Skip to content
Snippets Groups Projects
Select Git revision
  • 00e595d73716e8852f4525c5b0bac24e75335489
  • master default
  • cmake_fixes
  • pulls/1772757862/750
  • copilot/fix-770
  • windows_ci_static
  • c_link
  • cpack
  • windows_ci
  • cert_pk_id
  • proxy_push_result
  • cnode_put_id
  • update-windows-build
  • proxy
  • resubscribe_on_token_change
  • actions
  • client_mode
  • llhttp
  • search_node_add
  • crypto_aes_gcm_argon2
  • ios_notifications
  • v3.4.0
  • v3.3.1
  • v3.3.1rc1
  • v3.3.1rc2
  • v3.3.0
  • v3.2.0
  • v3.1.11
  • v3.1.10
  • v3.1.9
  • v3.1.8.2
  • v3.1.8.1
  • v3.1.8
  • v3.1.7
  • v3.1.6
  • v3.1.5
  • v3.1.4
  • v3.1.3
  • v3.1.2
  • v3.1
  • v3.0.1
41 results

value.cpp

Blame
  • Code owners
    Assign users and groups as approvers for specific file changes. Learn more.
    securityevaluationmodel.cpp 36.49 KiB
    /****************************************************************************
     *   Copyright (C) 2013-2016 by Savoir-faire Linux                          *
     *   Author : Emmanuel Lepage Vallee <emmanuel.lepage@savoirfairelinux.com> *
     *                                                                          *
     *   This library is free software; you can redistribute it and/or          *
     *   modify it under the terms of the GNU Lesser General Public             *
     *   License as published by the Free Software Foundation; either           *
     *   version 2.1 of the License, or (at your option) any later version.     *
     *                                                                          *
     *   This library is distributed in the hope that it will be useful,        *
     *   but WITHOUT ANY WARRANTY; without even the implied warranty of         *
     *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU      *
     *   Lesser General Public License for more details.                        *
     *                                                                          *
     *   You should have received a copy of the GNU General Public License      *
     *   along with this program.  If not, see <http://www.gnu.org/licenses/>.  *
     ***************************************************************************/
    #include "securityevaluationmodel.h"
    
    //Qt
    #include <QtCore/QIdentityProxyModel>
    #include <QtCore/QTimer>
    
    //Ring
    #include "account.h"
    #include "certificatemodel.h"
    #include "globalinstances.h"
    #include "interfaces/pixmapmanipulatori.h"
    #include "private/securityevaluationmodel_p.h"
    #include "securityflaw.h"
    #include "private/securityflaw_p.h"
    #include "private/certificate_p.h"
    
    #include <QtAlgorithms>
    
    const QString SecurityEvaluationModelPrivate::messages[enum_class_size<SecurityEvaluationModel::AccountSecurityChecks>()] = {
       /*SRTP_ENABLED                */QObject::tr("Your media streams are not encrypted, please enable SDES"),
       /*TLS_ENABLED                 */QObject::tr("TLS is disabled, the negotiation won't be encrypted. Your communication will be vulnerable to "
                                       "snooping"),
       /*CERTIFICATE_MATCH           */QObject::tr("Your certificate and authority don't match, if your certificate require an authority, it won't work"),
       /*OUTGOING_SERVER_MATCH       */QObject::tr("The outgoing server specified doesn't match the hostname or the one included in the certificate"),
       /*VERIFY_INCOMING_ENABLED     */QObject::tr("The \"verify incoming certificate\" option is disabled, this leave you vulnerable to man in the middle attack"),
       /*VERIFY_ANSWER_ENABLED       */QObject::tr("The \"verify answer certificate\" option is disabled, this leave you vulnerable to man in the middle attack"),
       /*REQUIRE_CERTIFICATE_ENABLED */QObject::tr("None of your certificate provide a private key, this is required. Please select a private key"
                                           " or use a certificate with one built-in"),
       /* NOT_MISSING_CERTIFICATE    */QObject::tr("No certificate has been provided. This is, for now, unsupported by Ring"),
       /* NOT_MISSING_AUTHORITY      */QObject::tr("No certificate authority is provided, it won't be possible to validate if the answer certificates are valid. Some account may also not work."),
    };
    
    static const QString s1 = QObject::tr("Your certificate is expired, please contact your system administrator.");
    static const QString s2 = QObject::tr("Your certificate is self signed. This break the chain of trust.");
    
    const TypedStateMachine< SecurityEvaluationModel::SecurityLevel , SecurityEvaluationModel::AccountSecurityChecks >
    SecurityEvaluationModelPrivate::maximumSecurityLevel = {{
       /* SRTP_ENABLED                     */ SecurityEvaluationModel::SecurityLevel::NONE        ,
       /* TLS_ENABLED                      */ SecurityEvaluationModel::SecurityLevel::NONE        ,
       /* CERTIFICATE_MATCH                */ SecurityEvaluationModel::SecurityLevel::WEAK        ,
       /* OUTGOING_SERVER_MATCH            */ SecurityEvaluationModel::SecurityLevel::MEDIUM      ,
       /* VERIFY_INCOMING_ENABLED          */ SecurityEvaluationModel::SecurityLevel::MEDIUM      ,
       /* VERIFY_ANSWER_ENABLED            */ SecurityEvaluationModel::SecurityLevel::MEDIUM      ,
       /* REQUIRE_CERTIFICATE_ENABLED      */ SecurityEvaluationModel::SecurityLevel::WEAK        ,
       /* NOT_MISSING_CERTIFICATE          */ SecurityEvaluationModel::SecurityLevel::WEAK        ,
       /* NOT_MISSING_AUTHORITY            */ SecurityEvaluationModel::SecurityLevel::ACCEPTABLE  ,
    }};
    
    const TypedStateMachine< SecurityEvaluationModel::Severity , SecurityEvaluationModel::AccountSecurityChecks >
    SecurityEvaluationModelPrivate::flawSeverity = {{
       /* SRTP_ENABLED                      */ SecurityEvaluationModel::Severity::ISSUE           ,
       /* TLS_ENABLED                       */ SecurityEvaluationModel::Severity::ISSUE           ,
       /* CERTIFICATE_MATCH                 */ SecurityEvaluationModel::Severity::ERROR           ,