Commit c9601870 authored by Matthieu Tanon's avatar Matthieu Tanon
Browse files

Remove spam log and clean code

parent 77aa5844
......@@ -350,7 +350,7 @@ bool LimeV2::encryptionEnabledForFileTransfer (const shared_ptr<AbstractChatRoom
}
void LimeV2::generateFileTransferKey (const shared_ptr<AbstractChatRoom> &chatRoom, const shared_ptr<ChatMessage> &message) {
int FILE_TRANSFER_KEY_SIZE = 32; // TODO #define or get it from a config
int FILE_TRANSFER_KEY_SIZE = 32;
char keyBuffer [FILE_TRANSFER_KEY_SIZE];// temporary storage of generated key: 192 bits of key + 64 bits of initial vector
// generate a random 192 bits key + 64 bits of initial vector and store it into the file_transfer_information->key field of the msg
sal_get_random_bytes((unsigned char *)keyBuffer, FILE_TRANSFER_KEY_SIZE);
......@@ -405,13 +405,11 @@ int LimeV2::uploadingFile (const shared_ptr<ChatMessage> &message, size_t offset
size_t file_size = fileTransferContent->getFileSize();
if (file_size == 0) {
ms_warning("File size has not been set, encryption will fail if not done in one step (if file is larger than 16K)");
lWarning() << "File size has not been set, encryption will fail if not done in one step (if file is larger than 16K)";
} else if (offset + *size < file_size) {
*size -= (*size % 16);
}
lInfo() << "Uploading encrypted file " << fileTransferContent->getFileName() << " " << *size << " out of " << file_size;
return lime_encryptFile(
linphone_content_get_cryptoContext_address(L_GET_C_BACK_PTR(content)),
(unsigned char *)fileKey,
......
......@@ -3525,22 +3525,21 @@ void MediaSessionPrivate::propagateEncryptionChanged () {
// TODO if mismatch = 0 set this peer as trusted with this Ik
// TODO if mismatch = 1 it means that the stored Ik was corrupted (identity theft)
if (ms_zrtp_getAuxiliarySharedSecretMismatch(audioStream->ms.sessions.zrtp_context) == 0) {
lInfo() << "ZRTP auxiliary shared secrets match";
if (limeV2Engine) {
try {
lInfo() << "LIMEv2 peer status set to trusted";
// if SAS verified lime peer is trusted, untrusted otherwise
limeV2Engine->getLimeManager()->set_peerIdentityVerifiedStatus(peerDeviceId, remoteIk_vector, authTokenVerified);
lInfo() << "LIMEv2 peer device " << peerDeviceId << " is now trusted";
} catch (const exception &e) {
// TODO Report the security issue to application level
lWarning() << "LIMEv2 identity theft detected: " << e.what();
// TODO Report the security issue to application level (chatroom event)
lError() << "LIMEv2 identity theft detected from " << peerDeviceId << " (" << e.what() << ")";
}
} else {
lWarning() << "Unable to get LIMEv2 context, unable to set peer identity verified status";
lError() << "Unable to get LIMEv2 context, unable to set peer identity verified status";
}
} else {
// TODO Report the security issue to application level
lWarning() << "LIMEv2 identity theft detected during ZRTP auxiliary shared secret check";
// TODO Report the security issue to application level (chatroom event)
lError() << "LIMEv2 identity theft detected from " << peerDeviceId;
}
ms_free(peerDeviceId);
}
......
......@@ -3932,6 +3932,98 @@ static void group_chat_lime_v2_send_encrypted_message_with_response_and_composin
lime_v2_message_test(TRUE, TRUE);
}
static void group_chat_lime_v2_send_encrypted_file_with_or_without_text (bool_t with_text) {
LinphoneCoreManager *marie = linphone_core_manager_create("marie_rc");
LinphoneCoreManager *pauline = linphone_core_manager_create("pauline_tcp_rc");
LinphoneCoreManager *chloe = linphone_core_manager_create("chloe_rc");
bctbx_list_t *coresManagerList = NULL;
bctbx_list_t *participantsAddresses = NULL;
int dummy = 0;
char *sendFilepath = bc_tester_res("sounds/sintel_trailer_opus_h264.mkv");
char *receivePaulineFilepath = bc_tester_file("receive_file_pauline.dump");
char *receiveChloeFilepath = bc_tester_file("receive_file_chloe.dump");
const char *text = "Hello Group !";
// Globally configure an http file transfer server
linphone_core_set_file_transfer_server(marie->lc, "https://www.linphone.org:444/lft.php");
// linphone_core_set_file_transfer_server(marie->lc, "http://subscribe.example.org/flexisip-account-manager/lft.php"); // https
coresManagerList = bctbx_list_append(coresManagerList, marie);
coresManagerList = bctbx_list_append(coresManagerList, pauline);
coresManagerList = bctbx_list_append(coresManagerList, chloe);
bctbx_list_t *coresList = init_core_for_conference(coresManagerList);
start_core_for_conference(coresManagerList);
participantsAddresses = bctbx_list_append(participantsAddresses, linphone_address_new(linphone_core_get_identity(pauline->lc)));
participantsAddresses = bctbx_list_append(participantsAddresses, linphone_address_new(linphone_core_get_identity(chloe->lc)));
stats initialMarieStats = marie->stat;
stats initialPaulineStats = pauline->stat;
stats initialChloeStats = chloe->stat;
// Remove any previously downloaded file
remove(receivePaulineFilepath);
remove(receiveChloeFilepath);
// Wait for lime users to be created on X3DH server
wait_for_list(coresList, &dummy, 1, 1000);
// Check encryption status for both participants
BC_ASSERT_TRUE(linphone_core_lime_v2_enabled(marie->lc));
BC_ASSERT_TRUE(linphone_core_lime_v2_enabled(pauline->lc));
BC_ASSERT_TRUE(linphone_core_lime_v2_enabled(chloe->lc));
// Marie creates a new group chat room
const char *initialSubject = "Colleagues";
LinphoneChatRoom *marieCr = create_chat_room_client_side(coresList, marie, &initialMarieStats, participantsAddresses, initialSubject, -1);
const LinphoneAddress *confAddr = linphone_chat_room_get_conference_address(marieCr);
// Check that the chat room is correctly created on Pauline's side and that the participants are added
LinphoneChatRoom *paulineCr = check_creation_chat_room_client_side(coresList, pauline, &initialPaulineStats, confAddr, initialSubject, 2, FALSE);
// Check that the chat room is correctly created on Chloe's side and that the participants are added
LinphoneChatRoom *chloeCr = check_creation_chat_room_client_side(coresList, chloe, &initialChloeStats, confAddr, initialSubject, 2, FALSE);
// Send encrypted file
if (with_text) {
_send_file_plus_text(marieCr, sendFilepath, text);
} else {
_send_file(marieCr, sendFilepath);
}
wait_for_list(coresList, &dummy, 1, 10000);
// Check that chat rooms have received the file
if (with_text) {
_receive_file_plus_text(coresList, pauline, &initialPaulineStats, receivePaulineFilepath, sendFilepath, text);
_receive_file_plus_text(coresList, chloe, &initialChloeStats, receiveChloeFilepath, sendFilepath, text);
} else {
_receive_file(coresList, pauline, &initialPaulineStats, receivePaulineFilepath, sendFilepath);
_receive_file(coresList, chloe, &initialChloeStats, receiveChloeFilepath, sendFilepath);
}
// Clean db from chat room
linphone_core_manager_delete_chat_room(marie, marieCr, coresList);
linphone_core_manager_delete_chat_room(chloe, chloeCr, coresList);
linphone_core_manager_delete_chat_room(pauline, paulineCr, coresList);
remove(receivePaulineFilepath);
remove(receiveChloeFilepath);
bc_free(sendFilepath);
bc_free(receivePaulineFilepath);
bc_free(receiveChloeFilepath);
bctbx_list_free(coresList);
bctbx_list_free(coresManagerList);
linphone_core_manager_destroy(marie);
linphone_core_manager_destroy(pauline);
linphone_core_manager_destroy(chloe);
}
static void group_chat_lime_v2_send_encrypted_file (void) {
group_chat_lime_v2_send_encrypted_file_with_or_without_text(FALSE);
}
static void group_chat_lime_v2_send_encrypted_file_plus_text (void) {
group_chat_lime_v2_send_encrypted_file_with_or_without_text(TRUE);
}
bool_t simple_zrtp_call_with_sas_validation(LinphoneCoreManager *caller, LinphoneCoreManager *callee, bool_t callerValidation, bool_t calleeValidation) {
bool_t call_ok = FALSE;
BC_ASSERT_TRUE((call_ok=call(caller, callee)));
......@@ -5159,6 +5251,8 @@ test_t group_chat_tests[] = {
TEST_TWO_TAGS("LIMEv2 message with composing", group_chat_lime_v2_send_encrypted_message_with_composing, "CreateUserInDb", "LeaksMemory"),
TEST_TWO_TAGS("LIMEv2 message with response", group_chat_lime_v2_send_encrypted_message_with_response, "CreateUserInDb", "LeaksMemory"),
TEST_TWO_TAGS("LIMEv2 message with response and composing", group_chat_lime_v2_send_encrypted_message_with_response_and_composing, "CreateUserInDb", "LeaksMemory"),
TEST_TWO_TAGS("LIMEv2 send encrypted file", group_chat_lime_v2_send_encrypted_file, "CreateUserInDb", "LeaksMemory"),
TEST_TWO_TAGS("LIMEv2 send encrypted file + text", group_chat_lime_v2_send_encrypted_file_plus_text, "CreateUserInDb", "LeaksMemory"),
TEST_TWO_TAGS("LIMEv2 ZRTP verification", group_chat_lime_v2_with_zrtp_verification, "CreateUserInDb", "LeaksMemory"),
TEST_TWO_TAGS("LIMEv2 chatroom security level upgrade", group_chat_lime_v2_chatroom_security_level_upgrade, "CreateUserInDb", "LeaksMemory"),
TEST_TWO_TAGS("LIMEv2 chatroom security level downgrade adding participant", group_chat_lime_v2_chatroom_security_level_downgrade_adding_participant, "CreateUserInDb", "LeaksMemory"),
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment