Merge pull request #2001 from deltachat/protect-one-to-one

check protection properties for all chats, allow missing Chat-Verified header
2026-05-03 21:36:29 +03:00 · 2020-10-16 23:02:41 +02:00
parent 6e37c1442e 6ec743f8b1
commit 0a9a2394d8
1 changed files with 45 additions and 41 deletions
--- a/src/dc_receive_imf.rs
+++ b/src/dc_receive_imf.rs
@@ -714,17 +714,31 @@ async fn add_parts(
        ephemeral_timer = EphemeralTimer::Disabled;
    }

-    // change chat protection
-    if let Some(new_status) = match mime_parser.is_system_message {
-        SystemMessage::ChatProtectionEnabled => Some(ProtectionStatus::Protected),
-        SystemMessage::ChatProtectionDisabled => Some(ProtectionStatus::Unprotected),
-        _ => None,
-    } {
-        chat_id.inner_set_protection(context, new_status).await?;
-        set_better_msg(
-            mime_parser,
-            context.stock_protection_msg(new_status, from_id).await,
-        );
+    // if a chat is protected, check additional properties
+    if !chat_id.is_special() {
+        let chat = Chat::load_from_db(context, *chat_id).await?;
+        if chat.is_protected() {
+            if let Err(err) =
+                check_verified_properties(context, mime_parser, from_id as u32, to_ids).await
+            {
+                warn!(context, "verification problem: {}", err);
+                let s = format!("{}. See 'Info' for more details", err);
+                mime_parser.repl_msg_by_error(s);
+            } else {
+                // change chat protection only when verification check passes
+                if let Some(new_status) = match mime_parser.is_system_message {
+                    SystemMessage::ChatProtectionEnabled => Some(ProtectionStatus::Protected),
+                    SystemMessage::ChatProtectionDisabled => Some(ProtectionStatus::Unprotected),
+                    _ => None,
+                } {
+                    chat_id.inner_set_protection(context, new_status).await?;
+                    set_better_msg(
+                        mime_parser,
+                        context.stock_protection_msg(new_status, from_id).await,
+                    );
+                }
+            }
+        }
    }

    // correct message_timestamp, it should not be used before,
@@ -1167,29 +1181,18 @@ async fn create_or_lookup_group(
    set_better_msg(mime_parser, &better_msg);

    // check, if we have a chat with this group ID
-    let (mut chat_id, chat_id_verified, _blocked) = chat::get_chat_id_by_grpid(context, &grpid)
+    let (mut chat_id, _, _blocked) = chat::get_chat_id_by_grpid(context, &grpid)
        .await
        .unwrap_or((ChatId::new(0), false, Blocked::Not));
-    if !chat_id.is_unset() {
-        if chat_id_verified {
-            if let Err(err) =
-                check_verified_properties(context, mime_parser, from_id as u32, to_ids).await
-            {
-                warn!(context, "verification problem: {}", err);
-                let s = format!("{}. See 'Info' for more details", err);
-                mime_parser.repl_msg_by_error(s);
-            }
-        }
-        if !chat::is_contact_in_chat(context, chat_id, from_id as u32).await {
-            // The From-address is not part of this group.
-            // It could be a new user or a DSN from a mailer-daemon.
-            // in any case we do not want to recreate the member list
-            // but still show the message as part of the chat.
-            // After all, the sender has a reference/in-reply-to that
-            // points to this chat.
-            let s = context.stock_str(StockMessage::UnknownSenderForChat).await;
-            mime_parser.repl_msg_by_error(s.to_string());
-        }
+    if !chat_id.is_unset() && !chat::is_contact_in_chat(context, chat_id, from_id as u32).await {
+        // The From-address is not part of this group.
+        // It could be a new user or a DSN from a mailer-daemon.
+        // in any case we do not want to recreate the member list
+        // but still show the message as part of the chat.
+        // After all, the sender has a reference/in-reply-to that
+        // points to this chat.
+        let s = context.stock_str(StockMessage::UnknownSenderForChat).await;
+        mime_parser.repl_msg_by_error(s.to_string());
    }

    // check if the group does not exist but should be created
@@ -1299,11 +1302,6 @@ async fn create_or_lookup_group(
        }
    } else if mime_parser.is_system_message == SystemMessage::ChatProtectionEnabled {
        recreate_member_list = true;
-        if let Err(e) = check_verified_properties(context, mime_parser, from_id, to_ids).await {
-            warn!(context, "checking verified properties failed: {}", e);
-            let s = format!("{}. See 'Info' for more details", e);
-            mime_parser.repl_msg_by_error(s);
-        }
    }

    if let Some(avatar_action) = &mime_parser.group_avatar {
@@ -1669,10 +1667,16 @@ async fn check_verified_properties(

    ensure!(mimeparser.was_encrypted(), "This message is not encrypted.");

-    ensure!(
-        mimeparser.get(HeaderDef::ChatVerified).is_some(),
-        "Sender did not mark the message as protected."
-    );
+    if mimeparser.get(HeaderDef::ChatVerified).is_none() {
+        // we do not fail here currently, this would exclude (a) non-deltas
+        // and (b) deltas with different protection views across multiple devices.
+        // for group creation or protection enabled/disabled, however, Chat-Verified is respected.
+        warn!(
+            context,
+            "{} did not mark message as protected.",
+            contact.get_addr()
+        );
+    }

    // ensure, the contact is verified
    // and the message is signed with a verified key of the sender.