From 9457c7ccbb15d9cc10cd12b8dd2af4fb42fa6972 Mon Sep 17 00:00:00 2001
From: Antoine Noreau <antoine.noreau@savoirfairelinux.com>
Date: Mon, 24 Oct 2022 16:10:24 -0400
Subject: [PATCH] sip: fix incoming TLS calls by disabling secure dialog
Change-Id: I28e6135d9586adf7b4264431726f82f47856be51
---
src/app/constant/JamiStrings.qml | 1 +
src/app/currentaccount.cpp | 1 +
src/app/currentaccount.h | 1 +
.../components/AdvancedSIPSecuritySettings.qml | 11 +++++++++++
src/libclient/accountmodel.cpp | 4 ++++
src/libclient/api/account.h | 1 +
6 files changed, 19 insertions(+)
diff --git a/src/app/constant/JamiStrings.qml b/src/app/constant/JamiStrings.qml
index 90e255d45..3e83a6c47 100644
--- a/src/app/constant/JamiStrings.qml
+++ b/src/app/constant/JamiStrings.qml
@@ -115,6 +115,7 @@ Item {
property string verifyCertificatesServer: qsTr("Verify certificates for incoming TLS connections")
property string verifyCertificatesClient: qsTr("Verify server TLS certificates")
property string tlsRequireConnections: qsTr("Require certificate for incoming TLS connections")
+ property string disableSecureDlgCheck: qsTr("Disable secure dialog check for incoming TLS data")
property string tlsProtocol: qsTr("TLS protocol method")
property string audioDeviceSelector: qsTr("Audio input device selector")
property string tlsServerName: qsTr("TLS server name")
diff --git a/src/app/currentaccount.cpp b/src/app/currentaccount.cpp
index 24eb9f63e..440744ef2 100644
--- a/src/app/currentaccount.cpp
+++ b/src/app/currentaccount.cpp
@@ -141,6 +141,7 @@ CurrentAccount::updateData()
set_verifyServerTLS(accConfig.TLS.verifyServer, true);
set_verifyClientTLS(accConfig.TLS.verifyClient, true);
set_requireClientCertificateTLS(accConfig.TLS.requireClientCertificate, true);
+ set_disableSecureDlgCheckTLS(accConfig.TLS.disableSecureDlgCheck, true);
set_certificateListFileTLS(accConfig.TLS.certificateListFile, true);
set_certificateFileTLS(accConfig.TLS.certificateFile, true);
set_privateKeyFileTLS(accConfig.TLS.privateKeyFile, true);
diff --git a/src/app/currentaccount.h b/src/app/currentaccount.h
index 4141f8638..4f99b1045 100644
--- a/src/app/currentaccount.h
+++ b/src/app/currentaccount.h
@@ -148,6 +148,7 @@ class CurrentAccount final : public QObject
QML_ACCOUNT_CONFIG_CATEGORY_SETTINGS_PROPERTY(bool, verifyServer, TLS)
QML_ACCOUNT_CONFIG_CATEGORY_SETTINGS_PROPERTY(bool, verifyClient, TLS)
QML_ACCOUNT_CONFIG_CATEGORY_SETTINGS_PROPERTY(bool, requireClientCertificate, TLS)
+ QML_ACCOUNT_CONFIG_CATEGORY_SETTINGS_PROPERTY(bool, disableSecureDlgCheck, TLS)
QML_ACCOUNT_CONFIG_CATEGORY_SETTINGS_PROPERTY(QString, certificateListFile, TLS)
QML_ACCOUNT_CONFIG_CATEGORY_SETTINGS_PROPERTY(QString, certificateFile, TLS)
QML_ACCOUNT_CONFIG_CATEGORY_SETTINGS_PROPERTY(QString, privateKeyFile, TLS)
diff --git a/src/app/settingsview/components/AdvancedSIPSecuritySettings.qml b/src/app/settingsview/components/AdvancedSIPSecuritySettings.qml
index d155308f6..33ae05697 100644
--- a/src/app/settingsview/components/AdvancedSIPSecuritySettings.qml
+++ b/src/app/settingsview/components/AdvancedSIPSecuritySettings.qml
@@ -247,6 +247,17 @@ ColumnLayout {
onSwitchToggled: CurrentAccount.requireClientCertificate_TLS = checked
}
+ ToggleSwitch {
+ id: disableSecureDlgCheckToggle
+
+ labelText: JamiStrings.disableSecureDlgCheck
+ fontPointSize: JamiTheme.settingsFontSize
+
+ checked: CurrentAccount.disableSecureDlgCheck_TLS
+
+ onSwitchToggled: CurrentAccount.disableSecureDlgCheck_TLS = checked
+ }
+
SettingsComboBox {
id: tlsProtocolComboBox
diff --git a/src/libclient/accountmodel.cpp b/src/libclient/accountmodel.cpp
index 32b7b50ca..edcaa9149 100644
--- a/src/libclient/accountmodel.cpp
+++ b/src/libclient/accountmodel.cpp
@@ -896,6 +896,8 @@ account::Info::fromDetails(const MapStringString& details)
confProperties.TLS.verifyClient = toBool(details[ConfProperties::TLS::VERIFY_CLIENT]);
confProperties.TLS.requireClientCertificate = toBool(
details[ConfProperties::TLS::REQUIRE_CLIENT_CERTIFICATE]);
+ confProperties.TLS.disableSecureDlgCheck = toBool(
+ details[ConfProperties::TLS::DISABLE_SECURE_DLG_CHECK]);
confProperties.TLS.negotiationTimeoutSec = toInt(
details[ConfProperties::TLS::NEGOTIATION_TIMEOUT_SEC]);
// DHT
@@ -1018,6 +1020,8 @@ account::ConfProperties_t::toDetails() const
details[ConfProperties::TLS::VERIFY_CLIENT] = toQString(this->TLS.verifyClient);
details[ConfProperties::TLS::REQUIRE_CLIENT_CERTIFICATE] = toQString(
this->TLS.requireClientCertificate);
+ details[ConfProperties::TLS::DISABLE_SECURE_DLG_CHECK] = toQString(
+ this->TLS.disableSecureDlgCheck);
details[ConfProperties::TLS::NEGOTIATION_TIMEOUT_SEC] = toQString(
this->TLS.negotiationTimeoutSec);
// DHT
diff --git a/src/libclient/api/account.h b/src/libclient/api/account.h
index 3786348de..0503f7e75 100644
--- a/src/libclient/api/account.h
+++ b/src/libclient/api/account.h
@@ -177,6 +177,7 @@ struct ConfProperties_t
bool verifyServer;
bool verifyClient;
bool requireClientCertificate;
+ bool disableSecureDlgCheck;
int negotiationTimeoutSec;
} TLS;
struct DHT_t
--
GitLab