From b586aebbac20ea03509e42e54f1632d654ea968d Mon Sep 17 00:00:00 2001 From: Marvin W Date: Sat, 12 Feb 2022 17:18:03 +0100 Subject: Calls: Fix OMEMO in group calls --- libdino/src/service/calls.vala | 11 ++-- .../omemo/src/dtls_srtp_verification_draft.vala | 64 +++++++++++++++++++++- .../src/module/xep/0166_jingle/jingle_module.vala | 15 ++++- xmpp-vala/src/module/xep/0166_jingle/session.vala | 2 + .../xep/0167_jingle_rtp/content_parameters.vala | 10 ---- .../xep/0167_jingle_rtp/jingle_rtp_module.vala | 10 ++-- 6 files changed, 88 insertions(+), 24 deletions(-) diff --git a/libdino/src/service/calls.vala b/libdino/src/service/calls.vala index ef853903..a75ed063 100644 --- a/libdino/src/service/calls.vala +++ b/libdino/src/service/calls.vala @@ -143,23 +143,22 @@ namespace Dino { } private void on_incoming_call(Account account, Xep.Jingle.Session session) { - Jid? muji_muc = null; + Jid? muji_room = session.muji_room; bool counterpart_wants_video = false; foreach (Xep.Jingle.Content content in session.contents) { Xep.JingleRtp.Parameters? rtp_content_parameter = content.content_params as Xep.JingleRtp.Parameters; if (rtp_content_parameter == null) continue; - muji_muc = rtp_content_parameter.muji_muc; if (rtp_content_parameter.media == "video" && session.senders_include_us(content.senders)) { counterpart_wants_video = true; } } // Check if this comes from a MUJI MUC => accept - if (muji_muc != null) { - debug("[%s] Incoming call from %s from MUJI muc %s", account.bare_jid.to_string(), session.peer_full_jid.to_string(), muji_muc.to_string()); + if (muji_room != null) { + debug("[%s] Incoming call from %s from MUJI muc %s", account.bare_jid.to_string(), session.peer_full_jid.to_string(), muji_room.to_string()); foreach (CallState call_state in call_states.values) { - if (call_state.call.account.equals(account) && call_state.group_call != null && call_state.group_call.muc_jid.equals(muji_muc)) { + if (call_state.call.account.equals(account) && call_state.group_call != null && call_state.group_call.muc_jid.equals(muji_room)) { if (call_state.peers.keys.contains(session.peer_full_jid)) { PeerState peer_state = call_state.peers[session.peer_full_jid]; debug("[%s] Incoming call, we know the peer. Expected %s", account.bare_jid.to_string(), peer_state.waiting_for_inbound_muji_connection.to_string()); @@ -271,7 +270,7 @@ namespace Dino { debug("[%s] Muji call received from %s for MUC %s, type %s", account.bare_jid.to_string(), inviter_jid.to_string(), muc_jid.to_string(), message_type); foreach (Call call in call_states.keys) { - if (!call.account.equals(account)) return null; + if (!call.account.equals(account)) continue; CallState call_state = call_states[call]; diff --git a/plugins/omemo/src/dtls_srtp_verification_draft.vala b/plugins/omemo/src/dtls_srtp_verification_draft.vala index 577c77e7..cc775977 100644 --- a/plugins/omemo/src/dtls_srtp_verification_draft.vala +++ b/plugins/omemo/src/dtls_srtp_verification_draft.vala @@ -11,6 +11,7 @@ namespace Dino.Plugins.Omemo.DtlsSrtpVerificationDraft { private VerificationSendListener send_listener = new VerificationSendListener(); private HashMap device_id_by_jingle_sid = new HashMap(); + private HashMap device_id_by_muji_member = new HashMap(); private HashMap> content_names_by_jingle_sid = new HashMap>(); private void on_preprocess_incoming_iq_set_get(XmppStream stream, Xmpp.Iq.Stanza iq) { @@ -88,8 +89,26 @@ namespace Dino.Plugins.Omemo.DtlsSrtpVerificationDraft { StanzaNode? jingle_node = iq.stanza.get_subnode("jingle", Xep.Jingle.NS_URI); if (jingle_node == null) return; + int device_id = -1; string? sid = jingle_node.get_attribute("sid", Xep.Jingle.NS_URI); - if (sid == null || !device_id_by_jingle_sid.has_key(sid)) return; + if (sid != null && device_id_by_jingle_sid.has_key(sid)) { + device_id = device_id_by_jingle_sid[sid]; + } + + StanzaNode? muji_node = jingle_node.get_subnode("muji", Xep.Muji.NS_URI); + if (muji_node != null) { + string muji_room = muji_node.get_attribute("room"); + try { + Jid muji_jid = new Jid(muji_room); + if (device_id_by_muji_member.has_key(@"$(muji_jid.bare_jid)/$(iq.to)")) { + device_id = device_id_by_muji_member[@"$(muji_jid.bare_jid)/$(iq.to)"]; + } + } catch (InvalidJidError e) { + // Ignore + } + } + + if (device_id == -1) return; Gee.List content_nodes = jingle_node.get_subnodes("content", Xep.Jingle.NS_URI); if (content_nodes.size == 0) return; @@ -105,7 +124,7 @@ namespace Dino.Plugins.Omemo.DtlsSrtpVerificationDraft { try { Xep.Omemo.OmemoEncryptor encryptor = stream.get_module(Xep.Omemo.OmemoEncryptor.IDENTITY); Xep.Omemo.EncryptionData enc_data = encryptor.encrypt_plaintext(fingerprint); - encryptor.encrypt_key(enc_data, iq.to.bare_jid, device_id_by_jingle_sid[sid]); + encryptor.encrypt_key(enc_data, iq.to.bare_jid, device_id); encrypted_node = enc_data.get_encrypted_node(); } catch (Error e) { warning("Error while OMEMO-encrypting call keys: %s", e.message); @@ -155,12 +174,52 @@ namespace Dino.Plugins.Omemo.DtlsSrtpVerificationDraft { } } + private void on_pre_send_presence_stanza(XmppStream stream, Presence.Stanza presence) { + StanzaNode? muji_node = presence.stanza.get_subnode("muji", Xep.Muji.NS_URI); + if (muji_node == null) return; + + StanzaNode device_node = new StanzaNode.build("device", NS_URI).add_self_xmlns() + .put_attribute("id", stream.get_module(Omemo.StreamModule.IDENTITY).store.local_registration_id.to_string()); + muji_node.put_node(device_node); + } + + private void on_received_available(XmppStream stream, Presence.Stanza presence) { + StanzaNode? muji_node = presence.stanza.get_subnode("muji", Xep.Muji.NS_URI); + if (muji_node == null) return; + + StanzaNode? device_node = muji_node.get_subnode("device", NS_URI); + if (device_node == null) return; + + int device_id = device_node.get_attribute_int("id", -1); + if (device_id == -1) return; + + StanzaNode? muc_x_node = presence.stanza.get_subnode("x", "http://jabber.org/protocol/muc#user"); + if (muc_x_node == null) return; + + StanzaNode? item_node = muc_x_node.get_subnode("item"); + if (item_node == null) return; + + Jid? real_jid = null; + try { + string jid_attribute = item_node.get_attribute("jid"); + if (jid_attribute == null) return; + real_jid = new Jid(jid_attribute); + } catch (InvalidJidError e) { + // Ignore + return; + } + + device_id_by_muji_member[@"$(presence.from.bare_jid)/$(real_jid)"] = device_id; + } + public override void attach(XmppStream stream) { stream.get_module(Xmpp.MessageModule.IDENTITY).received_message.connect(on_message_received); stream.get_module(Xmpp.MessageModule.IDENTITY).send_pipeline.connect(send_listener); stream.get_module(Xmpp.Iq.Module.IDENTITY).preprocess_incoming_iq_set_get.connect(on_preprocess_incoming_iq_set_get); stream.get_module(Xmpp.Iq.Module.IDENTITY).preprocess_outgoing_iq_set_get.connect(on_preprocess_outgoing_iq_set_get); stream.get_module(Xep.Jingle.Module.IDENTITY).session_initiate_received.connect(on_session_initiate_received); + stream.get_module(Xmpp.Presence.Module.IDENTITY).pre_send_presence_stanza.connect(on_pre_send_presence_stanza); + stream.get_module(Xmpp.Presence.Module.IDENTITY).received_available.connect(on_received_available); } public override void detach(XmppStream stream) { @@ -169,6 +228,7 @@ namespace Dino.Plugins.Omemo.DtlsSrtpVerificationDraft { stream.get_module(Xmpp.Iq.Module.IDENTITY).preprocess_incoming_iq_set_get.disconnect(on_preprocess_incoming_iq_set_get); stream.get_module(Xmpp.Iq.Module.IDENTITY).preprocess_outgoing_iq_set_get.disconnect(on_preprocess_outgoing_iq_set_get); stream.get_module(Xep.Jingle.Module.IDENTITY).session_initiate_received.disconnect(on_session_initiate_received); + stream.get_module(Xmpp.Presence.Module.IDENTITY).received_available.disconnect(on_received_available); } public override string get_ns() { return NS_URI; } diff --git a/xmpp-vala/src/module/xep/0166_jingle/jingle_module.vala b/xmpp-vala/src/module/xep/0166_jingle/jingle_module.vala index 186848f6..cdcb9130 100644 --- a/xmpp-vala/src/module/xep/0166_jingle/jingle_module.vala +++ b/xmpp-vala/src/module/xep/0166_jingle/jingle_module.vala @@ -102,7 +102,7 @@ namespace Xmpp.Xep.Jingle { return (yield is_jingle_available(stream, full_jid)) && (yield select_transport(stream, type, components, full_jid, Set.empty())) != null; } - public async Session create_session(XmppStream stream, Gee.List contents, Jid receiver_full_jid, string? sid = null) throws Error { + public async Session create_session(XmppStream stream, Gee.List contents, Jid receiver_full_jid, string? sid = null, Jid? muji_room = null) throws Error { if (!yield is_jingle_available(stream, receiver_full_jid)) { throw new Error.NO_SHARED_PROTOCOLS("No Jingle support"); } @@ -138,6 +138,10 @@ namespace Xmpp.Xep.Jingle { initiate_jingle_iq.put_node(content_node); } + if (muji_room != null) { + initiate_jingle_iq.put_node(new StanzaNode.build("muji", Xep.Muji.NS_URI).add_self_xmlns().put_attribute("room", muji_room.to_string())); + } + Iq.Stanza iq = new Iq.Stanza.set(initiate_jingle_iq) { to=receiver_full_jid }; stream.get_flag(Flag.IDENTITY).add_session(session); @@ -158,6 +162,15 @@ namespace Xmpp.Xep.Jingle { Session session = new Session.initiate_received(stream, sid, my_jid, iq.from); session.terminated.connect((stream) => { stream.get_flag(Flag.IDENTITY).remove_session(sid); }); + string? muji_room_str = iq.stanza.get_deep_attribute(NS_URI + ":jingle", Xep.Muji.NS_URI + ":muji", "room"); + if (muji_room_str != null) { + try { + session.muji_room = new Jid(muji_room_str); + } catch (InvalidJidError e) { + // Ignore + } + } + stream.get_flag(Flag.IDENTITY).pre_add_session(session.sid); foreach (ContentNode content_node in get_content_nodes(jingle)) { diff --git a/xmpp-vala/src/module/xep/0166_jingle/session.vala b/xmpp-vala/src/module/xep/0166_jingle/session.vala index e5084880..577792ff 100644 --- a/xmpp-vala/src/module/xep/0166_jingle/session.vala +++ b/xmpp-vala/src/module/xep/0166_jingle/session.vala @@ -29,6 +29,8 @@ public class Xmpp.Xep.Jingle.Session : Object { public SecurityParameters? security { get { return contents.to_array()[0].security_params; } } + public Jid muji_room { get; set; } + public Session.initiate_sent(XmppStream stream, string sid, Jid local_full_jid, Jid peer_full_jid) { this.stream = stream; this.sid = sid; diff --git a/xmpp-vala/src/module/xep/0167_jingle_rtp/content_parameters.vala b/xmpp-vala/src/module/xep/0167_jingle_rtp/content_parameters.vala index c4c299c5..a92a6998 100644 --- a/xmpp-vala/src/module/xep/0167_jingle_rtp/content_parameters.vala +++ b/xmpp-vala/src/module/xep/0167_jingle_rtp/content_parameters.vala @@ -21,7 +21,6 @@ public class Xmpp.Xep.JingleRtp.Parameters : Jingle.ContentParameters, Object { public Gee.List remote_cryptos = new ArrayList(); public Crypto? local_crypto = null; public Crypto? remote_crypto = null; - public Jid? muji_muc = null; public bool rtp_ready { get; private set; default=false; } public bool rtcp_ready { get; private set; default=false; } @@ -32,7 +31,6 @@ public class Xmpp.Xep.JingleRtp.Parameters : Jingle.ContentParameters, Object { public Parameters(Module parent, string media, Gee.List payload_types, - Jid? muji_muc, string? ssrc = null, bool rtcp_mux = false, string? bandwidth = null, string? bandwidth_type = null, bool encryption_required = false, Crypto? local_crypto = null @@ -46,7 +44,6 @@ public class Xmpp.Xep.JingleRtp.Parameters : Jingle.ContentParameters, Object { this.encryption_required = encryption_required; this.payload_types = payload_types; this.local_crypto = local_crypto; - this.muji_muc = muji_muc; } public Parameters.from_node(Module parent, StanzaNode node) throws Jingle.IqError { @@ -67,10 +64,6 @@ public class Xmpp.Xep.JingleRtp.Parameters : Jingle.ContentParameters, Object { foreach (StanzaNode subnode in node.get_subnodes(HeaderExtension.NAME, HeaderExtension.NS_URI)) { this.header_extensions.add(HeaderExtension.parse(subnode)); } - string? muji_muc_str = node.get_deep_attribute(Xep.Muji.NS_URI + ":muji", "muc"); - if (muji_muc_str != null) { - muji_muc = new Jid(muji_muc_str); - } } public async void handle_proposed_content(XmppStream stream, Jingle.Session session, Jingle.Content content) { @@ -216,9 +209,6 @@ public class Xmpp.Xep.JingleRtp.Parameters : Jingle.ContentParameters, Object { if (rtcp_mux) { ret.put_node(new StanzaNode.build("rtcp-mux", NS_URI)); } - if (muji_muc != null) { - ret.put_node(new StanzaNode.build("muji", Xep.Muji.NS_URI).add_self_xmlns().put_attribute("muc", muji_muc.to_string())); - } return ret; } } diff --git a/xmpp-vala/src/module/xep/0167_jingle_rtp/jingle_rtp_module.vala b/xmpp-vala/src/module/xep/0167_jingle_rtp/jingle_rtp_module.vala index 9dab5dc2..1b027916 100644 --- a/xmpp-vala/src/module/xep/0167_jingle_rtp/jingle_rtp_module.vala +++ b/xmpp-vala/src/module/xep/0167_jingle_rtp/jingle_rtp_module.vala @@ -29,7 +29,7 @@ public abstract class Module : XmppStreamModule { public abstract Gee.List get_suggested_header_extensions(string media); public abstract void close_stream(Stream stream); - public async Jingle.Session start_call(XmppStream stream, Jid receiver_full_jid, bool video, string sid, Jid? muji_muc) throws Jingle.Error { + public async Jingle.Session start_call(XmppStream stream, Jid receiver_full_jid, bool video, string sid, Jid? muji_room) throws Jingle.Error { Jingle.Module jingle_module = stream.get_module(Jingle.Module.IDENTITY); @@ -41,7 +41,7 @@ public abstract class Module : XmppStreamModule { ArrayList contents = new ArrayList(); // Create audio content - Parameters audio_content_parameters = new Parameters(this, "audio", yield get_supported_payloads("audio"), muji_muc); + Parameters audio_content_parameters = new Parameters(this, "audio", yield get_supported_payloads("audio")); audio_content_parameters.local_crypto = generate_local_crypto(); audio_content_parameters.header_extensions.add_all(get_suggested_header_extensions("audio")); Jingle.Transport? audio_transport = yield jingle_module.select_transport(stream, content_type.required_transport_type, content_type.required_components, receiver_full_jid, Set.empty()); @@ -59,7 +59,7 @@ public abstract class Module : XmppStreamModule { Jingle.Content? video_content = null; if (video) { // Create video content - Parameters video_content_parameters = new Parameters(this, "video", yield get_supported_payloads("video"), muji_muc); + Parameters video_content_parameters = new Parameters(this, "video", yield get_supported_payloads("video")); video_content_parameters.local_crypto = generate_local_crypto(); video_content_parameters.header_extensions.add_all(get_suggested_header_extensions("video")); Jingle.Transport? video_transport = yield stream.get_module(Jingle.Module.IDENTITY).select_transport(stream, content_type.required_transport_type, content_type.required_components, receiver_full_jid, Set.empty()); @@ -77,7 +77,7 @@ public abstract class Module : XmppStreamModule { // Create session try { - Jingle.Session session = yield jingle_module.create_session(stream, contents, receiver_full_jid, sid); + Jingle.Session session = yield jingle_module.create_session(stream, contents, receiver_full_jid, sid, muji_room); return session; } catch (Jingle.Error e) { throw new Jingle.Error.GENERAL(@"Couldn't create Jingle session: $(e.message)"); @@ -101,7 +101,7 @@ public abstract class Module : XmppStreamModule { if (content == null) { // Content for video does not yet exist -> create it - Parameters video_content_parameters = new Parameters(this, "video", yield get_supported_payloads("video"), muji_muc); + Parameters video_content_parameters = new Parameters(this, "video", yield get_supported_payloads("video")); video_content_parameters.local_crypto = generate_local_crypto(); video_content_parameters.header_extensions.add_all(get_suggested_header_extensions("video")); Jingle.Transport? video_transport = yield stream.get_module(Jingle.Module.IDENTITY).select_transport(stream, content_type.required_transport_type, content_type.required_components, receiver_full_jid, Set.empty()); -- cgit v1.2.3-70-g09d2