phryk-evil-mad-sciences-llc/mod_e2e_policy
1
0
Fork 0
Code Issues 5 Pull Requests Projects Releases Wiki Activity

"required" policy restricts E2EE warnings from arriving #1

New Issue
Closed
opened 2021-07-29 00:39:31 +00:00 by phryk · 1 comment
phryk commented 2021-07-29 00:39:31 +00:00
Owner
Copy Link

By default, when using the "required" policy, messages from the system (i.e. the used VirtualHost) about lack of E2EE seem to be blocked by the policy.

This should be fixable by automatically prepending the used VirtualHost to the whitelist in warn_on_plaintext_messages.

By default, when using the "required" policy, messages from the system (i.e. the used VirtualHost) about lack of E2EE seem to be blocked by the policy. This should be fixable by automatically prepending the used VirtualHost to the whitelist in `warn_on_plaintext_messages`.
phryk commented 2021-08-01 23:33:53 +00:00
Author
Owner
Copy Link

Turns out, this wasn't the problem.

Previously, mod_e2e_policy used normal messages from the server JID for warnings when using the optional policy, but used <message type="error"… when using the required policy. Turns out dino doesn't handle the latter at all, so the problem was only client-side. Works fine in Gajim, tho messages are only shown as tooltip.

Came up with an acceptable fix:

Added module option e2e_policy_warn_mechanism to choose whether to use normal or error messages for both policy values (making behavior more consistent, which will reduce confusion when resolving #5).

The previously assumed fix was also implemented and is used if normal messages are chosen to avoid this fix introducing the bug we originally thought we had.

Turns out, this wasn't the problem. Previously, `mod_e2e_policy` used normal messages from the server JID for warnings when using the `optional` policy, but used `<message type="error"…` when using the `required` policy. Turns out dino doesn't handle the latter *at all*, so the problem was only client-side. Works fine in Gajim, tho messages are only shown as tooltip. Came up with an acceptable fix: Added module option `e2e_policy_warn_mechanism` to choose whether to use *normal* or *error* messages for *both* policy values (making behavior more consistent, which will reduce confusion when resolving #5). The previously assumed fix was also implemented and is used if normal messages are chosen to avoid this fix introducing the bug we originally thought we had.
phryk closed this issue 2021-08-01 23:33:53 +00:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
No items
No Label
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: phryk-evil-mad-sciences-llc/mod_e2e_policy#1
No description provided.
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?