From 864928e087be453615e5f53548dad5c784b7e72c Mon Sep 17 00:00:00 2001
From: Raleigh <raleigh@theia.me.uk>
Date: Tue, 17 Mar 2020 22:40:17 +0000
Subject: [PATCH 1/5] HTTPUpload: Filename obfuscation feature

Instead of sending the actual filename to the server, user can choose to send a SHA1 hash. This can be useful when you use encryption and don't want to leak the filenames.
---
 gajim/common/config.py             | 1 +
 gajim/common/modules/httpupload.py | 8 +++++++-
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/gajim/common/config.py b/gajim/common/config.py
index 72e68f9b7..a03609fa0 100644
--- a/gajim/common/config.py
+++ b/gajim/common/config.py
@@ -346,6 +346,7 @@ class Config:
             'opened_chat_controls': [opt_str, '', _('List of XMPP Addresses (space separated) for which the chat window will be re-opened on next startup.')],
             'recent_groupchats': [opt_str, ''],
             'httpupload_verify': [opt_bool, True, _('HTTP File Upload: Enable HTTPS Verification.')],
+            'httpupload_obfuscate_filename': [opt_bool, False, _('HTTP File Upload: Obfuscate (sha1) the name of the file uploaded to a server.')],
             'filetransfer_preference' : [opt_str, 'httpupload', _('Preferred file transfer mechanism for file drag&drop on a chat window. Can be \'httpupload\' (default) or \'jingle\'.')],
             'allow_posh': [opt_bool, True, _('Allow certificate verification with POSH.')],
         }, {}),
diff --git a/gajim/common/modules/httpupload.py b/gajim/common/modules/httpupload.py
index 4206f9533..a6338d1d2 100644
--- a/gajim/common/modules/httpupload.py
+++ b/gajim/common/modules/httpupload.py
@@ -19,6 +19,7 @@
 import io
 from urllib.parse import urlparse
 import mimetypes
+import hashlib
 
 from nbxmpp import NS_HTTPUPLOAD_0
 from nbxmpp.util import is_error_result
@@ -354,7 +355,12 @@ def set_uri_transform_func(self, func):
 
     @property
     def filename(self):
-        return os.path.basename(self._path)
+        basename = os.path.basename(self._path)
+        if app.config.get_per('accounts',self._account,'httpupload_obfuscate_filename'):
+            sha = hashlib.sha1(basename.encode('utf-8')).hexdigest()
+            return sha
+        else:
+            return basename
 
     def set_error(self, text=''):
         self._close()
-- 
GitLab


From e60e63181801f11887f27d919ac9f4942b28bb0c Mon Sep 17 00:00:00 2001
From: Raleigh <raleigh@theia.me.uk>
Date: Tue, 17 Mar 2020 22:40:17 +0000
Subject: [PATCH 2/5] HTTPUpload: Filename obfuscation feature

Instead of sending the actual filename to the server, user can choose to send a SHA1 hash. This can be useful when you use encryption and don't want to leak the filenames.
---
 gajim/common/config.py             | 1 +
 gajim/common/modules/httpupload.py | 8 +++++++-
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/gajim/common/config.py b/gajim/common/config.py
index 72e68f9b7..a03609fa0 100644
--- a/gajim/common/config.py
+++ b/gajim/common/config.py
@@ -346,6 +346,7 @@ class Config:
             'opened_chat_controls': [opt_str, '', _('List of XMPP Addresses (space separated) for which the chat window will be re-opened on next startup.')],
             'recent_groupchats': [opt_str, ''],
             'httpupload_verify': [opt_bool, True, _('HTTP File Upload: Enable HTTPS Verification.')],
+            'httpupload_obfuscate_filename': [opt_bool, False, _('HTTP File Upload: Obfuscate (sha1) the name of the file uploaded to a server.')],
             'filetransfer_preference' : [opt_str, 'httpupload', _('Preferred file transfer mechanism for file drag&drop on a chat window. Can be \'httpupload\' (default) or \'jingle\'.')],
             'allow_posh': [opt_bool, True, _('Allow certificate verification with POSH.')],
         }, {}),
diff --git a/gajim/common/modules/httpupload.py b/gajim/common/modules/httpupload.py
index 4206f9533..a6338d1d2 100644
--- a/gajim/common/modules/httpupload.py
+++ b/gajim/common/modules/httpupload.py
@@ -19,6 +19,7 @@
 import io
 from urllib.parse import urlparse
 import mimetypes
+import hashlib
 
 from nbxmpp import NS_HTTPUPLOAD_0
 from nbxmpp.util import is_error_result
@@ -354,7 +355,12 @@ def set_uri_transform_func(self, func):
 
     @property
     def filename(self):
-        return os.path.basename(self._path)
+        basename = os.path.basename(self._path)
+        if app.config.get_per('accounts',self._account,'httpupload_obfuscate_filename'):
+            sha = hashlib.sha1(basename.encode('utf-8')).hexdigest()
+            return sha
+        else:
+            return basename
 
     def set_error(self, text=''):
         self._close()
-- 
GitLab


From 5dd7c27b713dc7ccd04149f3782b39c8e1e5a724 Mon Sep 17 00:00:00 2001
From: Raleigh <raleigh@theia.me.uk>
Date: Wed, 18 Mar 2020 10:42:46 +0000
Subject: [PATCH 3/5] Fixed style problems.

---
 gajim/common/modules/httpupload.py | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/gajim/common/modules/httpupload.py b/gajim/common/modules/httpupload.py
index a6338d1d2..a74cd7760 100644
--- a/gajim/common/modules/httpupload.py
+++ b/gajim/common/modules/httpupload.py
@@ -356,11 +356,9 @@ def set_uri_transform_func(self, func):
     @property
     def filename(self):
         basename = os.path.basename(self._path)
-        if app.config.get_per('accounts',self._account,'httpupload_obfuscate_filename'):
-            sha = hashlib.sha1(basename.encode('utf-8')).hexdigest()
-            return sha
-        else:
-            return basename
+        if app.config.get_per('accounts', self._account, 'httpupload_obfuscate'):
+            basename = hashlib.sha1(basename.encode('utf-8')).hexdigest()
+        return basename
 
     def set_error(self, text=''):
         self._close()
-- 
GitLab


From dcf611e7f13472ebbea3e813a3c3ab05f1f91cf9 Mon Sep 17 00:00:00 2001
From: Raleigh <raleigh@theia.me.uk>
Date: Wed, 18 Mar 2020 10:50:29 +0000
Subject: [PATCH 4/5] Style fix

---
 gajim/common/modules/httpupload.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/gajim/common/modules/httpupload.py b/gajim/common/modules/httpupload.py
index a74cd7760..45db60945 100644
--- a/gajim/common/modules/httpupload.py
+++ b/gajim/common/modules/httpupload.py
@@ -356,7 +356,9 @@ def set_uri_transform_func(self, func):
     @property
     def filename(self):
         basename = os.path.basename(self._path)
-        if app.config.get_per('accounts', self._account, 'httpupload_obfuscate'):
+        if app.config.get_per('accounts',
+                self._account,
+                'httpupload_obf_fn'):
             basename = hashlib.sha1(basename.encode('utf-8')).hexdigest()
         return basename
 
-- 
GitLab


From 64575eeff45dddf0791d0fd571d785adb8514faf Mon Sep 17 00:00:00 2001
From: Raleigh <raleigh@theia.me.uk>
Date: Wed, 18 Mar 2020 10:54:58 +0000
Subject: [PATCH 5/5] Added spaces. (sorry I'm not good with style)

---
 gajim/common/modules/httpupload.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/gajim/common/modules/httpupload.py b/gajim/common/modules/httpupload.py
index 45db60945..b6559c7fe 100644
--- a/gajim/common/modules/httpupload.py
+++ b/gajim/common/modules/httpupload.py
@@ -357,8 +357,8 @@ def set_uri_transform_func(self, func):
     def filename(self):
         basename = os.path.basename(self._path)
         if app.config.get_per('accounts',
-                self._account,
-                'httpupload_obf_fn'):
+                              self._account,
+                              'httpupload_obf_fn'):
             basename = hashlib.sha1(basename.encode('utf-8')).hexdigest()
         return basename
 
-- 
GitLab