merge sync
authorKrista 'DarthMama' Bennett <krista@pep.foundation>
Fri, 20 Sep 2019 11:41:07 +0200
branchsync
changeset 4076acdc645f515a
parent 4067 79804ea86623
parent 4075 11a4b0c917c6
child 4077 7061fa6755ba
child 4081 97df66f82ae0
merge
     1.1 --- a/src/message_api.c	Fri Sep 20 10:54:51 2019 +0200
     1.2 +++ b/src/message_api.c	Fri Sep 20 11:41:07 2019 +0200
     1.3 @@ -3934,6 +3934,8 @@
     1.4      *dst = msg;
     1.5      *keylist = _keylist;
     1.6  
     1.7 +    bool reenc_signer_key_is_own_key = false; // only matters for reencrypted messages 
     1.8 +    
     1.9      // 5. Reencrypt if necessary
    1.10      if (reencrypt) {
    1.11          if (decrypt_status == PEP_DECRYPTED || decrypt_status == PEP_DECRYPTED_AND_VERIFIED) {
    1.12 @@ -3942,10 +3944,9 @@
    1.13                  sfpr = _keylist->value;
    1.14               
    1.15              if (sfpr && decrypt_status == PEP_DECRYPTED_AND_VERIFIED) {
    1.16 -                bool key_is_own_key = false;
    1.17 -                own_key_is_listed(session, sfpr, &key_is_own_key);
    1.18 +                own_key_is_listed(session, sfpr, &reenc_signer_key_is_own_key);
    1.19                  
    1.20 -                if (!key_is_own_key) {
    1.21 +                if (!reenc_signer_key_is_own_key) {
    1.22                      message* reencrypt_msg = NULL;
    1.23                      PEP_STATUS reencrypt_status = PEP_CANNOT_REENCRYPT;
    1.24                      char* own_id = NULL;
    1.25 @@ -3983,8 +3984,21 @@
    1.26              }            
    1.27          }
    1.28      }
    1.29 -        
    1.30 -    if(decrypt_status == PEP_DECRYPTED_AND_VERIFIED)
    1.31 +    
    1.32 +    // Double-check for message 2.1: (note, we don't do this for already-reencrypted-messages)
    1.33 +    if (!(reencrypt && reenc_signer_key_is_own_key)) { 
    1.34 +        if (major_ver > 2 || (major_ver == 2 && minor_ver > 0)) {
    1.35 +            if (EMPTYSTR((*dst)->_sender_fpr) || 
    1.36 +               (!EMPTYSTR(_keylist->value) && (strcasecmp((*dst)->_sender_fpr, _keylist->value) != 0))) {
    1.37 +                if (decrypt_status == PEP_DECRYPTED_AND_VERIFIED)
    1.38 +                    decrypt_status = PEP_DECRYPTED;
    1.39 +                if (*rating > PEP_rating_unreliable)
    1.40 +                    *rating = PEP_rating_unreliable;
    1.41 +            }
    1.42 +        }
    1.43 +    }
    1.44 +    
    1.45 +    if (decrypt_status == PEP_DECRYPTED_AND_VERIFIED)
    1.46          return PEP_STATUS_OK;
    1.47      else
    1.48          return decrypt_status;
    1.49 @@ -4027,20 +4041,24 @@
    1.50  
    1.51      message *msg = *dst ? *dst : src;
    1.52  
    1.53 -    if (session->inject_sync_event && msg && msg->from &&
    1.54 -            !(*flags & PEP_decrypt_flag_dont_trigger_sync)) {
    1.55 -        size_t size;
    1.56 -        const char *data;
    1.57 -        char *sender_fpr = NULL;
    1.58 -        PEP_STATUS tmpstatus = base_extract_message(session, msg, &size, &data, &sender_fpr);
    1.59 -        if (!tmpstatus && size && data) {
    1.60 -            if (sender_fpr)
    1.61 -                signal_Sync_message(session, *rating, data, size, msg->from, sender_fpr);
    1.62 -            // FIXME: this must be changed to sender_fpr
    1.63 -            else if (*keylist)
    1.64 -                signal_Sync_message(session, *rating, data, size, msg->from, (*keylist)->value);
    1.65 +    if (status == PEP_UNENCRYPTED || status == PEP_DECRYPTED_AND_VERIFIED) {
    1.66 +        if (session->inject_sync_event && msg && msg->from &&
    1.67 +                !(*flags & PEP_decrypt_flag_dont_trigger_sync)) {
    1.68 +            size_t size;
    1.69 +            const char *data;
    1.70 +            char *sender_fpr = NULL;
    1.71 +            
    1.72 +            PEP_STATUS tmpstatus = base_extract_message(session, msg, &size, &data, &sender_fpr);
    1.73 +            if (!tmpstatus && size && data) {
    1.74 +                const char* event_sender_fpr = ((*dst)->_sender_fpr ? (*dst)->_sender_fpr : sender_fpr);
    1.75 +                // FIXME - I don't think this is OK anymore. We either have a signed beacon or a properly encrypted/signed 2.1 message
    1.76 +                // if ((!event_sender_fpr) && *keylist)
    1.77 +                //     event_sender_fpr = (*keylist)->value;
    1.78 +                if (event_sender_fpr)
    1.79 +                    signal_Sync_message(session, *rating, data, size, msg->from, event_sender_fpr);
    1.80 +            }
    1.81 +            free(sender_fpr);
    1.82          }
    1.83 -        free(sender_fpr);
    1.84      }
    1.85  
    1.86      return status;
     2.1 --- a/sync/gen_statemachine.ysl2	Fri Sep 20 10:54:51 2019 +0200
     2.2 +++ b/sync/gen_statemachine.ysl2	Fri Sep 20 11:41:07 2019 +0200
     2.3 @@ -823,6 +823,23 @@
     2.4                  if (ev->sender_fpr) {
     2.5                      free(session->«yml:lcase(@name)»_state.transport.sender_fpr);
     2.6                      session->«yml:lcase(@name)»_state.transport.sender_fpr = ev->sender_fpr;
     2.7 +                    
     2.8 +                    // Check against saved comm_partner sender_fpr state, if there is one yet
     2.9 +                    if (session->«yml:lcase(@name)»_state.comm_partner.sender_fpr) {
    2.10 +                        // 1. Does it match sender_fpr?
    2.11 +                        if (strcasecmp(session->«yml:lcase(@name)»_state.comm_partner.sender_fpr, ev->sender_fpr) != 0) {
    2.12 +                            // 2. If not, is it a group key?
    2.13 +                            bool is_own_key = false;
    2.14 +                            status = own_key_is_listed(session, ev->sender_fpr, &is_own_key);
    2.15 +                            if (status)
    2.16 +                                goto the_end;
    2.17 +                            if (!is_own_key) {
    2.18 +                                status = PEP_ILLEGAL_VALUE;
    2.19 +                                goto the_end;
    2.20 +                            }    
    2.21 +                        }
    2.22 +                    }
    2.23 +                                                            
    2.24                      ev->sender_fpr = NULL;
    2.25                  }
    2.26  
    2.27 @@ -834,6 +851,7 @@
    2.28                      ev->own_identities = NULL;
    2.29                  }
    2.30  
    2.31 +                
    2.32                  status = «@name»_driver(session, fsm, event);
    2.33  
    2.34              the_end: