Commit 27ac64bb authored by johan's avatar johan
Browse files

Peer's failure to decrypt a message stale the IM encryption session

parent 30d987b4
......@@ -121,6 +121,8 @@ public:
virtual AbstractChatRoom::SecurityLevel getSecurityLevel (const std::string &deviceId) const { return AbstractChatRoom::SecurityLevel::ClearText; }
virtual std::list<EncryptionParameter> getEncryptionParameters () { return std::list<EncryptionParameter>(); }
virtual void stale_session (const std::string localDeviceId, const std::string peerDeviceId) {};
protected:
EncryptionEngine (const std::shared_ptr<Core> &core) : CoreAccessor(core) {}
......
......@@ -884,6 +884,10 @@ std::shared_ptr<LimeManager> LimeX3dhEncryptionEngine::getLimeManager () {
return limeManager;
}
void LimeX3dhEncryptionEngine::stale_session (const std::string localDeviceId, const std::string peerDeviceId) {
limeManager->stale_sessions(localDeviceId, peerDeviceId);
}
lime::limeCallback LimeX3dhEncryptionEngine::setLimeCallback (string operation) {
lime::limeCallback callback([operation](lime::CallbackReturn returnCode, string anythingToSay) {
if (returnCode == lime::CallbackReturn::success) {
......
......@@ -166,6 +166,7 @@ public:
const std::string &message
) override;
void stale_session (const std::string localDeviceId, const std::string peerDeviceId) override;
private:
std::shared_ptr<LimeManager> limeManager;
std::time_t lastLimeUpdate;
......
......@@ -27,6 +27,7 @@
#ifdef HAVE_ADVANCED_IM
#include "xml/imdn.h"
#include "xml/linphone-imdn.h"
#include "chat/encryption/encryption-engine.h"
#endif
#include "imdn.h"
......@@ -204,12 +205,25 @@ void Imdn::parse (const shared_ptr<ChatMessage> &chatMessage) {
auto &displayNotification = imdn->getDisplayNotification();
if (deliveryNotification.present()) {
auto &status = deliveryNotification.get().getStatus();
if (status.getDelivered().present() && linphone_im_notif_policy_get_recv_imdn_delivered(policy))
if (status.getDelivered().present() && linphone_im_notif_policy_get_recv_imdn_delivered(policy)) {
cm->getPrivate()->setParticipantState(participantAddress, ChatMessage::State::DeliveredToUser, imdnTime);
else if ((status.getFailed().present() || status.getError().present())
&& linphone_im_notif_policy_get_recv_imdn_delivered(policy)
)
} else if ((status.getFailed().present() || status.getError().present()) && linphone_im_notif_policy_get_recv_imdn_delivered(policy)) {
cm->getPrivate()->setParticipantState(participantAddress, ChatMessage::State::NotDelivered, imdnTime);
// When the IMDN status is failed for reason code 488 (Not acceptable here) and the chatroom is encrypted,
// something is wrong with our encryption session with this peer, stale the active session the next
// message (which can be a resend of this one) will be encrypted with a new session
if (status.getFailed().present() && status.getReason().present() && (cr->getCapabilities() & ChatRoom::Capabilities::Encrypted)) {
// Check the reason code is 488
auto reason = status.getReason().get();
auto imee = cm->getCore()->getEncryptionEngine();
if ((reason.getCode() == 488) && imee) {
// stale the encryption sessions with this device: something went wrong, we will create a new one at next encryption
lWarning()<<"Peer "<<chatMessage->getFromAddress().asString()<<" could not decrypt message from "
<< cm->getFromAddress().asString()<<" -> Stale the lime X3DH session";
imee->stale_session(cm->getFromAddress().asString(), chatMessage->getFromAddress().asString());
}
}
}
} else if (displayNotification.present()) {
auto &status = displayNotification.get().getStatus();
if (status.getDisplayed().present() && linphone_im_notif_policy_get_recv_imdn_displayed(policy))
......
......@@ -28,6 +28,10 @@ endif()
if(SQLITE3_FOUND)
list(APPEND OTHER_LIBS_FOR_TESTER ${SQLITE3_LIBRARIES})
endif()
if(SOCI_FOUND)
list(APPEND OTHER_LIBS_FOR_TESTER ${SOCI_LIBRARIES} ${SOCI_sqlite3_PLUGIN})
add_definitions(-DHAVE_SOCI=1)
endif()
if(ZLIB_FOUND)
if (ANDROID)
# Starting NDK r21, libz.a has issues: https://github.com/android/ndk/issues/1179
......@@ -270,6 +274,7 @@ if(ENABLE_LIME_X3DH)
endif()
set(SOURCE_FILES_CXX
tester.cpp
audio_quality_tester.cpp
clonable-object-tester.cpp
contents-tester.cpp
......@@ -351,7 +356,7 @@ endif()
# on mobile platforms, we compile the tester as a library so that we can link with it directly from native applications
if(ANDROID OR IOS)
add_library(linphonetester SHARED ${HEADER_FILES} ${SOURCE_FILES_C} ${SOURCE_FILES_CXX})
target_include_directories(linphonetester PRIVATE ${LINPHONE_INCLUDE_DIRS} ${LIBXSD_INCLUDE_DIRS})
target_include_directories(linphonetester PRIVATE ${LINPHONE_INCLUDE_DIRS} ${LIBXSD_INCLUDE_DIRS} ${SOCI_INCLUDE_DIRS})
target_link_libraries(linphonetester ${LINPHONE_LIBS_FOR_TOOLS} ${OTHER_LIBS_FOR_TESTER})
#TODO: replace by if(APPLE) when we want to make apple framework on linphone-desktop too
if(IOS)
......@@ -380,7 +385,7 @@ if(ANDROID OR IOS)
)
elseif(CMAKE_SYSTEM_NAME STREQUAL "WindowsStore")
add_library(linphone_tester_static STATIC ${HEADER_FILES} ${SOURCE_FILES_C} ${SOURCE_FILES_CXX})
target_include_directories(linphone_tester_static PRIVATE ${LINPHONE_INCLUDE_DIRS})
target_include_directories(linphone_tester_static PRIVATE ${LINPHONE_INCLUDE_DIRS} ${SOCI_INCLUDE_DIRS})
target_link_libraries(linphone_tester_static ${LINPHONE_LIBS_FOR_TOOLS} ${OTHER_LIBS_FOR_TESTER})
set(RUNTIME_COMPONENT_SOURCES
......@@ -415,7 +420,7 @@ if(NOT ANDROID AND NOT CMAKE_SYSTEM_NAME STREQUAL "WindowsStore")
set_target_properties(liblinphone_tester PROPERTIES LINK_FLAGS "${LINPHONE_LDFLAGS}")
set_target_properties(liblinphone_tester PROPERTIES LINKER_LANGUAGE CXX)
set_target_properties(liblinphone_tester PROPERTIES C_STANDARD 99)
target_include_directories(liblinphone_tester PRIVATE ${LINPHONE_INCLUDE_DIRS})
target_include_directories(liblinphone_tester PRIVATE ${LINPHONE_INCLUDE_DIRS} ${SOCI_INCLUDE_DIRS})
target_link_libraries(liblinphone_tester ${LINPHONE_LIBS_FOR_TOOLS} ${OTHER_LIBS_FOR_TESTER})
if(MSVC)
if(CMAKE_BUILD_TYPE STREQUAL "Debug" OR CMAKE_BUILD_TYPE STREQUAL "RelWithDebInfo")
......@@ -437,7 +442,7 @@ if(NOT ANDROID AND NOT CMAKE_SYSTEM_NAME STREQUAL "WindowsStore")
set_target_properties(groupchat_benchmark PROPERTIES LINK_FLAGS "${LINPHONE_LDFLAGS}")
set_target_properties(groupchat_benchmark PROPERTIES LINKER_LANGUAGE CXX)
set_target_properties(groupchat_benchmark PROPERTIES C_STANDARD 99)
target_include_directories(groupchat_benchmark PRIVATE ${LINPHONE_INCLUDE_DIRS})
target_include_directories(groupchat_benchmark PRIVATE ${LINPHONE_INCLUDE_DIRS} ${SOCI_INCLUDE_DIRS})
target_link_libraries(groupchat_benchmark ${LINPHONE_LIBS_FOR_TOOLS} ${OTHER_LIBS_FOR_TESTER})
install(TARGETS groupchat_benchmark
......
This diff is collapsed.
......@@ -631,6 +631,8 @@ void set_lime_curve(const int curveId, LinphoneCoreManager *manager);
void set_lime_curve_list(const int curveId, bctbx_list_t *managerList);
void set_lime_curve_list_tls(const int curveId, bctbx_list_t *managerList, bool_t tls_auth_server, bool_t required);
void lime_delete_DRSessions(const char *limedb);
#ifdef __cplusplus
};
......
/*
* Copyright (c) 2020 Belledonne Communications SARL.
*
* This file is part of Liblinphone.
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifdef HAVE_SOCI
#include <soci/soci.h>
#endif
#include "liblinphone_tester.h"
#include "logger/logger.h"
#include <exception>
/* */
void lime_delete_DRSessions(const char *limedb) {
#ifdef HAVE_SOCI
try {
soci::session sql("sqlite3", limedb); // open the DB
// Delete all sessions from the DR_sessions table
sql<<"DELETE FROM DR_sessions;";
} catch (std::exception &e) { // swallow any error on DB
lWarning()<<"Cannot delete DRSessions in base "<<limedb<<". Error is "<<e.what();
}
#endif
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment