E2EE warning messages have no context #2

New Issue

Closed

opened 2021-07-29 01:05:16 +00:00 by phryk · 1 comment

phryk commented 2021-07-29 01:05:16 +00:00

Owner

Copy Link

Currently, users only get a static string as message from the special JID of just the domain (i.e the service) when not using E2EE.

Error messages that are injected into a conversation are a thing but not implemented in all clients.

Zash says this is used something like

util.stanza.error_reply(
	util.stanza.message({
		type="chat"
		to="user@example"
	}),
	"cancel",
	"policy-violation",
	"Y U NO ENCRYPT",
	"myserver.local"
)

error_reply is defined in util.stanza.

• error type for "optional" policy should be continue
• error type for "required" policy should be cancel

Also implement fallback behavior – basically the current behavior but replace string "<jid>" in the warning message string with recipient JID (should work fine with direct messages and MUCs)

Currently, users only get a static string as message from the special JID of just the domain (i.e the service) when not using E2EE. Error messages that are injected into a conversation are a thing but not implemented in all clients. Zash says this is used something like ```lua util.stanza.error_reply( util.stanza.message({ type="chat" to="user@example" }), "cancel", "policy-violation", "Y U NO ENCRYPT", "myserver.local" ) ``` `error_reply` is defined in `util.stanza`. * error type for "optional" policy should be `continue` * error type for "required" policy should be `cancel` Also implement fallback behavior – basically the current behavior but replace string "\<jid\>" in the warning message string with recipient JID (should work fine with direct messages and MUCs)

phryk referenced this issue 2021-07-29 01:45:56 +00:00

Add option to define acceptable E2EE schemes #3

phryk commented 2021-08-01 23:39:35 +00:00

Author

Owner

Copy Link

util.stanza.error_reply was already used for required policy, but is apparently not supported by many clients (at least not by dino).

cad3bef48e fixes the issue partially by adding e2e_policy_warn_mechanism, but the fallback solution still has to be
implemented because we currently can't deploy with it set to error and so have to inject context into the message content.

`util.stanza.error_reply` was already used for `required` policy, but is apparently not supported by many clients (at least not by dino). cad3bef48e93c54d3a258c7bec48e3734c42a416 fixes the issue partially by adding `e2e_policy_warn_mechanism`, but the fallback solution still has to be implemented because we currently can't deploy with it set to `error` and so have to inject context into the message content.

phryk referenced this issue from a commit 2021-08-03 15:06:55 +00:00

added substitution of {recipient} for the receiving JID for warning messages. this resolves #2

phryk closed this issue 2021-08-03 15:06:55 +00:00

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

No results found.

Labels

Clear labels

No items

No Label

Milestone

Clear milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

No Assignees

1 Participants

Notifications

Subscribe

Due Date

The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: phryk-evil-mad-sciences-llc/mod_e2e_policy#2

No description provided.