Br0nekLink Mauve, how to get one directory from repository?
Gnucchihello I have a problem with creating QR-Codes in Gajim, I get only errors when I open the OMEMO Plugin. I have OMEMO 9.9.9 and python-qrcode installed.
cuchm it would be great if python-qrcode would be mentioned under "features" :)
cippaciongGnucchi, what error and what os?
cippaciongdoes it look like this? https://dev.gajim.org/gajim/gajim-plugins/issues/158#note_88431
cuchaving that error too on ubuntu 16.04
zakcippaciong: I had a "No module named builtin"-error as well, but only once after upgrading the plugin (Debian). A restart solved it fortunately.
cippaciongcuc, Gnucchi, can you try to restart gajim as zak did and see what happens?
cuci did a full restart because after updating it just kept on saying it doesnt have python-qrcode installed
cucwhich i did
cucits quite easy
cucif i start python2 shell und try to import builtin it will give an ImportError
cucbuiltins that is...
cippaciongyes, that's expected. The fact is that python should catch the exception and import __builtin__ instead
cucyes thats what i thought
cippaciongbut it seems that sometimes it doesn't do that
cucfunny
cippaciongpython-pillow rather than python
cuci can see the try-except block which sould catch this...
cuc:)
cippaciongcan you try to run that try-except in python2 repl?
cucu mean in the python shell?
cippaciongyes
cuccan i paste here?
cippaciongit's ok for me
cuchttp://pastebin.com/sUt7Najc
cucnevermind :)
cippaciongit's working..
cucyup
cucfunky shit
cucnot the first time i have strange ubuntu python behavior...
cucbut im not a dev anyways ^
cuc^^
cippaciongIt's not only a ubuntu error I'm afraid. The issue on github is archlinux related but still, I use arch and I don't have that error at all
cuc:)
lovetoxcippaciong, i think it has to do again with demanimport
lovetoxtry adding in omemoplugins.py
lovetoxto the demanimport list
lovetox'__builtin__'
lovetoxand 'builtins'
lovetoxand maybe 'PIL'
jplitzaHi, I'm having problems with the OMEMO plugin. It seems to pick wrong keys or something when encrypting messages: When I send an encrypted message from Gajim, account A to my own account B, I can read it on my phone (Conversations), account B, but neither with Gajim, account B nor with my phone, account A (I have message carbons configured)
jplitzaOn the terminal I see this exception: InvalidKeyIdException: No such signedprekeyrecord! 25053
jplitzaIs there any way to reset these prekeys without losing Gajims private key that other people have verified already?
lovetoxyes
lovetoxgo to the plugin config window
lovetoxand delete the fingerprints
lovetoxof the contact you have the problem with
lovetoxafter that just write a message to him
lovetoxit should pull the correct prekey after that
jplitzaAh, okay. Because these problems keep popping up with multiple contacts, I'll simply screenshot the window, delete all fingerprints and add them afterwards. Thanks!
lovetoxno
lovetoxyou cant add fingerprints
lovetoxjust write a message, to the contact afterwards, and it should popup the fingerprint window
lovetoxwhere the same keys should be loaded again
jplitzaYes, that's what I meant
lovetoxah
lovetoxsorry :D
lovetoxi think this happens
lovetoxif you add someone but never exchange a message from a device
lovetoxif you add someone on a account, at least exchange one message
jplitzaHm, I had guessed that it was caused by replaying a backup of my home dir
lovetoxem, yeah that could also be the reason
lovetoxyou cant simply backup omemo
lovetoxall sessions get invalid
lovetoxso if you do this, you should delete all fingerprints afterwards
lovetoxthat would initiate on first message a new session with the contact
jplitzaOkay. What about inbound messages?
lovetoxhard to say, if only a few messages are exchanged from other devices betweent your backup and replay, it could still decrypt, but if its a loinger time
lovetoxall messages are lost
lovetoxthats a security feature, no one for example can decrypt your current messages if he finds a old db with keys from you
lovetoxforward secrecy its called
lovetoxit can still be good to backup the omemo db, because you keep your masterkey, and other contacts dont have to verify a new fingerprint
lovetoxbut you cant decrypt messages with a backup that were written AFTER the backup
lovetoxand sessions proably get invalid and faulty at some point
lovetoxso you have to reset them
jplitzaThanks for the explanation. I know about the principle of Forward Secrecy, but never cared to find out how exactly OMEMO accomplishes it (even though it proved my statement in the XMPP wiki wrong: https://wiki.xmpp.org/web/XMPP_E2E_Security#Multiple_resources )
jplitzaI think it would make sense to a) document this, and b) make it easier to reset the prekeys without losing the fingerprint verifications
lovetoxletting aside backup problems, this error you have, its caused by not fully initialize a session
lovetoxto fully initialize a session between 2 contacts
lovetoxContact A has to pick a prekey of Contact B and send a message
lovetoxthen Contact B has to answer to that message correctly
lovetoxafter that the session is initialized and no prekeys are needed anymore
lovetoxso what happend here probably is
lovetoxContact A picked a pre key and send a message to B
lovetoxthen you made a backup from that point
lovetoxafterwards contact B sends you the answer and everything is find
lovetoxafterwards contact B sends you the answer and everything is fine
lovetoxuntil you replay the backup
lovetoxbecause now you send again the initial message with the prekey because you didnt receive an answer
lovetoxbut B knows that this prekey was already used before and is invalid
lovetoxso it has the exception in the log
lovetoxinvalid prekey
lovetoxso its true that omemo doesnt handle this case now good
lovetoxbecause from that point on the plugin doesnt do anything to resolve the situation
lovetoxi will try to implement this if i have time
jplitzaMentioning that there is a problem would be a start ;)
jplitzaThe exception only showed up at the console, there was no indication in the GUI that I received message that could not be decrypted or something like that
lovetoxyeah though thats intended, if a client sends us invalid messages we dont want to inform the user normally.
lovetoxi think about a way to resolve this state and initalize a new session
lovetoxbut its impossible to do this without some messages lost
lovetoxthe plugin cant detect if the db is backedup or not
lovetoxand we dont get a notification from contact B that the prekey we used is invalid
jplitzaWell, it might make sense to split the "persistent" part of the DB from the "transient" part and only backup the former
lovetoxso this messages is definitly lost
lovetoxyeah this would make sense, still a user has to know that he should not backup everyhting
jplitzaWhere the permanent contains all fingerprint verifications and master keys, and the transient one all sessions and prekeys
jplitzaYes, of course. But then recovering after a backup could be as simple as "delete that file"
lovetoxthats true, i could also just make a button
lovetoxthat deletes all transient stuff from the db
jplitzaProbably simpler in the short term, yes
lovetoxi think i will do this, because now if you have many contacts with many fingerprints, you have to click a lot the delete button ^^
jplitzaAnd re-verify a lot of fingerprints
lovetoxtrue, i could also think about a way to retain the fingerprints, and just delete the sessions
lovetox... hmmm :)
jplitzaI can't get one of my two accounts to fetch the key of the other resource on that account :(
lovetoxdid you try to restart gajim
lovetox?
jplitzaYes, twice now
jplitzaAh, now it worked
jplitzaNow the other account is missing the second resource key -_-
jplitzaSo I trigger fetching of contact's keys by sending them a message. How do I trigger fetching my own keys? ^^
lovetoxsame way
lovetoxshould be fetched on a message to someone, doesnt matter who
lovetoxbut i dont think the window pops up on own fingerprints