From cda645677635758cc0f884151bf0a21b2327f044 Mon Sep 17 00:00:00 2001
From: Christian Schneppe <christian@pix-art.de>
Date: Sat, 4 Mar 2017 12:23:44 +0100
Subject: make x509 verification node world readable

---
 .../messenger/crypto/axolotl/AxolotlService.java   | 21 ++++++++--
 .../de/pixart/messenger/generator/IqGenerator.java | 19 +++++++++
 .../messenger/services/XmppConnectionService.java  | 49 +++++++++++++++++-----
 .../messenger/ui/ConferenceDetailsActivity.java    |  2 +-
 .../java/de/pixart/messenger/xmpp/forms/Data.java  | 11 +++++
 5 files changed, 87 insertions(+), 15 deletions(-)

(limited to 'src/main/java/de/pixart')

diff --git a/src/main/java/de/pixart/messenger/crypto/axolotl/AxolotlService.java b/src/main/java/de/pixart/messenger/crypto/axolotl/AxolotlService.java
index a5aa06284..a5ed758c3 100644
--- a/src/main/java/de/pixart/messenger/crypto/axolotl/AxolotlService.java
+++ b/src/main/java/de/pixart/messenger/crypto/axolotl/AxolotlService.java
@@ -530,8 +530,23 @@ public class AxolotlService implements OnAdvancedStreamFeaturesLoaded {
             Log.d(Config.LOGTAG, AxolotlService.getLogprefix(account) + ": publish verification for device " + getOwnDeviceId());
             mXmppConnectionService.sendIqPacket(account, packet, new OnIqPacketReceived() {
                 @Override
-                public void onIqPacketReceived(Account account, IqPacket packet) {
-                    publishDeviceBundle(signedPreKeyRecord, preKeyRecords, announceAfter, wipe);
+                public void onIqPacketReceived(final Account account, IqPacket packet) {
+                    String node = AxolotlService.PEP_VERIFICATION + ":" + getOwnDeviceId();
+                    Bundle pubsubOptions = new Bundle();
+                    pubsubOptions.putString("pubsub#access_model", "open");
+                    mXmppConnectionService.pushNodeConfiguration(account, account.getJid().toBareJid(), node, pubsubOptions, new XmppConnectionService.OnConfigurationPushed() {
+                        @Override
+                        public void onPushSucceeded() {
+                            Log.d(Config.LOGTAG, getLogprefix(account) + "configured verification node to be world readable");
+                            publishDeviceBundle(signedPreKeyRecord, preKeyRecords, announceAfter, wipe);
+                        }
+
+                        @Override
+                        public void onPushFailed() {
+                            Log.d(Config.LOGTAG, getLogprefix(account) + "unable to set access model on verification node");
+                            publishDeviceBundle(signedPreKeyRecord, preKeyRecords, announceAfter, wipe);
+                        }
+                    });
                 }
             });
         } catch (Exception e) {
@@ -658,7 +673,7 @@ public class AxolotlService implements OnAdvancedStreamFeaturesLoaded {
         IqPacket publish = mXmppConnectionService.getIqGenerator().publishBundles(
                 signedPreKeyRecord, axolotlStore.getIdentityKeyPair().getPublicKey(),
                 preKeyRecords, getOwnDeviceId());
-        Log.d(Config.LOGTAG, AxolotlService.getLogprefix(account) + ": Bundle " + getOwnDeviceId() + " in PEP not current. Publishing: " + publish);
+        Log.d(Config.LOGTAG, AxolotlService.getLogprefix(account) + ": Bundle " + getOwnDeviceId() + " in PEP not current. Publishing...");
         mXmppConnectionService.sendIqPacket(account, publish, new OnIqPacketReceived() {
             @Override
             public void onIqPacketReceived(Account account, IqPacket packet) {
diff --git a/src/main/java/de/pixart/messenger/generator/IqGenerator.java b/src/main/java/de/pixart/messenger/generator/IqGenerator.java
index 42b6a0dd8..f93e3e071 100644
--- a/src/main/java/de/pixart/messenger/generator/IqGenerator.java
+++ b/src/main/java/de/pixart/messenger/generator/IqGenerator.java
@@ -397,4 +397,23 @@ public class IqGenerator extends AbstractGenerator {
         options.putString("muc#roomconfig_whois", "anyone");
         return options;
     }
+
+    public IqPacket requestPubsubConfiguration(Jid jid, String node) {
+        return pubsubConfiguration(jid, node, null);
+    }
+
+    public IqPacket publishPubsubConfiguration(Jid jid, String node, Data data) {
+        return pubsubConfiguration(jid, node, data);
+    }
+
+    private IqPacket pubsubConfiguration(Jid jid, String node, Data data) {
+        IqPacket packet = new IqPacket(data == null ? IqPacket.TYPE.GET : IqPacket.TYPE.SET);
+        packet.setTo(jid);
+        Element pubsub = packet.addChild("pubsub", "http://jabber.org/protocol/pubsub#owner");
+        Element configure = pubsub.addChild("configure").setAttribute("node", node);
+        if (data != null) {
+            configure.addChild(data);
+        }
+        return packet;
+    }
 }
diff --git a/src/main/java/de/pixart/messenger/services/XmppConnectionService.java b/src/main/java/de/pixart/messenger/services/XmppConnectionService.java
index 3fa4f9d4c..931ccf06e 100644
--- a/src/main/java/de/pixart/messenger/services/XmppConnectionService.java
+++ b/src/main/java/de/pixart/messenger/services/XmppConnectionService.java
@@ -1906,9 +1906,10 @@ public class XmppConnectionService extends Service {
     }
 
     public void updateKeyInAccount(final Account account, final String alias) {
-        Log.d(Config.LOGTAG, "update key in account " + alias);
+        Log.d(Config.LOGTAG, account.getJid().toBareJid() + ": update key in account " + alias);
         try {
             X509Certificate[] chain = KeyChain.getCertificateChain(XmppConnectionService.this, alias);
+            Log.d(Config.LOGTAG, account.getJid().toBareJid() + " loaded certificate chain");
             Pair<Jid, String> info = CryptoHelper.extractJidAndName(chain[0]);
             if (account.getJid().toBareJid().equals(info.first)) {
                 account.setPrivateKeyAlias(alias);
@@ -1916,7 +1917,7 @@ public class XmppConnectionService extends Service {
                 databaseBackend.updateAccount(account);
                 if (Config.X509_VERIFICATION) {
                     try {
-                        getMemorizingTrustManager().getNonInteractive(account.getJid().getDomainpart()).checkClientTrusted(chain, "RSA");
+                        getMemorizingTrustManager().getNonInteractive().checkClientTrusted(chain, "RSA");
                     } catch (CertificateException e) {
                         showErrorToastInUi(R.string.certificate_chain_is_not_trusted);
                     }
@@ -2529,7 +2530,7 @@ public class XmppConnectionService extends Service {
                 joinMuc(conversation, new OnConferenceJoined() {
                     @Override
                     public void onConferenceJoined(final Conversation conversation) {
-                        pushConferenceConfiguration(conversation, IqGenerator.defaultRoomConfiguration(), new OnConferenceOptionsPushed() {
+                        pushConferenceConfiguration(conversation, IqGenerator.defaultRoomConfiguration(), new OnConfigurationPushed() {
                             @Override
                             public void onPushSucceeded() {
                                 if (subject != null && !subject.trim().isEmpty()) {
@@ -2613,7 +2614,38 @@ public class XmppConnectionService extends Service {
         });
     }
 
-    public void pushConferenceConfiguration(final Conversation conversation, final Bundle options, final OnConferenceOptionsPushed callback) {
+    public void pushNodeConfiguration(Account account, final Jid jid, final String node, final Bundle options, final OnConfigurationPushed callback) {
+        sendIqPacket(account, mIqGenerator.requestPubsubConfiguration(jid, node), new OnIqPacketReceived() {
+            @Override
+            public void onIqPacketReceived(Account account, IqPacket packet) {
+                if (packet.getType() == IqPacket.TYPE.RESULT) {
+                    Element pubsub = packet.findChild("pubsub", "http://jabber.org/protocol/pubsub#owner");
+                    Element configuration = pubsub == null ? null : pubsub.findChild("configure");
+                    Element x = configuration == null ? null : configuration.findChild("x", "jabber:x:data");
+                    if (x != null) {
+                        Data data = Data.parse(x);
+                        data.submit(options);
+                        sendIqPacket(account, mIqGenerator.publishPubsubConfiguration(jid, node, data), new OnIqPacketReceived() {
+                            @Override
+                            public void onIqPacketReceived(Account account, IqPacket packet) {
+                                if (packet.getType() == IqPacket.TYPE.RESULT) {
+                                    callback.onPushSucceeded();
+                                } else {
+                                    Log.d(Config.LOGTAG, packet.toString());
+                                }
+                            }
+                        });
+                    } else {
+                        callback.onPushFailed();
+                    }
+                } else {
+                    callback.onPushFailed();
+                }
+            }
+        });
+    }
+
+    public void pushConferenceConfiguration(final Conversation conversation, final Bundle options, final OnConfigurationPushed callback) {
         IqPacket request = new IqPacket(IqPacket.TYPE.GET);
         request.setTo(conversation.getJid().toBareJid());
         request.query("http://jabber.org/protocol/muc#owner");
@@ -2622,12 +2654,7 @@ public class XmppConnectionService extends Service {
             public void onIqPacketReceived(Account account, IqPacket packet) {
                 if (packet.getType() == IqPacket.TYPE.RESULT) {
                     Data data = Data.parse(packet.query().findChild("x", "jabber:x:data"));
-                    for (Field field : data.getFields()) {
-                        if (options.containsKey(field.getFieldName())) {
-                            field.setValue(options.getString(field.getFieldName()));
-                        }
-                    }
-                    data.submit();
+                    data.submit(options);
                     IqPacket set = new IqPacket(IqPacket.TYPE.SET);
                     set.setTo(conversation.getJid().toBareJid());
                     set.query("http://jabber.org/protocol/muc#owner").addChild(data);
@@ -4045,7 +4072,7 @@ public class XmppConnectionService extends Service {
         void onConferenceJoined(Conversation conversation);
     }
 
-    public interface OnConferenceOptionsPushed {
+    public interface OnConfigurationPushed {
         void onPushSucceeded();
 
         void onPushFailed();
diff --git a/src/main/java/de/pixart/messenger/ui/ConferenceDetailsActivity.java b/src/main/java/de/pixart/messenger/ui/ConferenceDetailsActivity.java
index 15e78d262..c861f64d5 100644
--- a/src/main/java/de/pixart/messenger/ui/ConferenceDetailsActivity.java
+++ b/src/main/java/de/pixart/messenger/ui/ConferenceDetailsActivity.java
@@ -40,7 +40,7 @@ import de.pixart.messenger.services.XmppConnectionService.OnConversationUpdate;
 import de.pixart.messenger.services.XmppConnectionService.OnMucRosterUpdate;
 import de.pixart.messenger.xmpp.jid.Jid;
 
-public class ConferenceDetailsActivity extends XmppActivity implements OnConversationUpdate, OnMucRosterUpdate, XmppConnectionService.OnAffiliationChanged, XmppConnectionService.OnRoleChanged, XmppConnectionService.OnConferenceOptionsPushed {
+public class ConferenceDetailsActivity extends XmppActivity implements OnConversationUpdate, OnMucRosterUpdate, XmppConnectionService.OnAffiliationChanged, XmppConnectionService.OnRoleChanged, XmppConnectionService.OnConfigurationPushed {
     public static final String ACTION_VIEW_MUC = "view_muc";
     private static final float INACTIVE_ALPHA = 0.4684f; //compromise between dark and light theme
     private Conversation mConversation;
diff --git a/src/main/java/de/pixart/messenger/xmpp/forms/Data.java b/src/main/java/de/pixart/messenger/xmpp/forms/Data.java
index f92e468e5..c2653a5e9 100644
--- a/src/main/java/de/pixart/messenger/xmpp/forms/Data.java
+++ b/src/main/java/de/pixart/messenger/xmpp/forms/Data.java
@@ -1,5 +1,7 @@
 package de.pixart.messenger.xmpp.forms;
 
+import android.os.Bundle;
+
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.Iterator;
@@ -55,6 +57,15 @@ public class Data extends Element {
         field.setValues(values);
     }
 
+    public void submit(Bundle options) {
+        for (Field field : getFields()) {
+            if (options.containsKey(field.getFieldName())) {
+                field.setValue(options.getString(field.getFieldName()));
+            }
+        }
+        submit();
+    }
+
     public void submit() {
         this.setAttribute("type", "submit");
         removeUnnecessaryChildren();
-- 
cgit v1.2.3