(AEAP) Revert #3491, instead only replace contacts in verified groups (#3510)

#3491 introduced a bug that your address is only replaced in the first group you write to, which was rather hard to fix. In order to be able to release something, we agreed to revert it and instead only replace the contacts in verified groups (and in broadcast lists, if the signing key is verified). Highlights: * Revert "Only do the AEAP transition in the chat where it happened" This reverts commit 22f4cd7b79. * Only do the transition for verified groups (and broadcast lists) To be exact, only do the transition if the signing key fingerpring is verified. And only do it in verified groups and broadcast lists * Slightly adapt string to this change * Changelog
2026-04-21 15:36:30 +03:00 · 2022-07-16 23:03:34 +02:00
parent 5f779ca9b2
commit 9f2100deee
6 changed files with 138 additions and 104 deletions
--- a/src/e2ee.rs
+++ b/src/e2ee.rs
@@ -149,11 +149,13 @@ pub(crate) async fn get_autocrypt_peerstate(

    // Apply Autocrypt header
    if let Some(header) = autocrypt_header {
-        // The "from_nongossiped_fingerprint" part is for AEAP:
+        // The "from_verified_fingerprint" part is for AEAP:
        // If we know this fingerprint from another addr,
        // we may want to do a transition from this other addr
        // (and keep its peerstate)
-        peerstate = Peerstate::from_nongossiped_fingerprint_or_addr(
+        // For security reasons, for now, we only do a transition
+        // if the fingerprint is verified.
+        peerstate = Peerstate::from_verified_fingerprint_or_addr(
            context,
            &header.public_key.fingerprint(),
            from,