Mercurial > libervia-web

changeset 539:19b8af73e945

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
browser_side (plugin OTR): ask the user before accepting an OTR query
author souliane <souliane@mailoo.org>
date Sun, 07 Sep 2014 23:29:49 +0200
parents 3317e5d0ac1d
children 22358ffa26e4
files src/browser/sat_browser/plugin_sec_otr.py
diffstat 1 files changed, 26 insertions(+), 6 deletions(-) [+]
line wrap: on
line diff
--- a/src/browser/sat_browser/plugin_sec_otr.py	Sun Sep 07 22:33:28 2014 +0200
+++ b/src/browser/sat_browser/plugin_sec_otr.py	Sun Sep 07 23:29:49 2014 +0200
@@ -79,13 +79,18 @@
 KEY_DROP_TXT = D_("You private key is used to encrypt messages for your correspondent, nobody except you must know it, if you are in doubt, you should drop it!{eol}{eol}Are you sure you want to drop your private key?")
 KEY_DROPPED_TXT = D_("Your private key has been dropped.")
 
+QUERY_TITLE = D_("Invitation to encrypt")
+QUERY_RECEIVED = D_("{jid} is willing to start with you an OTR encrypted conversation. This end-to-end encryption is computed by your web browser and you may experience slowdowns.{eol}{eol}")
+QUERY_RECEIVED_NO_KEY = D_("This will take up to 10 seconds to generate your single use private key and start the conversation. In a future version of Libervia, your private key will be safely and persistently stored, so you will have to generate it only once.{eol}{eol}")
+QUERY_RECEIVED_KEY = D_("You already have a private key, but to start the conversation will still require a couple of seconds.{eol}{eol}")
+QUERY_RECEIVED_CONFIRM = D_("Press OK to start now the encryption.")
 
 DEFAULT_POLICY_FLAGS = {
     'ALLOW_V2': True,
     'ALLOW_V3': True,
     'REQUIRE_ENCRYPTION': False,
-    'SEND_WHITESPACE_TAG': False,
-    'WHITESPACE_START_AKE': False
+    'SEND_WHITESPACE_TAG': False,  # FIXME: we need to complete sendMessageTrigger before turning this to True
+    'WHITESPACE_START_AKE': False,  # FIXME: we need to complete messageReceivedTrigger before turning this to True
 }
 
 # list a couple of texts (untrusted, trusted) for each state
@@ -382,15 +387,30 @@
 
         tag = otr.proto.checkForOTR(msg)
         if tag is None or (tag == otr.context.WHITESPACE_TAG and not DEFAULT_POLICY_FLAGS['WHITESPACE_START_AKE']):
-            return True  # TODO: signal the user that the contact wants to speak OTR
+            return True
+
+        def decrypt(context):
+            context.receiveMessage(msg)
 
         def cb(jid):
-            otrctx = self.context_manager.getContextForUser(jid)
-            otrctx.receiveMessage(msg)
-            return False  # interrupt the main process
+            otrctx = self.context_manager.getContextForUser(jid, start=False)
+
+            if otrctx is None:
+                def confirm(confirm):
+                    if confirm:
+                        decrypt(self.context_manager.startContext(jid))
+                    else:
+                        # FIXME: plain text messages with whitespaces would be lost here when WHITESPACE_START_AKE is True
+                        pass
+                key = self.context_manager.account.privkey
+                msg = QUERY_RECEIVED + (QUERY_RECEIVED_KEY if key else QUERY_RECEIVED_NO_KEY) + QUERY_RECEIVED_CONFIRM
+                dialog.ConfirmDialog(confirm, msg.format(jid=jid.full(), eol=DIALOG_EOL), QUERY_TITLE, AddStyleName="maxWidthLimit").show()
+            else:  # do not ask if the context exist
+                decrypt(otrctx)
 
         other_jid = to_jid if from_jid.bare == self.host.whoami.bare else from_jid
         self.fixResource(other_jid, cb)
+        return False  # interrupt the main process
 
     def sendMessageTrigger(self, to_jid, msg, msg_type, extra):
         def cb(jid):