Implementation in Gabble:
+ /* FIXME: There should be no sender for a notification, but setting handle to
+ * 0 makes empathy crash atm. */
+ tp_message_mixin_take_received (G_OBJECT (self),
+ tp_cm_message_new_text (base_conn,
+ tp_base_channel_get_target_handle (base_chan),
+ TP_CHANNEL_TEXT_MESSAGE_TYPE_NOTICE, text));
Is this a message from the OTR library, something like "*** Verified
peer fingerprint: b...@example.com ***"?
I think using the target handle for this is OK semantically.
However, I suspect remote users can spoof this by sending their own
NOTICE. Messages coming from the OTR library should have a distinctive
message header that an OTR-literate UI can take as evidence that they
were locally-generated.
Ideally, that distinctive message header should be a machine-readable
version of the message, so OTR-literate UIs (Empathy) can discard the
untranslated version from Gabble and display something translated. We've
always had a policy of putting UI strings and their translations in the
UIs, not the CMs.
+ return g_variant_new ("(s@ay)", display_fp,
+ g_variant_new_fixed_array (G_VARIANT_TYPE_BYTE, fp_raw, 20,
...
+ guchar our_fp_raw[20];
The magic number 20 makes me nervous. Isn't there a constant for "length
of a raw OTR fingerprint in bytes" in libotr?
If there really isn't, #define'ing our own would be better than nothing.
+static void
+otr_inject_message (void *opdata,
+ const gchar *accountname,
+ const gchar *protocol,
+ const gchar *recipient,
+ const gchar *message)
+{
+ inject_message (opdata, message);
+}
Is @message text/plain or text/html? Telepathy can only do text/plain at
the moment, so if it's text/html, we need to strip tags, then unescape
entities (&stuff;).
+static gint
+otr_max_message_size (void *opdata,
+ ConnContext *context)
+{
+ return 0;
+}
We should probably give some guess at what's generally interoperable.
+ msg = otrl_proto_default_query_msg (get_self_id (self),
OTRL_POLICY_DEFAULT);
Do we need to update what otr_policy() would return here, too?
+ bus_name = g_strconcat (tp_base_connection_get_bus_name (base_conn),
+ ".OTR", NULL);
I suppose this isn't *so* bad, but the spec should tell the API user
where to find this name.
+ content = wocky_node_get_content_from_child (node, "body");
+
+ err = otrl_message_sending (userstate, ui_ops_p, self,
+ get_self_id (self), "xmpp", get_target_id (self),
+ priv->instag, content, NULL, &new_content,
+ OTRL_FRAGMENT_SEND_ALL_BUT_LAST, NULL,
+ NULL, NULL);
Does otrl_message_sending() expect @content to be text/plain or
text/html? If it expects text/html, we need to escape special characters
with g_markup_escape_text().
Similarly, is @new_content text/plain or text/html? If text/html, we
need to strip tags and unescape entities.
+gchar *
+gabble_im_channel_otr_receiving (GabbleIMChannel *self,
+ const gchar *content)
Same here.
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to empathy in Ubuntu.
https://bugs.launchpad.net/bugs/296867
Title:
empathy needs to support OTR encryption
Status in Chat app, and Telepathy user interface:
Confirmed
Status in One Hundred Papercuts:
Invalid
Status in Telepathy framework - library:
Confirmed
Status in “empathy” package in Ubuntu:
Triaged
Status in “libtelepathy” package in Ubuntu:
Confirmed
Status in “empathy” package in Fedora:
Won't Fix
Bug description:
Binary package hint: empathy
Hello,
I just tried empathy (the Intrepid version) and it looked very solid and
stable. There were a few minor things that could be improved (e.g.
automatically resizing the contact list), but that is not the topic here.
The reason why I won't switch to empathy from pidgin is the missing OTR
support (http://www.cypherpunks.ca/otr/ ). This is a really important feature
because no one should read your messages.
There were others with the same idea (links at the bottom).
Would be so great if it could support that important encryption standard.
Thanks for helping out!
Links:
https://bugs.launchpad.net/ubuntu/+source/empathy/+bug/253452/comments/2
http://lists.cypherpunks.ca/pipermail/otr-users/2008-September/001479.html
http://bugs.freedesktop.org/show_bug.cgi?id=16891
To manage notifications about this bug go to:
https://bugs.launchpad.net/empathy/+bug/296867/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
