Bug #805

remote Gibberbot starts OTR session when I log in with Pidgin or Adium

Added by hans almost 5 years ago. Updated about 4 years ago.

Status:ClosedStart date:03/01/2013
Priority:NormalDue date:
Assignee:devrandom% Done:

0%

Category:-
Target version:v12 - March Mantra
Component:

Description

When I log in with my desktop IM client, I get an OTR session that is initiated by the other side without them having started anything. It just sets up an OTR session and then there is no message. I've seen this twice in the past two days with Lee and Josh, who I think are both running the latest Gibberbot. It happened with Lee when I logged into Pidgin, and with Josh when I signed into Adium. So my guess is that its happening in Gibberbot. For most people, this is only a minor annoyance, but it can be a privacy leak.

For the Adium session, I had that user set to "Encrypt sessions as requested".

Additionally, it seems to break OTR for the session. After this happens, it seems that the OTR session gets muddled. Here's a log from Adium, and I had the same situation with Pidgin. For me, I was only logged in using a single client when this happened, i.e. only in Adium or only in Pidgin.

is now known as Other Guy.
OTR session initiated.
(Hans-Christoph Steiner)
12:00:36
how's life?
12:00:37
OTR Error:You sent me an unreadable encrypted message
12:00:38
Error setting up private conversation: Bad signature
12:00:45
Ended encrypted OTR chat.
12:00:46
OTR Error:You sent me an unreadable encrypted message
12:00:47
Error setting up private conversation: Bad signature
12:00:51
Error setting up private conversation: Bad signature

Then each time I try to restart the OTR session, I get this again:

Error setting up private conversation: Bad signature

History

#1 Updated by hans almost 5 years ago

I justed started Pidgin again, and it did the same thing:

(06:21:57 PM) Other Guy: ?OTR Error:You sent me an unreadable encrypted message
[Image] (06:24:39 PM) Unverified conversation with them@them.com/Gibberbot28D059A7 started.
18:25
(06:26:54 PM) them@them.com is now known as Other Guy.

But this time, the OTR session seemed to work OK. Pidgin OTR is set to "Automatically initiate private messaging".

#2 Updated by n8fr8 almost 5 years ago

  • Target version set to v12 - March Mantra

#3 Updated by n8fr8 over 4 years ago

  • Status changed from New to In Progress

The default setting in GIbberbot/ChatSecure is to "automatically attempt" BUT it should only happen if you have an open chat window, or if there is some sort of exchange of text.

I will do more testing, but I don't think this is happening as of v12 latest updates.

#4 Updated by n8fr8 over 4 years ago

  • Status changed from In Progress to Resolved

Actually I know what this was now, and it is fixed. Gibberbot used to respond to XMPP "Pub Sub" incoming packets as normal messages, and then automatically respond by turning on OTR. It now ignores those, and will only start OTR if an actual human message comes in.

#5 Updated by n8fr8 about 4 years ago

  • Status changed from Resolved to Closed

Also available in: Atom PDF