Commit graph

3728 commits

Author SHA1 Message Date
Daniel Gultsch 9182a300c5 report fingerprint missmatch as securiy exception 2021-05-08 10:35:07 +02:00
Daniel Gultsch faa4c87b5f build omemo session when encountering unknown on RTP proceed 2021-05-08 09:25:51 +02:00
Daniel Gultsch 8d391753d7 encrypt rtp map as future 2021-05-08 08:45:31 +02:00
Daniel Gultsch 337aa4a110 consider Config.REQUIRE_RTP_VERIFICATION on decrypt. fail as future 2021-05-07 22:55:20 +02:00
Daniel Gultsch ddf597e0d3 invoke x509 verification upon receiving prekey message in rtp session 2021-05-06 18:40:35 +02:00
Daniel Gultsch e2324209ed make sure omemo sessions are verified if the the respective config flag is set 2021-05-04 19:04:01 +02:00
Daniel Gultsch 9544b994dc invoke omemo trust/fetch activity when triggering phone call in require_verification mode 2021-05-04 17:52:17 +02:00
Daniel Gultsch 3b25fb9038 encrypt to inactive and untrusted devices in jingle
encrypting to untrusted devices means no degradition of security
compared to not encrypting at all. Trust status display (shield) is made
independently at a later stage.
2021-05-04 10:49:45 +02:00
Daniel Gultsch 48156dd27f a/v calls: seperate out SECURITY error from APP_FAILURE
until now problems with verifying the call (omemo or DTLS missing) would
just be another app failure. This commit displays verifications problems as
their own thing.
2021-05-04 10:10:34 +02:00
Daniel Gultsch 6d91551f59 use onAddTrack instead of deprecated onAddStream 2021-05-03 13:06:42 +02:00
Daniel Gultsch 0717f9ba18 upgrade libwebrtc to m90 and enable extmap-allow-mixed 2021-05-03 09:48:46 +02:00
Daniel Gultsch ac7855a332 show domains in manual cert accept dialog 2021-05-03 08:28:03 +02:00
Daniel Gultsch c5e90199c3 trigger registration dialog on roster;ibr=y only if no accounts are configured
fixes #4065
2021-04-30 11:32:42 +02:00
Daniel Gultsch 9d9514a091 Add User-Agent to all HTTP calls 2021-04-30 10:54:36 +02:00
Daniel Gultsch bc58fb0fbd Always verify hostname/domain
There might be corner cases where it is required to use self signed
certificates. However there should be no corner cases where it is
required to use a wrong domain name. This commit swaps out the
MemorizingHostnameVerifier that let users accept wrong domains with the
standard XmppDomainVerifier.

closes #4066
2021-04-30 09:55:22 +02:00
Daniel Gultsch ec061bedc1 always show contact permission explain dialog on Quicksy
Until now Conversations and Quicksy would only disply the dialog that explains
why we want contact read permissions after the user rejected the request once

(following Android design guidelines and `shouldShowRequestPermissionRationale()`)

However for PlayStore policy this is no longer enough and the app needs to
explain and ask for consent before starting to upload the data.

This commit now displays the explain dialog immediately before asking for the
first time.
2021-04-24 08:20:30 +02:00
Daniel Gultsch 8aed588405 ensure vibration future is canceled when scheduling a new one 2021-04-18 16:09:36 +02:00
Daniel Gultsch ea2acc2963 use new hasInternet() API only on Android Q+
some VPN apps are broken on Android 7.1 (and below?)

fixes #4058
2021-04-18 15:47:31 +02:00
Daniel Gultsch 2760f07307 disable read timeout for HTTP Upload
fixes #4057
2021-04-18 15:46:47 +02:00
Daniel Gultsch 202bde46ed properly error out if upload fails. fixes #4052 2021-04-09 15:49:33 +02:00
Daniel Gultsch 37ce311764 do not attempt to play ringtone if none was found 2021-04-08 10:53:01 +02:00
Daniel Gultsch 9fc04c4b1e when receiving out-of-order session-init in terminal state do not move to terminal again
fixes #4049
2021-04-08 10:23:39 +02:00
Daniel Gultsch 55b2f2656d fix HTTP up/download for users that dont trust system CAs 2021-04-08 08:56:58 +02:00
Daniel Gultsch 0fc191d004 migrate hasInternetConnection() to new api
Thank you to @ailicic for figuring out the new API.

Closes #4050
2021-03-29 10:58:15 +02:00
Daniel Gultsch 30c9e7399e log track class in onAddTrack 2021-03-29 10:57:56 +02:00
Daniel Gultsch 08f27ddcf8 don’t show video call button if no camera is available 2021-03-26 14:04:36 +01:00
Daniel Gultsch 1822a71c2a Do not crash when receiving video call on device w/o camera
Upon accepting a video call on a device that can not establish a video track on
its own (for example by not having a camera), displaying the video enable/disable
button would fail. This commit defaults this button to disabled.
2021-03-26 12:54:26 +01:00
Daniel Gultsch 77f448692c catch security exception when reading file 2021-03-24 10:47:50 +01:00
Daniel Gultsch ff756647a9 clear dns cache on network switch 2021-03-23 21:03:58 +01:00
Daniel Gultsch 9a7fc3d9b8 disable omemo by default for *.covid.monal.im domains 2021-03-23 11:52:34 +01:00
Daniel Gultsch aad34783ad remove logging from needsUploading() 2021-03-22 19:05:46 +01:00
Daniel Gultsch 914ea9c398 use http proxy below android 7.1 2021-03-22 18:03:25 +01:00
Daniel Gultsch 02b16063c6 show popup dialog when backup has been started. fixes #4031 2021-03-22 15:40:22 +01:00
Daniel Gultsch 4ac64f3a3b clean up code for posh cache 2021-03-22 15:15:35 +01:00
Daniel Gultsch 8b90c1c498 port POSH code to OkHttp 2021-03-22 14:32:31 +01:00
Daniel Gultsch 70fc08314f remove unused method 2021-03-22 11:14:35 +01:00
Daniel Gultsch ce7f59a76c use okhttp to fetch captcha 2021-03-22 10:39:53 +01:00
Daniel Gultsch 1cd95aefa6 migrate redirection urls to HttpUrl 2021-03-22 10:12:53 +01:00
Daniel Gultsch 739d20428a optimize imports 2021-03-21 21:39:04 +01:00
Daniel Gultsch a6244d986a use settable futures for slot requester 2021-03-21 20:45:26 +01:00
Daniel Gultsch 8ac97b0027 disable extmap_allow_mixed by default 2021-03-21 19:40:52 +01:00
Daniel Gultsch 72828c6c4e fix 'checking file size' status display 2021-03-20 11:21:48 +01:00
Daniel Gultsch 38ef69a926 do not display toast for cancelled downloads 2021-03-20 11:00:20 +01:00
Daniel Gultsch aaac8296b3 only overwrite body in text messages 2021-03-19 19:51:13 +01:00
Daniel Gultsch e217551a82 migrate to OkHttp instead of HttpUrlConnection
OkHttp gives us more fine grained control over the HTTP library and frees us from any platform bugs
2021-03-19 14:57:20 +01:00
Daniel Gultsch b09a1432a3 Stanza.getErrorCondation only ever needs the tag name 2021-03-18 11:35:41 +01:00
Daniel Gultsch 6f1b71970d parse extmap-allow-mixed 2021-03-16 18:52:38 +01:00
Daniel Gultsch 3baacf8862 switch to unified plan 2021-03-16 18:52:38 +01:00
Daniel Gultsch 2681ad82e1 complain if mLineIndex can not be found when receiving candidates 2021-03-16 18:52:25 +01:00
Daniel Gultsch 8764d11cce kill pending queries when archiving conversation 2021-03-16 10:22:52 +01:00
Daniel Gultsch 3c60de54cb minor code clean up 2021-03-16 08:16:07 +01:00
Daniel Gultsch 859f3b2a1d fix NPE after race condition. fixes #4033 2021-03-13 11:13:19 +01:00
Daniel Gultsch bf25b24967 modify away when locked behaviour to locked || screen off
this new behaviour still takes care of not going online when quickly
checking for the time but it also includes systems that don’t have a
lock screen or incorrectly report being unlocked.
2021-03-13 10:52:06 +01:00
Daniel Gultsch 7c53dcc4f4 fixed NPE when service isnt bound 2021-03-13 10:51:41 +01:00
Daniel Gultsch 0fa06d65b5 overwrite body for plaintext group chat messages only 2021-03-07 09:59:09 +01:00
Daniel Gultsch e947a3f808 modify boyy on muc reflection 2021-03-06 12:43:59 +01:00
Daniel Gultsch b34f6e0720 null check weak reference value 2021-03-06 09:45:42 +01:00
Christopher Vollick ef24d2050b Remove Renomination from WebRTC Options
This is a feature of WebRTC that's [not standardized][1] and only
supported by libwebrtc. Since there's no support in jingle for passing
this capability from one peer to another, we're currently hard-coding
this option into both the local candidate and also the remote candidate
so they can use it.

But I'm trying to call a user that isn't using WebRTC, and renomination
is causing the call to stay in "connecting..." state for 10 or 20
seconds, sometimes longer, while both sides wait for the other to
nominate something based on their individual beliefs about the standards
they're using.

Removing this seems to make connecting relatively instantaneous.

If we want to reintroduce this feature, we should probably make a XEP so
the peers can negotiate honestly about it, and only use it if both sides
truely support the feature.

[1]: https://datatracker.ietf.org/doc/html/draft-thatcher-ice-renomination-01
2021-03-04 08:26:52 +00:00
Daniel Gultsch 4a175f915d version bump to 2.9.8-beta 2021-03-04 09:25:20 +01:00
Daniel Gultsch 5848013a1e handle pre key messages in dtls verification 2021-03-03 14:03:08 +01:00
Daniel Gultsch c5f801c1fe do not push empty candidates to backlog 2021-03-03 13:12:10 +01:00
Daniel Gultsch d52c46d582 use omemo verification only if omemo is enabled in conversation 2021-03-03 12:55:27 +01:00
Daniel Gultsch 3ee70b1d48 show verified shield in rtp session activity 2021-03-03 09:41:05 +01:00
Daniel Gultsch e4b2bb4a42 throw exception when unable to encrypt 2021-03-03 08:22:21 +01:00
Daniel Gultsch 8a6430ae29 ground work for omemo dtls verification 2021-03-02 21:13:49 +01:00
Daniel Gultsch d889c02a0a make ascii armor parsing more resiliant 2021-02-24 11:05:11 +01:00
Daniel Gultsch 9450d49b0b do not vibrate when in DND mode 2021-02-24 10:35:33 +01:00
Daniel Gultsch 24f2f52512 limit http upload / download to 4 parallel connections 2021-02-22 09:24:41 +01:00
Daniel Gultsch f92ea5c70b resend <propose/> only if server has stream mgmt 2021-02-21 13:37:08 +01:00
Daniel Gultsch 0812bae1ab do not run alpha check on jpegs 2021-02-20 10:08:43 +01:00
Daniel Gultsch 6bfe16f044 replace away when screen off with away when locked
fixes #3978
2021-02-19 15:59:56 +01:00
Daniel Gultsch 53da64b7e2 do not attempt to play 'none' ringtone
trying to play 'none' ringtone resulted in the default ring tone being played
2021-02-19 15:31:01 +01:00
Daniel Gultsch ebb38d7d75 consume volume down event 2021-02-18 22:16:28 +01:00
Daniel Gultsch 484f633180 let Conversations (not Android) play ringtone and vibration
fixes #3972 fixes #3801 fixes #3931
2021-02-18 20:55:31 +01:00
Daniel Gultsch 72e268e6b1 add TODO comments wrt to missing <retract/> parsing 2021-02-18 09:36:51 +01:00
Daniel Gultsch 78901e3339 use detached signatures 2021-02-17 22:47:40 +01:00
Daniel Gultsch 149224a073 do not deduplicate disco queries
Conversations used to deduplicate disco queries based on their hash.
However that relies on the first query to go through (device to actually
respond) and to respond properly (hash matches).

Creating a proper retry behaviour for this is actually quite challanging.
(which one would you try next, how long do you wait?)
2021-02-17 18:14:18 +01:00
Daniel Gultsch db447f845e resend session proposal on rebind 2021-02-12 11:36:44 +01:00
Daniel Gultsch 6cab0ad496 make rtp proposal tracked by SM. fixes #3983 2021-02-12 10:35:13 +01:00
Daniel Gultsch 9f869d3895 slightly change wording of sync_with_contacts_long 2021-02-11 18:55:27 +01:00
Daniel Gultsch 7330d8a7f0 fixed race conditions around PROCEED state. fixes #3989 2021-02-11 16:56:57 +01:00
mimi89999 ab17f935c3 Fix formatting of openkeychain_required_long message 2021-02-10 13:16:56 +00:00
mimi89999 d51b4380d7 Add variable app name in res strings
Closes #3988
2021-02-10 11:35:49 +00:00
Daniel Gultsch b6d62c13ef use ascii notation for punycode domains in SNI 2021-02-07 09:38:55 +01:00
Daniel Gultsch b76b60df5c verify against IDN variant of domain 2021-02-04 11:15:59 +01:00
Daniel Gultsch 358c70828f close inputstream in image meta data analysers 2021-01-31 10:13:20 +01:00
maxim432 156c4da2b3 Fix couple of leaks 2021-01-30 17:56:54 -08:00
Daniel Gultsch ca496fd39f look at only subset of pixels to check for alpha 2021-01-30 01:50:03 +01:00
Daniel Gultsch 53a038d90e fix rtp offline discovery 2021-01-30 01:47:03 +01:00
Daniel Gultsch 2155a50875 do not compress images with alpha channels 2021-01-29 21:25:00 +01:00
Daniel Gultsch 4a9dfb9567 fix copy url to clipboard action for undownloaded files 2021-01-28 17:49:34 +01:00
Daniel Gultsch 10382e83bf remove unused methods 2021-01-28 17:40:58 +01:00
Daniel Gultsch c11ac40df4 use 'missed call' as label for missed call status 2021-01-28 11:00:27 +01:00
Daniel Gultsch 0a2c753620 do not use offline fallback rtp capability if account is disabled 2021-01-26 09:35:03 +01:00
Daniel Gultsch 619af9c6c5 back button should not end call if call is connected. fixes #3975 2021-01-23 18:42:34 +01:00
Daniel Gultsch 9c9a953281 pluralize x_unread_conversations string 2021-01-23 11:25:22 +01:00
Daniel Gultsch 8ce7bfb95e automated code clean up 2021-01-23 09:25:34 +01:00
Daniel Gultsch 582aee4718 do not use empty display name for /me command 2021-01-22 12:51:01 +01:00
Daniel Gultsch 3b43cb0bda do not offer share button when file hasnt been downloaded. fixes #3971 2021-01-22 08:24:19 +01:00
Daniel Gultsch e711b3d294 remember last rtp capability 2021-01-22 08:24:19 +01:00