Commit 72ddd774 authored by Matthieu Tanon's avatar Matthieu Tanon

Add allow_message_in_unsafe_chatroom behaviour parameter in config

parent 1f3b7ab7
......@@ -143,29 +143,33 @@ ChatMessageModifier::Result LimeV2::processOutgoingMessage (const shared_ptr<Cha
int nbDevice = 0;
const list<shared_ptr<ParticipantDevice>> devices = participant->getPrivate()->getDevices();
for (const shared_ptr<ParticipantDevice> &device : devices) {
nbDevice++;
recipients->emplace_back(device->getAddress().asString());
nbDevice++;
}
if (nbDevice > maxNbDevicePerParticipant) tooManyDevices = TRUE;
}
// Add potential other devices of the sender
// Add potential other devices of the sender participant
int nbDevice = 0;
const list<shared_ptr<ParticipantDevice>> senderDevices = chatRoom->getMe()->getPrivate()->getDevices();
for (const auto &senderDevice : senderDevices) {
if (senderDevice->getAddress() != chatRoom->getLocalAddress()) {
recipients->emplace_back(senderDevice->getAddress().asString());
tooManyDevices = TRUE;
nbDevice++;
}
}
// Check PeerDeviceStatus of message recipients before encrypting the message
for (const auto &recipient : *recipients) {
if (belleSipLimeManager->get_peerDeviceStatus(recipient.deviceId) == lime::PeerDeviceStatus::unsafe) {
lWarning() << "Sending encrypted message to a chatroom with unsafe participant devices" << endl;
if (nbDevice > maxNbDevicePerParticipant) tooManyDevices = TRUE;
// Refuse message in unsafe chatroom if not allowed
if (linphone_config_get_int(linphone_core_get_config(chatRoom->getCore()->getCCore()), "lime", "allow_message_in_unsafe_chatroom", 0) == 0) {
for (const auto &recipient : *recipients) {
if (belleSipLimeManager->get_peerDeviceStatus(recipient.deviceId) == lime::PeerDeviceStatus::unsafe) {
lWarning() << "Sending encrypted message to a chatroom with unsafe participant devices" << endl;
return ChatMessageModifier::Result::Error;
}
}
}
// TODO add policies to adapt behaviour when multiple devices
if (tooManyDevices) {
// If too many devices for a participant, throw a local security alert event
lWarning() << "Sending encrypted message to multidevice participant, message rejected";
......
......@@ -7,6 +7,7 @@ x3dh_server_url=http://x3dh.linphone.org/flexisip-account-manager/x3dh-25519.php
x3dh_db_path=chloe.x3dh.sqlite3
lime_update_threshold=86400
max_nb_device_per_participant=1
allow_message_in_unsafe_chatroom=0
[sip]
sip_port=-1
......
......@@ -7,6 +7,7 @@ x3dh_server_url=http://x3dh.linphone.org/flexisip-account-manager/x3dh-25519.php
x3dh_db_path=laure.x3dh.sqlite3
lime_update_threshold=86400
max_nb_device_per_participant=1
allow_message_in_unsafe_chatroom=0
[sip]
sip_port=-1
......
......@@ -9,6 +9,7 @@ x3dh_server_url=http://x3dh.linphone.org/flexisip-account-manager/x3dh-25519.php
x3dh_db_path=marie.x3dh.sqlite3
lime_update_threshold=86400
max_nb_device_per_participant=1
allow_message_in_unsafe_chatroom=0
[sip]
sip_port=-1
......
......@@ -7,6 +7,7 @@ x3dh_server_url=http://x3dh.linphone.org/flexisip-account-manager/x3dh-25519.php
x3dh_db_path=pauline.x3dh.sqlite3
lime_update_threshold=86400
max_nb_device_per_participant=1
allow_message_in_unsafe_chatroom=0
[sip]
sip_port=-1
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment