[Pkg-xmpp-devel] Bug#1017049: profanity: No acknowledgement when running “/omemo start” in a chat room; also no docs on this

Stefan Kropp stefan.kropp at posteo.de
Fri Aug 12 15:59:30 BST 2022


On Fr, 12.08.2022 12:58:51, debbug.profanity at sideload.33mail.com wrote:
> Package: profanity
> Version: 0.10.0-1
> Severity: normal
> Tags: upstream
> 
> To send encrypted messages to a chat room, the following steps are
> necessary:
> 
>   1) OMEMO must be switched on for that room (enter “/omemo start” within that room)
>   2) the fingerprint of every person in that room must be trusted
>   «OR»
>   2) enable blind trust (“/help omemo trustmode” in some versions)
> 
> When step 1 is performed, there is no response from the app in that
> window. There is also no response in window 1. No error message
> either. So it appears to the user that their command was ignored. 

When OMEMO has been enabled, there should be "[OMEMO]" in the
titlebar. Just beside of the room title. It also should disappear
with /omemo end.

In case of error, you will see some error message like:

  ! You have not generated or loaded a cryptographic materials,
    use '/omemo gen'

> In my case, the command had proper effect (so egress messages
> thereafter were encrypted). But the user should be told
> something like:
>
>   “OMEMO enabled for outbound messages to this channel.
>    To reverse this action, run `\omemo end`”
> 
> It would perhaps also be useful when entering a chat room that has
> OMEMO disabled to automatically print a banner saying:
> 
>   “Warning: messages sent to this room will be unencrypted.
>    To enable e2ee run `\omemo start` in this window.”

Some people prefer E2EE, some not. If profanity will print this
warning all the time, it will be a little bit annoying. One
example is public non-anonymous group chats. There are also
clients which doesn't used OMEMO at all.

> Also, “/help omemo” does not cover this use case. The page gives the
> proper BNF syntax (“/omemo start [<contact>]”), but it fails to
> mention that “<contact>” cannot be a /room/, and that the only way to
> start a session for a room is to do “/omemo start” in that room.

Maybe this is an issue. Thanks for the report.

> So there are three bugs here:
>   1) lack of command acknowledgement
>   2) lack of warning banner in unencrypted rooms
>   3) lack of help docs

Keep in mind there where some issues with OMEMO in 0.10.0. Some
issues has been fixed in 0.11.0 / 0.12.0.

-- 
Stefan
Diese E-Mail wurde von einem Debian GNU/Linux System gesendet



More information about the Pkg-xmpp-devel mailing list