 };
+
+ Button yes = new Button() { visible = true, valign = Align.CENTER, hexpand = true};
+ yes.image = new Image.from_icon_name("list-add-symbolic", IconSize.BUTTON);
+
+ yes.clicked.connect(() => {
+ set_device_trust(device, true);
+
+ fingerprints_prompt.remove(box);
+ fingerprints_prompt.remove(lbl);
+ toggles.remove(box);
+ j--;
+
+ add_fingerprint(device, i, Database.IdentityMetaTable.TrustLevel.TRUSTED);
+ i++;
+
+ if (j == 0) {
+ fingerprints_prompt.attach(new Label("No more new devices") { visible = true, valign = Align.CENTER, halign = Align.CENTER, margin = 8, hexpand = true }, 0, 0);
+ }
+ });
+
+ Button no = new Button() { visible = true, valign = Align.CENTER, hexpand = true};
+ no.image = new Image.from_icon_name("list-remove-symbolic", IconSize.BUTTON);
+
+ no.clicked.connect(() => {
+ set_device_trust(device, false);
+
+ fingerprints_prompt.remove(box);
+ fingerprints_prompt.remove(lbl);
+ toggles.remove(box);
+ j--;
+
+ add_fingerprint(device, i, Database.IdentityMetaTable.TrustLevel.UNTRUSTED);
+ i++;
+
+ if (j == 0) {
+ fingerprints_prompt.attach(new Label("No more new devices") { visible = true, valign = Align.CENTER, halign = Align.CENTER, margin = 8, hexpand = true }, 0, 0);
+ }
+ });
+
+ box.pack_start(yes);
+ box.pack_start(no);
+
+ box.get_style_context().add_class("linked");
+ toggles.add(box);
+
+ fingerprints_prompt.attach(lbl, 0, j);
+ fingerprints_prompt.attach(box, 1, j);
+ j++;
+ }
+ if( j > 0 ){
+ fingerprints_prompt_label.visible = true;
+ fingerprints_prompt_container.visible = true;
+ }
+
+ int k = 0;
+ foreach (Row device in plugin.db.identity_meta.with_address(account.id, jid.to_string()).without_null(plugin.db.identity_meta.identity_key_public_base64).with(plugin.db.identity_meta.trust_level, "=", Database.IdentityMetaTable.TrustLevel.VERIFIED)) {
+ string res = fingerprint_markup(fingerprint_from_base64(device[plugin.db.identity_meta.identity_key_public_base64]));
+ Label lbl = new Label(res)
+ { use_markup=true, justify=Justification.RIGHT, visible=true, margin = 8, halign = Align.START };
+
+ Box box = new Box(Gtk.Orientation.HORIZONTAL, 0) { visible = true, valign = Align.CENTER, hexpand = true, margin = 8 };
+
+ Button no = new Button() { visible = true, valign = Align.CENTER, halign = Align.END, hexpand = false };
+ no.image = new Image.from_icon_name("list-remove-symbolic", IconSize.BUTTON);
+
+ no.clicked.connect(() => {
+ set_device_trust(device, false);
+
+ fingerprints_verified.remove(no);
+ fingerprints_verified.remove(lbl);
+ toggles.remove(no);
+ k--;
+
+ add_fingerprint(device, i, Database.IdentityMetaTable.TrustLevel.UNTRUSTED);
+ i++;
+
+ if (k == 0) {
+ fingerprints_verified.attach(new Label("No more new devices") { visible = true, valign = Align.CENTER, halign = Align.CENTER, margin = 8, hexpand = true }, 0, 0);
+ }
+ });
+
+ box.pack_end(no);
+ toggles.add(no);
+
+ fingerprints_verified.attach(lbl, 0, k);
+ fingerprints_verified.attach(box, 1, k);
+ k++;
+ }
+
+ if( k > 0 ){
+ fingerprints_verified_label.visible = true;
+ fingerprints_verified_container.visible = true;
+ }
+
+ bool blind_trust = plugin.db.trust.get_blind_trust(account.id, jid.bare_jid.to_string());
+ key_mgmnt.set_active(!blind_trust);
+ foreach(Widget tgl in toggles){
+ tgl.set_sensitive(!blind_trust);
+ }
+
+ key_mgmnt.state_set.connect((active) => {
+ plugin.db.trust.update().with(plugin.db.trust.identity_id, "=", account.id).with(plugin.db.trust.address_name, "=", jid.bare_jid.to_string()).set(plugin.db.trust.blind_trust, !active).perform();
+ foreach(Widget tgl in toggles){
+ tgl.set_sensitive(active);
+ }
+
+ return false;
+ });
+
+ }
+
+}
+
+}
diff --git a/plugins/omemo/src/contact_details_provider.vala b/plugins/omemo/src/contact_details_provider.vala
index 05b85d9f..1cf635c2 100644
--- a/plugins/omemo/src/contact_details_provider.vala
+++ b/plugins/omemo/src/contact_details_provider.vala
@@ -1,4 +1,5 @@
using Gtk;
+using Gee;
using Qlite;
using Dino.Entities;
@@ -15,20 +16,31 @@ public class ContactDetailsProvider : Plugins.ContactDetailsProvider, Object {
public void populate(Conversation conversation, Plugins.ContactDetails contact_details, WidgetType type) {
if (conversation.type_ == Conversation.Type.CHAT && type == WidgetType.GTK) {
- string res = "";
+
int i = 0;
- foreach (Row row in plugin.db.identity_meta.with_address(conversation.counterpart.to_string())) {
+ foreach (Row row in plugin.db.identity_meta.with_address(conversation.account.id, conversation.counterpart.to_string())) {
if (row[plugin.db.identity_meta.identity_key_public_base64] != null) {
- if (i != 0) {
- res += "\n\n";
- }
- res += fingerprint_markup(fingerprint_from_base64(row[plugin.db.identity_meta.identity_key_public_base64]));
i++;
}
}
+
if (i > 0) {
- Label label = new Label(res) { use_markup=true, justify=Justification.RIGHT, selectable=true, visible=true };
- contact_details.add(_("Encryption"), "OMEMO", n("%d OMEMO device", "%d OMEMO devices", i).printf(i), label);
+ Button btn = new Button();
+ btn.image = new Image.from_icon_name("view-list-symbolic", IconSize.BUTTON);
+ btn.relief = ReliefStyle.NONE;
+ btn.visible = true;
+ btn.valign = Align.CENTER;
+ btn.clicked.connect(() => {
+ btn.activate();
+ ContactDetailsDialog dialog = new ContactDetailsDialog(plugin, conversation.account, conversation.counterpart);
+ dialog.set_transient_for((Window) btn.get_toplevel());
+ dialog.response.connect((response_type) => {
+ plugin.device_notification_populator.should_hide();
+ });
+ dialog.present();
+ });
+
+ contact_details.add(_("Encryption"), "OMEMO", n("%d OMEMO device", "%d OMEMO devices", i).printf(i), btn);
}
}
}
diff --git a/plugins/omemo/src/database.vala b/plugins/omemo/src/database.vala
index 5c7309f3..05864e38 100644
--- a/plugins/omemo/src/database.vala
+++ b/plugins/omemo/src/database.vala
@@ -6,31 +6,47 @@ using Dino.Entities;
namespace Dino.Plugins.Omemo {
public class Database : Qlite.Database {
- private const int VERSION = 1;
+ private const int VERSION = 2;
public class IdentityMetaTable : Table {
+ public enum TrustLevel {
+ VERIFIED,
+ TRUSTED,
+ UNTRUSTED,
+ UNKNOWN;
+
+ public string to_string() {
+ int val = this;
+ return val.to_string();
+ }
+ }
+
+ //Default to provide backwards compatability
+ public Column<int> identity_id = new Column.Integer("identity_id") { not_null = true, min_version = 2, default = "-1" };
public Column<string> address_name = new Column.Text("address_name") { not_null = true };
public Column<int> device_id = new Column.Integer("device_id") { not_null = true };
public Column<string?> identity_key_public_base64 = new Column.Text("identity_key_public_base64");
- public Column<bool> trusted_identity = new Column.BoolInt("trusted_identity") { default = "0" };
+ public Column<bool> trusted_identity = new Column.BoolInt("trusted_identity") { default = "0", max_version = 1 };
+ public Column<int> trust_level = new Column.Integer("trust_level") { default = TrustLevel.UNKNOWN.to_string(), min_version = 2 };
public Column<bool> now_active = new Column.BoolInt("now_active") { default = "1" };
public Column<long> last_active = new Column.Long("last_active");
internal IdentityMetaTable(Database db) {
base(db, "identity_meta");
- init({address_name, device_id, identity_key_public_base64, trusted_identity, now_active, last_active});
- index("identity_meta_idx", {address_name, device_id}, true);
- index("identity_meta_list_idx", {address_name});
+ init({identity_id, address_name, device_id, identity_key_public_base64, trusted_identity, trust_level, now_active, last_active});
+ index("identity_meta_idx", {identity_id, address_name, device_id}, true);
+ index("identity_meta_list_idx", {identity_id, address_name});
}
- public QueryBuilder with_address(string address_name) {
- return select().with(this.address_name, "=", address_name);
+ public QueryBuilder with_address(int identity_id, string address_name) {
+ return select().with(this.identity_id, "=", identity_id).with(this.address_name, "=", address_name);
}
- public void insert_device_list(string address_name, ArrayList<int32> devices) {
+ public void insert_device_list(int32 identity_id, string address_name, ArrayList<int32> devices) {
update().with(this.address_name, "=", address_name).set(now_active, false).perform();
foreach (int32 device_id in devices) {
upsert()
+ .value(this.identity_id, identity_id, true)
.value(this.address_name, address_name, true)
.value(this.device_id, device_id, true)
.value(this.now_active, true)
@@ -39,13 +55,33 @@ public class Database : Qlite.Database {
}
}
- public int64 insert_device_bundle(string address_name, int device_id, Bundle bundle) {
+ public int64 insert_device_bundle(int32 identity_id, string address_name, int device_id, Bundle bundle, TrustLevel trust) {
if (bundle == null || bundle.identity_key == null) return -1;
return upsert()
+ .value(this.identity_id, identity_id, true)
.value(this.address_name, address_name, true)
.value(this.device_id, device_id, true)
.value(this.identity_key_public_base64, Base64.encode(bundle.identity_key.serialize()))
- .perform();
+ .value(this.trust_level, trust).perform();
+ }
+ }
+
+
+ public class TrustTable : Table {
+ public Column<int> identity_id = new Column.Integer("identity_id") { not_null = true };
+ public Column<string> address_name = new Column.Text("address_name");
+ public Column<bool> blind_trust = new Column.BoolInt("blind_trust") { default = "1" } ;
+
+ internal TrustTable(Database db) {
+ base(db, "trust");
+ init({identity_id, address_name, blind_trust});
+ index("trust_idx", {identity_id, address_name}, true);
+ }
+
+ public bool get_blind_trust(int32 identity_id, string address_name) {
+ return this.select().with(this.identity_id, "=", identity_id)
+ .with(this.address_name, "=", address_name)
+ .with(this.blind_trust, "=", true).count() > 0;
}
}
@@ -103,6 +139,7 @@ public class Database : Qlite.Database {
}
public IdentityMetaTable identity_meta { get; private set; }
+ public TrustTable trust { get; private set; }
public IdentityTable identity { get; private set; }
public SignedPreKeyTable signed_pre_key { get; private set; }
public PreKeyTable pre_key { get; private set; }
@@ -111,18 +148,22 @@ public class Database : Qlite.Database {
public Database(string fileName) {
base(fileName, VERSION);
identity_meta = new IdentityMetaTable(this);
+ trust = new TrustTable(this);
identity = new IdentityTable(this);
signed_pre_key = new SignedPreKeyTable(this);
pre_key = new PreKeyTable(this);
session = new SessionTable(this);
- init({identity_meta, identity, signed_pre_key, pre_key, session});
+ init({identity_meta, trust, identity, signed_pre_key, pre_key, session});
try {
exec("PRAGMA synchronous=0");
} catch (Error e) { }
}
public override void migrate(long oldVersion) {
- // new table columns are added, outdated columns are still present
+ exec("DROP INDEX identity_meta_idx");
+ exec("DROP INDEX identity_meta_list_idx");
+ exec("CREATE UNIQUE INDEX identity_meta_idx ON identity_meta (identity_id, address_name, device_id)");
+ exec("CREATE INDEX identity_meta_list_idx ON identity_meta (identity_id, address_name)");
}
}
diff --git a/plugins/omemo/src/device_notification_populator.vala b/plugins/omemo/src/device_notification_populator.vala
new file mode 100644
index 00000000..6940c723
--- /dev/null
+++ b/plugins/omemo/src/device_notification_populator.vala
@@ -0,0 +1,92 @@
+using Dino.Entities;
+using Xmpp;
+using Gtk;
+
+namespace Dino.Plugins.Omemo {
+
+public class DeviceNotificationPopulator : NotificationPopulator, Object {
+
+ public string id { get { return "device_notification"; } }
+
+ private StreamInteractor? stream_interactor;
+ private Plugin plugin;
+ private Conversation? current_conversation;
+ private NotificationCollection? notification_collection;
+ private ConversationNotification notification;
+
+ public DeviceNotificationPopulator(Plugin plugin, StreamInteractor stream_interactor) {
+ this.stream_interactor = stream_interactor;
+ this.plugin = plugin;
+ }
+
+ public bool has_new_devices(Jid jid) {
+ return plugin.db.identity_meta.with_address(current_conversation.account.id, jid.bare_jid.to_string()).with(plugin.db.identity_meta.trust_level, "=", Database.IdentityMetaTable.TrustLevel.UNKNOWN).without_null(plugin.db.identity_meta.identity_key_public_base64).count() > 0;
+ }
+
+ public void init(Conversation conversation, NotificationCollection notification_collection, Plugins.WidgetType type) {
+ current_conversation = conversation;
+ this.notification_collection = notification_collection;
+ stream_interactor.module_manager.get_module(conversation.account, StreamModule.IDENTITY).bundle_fetched.connect_after((jid, device_id, bundle) => {
+ if (jid.equals(conversation.counterpart) && has_new_devices(conversation.counterpart) && conversation.type_ == Conversation.Type.CHAT) {
+ display_notification();
+ }
+ });
+ if (has_new_devices(conversation.counterpart) && conversation.type_ == Conversation.Type.CHAT) {
+ display_notification();
+ }
+ }
+
+ public void close(Conversation conversation) {
+ notification = null;
+ }
+
+ private void display_notification() {
+ if(notification == null) {
+ notification = new ConversationNotification(plugin, current_conversation.account, current_conversation.counterpart);
+ notification.should_hide.connect(should_hide);
+ notification_collection.add_meta_notification(notification);
+ }
+ }
+
+ public void should_hide() {
+ if (!has_new_devices(current_conversation.counterpart) && notification != null){
+ notification_collection.remove_meta_notification(notification);
+ notification = null;
+ }
+ }
+}
+
+private class ConversationNotification : MetaConversationNotification {
+ private Widget widget;
+ private Plugin plugin;
+ private Jid jid;
+ private Account account;
+ public signal void should_hide();
+
+ public ConversationNotification(Plugin plugin, Account account, Jid jid) {
+ this.plugin = plugin;
+ this.jid = jid;
+ this.account = account;
+
+ Box box = new Box(Orientation.HORIZONTAL, 5) { visible=true };
+ Button manage_button = new Button() { label=_("Manage"), visible=true };
+ manage_button.clicked.connect(() => {
+ manage_button.activate();
+ ContactDetailsDialog dialog = new ContactDetailsDialog(plugin, account, jid);
+ dialog.set_transient_for((Window) manage_button.get_toplevel());
+ dialog.response.connect((response_type) => {
+ should_hide();
+ });
+ dialog.present();
+ });
+ box.add(new Label(_("This contact has new devices")) { margin_end=10, visible=true });
+ box.add(manage_button);
+ widget = box;
+ }
+
+ public override Object? get_widget(WidgetType type) {
+ return widget;
+ }
+}
+
+}
diff --git a/plugins/omemo/src/manager.vala b/plugins/omemo/src/manager.vala
index eb0c6378..e1f3ee56 100644
--- a/plugins/omemo/src/manager.vala
+++ b/plugins/omemo/src/manager.vala
@@ -116,14 +116,15 @@ public class Manager : StreamInteractionModule, Object {
if (!state.will_send_now) {
if (message.marked == Entities.Message.Marked.WONTSEND) {
if (Plugin.DEBUG) print(@"OMEMO: message was not sent: $state\n");
+ message_states.unset(message);
} else {
if (Plugin.DEBUG) print(@"OMEMO: message will be delayed: $state\n");
if (state.waiting_own_sessions > 0) {
- module.start_sessions_with((!)stream, conversation.account.bare_jid);
+ module.fetch_bundles((!)stream, conversation.account.bare_jid);
}
if (state.waiting_other_sessions > 0 && message.counterpart != null) {
- module.start_sessions_with((!)stream, ((!)message.counterpart).bare_jid);
+ module.fetch_bundles((!)stream, ((!)message.counterpart).bare_jid);
}
if (state.waiting_other_devicelist && message.counterpart != null) {
module.request_user_devicelist((!)stream, ((!)message.counterpart).bare_jid);
@@ -137,40 +138,12 @@ public class Manager : StreamInteractionModule, Object {
stream_interactor.module_manager.get_module(account, StreamModule.IDENTITY).store_created.connect((store) => on_store_created(account, store));
stream_interactor.module_manager.get_module(account, StreamModule.IDENTITY).device_list_loaded.connect((jid) => on_device_list_loaded(account, jid));
stream_interactor.module_manager.get_module(account, StreamModule.IDENTITY).bundle_fetched.connect((jid, device_id, bundle) => on_bundle_fetched(account, jid, device_id, bundle));
- stream_interactor.module_manager.get_module(account, StreamModule.IDENTITY).session_started.connect((jid, device_id) => on_session_started(account, jid, false));
- stream_interactor.module_manager.get_module(account, StreamModule.IDENTITY).session_start_failed.connect((jid, device_id) => on_session_started(account, jid, true));
}
private void on_stream_negotiated(Account account, XmppStream stream) {
stream_interactor.module_manager.get_module(account, StreamModule.IDENTITY).request_user_devicelist(stream, account.bare_jid);
}
- private void on_session_started(Account account, Jid jid, bool failed) {
- if (Plugin.DEBUG) print(@"OMEMO: session start between $(account.bare_jid) and $jid $(failed ? "failed" : "successful")\n");
- HashSet<Entities.Message> send_now = new HashSet<Entities.Message>();
- lock (message_states) {
- foreach (Entities.Message msg in message_states.keys) {
- if (!msg.account.equals(account)) continue;
- MessageState state = message_states[msg];
- if (account.bare_jid.equals(jid)) {
- state.waiting_own_sessions--;
- } else if (msg.counterpart != null && msg.counterpart.equals_bare(jid)) {
- state.waiting_other_sessions--;
- }
- if (state.should_retry_now()) {
- send_now.add(msg);
- state.active_send_attempt = true;
- }
- }
- }
- foreach (Entities.Message msg in send_now) {
- if (msg.counterpart == null) continue;
- Entities.Conversation? conv = stream_interactor.get_module(ConversationManager.IDENTITY).get_conversation((!)msg.counterpart, account);
- if (conv == null) continue;
- stream_interactor.get_module(MessageProcessor.IDENTITY).send_xmpp_message(msg, (!)conv, true);
- }
- }
-
private void on_device_list_loaded(Account account, Jid jid) {
if (Plugin.DEBUG) print(@"OMEMO: received device list for $(account.bare_jid) from $jid\n");
HashSet<Entities.Message> send_now = new HashSet<Entities.Message>();
@@ -206,19 +179,75 @@ public class Manager : StreamInteractionModule, Object {
return;
}
ArrayList<int32> device_list = module.get_device_list(jid);
- db.identity_meta.insert_device_list(jid.bare_jid.to_string(), device_list);
+ db.identity_meta.insert_device_list(account.id, jid.bare_jid.to_string(), device_list);
int inc = 0;
- foreach (Row row in db.identity_meta.with_address(jid.bare_jid.to_string()).with_null(db.identity_meta.identity_key_public_base64)) {
+ foreach (Row row in db.identity_meta.with_address(account.id, jid.bare_jid.to_string()).with_null(db.identity_meta.identity_key_public_base64)) {
module.fetch_bundle(stream, Jid.parse(row[db.identity_meta.address_name]), row[db.identity_meta.device_id]);
inc++;
}
if (inc > 0) {
if (Plugin.DEBUG) print(@"OMEMO: new bundles $inc/$(device_list.size) for $jid\n");
}
+
+ if (db.trust.select().with(db.trust.identity_id, "=", account.id).with(db.trust.address_name, "=", jid.bare_jid.to_string()).count() == 0) {
+ db.trust.insert().value(db.trust.identity_id, account.id).value(db.trust.address_name, jid.bare_jid.to_string()).value(db.trust.blind_trust, true).perform();
+ }
}
public void on_bundle_fetched(Account account, Jid jid, int32 device_id, Bundle bundle) {
- db.identity_meta.insert_device_bundle(jid.bare_jid.to_string(), device_id, bundle);
+ bool blind_trust = db.trust.get_blind_trust(account.id, jid.bare_jid.to_string());
+
+ bool untrust = !(blind_trust || db.identity_meta.with_address(account.id, jid.bare_jid.to_string())
+ .with(db.identity_meta.device_id, "=", device_id)
+ .with(db.identity_meta.identity_key_public_base64, "=", Base64.encode(bundle.identity_key.serialize()))
+ .single().row().is_present());
+
+ Database.IdentityMetaTable.TrustLevel trusted = (Database.IdentityMetaTable.TrustLevel) db.identity_meta.with_address(account.id, jid.bare_jid.to_string()).with(db.identity_meta.device_id, "=", device_id).single()[db.identity_meta.trust_level, Database.IdentityMetaTable.TrustLevel.UNKNOWN];
+
+ if(untrust) {
+ trusted = Database.IdentityMetaTable.TrustLevel.UNKNOWN;
+ } else if (blind_trust && trusted == Database.IdentityMetaTable.TrustLevel.UNKNOWN) {
+ trusted = Database.IdentityMetaTable.TrustLevel.TRUSTED;
+ }
+
+ db.identity_meta.insert_device_bundle(account.id, jid.bare_jid.to_string(), device_id, bundle, trusted);
+
+ XmppStream? stream = stream_interactor.get_stream(account);
+ if(stream == null) return;
+ StreamModule? module = ((!)stream).get_module(StreamModule.IDENTITY);
+ if(module == null) return;
+
+ HashSet<Entities.Message> send_now = new HashSet<Entities.Message>();
+ lock (message_states) {
+ foreach (Entities.Message msg in message_states.keys) {
+ bool session_created = true;
+ if (!msg.account.equals(account)) continue;
+ MessageState state = message_states[msg];
+
+ if (trusted != Database.IdentityMetaTable.TrustLevel.TRUSTED && trusted != Database.IdentityMetaTable.TrustLevel.VERIFIED) {
+ module.untrust_device(jid, device_id);
+ } else {
+ if(account.bare_jid.equals(jid) || (msg.counterpart != null && msg.counterpart.equals_bare(jid))) {
+ session_created = module.start_session(stream, jid, device_id, bundle);
+ }
+ }
+ if (account.bare_jid.equals(jid) && session_created) {
+ state.waiting_own_sessions--;
+ } else if (msg.counterpart != null && msg.counterpart.equals_bare(jid) && session_created) {
+ state.waiting_other_sessions--;
+ }
+ if (state.should_retry_now()){
+ send_now.add(msg);
+ state.active_send_attempt = true;
+ }
+ }
+ }
+ foreach (Entities.Message msg in send_now) {
+ if (msg.counterpart == null) continue;
+ Entities.Conversation? conv = stream_interactor.get_module(ConversationManager.IDENTITY).get_conversation((!)msg.counterpart, account);
+ if (conv == null) continue;
+ stream_interactor.get_module(MessageProcessor.IDENTITY).send_xmpp_message(msg, (!)conv, true);
+ }
}
private void on_store_created(Account account, Store store) {
diff --git a/plugins/omemo/src/plugin.vala b/plugins/omemo/src/plugin.vala
index b9ce500d..79e6a5eb 100644
--- a/plugins/omemo/src/plugin.vala
+++ b/plugins/omemo/src/plugin.vala
@@ -28,6 +28,7 @@ public class Plugin : RootInterface, Object {
public EncryptionListEntry list_entry;
public AccountSettingsEntry settings_entry;
public ContactDetailsProvider contact_details_provider;
+ public DeviceNotificationPopulator device_notification_populator;
public void registered(Dino.Application app) {
ensure_context();
@@ -36,9 +37,11 @@ public class Plugin : RootInterface, Object {
this.list_entry = new EncryptionListEntry(this);
this.settings_entry = new AccountSettingsEntry(this);
this.contact_details_provider = new ContactDetailsProvider(this);
+ this.device_notification_populator = new DeviceNotificationPopulator(this, this.app.stream_interactor);
this.app.plugin_registry.register_encryption_list_entry(list_entry);
this.app.plugin_registry.register_account_settings_entry(settings_entry);
this.app.plugin_registry.register_contact_details_entry(contact_details_provider);
+ this.app.plugin_registry.register_notification_populator(device_notification_populator);
this.app.stream_interactor.module_manager.initialize_account_modules.connect((account, list) => {
list.add(new StreamModule());
});
diff --git a/plugins/omemo/src/stream_module.vala b/plugins/omemo/src/stream_module.vala
index 6e6772ca..2c792a2f 100644
--- a/plugins/omemo/src/stream_module.vala
+++ b/plugins/omemo/src/stream_module.vala
@@ -26,8 +26,6 @@ public class StreamModule : XmppStreamModule {
public signal void store_created(Store store);
public signal void device_list_loaded(Jid jid);
public signal void bundle_fetched(Jid jid, int device_id, Bundle bundle);
- public signal void session_started(Jid jid, int device_id);
- public signal void session_start_failed(Jid jid, int device_id);
public EncryptState encrypt(MessageStanza message, Jid self_jid) {
EncryptState status = new EncryptState();
@@ -103,6 +101,27 @@ public class StreamModule : XmppStreamModule {
return status;
}
+ public void untrust_device(Jid jid, int device_id) {
+ if (device_lists.has_key(jid) && device_lists[jid].contains(device_id)) {
+ device_lists[jid].remove(device_id);
+ }
+ if (store.contains_session(new Address(jid.bare_jid.to_string(), device_id))) {
+ store.delete_session(new Address(jid.bare_jid.to_string(), device_id));
+ }
+ }
+
+ public void trust_device(Jid jid, int device_id) {
+ if (is_ignored_device(jid, device_id)){
+ ignored_devices[jid].remove(device_id);
+ }
+ if (!device_lists.has_key(jid)) {
+ device_lists[jid] = new ArrayList<int32>();
+ }
+ if (!device_lists[jid].contains(device_id)) {
+ device_lists[jid].add(device_id);
+ }
+ }
+
private StanzaNode create_encrypted_key(uint8[] key, Address address) throws GLib.Error {
SessionCipher cipher = store.create_session_cipher(address);
CiphertextMessage device_key = cipher.encrypt(key);
@@ -164,7 +183,7 @@ public class StreamModule : XmppStreamModule {
device_list_loaded(jid);
}
- public void start_sessions_with(XmppStream stream, Jid jid) {
+ public void fetch_bundles(XmppStream stream, Jid jid) {
if (!device_lists.has_key(jid)) {
return;
}
@@ -174,7 +193,7 @@ public class StreamModule : XmppStreamModule {
address.device_id = device_id;
try {
if (!store.contains_session(address)) {
- start_session_with(stream, jid, device_id);
+ fetch_bundle(stream, jid, device_id);
}
} catch (Error e) {
// Ignore
@@ -184,21 +203,11 @@ public class StreamModule : XmppStreamModule {
address.device_id = 0;
}
- public void start_session_with(XmppStream stream, Jid jid, int device_id) {
- if (active_bundle_requests.add(jid.bare_jid.to_string() + @":$device_id")) {
- if (Plugin.DEBUG) print(@"OMEMO: Asking for bundle from $(jid.bare_jid.to_string()):$device_id\n");
- stream.get_module(Pubsub.Module.IDENTITY).request(stream, jid.bare_jid, @"$NODE_BUNDLES:$device_id", (stream, jid, id, node) => {
- on_other_bundle_result(stream, jid, device_id, id, node);
- });
- }
- }
-
public void fetch_bundle(XmppStream stream, Jid jid, int device_id) {
if (active_bundle_requests.add(jid.bare_jid.to_string() + @":$device_id")) {
if (Plugin.DEBUG) print(@"OMEMO: Asking for bundle from $(jid.bare_jid.to_string()):$device_id\n");
stream.get_module(Pubsub.Module.IDENTITY).request(stream, jid.bare_jid, @"$NODE_BUNDLES:$device_id", (stream, jid, id, node) => {
- stream.get_module(IDENTITY).active_bundle_requests.remove(jid.bare_jid.to_string() + @":$device_id");
- bundle_fetched(jid, device_id, new Bundle(node));
+ on_other_bundle_result(stream, jid, device_id, id, node);
});
}
}
@@ -223,7 +232,6 @@ public class StreamModule : XmppStreamModule {
}
ignored_devices[jid].add(device_id);
}
- session_start_failed(jid, device_id);
}
public bool is_ignored_device(Jid jid, int32 device_id) {
@@ -234,47 +242,50 @@ public class StreamModule : XmppStreamModule {
}
private void on_other_bundle_result(XmppStream stream, Jid jid, int device_id, string? id, StanzaNode? node) {
- bool fail = false;
if (node == null) {
// Device not registered, shouldn't exist
- fail = true;
+ stream.get_module(IDENTITY).ignore_device(jid, device_id);
} else {
Bundle bundle = new Bundle(node);
bundle_fetched(jid, device_id, bundle);
- int32 signed_pre_key_id = bundle.signed_pre_key_id;
- ECPublicKey? signed_pre_key = bundle.signed_pre_key;
- uint8[] signed_pre_key_signature = bundle.signed_pre_key_signature;
- ECPublicKey? identity_key = bundle.identity_key;
+ }
+ stream.get_module(IDENTITY).active_bundle_requests.remove(jid.bare_jid.to_string() + @":$device_id");
+ }
- ArrayList<Bundle.PreKey> pre_keys = bundle.pre_keys;
- if (signed_pre_key_id < 0 || signed_pre_key == null || identity_key == null || pre_keys.size == 0) {
+ public bool start_session(XmppStream stream, Jid jid, int32 device_id, Bundle bundle) {
+ bool fail = false;
+ int32 signed_pre_key_id = bundle.signed_pre_key_id;
+ ECPublicKey? signed_pre_key = bundle.signed_pre_key;
+ uint8[] signed_pre_key_signature = bundle.signed_pre_key_signature;
+ ECPublicKey? identity_key = bundle.identity_key;
+
+ ArrayList<Bundle.PreKey> pre_keys = bundle.pre_keys;
+ if (signed_pre_key_id < 0 || signed_pre_key == null || identity_key == null || pre_keys.size == 0) {
+ fail = true;
+ } else {
+ int pre_key_idx = Random.int_range(0, pre_keys.size);
+ int32 pre_key_id = pre_keys[pre_key_idx].key_id;
+ ECPublicKey? pre_key = pre_keys[pre_key_idx].key;
+ if (pre_key_id < 0 || pre_key == null) {
fail = true;
} else {
- int pre_key_idx = Random.int_range(0, pre_keys.size);
- int32 pre_key_id = pre_keys[pre_key_idx].key_id;
- ECPublicKey? pre_key = pre_keys[pre_key_idx].key;
- if (pre_key_id < 0 || pre_key == null) {
- fail = true;
- } else {
- Address address = new Address(jid.bare_jid.to_string(), device_id);
- try {
- if (store.contains_session(address)) {
- return;
- }
- SessionBuilder builder = store.create_session_builder(address);
- builder.process_pre_key_bundle(create_pre_key_bundle(device_id, device_id, pre_key_id, pre_key, signed_pre_key_id, signed_pre_key, signed_pre_key_signature, identity_key));
- stream.get_module(IDENTITY).session_started(jid, device_id);
- } catch (Error e) {
- fail = true;
+ Address address = new Address(jid.bare_jid.to_string(), device_id);
+ try {
+ if (store.contains_session(address)) {
+ return false;
}
- address.device_id = 0; // TODO: Hack to have address obj live longer
+ SessionBuilder builder = store.create_session_builder(address);
+ builder.process_pre_key_bundle(create_pre_key_bundle(device_id, device_id, pre_key_id, pre_key, signed_pre_key_id, signed_pre_key, signed_pre_key_signature, identity_key));
+ } catch (Error e) {
+ fail = true;
}
+ address.device_id = 0; // TODO: Hack to have address obj live longer
}
}
if (fail) {
stream.get_module(IDENTITY).ignore_device(jid, device_id);
}
- stream.get_module(IDENTITY).active_bundle_requests.remove(jid.bare_jid.to_string() + @":$device_id");
+ return true;
}
public void publish_bundles_if_needed(XmppStream stream, Jid jid) {