ENGINE-524: merge in sync ENGINE-524
authorClaudio Luck <claudio.luck@pep.foundation>
Sat, 01 Jun 2019 13:18:11 +0200
branchENGINE-524
changeset 3840bfef390b48e2
parent 3839 f264464b1cfa
parent 3797 657dc02b1cc3
child 3841 f9d1e79ae49b
ENGINE-524: merge in sync
src/pEp_internal.h
src/pgp_sequoia.c
     1.1 --- a/src/map_asn1.c	Thu May 30 02:16:49 2019 +0200
     1.2 +++ b/src/map_asn1.c	Sat Jun 01 13:18:11 2019 +0200
     1.3 @@ -134,11 +134,15 @@
     1.4      if (!list)
     1.5          return NULL;
     1.6  
     1.7 -    if (allocated)
     1.8 +    if (allocated) {
     1.9          result = (IdentityList_t *) calloc(1, sizeof(IdentityList_t));
    1.10 -    assert(result);
    1.11 -    if (!result)
    1.12 -        return NULL;
    1.13 +        assert(result);
    1.14 +        if (!result)
    1.15 +            return NULL;
    1.16 +    }
    1.17 +    else {
    1.18 +        asn_sequence_empty(result);
    1.19 +    }
    1.20  
    1.21      for (const identity_list *l = list; l && l->ident; l=l->next) {
    1.22          Identity_t *ident = Identity_from_Struct(l->ident, NULL);
     2.1 --- a/src/pEp_internal.h	Thu May 30 02:16:49 2019 +0200
     2.2 +++ b/src/pEp_internal.h	Sat Jun 01 13:18:11 2019 +0200
     2.3 @@ -145,6 +145,7 @@
     2.4          sqlite3_stmt *tpk_save_insert_primary;
     2.5          sqlite3_stmt *tpk_save_insert_subkeys;
     2.6          sqlite3_stmt *tpk_save_insert_userids;
     2.7 +        sqlite3_stmt *delete_keypair;
     2.8      } sq_sql;
     2.9  #endif
    2.10  
     3.1 --- a/src/pgp_sequoia.c	Thu May 30 02:16:49 2019 +0200
     3.2 +++ b/src/pgp_sequoia.c	Sat Jun 01 13:18:11 2019 +0200
     3.3 @@ -144,9 +144,13 @@
     3.4  
     3.5      char *a_address = NULL;
     3.6      pgp_user_id_address_normalized(NULL, a_userid, &a_address);
     3.7 +    if (!a_address)
     3.8 +        pgp_user_id_other(NULL, a_userid, &a_address);
     3.9  
    3.10      char *b_address = NULL;
    3.11      pgp_user_id_address_normalized(NULL, b_userid, &b_address);
    3.12 +    if (!b_address)
    3.13 +        pgp_user_id_other(NULL, b_userid, &b_address);
    3.14  
    3.15      pgp_packet_free(a_userid);
    3.16      pgp_packet_free(b_userid);
    3.17 @@ -384,6 +388,12 @@
    3.18                               -1, &session->sq_sql.tpk_save_insert_userids, NULL);
    3.19      assert(sqlite_result == SQLITE_OK);
    3.20  
    3.21 +    sqlite_result
    3.22 +        = sqlite3_prepare_v2(session->key_db,
    3.23 +                             "DELETE FROM keys WHERE primary_key = ?",
    3.24 +                             -1, &session->sq_sql.delete_keypair, NULL);
    3.25 +    assert(sqlite_result == SQLITE_OK);
    3.26 +
    3.27   out:
    3.28      if (status != PEP_STATUS_OK)
    3.29          pgp_release(session, in_first);
    3.30 @@ -409,8 +419,6 @@
    3.31      }
    3.32  }
    3.33  
    3.34 -/* commented out to omit compiler warning about unused function
    3.35 -
    3.36  // Ensures that a fingerprint is in canonical form.  A canonical
    3.37  // fingerprint doesn't contain any white space.
    3.38  //
    3.39 @@ -425,8 +433,6 @@
    3.40      return fpr_canonicalized;
    3.41  }
    3.42  
    3.43 -*/
    3.44 -
    3.45  // step statement and load the tpk and secret.
    3.46  static PEP_STATUS key_load(PEP_SESSION, sqlite3_stmt *, pgp_tpk_t *, int *)
    3.47      __attribute__((nonnull(1, 2)));
    3.48 @@ -781,54 +787,7 @@
    3.49  
    3.50          pgp_packet_t userid = pgp_user_id_new (user_id_value);
    3.51          pgp_user_id_name(NULL, userid, &name);
    3.52 -        pgp_user_id_address(NULL, userid, &email);
    3.53 -                
    3.54 -        if (!email || email[0] == '\0') {
    3.55 -            size_t uid_value_len;
    3.56 -            const char* uid_value = (const char*)pgp_user_id_value(userid, &uid_value_len);
    3.57 -            if (!uid_value) {
    3.58 -                // We need some kind of an error here, maybe?
    3.59 -                 
    3.60 -            }
    3.61 -            else {
    3.62 -                // Ok, asan gets really pissed at us using this string directly, SO...
    3.63 -                char* uid_copy = calloc(uid_value_len + 1, 1);
    3.64 -                strlcpy(uid_copy, uid_value, uid_value_len);
    3.65 -                const char* split = strstr(uid_copy, "<");
    3.66 -                if (split != uid_copy) {       
    3.67 -                    while (split) {
    3.68 -                        if (isspace(*(split - 1)))
    3.69 -                            break;
    3.70 -                        split = strstr(split + 1, "<");
    3.71 -                    }
    3.72 -                }
    3.73 -                if (split) {
    3.74 -                    char* stopchr = strrchr(split, '>');
    3.75 -                    if (stopchr) {
    3.76 -                        int email_len = stopchr - split - 1;
    3.77 -                        email = calloc(email_len + 1, 1); 
    3.78 -                        strlcpy(email, split + 1, email_len + 1);
    3.79 -                        const char* last = NULL;
    3.80 -                        if (split != uid_value) {
    3.81 -                            for (last = split - 1; last > uid_value; last--) {
    3.82 -                                if (!isspace(*last))
    3.83 -                                    break;
    3.84 -                            }
    3.85 -                            int name_len = (last - uid_value) + 1;
    3.86 -                            name = calloc(name_len + 1, 1);
    3.87 -                            strlcpy(name, uid_value, name_len + 1);
    3.88 -                        }
    3.89 -                    }
    3.90 -                    else  
    3.91 -                        split = NULL;
    3.92 -                }
    3.93 -                if (split == NULL)
    3.94 -                    email = uid_copy;
    3.95 -                else 
    3.96 -                    free(uid_copy);
    3.97 -            }
    3.98 -        }
    3.99 -        
   3.100 +        pgp_user_id_address_or_other(NULL, userid, &email);
   3.101          pgp_packet_free(userid);
   3.102          free(user_id_value);
   3.103  
   3.104 @@ -1807,6 +1766,7 @@
   3.105  {
   3.106      PEP_STATUS status = PEP_STATUS_OK;
   3.107      pgp_error_t err = NULL;
   3.108 +    pgp_packet_t userid_packet = NULL;
   3.109      char *userid = NULL;
   3.110      pgp_tpk_t tpk = NULL;
   3.111      pgp_fingerprint_t pgp_fpr = NULL;
   3.112 @@ -1818,16 +1778,22 @@
   3.113      assert(identity->fpr == NULL || identity->fpr[0] == 0);
   3.114      assert(identity->username);
   3.115  
   3.116 -    size_t userid_size = strlen(identity->username)+strlen(identity->address)+3+1;
   3.117 -    userid = (char *) calloc(1, userid_size);
   3.118 -    assert(userid);
   3.119 +    userid_packet = pgp_user_id_from_unchecked_address(&err,
   3.120 +                                                       identity->username, NULL,
   3.121 +                                                       identity->address);
   3.122 +    if (!userid_packet)
   3.123 +        ERROR_OUT(err, PEP_UNKNOWN_ERROR, "pgp_user_id_from_other_address");
   3.124 +
   3.125 +    size_t userid_len = 0;
   3.126 +    const uint8_t *raw = pgp_user_id_value(userid_packet, &userid_len);
   3.127 +
   3.128 +    // Null terminate it.
   3.129 +    userid = malloc(userid_len + 1);
   3.130      if (!userid)
   3.131          ERROR_OUT(NULL, PEP_OUT_OF_MEMORY, "out of memory");
   3.132  
   3.133 -    int r = snprintf(userid, userid_size, "%s <%s>", identity->username, identity->address);
   3.134 -    assert(r >= 0 && r < userid_size);
   3.135 -    if (r < 0)
   3.136 -        ERROR_OUT(NULL, PEP_UNKNOWN_ERROR, "snprintf");
   3.137 +    memcpy(userid, raw, userid_len);
   3.138 +    userid[userid_len] = 0;
   3.139  
   3.140      T("(%s)", userid);
   3.141  
   3.142 @@ -1861,45 +1827,44 @@
   3.143      if (tpk)
   3.144          pgp_tpk_free(tpk);
   3.145      free(userid);
   3.146 +    if (userid_packet)
   3.147 +        pgp_packet_free(userid_packet);
   3.148  
   3.149      T("-> %s", pEp_status_to_string(status));
   3.150      return status;
   3.151  }
   3.152  
   3.153 -#define SQL_DELETE "DELETE FROM keys WHERE primary_key = '%s' ;"
   3.154 -static const char *sql_delete = SQL_DELETE;
   3.155 -static const size_t sql_delete_size = sizeof(SQL_DELETE);
   3.156 -
   3.157 -// FIXME: this is deleting the key from the index but not the key data
   3.158 -
   3.159 -PEP_STATUS pgp_delete_keypair(PEP_SESSION session, const char *fpr)
   3.160 +PEP_STATUS pgp_delete_keypair(PEP_SESSION session, const char *fpr_raw)
   3.161  {
   3.162 -    assert(session && fpr && fpr[0]);
   3.163 -    if (!(session && fpr && fpr[0]))
   3.164 -        return PEP_ILLEGAL_VALUE;
   3.165 -
   3.166 -    size_t sql_size = sql_delete_size + strlen(fpr);
   3.167 -    char *sql = calloc(1, sql_size);
   3.168 -    assert(sql);
   3.169 -    if (!sql)
   3.170 -        return PEP_OUT_OF_MEMORY;
   3.171 -
   3.172 -    int r = snprintf(sql, sql_size, sql_delete, fpr);
   3.173 -    assert(r > 0 && r < sql_size);
   3.174 -    if (r < 0)
   3.175 -        return PEP_UNKNOWN_ERROR;
   3.176 -
   3.177 -    int sqlite_result = sqlite3_exec(session->key_db, sql, NULL, NULL, NULL);
   3.178 -    assert(sqlite_result == SQLITE_OK);
   3.179 -    if (sqlite_result != SQLITE_OK)
   3.180 -        return PEP_CANNOT_DELETE_KEY;
   3.181 +    PEP_STATUS status = PEP_STATUS_OK;
   3.182 +
   3.183 +    assert(session && fpr_raw && fpr_raw[0]);
   3.184 +    if (!(session && fpr_raw && fpr_raw[0]))
   3.185 +        ERROR_OUT(NULL, PEP_ILLEGAL_VALUE, "invalid arguments");
   3.186 +
   3.187 +    char *fpr = pgp_fingerprint_canonicalize(fpr_raw);
   3.188 +    if (! fpr)
   3.189 +        ERROR_OUT(NULL, PEP_OUT_OF_MEMORY, "out of memory");
   3.190 +
   3.191 +    T("Deleting %s", fpr);
   3.192 +
   3.193 +    sqlite3_stmt *stmt = session->sq_sql.delete_keypair;
   3.194 +    sqlite3_bind_text(stmt, 1, fpr, -1, free);
   3.195 +
   3.196 +    int sqlite_result = Sqlite3_step(stmt);
   3.197 +    sqlite3_reset(stmt);
   3.198 +    if (sqlite_result != SQLITE_DONE)
   3.199 +        ERROR_OUT(NULL, PEP_CANNOT_DELETE_KEY,
   3.200 +                  "deletion failed: %s", sqlite3_errmsg(session->key_db));
   3.201  
   3.202      sqlite_result = sqlite3_changes(session->key_db);
   3.203      assert(sqlite_result >= 0 && sqlite_result < 2);
   3.204      if (sqlite_result < 1)
   3.205 -        return PEP_KEY_NOT_FOUND;
   3.206 -
   3.207 -    return PEP_STATUS_OK;
   3.208 +        ERROR_OUT(NULL, PEP_KEY_NOT_FOUND,
   3.209 +                  "attempt to delete non-existent key: %s", fpr_raw);
   3.210 +
   3.211 + out:
   3.212 +    return status;
   3.213  }
   3.214  
   3.215  PEP_STATUS pgp_import_keydata(PEP_SESSION session, const char *key_data,
     4.1 --- a/sync/cond_act_sync.yml2	Thu May 30 02:16:49 2019 +0200
     4.2 +++ b/sync/cond_act_sync.yml2	Sat Jun 01 13:18:11 2019 +0200
     4.3 @@ -239,22 +239,7 @@
     4.4       
     4.5      ||
     4.6      choose {
     4.7 -    when "$type = 'SYNC_NOTIFY_TIMEOUT' or $type = 'SYNC_NOTIFY_SOLE' or $type = 'SYNC_NOTIFY_IN_GROUP'"
     4.8 -    ||
     4.9 -        pEp_identity *me = new_identity(NULL, NULL, NULL, NULL);
    4.10 -        pEp_identity *partner = new_identity(NULL, NULL, NULL, NULL);
    4.11 -        assert(me && partner);
    4.12 -        if (!(me && partner)) {
    4.13 -            free_identity(me);
    4.14 -            free_identity(partner);
    4.15 -            return PEP_OUT_OF_MEMORY;
    4.16 -        }
    4.17 -
    4.18 -        PEP_STATUS status = session->notifyHandshake(me, partner, «$type»);
    4.19 -        if (status)
    4.20 -            return status;
    4.21 -    ||
    4.22 -    otherwise
    4.23 +    when "$type = 'SYNC_NOTIFY_INIT_ADD_OUR_DEVICE' or $type = 'SYNC_NOTIFY_INIT_ADD_OTHER_DEVICE' or $type = 'SYNC_NOTIFY_INIT_FORM_GROUP'"
    4.24      ||
    4.25          assert(session->sync_state.transport.from);
    4.26          if (!session->sync_state.transport.from)
    4.27 @@ -266,7 +251,8 @@
    4.28          assert(status == PEP_STATUS_OK);
    4.29          if (status)
    4.30              return status;
    4.31 -
    4.32 +        assert(strcmp(me->fpr, session->sync_state.comm_partner.sender_fpr) != 0);
    4.33 +        
    4.34          assert(me->fpr && me->fpr[0]);
    4.35          if (!(me->fpr && me->fpr[0])) {
    4.36              free_identity(me);
    4.37 @@ -283,6 +269,7 @@
    4.38          if (session->sync_state.comm_partner.sender_fpr) {
    4.39              free(partner->fpr);
    4.40              partner->fpr = strdup(session->sync_state.comm_partner.sender_fpr);
    4.41 +            assert(partner->fpr);
    4.42              if (!partner->fpr) {
    4.43                  free_identity(me);
    4.44                  free_identity(partner);
    4.45 @@ -299,10 +286,26 @@
    4.46              return PEP_OUT_OF_MEMORY;
    4.47          }
    4.48  
    4.49 +        assert(strcmp(me->fpr, partner->fpr) != 0);
    4.50          status = session->notifyHandshake(me, partner, «$type»);
    4.51          if (status)
    4.52              return status;
    4.53      ||
    4.54 +    otherwise
    4.55 +    ||
    4.56 +        pEp_identity *me = new_identity(NULL, NULL, NULL, NULL);
    4.57 +        pEp_identity *partner = new_identity(NULL, NULL, NULL, NULL);
    4.58 +        assert(me && partner);
    4.59 +        if (!(me && partner)) {
    4.60 +            free_identity(me);
    4.61 +            free_identity(partner);
    4.62 +            return PEP_OUT_OF_MEMORY;
    4.63 +        }
    4.64 +
    4.65 +        PEP_STATUS status = session->notifyHandshake(me, partner, «$type»);
    4.66 +        if (status)
    4.67 +            return status;
    4.68 +    ||
    4.69      }
    4.70  }
    4.71  
    4.72 @@ -355,19 +358,61 @@
    4.73  
    4.74  action saveGroupKeys
    4.75  ||
    4.76 +    char *user_id = NULL;
    4.77 +    PEP_STATUS status = get_default_own_userid(session, &user_id);
    4.78 +    if (status)
    4.79 +        return status;
    4.80 +
    4.81      identity_list *il = IdentityList_to_identity_list(&session->sync_state.keysync.ownIdentities, NULL);
    4.82 -    if (!il)
    4.83 +    if (!il) {
    4.84 +        free(user_id);
    4.85          return PEP_OUT_OF_MEMORY;
    4.86 +    }
    4.87      
    4.88 +    identity_list *oil = session->sync_state.own.identities;
    4.89 +
    4.90      // BUG: this should be a transaction and been rolled back completely on error
    4.91      for (identity_list *_il = il; _il && _il->ident; _il = _il->next) {
    4.92 -        PEP_STATUS status = set_identity(session, _il->ident);
    4.93 +        pEp_identity *ident = _il->ident;
    4.94 +        bool is_own_already = false;
    4.95 +
    4.96 +        status = is_own_address(session, ident->address, &is_own_already);
    4.97          if (status) {
    4.98              free_identity_list(il);
    4.99 +            free(user_id);
   4.100 +            return status;
   4.101 +        }
   4.102 +
   4.103 +        free(ident->user_id);
   4.104 +        ident->user_id = strdup(user_id);
   4.105 +        assert(ident->user_id);
   4.106 +        if (!ident->user_id) {
   4.107 +            free_identity_list(il);
   4.108 +            free(user_id);
   4.109 +            return PEP_OUT_OF_MEMORY;
   4.110 +        }
   4.111 +
   4.112 +        if (is_own_already) {
   4.113 +            ident->comm_type = PEP_ct_pEp;
   4.114 +            status = set_trust(session, ident);
   4.115 +        }
   4.116 +        else {
   4.117 +            oil = identity_list_add(oil, ident);
   4.118 +            if (!oil) {
   4.119 +                free_identity_list(il);
   4.120 +                free(user_id);
   4.121 +                return PEP_OUT_OF_MEMORY;
   4.122 +            }
   4.123 +            status = myself(session, ident);
   4.124 +        }
   4.125 +        if (status) {
   4.126 +            free_identity_list(il);
   4.127 +            free(user_id);
   4.128              return status;
   4.129          }
   4.130      }
   4.131  
   4.132 +    free(user_id);
   4.133      free_identity_list(il);
   4.134  ||
   4.135  
   4.136 @@ -375,7 +420,7 @@
   4.137  ||
   4.138      PEP_STATUS status = PEP_STATUS_OK;
   4.139  
   4.140 -    // set flag for current keys
   4.141 +    // set flag for all keys; don't change anything else
   4.142      for (identity_list *il = session->sync_state.own.identities; il && il->ident ; il = il->next) {
   4.143          if (!(il->ident->flags && PEP_idf_not_for_sync)) {
   4.144              status = set_identity_flags(session, il->ident, PEP_idf_devicegroup);
   4.145 @@ -388,43 +433,48 @@
   4.146  action receivedKeysAreGroupKeys
   4.147  ||
   4.148      PEP_STATUS status = PEP_STATUS_OK;
   4.149 -
   4.150 -    // set flag for current keys
   4.151 +    // set flag for all keys
   4.152      for (identity_list *il = session->sync_state.own.identities; il && il->ident ; il = il->next) {
   4.153          if (!(il->ident->flags && PEP_idf_not_for_sync)) {
   4.154 +            
   4.155              status = set_identity_flags(session, il->ident, PEP_idf_devicegroup);
   4.156              if (status)
   4.157                  return status;
   4.158          }
   4.159      }
   4.160  
   4.161 +    char *user_id = NULL;
   4.162 +    status = get_default_own_userid(session, &user_id);
   4.163 +    if (status)
   4.164 +        return status;
   4.165 +
   4.166      identity_list *il = IdentityList_to_identity_list(&session->sync_state.keysync.ownIdentities, NULL);
   4.167      if (!il)
   4.168          return PEP_OUT_OF_MEMORY;
   4.169  
   4.170 -    for (il = session->sync_state.own.identities; il && il->ident ; il = il->next) {
   4.171 +    for (identity_list *_il = il; _il && _il->ident ; _il = _il->next) {
   4.172          // replace partner's user_id with own user_id
   4.173 -        free(il->ident->user_id);
   4.174 -        il->ident->user_id = strdup(session->sync_state.transport.from->user_id);
   4.175 -        if (!il->ident->user_id) {
   4.176 +        free(_il->ident->user_id);
   4.177 +        _il->ident->user_id = strdup(user_id);
   4.178 +        assert(_il->ident->user_id);
   4.179 +        if (!_il->ident->user_id) {
   4.180              free_identity_list(il);
   4.181 +            free(user_id);
   4.182              return PEP_OUT_OF_MEMORY;
   4.183          }
   4.184 -
   4.185 -        status = myself(session, il->ident);
   4.186 +    
   4.187 +        const char *own_key = _il->ident->fpr;
   4.188 +        _il->ident->fpr = NULL;
   4.189 +        status = set_own_key(session, _il->ident, own_key);
   4.190          if (status) {
   4.191              free_identity_list(il);
   4.192 -            return status;
   4.193 -        }
   4.194 -
   4.195 -        status = set_identity_flags(session, il->ident, PEP_idf_devicegroup);
   4.196 -        if (status) {
   4.197 -            free_identity_list(il);
   4.198 +            free(user_id);
   4.199              return status;
   4.200          }
   4.201      }
   4.202  
   4.203      free_identity_list(il);
   4.204 +    free(user_id);
   4.205  ||
   4.206  
   4.207  action trustThisKey
     5.1 --- a/sync/sync.fsm	Thu May 30 02:16:49 2019 +0200
     5.2 +++ b/sync/sync.fsm	Sat Jun 01 13:18:11 2019 +0200
     5.3 @@ -61,7 +61,6 @@
     5.4                          // this is our own NegotiationRequest; ignore
     5.5                      }
     5.6                      else {
     5.7 -                        // first is receiving NegotiationRequest
     5.8                          do storeNegotiation;
     5.9                          // first is sending NegotiationOpen
    5.10                          send NegotiationOpen;
    5.11 @@ -75,6 +74,7 @@
    5.12  
    5.13              on NegotiationOpen if sameNegotiationAndPartner {
    5.14                  // second is receiving NegotiationOpen
    5.15 +                do storeNegotiation;
    5.16                  go HandshakingNewSecond;
    5.17              }
    5.18          }
    5.19 @@ -235,11 +235,7 @@
    5.20  
    5.21              on OwnKeysSecond {
    5.22                  do saveGroupKeys;
    5.23 -
    5.24 -                if keyElectionWon
    5.25 -                    do ownKeysAreGroupKeys;
    5.26 -                else
    5.27 -                    do receivedKeysAreGroupKeys;
    5.28 +                do receivedKeysAreGroupKeys;
    5.29                  do showGroupCreated;
    5.30                  go Grouped;
    5.31              }
    5.32 @@ -254,10 +250,7 @@
    5.33              on OwnKeysFirst {
    5.34                  do saveGroupKeys;
    5.35  
    5.36 -                if keyElectionWon
    5.37 -                    do ownKeysAreGroupKeys;
    5.38 -                else
    5.39 -                    do receivedKeysAreGroupKeys;
    5.40 +                do ownKeysAreGroupKeys;
    5.41                  do showGroupCreated;
    5.42                  go Grouped;
    5.43              }
    5.44 @@ -284,8 +277,10 @@
    5.45                  do useOwnChallenge;
    5.46              }
    5.47  
    5.48 -            on NegotiationOpen if sameNegotiationAndPartner
    5.49 +            on NegotiationOpen if sameNegotiationAndPartner {
    5.50 +                do storeNegotiation;
    5.51                  go HandshakingGrouped;
    5.52 +            }
    5.53  
    5.54              on GroupTrustThisKey {
    5.55                  do trustThisKey;
    5.56 @@ -324,9 +319,6 @@
    5.57                  send CommitAccept;
    5.58                  go HandshakingJoinPhase1;
    5.59              }
    5.60 -
    5.61 -            on CommitAcceptForGroup if sameNegotiationAndPartner
    5.62 -                go HandshakingJoinPhase2;
    5.63          }
    5.64  
    5.65          state HandshakingJoinPhase1 {
    5.66 @@ -433,6 +425,7 @@
    5.67                  go Grouped;
    5.68  
    5.69              on CommitAccept if sameNegotiationAndPartner {
    5.70 +                do prepareOwnKeys;
    5.71                  send GroupKeys;
    5.72                  go Grouped;
    5.73              }
    5.74 @@ -441,12 +434,6 @@
    5.75                  do trustThisKey;
    5.76              }
    5.77  
    5.78 -            on CommitAcceptForGroup {
    5.79 -                do showDeviceAdded;
    5.80 -                if sameNegotiationAndPartner
    5.81 -                    go Grouped;
    5.82 -            }
    5.83 -
    5.84              on GroupKeys
    5.85                  do saveGroupKeys;
    5.86          }
    5.87 @@ -465,6 +452,7 @@
    5.88              on Accept {
    5.89                  do trustThisKey;
    5.90                  send GroupTrustThisKey;
    5.91 +                do prepareOwnKeys;
    5.92                  send GroupKeys;
    5.93                  go Grouped;
    5.94              }
    5.95 @@ -473,14 +461,6 @@
    5.96                  do trustThisKey;
    5.97              }
    5.98  
    5.99 -            on CommitAcceptForGroup {
   5.100 -                do showDeviceAdded;
   5.101 -                if sameNegotiationAndPartner {
   5.102 -                    do hideHandshakeDialog;
   5.103 -                    go Grouped;
   5.104 -                }
   5.105 -            }
   5.106 -
   5.107              on GroupKeys
   5.108                  do saveGroupKeys;
   5.109          }