otrv4 / pidgin-otrng Goto Github PK

Fork of https://bugs.otr.im/plugins/pidgin-otr. This is a mirror of https://bugs.otr.im/otrv4/pidgin-otrng

License: GNU General Public License v2.0

Makefile 0.81% M4 1.62% C 89.35% PHP 4.88% CSS 0.71% Shell 0.66% NSIS 1.97%

pidgin-otrng's Introduction

OTRv4

Disclaimer

This protocol specification is a draft. It's currently under constant revision
by its team members or by its reviewers: Nik Unger or Ian Goldberg.

This is the protocol specification for Off-the-Record Messaging Protocol version 4.

Funding

The work made hare was partially supported by the NlNet Foundation. Find information here.

Licensing and Use

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

The OTR team does not review implementations or specify which ones are compliant are not. Software implementers are free to implement this specification in any way they choose - under limitations of software licenses if using existing software.

pidgin-otrng's People

Contributors

Stargazers

Watchers

Forkers

fossabot varac pedropalau sshyran c4pt000

pidgin-otrng's Issues

User test the plugin

For the moment we need to:

Define which users will we test with
Recruit these (5) users to test
Map the hypothesis we want to validate with them
Develop an script for the interviews

Following steps are:

Apply the interviews and collect feedback
Analyse results and share points of improvement
Implement improvements

Allow config view and generate of long-term public keys for v4 and v3 independently

See issue otrv4/libotr-ng#26 of libotr-ng.

Communicate over the UI the fingerprints

How should we communicate the fingerprints? See issue otrv4/libotr-ng#27 of libtro-ng

Decide how to implement polices and modes

See issues otrv4/libotr-ng#66 and otrv4/libotr-ng#14 of libotr-ng.

Interact with a prekey server

Check how errors are shown

Check the text shown to the user.

When pidgin-otrng plugin is enabled, OTRv3 plugin crashes

Make the offline path discover prekey server

Package for most OS

Clarify logs: pidgin or otr

Read and Write persistent state

We are missing to read/write from/to a file:

Client profile
Prekey profile
Shared prekey
Prekey messages

See: otrng_plugin_init_userstate()

Fingerprint verification not showing the correct information

Fingerprints seem to be correct (obscured in the image); but the account is wrong (it is repeated). See:

Check compatibility with libotr (OTRv3 conversations)

See: otrv4/libotr-ng#32

Implement all OTR3 callbacks on the plugin: create instance tag, create key, etc.

Check SMP

It seems like it is not working.

Evaluate the architecture of the plugin

See issue otrv4/libotr-ng#114 of libotr-ng.

Refactor the code

See issue otrv4/libotr-ng#16 of the libotr-ng library.

Check how the restarting happens after TLV Disconnected

Not clear 2 websites, gitlab, github

Hello,

There are some problems for OTR:

It is possible to redirect the old website (and all pages) to http://otr.im/ and add missing parts if there are?

See for the gitlab "bugs.otr.im".

It will be nice to update the old github and inform to move it.
https://github.com/off-the-record/

Archive too? and redirect?

https://bugs.otr.im/plugins/pidgin-otr

Make the plugin build

Unable to refresh conversations

Test fragmentation is configured by the plugin

Manage the Client Profile

See where it will be published, if the serialization is ok, how it will be published and retrieved.

See issue otrv4/libotr-ng#108 of libotr-ng.

Tasks

Create and publish a client profile if there's none
Create a new client profile and publish after expiration
Update and publish the existing client profile if one of the values changes

Prekey publication message submission sometimes fails

As reported by @olabini , sometimes the prekey publication message MAC is wrong, and the flow fails. I have been unable to reproduce, but it is there :)

Review the OTR text

Add callback to create instance tag

On the library:

Add the callback to 'client_callbacks_s'.
Invoke it from 'maybe_create_keys' and 'op_create_instag'.
Add test

On the plugin

Extract its implementation from 'create_privkey_v4'.
Add test?

Check the interactive path

Correctly see that is working and add everything that needs to.

Check that the callbacks, heartbeat messages, padding, shared session state are working with the plugin.

See otrv4/libotr-ng#117, otrv4/libotr-ng#116,

Warning on plugin

Description

When I compile the plugin on my machine I see the following warnings:

make  all-recursive
make[1]: Entering directory '/home/denis/projects/pidgin-otrng'
Making all in po
make[2]: Entering directory '/home/denis/projects/pidgin-otrng/po'
make[2]: Nothing to be done for 'all'.
make[2]: Leaving directory '/home/denis/projects/pidgin-otrng/po'
Making all in test
make[2]: Entering directory '/home/denis/projects/pidgin-otrng/test'
make[2]: Nothing to be done for 'all'.
make[2]: Leaving directory '/home/denis/projects/pidgin-otrng/test'
make[2]: Entering directory '/home/denis/projects/pidgin-otrng'
  CC       otrng-plugin.lo
  CC       prekey-plugin.lo
  CC       prekey-discovery.lo
  CC       prekey-discovery-jabber.lo
  CC       plugin-all.lo
plugin-all.c: In function ‘smp_update_v4’:
plugin-all.c:1914:5: warning: this statement may fall through [-Wimplicit-fallthrough=]
     otrng_plugin_abort_smp(conv); // fallthrough intended
     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~
plugin-all.c:1915:3: note: here
   case OTRNG_SMP_EVENT_ABORT:
   ^~~~
  CC       ui.lo
  CC       dialogs.lo
  CC       gtk-ui.lo
  CC       gtk-dialog.lo
gtk-dialog.c: In function ‘otr_icon’:
gtk-dialog.c:208:3: warning: ‘gdk_pixbuf_new_from_inline’ is deprecated [-Wdeprecated-declarations]
   pixbuf = gdk_pixbuf_new_from_inline(-1, data, FALSE, NULL);
   ^~~~~~
In file included from /usr/include/gdk-pixbuf-2.0/gdk-pixbuf/gdk-pixbuf.h:34:0,
                 from /usr/include/gtk-2.0/gdk/gdkpixbuf.h:37,
                 from /usr/include/gtk-2.0/gdk/gdkcairo.h:28,
                 from /usr/include/gtk-2.0/gdk/gdk.h:33,
                 from /usr/include/gtk-2.0/gtk/gtk.h:32,
                 from gtk-dialog.c:28:
/usr/include/gdk-pixbuf-2.0/gdk-pixbuf/gdk-pixbuf-core.h:362:12: note: declared here
 GdkPixbuf* gdk_pixbuf_new_from_inline (gint          data_length,
            ^~~~~~~~~~~~~~~~~~~~~~~~~~
gtk-dialog.c: In function ‘start_or_continue_smp’:
gtk-dialog.c:316:45: warning: pointer targets in passing argument 2 of ‘otrng_plugin_start_smp’ differ in signedness [-Wpointer-sign]
       otrng_plugin_start_smp(smppair->conv, user_question, 0,
                                             ^~~~~~~~~~~~~
In file included from ./dialogs.h:33:0,
                 from gtk-dialog.h:25,
                 from gtk-dialog.c:65:
./plugin-all.h:105:6: note: expected ‘const unsigned char *’ but argument is of type ‘const char *’
 void otrng_plugin_start_smp(otrng_plugin_conversation *conv,
      ^~~~~~~~~~~~~~~~~~~~~~
gtk-dialog.c:319:45: warning: pointer targets in passing argument 2 of ‘otrng_plugin_start_smp’ differ in signedness [-Wpointer-sign]
       otrng_plugin_start_smp(smppair->conv, user_question,
                                             ^~~~~~~~~~~~~
In file included from ./dialogs.h:33:0,
                 from gtk-dialog.h:25,
                 from gtk-dialog.c:65:
./plugin-all.h:105:6: note: expected ‘const unsigned char *’ but argument is of type ‘const char *’
 void otrng_plugin_start_smp(otrng_plugin_conversation *conv,
      ^~~~~~~~~~~~~~~~~~~~~~
gtk-dialog.c: In function ‘otrng_gtk_dialog_clicked_connect’:
gtk-dialog.c:1829:18: warning: unused variable ‘account’ [-Wunused-variable]
   PurpleAccount *account = purple_conversation_get_account(conv);
                  ^~~~~~~
gtk-dialog.c: In function ‘check_incoming_instance_change’:
gtk-dialog.c:3137:16: warning: variable ‘current_out’ set but not used [-Wunused-but-set-variable]
   ConnContext *current_out = NULL;
                ^~~~~~~~~~~
  CC       tooltipmenu.lo
  CC       otrng-client.lo
  CCLD     pidgin-otrng.la
make[2]: Leaving directory '/home/denis/projects/pidgin-otrng'
make[1]: Leaving directory '/home/denis/projects/pidgin-otrng'

Add a testing infrastructure

Multiple "OTR" menus in the Conversation window

I remember I had done the following:

Started pidgin with pidgin-otrng enabled.
Had a OTRv4 conversation.
Finished the OTRv4 conversation.
Disable pidgin-otrng, enabled pidgin-otr.
Receive a query message from the other participant and started a OTRv3 conversation.

Correctly manage instance tags

Check issue otrv4/libotr-ng#18 of the libotr-ng library.

Keep in mind that as noted by @juniorz , this will make some transitions between otrv4 and otrv3 state machine more easily.

Do not show a smiley face on authentication error

Should show something appropriate:

cc/ @sahrosa

Change buttons on conversation window

Remove the duplicated button in the bottom of the chat, leaving only the status of the private conversation always showing.

Have tests.

The test suite was introduced in fedd7a9 . We should have actual tests now.

Test heartbeats are sent periodically

Should we use the same license of libotr-ng?

Fix some memory leaks

This memory leaks show up:

==23601== 16 bytes in 1 blocks are possibly lost in loss record 3,524 of 16,930
==23601==    at 0x4C2EBAB: malloc (vg_replace_malloc.c:299)
==23601==    by 0x20A28580: otrl_mem_malloc (mem.c:60)
==23601==    by 0x1046CD79: do_malloc (global.c:945)
==23601==    by 0x1046E4E9: _gcry_malloc_secure_core (global.c:979)
==23601==    by 0x1046E4E9: _gcry_xmalloc_secure (global.c:1178)
==23601==    by 0x1046E5C5: _gcry_xcalloc_secure (global.c:1223)
==23601==    by 0x10533982: _gcry_mpi_resize (mpiutil.c:187)
==23601==    by 0x10531586: mpi_fromstr (mpicoder.c:134)
==23601==    by 0x10531586: _gcry_mpi_scan (mpicoder.c:602)
==23601==    by 0x10469D7C: gcry_mpi_scan (visibility.c:357)
==23601==    by 0x21E91584: otrng_dh_init (dh.c:89)
==23601==    by 0x21C5F65B: __otrng_init_plugin (otrng-plugin.c:94)
==23601==    by 0x21C5F6D2: purple_init_plugin (otrng-plugin.c:109)
==23601==    by 0x7E28129: purple_plugin_probe (in /usr/lib64/libpurple.so.0.13.0)


==23601== 240 bytes in 2 blocks are definitely lost in loss record 15,484 of 16,930
==23601==    at 0x4C2EBAB: malloc (vg_replace_malloc.c:299)
==23601==    by 0xAB5E03E: getdelim (in /usr/lib64/libc-2.27.so)
==23601==    by 0x21C61184: protocol_and_account_to_purple_conversation (plugin-all.c:186)
==23601==    by 0x21E967A8: otrng_user_state_private_key_v4_read_FILEp (messaging.c:253)
==23601==    by 0x21C611E7: otrng_plugin_read_private_keys (plugin-all.c:202)
==23601==    by 0x21C658F1: otrng_plugin_init_userstate (plugin-all.c:2026)
==23601==    by 0x21C66014: otrng_plugin_load (plugin-all.c:2249)
==23601==    by 0x7E27592: purple_plugin_load (in /usr/lib64/libpurple.so.0.13.0)
==23601==    by 0x7E28696: purple_plugins_load_saved (in /usr/lib64/libpurple.so.0.13.0)
==23601==    by 0x143832: main (gtkmain.c:852)


==23601== 240 bytes in 2 blocks are definitely lost in loss record 15,485 of 16,930
==23601==    at 0x4C2EBAB: malloc (vg_replace_malloc.c:299)
==23601==    by 0xAB5E03E: getdelim (in /usr/lib64/libc-2.27.so)
==23601==    by 0x21C61184: protocol_and_account_to_purple_conversation (plugin-all.c:186)
==23601==    by 0x21E96830: otrng_user_state_client_profile_read_FILEp (messaging.c:276)
==23601==    by 0x21C6129D: otrng_plugin_read_client_profile (plugin-all.c:212)
==23601==    by 0x21C658FD: otrng_plugin_init_userstate (plugin-all.c:2029)
==23601==    by 0x21C66014: otrng_plugin_load (plugin-all.c:2249)
==23601==    by 0x7E27592: purple_plugin_load (in /usr/lib64/libpurple.so.0.13.0)
==23601==    by 0x7E28696: purple_plugins_load_saved (in /usr/lib64/libpurple.so.0.13.0)
==23601==    by 0x143832: main (gtkmain.c:852)



==23601== 1,012 bytes in 2 blocks are possibly lost in loss record 16,374 of 16,930
==23601==    at 0x4C2EBAB: malloc (vg_replace_malloc.c:299)
==23601==    by 0x20A28580: otrl_mem_malloc (mem.c:60)
==23601==    by 0x1046CD79: do_malloc (global.c:945)
==23601==    by 0x1046D589: _gcry_malloc (global.c:969)
==23601==    by 0x10470B83: _gcry_sexp_find_token (sexp.c:486)
==23601==    by 0x20A23EAB: otrl_privkey_read_FILEp (privkey.c:266)
==23601==    by 0x21E964AF: otrng_user_state_private_key_v3_read_FILEp (messaging.c:144)
==23601==    by 0x21C61200: otrng_plugin_read_private_keys (plugin-all.c:204)
==23601==    by 0x21C658F1: otrng_plugin_init_userstate (plugin-all.c:2026)
==23601==    by 0x21C66014: otrng_plugin_load (plugin-all.c:2249)
==23601==    by 0x7E27592: purple_plugin_load (in /usr/lib64/libpurple.so.0.13.0)
==23601==    by 0x7E28696: purple_plugins_load_saved (in /usr/lib64/libpurple.so.0.13.0)



==23247== 75 (32 direct, 43 indirect) bytes in 1 blocks are definitely lost in loss record 11,977 of 17,344
==23247==    at 0x4C2EBAB: malloc (vg_replace_malloc.c:299)
==23247==    by 0x21C63424: otrng_plugin_conversation_new (plugin-all.c:1029)
==23247==    by 0x21C635C3: purple_conversation_to_plugin_conversation (plugin-all.c:1068)
==23247==    by 0x21C7083F: build_otr_menu (gtk-dialog.c:2114)
==23247==    by 0x21C72ED5: otrng_gtk_dialog_new_purple_conv (gtk-dialog.c:2963)
==23247==    by 0x21C72620: conversation_switched (gtk-dialog.c:2760)
==23247==    by 0x7E3BCF1: purple_signal_emit_vargs (in /usr/lib64/libpurple.so.0.13.0)
==23247==    by 0x7E3BE61: purple_signal_emit (in /usr/lib64/libpurple.so.0.13.0)
==23247==    by 0x995BADC: g_closure_invoke (gclosure.c:804)
==23247==    by 0x996EA3D: signal_emit_unlocked_R (gsignal.c:3705)
==23247==    by 0x9978069: g_signal_emit_valist (gsignal.c:3391)
==23247==    by 0x9978662: g_signal_emit (gsignal.c:3447)



==23247== 96 bytes in 6 blocks are possibly lost in loss record 14,761 of 17,344
==23247==    at 0x997EE83: g_type_create_instance (gtype.c:1845)
==23247==    by 0x99616C7: g_object_new_internal (gobject.c:1799)
==23247==    by 0x9962E14: g_object_new_with_properties (gobject.c:1967)
==23247==    by 0x99639D0: g_object_new (gobject.c:1639)
==23247==    by 0x21C73CE2: tooltip_menu_init (tooltipmenu.c:139)
==23247==    by 0x997EF39: g_type_create_instance (gtype.c:1866)
==23247==    by 0x99616C7: g_object_new_internal (gobject.c:1799)
==23247==    by 0x9962E14: g_object_new_with_properties (gobject.c:1967)
==23247==    by 0x99639D0: g_object_new (gobject.c:1639)
==23247==    by 0x21C73DF7: tooltip_menu_new (tooltipmenu.c:172)
==23247==    by 0x21C71FF1: otr_add_buddy_top_menu (gtk-dialog.c:2595)
==23247==    by 0x21C723D4: otr_add_buddy_top_menus (gtk-dialog.c:2697)



==23247== 184 (88 direct, 96 indirect) bytes in 1 blocks are definitely lost in loss record 15,861 of 17,344
==23247==    at 0x4C2EBAB: malloc (vg_replace_malloc.c:299)
==23247==    by 0x9BF03C5: g_malloc (gmem.c:99)
==23247==    by 0x9C07FF6: g_slice_alloc (gslice.c:1025)
==23247==    by 0x9BD89E1: g_hash_table_new_full (ghash.c:717)
==23247==    by 0x21C612F5: otrng_plugin_fingerprint_store_create (plugin-all.c:218)
==23247==    by 0x21C65907: otrng_plugin_init_userstate (plugin-all.c:2032)
==23247==    by 0x21C66014: otrng_plugin_load (plugin-all.c:2249)
==23247==    by 0x7E27592: purple_plugin_load (in /usr/lib64/libpurple.so.0.13.0)
==23247==    by 0x7E28696: purple_plugins_load_saved (in /usr/lib64/libpurple.so.0.13.0)
==23247==    by 0x143832: main (gtkmain.c:852)

==23247== 384 bytes in 6 blocks are possibly lost in loss record 16,436 of 17,344
==23247==    at 0x4C2EBAB: malloc (vg_replace_malloc.c:299)
==23247==    by 0x9BF03C5: g_malloc (gmem.c:99)
==23247==    by 0x9C09D6F: g_memdup (gstrfuncs.c:391)
==23247==    by 0x9BD8334: g_hash_table_insert_node (ghash.c:970)
==23247==    by 0x9BD893C: g_hash_table_insert_internal (ghash.c:1235)
==23247==    by 0x5EA7268: gtk_tooltips_set_tip (gtktooltips.c:270)
==23247==    by 0x21C7422D: tooltip_menu_set_tooltip (tooltipmenu.c:231)
==23247==    by 0x21C7406F: tooltip_menu_add (tooltipmenu.c:193)
==23247==    by 0x21C74196: tooltip_menu_prepend (tooltipmenu.c:209)
==23247==    by 0x21C720C9: otr_add_buddy_top_menu (gtk-dialog.c:2603)
==23247==    by 0x21C723D4: otr_add_buddy_top_menus (gtk-dialog.c:2697)
==23247==    by 0x21C6E400: dialog_update_label_conv (gtk-dialog.c:1299)

==23247== 672 (304 direct, 368 indirect) bytes in 1 blocks are definitely lost in loss record 16,693 of 17,344
==23247==    at 0x997EE17: g_type_create_instance (gtype.c:1845)
==23247==    by 0x99616C7: g_object_new_internal (gobject.c:1799)
==23247==    by 0x9962E14: g_object_new_with_properties (gobject.c:1967)
==23247==    by 0x99639D0: g_object_new (gobject.c:1639)
==23247==    by 0x21C72E3D: otrng_gtk_dialog_new_purple_conv (gtk-dialog.c:2956)
==23247==    by 0x21C72620: conversation_switched (gtk-dialog.c:2760)
==23247==    by 0x7E3BCF1: purple_signal_emit_vargs (in /usr/lib64/libpurple.so.0.13.0)
==23247==    by 0x7E3BE61: purple_signal_emit (in /usr/lib64/libpurple.so.0.13.0)
==23247==    by 0x995BADC: g_closure_invoke (gclosure.c:804)
==23247==    by 0x996EA3D: signal_emit_unlocked_R (gsignal.c:3705)
==23247==    by 0x9978069: g_signal_emit_valist (gsignal.c:3391)
==23247==    by 0x9978662: g_signal_emit (gsignal.c:3447)

Revise design of configuration panel

If there's a fingerprint for v3 and v4, show another column so we can have both fingerprints side by
Remove the option for 'hiding the OTR button' in the chat.

Add help windows

With the context of the help folder.

Static compilation does not work

It fails with:

$ make -f Makefile.static LIBOTRDIR=/usr/lib/x86_64-linux-gnu/ LIBGCRYPTDIR=/usr/lib/x86_64-linux-gnu/ LIBOTRNGDIR=/usr/local/lib/
[...]
ld -r  .libs/otrng-plugin.o \
        .libs/plugin-all.o \
        .libs/ui.o \
        .libs/dialogs.o \
        .libs/gtk-ui.o \
        .libs/gtk-dialog.o \
        .libs/tooltipmenu.o \
        .libs/otrng-client.o \
        /usr/lib/x86_64-linux-gnu//libotr.a \
        /usr/lib/libotr-ng.a \
        /usr/lib/x86_64-linux-gnu/libgcrypt.a \
        /usr/lib/x86_64-linux-gnu/libgpg-error.a \
        -o .libs/pidgin-otr-shared.o
# Make all the libgcrypt references local to that .o file
objcopy -w -L '*gcry*' .libs/pidgin-otr-shared.o \
        .libs/pidgin-otr-static.o
# Turn the .o into a .so
gcc -shared .libs/pidgin-otr-static.o -Wl,-soname -Wl,pidgin-otr.so \
        -o .libs/pidgin-otr.so
/usr/bin/x86_64-linux-gnu-ld: .libs/pidgin-otr-static.o: relocation R_X86_64_32S against `.rodata.cst4' can not be used when making a shared object; recompile with -fPIC
/usr/bin/x86_64-linux-gnu-ld: final link failed: Nonrepresentable section on output
collect2: error: ld returned 1 exit status
Makefile.static:8: recipe for target '.libs/pidgin-otrng.so' failed
make: *** [.libs/pidgin-otrng.so] Error 1

We should use libtool to build both the static and dynamic library.

How should we communicate v3 + v4 long-term keys (and fingerprints) to the user?

Question from @juniorz : The OTRv4 long-term (public) key is published together with a user profile that's signed with the OTRv3 long-term (private) key.

Can we make use of this and simplify the UI? Can we omit OTRv4 fingerprint when there's a profile signed by a trusted OTRv3 key?

@olabini : No, I don't think we should omit the OTRv4 fingerprint, since then we reduce the security of the connection to the security of the OTRv3 key - and the whole point of updating to modern algorithms and sizes is that the old OTRv3 signing is not strong enough anymore.

Communicating when there are no prekey ensembles and the offline conversation cannot be started.
Communicating the security properties of online and offline conversations.

Turning off OTR for a peer causes bad behavior

If you inside of Pidgin says that OTR is turned off for ONE peer, you get weird behavior, primarily that someone starting an OTR conversation from the other side, still seems able to do it.

Manage the Prekey Profile