Merge with sync sequoia_windows
authorThomas
Thu, 30 May 2019 07:58:19 +0200
branchsequoia_windows
changeset 3784b6a0f8ceede7
parent 3766 dffc8ed6625a
parent 3783 119aba513e36
child 3787 9c8b6dd07b92
Merge with sync
     1.1 --- a/src/message_api.c	Wed May 29 11:41:22 2019 +0200
     1.2 +++ b/src/message_api.c	Thu May 30 07:58:19 2019 +0200
     1.3 @@ -3893,15 +3893,16 @@
     1.4              !(*flags & PEP_decrypt_flag_dont_trigger_sync)) {
     1.5          size_t size;
     1.6          const char *data;
     1.7 -        char *sync_fpr = NULL;
     1.8 -        PEP_STATUS tmpstatus = base_extract_message(session, msg, &size, &data, &sync_fpr);
     1.9 +        char *sender_fpr = NULL;
    1.10 +        PEP_STATUS tmpstatus = base_extract_message(session, msg, &size, &data, &sender_fpr);
    1.11          if (!tmpstatus && size && data) {
    1.12 -            if (sync_fpr)
    1.13 -                signal_Sync_message(session, *rating, data, size, msg->from, sync_fpr);
    1.14 +            if (sender_fpr)
    1.15 +                signal_Sync_message(session, *rating, data, size, msg->from, sender_fpr);
    1.16 +            // FIXME: this must be changed to sender_fpr
    1.17              else if (*keylist)
    1.18                  signal_Sync_message(session, *rating, data, size, msg->from, (*keylist)->value);
    1.19          }
    1.20 -        free(sync_fpr);
    1.21 +        free(sender_fpr);
    1.22      }
    1.23  
    1.24      return status;
     2.1 --- a/src/pEp_internal.h	Wed May 29 11:41:22 2019 +0200
     2.2 +++ b/src/pEp_internal.h	Thu May 30 07:58:19 2019 +0200
     2.3 @@ -251,7 +251,6 @@
     2.4      void *sync_management;
     2.5      void *sync_obj;
     2.6      struct Sync_state_s sync_state;
     2.7 -    struct own_Sync_state_s own_sync_state;
     2.8  
     2.9  //     void* sync_state_payload;
    2.10  //     char sync_uuid[37];
     3.1 --- a/sync/cond_act_sync.yml2	Wed May 29 11:41:22 2019 +0200
     3.2 +++ b/sync/cond_act_sync.yml2	Thu May 30 07:58:19 2019 +0200
     3.3 @@ -21,7 +21,7 @@
     3.4  condition weAreFirst
     3.5  ||
     3.6      TID_t *t1 = &session->sync_state.keysync.challenge;
     3.7 -    TID_t *t2 = &session->own_sync_state.challenge;
     3.8 +    TID_t *t2 = &session->sync_state.own.challenge;
     3.9  
    3.10      *result = _TID_greater(t1, t2);
    3.11  ||
    3.12 @@ -29,38 +29,30 @@
    3.13  condition partnerIsGrouped
    3.14  |> *result = session->sync_state.keysync.is_group;
    3.15  
    3.16 -condition challengeAccepted
    3.17 +condition sameChallenge
    3.18  ||
    3.19      TID_t *t1 = &session->sync_state.keysync.challenge;
    3.20 -    TID_t *t2 = &session->own_sync_state.challenge;
    3.21 +    TID_t *t2 = &session->sync_state.own.challenge;
    3.22  
    3.23      *result = t1->size == t2->size && memcmp(t1->buf, t2->buf, t1->size) == 0;
    3.24  ||
    3.25  
    3.26 -condition sameChallenge
    3.27 -||
    3.28 -    TID_t *t1 = &session->sync_state.keysync.challenge;
    3.29 -    TID_t *t2 = &session->own_sync_state.challenge;
    3.30 -
    3.31 -    *result = t1->size == t2->size && memcmp(t1->buf, t2->buf, t1->size) == 0;
    3.32 -||
    3.33 -
    3.34 -condition sameTransaction
    3.35 +condition sameNegotiation
    3.36  ||
    3.37      TID_t *t1 = &session->sync_state.keysync.negotiation;
    3.38 -    TID_t *t2 = &session->own_sync_state.negotiation;
    3.39 +    TID_t *t2 = &session->sync_state.comm_partner.negotiation;
    3.40  
    3.41      // test if TID is identical
    3.42      *result = t1->size == t2->size && memcmp(t1->buf, t2->buf, t1->size) == 0;
    3.43  ||
    3.44  
    3.45 -condition sameTransactionAndPartner
    3.46 +condition sameNegotiationAndPartner
    3.47  ||
    3.48      TID_t *t1 = &session->sync_state.keysync.negotiation;
    3.49 -    TID_t *t2 = &session->own_sync_state.negotiation;
    3.50 +    TID_t *t2 = &session->sync_state.comm_partner.negotiation;
    3.51  
    3.52 -    const char *s1 = session->sync_state.common.signature_fpr;
    3.53 -    const char *s2 = session->own_sync_state.signature_fpr;
    3.54 +    const char *s1 = session->sync_state.comm_partner.sender_fpr;
    3.55 +    const char *s2 = session->sync_state.transport.sender_fpr;
    3.56  
    3.57      // test if TID is identical
    3.58      *result = t1->size == t2->size && memcmp(t1->buf, t2->buf, t1->size) == 0
    3.59 @@ -70,8 +62,8 @@
    3.60  
    3.61  condition keyElectionWon
    3.62  ||
    3.63 -    pEp_identity *from = session->sync_state.common.from;
    3.64 -    char *signature_fpr = session->sync_state.common.signature_fpr;
    3.65 +    pEp_identity *from = session->sync_state.transport.from;
    3.66 +    char *sender_fpr = session->sync_state.comm_partner.sender_fpr;
    3.67  
    3.68      assert(from && from->address && from->address[0] && from->user_id &&
    3.69              from->user_id[0]);
    3.70 @@ -91,8 +83,8 @@
    3.71          return PEP_ILLEGAL_VALUE;
    3.72      }
    3.73  
    3.74 -    size_t len = MIN(strlen(signature_fpr), strlen(me->fpr));
    3.75 -    *result = strncasecmp(signature_fpr, me->fpr, len) > 0;
    3.76 +    size_t len = MIN(strlen(sender_fpr), strlen(me->fpr));
    3.77 +    *result = strncasecmp(sender_fpr, me->fpr, len) > 0;
    3.78      free_identity(me);
    3.79  ||
    3.80  
    3.81 @@ -101,10 +93,12 @@
    3.82  function "new_UUID" {
    3.83      param "dst";
    3.84      ||
    3.85 -        pEpUUID c;
    3.86 -        uuid_generate_random(c);
    3.87 +        {
    3.88 +            pEpUUID c;
    3.89 +            uuid_generate_random(c);
    3.90  
    3.91 -        OCTET_STRING_fromBuf(«$dst», (char *) c, 16);
    3.92 +            OCTET_STRING_fromBuf(«$dst», (char *) c, 16);
    3.93 +        }
    3.94      ||
    3.95  }
    3.96  
    3.97 @@ -141,75 +135,98 @@
    3.98      ||
    3.99  }
   3.100  
   3.101 -action newChallenge {
   3.102 +action newChallengeAndNegotiationBase {
   3.103      // random new challenge
   3.104 -    call "new_UUID" with "dst" > &session->own_sync_state.challenge
   3.105 -    // store a copy of this challenge
   3.106 +    call "new_UUID" with "dst" > &session->sync_state.own.challenge
   3.107      call "copy_UUID" {
   3.108 -        with "src" > &session->own_sync_state.challenge
   3.109 -        with "dst" > &session->sync_state.common.challenge
   3.110 +        with "src" > &session->sync_state.own.challenge
   3.111 +        with "dst" > &session->sync_state.keysync.challenge
   3.112 +    }
   3.113 +
   3.114 +    // this is the random data we are using as a base
   3.115 +    call "new_UUID" with "dst" > &session->sync_state.own.negotiation
   3.116 +||
   3.117 +    memset(session->sync_state.keysync.negotiation.buf, 0,
   3.118 +            session->sync_state.keysync.negotiation.size);
   3.119 +    memset(session->sync_state.comm_partner.negotiation.buf, 0,
   3.120 +            session->sync_state.comm_partner.negotiation.size);
   3.121 +||
   3.122 +}
   3.123 +
   3.124 +action useOwnChallenge call "copy_UUID" {
   3.125 +    with "src" > &session->sync_state.own.challenge
   3.126 +    with "dst" > &session->sync_state.keysync.challenge
   3.127 +}
   3.128 +
   3.129 +action openNegotiation {
   3.130 +||
   3.131 +    // sender key must be stable while transaction
   3.132 +
   3.133 +    // we take the actual signature of the last message and store it in our
   3.134 +    // state for the comm partner
   3.135 +    assert(session->sync_state.transport.sender_fpr);
   3.136 +
   3.137 +    free(session->sync_state.comm_partner.sender_fpr);
   3.138 +
   3.139 +    session->sync_state.comm_partner.sender_fpr
   3.140 +            = strdup(session->sync_state.transport.sender_fpr);
   3.141 +    assert(session->sync_state.comm_partner.sender_fpr);
   3.142 +    if (!session->sync_state.comm_partner.sender_fpr)
   3.143 +        return PEP_OUT_OF_MEMORY;
   3.144 +
   3.145 +    // we need a unique TID for the Negotiation with each single comm_partner
   3.146 +    // we identify the comm_partners by their Challenge
   3.147 +    // we derive the actual Negotiation TID by having random data and XORing it
   3.148 +    // with comm_partner's Challenge
   3.149 +
   3.150 +    // copy Negotiation base into buffer
   3.151 +
   3.152 +||
   3.153 +    call "copy_UUID" {
   3.154 +        with "src" > &session->sync_state.own.negotiation
   3.155 +        with "dst" > &session->sync_state.keysync.negotiation
   3.156 +    }
   3.157 +||
   3.158 +
   3.159 +    // we're XORing this with the challenge of the comm_partner, which is in
   3.160 +    // the buffer already
   3.161 +
   3.162 +||
   3.163 +    call "xor_UUID" {
   3.164 +        with "src" > &session->sync_state.keysync.challenge
   3.165 +        with "dst" > &session->sync_state.keysync.negotiation
   3.166 +    }
   3.167 +||
   3.168 +
   3.169 +    // this is the Negotiation's TID for this comm_partner
   3.170 +
   3.171 +||
   3.172 +    call "copy_UUID" {
   3.173 +        with "src" > &session->sync_state.keysync.negotiation
   3.174 +        with "dst" > &session->sync_state.comm_partner.negotiation
   3.175      }
   3.176  }
   3.177  
   3.178 -action replyChallenge call "copy_UUID" {
   3.179 -    with "src" > &session->sync_state.keysync.challenge
   3.180 -    with "dst" > &session->own_sync_state.challenge
   3.181 -}
   3.182 -
   3.183 -action useOwnChallenge call "copy_UUID" {
   3.184 -    with "src" > &session->sync_state.common.challenge
   3.185 -    with "dst" > &session->own_sync_state.challenge
   3.186 -}
   3.187 -
   3.188 -action newTransaction {
   3.189 +action storeNegotiation {
   3.190  ||
   3.191      // sender key must be stable while transaction
   3.192 -    assert(session->sync_state.common.signature_fpr);
   3.193 -    free(session->own_sync_state.signature_fpr);
   3.194 -    session->own_sync_state.signature_fpr
   3.195 -            = strdup(session->sync_state.common.signature_fpr);
   3.196 -    assert(session->own_sync_state.signature_fpr);
   3.197 -    if (!session->own_sync_state.signature_fpr)
   3.198 -        return PEP_OUT_OF_MEMORY;
   3.199  
   3.200 -||
   3.201 -    call "copy_UUID" {
   3.202 -        with "src" > &session->sync_state.keysync.challenge
   3.203 -        with "dst" > &session->sync_state.keysync.negotiation
   3.204 -    }
   3.205 -    call "xor_UUID" {
   3.206 -        with "src" > &session->own_sync_state.challenge
   3.207 -        with "dst" > &session->sync_state.keysync.negotiation
   3.208 -    }
   3.209 -    call "copy_UUID" {
   3.210 -        with "src" > &session->sync_state.keysync.negotiation
   3.211 -        with "dst" > &session->own_sync_state.negotiation
   3.212 -    }
   3.213 -}
   3.214 +    // we take the actual signature of the last message and store it in our
   3.215 +    // state for the comm partner
   3.216 +    assert(session->sync_state.transport.sender_fpr);
   3.217  
   3.218 -action closeTransaction
   3.219 -||
   3.220 -    memset(session->sync_state.keysync.negotiation.buf, 0,
   3.221 -            session->sync_state.keysync.negotiation.size);
   3.222 -    memset(session->own_sync_state.negotiation.buf, 0,
   3.223 -            session->own_sync_state.negotiation.size);
   3.224 -||
   3.225 +    free(session->sync_state.comm_partner.sender_fpr);
   3.226  
   3.227 -action storeTransaction {
   3.228 -||
   3.229 -    // sender key must be stable while transaction
   3.230 -    assert(session->sync_state.common.signature_fpr);
   3.231 -    free(session->own_sync_state.signature_fpr);
   3.232 -    session->own_sync_state.signature_fpr
   3.233 -            = strdup(session->sync_state.common.signature_fpr);
   3.234 -    assert(session->own_sync_state.signature_fpr);
   3.235 -    if (!session->own_sync_state.signature_fpr)
   3.236 +    session->sync_state.comm_partner.sender_fpr
   3.237 +            = strdup(session->sync_state.transport.sender_fpr);
   3.238 +    assert(session->sync_state.comm_partner.sender_fpr);
   3.239 +    if (!session->sync_state.comm_partner.sender_fpr)
   3.240          return PEP_OUT_OF_MEMORY;
   3.241  
   3.242  ||
   3.243      call "copy_UUID" {
   3.244          with "src" > &session->sync_state.keysync.negotiation
   3.245 -        with "dst" > &session->own_sync_state.negotiation
   3.246 +        with "dst" > &session->sync_state.comm_partner.negotiation
   3.247      }
   3.248  }
   3.249  
   3.250 @@ -239,11 +256,11 @@
   3.251      ||
   3.252      otherwise
   3.253      ||
   3.254 -        assert(session->sync_state.common.from);
   3.255 -        if (!session->sync_state.common.from)
   3.256 +        assert(session->sync_state.transport.from);
   3.257 +        if (!session->sync_state.transport.from)
   3.258              return PEP_ILLEGAL_VALUE;
   3.259  
   3.260 -        pEp_identity *from = session->sync_state.common.from;
   3.261 +        pEp_identity *from = session->sync_state.transport.from;
   3.262          pEp_identity *me = NULL;
   3.263          PEP_STATUS status = get_identity(session, from->address, from->user_id, &me);
   3.264          assert(status == PEP_STATUS_OK);
   3.265 @@ -262,10 +279,10 @@
   3.266              return PEP_OUT_OF_MEMORY;
   3.267          }
   3.268  
   3.269 -        assert(session->sync_state.common.signature_fpr);
   3.270 -        if (session->sync_state.common.signature_fpr) {
   3.271 +        assert(session->sync_state.comm_partner.sender_fpr);
   3.272 +        if (session->sync_state.comm_partner.sender_fpr) {
   3.273              free(partner->fpr);
   3.274 -            partner->fpr = strdup(session->sync_state.common.signature_fpr);
   3.275 +            partner->fpr = strdup(session->sync_state.comm_partner.sender_fpr);
   3.276              if (!partner->fpr) {
   3.277                  free_identity(me);
   3.278                  free_identity(partner);
   3.279 @@ -323,9 +340,9 @@
   3.280      if (status)
   3.281          return status;
   3.282  
   3.283 -    if (session->own_sync_state.own_keys)
   3.284 -        free_stringlist(session->own_sync_state.own_keys);
   3.285 -    session->own_sync_state.own_keys = own_keys;
   3.286 +    if (session->sync_state.own.keys)
   3.287 +        free_stringlist(session->sync_state.own.keys);
   3.288 +    session->sync_state.own.keys = own_keys;
   3.289  
   3.290      identity_list *il;
   3.291      status = _own_identities_retrieve(session, &il, PEP_idf_not_for_sync);
   3.292 @@ -359,7 +376,7 @@
   3.293      PEP_STATUS status = PEP_STATUS_OK;
   3.294  
   3.295      // set flag for current keys
   3.296 -    for (identity_list *il = session->own_sync_state.own_identities; il && il->ident ; il = il->next) {
   3.297 +    for (identity_list *il = session->sync_state.own.identities; il && il->ident ; il = il->next) {
   3.298          if (!(il->ident->flags && PEP_idf_not_for_sync)) {
   3.299              status = set_identity_flags(session, il->ident, PEP_idf_devicegroup);
   3.300              if (status)
   3.301 @@ -373,7 +390,7 @@
   3.302      PEP_STATUS status = PEP_STATUS_OK;
   3.303  
   3.304      // set flag for current keys
   3.305 -    for (identity_list *il = session->own_sync_state.own_identities; il && il->ident ; il = il->next) {
   3.306 +    for (identity_list *il = session->sync_state.own.identities; il && il->ident ; il = il->next) {
   3.307          if (!(il->ident->flags && PEP_idf_not_for_sync)) {
   3.308              status = set_identity_flags(session, il->ident, PEP_idf_devicegroup);
   3.309              if (status)
   3.310 @@ -385,10 +402,10 @@
   3.311      if (!il)
   3.312          return PEP_OUT_OF_MEMORY;
   3.313  
   3.314 -    for (il = session->own_sync_state.own_identities; il && il->ident ; il = il->next) {
   3.315 +    for (il = session->sync_state.own.identities; il && il->ident ; il = il->next) {
   3.316          // replace partner's user_id with own user_id
   3.317          free(il->ident->user_id);
   3.318 -        il->ident->user_id = strdup(session->sync_state.common.from->user_id);
   3.319 +        il->ident->user_id = strdup(session->sync_state.transport.from->user_id);
   3.320          if (!il->ident->user_id) {
   3.321              free_identity_list(il);
   3.322              return PEP_OUT_OF_MEMORY;
   3.323 @@ -412,15 +429,15 @@
   3.324  
   3.325  action trustThisKey
   3.326  ||
   3.327 -    assert(session->sync_state.common.from && session->sync_state.common.signature_fpr);
   3.328 -    if (!(session->sync_state.common.from && session->sync_state.common.signature_fpr))
   3.329 +    assert(session->sync_state.transport.from && session->sync_state.comm_partner.sender_fpr);
   3.330 +    if (!(session->sync_state.transport.from && session->sync_state.comm_partner.sender_fpr))
   3.331          return PEP_ILLEGAL_VALUE;
   3.332  
   3.333 -    pEp_identity *ident = identity_dup(session->sync_state.common.from);
   3.334 +    pEp_identity *ident = identity_dup(session->sync_state.transport.from);
   3.335      if (!ident)
   3.336          return PEP_OUT_OF_MEMORY;
   3.337      free(ident->fpr);
   3.338 -    ident->fpr = strdup(session->sync_state.common.signature_fpr);
   3.339 +    ident->fpr = strdup(session->sync_state.comm_partner.sender_fpr);
   3.340      assert(ident->fpr);
   3.341      if (!ident->fpr) {
   3.342          free_identity(ident);
   3.343 @@ -439,13 +456,13 @@
   3.344  
   3.345  action untrustThisKey
   3.346  ||
   3.347 -    assert(session->sync_state.common.from && session->sync_state.common.signature_fpr);
   3.348 -    if (!(session->sync_state.common.from && session->sync_state.common.signature_fpr))
   3.349 +    assert(session->sync_state.transport.from && session->sync_state.comm_partner.sender_fpr);
   3.350 +    if (!(session->sync_state.transport.from && session->sync_state.comm_partner.sender_fpr))
   3.351          return PEP_ILLEGAL_VALUE;
   3.352  
   3.353 -    pEp_identity *ident = session->sync_state.common.from;
   3.354 +    pEp_identity *ident = session->sync_state.transport.from;
   3.355      free(ident->fpr);
   3.356 -    ident->fpr = strdup(session->sync_state.common.signature_fpr);
   3.357 +    ident->fpr = strdup(session->sync_state.comm_partner.sender_fpr);
   3.358      assert(ident->fpr);
   3.359      if (!ident->fpr)
   3.360          return PEP_OUT_OF_MEMORY;
     4.1 --- a/sync/gen_message_func.ysl2	Wed May 29 11:41:22 2019 +0200
     4.2 +++ b/sync/gen_message_func.ysl2	Thu May 30 07:58:19 2019 +0200
     4.3 @@ -39,32 +39,36 @@
     4.4  // state
     4.5  
     4.6  struct «@name»_state_s {
     4.7 -    // common buffer for all types of «@name» messages
     4.8 +    // own state
     4.9  
    4.10 -    struct common_state_s {
    4.11 -        // intermediate store own challenge
    4.12 -        TID_t challenge;
    4.13 +    struct own_«@name»_state_s {
    4.14 +        stringlist_t *keys;
    4.15 +        identity_list *identities;
    4.16  
    4.17 -        // transport data
    4.18 +        // TIDs we're using ourselves
    4.19 +        `` for "func:distinctName(fsm/message/field[@type='TID'])" |>> «func:ctype()» «@name»;
    4.20 +    } own;
    4.21 +
    4.22 +    // state we learned about our communication partner
    4.23 +
    4.24 +    struct comm_partner_state_s {
    4.25 +        // transport data we expect
    4.26 +        char *sender_fpr;
    4.27 +
    4.28 +        // TIDs our comm partner wants to have
    4.29 +        `` for "func:distinctName(fsm/message/field[@type='TID'])" |>> «func:ctype()» «@name»;
    4.30 +    } comm_partner;
    4.31 +
    4.32 +    // input buffer for actual transport data coming in
    4.33 +
    4.34 +    struct transport_data_s {
    4.35 +        // transport data we got
    4.36          pEp_identity *from;
    4.37 -        char *signature_fpr;
    4.38 -    } common;
    4.39 +        char *sender_fpr;
    4.40 +    } transport;
    4.41      `` apply "fsm", mode=state
    4.42  };
    4.43  
    4.44 -// own state
    4.45 -
    4.46 -struct own_«@name»_state_s {
    4.47 -    stringlist_t *own_keys;
    4.48 -    identity_list *own_identities;
    4.49 -
    4.50 -    `` if "func:distinctName(fsm/message/field[@type='TID'])" |> // active TIDs
    4.51 -    `` for "func:distinctName(fsm/message/field[@type='TID'])" |> «func:ctype()» «@name»;
    4.52 -
    4.53 -    // transport data
    4.54 -    char *signature_fpr;
    4.55 -};
    4.56 -
    4.57  void free_«@name»_state(PEP_SESSION session);
    4.58  
    4.59  // functions for protocol «@name»
    4.60 @@ -86,7 +90,7 @@
    4.61  template "fsm", mode=state
    4.62  ||
    4.63  
    4.64 -// buffer for «@name» messages
    4.65 +// input/output buffer for «@name» messages
    4.66  
    4.67  struct _«@name»_state_s {
    4.68      int state;
    4.69 @@ -113,21 +117,46 @@
    4.70      if (!session)
    4.71          return;
    4.72  
    4.73 -    free_identity(session->«yml:lcase(@name)»_state.common.from);
    4.74 -    free(session->«yml:lcase(@name)»_state.common.signature_fpr);
    4.75 -    free_stringlist(session->own_«yml:lcase(@name)»_state.own_keys);
    4.76 -    free_identity_list(session->own_«yml:lcase(@name)»_state.own_identities);
    4.77 -    session->own_«yml:lcase(@name)»_state.own_keys = NULL;
    4.78 -    session->own_«yml:lcase(@name)»_state.own_identities = NULL;
    4.79 +    // own state
    4.80 +
    4.81 +    free_stringlist(session->«yml:lcase(@name)»_state.own.keys);
    4.82 +    session->«yml:lcase(@name)»_state.own.keys = NULL;
    4.83 +    free_identity_list(session->«yml:lcase(@name)»_state.own.identities);
    4.84 +    session->«yml:lcase(@name)»_state.own.identities = NULL;
    4.85 +
    4.86 +    // TIDs we're using ourselves
    4.87 +||
    4.88 +    for "func:distinctName(fsm/message/field[@type='TID'])"
    4.89 +        |> ASN_STRUCT_FREE_CONTENTS_ONLY(asn_DEF_«@type», &session->«yml:lcase(../../../@name)»_state.own.«@name»);
    4.90 +||
    4.91 +
    4.92 +    // state we learned about our communication partner
    4.93 +
    4.94 +    free(session->«yml:lcase(@name)»_state.comm_partner.sender_fpr);
    4.95 +    session->«yml:lcase(@name)»_state.comm_partner.sender_fpr = NULL;
    4.96 +
    4.97 +    // TIDs our comm partner wants to have
    4.98 +||
    4.99 +    for "func:distinctName(fsm/message/field[@type='TID'])"
   4.100 +        |> ASN_STRUCT_FREE_CONTENTS_ONLY(asn_DEF_«@type», &session->«yml:lcase(../../../@name)»_state.comm_partner.«@name»);
   4.101 +||
   4.102 +
   4.103 +    // buffer for transport data
   4.104 +
   4.105 +    free_identity(session->«yml:lcase(@name)»_state.transport.from);
   4.106 +    session->«yml:lcase(@name)»_state.transport.from = NULL;
   4.107 +    free(session->«yml:lcase(@name)»_state.transport.sender_fpr);
   4.108 +    session->«yml:lcase(@name)»_state.transport.sender_fpr = NULL;
   4.109 +
   4.110 +    // message buffers
   4.111  
   4.112  ||
   4.113 -for "fsm"
   4.114 -    for "func:distinctName(message/field[not(func:basicType())])"
   4.115 -        |> ASN_STRUCT_FREE_CONTENTS_ONLY(asn_DEF_«@type», &session->«yml:lcase(../../../@name)»_state.«yml:lcase(../../@name)».«@name»);
   4.116 -for "func:distinctName(fsm/message/field[@type='TID'])"
   4.117 -    |> ASN_STRUCT_FREE_CONTENTS_ONLY(asn_DEF_«@type», &session->own_«yml:lcase(../../../@name)»_state.«@name»);
   4.118 +    for "fsm" {
   4.119 +        for "func:distinctName(message/field[not(substring(@type,1,1)=yml:lcase(substring(@type,1,1)))])"
   4.120 +            |> ASN_STRUCT_FREE_CONTENTS_ONLY(asn_DEF_«@type», &session->«yml:lcase(../../../@name)»_state.«yml:lcase(../../@name)».«@name»);
   4.121 +        |
   4.122 +    }
   4.123  ||
   4.124 -
   4.125      memset(&session->«yml:lcase(@name)»_state, 0, sizeof(session->«yml:lcase(@name)»_state));
   4.126  }
   4.127  
   4.128 @@ -259,12 +288,7 @@
   4.129  
   4.130  template "field", mode=update_message {
   4.131      const "message_name", "yml:mixedCase(../@name)";
   4.132 -    const "state" choose {
   4.133 -        when "@type='TID'"
   4.134 -            > own_«yml:lcase(ancestor::protocol/@name)»_state
   4.135 -        otherwise
   4.136 -            > «yml:lcase(ancestor::protocol/@name)»_state.«yml:lcase(ancestor::fsm/@name)»
   4.137 -    }
   4.138 +    const "state" > «yml:lcase(ancestor::protocol/@name)»_state.«yml:lcase(ancestor::fsm/@name)»
   4.139  
   4.140      choose {
   4.141          when "func:basicType()" // copyable
     5.1 --- a/sync/gen_statemachine.ysl2	Wed May 29 11:41:22 2019 +0200
     5.2 +++ b/sync/gen_statemachine.ysl2	Thu May 30 07:58:19 2019 +0200
     5.3 @@ -38,7 +38,7 @@
     5.4  
     5.5              // transport data
     5.6              pEp_identity *from;
     5.7 -            char *signature_fpr;
     5.8 +            char *sender_fpr;
     5.9  
    5.10              identity_list *own_identities;
    5.11          } «@name»_event_t;
    5.12 @@ -119,7 +119,7 @@
    5.13                  free_identity_list(ev->own_identities);
    5.14                  free_«@name»_message(ev->msg);
    5.15                  free_identity(ev->from);
    5.16 -                free(ev->signature_fpr);
    5.17 +                free(ev->sender_fpr);
    5.18                  free(ev);
    5.19              }
    5.20          }
    5.21 @@ -211,7 +211,7 @@
    5.22                      const char *data,
    5.23                      size_t size,
    5.24                      const pEp_identity *from,
    5.25 -                    const char *signature_fpr
    5.26 +                    const char *sender_fpr
    5.27                  );
    5.28  
    5.29              #ifdef __cplusplus
    5.30 @@ -328,7 +328,7 @@
    5.31                      const char *data,
    5.32                      size_t size,
    5.33                      const pEp_identity *from,
    5.34 -                    const char *signature_fpr
    5.35 +                    const char *sender_fpr
    5.36                  )
    5.37              {
    5.38                  assert(session && data && size);
    5.39 @@ -373,10 +373,10 @@
    5.40                      }
    5.41                  }
    5.42  
    5.43 -                if (signature_fpr) {
    5.44 -                    ev->signature_fpr = strdup(signature_fpr);
    5.45 -                    assert(ev->signature_fpr);
    5.46 -                    if (!ev->signature_fpr) {
    5.47 +                if (sender_fpr) {
    5.48 +                    ev->sender_fpr = strdup(sender_fpr);
    5.49 +                    assert(ev->sender_fpr);
    5.50 +                    if (!ev->sender_fpr) {
    5.51                          status = PEP_OUT_OF_MEMORY;
    5.52                          goto the_end;
    5.53                      }
    5.54 @@ -447,8 +447,8 @@
    5.55  
    5.56                      // these go anycast; previously used address is sticky (unicast)
    5.57                      `` for "fsm/message[@type='anycast']" |>> case «../@name»_PR_«yml:mixedCase(@name)»:
    5.58 -                        if (!session->«yml:lcase(@name)»_state.common.from `> |`|
    5.59 -                            (session->«yml:lcase(@name)»_state.common.from->flags &
    5.60 +                        if (!session->«yml:lcase(@name)»_state.transport.from `> |`|
    5.61 +                            (session->«yml:lcase(@name)»_state.transport.from->flags &
    5.62                              PEP_idf_not_for_«yml:lcase(@name)»)) {
    5.63  
    5.64                              // no address available yet, try to find one
    5.65 @@ -468,7 +468,7 @@
    5.66                              }
    5.67                          }
    5.68                          else {
    5.69 -                            pEp_identity *channel = identity_dup(session->«yml:lcase(@name)»_state.common.from);
    5.70 +                            pEp_identity *channel = identity_dup(session->«yml:lcase(@name)»_state.transport.from);
    5.71                              if (!channel) {
    5.72                                  status = PEP_OUT_OF_MEMORY;
    5.73                                  goto the_end;
    5.74 @@ -521,13 +521,13 @@
    5.75                      `` for "fsm/message[@security='untrusted']" |>>> case «../@name»_PR_«yml:mixedCase(@name)»:
    5.76                              // add fpr of key of comm partner
    5.77  
    5.78 -                            assert(session->«yml:lcase(@name)»_state.common.signature_fpr);
    5.79 -                            if (!session->«yml:lcase(@name)»_state.common.signature_fpr) {
    5.80 +                            assert(session->«yml:lcase(@name)»_state.comm_partner.sender_fpr);
    5.81 +                            if (!session->«yml:lcase(@name)»_state.comm_partner.sender_fpr) {
    5.82                                  status = PEP_«yml:ucase(@name)»_CANNOT_ENCRYPT;
    5.83                                  goto the_end;
    5.84                              }
    5.85  
    5.86 -                            extra = new_stringlist(session->«yml:lcase(@name)»_state.common.signature_fpr);
    5.87 +                            extra = new_stringlist(session->«yml:lcase(@name)»_state.comm_partner.sender_fpr);
    5.88                              if (!extra) {
    5.89                                  status = PEP_OUT_OF_MEMORY;
    5.90                                  goto the_end;
    5.91 @@ -556,11 +556,11 @@
    5.92                              break;
    5.93  
    5.94                      `` for "fsm/message[@security='attach_own_keys']" |>>> case «../@name»_PR_«yml:mixedCase(@name)»:
    5.95 -                            // check if this is the key of a former negotiation
    5.96 +                            // check if we had a former negotiation
    5.97  
    5.98                              transaction = false;
    5.99 -                            for (int i=0; i < session->own_«yml:lcase(@name)»_state.negotiation.size; i++) {
   5.100 -                                if (session->own_«yml:lcase(@name)»_state.negotiation.buf[i]) {
   5.101 +                            for (int i=0; i < session->«yml:lcase(@name)»_state.own.negotiation.size; i++) {
   5.102 +                                if (session->«yml:lcase(@name)»_state.own.negotiation.buf[i]) {
   5.103                                      transaction = true;
   5.104                                      break;
   5.105                                  }
   5.106 @@ -573,12 +573,12 @@
   5.107                              // secret keys
   5.108  
   5.109                              if (transaction) {
   5.110 -                                assert(session->own_«yml:lcase(@name)»_state.signature_fpr &&
   5.111 -                                    session->«yml:lcase(@name)»_state.common.from &&
   5.112 -                                    session->«yml:lcase(@name)»_state.common.from->user_id);
   5.113 -                                if (!(session->own_«yml:lcase(@name)»_state.signature_fpr &&
   5.114 -                                        session->«yml:lcase(@name)»_state.common.from &&
   5.115 -                                        session->«yml:lcase(@name)»_state.common.from->user_id))
   5.116 +                                assert(session->«yml:lcase(@name)»_state.comm_partner.sender_fpr &&
   5.117 +                                    session->«yml:lcase(@name)»_state.transport.from &&
   5.118 +                                    session->«yml:lcase(@name)»_state.transport.from->user_id);
   5.119 +                                if (!(session->«yml:lcase(@name)»_state.comm_partner.sender_fpr &&
   5.120 +                                        session->«yml:lcase(@name)»_state.transport.from &&
   5.121 +                                        session->«yml:lcase(@name)»_state.transport.from->user_id))
   5.122                                  {
   5.123                                      status = PEP_«yml:ucase(@name)»_CANNOT_ENCRYPT;
   5.124                                      goto the_end;
   5.125 @@ -587,8 +587,8 @@
   5.126                                  // test if this is a green channel
   5.127  
   5.128                                  pEp_identity *ident = new_identity(NULL,
   5.129 -                                        session->own_«yml:lcase(@name)»_state.signature_fpr,
   5.130 -                                        session->«yml:lcase(@name)»_state.common.from->user_id,
   5.131 +                                        session->«yml:lcase(@name)»_state.comm_partner.sender_fpr,
   5.132 +                                        session->«yml:lcase(@name)»_state.transport.from->user_id,
   5.133                                          NULL
   5.134                                      );
   5.135                                  if (!ident) {
   5.136 @@ -612,7 +612,7 @@
   5.137  
   5.138                                  bool is_own_key = false;
   5.139                                  status = own_key_is_listed(session,
   5.140 -                                        session->own_«yml:lcase(@name)»_state.signature_fpr,
   5.141 +                                        session->«yml:lcase(@name)»_state.comm_partner.sender_fpr,
   5.142                                          &is_own_key);
   5.143                                  assert(!status);
   5.144                                  if (status)
   5.145 @@ -625,7 +625,7 @@
   5.146  
   5.147                                  // if so add key of comm partner to extra keys
   5.148  
   5.149 -                                extra = new_stringlist(session->own_«yml:lcase(@name)»_state.signature_fpr);
   5.150 +                                extra = new_stringlist(session->«yml:lcase(@name)»_state.comm_partner.sender_fpr);
   5.151                                  if (!extra) {
   5.152                                      status = PEP_OUT_OF_MEMORY;
   5.153                                      goto the_end;
   5.154 @@ -660,7 +660,7 @@
   5.155                                                 // if we include this in the size, libetpan will null terminate and 
   5.156                                                 // go bananas. We can't have a NUL in the mime text.
   5.157  
   5.158 -                            for (stringlist_t *sl = session->own_«yml:lcase(@name)»_state.own_keys;
   5.159 +                            for (stringlist_t *sl = session->«yml:lcase(@name)»_state.own.keys;
   5.160                                      sl && sl->value ; sl = sl->next)
   5.161                              {
   5.162                                  char *_key_data = NULL;
   5.163 @@ -808,22 +808,22 @@
   5.164                  // update transport data
   5.165  
   5.166                  if (ev->from) {
   5.167 -                    free_identity(session->«yml:lcase(@name)»_state.common.from);
   5.168 -                    session->«yml:lcase(@name)»_state.common.from = ev->from;
   5.169 +                    free_identity(session->«yml:lcase(@name)»_state.transport.from);
   5.170 +                    session->«yml:lcase(@name)»_state.transport.from = ev->from;
   5.171                      ev->from = NULL;
   5.172                  }
   5.173  
   5.174 -                if (ev->signature_fpr) {
   5.175 -                    free(session->«yml:lcase(@name)»_state.common.signature_fpr);
   5.176 -                    session->«yml:lcase(@name)»_state.common.signature_fpr = ev->signature_fpr;
   5.177 -                    ev->signature_fpr = NULL;
   5.178 +                if (ev->sender_fpr) {
   5.179 +                    free(session->«yml:lcase(@name)»_state.transport.sender_fpr);
   5.180 +                    session->«yml:lcase(@name)»_state.transport.sender_fpr = ev->sender_fpr;
   5.181 +                    ev->sender_fpr = NULL;
   5.182                  }
   5.183  
   5.184                  // update own identities
   5.185  
   5.186                  if (ev->own_identities && ev->own_identities->ident) {
   5.187 -                    free_identity_list(session->own_«yml:lcase(@name)»_state.own_identities);
   5.188 -                    session->own_«yml:lcase(@name)»_state.own_identities = ev->own_identities;
   5.189 +                    free_identity_list(session->«yml:lcase(@name)»_state.own.identities);
   5.190 +                    session->«yml:lcase(@name)»_state.own.identities = ev->own_identities;
   5.191                      ev->own_identities = NULL;
   5.192                  }
   5.193  
   5.194 @@ -901,7 +901,7 @@
   5.195          if "position()=1" |>> // these messages require a detached signature
   5.196          ||
   5.197                  case «../@name»_PR_«yml:mixedCase(@name)»:
   5.198 -                    if (!signature_fpr) {
   5.199 +                    if (!sender_fpr) {
   5.200                          status = PEP_«yml:ucase(ancestor::protocol/@name)»_ILLEGAL_MESSAGE;
   5.201                          goto the_end;
   5.202                      }
   5.203 @@ -931,7 +931,7 @@
   5.204                          status = PEP_«yml:ucase(ancestor::protocol/@name)»_ILLEGAL_MESSAGE;
   5.205                          goto the_end;
   5.206                      }
   5.207 -                    status = own_key_is_listed(session, signature_fpr, &is_own_key);
   5.208 +                    status = own_key_is_listed(session, sender_fpr, &is_own_key);
   5.209                      if (status)
   5.210                          goto the_end;
   5.211                      if (!is_own_key) {
     6.1 --- a/sync/sync.fsm	Wed May 29 11:41:22 2019 +0200
     6.2 +++ b/sync/sync.fsm	Thu May 30 07:58:19 2019 +0200
     6.3 @@ -23,8 +23,7 @@
     6.4  
     6.5          state Sole timeout=off {
     6.6              on Init {
     6.7 -                do closeTransaction;
     6.8 -                do newChallenge;
     6.9 +                do newChallengeAndNegotiationBase;
    6.10                  do showBeingSole;
    6.11                  send Beacon;
    6.12              }
    6.13 @@ -43,13 +42,13 @@
    6.14                  }
    6.15                  else {
    6.16                      if weAreFirst {
    6.17 +                        do useOwnChallenge;
    6.18                          send Beacon;
    6.19                      }
    6.20                      else /* we are second */ {
    6.21 -                        do newTransaction;
    6.22 +                        do openNegotiation;
    6.23                          do tellWeAreNotGrouped;
    6.24                          // second is sending NegotiationRequest
    6.25 -                        do replyChallenge; // partner's challenge
    6.26                          send NegotiationRequest;
    6.27                          do useOwnChallenge;
    6.28                      }
    6.29 @@ -57,23 +56,24 @@
    6.30              }
    6.31  
    6.32              on NegotiationRequest {
    6.33 -                if challengeAccepted {
    6.34 -                    if sameTransaction {
    6.35 +                if sameChallenge { // challenge accepted
    6.36 +                    if sameNegotiation {
    6.37                          // this is our own NegotiationRequest; ignore
    6.38                      }
    6.39                      else {
    6.40                          // first is receiving NegotiationRequest
    6.41 -                        do storeTransaction;
    6.42 +                        do storeNegotiation;
    6.43                          // first is sending NegotiationOpen
    6.44                          send NegotiationOpen;
    6.45                          if partnerIsGrouped
    6.46                              go HandshakingWithGroup;
    6.47 -                        go HandshakingNewFirst;
    6.48 +                        else
    6.49 +                            go HandshakingNewFirst;
    6.50                      }
    6.51                  }
    6.52              }
    6.53  
    6.54 -            on NegotiationOpen if sameTransactionAndPartner {
    6.55 +            on NegotiationOpen if sameNegotiationAndPartner {
    6.56                  // second is receiving NegotiationOpen
    6.57                  go HandshakingNewSecond;
    6.58              }
    6.59 @@ -90,7 +90,7 @@
    6.60                  go Sole;
    6.61              }
    6.62  
    6.63 -            on Rollback if sameTransactionAndPartner
    6.64 +            on Rollback if sameNegotiationAndPartner
    6.65                  go Sole;
    6.66  
    6.67              // Reject is CommitReject
    6.68 @@ -100,7 +100,7 @@
    6.69                  go End;
    6.70              }
    6.71  
    6.72 -            on CommitReject if sameTransactionAndPartner {
    6.73 +            on CommitReject if sameNegotiationAndPartner {
    6.74                  do disable;
    6.75                  go End;
    6.76              }
    6.77 @@ -113,7 +113,7 @@
    6.78              }
    6.79  
    6.80              // got a CommitAccept from second
    6.81 -            on CommitAcceptSecond if sameTransactionAndPartner
    6.82 +            on CommitAcceptSecond if sameNegotiationAndPartner
    6.83                  go HandshakingNewPhase2First;
    6.84          }
    6.85  
    6.86 @@ -128,7 +128,7 @@
    6.87                  go Sole;
    6.88              }
    6.89  
    6.90 -            on Rollback if sameTransactionAndPartner
    6.91 +            on Rollback if sameNegotiationAndPartner
    6.92                  go Sole;
    6.93  
    6.94              // Reject is CommitReject
    6.95 @@ -138,7 +138,7 @@
    6.96                  go End;
    6.97              }
    6.98  
    6.99 -            on CommitReject if sameTransactionAndPartner {
   6.100 +            on CommitReject if sameNegotiationAndPartner {
   6.101                  do disable;
   6.102                  go End;
   6.103              }
   6.104 @@ -151,40 +151,40 @@
   6.105              }
   6.106  
   6.107              // got a CommitAccept from first
   6.108 -            on CommitAcceptFirst if sameTransactionAndPartner
   6.109 +            on CommitAcceptFirst if sameNegotiationAndPartner
   6.110                  go HandshakingNewPhase2Second;
   6.111          }
   6.112  
   6.113          state HandshakingNewPhase1First {
   6.114 -            on Rollback if sameTransactionAndPartner {
   6.115 +            on Rollback if sameNegotiationAndPartner {
   6.116                  do untrustThisKey;
   6.117                  go Sole;
   6.118              }
   6.119              
   6.120 -            on CommitReject if sameTransactionAndPartner {
   6.121 +            on CommitReject if sameNegotiationAndPartner {
   6.122                  do untrustThisKey;
   6.123                  do disable;
   6.124                  go End;
   6.125              }
   6.126  
   6.127 -            on CommitAcceptSecond if sameTransactionAndPartner {
   6.128 +            on CommitAcceptSecond if sameNegotiationAndPartner {
   6.129                  go NewGroupFirst;
   6.130              }
   6.131          }
   6.132  
   6.133          state HandshakingNewPhase1Second {
   6.134 -            on Rollback if sameTransactionAndPartner {
   6.135 +            on Rollback if sameNegotiationAndPartner {
   6.136                  do untrustThisKey;
   6.137                  go Sole;
   6.138              }
   6.139              
   6.140 -            on CommitReject if sameTransactionAndPartner {
   6.141 +            on CommitReject if sameNegotiationAndPartner {
   6.142                  do untrustThisKey;
   6.143                  do disable;
   6.144                  go End;
   6.145              }
   6.146  
   6.147 -            on CommitAcceptFirst if sameTransactionAndPartner {
   6.148 +            on CommitAcceptFirst if sameNegotiationAndPartner {
   6.149                  go NewGroupSecond;
   6.150              }
   6.151          }
   6.152 @@ -265,8 +265,7 @@
   6.153  
   6.154          state Grouped timeout=off {
   6.155              on Init {
   6.156 -                do closeTransaction;
   6.157 -                do newChallenge;
   6.158 +                do newChallengeAndNegotiationBase;
   6.159                  do showBeingInGroup;
   6.160              }
   6.161  
   6.162 @@ -279,14 +278,13 @@
   6.163              }
   6.164  
   6.165              on Beacon {
   6.166 -                do newTransaction;
   6.167 +                do openNegotiation;
   6.168                  do tellWeAreGrouped;
   6.169 -                do replyChallenge; // partner's challenge
   6.170                  send NegotiationRequest;
   6.171                  do useOwnChallenge;
   6.172              }
   6.173  
   6.174 -            on NegotiationOpen if sameTransactionAndPartner
   6.175 +            on NegotiationOpen if sameNegotiationAndPartner
   6.176                  go HandshakingGrouped;
   6.177  
   6.178              on GroupTrustThisKey {
   6.179 @@ -305,7 +303,7 @@
   6.180                  go Sole;
   6.181              }
   6.182  
   6.183 -            on Rollback if sameTransactionAndPartner
   6.184 +            on Rollback if sameNegotiationAndPartner
   6.185                  go Sole;
   6.186  
   6.187              // Reject is CommitReject
   6.188 @@ -315,7 +313,7 @@
   6.189                  go End;
   6.190              }
   6.191  
   6.192 -            on CommitReject if sameTransactionAndPartner {
   6.193 +            on CommitReject if sameNegotiationAndPartner {
   6.194                  do disable;
   6.195                  go End;
   6.196              }
   6.197 @@ -327,20 +325,20 @@
   6.198                  go HandshakingJoinPhase1;
   6.199              }
   6.200  
   6.201 -            on CommitAcceptForGroup if sameTransactionAndPartner
   6.202 +            on CommitAcceptForGroup if sameNegotiationAndPartner
   6.203                  go HandshakingJoinPhase2;
   6.204          }
   6.205  
   6.206          state HandshakingJoinPhase1 {
   6.207 -            on Rollback if sameTransactionAndPartner
   6.208 +            on Rollback if sameNegotiationAndPartner
   6.209                  go Sole;
   6.210              
   6.211 -            on CommitReject if sameTransactionAndPartner {
   6.212 +            on CommitReject if sameNegotiationAndPartner {
   6.213                  do disable;
   6.214                  go End;
   6.215              }
   6.216  
   6.217 -            on CommitAcceptForGroup if sameTransactionAndPartner {
   6.218 +            on CommitAcceptForGroup if sameNegotiationAndPartner {
   6.219                  go JoinGroup;
   6.220              }
   6.221          }
   6.222 @@ -387,7 +385,7 @@
   6.223                  go Grouped;
   6.224              }
   6.225  
   6.226 -            on Rollback if sameTransactionAndPartner
   6.227 +            on Rollback if sameNegotiationAndPartner
   6.228                  go Grouped;
   6.229  
   6.230              // Reject is CommitReject
   6.231 @@ -396,7 +394,7 @@
   6.232                  go Grouped;
   6.233              }
   6.234  
   6.235 -            on CommitReject if sameTransactionAndPartner
   6.236 +            on CommitReject if sameNegotiationAndPartner
   6.237                  go Grouped;
   6.238  
   6.239              // Accept is Phase1Commit
   6.240 @@ -407,7 +405,7 @@
   6.241                  go HandshakingGroupedPhase1;
   6.242              }
   6.243  
   6.244 -            on CommitAccept if sameTransactionAndPartner
   6.245 +            on CommitAccept if sameNegotiationAndPartner
   6.246                  go HandshakingGroupedPhase2;
   6.247  
   6.248              on GroupTrustThisKey {
   6.249 @@ -417,7 +415,7 @@
   6.250  
   6.251              on CommitAcceptForGroup {
   6.252                  do showDeviceAdded;
   6.253 -                if sameTransactionAndPartner {
   6.254 +                if sameNegotiationAndPartner {
   6.255                      do hideHandshakeDialog;
   6.256                      go Grouped;
   6.257                  }
   6.258 @@ -428,13 +426,13 @@
   6.259          }
   6.260  
   6.261          state HandshakingGroupedPhase1 {
   6.262 -            on Rollback if sameTransactionAndPartner
   6.263 +            on Rollback if sameNegotiationAndPartner
   6.264                  go Grouped;
   6.265  
   6.266 -            on CommitReject if sameTransactionAndPartner
   6.267 +            on CommitReject if sameNegotiationAndPartner
   6.268                  go Grouped;
   6.269  
   6.270 -            on CommitAccept if sameTransactionAndPartner {
   6.271 +            on CommitAccept if sameNegotiationAndPartner {
   6.272                  send GroupKeys;
   6.273                  go Grouped;
   6.274              }
   6.275 @@ -445,7 +443,7 @@
   6.276  
   6.277              on CommitAcceptForGroup {
   6.278                  do showDeviceAdded;
   6.279 -                if sameTransactionAndPartner
   6.280 +                if sameNegotiationAndPartner
   6.281                      go Grouped;
   6.282              }
   6.283  
   6.284 @@ -477,7 +475,7 @@
   6.285  
   6.286              on CommitAcceptForGroup {
   6.287                  do showDeviceAdded;
   6.288 -                if sameTransactionAndPartner {
   6.289 +                if sameNegotiationAndPartner {
   6.290                      do hideHandshakeDialog;
   6.291                      go Grouped;
   6.292                  }