Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

crypto: withhold outgoing messages to unsigned dehydrated devices #4551

Draft
wants to merge 2 commits into
base: main
Choose a base branch
from
Draft

crypto: withhold outgoing messages to unsigned dehydrated devices #4551

wants to merge 2 commits into from
+804 −69

Conversation

richvdh
Copy link
Member

@richvdh richvdh commented Jan 17, 2025

Per #4313, we should not send outgoing messages to dehydrated devices that are not signed by the current pinned/verified identity.

Fixes #4313

@richvdh
test: factor out test helpers in share_strategy tests
e9c5096 
 * Split the existing `set_up_test_machine` into two parts, so we can set up
   the test OlmMachine without importing data for other users
 * Add some helpers for creating common `EncryptionSettings`
@richvdh richvdh requested review from a team as code owners January 17, 2025 16:40
@richvdh richvdh requested review from poljar and removed request for a team January 17, 2025 16:40
@richvdh
crypto: withhold outgoing messages to unsigned dehydrated devices
cac1067 
Per #4313, we should not
send outgoing messages to dehydrated devices that are not signed by the current
pinned/verified identity.
@richvdh richvdh force-pushed the rav/withheld_to_unverified_dehydrated branch from 001dcf6 to cac1067 Compare January 17, 2025 16:54
richvdh
richvdh commented Jan 17, 2025
View reviewed changes
crates/matrix-sdk-crypto/src/session_manager/group_sessions/share_strategy.rs
// We only need the user identity if `only_allow_trusted_devices` or
// `error_on_verified_user_problem` is set.
let device_owner_identity =
if only_allow_trusted_devices || error_on_verified_user_problem {
store.get_user_identity(user_id).await?
} else {
None
};
let device_owner_identity = store.get_user_identity(user_id).await?;
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We now also need the identity if the user has a dehydrated device. Trying to optimise away this call in the cases where we weren't going to need the identity was getting too complicated, so let's just do it every time.

@codecov Codecov
Copy link

codecov bot commented Jan 17, 2025

Codecov Report

Attention: Patch coverage is 89.28571% with 3 lines in your changes missing coverage. Please review.

Project coverage is 85.40%. Comparing base (f7db52e) to head (cac1067).
Report is 7 commits behind head on main.

Files with missing lines Patch % Lines
...c/session_manager/group_sessions/share_strategy.rs 92.00% 2 Missing ⚠️
crates/matrix-sdk-crypto/src/identities/device.rs 66.66% 1 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #4551      +/-   ##
==========================================
- Coverage   85.40%   85.40%   -0.01%     
==========================================
  Files         285      285              
  Lines       32213    32230      +17     
==========================================
+ Hits        27513    27526      +13     
- Misses       4700     4704       +4

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@richvdh richvdh mentioned this pull request Jan 20, 2025
Open
@richvdh
Copy link
Member Author

richvdh commented Jan 20, 2025

I need to update this in view of #4313 (comment)

@richvdh richvdh marked this pull request as draft January 20, 2025 21:22
@richvdh richvdh removed the request for review from poljar January 20, 2025 21:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

KeySharing, DevicebasedStrategy | Exclude insecure dehydrated devices when sending messages
1 participant
@richvdh