prompt with SAS during 3 message negotiation

This commit is contained in:
Brendan Taylor 2007-08-07 07:42:31 +00:00
parent 8d79d32002
commit 4bfe14d3cf
3 changed files with 15 additions and 6 deletions

View File

@ -1957,7 +1957,8 @@ class ChatControl(ChatControlBase):
if not self.session: if not self.session:
self.session = gajim.connections[self.account].make_new_session(self.contact.jid) self.session = gajim.connections[self.account].make_new_session(self.contact.jid)
self.session.negotiate_e2e() # XXX decide whether to use 4 or 3 message negotiation
self.session.negotiate_e2e(False)
def got_connected(self): def got_connected(self):
ChatControlBase.got_connected(self) ChatControlBase.got_connected(self)

View File

@ -330,7 +330,7 @@ class EncryptedStanzaSession(StanzaSession):
# if none exists, prompt the user with the SAS # if none exists, prompt the user with the SAS
if self.sas_algs == 'sas28x5': if self.sas_algs == 'sas28x5':
self.sas = self.sas_28x5(m_a, self.form_b) self.sas = self.sas_28x5(m_a, self.form_b)
mac_a = self.decrypt(id_a) mac_a = self.decrypt(id_a)
form_a2 = self.c7lize_mac_id(form) form_a2 = self.c7lize_mac_id(form)
@ -357,8 +357,8 @@ class EncryptedStanzaSession(StanzaSession):
content = self.n_s + self.n_o + self.encode_mpi(self.d) + pubkey_b content = self.n_s + self.n_o + self.encode_mpi(self.d) + pubkey_b
if sigmai: if sigmai:
form_b = c7l_form self.form_b = c7l_form
content += form_b content += self.form_b
else: else:
form_b2 = c7l_form form_b2 = c7l_form
content += self.form_b + form_b2 content += self.form_b + form_b2
@ -383,6 +383,9 @@ class EncryptedStanzaSession(StanzaSession):
# if none exists, prompt the user with the SAS # if none exists, prompt the user with the SAS
if self.sas_algs == 'sas28x5': if self.sas_algs == 'sas28x5':
self.sas = self.sas_28x5(m_a, self.form_b) self.sas = self.sas_28x5(m_a, self.form_b)
if self.sigmai:
self.check_identity()
return (xmpp.DataField(name='identity', value=base64.b64encode(id_a)), \ return (xmpp.DataField(name='identity', value=base64.b64encode(id_a)), \
xmpp.DataField(name='mac', value=base64.b64encode(m_a))) xmpp.DataField(name='mac', value=base64.b64encode(m_a)))
@ -606,8 +609,6 @@ class EncryptedStanzaSession(StanzaSession):
self.negotiated = negotiated self.negotiated = negotiated
self.form_b = ''.join(map(lambda el: xmpp.c14n.c14n(el), form.getChildren()))
accept = xmpp.Message() accept = xmpp.Message()
feature = accept.NT.feature feature = accept.NT.feature
feature.setNamespace(xmpp.NS_FEATURE) feature.setNamespace(xmpp.NS_FEATURE)
@ -647,6 +648,9 @@ class EncryptedStanzaSession(StanzaSession):
rshashes = [base64.b64encode(rshash) for rshash in rshashes] rshashes = [base64.b64encode(rshash) for rshash in rshashes]
result.addChild(node=xmpp.DataField(name='rshashes', value=rshashes)) result.addChild(node=xmpp.DataField(name='rshashes', value=rshashes))
result.addChild(node=xmpp.DataField(name='dhkeys', value=base64.b64encode(self.encode_mpi(e)))) result.addChild(node=xmpp.DataField(name='dhkeys', value=base64.b64encode(self.encode_mpi(e))))
self.form_b = ''.join(map(lambda el: xmpp.c14n.c14n(el), form.getChildren()))
# MUST securely destroy K unless it will be used later to generate the final shared secret # MUST securely destroy K unless it will be used later to generate the final shared secret

View File

@ -1765,11 +1765,15 @@ class Interface:
elif session.status == 'requested-e2e' and form.getType() == 'submit': elif session.status == 'requested-e2e' and form.getType() == 'submit':
negotiated, not_acceptable, ask_user = session.verify_options_alice(form) negotiated, not_acceptable, ask_user = session.verify_options_alice(form)
if session.sigmai:
session.check_identity = lambda: negotiation.show_sas_dialog(jid, session.sas)
if ask_user: if ask_user:
def accept_nondefault_options(widget): def accept_nondefault_options(widget):
dialog.destroy() dialog.destroy()
negotiated.update(ask_user) negotiated.update(ask_user)
session.accept_e2e_alice(form, negotiated) session.accept_e2e_alice(form, negotiated)
def reject_nondefault_options(widget): def reject_nondefault_options(widget):