Commit graph

139 commits

Author SHA1 Message Date
Daniel Gultsch b00c561f81 check for uuid change when decrypting pgp messages 2016-02-21 11:43:03 +01:00
Daniel Gultsch fab0a45955 re-read common name from certificates on startup 2016-02-02 13:43:20 +01:00
Daniel Gultsch 43521891f0 show fetch errors in trust keys activity 2016-01-23 11:39:02 +01:00
Andreas Straub 58d213f291 Fix OMEMO session creating loggin
Now prints the correct JID to the log when finding devices without
sessions.
2015-12-31 15:48:43 +01:00
Daniel Gultsch f46cbb38a9 show certificate information 2015-12-23 19:18:53 +01:00
Daniel Gultsch d0bad09f13 save certificate when verifying with x509 2015-12-23 17:41:26 +01:00
Daniel Gultsch 534013fd0c store identity key in XmppAxolotlSession instead of the fingerprint 2015-12-19 15:44:11 +01:00
Daniel Gultsch 15c8cb8ac6 add more debugging to certificate checks after new omemo session was established 2015-12-19 12:44:55 +01:00
Daniel Gultsch 15f220747f some more NPE checks 2015-12-10 23:16:39 +01:00
Daniel Gultsch 1de74c2337 also verify sessions in CBE mode that got created by key transport messages 2015-12-08 17:15:08 +01:00
Daniel Gultsch 23ef1c660a encrypt pgp messages to self 2015-11-26 17:44:11 +01:00
Daniel Gultsch a557d38e4d pgp fixes and revert configuration changes 2015-11-25 20:47:02 +01:00
Daniel Gultsch fbb7cb99f7 Merge pull request #1558 from fiaxh/pgp_api_9.0
Use OpenPGP-API 9.0
2015-11-24 06:52:24 +01:00
fiaxh 2c1f7e115c PgpEngine: Get account from conversation instead of from contact. fixes #1568, fixes #1544 2015-11-15 13:24:07 +00:00
fiaxh fac1d4e0bd Use OpenPGP-API 9.0 2015-11-09 13:49:57 +00:00
Daniel Gultsch baf76d883c indicate cbe in chat message hint 2015-10-31 22:55:04 +01:00
Daniel Gultsch bca29cf7fd explicitly mark verified omemo keys in UI 2015-10-31 10:57:57 +01:00
Daniel Gultsch 34bcc59f72 fixed session objects not being build on start up 2015-10-30 12:05:21 +01:00
Daniel Gultsch 6a458b853c Merge pull request #1513 from fiaxh/pgp_background_decryption
PGP messages background decryption
2015-10-30 10:18:27 +01:00
Daniel Gultsch c7ff196f58 push CN into nick pep node when uploading certificate. subscribe to nick node 2015-10-29 13:41:08 +01:00
fiaxh 29a849cb92 Decrypt PGP messages in background 2015-10-28 19:57:11 +00:00
Daniel Gultsch 3c6c424d31 don't retry building broken omemo keys 2015-10-17 15:51:21 +02:00
Daniel Gultsch e9e31b1c9b load axolotl session cache on first device update 2015-10-17 14:44:59 +02:00
Daniel Gultsch a83aae341f improved error reporting in trust keys activity 2015-10-17 14:09:26 +02:00
Daniel Gultsch cfeb67d71d introduced code to verify omemo device keys with x509 certificates.
cleaned up TrustKeysActivity to automatically close if there is nothing to do
2015-10-16 23:48:42 +02:00
Daniel Gultsch c1716a35e3 moved other name parsing into seperate method 2015-10-15 20:05:55 +02:00
Daniel Gultsch fc96dcaa4d use constants for oids in xmppdomainverifier 2015-10-15 19:14:41 +02:00
Daniel Gultsch 5b271e1ed8 more checks for xmppdomainverifier and better wildcard handling 2015-10-15 18:06:26 +02:00
Daniel Gultsch e75c2cd731 use own XmppDomainVerifier instead of deprecated StrictHostnameVerifier. fixes #1189 2015-10-15 17:08:38 +02:00
Daniel Gultsch 212d1a8c91 add config variable to enable x509 verification 2015-10-12 13:18:20 +02:00
Daniel Gultsch 933538a39d code clean up 2015-10-12 12:36:54 +02:00
Daniel Gultsch b519411d34 enable SASL EXTERNAL (certificate login 2015-10-11 20:45:01 +02:00
Daniel Gultsch 7be331bbb2 add menu item in account details to renew certificate 2015-10-11 16:10:52 +02:00
Andreas Straub fdd88aa530 Clean up
Fixes some random linter warnings.
2015-10-11 16:05:44 +02:00
Daniel Gultsch 506b83ddc6 be more careful when publishing device bundle 2015-09-17 14:18:06 +02:00
Daniel Gultsch eff173ebc2 indicate broken pep in server info 2015-09-06 19:40:28 +02:00
Andreas Straub a95c451f1e Only show that have sessions in fingerprint list
Doesn't access database directly anymore but goes through AxolotlService
now to obtain list of fingerprints associated with an Account/Contact.
This should prevent orphaned keys littering the UI which previously
couldn't be removed through the Clear Devices function.

Together with 1c79982da84964c1d81179a0927d9cd1eadf53de this fixes #1393
2015-09-06 15:15:57 +02:00
Andreas Straub 2bb033267b Don't manually add keys to the store
There is no need to preemptively add the keys to the store oneself.
SessionBuilder will take care of this for us. What's more, this will
prevent IdentityKeys from otherwise invalid bundles to show up in our
UI.
2015-09-06 15:15:57 +02:00
Andreas Straub e2d506c96a Never build a session with oneself
If we detect our own ID is not in our own devicelist on receiving an
update, we reannounce ourselves. This used to have the side effect of
modifying the list of devices we thought were in the update set, causing
us to accidentally build a session with ourselves.

This lead to our own key being set to TRUSTED_INACTIVE, resulting in red
lock icons on messages sent by the own device.

We fix this by having publishOwnDeviceId() operate on a copy of the
original set. This commit also includes a db migration which deletes
sessions with oneself and sets own keys back to TRUSTED.
2015-09-05 17:29:58 +02:00
Daniel Gultsch 91b0605bc2 use same method to add message hints to otr message everywhere it is needed 2015-09-01 22:36:56 +02:00
Andreas Straub 1156ccbce2 Fix error handling for announce check retrieval
Only aborts when a timeout was received. Error conditions (most notably
item-not-found) are interpreted as no other devices existing.
2015-08-26 20:52:44 +02:00
Andreas Straub c4a548ada0 Only announce device after publishing bundle 2015-08-26 15:45:21 +02:00
Andreas Straub 0eeaccd974 Fix key publishing
Remove invalid check for result code, which prevented publishing if the
node was empty to begin with.

Fix pepBroken check
2015-08-26 00:27:39 +02:00
Andreas Straub 25a9d59412 Add more logging to pep attemp counter logic 2015-08-25 18:52:36 +02:00
Andreas Straub eafcf38ec9 Limit number of PEP publish tries
If PEP publish tries are repeatedly triggered by empty PEP updates, stop
attempting to publish after 3 tries. This should work around broken PEP
implementations in older ejabberd and OpenFire versions.
2015-08-25 18:43:44 +02:00
Andreas Straub b84fecf51a Pass through device IDs when updating own list 2015-08-25 12:17:09 +02:00
Daniel Gultsch 5eae1e52d2 cleared up some error messages in axolotl service and execute publishOwnDevicesWhenNeeded() only if processing our own jid 2015-08-25 11:43:10 +02:00
Andreas Straub e1dc7f990d Add error handling to OMEMO PEP code
Log received errors and abort processing
2015-08-23 13:23:51 +02:00
Daniel Gultsch c082066118 catch null pointer in ScramSHA1 sasl 2015-08-16 11:50:33 +02:00
Andreas Straub 7437d0fe0c Increase number of published prekeys for release 2015-08-07 12:30:39 +02:00