# HG changeset patch # User souliane # Date 1410127090 -7200 # Node ID e903a9f7917239c16aff795ea1fff57b73ec251a # Parent 22358ffa26e4e17e50e0aae50643e2e15d33c51c browser_side (plugin OTR): also ask for a confirmation if the user has no private key and initiates an OTR session diff -r 22358ffa26e4 -r e903a9f79172 src/browser/sat_browser/plugin_sec_otr.py --- a/src/browser/sat_browser/plugin_sec_otr.py Sun Sep 07 23:40:06 2014 +0200 +++ b/src/browser/sat_browser/plugin_sec_otr.py Sun Sep 07 23:58:10 2014 +0200 @@ -79,11 +79,14 @@ KEY_DROP_TXT = D_("You private key is used to encrypt messages for your correspondent, nobody except you must know it, if you are in doubt, you should drop it!{eol}{eol}Are you sure you want to drop your private key?") KEY_DROPPED_TXT = D_("Your private key has been dropped.") -QUERY_TITLE = D_("Invitation to encrypt") -QUERY_RECEIVED = D_("{jid} is willing to start with you an OTR encrypted conversation. This end-to-end encryption is computed by your web browser and you may experience slowdowns.{eol}{eol}") -QUERY_RECEIVED_NO_KEY = D_("This will take up to 10 seconds to generate your single use private key and start the conversation. In a future version of Libervia, your private key will be safely and persistently stored, so you will have to generate it only once.{eol}{eol}") -QUERY_RECEIVED_KEY = D_("You already have a private key, but to start the conversation will still require a couple of seconds.{eol}{eol}") -QUERY_RECEIVED_CONFIRM = D_("Press OK to start now the encryption.") +QUERY_TITLE = D_("Going encrypted") +QUERY_RECEIVED = D_("{jid} is willing to start with you an OTR encrypted conversation.{eol}{eol}") +QUERY_SEND = D_("You are about to start an OTR encrypted conversation with {jid}.{eol}{eol}") +QUERY_SLOWDOWN = D_("This end-to-end encryption is computed by your web browser and you may experience slowdowns.{eol}{eol}") +QUERY_NO_KEY = D_("This will take up to 10 seconds to generate your single use private key and start the conversation. In a future version of Libervia, your private key will be safely and persistently stored, so you will have to generate it only once.{eol}{eol}") +QUERY_KEY = D_("You already have a private key, but to start the conversation will still require a couple of seconds.{eol}{eol}") +QUERY_CONFIRM = D_("Press OK to start now the encryption.") + DEFAULT_POLICY_FLAGS = { 'ALLOW_V2': True, @@ -394,7 +397,6 @@ def cb(jid): otrctx = self.context_manager.getContextForUser(jid, start=False) - if otrctx is None: def confirm(confirm): if confirm: @@ -403,7 +405,7 @@ # FIXME: plain text messages with whitespaces would be lost here when WHITESPACE_START_AKE is True pass key = self.context_manager.account.privkey - msg = QUERY_RECEIVED + (QUERY_RECEIVED_KEY if key else QUERY_RECEIVED_NO_KEY) + QUERY_RECEIVED_CONFIRM + msg = QUERY_RECEIVED + QUERY_SLOWDOWN + (QUERY_KEY if key else QUERY_NO_KEY) + QUERY_CONFIRM dialog.ConfirmDialog(confirm, msg.format(jid=jid.full(), eol=DIALOG_EOL), QUERY_TITLE, AddStyleName="maxWidthLimit").show() else: # do not ask if the context exist decrypt(otrctx) @@ -473,16 +475,26 @@ @param menu_data: %(menu_data)s """ - def cb(other_jid): + def query(other_jid): otrctx = self.context_manager.getContextForUser(other_jid) otrctx.sendQueryMessage() + def cb(jid): + key = self.context_manager.account.privkey + if key is None: + def confirm(confirm): + if confirm: + query(jid) + msg = QUERY_SEND + QUERY_SLOWDOWN + QUERY_NO_KEY + QUERY_CONFIRM + dialog.ConfirmDialog(confirm, msg.format(jid=jid.full(), eol=DIALOG_EOL), QUERY_TITLE, AddStyleName="maxWidthLimit").show() + else: # on query reception we ask always, if we initiate we just ask the first time + query(jid) + try: other_jid = menu_data['jid'] self.fixResource(other_jid, cb) except KeyError: log.error(_("jid key is not present !")) - return None def _endSession(self, menu_data): """End an OTR session