From 30148cebe38e7d3180b4986d3786f5c0ce29e22a Mon Sep 17 00:00:00 2001
From: Evangelos Ribeiro Tzaras <devrtz@fortysixandtwo.eu>
Date: Mon, 9 May 2022 17:52:05 +0200
Subject: [PATCH] schema: Add setting allowing to use SDES

Key exchanges in SDES can only be done securely with TLS and the option
is disabled by default if not using TLS as the transport protocol.

This setting allows to override this behaviour if the user desires
it (f.e. if the user considers the network his packets go through to be trusted).
---
 data/org.gnome.Calls.gschema.xml |  6 ++++
 src/calls-settings.c             | 50 ++++++++++++++++++++++++++++++--
 src/calls-settings.h             |  3 ++
 3 files changed, 56 insertions(+), 3 deletions(-)

diff --git a/data/org.gnome.Calls.gschema.xml b/data/org.gnome.Calls.gschema.xml
index eda2d31..ee7c75f 100644
--- a/data/org.gnome.Calls.gschema.xml
+++ b/data/org.gnome.Calls.gschema.xml
@@ -26,5 +26,11 @@
       <description>The preferred audio codecs to use for VoIP calls (if available)</description>
     </key>
 
+    <key name="always-allow-sdes" type="b">
+      <default>false</default>
+      <summary>Whether to allow using SDES for SRTP without TLS as the transport</summary>
+      <description>Set to true if you want to allow with keys exchanged in cleartext.</description>
+    </key>
+
   </schema>
 </schemalist>
diff --git a/src/calls-settings.c b/src/calls-settings.c
index 2816f64..3e73f20 100644
--- a/src/calls-settings.c
+++ b/src/calls-settings.c
@@ -42,6 +42,7 @@ enum {
   PROP_COUNTRY_CODE,
   PROP_AUTOLOAD_PLUGINS,
   PROP_PREFERRED_AUDIO_CODECS,
+  PROP_ALWAYS_ALLOW_SDES,
   PROP_LAST_PROP
 };
 static GParamSpec *props[PROP_LAST_PROP];
@@ -53,6 +54,7 @@ struct _CallsSettings {
 
   GStrv      autoload_plugins;
   GStrv      preferred_audio_codecs;
+  gboolean   always_allow_sdes;
 };
 
 G_DEFINE_TYPE (CallsSettings, calls_settings, G_TYPE_OBJECT)
@@ -83,6 +85,10 @@ calls_settings_set_property (GObject      *object,
     calls_settings_set_preferred_audio_codecs (self, g_value_get_boxed (value));
     break;
 
+  case PROP_ALWAYS_ALLOW_SDES:
+    calls_settings_set_always_allow_sdes (self, g_value_get_boolean (value));
+    break;
+
   default:
     G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
     break;
@@ -115,6 +121,10 @@ calls_settings_get_property (GObject    *object,
     g_value_take_boxed (value, calls_settings_get_preferred_audio_codecs (self));
     break;
 
+  case PROP_ALWAYS_ALLOW_SDES:
+    g_value_set_boolean (value, calls_settings_get_always_allow_sdes (self));
+    break;
+
   default:
     G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
     break;
@@ -141,6 +151,8 @@ calls_settings_constructed (GObject *object)
                    self, "autoload-plugins", G_SETTINGS_BIND_DEFAULT);
   g_settings_bind (self->settings, "preferred-audio-codecs",
                    self, "preferred-audio-codecs", G_SETTINGS_BIND_DEFAULT);
+  g_settings_bind (self->settings, "always-allow-sdes",
+                   self, "always-allow-sdes", G_SETTINGS_BIND_DEFAULT);
 }
 
 
@@ -171,6 +183,7 @@ calls_settings_class_init (CallsSettingsClass *klass)
                           "Automatically use default origins",
                           TRUE,
                           G_PARAM_READWRITE | G_PARAM_STATIC_STRINGS | G_PARAM_EXPLICIT_NOTIFY);
+
   props[PROP_COUNTRY_CODE] =
     g_param_spec_string ("country-code",
                          "country code",
@@ -192,6 +205,13 @@ calls_settings_class_init (CallsSettingsClass *klass)
                         G_TYPE_STRV,
                         G_PARAM_READWRITE | G_PARAM_STATIC_STRINGS | G_PARAM_EXPLICIT_NOTIFY);
 
+  props[PROP_ALWAYS_ALLOW_SDES] =
+    g_param_spec_boolean ("always-allow-sdes",
+                          "Always allow SDES",
+                          "Whether to always allow using key exchange (without TLS)",
+                          FALSE,
+                          G_PARAM_READWRITE | G_PARAM_STATIC_STRINGS | G_PARAM_EXPLICIT_NOTIFY);
+
   g_object_class_install_properties (object_class, PROP_LAST_PROP, props);
 }
 
@@ -212,9 +232,9 @@ calls_settings_get_default (void)
   static CallsSettings *instance = NULL;
 
   if (!instance) {
-      instance = g_object_new (CALLS_TYPE_SETTINGS, NULL);
-      g_object_add_weak_pointer (G_OBJECT (instance), (gpointer *)&instance);
-    }
+    instance = g_object_new (CALLS_TYPE_SETTINGS, NULL);
+    g_object_add_weak_pointer (G_OBJECT (instance), (gpointer *) &instance);
+  }
 
   return instance;
 }
@@ -374,3 +394,27 @@ calls_settings_set_preferred_audio_codecs (CallsSettings      *self,
   if (!initial)
     g_object_notify_by_pspec (G_OBJECT (self), props[PROP_PREFERRED_AUDIO_CODECS]);
 }
+
+
+gboolean
+calls_settings_get_always_allow_sdes (CallsSettings *self)
+{
+  g_return_val_if_fail (CALLS_IS_SETTINGS (self), FALSE);
+
+  return self->always_allow_sdes;
+}
+
+
+void
+calls_settings_set_always_allow_sdes (CallsSettings *self,
+                                      gboolean       allowed)
+{
+  g_return_if_fail (CALLS_IS_SETTINGS (self));
+
+  if (self->always_allow_sdes == allowed)
+    return;
+
+  self->always_allow_sdes = allowed;
+
+  g_object_notify_by_pspec (G_OBJECT (self), props[PROP_ALWAYS_ALLOW_SDES]);
+}
diff --git a/src/calls-settings.h b/src/calls-settings.h
index 7728d5c..b9a0a2b 100644
--- a/src/calls-settings.h
+++ b/src/calls-settings.h
@@ -45,5 +45,8 @@ void           calls_settings_set_autoload_plugins           (CallsSettings
 char         **calls_settings_get_preferred_audio_codecs     (CallsSettings *self);
 void           calls_settings_set_preferred_audio_codecs     (CallsSettings      *self,
                                                               const char * const *codecs);
+gboolean       calls_settings_get_always_allow_sdes          (CallsSettings *self);
+void           calls_settings_set_always_allow_sdes          (CallsSettings *self,
+                                                              gboolean       enabled);
 
 G_END_DECLS