Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
What's new
7
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Open sidebar
Vladislav Yarmak
gajim-plugins
Commits
02b15215
Commit
02b15215
authored
Sep 08, 2020
by
Vladislav Yarmak
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
[pgp] do not learn contact key from signed presence
parent
fd4acbc7
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
17 additions
and
30 deletions
+17
-30
pgp/modules/pgp_legacy.py
pgp/modules/pgp_legacy.py
+17
-30
No files found.
pgp/modules/pgp_legacy.py
View file @
02b15215
...
...
@@ -78,7 +78,6 @@ class PGPLegacy(BaseModule):
self
.
_store
=
KeyStore
(
self
.
_account
,
self
.
own_jid
,
self
.
_log
,
self
.
_pgp
.
list_keys
)
self
.
_always_trust
=
[]
self
.
_presence_key_id_store
=
{}
@
property
def
pgp_backend
(
self
):
...
...
@@ -97,42 +96,30 @@ class PGPLegacy(BaseModule):
return
self
.
_store
.
get_contact_key_data
(
*
args
,
**
kwargs
)
def
has_valid_key_assigned
(
self
,
jid
):
key_data
=
self
.
get_contact_key_data
(
jid
)
if
key_data
is
None
:
return
False
key_id
=
key_data
[
'key_id'
]
announced_key_id
=
self
.
_presence_key_id_store
.
get
(
jid
)
if
announced_key_id
is
None
:
return
True
if
announced_key_id
==
key_id
:
return
True
raise
KeyMismatch
(
announced_key_id
)
return
self
.
get_contact_key_data
(
jid
)
is
not
None
def
_on_presence_received
(
self
,
_con
,
_stanza
,
properties
):
if
properties
.
signed
is
None
:
return
jid
=
properties
.
jid
.
getBare
()
key_id
=
self
.
_pgp
.
verify
(
properties
.
status
,
properties
.
signed
)
self
.
_log
.
info
(
'Presence from %s was signed with key-id: %s'
,
jid
,
key_id
)
if
key_id
is
None
:
known_key_data
=
self
.
get_contact_key_data
(
jid
)
if
known_key_data
is
None
:
self
.
_log
.
info
(
'Presence from %s is signed, but we don
\'
t have PGP '
'key assigned for this contact.'
,
jid
)
return
self
.
_presence_key_id_store
[
jid
]
=
key_id
key_data
=
self
.
get_contact_key_data
(
jid
)
if
key_data
is
not
None
:
return
key
=
self
.
_pgp
.
get_key
(
key_id
)
if
not
key
:
self
.
_log
.
info
(
'Key-id %s not found in keyring, cant assign to %s'
,
key_id
,
jid
)
return
self
.
_log
.
info
(
'Assign key-id: %s to %s'
,
key_id
,
jid
)
self
.
set_contact_key_data
(
jid
,
(
key_id
,
key
[
0
][
'uids'
][
0
]))
sig_fp
=
self
.
_pgp
.
verify
(
properties
.
status
,
properties
.
signed
)
if
sig_fp
is
None
:
self
.
_log
.
critical
(
'Signed presence from %s verification failed!'
,
jid
)
else
:
if
sig_fp
==
known_key_data
[
'key_id'
]:
self
.
_log
.
info
(
'Presence from %s signature OK'
,
jid
)
else
:
self
.
_log
.
critical
(
'Presence from %s is signed with wrong key! '
'Expected key fingerprint=%s. '
'Actual key fingerprint=%s.'
,
jid
,
known_key_data
[
'key_id'
],
sig_fp
)
def
_message_received
(
self
,
_con
,
stanza
,
properties
):
if
not
properties
.
is_pgp_legacy
or
properties
.
from_muc
:
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment