rnhmjoj/nheko
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Verifications sneakily accumulating in the background

Browse Source
This commit is contained in:
Nicolas Werner 2022-07-22 11:46:22 +02:00
parent 710e07520d
commit 904745543a
No known key found for this signature in database
GPG Key ID: C8D75E610773F2D9
3 changed files with 44 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
src/encryption/DeviceVerificationFlow.cpp
View File

@ -19,8 +19,6 @@
static constexpr int TIMEOUT = 2 * 60 * 1000; // 2 minutes static constexpr int TIMEOUT = 2 * 60 * 1000; // 2 minutes
namespace msgs = mtx::events::msg;
static mtx::events::msg::KeyVerificationMac static mtx::events::msg::KeyVerificationMac
key_verification_mac(mtx::crypto::SAS *sas, key_verification_mac(mtx::crypto::SAS *sas,
mtx::identifiers::User sender, mtx::identifiers::User sender,
@ -40,6 +38,7 @@ DeviceVerificationFlow::DeviceVerificationFlow(QObject *,
, deviceIds(std::move(deviceIds_)) , deviceIds(std::move(deviceIds_))
, model_(model) , model_(model)
{ {
nhlog::crypto()->debug("CREATING NEW FLOW, {}, {}", flow_type, (void *)this);
if (deviceIds.size() == 1) if (deviceIds.size() == 1)
deviceId = deviceIds.front(); deviceId = deviceIds.front();
@ -140,7 +139,8 @@ DeviceVerificationFlow::DeviceVerificationFlow(QObject *,
&ChatPage::receivedDeviceVerificationCancel, &ChatPage::receivedDeviceVerificationCancel,
this, this,
[this](const mtx::events::msg::KeyVerificationCancel &msg) { [this](const mtx::events::msg::KeyVerificationCancel &msg) {
nhlog::crypto()->info("verification: received cancel"); nhlog::crypto()->info(
"verification: received cancel, {} : {}", msg.code, msg.reason);
if (msg.transaction_id.has_value()) { if (msg.transaction_id.has_value()) {
if (msg.transaction_id.value() != this->transaction_id) if (msg.transaction_id.value() != this->transaction_id)
return; return;
@ -359,7 +359,7 @@ DeviceVerificationFlow::DeviceVerificationFlow(QObject *,
&ChatPage::receivedDeviceVerificationReady, &ChatPage::receivedDeviceVerificationReady,
this, this,
[this](const mtx::events::msg::KeyVerificationReady &msg) { [this](const mtx::events::msg::KeyVerificationReady &msg) {
nhlog::crypto()->info("verification: received ready"); nhlog::crypto()->info("verification: received ready {}", (void *)this);
if (!sender) { if (!sender) {
if (msg.from_device != http::client()->device_id()) { if (msg.from_device != http::client()->device_id()) {
error_ = User; error_ = User;
@ -407,7 +407,10 @@ DeviceVerificationFlow::DeviceVerificationFlow(QObject *,
else { else {
this->deviceId = QString::fromStdString(msg.from_device); this->deviceId = QString::fromStdString(msg.from_device);
} }
} else {
return;
} }
nhlog::crypto()->info("verification: received ready sending start {}", (void *)this);
this->startVerificationRequest(); this->startVerificationRequest();
}); });
@ -546,7 +549,10 @@ DeviceVerificationFlow::handleStartMessage(const mtx::events::msg::KeyVerificati
} else if (msg.relations.references()) { } else if (msg.relations.references()) {
if (msg.relations.references() != this->relation.event_id) if (msg.relations.references() != this->relation.event_id)
return; return;
} else {
return;
} }
if ((std::find(msg.key_agreement_protocols.begin(), if ((std::find(msg.key_agreement_protocols.begin(),
msg.key_agreement_protocols.end(), msg.key_agreement_protocols.end(),
"curve25519-hkdf-sha256") != msg.key_agreement_protocols.end()) && "curve25519-hkdf-sha256") != msg.key_agreement_protocols.end()) &&
@ -581,7 +587,7 @@ DeviceVerificationFlow::handleStartMessage(const mtx::events::msg::KeyVerificati
} }
if (msg.method != mtx::events::msg::VerificationMethods::SASv1) { if (msg.method != mtx::events::msg::VerificationMethods::SASv1) {
cancelVerification(DeviceVerificationFlow::Error::OutOfOrder); cancelVerification(DeviceVerificationFlow::Error::UnknownMethod);
return; return;
} }
} }
@ -599,6 +605,10 @@ DeviceVerificationFlow::handleStartMessage(const mtx::events::msg::KeyVerificati
void void
DeviceVerificationFlow::acceptVerificationRequest() DeviceVerificationFlow::acceptVerificationRequest()
{ {
if (acceptSent)
return;
acceptSent = true;
mtx::events::msg::KeyVerificationAccept req; mtx::events::msg::KeyVerificationAccept req;
req.method = mtx::events::msg::VerificationMethods::SASv1; req.method = mtx::events::msg::VerificationMethods::SASv1;
@ -639,6 +649,10 @@ DeviceVerificationFlow::sendVerificationDone()
void void
DeviceVerificationFlow::startVerificationRequest() DeviceVerificationFlow::startVerificationRequest()
{ {
if (startSent)
return;
startSent = true;
mtx::events::msg::KeyVerificationStart req; mtx::events::msg::KeyVerificationStart req;
req.from_device = http::client()->device_id(); req.from_device = http::client()->device_id();
@ -723,8 +737,8 @@ DeviceVerificationFlow::cancelVerification(DeviceVerificationFlow::Error error_c
} }
this->error_ = error_code; this->error_ = error_code;
emit errorChanged();
this->setState(Failed); this->setState(Failed);
emit errorChanged();
send(req); send(req);
} }
@ -732,6 +746,10 @@ DeviceVerificationFlow::cancelVerification(DeviceVerificationFlow::Error error_c
void void
DeviceVerificationFlow::sendVerificationKey() DeviceVerificationFlow::sendVerificationKey()
{ {
if (keySent)
return;
keySent = true;
mtx::events::msg::KeyVerificationKey req; mtx::events::msg::KeyVerificationKey req;
req.key = this->sas->public_key(); req.key = this->sas->public_key();
@ -773,6 +791,10 @@ key_verification_mac(mtx::crypto::SAS *sas,
void void
DeviceVerificationFlow::sendVerificationMac() DeviceVerificationFlow::sendVerificationMac()
{ {
if (macSent)
return;
macSent = true;
std::map<std::string, std::string> key_list; std::map<std::string, std::string> key_list;
key_list["ed25519:" + http::client()->device_id()] = olm::client()->identity_keys().ed25519; key_list["ed25519:" + http::client()->device_id()] = olm::client()->identity_keys().ed25519;

2
src/encryption/DeviceVerificationFlow.h
View File

@ -222,6 +222,8 @@ private:
bool isMacVerified = false; bool isMacVerified = false;
bool keySent = false, macSent = false, acceptSent = false, startSent = false;
template<typename T> template<typename T>
void send(T msg) void send(T msg)
{ {

21
src/encryption/VerificationManager.cpp
View File

@ -116,12 +116,18 @@ VerificationManager::verifyUser(QString userid)
if (auto model = rooms_->getRoomById(QString::fromStdString(room_id))) { if (auto model = rooms_->getRoomById(QString::fromStdString(room_id))) {
auto flow = auto flow =
DeviceVerificationFlow::InitiateUserVerification(this, model.data(), userid); DeviceVerificationFlow::InitiateUserVerification(this, model.data(), userid);
connect(model.data(), std::unique_ptr<QObject> context{new QObject(flow.get())};
&TimelineModel::updateFlowEventId, QObject *pcontext = context.get();
this, connect(
[this, flow](std::string eventId) { model.data(),
dvList[QString::fromStdString(eventId)] = flow; &TimelineModel::updateFlowEventId,
}); pcontext,
[this, flow, context = std::move(context)](std::string eventId) mutable {
if (context->parent() == flow.get()) {
dvList[QString::fromStdString(eventId)] = flow;
context.reset();
}
});
emit newDeviceVerificationRequest(flow.data()); emit newDeviceVerificationRequest(flow.data());
return; return;
} }
@ -137,8 +143,9 @@ VerificationManager::verifyUser(QString userid)
void void
VerificationManager::removeVerificationFlow(DeviceVerificationFlow *flow) VerificationManager::removeVerificationFlow(DeviceVerificationFlow *flow)
{ {
nhlog::crypto()->debug("Removing verification flow {}", (void *)flow);
for (auto it = dvList.keyValueBegin(); it != dvList.keyValueEnd(); ++it) { for (auto it = dvList.keyValueBegin(); it != dvList.keyValueEnd(); ++it) {
if ((*it).second == flow) { if (it->second == flow) {
dvList.remove((*it).first); dvList.remove((*it).first);
return; return;
} }