Commit graph

224 commits

Author SHA1 Message Date
Daniel Gultsch d6e51288c3 Merge pull request #2564 from yushijinhun/fix-decryption-blocked
Give up PGP decryption when intent is cancelled
2017-07-25 09:20:51 +02:00
yushijinhun 48147b7fd1
Give up PGP decryption when intent is cancelled
When receiving a PGP message which is not encrypted with YOUR key,
OpenKeychain shows a dialog, which tells you the private key to decrypt
the message is unavailable. However, Conversations won't give up
decrypting the message. So whether the subsequent messages are
decryptable or not, the decryption is blocked at the current message.
The commit fixes the bug in this way: Give up the current message when
the decryption intent is cancelled, so that subsequent messages can be
handled.
2017-07-25 15:09:18 +08:00
Daniel Gultsch 432598f896 Merge branch 'bugfixes' 2017-07-23 07:53:09 +02:00
Daniel Gultsch c8bd5bc1f5 made OF selfSigned() workaround only available >=kitkat
this undos 8a729061d5. as it turns out 4.1
and 4.0 only break when checking if a cert is self signed.
2017-07-23 07:47:39 +02:00
Daniel Gultsch 85dc0c284d made omemo always available but in public mucs 2017-07-18 12:51:15 +02:00
Daniel Gultsch da87eac48e provide upgrade path for accounts with publish-options 2017-07-18 12:51:15 +02:00
Daniel Gultsch 9a57673130 use publish-options instead of always pushing node configuration 2017-07-18 12:51:15 +02:00
Daniel Gultsch 8d6b2074cb let hasPendingFetches() return true when fetching device ids 2017-07-18 12:51:15 +02:00
Daniel Gultsch 7a2856ac86 fetch required device ids on demand 2017-07-18 12:51:15 +02:00
Daniel Gultsch f7258d16e1 explicitly fetch device ids before building sessions in single mode conversation 2017-07-18 12:51:15 +02:00
Daniel Gultsch 25e993693f change access model of omemo pep nodes after every publish 2017-07-18 12:51:15 +02:00
Daniel Gultsch 6c95897f09 fetch device ids for muc members w/o known devices 2017-07-18 12:51:15 +02:00
Daniel Gultsch 8a729061d5 use CN-workaround for pre-kitkat 2017-07-17 23:13:55 +02:00
Daniel Gultsch 217335703c fix regression introduces with OF fix. properly fall back to common name 2017-07-17 21:11:15 +02:00
Daniel Gultsch 8afe7efc2c workaround for OpenFire: check CN first in self signed certs
The self signed certificates created by OpenFire (Not sure if other
certs are affected as well) will crash the Java/Android TLS stack when
accessing getSubjectAlternativeNames() on the the peer certificate.

This usually goes unnoticed in other applications since the
DefaultHostnameVerifier checkes the CN first. That however is a
violation of RFC6125 section 6.4.4 which requires us to check for the
existence of SAN first.

This commit adds a work around where in self signed certificates we
check for the CN first as well. (Avoiding the call to
getSubjectAlternativeNames())
2017-07-16 11:05:25 +02:00
Daniel Gultsch cbce73c301 fixed fingerprint trust (was messed up after library upgrade) 2017-06-25 18:18:13 +02:00
Daniel Gultsch 2ed71df01a also check for hostname in in certs if hostname is from trusted source 2017-06-21 23:40:01 +02:00
Daniel Gultsch 24768d051d upgrade to signal-protocol-java. thanks @ysangkok
fixes #1384
closes #2509
2017-06-18 16:36:30 +02:00
Daniel Gultsch f98888d796 display open pgp key id in account details and allow to delete. fixes #2470 2017-05-04 13:02:46 +02:00
Daniel Gultsch cc1402442a don't load signed prekeys on startup 2017-05-04 11:03:58 +02:00
cijo-saju 3467a67e75 Removed unused imports from entire project. 2017-04-12 20:24:36 +05:30
Daniel Gultsch 99565a6876 treat URL as file if URL is in oob or contains key 2017-04-05 22:35:42 +02:00
Daniel Gultsch 0c0ff882a9 make x509 verification node world readable 2017-02-24 19:58:46 +01:00
Daniel Gultsch 53241f2ef1 add explicit encryption hints to outgoing messages 2017-01-26 19:19:08 +01:00
Sam Whited bfc2cffc2f Add SCRAM-SHA-2 support 2017-01-15 23:43:44 -06:00
Daniel Gultsch d028f4b398 refactored whispermessage processing 2017-01-15 18:54:47 +01:00
Daniel Gultsch 8f39a594ff partially improved logging for receiving omemo messages 2017-01-14 18:10:04 +01:00
Daniel Gultsch bfacc180c5 don't allow to purge keys. offer distrut instead 2017-01-12 15:59:13 +01:00
Daniel Gultsch 2c1d3ef968 fixed avatar republish missing the mime type 2017-01-12 12:20:10 +01:00
Daniel Gultsch f0c3b31a42 treat omemo keys >= 32 bytes as containing auth tag. add config flag to put auth tag in key 2017-01-09 21:47:07 +01:00
Daniel Gultsch a1cb855739 adding prekey='true' to omemo messages if applicable 2017-01-09 20:20:02 +01:00
Daniel Gultsch fcd9ab17fe don't throw assertion error when building session with same device id from other contact 2016-12-28 22:15:24 +01:00
Daniel Gultsch e5fff42b10 added omemo padding but disabled by Config.java flag 2016-12-20 16:12:12 +01:00
Daniel Gultsch fbbf1a37b4 disable removing of broken devices by default 2016-12-18 11:49:27 +01:00
Daniel Gultsch dbda2afd6d remove broken devices only once to prevent loops 2016-12-18 11:47:42 +01:00
Daniel Gultsch 87746ca2ba remove own fetch errors from device announcement 2016-12-16 17:12:26 +01:00
Daniel Gultsch 58de10bcab use prepped string when building axolotl session 2016-12-01 20:48:39 +01:00
Daniel Gultsch 2ec7165381 update the conversations view (and the lock icon) after receiving device list 2016-11-24 11:28:04 +01:00
Daniel Gultsch 839ef8e14b introduced blind trust before verification mode
read more about the concept on https://gultsch.de/trust.html
2016-11-23 10:42:27 +01:00
Daniel Gultsch b71aa6d3a4 remove omemo devices from annoucement after 7 days of inactivity 2016-11-19 21:39:16 +01:00
Daniel Gultsch 6362799d56 save last activation time in fingerprint status 2016-11-19 13:34:54 +01:00
Daniel Gultsch 2b9b3be3f1 show 'clear devices' button underneath own devices 2016-11-18 21:49:52 +01:00
Daniel Gultsch a86a36f570 removed some unecessary logging from omemo message generation 2016-11-18 20:13:09 +01:00
Daniel Gultsch 9d9a9e63ad removed some very verbose logging from axolotl service 2016-11-18 13:03:02 +01:00
Daniel Gultsch 211354ee26 put omemo fingerprint in own uri (qr code / nfc) 2016-11-17 22:28:45 +01:00
Daniel Gultsch 7e2e42cb11 parse omemo fingerprints from uris 2016-11-17 20:09:42 +01:00
Daniel Gultsch ad9a8c2281 use base64.nowrap for omemo keys 2016-11-17 10:58:44 +01:00
Daniel Gultsch d61b00604d fixed enabling trust toggle. unknown->untrusted 2016-11-15 15:14:21 +01:00
Daniel Gultsch 05fc15be3d refactore trust enum to be FingerprintStatus class with trust and active 2016-11-14 22:27:41 +01:00
Daniel Gultsch 44ce5df359 write prepped string to db. use display version everywhere else 2016-10-20 17:31:46 +02:00