[jitsi-dev] OTR bug after one client quits?


#1

I've been testing Jitsi as an XMPP chat client for encrypted-by-default
chat communications. I have two Jitsi clients open (both 2.2.4603.9615,
one Mac, one Windows) with different XMPP accounts connected. Both
clients have "Automatically initiate private messaging" selected. If I
follow these steps, communication breaks down;

1) Start a chat from client A to client B.

2) For some reason, OTR does not start automatically, so I click
"Encrypt chats with OTR" (I have already verified both parties).

3) OTR chat starts

4) Client B goes offline (by exiting the Jitsi program).

5) Restart client B.

6) Send message from client A, receive "You sent me an unreadable
encrypted message.."

7) Send message from client B, nothing is received at A, not message is
given to B that the message wasn't received.

There are other permutations of this, but OTR messaging does not seem
very robust on my testing. I'd really like to use this for chats (and
have end-to-end encryption by default), but it seems unworkable unless
people are manually ending OTR sessions when contacts go offline.
That's fine for me, but I'd like to get my friends on secure messaging,
and it's a big enough deal just getting them to switch to a new
program!

There are other error messages that come up when interacting with other
clients, such as "Error: You transmitted an unreadable encrypted
message.", "Unreadable encrypted message was received." Shouldn't the
client know when it needs to re-establish an OTR connection? If the
user sets private messaging to "automatic", why would the user need to
do any manual setting of OTR? Is there any way to make this "just work"
?

Thanks.


#2

3.7.2013 7.10, David O'Shaughnessy kirjoitti:

I've been testing Jitsi as an XMPP chat client for encrypted-by-default
chat communications. I have two Jitsi clients open (both 2.2.4603.9615,
one Mac, one Windows) with different XMPP accounts connected. Both
clients have "Automatically initiate private messaging" selected. If I
follow these steps, communication breaks down;
1) Start a chat from client A to client B.
2) For some reason, OTR does not start automatically, so I click
"Encrypt chats with OTR" (I have already verified both parties).
3) OTR chat starts
4) Client B goes offline (by exiting the Jitsi program).
5) Restart client B.
6) Send message from client A, receive "/You sent me an unreadable
encrypted message../"
7) Send message from client B, nothing is received at A, not message is
given to B that the message wasn't received.
There are other permutations of this, but OTR messaging does not seem
very robust on my testing. I'd really like to use this for chats (and
have end-to-end encryption by default), but it seems unworkable unless
people are manually ending OTR sessions when contacts go offline. That's
fine for me, but I'd like to get my friends on secure messaging, and
it's a big enough deal just getting them to switch to a new program!
There are other error messages that come up when interacting with other
clients, such as "/Error: You transmitted an unreadable encrypted
message./", "/Unreadable encrypted message was received./" Shouldn't the
client know when it needs to re-establish an OTR connection? If the user
sets private messaging to "automatic", why would the user need to do any
manual setting of OTR? Is there any way to make this "just work" ?

Not really helping, but I'm seeing similar behaviour. 2.0 improved it a bit compared to 1.1, but basically still not good from the casual user's perspective. Here it's been with mac <-> linux, iirc pidgin/linux <-> jitsi/linux also has problems. The otr handshake seems to fail and often times gets off-track (instead of off the record :P) and only recovers with some combination of jitsi restarts, usually by both ends. Worst thing is that messages sometimes disappear with no message, not even an error, received by the receiver, and no indication of what happened at the senders end. The chat initiators first message(s) seems to error out always, so the otr handshake happens too late. Does otr come from Smack? Could jitsi's own html/whatever parser cause this? Can it be disabled easily?

Regards,
Heikki Lindholm


#3

It might be worth looking at the way Gibberbot handles these situations
(https://guardianproject.info/apps/gibber/). It seems to work quite
well, and automatically re-establishes an OTR chat when it breaks down.
For example;

1) Start an OTR chat between Gibberbot and Jitsi.
2) Quit Jitsi (and keep Gibberbot open)
3) Restart Jitsi
4) Send a message from Gibberbot to Jitsi

You will see that Gibberbot receives the "You sent me an unreadable
message", automatically re-establishes the OTR chat, and resends the
message (while appending [resent] to it). Very cool, might be some code
that can be reused in there.

Cheers,

Dave.

ยทยทยท

On Wed, 3 Jul 2013, at 02:35 PM, Heikki Lindholm wrote:

3.7.2013 7.10, David O'Shaughnessy kirjoitti:
> I've been testing Jitsi as an XMPP chat client for encrypted-by-default
> chat communications. I have two Jitsi clients open (both 2.2.4603.9615,
> one Mac, one Windows) with different XMPP accounts connected. Both
> clients have "Automatically initiate private messaging" selected. If I
> follow these steps, communication breaks down;
> 1) Start a chat from client A to client B.
> 2) For some reason, OTR does not start automatically, so I click
> "Encrypt chats with OTR" (I have already verified both parties).
> 3) OTR chat starts
> 4) Client B goes offline (by exiting the Jitsi program).
> 5) Restart client B.
> 6) Send message from client A, receive "/You sent me an unreadable
> encrypted message../"
> 7) Send message from client B, nothing is received at A, not message is
> given to B that the message wasn't received.
> There are other permutations of this, but OTR messaging does not seem
> very robust on my testing. I'd really like to use this for chats (and
> have end-to-end encryption by default), but it seems unworkable unless
> people are manually ending OTR sessions when contacts go offline. That's
> fine for me, but I'd like to get my friends on secure messaging, and
> it's a big enough deal just getting them to switch to a new program!
> There are other error messages that come up when interacting with other
> clients, such as "/Error: You transmitted an unreadable encrypted
> message./", "/Unreadable encrypted message was received./" Shouldn't the
> client know when it needs to re-establish an OTR connection? If the user
> sets private messaging to "automatic", why would the user need to do any
> manual setting of OTR? Is there any way to make this "just work" ?

Not really helping, but I'm seeing similar behaviour. 2.0 improved it a
bit compared to 1.1, but basically still not good from the casual user's
perspective. Here it's been with mac <-> linux, iirc pidgin/linux <->
jitsi/linux also has problems. The otr handshake seems to fail and often
times gets off-track (instead of off the record :P) and only recovers
with some combination of jitsi restarts, usually by both ends. Worst
thing is that messages sometimes disappear with no message, not even an
error, received by the receiver, and no indication of what happened at
the senders end. The chat initiators first message(s) seems to error out
always, so the otr handshake happens too late. Does otr come from Smack?
Could jitsi's own html/whatever parser cause this? Can it be disabled
easily?

Regards,
Heikki Lindholm

_______________________________________________
dev mailing list
dev@jitsi.org
Unsubscribe instructions and other list options:
http://lists.jitsi.org/mailman/listinfo/dev