From aa6dbb2e59359518a02a3a50cf3633450d224a62 Mon Sep 17 00:00:00 2001
From: lilia <liliakai@gmail.com>
Date: Wed, 14 Jun 2017 12:09:28 -0700
Subject: [PATCH] Preserve UNVERIFIED status on key change

Don't revert it to default, which would effectively downgrade the security model
for that contact.

// FREEBIE
---
 js/signal_protocol_store.js | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/js/signal_protocol_store.js b/js/signal_protocol_store.js
index 52297dc86..b037bd038 100644
--- a/js/signal_protocol_store.js
+++ b/js/signal_protocol_store.js
@@ -431,8 +431,10 @@
                         });
                     } else if (!equalArrayBuffers(oldpublicKey, publicKey)) {
                         console.log("Replacing existing identity...");
+                        var previousStatus = identityKey.get('verified');
                         var verifiedStatus;
-                        if (identityKey.get('verified') === VerifiedStatus.VERIFIED) {
+                        if (previousStatus === VerifiedStatus.VERIFIED
+                            || previousStatus === VerifiedStatus.UNVERIFIED) {
                             verifiedStatus = VerifiedStatus.UNVERIFIED;
                         } else {
                             verifiedStatus = VerifiedStatus.DEFAULT;