Mirrors/chatmail-core
1
0
Fork 0
mirror of https://github.com/chatmail/core.git synced 2026-04-27 18:36:30 +03:00
Code Issues Packages Projects Releases Wiki Activity

fix: set backward verification when observing vc-contact-confirm or vg-member-added (#5930)

Browse Source 
Documentation comment says forward and backward verification is set,
but the code was not doing it.
`vc-contact-confirm` and `vg-member-added` messages
indicate that other device finished securejoin protocol
so we know Bob has our key marked as verified.
This commit is contained in:
link2xt
2024-08-30 19:51:26 +00:00
committed by GitHub
parent 2dd85afdc2
commit d344cc3bdd
2 changed files with 20 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
deltachat-rpc-client/tests/test_securejoin.py
View File

@@ -61,9 +61,16 @@ def test_qr_setup_contact_svg(acfactory) -> None:
@pytest.mark.parametrize("protect", [True, False]) @pytest.mark.parametrize("protect", [True, False])
def test_qr_securejoin(acfactory, protect): def test_qr_securejoin(acfactory, protect, tmp_path):
alice, bob = acfactory.get_online_accounts(2) alice, bob = acfactory.get_online_accounts(2)
# Setup second device for Alice
# to test observing securejoin protocol.
alice.export_backup(tmp_path)
files = list(tmp_path.glob("*.tar"))
alice2 = acfactory.get_unconfigured_account()
alice2.import_backup(files[0])
logging.info("Alice creates a verified group") logging.info("Alice creates a verified group")
alice_chat = alice.create_group("Verified group", protect=protect) alice_chat = alice.create_group("Verified group", protect=protect)
assert alice_chat.get_basic_snapshot().is_protected == protect assert alice_chat.get_basic_snapshot().is_protected == protect
@@ -97,6 +104,14 @@ def test_qr_securejoin(acfactory, protect):
bob_contact_alice_snapshot = bob_contact_alice.get_snapshot() bob_contact_alice_snapshot = bob_contact_alice.get_snapshot()
assert bob_contact_alice_snapshot.is_verified assert bob_contact_alice_snapshot.is_verified
# Start second Alice device.
# Alice observes securejoin protocol and verifies Bob on second device.
alice2.start_io()
alice2.wait_for_securejoin_inviter_success()
alice2_contact_bob = alice2.get_contact_by_addr(bob.get_config("addr"))
alice2_contact_bob_snapshot = alice2_contact_bob.get_snapshot()
assert alice2_contact_bob_snapshot.is_verified
def test_qr_securejoin_contact_request(acfactory) -> None: def test_qr_securejoin_contact_request(acfactory) -> None:
"""Alice invites Bob to a group when Bob's chat with Alice is in a contact request mode.""" """Alice invites Bob to a group when Bob's chat with Alice is in a contact request mode."""

4
src/securejoin.rs
View File

@@ -637,6 +637,10 @@ pub(crate) async fn observe_securejoin_on_other_device(
return Ok(HandshakeMessage::Ignore); return Ok(HandshakeMessage::Ignore);
}; };
peerstate.set_verified(key.clone(), fingerprint, addr)?; peerstate.set_verified(key.clone(), fingerprint, addr)?;
if matches!(step, "vg-member-added" | "vc-contact-confirm") {
peerstate.backward_verified_key_id =
Some(context.get_config_i64(Config::KeyId).await?).filter(|&id| id > 0);
}
peerstate.prefer_encrypt = EncryptPreference::Mutual; peerstate.prefer_encrypt = EncryptPreference::Mutual;
peerstate.save_to_db(&context.sql).await?; peerstate.save_to_db(&context.sql).await?;