mirror of https://github.com/vector-im/riot-web
Merge pull request #4277 from matrix-org/dbkr/trust_cross_signing_flag
Add a flag to control whether cross-signing signatures are trustedpull/21833/head
commit
6d90307ff7
|
@ -186,6 +186,7 @@
|
||||||
@import "./views/settings/_AvatarSetting.scss";
|
@import "./views/settings/_AvatarSetting.scss";
|
||||||
@import "./views/settings/_CrossSigningPanel.scss";
|
@import "./views/settings/_CrossSigningPanel.scss";
|
||||||
@import "./views/settings/_DevicesPanel.scss";
|
@import "./views/settings/_DevicesPanel.scss";
|
||||||
|
@import "./views/settings/_E2eAdvancedPanel.scss";
|
||||||
@import "./views/settings/_EmailAddresses.scss";
|
@import "./views/settings/_EmailAddresses.scss";
|
||||||
@import "./views/settings/_IntegrationManager.scss";
|
@import "./views/settings/_IntegrationManager.scss";
|
||||||
@import "./views/settings/_KeyBackupPanel.scss";
|
@import "./views/settings/_KeyBackupPanel.scss";
|
||||||
|
|
|
@ -0,0 +1,20 @@
|
||||||
|
/*
|
||||||
|
Copyright 2020 The Matrix.org Foundation C.I.C.
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
.mx_E2eAdvancedPanel_settingLongDescription {
|
||||||
|
margin-right: 150px;
|
||||||
|
}
|
||||||
|
|
|
@ -148,6 +148,9 @@ class _MatrixClientPeg {
|
||||||
// check that we have a version of the js-sdk which includes initCrypto
|
// check that we have a version of the js-sdk which includes initCrypto
|
||||||
if (!SettingsStore.getValue("lowBandwidth") && this.matrixClient.initCrypto) {
|
if (!SettingsStore.getValue("lowBandwidth") && this.matrixClient.initCrypto) {
|
||||||
await this.matrixClient.initCrypto();
|
await this.matrixClient.initCrypto();
|
||||||
|
this.matrixClient.setCryptoTrustCrossSignedDevices(
|
||||||
|
!SettingsStore.getValue('e2ee.manuallyVerifyAllSessions'),
|
||||||
|
);
|
||||||
StorageManager.setCryptoInitialised(true);
|
StorageManager.setCryptoInitialised(true);
|
||||||
}
|
}
|
||||||
} catch (e) {
|
} catch (e) {
|
||||||
|
|
|
@ -65,6 +65,7 @@ export default createReactClass({
|
||||||
});
|
});
|
||||||
if (isRoomEncrypted) {
|
if (isRoomEncrypted) {
|
||||||
cli.on("userTrustStatusChanged", this.onUserTrustStatusChanged);
|
cli.on("userTrustStatusChanged", this.onUserTrustStatusChanged);
|
||||||
|
cli.on("deviceVerificationChanged", this.onDeviceVerificationChanged);
|
||||||
this.updateE2EStatus();
|
this.updateE2EStatus();
|
||||||
} else {
|
} else {
|
||||||
// Listen for room to become encrypted
|
// Listen for room to become encrypted
|
||||||
|
@ -88,6 +89,7 @@ export default createReactClass({
|
||||||
if (cli) {
|
if (cli) {
|
||||||
cli.removeListener("RoomState.events", this.onRoomStateEvents);
|
cli.removeListener("RoomState.events", this.onRoomStateEvents);
|
||||||
cli.removeListener("userTrustStatusChanged", this.onUserTrustStatusChanged);
|
cli.removeListener("userTrustStatusChanged", this.onUserTrustStatusChanged);
|
||||||
|
cli.removeListener("deviceVerificationChanged", this.onDeviceVerificationChanged);
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
|
||||||
|
@ -110,6 +112,11 @@ export default createReactClass({
|
||||||
this.updateE2EStatus();
|
this.updateE2EStatus();
|
||||||
},
|
},
|
||||||
|
|
||||||
|
onDeviceVerificationChanged: function(userId, deviceId, deviceInfo) {
|
||||||
|
if (userId !== this.props.member.userId) return;
|
||||||
|
this.updateE2EStatus();
|
||||||
|
},
|
||||||
|
|
||||||
updateE2EStatus: async function() {
|
updateE2EStatus: async function() {
|
||||||
const cli = MatrixClientPeg.get();
|
const cli = MatrixClientPeg.get();
|
||||||
const { userId } = this.props.member;
|
const { userId } = this.props.member;
|
||||||
|
|
|
@ -0,0 +1,39 @@
|
||||||
|
/*
|
||||||
|
Copyright 2020 The Matrix.org Foundation C.I.C.
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
import React from 'react';
|
||||||
|
|
||||||
|
import * as sdk from '../../../index';
|
||||||
|
import {_t} from "../../../languageHandler";
|
||||||
|
import {SettingLevel} from "../../../settings/SettingsStore";
|
||||||
|
|
||||||
|
const SETTING_MANUALLY_VERIFY_ALL_SESSIONS = "e2ee.manuallyVerifyAllSessions";
|
||||||
|
|
||||||
|
const E2eAdvancedPanel = props => {
|
||||||
|
const SettingsFlag = sdk.getComponent('views.elements.SettingsFlag');
|
||||||
|
return <div className="mx_SettingsTab_section">
|
||||||
|
<span className="mx_SettingsTab_subheading">{_t("Advanced")}</span>
|
||||||
|
|
||||||
|
<SettingsFlag name={SETTING_MANUALLY_VERIFY_ALL_SESSIONS}
|
||||||
|
level={SettingLevel.DEVICE}
|
||||||
|
/>
|
||||||
|
<div className="mx_E2eAdvancedPanel_settingLongDescription">{_t(
|
||||||
|
"Individually verify each session used by a user to mark it as trusted, not trusting cross-signed devices.",
|
||||||
|
)}</div>
|
||||||
|
</div>;
|
||||||
|
};
|
||||||
|
|
||||||
|
export default E2eAdvancedPanel;
|
|
@ -281,6 +281,8 @@ export default class SecurityUserSettingsTab extends React.Component {
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
const E2eAdvancedPanel = sdk.getComponent('views.settings.E2eAdvancedPanel');
|
||||||
|
|
||||||
return (
|
return (
|
||||||
<div className="mx_SettingsTab mx_SecurityUserSettingsTab">
|
<div className="mx_SettingsTab mx_SecurityUserSettingsTab">
|
||||||
<div className="mx_SettingsTab_heading">{_t("Security & Privacy")}</div>
|
<div className="mx_SettingsTab_heading">{_t("Security & Privacy")}</div>
|
||||||
|
@ -311,6 +313,7 @@ export default class SecurityUserSettingsTab extends React.Component {
|
||||||
</div>
|
</div>
|
||||||
{this._renderIgnoredUsers()}
|
{this._renderIgnoredUsers()}
|
||||||
{this._renderManageInvites()}
|
{this._renderManageInvites()}
|
||||||
|
<E2eAdvancedPanel />
|
||||||
</div>
|
</div>
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
|
@ -432,6 +432,7 @@
|
||||||
"Enable message search in encrypted rooms": "Enable message search in encrypted rooms",
|
"Enable message search in encrypted rooms": "Enable message search in encrypted rooms",
|
||||||
"Keep secret storage passphrase in memory for this session": "Keep secret storage passphrase in memory for this session",
|
"Keep secret storage passphrase in memory for this session": "Keep secret storage passphrase in memory for this session",
|
||||||
"How fast should messages be downloaded.": "How fast should messages be downloaded.",
|
"How fast should messages be downloaded.": "How fast should messages be downloaded.",
|
||||||
|
"Manually verify all remote sessions": "Manually verify all remote sessions",
|
||||||
"Collecting app version information": "Collecting app version information",
|
"Collecting app version information": "Collecting app version information",
|
||||||
"Collecting logs": "Collecting logs",
|
"Collecting logs": "Collecting logs",
|
||||||
"Uploading report": "Uploading report",
|
"Uploading report": "Uploading report",
|
||||||
|
@ -603,6 +604,7 @@
|
||||||
"Public Name": "Public Name",
|
"Public Name": "Public Name",
|
||||||
"Last seen": "Last seen",
|
"Last seen": "Last seen",
|
||||||
"Failed to set display name": "Failed to set display name",
|
"Failed to set display name": "Failed to set display name",
|
||||||
|
"Individually verify each session used by a user to mark it as trusted, not trusting cross-signed devices.": "Individually verify each session used by a user to mark it as trusted, not trusting cross-signed devices.",
|
||||||
"Disable Notifications": "Disable Notifications",
|
"Disable Notifications": "Disable Notifications",
|
||||||
"Enable Notifications": "Enable Notifications",
|
"Enable Notifications": "Enable Notifications",
|
||||||
"Securely cache encrypted messages locally for them to appear in search results, using ": "Securely cache encrypted messages locally for them to appear in search results, using ",
|
"Securely cache encrypted messages locally for them to appear in search results, using ": "Securely cache encrypted messages locally for them to appear in search results, using ",
|
||||||
|
|
|
@ -16,6 +16,8 @@ See the License for the specific language governing permissions and
|
||||||
limitations under the License.
|
limitations under the License.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
import {MatrixClient} from 'matrix-js-sdk';
|
||||||
|
|
||||||
import {_td} from '../languageHandler';
|
import {_td} from '../languageHandler';
|
||||||
import {
|
import {
|
||||||
AudioNotificationsEnabledController,
|
AudioNotificationsEnabledController,
|
||||||
|
@ -24,6 +26,7 @@ import {
|
||||||
} from "./controllers/NotificationControllers";
|
} from "./controllers/NotificationControllers";
|
||||||
import CustomStatusController from "./controllers/CustomStatusController";
|
import CustomStatusController from "./controllers/CustomStatusController";
|
||||||
import ThemeController from './controllers/ThemeController';
|
import ThemeController from './controllers/ThemeController';
|
||||||
|
import PushToMatrixClientController from './controllers/PushToMatrixClientController';
|
||||||
import ReloadOnChangeController from "./controllers/ReloadOnChangeController";
|
import ReloadOnChangeController from "./controllers/ReloadOnChangeController";
|
||||||
import {RIGHT_PANEL_PHASES} from "../stores/RightPanelStorePhases";
|
import {RIGHT_PANEL_PHASES} from "../stores/RightPanelStorePhases";
|
||||||
|
|
||||||
|
@ -525,4 +528,12 @@ export const SETTINGS = {
|
||||||
supportedLevels: LEVELS_DEVICE_ONLY_SETTINGS_WITH_CONFIG,
|
supportedLevels: LEVELS_DEVICE_ONLY_SETTINGS_WITH_CONFIG,
|
||||||
default: true,
|
default: true,
|
||||||
},
|
},
|
||||||
|
"e2ee.manuallyVerifyAllSessions": {
|
||||||
|
supportedLevels: LEVELS_DEVICE_ONLY_SETTINGS,
|
||||||
|
displayName: _td("Manually verify all remote sessions"),
|
||||||
|
default: false,
|
||||||
|
controller: new PushToMatrixClientController(
|
||||||
|
MatrixClient.prototype.setCryptoTrustCrossSignedDevices, true,
|
||||||
|
),
|
||||||
|
},
|
||||||
};
|
};
|
||||||
|
|
|
@ -0,0 +1,37 @@
|
||||||
|
/*
|
||||||
|
Copyright 2020 The Matrix.org Foundation C.I.C.
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
import { MatrixClientPeg } from '../../MatrixClientPeg';
|
||||||
|
|
||||||
|
/**
|
||||||
|
* When the value changes, call a setter function on the matrix client with the new value
|
||||||
|
*/
|
||||||
|
export default class PushToMatrixClientController {
|
||||||
|
constructor(setter, inverse) {
|
||||||
|
this._setter = setter;
|
||||||
|
this._inverse = inverse;
|
||||||
|
}
|
||||||
|
|
||||||
|
getValueOverride(level, roomId, calculatedValue, calculatedAtLevel) {
|
||||||
|
return null; // no override
|
||||||
|
}
|
||||||
|
|
||||||
|
onChange(level, roomId, newValue) {
|
||||||
|
// XXX does this work? This surely isn't necessarily the effective value,
|
||||||
|
// but it's what NotificationsEnabledController does...
|
||||||
|
this._setter.call(MatrixClientPeg.get(), this._inverse ? !newValue : newValue);
|
||||||
|
}
|
||||||
|
}
|
Loading…
Reference in New Issue