e2ee api: filter out non-whitelisted tags if not doing stanza encryption

Signed-off-by: Maxime “pep” Buquet <pep@bouah.net>
2019-06-10 16:58:57 +02:00 · 2019-06-10 16:58:57 +02:00 · 3642e1320c
commit 3642e1320c
parent d1a3a35df6
1 changed files with 23 additions and 0 deletions
--- a/poezio/plugin_e2ee.py
+++ b/poezio/plugin_e2ee.py
@ -29,10 +29,27 @@ ChatTabs = Union[
 EME_NS = 'urn:xmpp:eme:0'
 EME_TAG = 'encryption'

+JCLIENT_NS = 'jabber:client'
+HINTS_NS = 'urn:xmpp:hints'
+

 class E2EEPlugin(BasePlugin):
    """Interface for E2EE plugins"""

+    # Specifies that the encryption mechanism does more than encrypting
+    # <body/>.
+    stanza_encryption = False
+
+    # Whitelist applied to messages when `stanza_encryption` is False.
+    tag_whitelist = list(map(lambda x: '{%s}%s' % (x[0], x[1]), [
+        (JCLIENT_NS, 'body'),
+        (EME_NS, EME_TAG),
+        (HINTS_NS, 'store'),
+        (HINTS_NS, 'no-copy'),
+        (HINTS_NS, 'no-store'),
+        (HINTS_NS, 'no-permanent-store'),
+    ]))
+
    # At least one of encryption_name and encryption_short_name must be set
    encryption_name = None  # type: Optional[str]
    encryption_short_name = None  # type: Optional[str]
@ -157,6 +174,12 @@ class E2EEPlugin(BasePlugin):
        # Call the enabled encrypt method
        self._enabled_tabs[jid](message, tab)

+        # Filter stanza with the whitelist if we don't do stanza encryption
+        if not self.stanza_encryption:
+            for elem in message.xml[:]:
+                if elem.tag not in self.tag_whitelist:
+                    message.xml.remove(elem)
+
        log.debug('Decrypted %s message: %r', self.encryption_name, message['body'])
        return None