Code cleanup - move long database queries to their own functions and improve variable names

This commit is contained in:
Samuel Hand 2018-08-10 00:45:22 +01:00
parent e1afda10e3
commit 36cc8b0393
11 changed files with 194 additions and 143 deletions

View file

@ -63,7 +63,7 @@
</object>
</child>
<child>
<object class="GtkSwitch" id="auto_accept">
<object class="GtkSwitch" id="auto_accept_switch">
<property name="visible">True</property>
<property name="halign">end</property>
<property name="valign">center</property>
@ -115,7 +115,7 @@
<property name="orientation">horizontal</property>
<property name="hexpand">True</property>
<child>
<object class="GtkLabel" id="own_fingerprint">
<object class="GtkLabel" id="own_fingerprint_label">
<property name="visible">True</property>
<property name="halign">start</property>
<property name="justify">right</property>
@ -129,7 +129,7 @@
<property name="hexpand">True</property>
<property name="spacing">5</property>
<child>
<object class="GtkButton" id="show_qrcode">
<object class="GtkButton" id="show_qrcode_button">
<property name="visible">True</property>
<property name="halign">start</property>
<property name="hexpand">True</property>
@ -144,7 +144,7 @@
</object>
</child>
<child>
<object class="GtkButton" id="copy">
<object class="GtkButton" id="copy_button">
<property name="visible">True</property>
<property name="halign">end</property>
<property name="hexpand">True</property>
@ -188,7 +188,7 @@
<object class="GtkFrame">
<property name="visible">True</property>
<child>
<object class="GtkListBox" id="new_keys">
<object class="GtkListBox" id="new_keys_listbox">
<property name="visible">True</property>
<property name="selection-mode">none</property>
</object>
@ -216,7 +216,7 @@
<object class="GtkFrame">
<property name="visible">True</property>
<child>
<object class="GtkListBox" id="keys">
<object class="GtkListBox" id="keys_listbox">
<property name="visible">True</property>
<property name="selection-mode">none</property>
</object>
@ -230,7 +230,7 @@
</template>
<object class="GtkPopover" id="qrcode_popover">
<property name="visible">False</property>
<property name="relative-to">show_qrcode</property>
<property name="relative-to">show_qrcode_button</property>
<property name="position">left</property>
<property name="modal">True</property>
<child>
@ -238,7 +238,7 @@
<property name="visible">True</property>
<property name="margin">10</property>
<child>
<object class="GtkImage" id="qrcode">
<object class="GtkImage" id="qrcode_image">
<property name="visible">True</property>
</object>
</child>

View file

@ -50,7 +50,7 @@
<property name="orientation">vertical</property>
<property name="valign">center</property>
<child>
<object class="GtkLabel" id="main_desc">
<object class="GtkLabel" id="main_desc_label">
<property name="visible">True</property>
<property name="wrap">True</property>
<property name="xalign">0</property>
@ -83,7 +83,7 @@
<child>
<object class="GtkLabel">
<property name="visible">True</property>
<property name="label">Compare the fingerprint, character by character, with the one shown on your contacts device.</property>
<property name="label" translatable="yes">Compare the fingerprint, character by character, with the one shown on your contacts device.</property>
<property name="wrap">True</property>
<property name="xalign">0</property>
<property name="max-width-chars">45</property>
@ -107,17 +107,17 @@
</object>
</child>
<child>
<object class="GtkButton" id="verify_no">
<object class="GtkButton" id="verify_no_button">
<property name="visible">True</property>
<property name="hexpand">True</property>
<property name="label">Not Matching</property>
<property name="label" translatable="yes">Not Matching</property>
</object>
</child>
<child>
<object class="GtkButton" id="verify_yes">
<object class="GtkButton" id="verify_yes_button">
<property name="visible">True</property>
<property name="hexpand">True</property>
<property name="label">Matching</property>
<property name="label" translatable="yes">Matching</property>
</object>
</child>
</object>
@ -140,7 +140,7 @@
</object>
</child>
<child>
<object class="GtkLabel" id="confirm_title">
<object class="GtkLabel" id="confirm_title_label">
<property name="visible">True</property>
<attributes>
<attribute name="scale" value="1.1"/>
@ -148,7 +148,7 @@
</object>
</child>
<child>
<object class="GtkLabel" id="confirm_desc">
<object class="GtkLabel" id="confirm_desc_label">
<property name="visible">True</property>
<property name="justify">center</property>
<property name="wrap">True</property>

View file

@ -18,15 +18,15 @@ public class ContactDetailsDialog : Gtk.Dialog {
private int own_id = 0;
[GtkChild] private Box own_fingerprint_container;
[GtkChild] private Label own_fingerprint;
[GtkChild] private Label own_fingerprint_label;
[GtkChild] private Box new_keys_container;
[GtkChild] private ListBox new_keys;
[GtkChild] private ListBox new_keys_listbox;
[GtkChild] private Box keys_container;
[GtkChild] private ListBox keys;
[GtkChild] private Switch auto_accept;
[GtkChild] private Button copy;
[GtkChild] private Button show_qrcode;
[GtkChild] private Image qrcode;
[GtkChild] private ListBox keys_listbox;
[GtkChild] private Switch auto_accept_switch;
[GtkChild] private Button copy_button;
[GtkChild] private Button show_qrcode_button;
[GtkChild] private Image qrcode_image;
[GtkChild] private Popover qrcode_popover;
public ContactDetailsDialog(Plugin plugin, Account account, Jid jid) {
@ -38,6 +38,8 @@ public class ContactDetailsDialog : Gtk.Dialog {
(get_header_bar() as HeaderBar).set_subtitle(jid.bare_jid.to_string());
// Dialog opened from the account settings menu
// Show the fingerprint for this device separately with buttons for a qrcode and to copy
if(jid.equals(account.bare_jid)) {
own = true;
own_id = plugin.db.identity.row_with(plugin.db.identity.account_id, account.id)[plugin.db.identity.device_id];
@ -46,51 +48,44 @@ public class ContactDetailsDialog : Gtk.Dialog {
string own_b64 = plugin.db.identity.row_with(plugin.db.identity.account_id, account.id)[plugin.db.identity.identity_key_public_base64];
string fingerprint = fingerprint_from_base64(own_b64);
own_fingerprint.set_markup(fingerprint_markup(fingerprint));
own_fingerprint_label.set_markup(fingerprint_markup(fingerprint));
copy.clicked.connect(() => {Clipboard.get_default(get_display()).set_text(fingerprint, fingerprint.length);});
copy_button.clicked.connect(() => {Clipboard.get_default(get_display()).set_text(fingerprint, fingerprint.length);});
int sid = plugin.db.identity.row_with(plugin.db.identity.account_id, account.id)[plugin.db.identity.device_id];
Pixbuf pixbuf = new QRcode(@"xmpp:$(account.bare_jid)?omemo-sid-$(sid)=$(fingerprint)", 2).to_pixbuf();
pixbuf = pixbuf.scale_simple(150, 150, InterpType.NEAREST);
qrcode.set_from_pixbuf(pixbuf);
show_qrcode.clicked.connect(qrcode_popover.popup);
qrcode_image.set_from_pixbuf(pixbuf);
show_qrcode_button.clicked.connect(qrcode_popover.popup);
}
new_keys.set_header_func((row, before_row) => {
if (row.get_header() == null && before_row != null) {
row.set_header(new Separator(Orientation.HORIZONTAL));
}
});
new_keys_listbox.set_header_func(header_function);
keys.set_header_func((row, before_row) => {
if (row.get_header() == null && before_row != null) {
row.set_header(new Separator(Orientation.HORIZONTAL));
}
});
keys_listbox.set_header_func(header_function);
foreach (Row device in plugin.db.identity_meta.with_address(account.id, jid.to_string()).with(plugin.db.identity_meta.trust_level, "=", Database.IdentityMetaTable.TrustLevel.UNKNOWN).without_null(plugin.db.identity_meta.identity_key_public_base64)) {
//Show any new devices for which the user must decide whether to accept or reject
foreach (Row device in plugin.db.identity_meta.get_new_devices(account.id, jid.to_string())) {
add_new_fingerprint(device);
}
foreach (Row device in plugin.db.identity_meta.with_address(account.id, jid.to_string()).with(plugin.db.identity_meta.trust_level, "!=", Database.IdentityMetaTable.TrustLevel.UNKNOWN).without_null(plugin.db.identity_meta.identity_key_public_base64)) {
//Show the normal devicelist
foreach (Row device in plugin.db.identity_meta.get_known_devices(account.id, jid.to_string())) {
if(own && device[plugin.db.identity_meta.device_id] == own_id) {
continue;
}
add_fingerprint(device, (Database.IdentityMetaTable.TrustLevel) device[plugin.db.identity_meta.trust_level]);
}
auto_accept.set_active(plugin.db.trust.get_blind_trust(account.id, jid.bare_jid.to_string()));
auto_accept_switch.set_active(plugin.db.trust.get_blind_trust(account.id, jid.bare_jid.to_string()));
auto_accept.state_set.connect((active) => {
plugin.db.trust.update().with(plugin.db.trust.identity_id, "=", account.id).with(plugin.db.trust.address_name, "=", jid.bare_jid.to_string()).set(plugin.db.trust.blind_trust, active).perform();
auto_accept_switch.state_set.connect((active) => {
plugin.trust_manager.set_blind_trust(account, jid, active);
if (active) {
new_keys_container.visible = false;
foreach (Row device in plugin.db.identity_meta.with_address(account.id, jid.to_string()).with(plugin.db.identity_meta.trust_level, "=", Database.IdentityMetaTable.TrustLevel.UNKNOWN).without_null(plugin.db.identity_meta.identity_key_public_base64)) {
set_device_trust(device, true);
foreach (Row device in plugin.db.identity_meta.get_new_devices(account.id, jid.to_string())) {
plugin.trust_manager.set_device_trust(account, jid, device[plugin.db.identity_meta.device_id], Database.IdentityMetaTable.TrustLevel.TRUSTED);
add_fingerprint(device, Database.IdentityMetaTable.TrustLevel.TRUSTED);
}
}
@ -100,13 +95,10 @@ public class ContactDetailsDialog : Gtk.Dialog {
}
private void set_device_trust(Row device, bool trust) {
Database.IdentityMetaTable.TrustLevel trust_level = trust ? Database.IdentityMetaTable.TrustLevel.TRUSTED : Database.IdentityMetaTable.TrustLevel.UNTRUSTED;
plugin.db.identity_meta.update()
.with(plugin.db.identity_meta.identity_id, "=", account.id)
.with(plugin.db.identity_meta.address_name, "=", device[plugin.db.identity_meta.address_name])
.with(plugin.db.identity_meta.device_id, "=", device[plugin.db.identity_meta.device_id])
.set(plugin.db.identity_meta.trust_level, trust_level).perform();
private void header_function(ListBoxRow row, ListBoxRow? before) {
if (row.get_header() == null && before != null) {
row.set_header(new Separator(Orientation.HORIZONTAL));
}
}
private void set_row(int trust, bool now_active, Image img, Label status_lbl, Label lbl, ListBoxRow lbr){
@ -139,7 +131,7 @@ public class ContactDetailsDialog : Gtk.Dialog {
ListBoxRow lbr = new ListBoxRow() { visible = true, activatable = true, hexpand = true };
Box box = new Box(Gtk.Orientation.HORIZONTAL, 40) { visible = true, margin_start = 20, margin_end = 20, margin_top = 14, margin_bottom = 14, hexpand = true };
Box status = new Box(Gtk.Orientation.HORIZONTAL, 5) { visible = true, hexpand = true };
Box status_box = new Box(Gtk.Orientation.HORIZONTAL, 5) { visible = true, hexpand = true };
Label status_lbl = new Label(null) { visible = true, hexpand = true, xalign = 0 };
Image img = new Image() { visible = true, halign = Align.END, icon_size = IconSize.BUTTON };
@ -151,17 +143,18 @@ public class ContactDetailsDialog : Gtk.Dialog {
set_row(trust, device[plugin.db.identity_meta.now_active], img, status_lbl, lbl, lbr);
box.add(lbl);
box.add(status);
box.add(status_box);
status.add(status_lbl);
status.add(img);
status_box.add(status_lbl);
status_box.add(img);
lbr.add(box);
keys.add(lbr);
keys_listbox.add(lbr);
keys.row_activated.connect((row) => {
//Row clicked - pull the most up to date device info from the database and show the manage window
keys_listbox.row_activated.connect((row) => {
if(row == lbr) {
Row updated_device = plugin.db.identity_meta.with_address(device[plugin.db.identity_meta.identity_id], device[plugin.db.identity_meta.address_name]).with(plugin.db.identity_meta.device_id, "=", device[plugin.db.identity_meta.device_id]).single().row().inner;
Row updated_device = plugin.db.identity_meta.get_device(device[plugin.db.identity_meta.identity_id], device[plugin.db.identity_meta.address_name], device[plugin.db.identity_meta.device_id]);
ManageKeyDialog manage_dialog = new ManageKeyDialog(updated_device, plugin.db);
manage_dialog.set_transient_for((Gtk.Window) get_toplevel());
manage_dialog.present();
@ -176,19 +169,15 @@ public class ContactDetailsDialog : Gtk.Dialog {
private void update_device(int response, Row device){
switch (response) {
case Database.IdentityMetaTable.TrustLevel.TRUSTED:
set_device_trust(device, true);
plugin.trust_manager.set_device_trust(account, jid, device[plugin.db.identity_meta.device_id], Database.IdentityMetaTable.TrustLevel.TRUSTED);
break;
case Database.IdentityMetaTable.TrustLevel.UNTRUSTED:
set_device_trust(device, false);
plugin.trust_manager.set_device_trust(account, jid, device[plugin.db.identity_meta.device_id], Database.IdentityMetaTable.TrustLevel.UNTRUSTED);
break;
case Database.IdentityMetaTable.TrustLevel.VERIFIED:
plugin.db.identity_meta.update()
.with(plugin.db.identity_meta.identity_id, "=", account.id)
.with(plugin.db.identity_meta.address_name, "=", device[plugin.db.identity_meta.address_name])
.with(plugin.db.identity_meta.device_id, "=", device[plugin.db.identity_meta.device_id])
.set(plugin.db.identity_meta.trust_level, Database.IdentityMetaTable.TrustLevel.VERIFIED).perform();
plugin.db.trust.update().with(plugin.db.trust.identity_id, "=", account.id).with(plugin.db.trust.address_name, "=", jid.bare_jid.to_string()).set(plugin.db.trust.blind_trust, false).perform();
auto_accept.set_active(false);
plugin.trust_manager.set_device_trust(account, jid, device[plugin.db.identity_meta.device_id], Database.IdentityMetaTable.TrustLevel.VERIFIED);
plugin.trust_manager.set_blind_trust(account, jid, false);
auto_accept_switch.set_active(false);
break;
}
}
@ -199,28 +188,28 @@ public class ContactDetailsDialog : Gtk.Dialog {
ListBoxRow lbr = new ListBoxRow() { visible = true, activatable = false, hexpand = true };
Box box = new Box(Gtk.Orientation.HORIZONTAL, 40) { visible = true, margin_start = 20, margin_end = 20, margin_top = 14, margin_bottom = 14, hexpand = true };
Box control = new Box(Gtk.Orientation.HORIZONTAL, 0) { visible = true, hexpand = true };
Box control_box = new Box(Gtk.Orientation.HORIZONTAL, 0) { visible = true, hexpand = true };
Button yes = new Button() { visible = true, valign = Align.CENTER, hexpand = true };
yes.image = new Image.from_icon_name("emblem-ok-symbolic", IconSize.BUTTON);
yes.get_style_context().add_class("suggested-action");
Button yes_button = new Button() { visible = true, valign = Align.CENTER, hexpand = true };
yes_button.image = new Image.from_icon_name("emblem-ok-symbolic", IconSize.BUTTON);
yes_button.get_style_context().add_class("suggested-action");
Button no = new Button() { visible = true, valign = Align.CENTER, hexpand = true };
no.image = new Image.from_icon_name("action-unavailable-symbolic", IconSize.BUTTON);
no.get_style_context().add_class("destructive-action");
Button no_button = new Button() { visible = true, valign = Align.CENTER, hexpand = true };
no_button.image = new Image.from_icon_name("action-unavailable-symbolic", IconSize.BUTTON);
no_button.get_style_context().add_class("destructive-action");
yes.clicked.connect(() => {
set_device_trust(device, true);
yes_button.clicked.connect(() => {
plugin.trust_manager.set_device_trust(account, jid, device[plugin.db.identity_meta.device_id], Database.IdentityMetaTable.TrustLevel.TRUSTED);
add_fingerprint(device, Database.IdentityMetaTable.TrustLevel.TRUSTED);
new_keys.remove(lbr);
if (new_keys.get_children().length() < 1) new_keys_container.visible = false;
new_keys_listbox.remove(lbr);
if (new_keys_listbox.get_children().length() < 1) new_keys_container.visible = false;
});
no.clicked.connect(() => {
set_device_trust(device, false);
no_button.clicked.connect(() => {
plugin.trust_manager.set_device_trust(account, jid, device[plugin.db.identity_meta.device_id], Database.IdentityMetaTable.TrustLevel.UNTRUSTED);
add_fingerprint(device, Database.IdentityMetaTable.TrustLevel.UNTRUSTED);
new_keys.remove(lbr);
if (new_keys.get_children().length() < 1) new_keys_container.visible = false;
new_keys_listbox.remove(lbr);
if (new_keys_listbox.get_children().length() < 1) new_keys_container.visible = false;
});
string res = fingerprint_markup(fingerprint_from_base64(device[plugin.db.identity_meta.identity_key_public_base64]));
@ -230,14 +219,14 @@ public class ContactDetailsDialog : Gtk.Dialog {
box.add(lbl);
control.add(yes);
control.add(no);
control.get_style_context().add_class("linked");
control_box.add(yes_button);
control_box.add(no_button);
control_box.get_style_context().add_class("linked");
box.add(control);
box.add(control_box);
lbr.add(box);
new_keys.add(lbr);
new_keys_listbox.add(lbr);
}
}

View file

@ -25,11 +25,7 @@ public class ContactDetailsProvider : Plugins.ContactDetailsProvider, Object {
}
if (i > 0) {
Button btn = new Button();
btn.image = new Image.from_icon_name("view-list-symbolic", IconSize.BUTTON);
btn.relief = ReliefStyle.NONE;
btn.visible = true;
btn.valign = Align.CENTER;
Button btn = new Button.from_icon_name("view-list-symbolic") { visible = true, valign = Align.CENTER, relief = ReliefStyle.NONE };
btn.clicked.connect(() => {
btn.activate();
ContactDetailsDialog dialog = new ContactDetailsDialog(plugin, conversation.account, conversation.counterpart);

View file

@ -64,6 +64,34 @@ public class Database : Qlite.Database {
.value(this.identity_key_public_base64, Base64.encode(bundle.identity_key.serialize()))
.value(this.trust_level, trust).perform();
}
public QueryBuilder get_trusted_devices(int identity_id, string address_name) {
return this.with_address(identity_id, address_name)
.with(this.trust_level, "!=", TrustLevel.UNTRUSTED)
.with(this.now_active, "=", true);
}
public QueryBuilder get_known_devices(int identity_id, string address_name) {
return this.with_address(identity_id, address_name)
.with(this.trust_level, "!=", TrustLevel.UNKNOWN)
.without_null(this.identity_key_public_base64);
}
public QueryBuilder get_unknown_devices(int identity_id, string address_name) {
return this.with_address(identity_id, address_name)
.with_null(this.identity_key_public_base64);
}
public QueryBuilder get_new_devices(int identity_id, string address_name) {
return this.with_address(identity_id, address_name)
.with(this.trust_level, "=", TrustLevel.UNKNOWN)
.without_null(this.identity_key_public_base64);
}
public Row? get_device(int identity_id, string address_name, int device_id) {
return this.with_address(identity_id, address_name)
.with(this.device_id, "=", device_id).single().row().inner;
}
}
@ -160,11 +188,13 @@ public class Database : Qlite.Database {
}
public override void migrate(long oldVersion) {
if(oldVersion == 1) {
exec("DROP INDEX identity_meta_idx");
exec("DROP INDEX identity_meta_list_idx");
exec("CREATE UNIQUE INDEX identity_meta_idx ON identity_meta (identity_id, address_name, device_id)");
exec("CREATE INDEX identity_meta_list_idx ON identity_meta (identity_id, address_name)");
}
}
}
}

View file

@ -20,7 +20,7 @@ public class DeviceNotificationPopulator : NotificationPopulator, Object {
}
public bool has_new_devices(Jid jid) {
return plugin.db.identity_meta.with_address(current_conversation.account.id, jid.bare_jid.to_string()).with(plugin.db.identity_meta.trust_level, "=", Database.IdentityMetaTable.TrustLevel.UNKNOWN).without_null(plugin.db.identity_meta.identity_key_public_base64).count() > 0;
return plugin.db.identity_meta.get_new_devices(current_conversation.account.id, jid.bare_jid.to_string()).count() > 0;
}
public void init(Conversation conversation, NotificationCollection notification_collection, Plugins.WidgetType type) {

View file

@ -12,18 +12,18 @@ public class ManageKeyDialog : Gtk.Dialog {
[GtkChild] private Button ok_button;
[GtkChild] private Box main_screen;
[GtkChild] private Label main_desc;
[GtkChild] private Label main_desc_label;
[GtkChild] private ListBox main_action_list;
[GtkChild] private Box confirm_screen;
[GtkChild] private Image confirm_image;
[GtkChild] private Label confirm_title;
[GtkChild] private Label confirm_desc;
[GtkChild] private Label confirm_title_label;
[GtkChild] private Label confirm_desc_label;
[GtkChild] private Box verify_screen;
[GtkChild] private Label verify_label;
[GtkChild] private Button verify_yes;
[GtkChild] private Button verify_no;
[GtkChild] private Button verify_yes_button;
[GtkChild] private Button verify_no_button;
private Row device;
private Database db;
@ -46,21 +46,21 @@ public class ManageKeyDialog : Gtk.Dialog {
close();
});
verify_yes.clicked.connect(() => {
verify_yes_button.clicked.connect(() => {
confirm_image.set_from_icon_name("security-high-symbolic", IconSize.DIALOG);
confirm_title.label = "Verify key";
confirm_desc.set_markup(@"Once confirmed, any future messages sent by <b>$(device[db.identity_meta.address_name])</b> using this key will be highlighted accordingly in the chat window.");
confirm_title_label.label = "Verify key";
confirm_desc_label.set_markup(@"Once confirmed, any future messages sent by <b>$(device[db.identity_meta.address_name])</b> using this key will be highlighted accordingly in the chat window.");
manage_stack.set_visible_child_name("confirm");
ok_button.sensitive = true;
return_to_main = false;
current_response = Database.IdentityMetaTable.TrustLevel.VERIFIED;
});
verify_no.clicked.connect(() => {
verify_no_button.clicked.connect(() => {
return_to_main = false;
confirm_image.set_from_icon_name("dialog-warning-symbolic", IconSize.DIALOG);
confirm_title.label = "Fingerprints do not match";
confirm_desc.set_markup(@"Please verify that you are comparing the correct fingerprint. If fingerprints do not match <b>$(device[db.identity_meta.address_name])</b>'s account may be compromised and you should consider rejecting this key.");
confirm_title_label.label = "Fingerprints do not match";
confirm_desc_label.set_markup(@"Please verify that you are comparing the correct fingerprint. If fingerprints do not match <b>$(device[db.identity_meta.address_name])</b>'s account may be compromised and you should consider rejecting this key.");
manage_stack.set_visible_child_name("confirm");
});
}
@ -132,44 +132,45 @@ public class ManageKeyDialog : Gtk.Dialog {
}
});
ListBoxRow verify = new ListBoxRow() { visible = true };
verify.add(make_action_box("Verify Key Fingerprint", "Compare this key's fingerprint with the fingerprint displayed on the contact's device."));
ListBoxRow reject = new ListBoxRow() { visible = true };
reject.add(make_action_box("Reject Key", "Stop accepting this key during communication with its associated contact."));
ListBoxRow accept = new ListBoxRow() {visible = true };
accept.add(make_action_box("Accept Key", "Start accepting this key during communication with its assoicated contact"));
ListBoxRow verify_row = new ListBoxRow() { visible = true };
verify_row.add(make_action_box("Verify Key Fingerprint", "Compare this key's fingerprint with the fingerprint displayed on the contact's device."));
ListBoxRow reject_row = new ListBoxRow() { visible = true };
reject_row.add(make_action_box("Reject Key", "Stop accepting this key during communication with its associated contact."));
ListBoxRow accept_row = new ListBoxRow() {visible = true };
accept_row.add(make_action_box("Accept Key", "Start accepting this key during communication with its assoicated contact"));
switch((Database.IdentityMetaTable.TrustLevel) device[db.identity_meta.trust_level]) {
case Database.IdentityMetaTable.TrustLevel.TRUSTED:
main_desc.set_markup(@"This key is currently <span color='#1A63D9'>accepted</span>. This means it can be used by <b>$(device[db.identity_meta.address_name])</b> to receive and send messages.");
main_action_list.add(verify);
main_action_list.add(reject);
main_desc_label.set_markup(@"This key is currently <span color='#1A63D9'>accepted</span>. This means it can be used by <b>$(device[db.identity_meta.address_name])</b> to receive and send messages.");
main_action_list.add(verify_row);
main_action_list.add(reject_row);
break;
case Database.IdentityMetaTable.TrustLevel.VERIFIED:
main_desc.set_markup(@"This key is currently <span color='#1A63D9'>verified</span>. This means it can be used by <b>$(device[db.identity_meta.address_name])</b> to receive and send messages. Additionaly it has been verified out-of-band to match the key on the contact's device.");
main_action_list.add(reject);
main_desc_label.set_markup(@"This key is currently <span color='#1A63D9'>verified</span>. This means it can be used by <b>$(device[db.identity_meta.address_name])</b> to receive and send messages. Additionaly it has been verified out-of-band to match the key on the contact's device.");
main_action_list.add(reject_row);
break;
case Database.IdentityMetaTable.TrustLevel.UNTRUSTED:
main_desc.set_markup(@"This key is currently <span color='#D91900'>rejected</span>. This means it cannot be used by <b>$(device[db.identity_meta.address_name])</b> to receive messages, and any messages sent by it will be ignored");
main_action_list.add(accept);
main_desc_label.set_markup(@"This key is currently <span color='#D91900'>rejected</span>. This means it cannot be used by <b>$(device[db.identity_meta.address_name])</b> to receive messages, and any messages sent by it will be ignored");
main_action_list.add(accept_row);
break;
}
//Row clicked - go to appropriate screen
main_action_list.row_activated.connect((row) => {
if(row == verify) {
if(row == verify_row) {
manage_stack.set_visible_child_name("verify");
} else if (row == reject) {
} else if (row == reject_row) {
confirm_image.set_from_icon_name("action-unavailable-symbolic", IconSize.DIALOG);
confirm_title.label = "Reject key";
confirm_desc.set_markup(@"Once confirmed, any future messages sent by <b>$(device[db.identity_meta.address_name])</b> using this key will be ignored and none of your messages will be readable using this key.");
confirm_title_label.label = "Reject key";
confirm_desc_label.set_markup(@"Once confirmed, any future messages sent by <b>$(device[db.identity_meta.address_name])</b> using this key will be ignored and none of your messages will be readable using this key.");
manage_stack.set_visible_child_name("confirm");
ok_button.sensitive = true;
return_to_main = true;
current_response = Database.IdentityMetaTable.TrustLevel.UNTRUSTED;
} else if (row == accept) {
} else if (row == accept_row) {
confirm_image.set_from_icon_name("emblem-ok-symbolic", IconSize.DIALOG);
confirm_title.label = "Accept key";
confirm_desc.set_markup(@"Once confirmed this key will be usable by <b>$(device[db.identity_meta.address_name])</b> to receive and send messages.");
confirm_title_label.label = "Accept key";
confirm_desc_label.set_markup(@"Once confirmed this key will be usable by <b>$(device[db.identity_meta.address_name])</b> to receive and send messages.");
manage_stack.set_visible_child_name("confirm");
ok_button.sensitive = true;
return_to_main = true;

View file

@ -61,11 +61,10 @@ public class Manager : StreamInteractionModule, Object {
}
}
private Manager(StreamInteractor stream_interactor, Database db) {
private Manager(StreamInteractor stream_interactor, Database db, TrustManager trust_manager) {
this.stream_interactor = stream_interactor;
this.db = db;
this.trust_manager = new TrustManager(stream_interactor, db);
this.trust_manager = trust_manager;
stream_interactor.stream_negotiated.connect(on_stream_negotiated);
stream_interactor.account_added.connect(on_account_added);
@ -120,6 +119,7 @@ public class Manager : StreamInteractionModule, Object {
}
StreamModule module = (!)module_;
//Get a list of everyone for whom the message should be encrypted
Gee.List<Jid> recipients;
if (message_stanza.type_ == MessageStanza.TYPE_GROUPCHAT) {
recipients = get_occupants((!)message.to.bare_jid, conversation.account);
@ -132,6 +132,7 @@ public class Manager : StreamInteractionModule, Object {
recipients.add(message_stanza.to);
}
//Attempt to encrypt the message
EncryptState enc_state = trust_manager.encrypt(message_stanza, conversation.account.bare_jid, recipients, stream, conversation.account);
MessageState state;
lock (message_states) {
@ -147,6 +148,7 @@ public class Manager : StreamInteractionModule, Object {
}
}
//Encryption failed - need to fetch more information
if (!state.will_send_now) {
if (message.marked == Entities.Message.Marked.WONTSEND) {
if (Plugin.DEBUG) print(@"OMEMO: message was not sent: $state\n");
@ -192,7 +194,6 @@ public class Manager : StreamInteractionModule, Object {
private void on_device_list_loaded(Account account, Jid jid, ArrayList<int32> device_list) {
if (Plugin.DEBUG) print(@"OMEMO: received device list for $(account.bare_jid) from $jid\n");
// Update meta database
XmppStream? stream = stream_interactor.get_stream(account);
if (stream == null) {
return;
@ -202,9 +203,12 @@ public class Manager : StreamInteractionModule, Object {
return;
}
//Update meta database
db.identity_meta.insert_device_list(account.id, jid.bare_jid.to_string(), device_list);
//Fetch the bundle for each new device
int inc = 0;
foreach (Row row in db.identity_meta.with_address(account.id, jid.bare_jid.to_string()).with_null(db.identity_meta.identity_key_public_base64)) {
foreach (Row row in db.identity_meta.get_unknown_devices(account.id, jid.bare_jid.to_string())) {
module.fetch_bundle(stream, Jid.parse(row[db.identity_meta.address_name]), row[db.identity_meta.device_id]);
inc++;
}
@ -212,10 +216,12 @@ public class Manager : StreamInteractionModule, Object {
if (Plugin.DEBUG) print(@"OMEMO: new bundles $inc/$(device_list.size) for $jid\n");
}
//Create an entry for the jid in the account table if one does not exist already
if (db.trust.select().with(db.trust.identity_id, "=", account.id).with(db.trust.address_name, "=", jid.bare_jid.to_string()).count() == 0) {
db.trust.insert().value(db.trust.identity_id, account.id).value(db.trust.address_name, jid.bare_jid.to_string()).value(db.trust.blind_trust, true).perform();
}
//Get all messages that needed the devicelist and determine if we can now send them
HashSet<Entities.Message> send_now = new HashSet<Entities.Message>();
lock (message_states) {
foreach (Entities.Message msg in message_states.keys) {
@ -245,12 +251,18 @@ public class Manager : StreamInteractionModule, Object {
public void on_bundle_fetched(Account account, Jid jid, int32 device_id, Bundle bundle) {
bool blind_trust = db.trust.get_blind_trust(account.id, jid.bare_jid.to_string());
//If we don't blindly trust new devices and we haven't seen this key before then don't trust it
bool untrust = !(blind_trust || db.identity_meta.with_address(account.id, jid.bare_jid.to_string())
.with(db.identity_meta.device_id, "=", device_id)
.with(db.identity_meta.identity_key_public_base64, "=", Base64.encode(bundle.identity_key.serialize()))
.single().row().is_present());
Database.IdentityMetaTable.TrustLevel trusted = (Database.IdentityMetaTable.TrustLevel) db.identity_meta.with_address(account.id, jid.bare_jid.to_string()).with(db.identity_meta.device_id, "=", device_id).single()[db.identity_meta.trust_level, Database.IdentityMetaTable.TrustLevel.UNKNOWN];
//Get trust information from the database if the device id is known
Row device = db.identity_meta.get_device(account.id, jid.bare_jid.to_string(), device_id);
Database.IdentityMetaTable.TrustLevel trusted = Database.IdentityMetaTable.TrustLevel.UNKNOWN;
if (device != null) {
trusted = (Database.IdentityMetaTable.TrustLevel) device[db.identity_meta.trust_level];
}
if(untrust) {
trusted = Database.IdentityMetaTable.TrustLevel.UNKNOWN;
@ -258,6 +270,7 @@ public class Manager : StreamInteractionModule, Object {
trusted = Database.IdentityMetaTable.TrustLevel.TRUSTED;
}
//Update the database with the appropriate trust information
db.identity_meta.insert_device_bundle(account.id, jid.bare_jid.to_string(), device_id, bundle, trusted);
XmppStream? stream = stream_interactor.get_stream(account);
@ -265,6 +278,7 @@ public class Manager : StreamInteractionModule, Object {
StreamModule? module = ((!)stream).get_module(StreamModule.IDENTITY);
if(module == null) return;
//Get all messages waiting on the bundle and determine if they can now be sent
HashSet<Entities.Message> send_now = new HashSet<Entities.Message>();
lock (message_states) {
foreach (Entities.Message msg in message_states.keys) {
@ -360,8 +374,8 @@ public class Manager : StreamInteractionModule, Object {
return trust_manager.is_known_address(conversation.account, conversation.counterpart.bare_jid);
}
public static void start(StreamInteractor stream_interactor, Database db) {
Manager m = new Manager(stream_interactor, db);
public static void start(StreamInteractor stream_interactor, Database db, TrustManager trust_manager) {
Manager m = new Manager(stream_interactor, db, trust_manager);
stream_interactor.add_module(m);
}
}

View file

@ -26,7 +26,7 @@ public class OwnNotifications {
}
public bool has_new_devices(Jid jid) {
return plugin.db.identity_meta.with_address(account.id, jid.bare_jid.to_string()).with(plugin.db.identity_meta.trust_level, "=", Database.IdentityMetaTable.TrustLevel.UNKNOWN).without_null(plugin.db.identity_meta.identity_key_public_base64).count() > 0;
return plugin.db.identity_meta.get_new_devices(account.id, jid.bare_jid.to_string()).count() > 0;
}
private void display_notification() {

View file

@ -29,6 +29,8 @@ public class Plugin : RootInterface, Object {
public AccountSettingsEntry settings_entry;
public ContactDetailsProvider contact_details_provider;
public DeviceNotificationPopulator device_notification_populator;
public OwnNotifications own_notifications;
public TrustManager trust_manager;
public void registered(Dino.Application app) {
ensure_context();
@ -38,15 +40,16 @@ public class Plugin : RootInterface, Object {
this.settings_entry = new AccountSettingsEntry(this);
this.contact_details_provider = new ContactDetailsProvider(this);
this.device_notification_populator = new DeviceNotificationPopulator(this, this.app.stream_interactor);
this.trust_manager = new TrustManager(this.app.stream_interactor, this.db);
this.app.plugin_registry.register_encryption_list_entry(list_entry);
this.app.plugin_registry.register_account_settings_entry(settings_entry);
this.app.plugin_registry.register_contact_details_entry(contact_details_provider);
this.app.plugin_registry.register_notification_populator(device_notification_populator);
this.app.stream_interactor.module_manager.initialize_account_modules.connect((account, list) => {
list.add(new StreamModule());
new OwnNotifications(this, this.app.stream_interactor, account);
this.own_notifications = new OwnNotifications(this, this.app.stream_interactor, account);
});
Manager.start(this.app.stream_interactor, db);
Manager.start(this.app.stream_interactor, db, trust_manager);
string locales_dir;
if (app.search_path_generator != null) {

View file

@ -20,6 +20,21 @@ public class TrustManager {
stream_interactor.get_module(MessageProcessor.IDENTITY).received_pipeline.connect(received_message_listener);
}
public void set_blind_trust(Account account, Jid jid, bool blind_trust) {
db.trust.update()
.with(db.trust.identity_id, "=", account.id)
.with(db.trust.address_name, "=", jid.bare_jid.to_string())
.set(db.trust.blind_trust, blind_trust);
}
public void set_device_trust(Account account, Jid jid, int device_id, Database.IdentityMetaTable.TrustLevel trust_level) {
db.identity_meta.update()
.with(db.identity_meta.identity_id, "=", account.id)
.with(db.identity_meta.address_name, "=", jid.bare_jid.to_string())
.with(db.identity_meta.device_id, "=", device_id)
.set(db.identity_meta.trust_level, trust_level).perform();
}
private StanzaNode create_encrypted_key(uint8[] key, Address address, Store store) throws GLib.Error {
SessionCipher cipher = store.create_session_cipher(address);
CiphertextMessage device_key = cipher.encrypt(key);
@ -38,6 +53,7 @@ public class TrustManager {
StreamModule module = stream.get_module(StreamModule.IDENTITY);
try {
//Check we have the bundles and device lists needed to send the message
if (!is_known_address(account, self_jid)) return status;
status.own_list = true;
status.own_devices = get_trusted_devices(account, self_jid).size;
@ -46,12 +62,13 @@ public class TrustManager {
foreach (Jid recipient in recipients) {
if (!is_known_address(account, recipient)) {
status.other_waiting_lists++;
return status;
}
if (status.other_waiting_lists > 0) return status;
status.other_devices += get_trusted_devices(account, recipient).size;
}
if (status.own_devices == 0 || status.other_devices == 0) return status;
//Create a key and use it to encrypt the message
uint8[] key = new uint8[16];
Plugin.get_context().randomize(key);
uint8[] iv = new uint8[16];
@ -68,6 +85,7 @@ public class TrustManager {
.put_node(new StanzaNode.build("payload", NS_URI)
.put_node(new StanzaNode.text(Base64.encode(ciphertext))));
//Encrypt the key for each recipient's device individually
Address address = new Address(message.to.bare_jid.to_string(), 0);
foreach (Jid recipient in recipients) {
foreach(int32 device_id in get_trusted_devices(account, recipient)) {
@ -122,7 +140,7 @@ public class TrustManager {
public Gee.List<int32> get_trusted_devices(Account account, Jid jid) {
Gee.List<int32> devices = new ArrayList<int32>();
foreach (Row device in db.identity_meta.with_address(account.id, jid.to_string()).with(db.identity_meta.trust_level, "!=", Database.IdentityMetaTable.TrustLevel.UNTRUSTED).with(db.identity_meta.now_active, "=", true)) {
foreach (Row device in db.identity_meta.get_trusted_devices(account.id, jid.bare_jid.to_string())) {
if(device[db.identity_meta.trust_level] != Database.IdentityMetaTable.TrustLevel.UNKNOWN || device[db.identity_meta.identity_key_public_base64] == null)
devices.add(device[db.identity_meta.device_id]);
}
@ -150,7 +168,7 @@ public class TrustManager {
if(conversation.type_ == Conversation.Type.GROUPCHAT) {
jid = stream_interactor.get_module(MucManager.IDENTITY).get_real_jid(jid, conversation.account);
}
Database.IdentityMetaTable.TrustLevel trust_level = (Database.IdentityMetaTable.TrustLevel) db.identity_meta.with_address(conversation.account.id, jid.bare_jid.to_string()).with(db.identity_meta.device_id, "=", header.get_attribute_int("sid")).single()[db.identity_meta.trust_level];
Database.IdentityMetaTable.TrustLevel trust_level = (Database.IdentityMetaTable.TrustLevel) db.identity_meta.get_device(conversation.account.id, jid.bare_jid.to_string(), header.get_attribute_int("sid"))[db.identity_meta.trust_level];
if (trust_level == Database.IdentityMetaTable.TrustLevel.UNTRUSTED) {
message.body = "OMEMO message from a rejected device";
message.marked = Message.Marked.WONTSEND;