Add support for XEP-0454 OMEMO Media sharing #1182
Comments
|
It's not clear to me what the problem is here... is this due to an OOB URL not being encrypted? |
|
I do not know, if the url is encrypted also - the file/image is encrypted with omemo/aes: You have to download the files by just replace Here is the implementation in gajim/python: Hope it helps a little bit. |
|
Thanks for the info, I'll look into it. |
|
Without this OMEMO is really crippled to just text messages. The OMEMO HTTP-upload is covered in https://xmpp.org/extensions/inbox/omemo-media-sharing.html :
|
|
I think this may be a security issue... if the lock icon is set to "locked" and OMEMO encryption is enabled, then user goes to attach a file, the file is sent unencrypted. Perhaps file attachments should be disabled during an OMEMO-encrypted chat (or at least heavily warned) until this is fixed ? |
|
does omemo encrypt http upload images or not? redsolution/xabber-android#799 (comment) the xabber developer claims no. |
|
@xmarxthespot the files are encrypted yes |
|
@xmarxthespot more exactly Yes not a XEP yet, but as Xabber devs know (and want for their own developed XEPs) implementations weight a lot, so when you have all the currently developed clients (Conversations, Dino, Gajim, Monal, ChatSecure, etc) use this schema to encrypt the files on the server (for years already) that Xabber dev post is kinda FUD. |
jcbrand
changed the title
|
A quick test and... @jcbrand sent files don't feature a lock icon (!?) @iNPUTmice received files by Conversations look like this (bubble colour as if unencrypted) Stanza from Firefox console: |
|
The aesgcm uri needs to be transmitted as an omemo encrypted message (or
else it would just leak the key)
|
|
Thanks @licaon-kter @iNPUTmice You're right, I assumed it's getting encrypted but didn't double check. I intend to still add tests to catch things like this. I shouldn't have closed this ticket so quickly. |
by re-using `ChatBox.prototype.sendMessage`. updates #1182
|
Thanks for implementing this @jcbrand. I'm seeing successful OMEMO messages from Converse > Conversations however with Conversations > Converse it shows an inbound OMEMO message but instead of showing the media it has the full Debug console shows: I can provide more details, I just wanted to see if anyone else has seen this. |
|
@futurealecks there's no preview yet ( #2554 ) but you should get the file and it should decrypt okay |
|
@futurealecks Might be that the message wasn't encrypted for that device. Can you successfully decrypt other non-media OMEMO messages from the same user? |
|
It looks like my previous issue was a key issue and that has been resolved. However, sending media from Conversations > Converse shows an encrypted message: "Download file "filename.jpg" It comes in as a link but nothing happens when you click the link. There is also no information in Debug. In Elements, I see:
It seems to be Downloading the file but it doesn't exist on the machine. |
|
@futurealecks Did you see #2554 (comment) ? How is your CORS setup? Can you try without? |
|
@licaon-kter, this is our CORS setup: As for turning it off, I'm not sure what that would do. We are not seeing any errors related to permissions. I would think if it was permissions it may look something like " |
|
What does the console say in debug mode when you click a link? |
|
Strangely nothing. It's a link that you can however and click but it doesn't post a single log message to the console. Not very helpful huh.
|
|
No, I meant this debug: https://m.conversejs.org/docs/html/configuration.html?highlight=debug#loglevel |
|
@licaon-kter I looked at this briefly with @futurealecks Nothing happens in debug mode when we click a link. Absolutely nothing. We don't see anything in the debug log. The actual element that encompasses that "Download" text and blob is something like:
|
|
But you see a lot of noisy debug info is the console in general? The file can be downloaded just fine in other clients connected with this account? |
|
Yes and yes |
|
Looks like, at in the case we were testing, this is happening because it is not being considered an Image file. In plugins/omemo/utils, it's checking the url to determine the type. isImageURL comes back false because the aesgcm uri doesn't end with the image extension. So it defaults to an unknown file type and doesn't add the 'onClick' and 'onLoad'. Is there an "image_urls_regex" for this, or should the link maybe be parsed (removing everything after the hash tag) to find the extension? |
|
@afriedmanGlacier As linked above, see the same idea in #2554 But, in my case... the can be opened. |
|
It turns out that this was because checkTLS in headless/utils/url was returning false. Locally, I added: I don't think this affected the outcome, but the image I was testing ended in .JPG, so I also added a |
|
Thanks @afriedmanGlacier, I've made a commit with the change you described. |
Still experiencing this error.
Debug log shows this: |
My apologies, this is for converse Desktop which is using v6.0.1. Please ignore. |
The text was updated successfully, but these errors were encountered: