mirror of
https://github.com/Nheko-Reborn/nheko.git
synced 2024-11-26 04:58:49 +03:00
Updating keys of outdated encrypted users
This commit is contained in:
parent
1103cc15cf
commit
a2979c2df1
7 changed files with 89 additions and 32 deletions
|
@ -31,8 +31,10 @@
|
|||
|
||||
#include "Cache.h"
|
||||
#include "Cache_p.h"
|
||||
#include "ChatPage.h"
|
||||
#include "EventAccessors.h"
|
||||
#include "Logging.h"
|
||||
#include "MatrixClient.h"
|
||||
#include "Utils.h"
|
||||
|
||||
//! Should be changed when a breaking change occurs in the cache format.
|
||||
|
@ -1009,6 +1011,8 @@ Cache::saveState(const mtx::responses::Sync &res)
|
|||
|
||||
savePresence(txn, res.presence);
|
||||
|
||||
updateUserCache(res.device_lists);
|
||||
|
||||
removeLeftRooms(txn, res.rooms.leave);
|
||||
|
||||
txn.commit();
|
||||
|
@ -2885,16 +2889,12 @@ Cache::statusMessage(const std::string &user_id)
|
|||
void
|
||||
to_json(json &j, const UserCache &info)
|
||||
{
|
||||
j["is_user_verified"] = info.is_user_verified;
|
||||
j["cross_verified"] = info.cross_verified;
|
||||
j["keys"] = info.keys;
|
||||
}
|
||||
|
||||
void
|
||||
from_json(const json &j, UserCache &info)
|
||||
{
|
||||
info.is_user_verified = j.at("is_user_verified");
|
||||
info.cross_verified = j.at("cross_verified").get<std::vector<std::string>>();
|
||||
info.keys = j.at("keys").get<mtx::responses::QueryKeys>();
|
||||
}
|
||||
|
||||
|
@ -2932,6 +2932,32 @@ Cache::setUserCache(const std::string &user_id, const UserCache &body)
|
|||
return res;
|
||||
}
|
||||
|
||||
void
|
||||
Cache::updateUserCache(const mtx::responses::DeviceLists body)
|
||||
{
|
||||
for (auto user_id : body.changed) {
|
||||
mtx::requests::QueryKeys req;
|
||||
req.device_keys[user_id] = {};
|
||||
|
||||
http::client()->query_keys(
|
||||
req,
|
||||
[user_id, this](const mtx::responses::QueryKeys res, mtx::http::RequestErr err) {
|
||||
if (err) {
|
||||
nhlog::net()->warn("failed to query device keys: {},{}",
|
||||
err->matrix_error.errcode,
|
||||
static_cast<int>(err->status_code));
|
||||
return;
|
||||
}
|
||||
|
||||
setUserCache(user_id, UserCache{std::move(res)});
|
||||
});
|
||||
}
|
||||
|
||||
for (std::string user_id : body.left) {
|
||||
deleteUserCache(user_id);
|
||||
}
|
||||
}
|
||||
|
||||
int
|
||||
Cache::deleteUserCache(const std::string &user_id)
|
||||
{
|
||||
|
@ -2947,6 +2973,8 @@ Cache::deleteUserCache(const std::string &user_id)
|
|||
void
|
||||
to_json(json &j, const DeviceVerifiedCache &info)
|
||||
{
|
||||
j["is_user_verified"] = info.is_user_verified;
|
||||
j["cross_verified"] = info.cross_verified;
|
||||
j["device_verified"] = info.device_verified;
|
||||
j["device_blocked"] = info.device_blocked;
|
||||
}
|
||||
|
@ -2954,6 +2982,8 @@ to_json(json &j, const DeviceVerifiedCache &info)
|
|||
void
|
||||
from_json(const json &j, DeviceVerifiedCache &info)
|
||||
{
|
||||
info.is_user_verified = j.at("is_user_verified");
|
||||
info.cross_verified = j.at("cross_verified").get<std::vector<std::string>>();
|
||||
info.device_verified = j.at("device_verified").get<std::vector<std::string>>();
|
||||
info.device_blocked = j.at("device_blocked").get<std::vector<std::string>>();
|
||||
}
|
||||
|
@ -3178,6 +3208,12 @@ getUserCache(const std::string &user_id)
|
|||
return instance_->getUserCache(user_id);
|
||||
}
|
||||
|
||||
void
|
||||
updateUserCache(const mtx::responses::DeviceLists body)
|
||||
{
|
||||
instance_->updateUserCache(body);
|
||||
}
|
||||
|
||||
int
|
||||
setUserCache(const std::string &user_id, const UserCache &body)
|
||||
{
|
||||
|
|
|
@ -64,6 +64,9 @@ statusMessage(const std::string &user_id);
|
|||
std::optional<UserCache>
|
||||
getUserCache(const std::string &user_id);
|
||||
|
||||
void
|
||||
updateUserCache(const mtx::responses::DeviceLists body);
|
||||
|
||||
int
|
||||
setUserCache(const std::string &user_id, const UserCache &body);
|
||||
|
||||
|
|
|
@ -66,14 +66,16 @@ struct OlmSessionStorage
|
|||
std::mutex group_inbound_mtx;
|
||||
};
|
||||
|
||||
// this will store the keys of the user with whom a encrypted room is shared with
|
||||
struct UserCache
|
||||
{
|
||||
//! this stores if the user is verified (with cross-signing)
|
||||
bool is_user_verified = false;
|
||||
//! list of verified device_ids with cross-signing
|
||||
std::vector<std::string> cross_verified;
|
||||
//! map of public key key_ids and their public_key
|
||||
mtx::responses::QueryKeys keys;
|
||||
|
||||
UserCache(mtx::responses::QueryKeys res)
|
||||
: keys(res)
|
||||
{}
|
||||
UserCache() {}
|
||||
};
|
||||
|
||||
void
|
||||
|
@ -81,11 +83,30 @@ to_json(nlohmann::json &j, const UserCache &info);
|
|||
void
|
||||
from_json(const nlohmann::json &j, UserCache &info);
|
||||
|
||||
// the reason these are stored in a seperate cache rather than storing it in the user cache is
|
||||
// UserCache stores only keys of users with which encrypted room is shared
|
||||
struct DeviceVerifiedCache
|
||||
{
|
||||
//! list of verified device_ids with device-verification
|
||||
std::vector<std::string> device_verified;
|
||||
//! list of verified device_ids with cross-signing
|
||||
std::vector<std::string> cross_verified;
|
||||
//! list of devices the user blocks
|
||||
std::vector<std::string> device_blocked;
|
||||
//! this stores if the user is verified (with cross-signing)
|
||||
bool is_user_verified = false;
|
||||
|
||||
DeviceVerifiedCache(std::vector<std::string> device_verified_,
|
||||
std::vector<std::string> cross_verified_,
|
||||
std::vector<std::string> device_blocked_,
|
||||
bool is_user_verified_ = false)
|
||||
: device_verified(device_verified_)
|
||||
, cross_verified(cross_verified_)
|
||||
, device_blocked(device_blocked_)
|
||||
, is_user_verified(is_user_verified_)
|
||||
{}
|
||||
|
||||
DeviceVerifiedCache() {}
|
||||
};
|
||||
|
||||
void
|
||||
|
|
|
@ -56,6 +56,7 @@ public:
|
|||
|
||||
// user cache stores user keys
|
||||
std::optional<UserCache> getUserCache(const std::string &user_id);
|
||||
void updateUserCache(const mtx::responses::DeviceLists body);
|
||||
int setUserCache(const std::string &user_id, const UserCache &body);
|
||||
int deleteUserCache(const std::string &user_id);
|
||||
|
||||
|
@ -521,12 +522,12 @@ private:
|
|||
|
||||
lmdb::dbi getUserCacheDb(lmdb::txn &txn)
|
||||
{
|
||||
return lmdb::dbi::open(txn, std::string("user_cache").c_str(), MDB_CREATE);
|
||||
return lmdb::dbi::open(txn, "user_cache", MDB_CREATE);
|
||||
}
|
||||
|
||||
lmdb::dbi getDeviceVerifiedDb(lmdb::txn &txn)
|
||||
{
|
||||
return lmdb::dbi::open(txn, std::string("verified").c_str(), MDB_CREATE);
|
||||
return lmdb::dbi::open(txn, "verified", MDB_CREATE);
|
||||
}
|
||||
|
||||
//! Retrieves or creates the database that stores the open OLM sessions between our device
|
||||
|
|
|
@ -477,7 +477,7 @@ DeviceVerificationFlow::cancelVerification(DeviceVerificationFlow::Error error_c
|
|||
} else {
|
||||
cache::setVerifiedCache(
|
||||
this->userId.toStdString(),
|
||||
DeviceVerifiedCache{{}, {this->deviceId.toStdString()}});
|
||||
DeviceVerifiedCache{{}, {}, {this->deviceId.toStdString()}});
|
||||
}
|
||||
this->deleteLater();
|
||||
});
|
||||
|
@ -564,8 +564,9 @@ DeviceVerificationFlow::acceptDevice()
|
|||
}
|
||||
cache::setVerifiedCache(this->userId.toStdString(), verified_cache.value());
|
||||
} else {
|
||||
cache::setVerifiedCache(this->userId.toStdString(),
|
||||
DeviceVerifiedCache{{this->deviceId.toStdString()}, {}});
|
||||
cache::setVerifiedCache(
|
||||
this->userId.toStdString(),
|
||||
DeviceVerifiedCache{{this->deviceId.toStdString()}, {}, {}});
|
||||
}
|
||||
|
||||
emit deviceVerified();
|
||||
|
@ -616,5 +617,4 @@ DeviceVerificationFlow::unverify()
|
|||
}
|
||||
|
||||
emit refreshProfile();
|
||||
this->deleteLater();
|
||||
}
|
||||
|
|
|
@ -77,8 +77,7 @@ UserProfile::avatarUrl()
|
|||
void
|
||||
UserProfile::callback_fn(const mtx::responses::QueryKeys &res,
|
||||
mtx::http::RequestErr err,
|
||||
std::string user_id,
|
||||
std::optional<std::vector<std::string>> cross_verified)
|
||||
std::string user_id)
|
||||
{
|
||||
if (err) {
|
||||
nhlog::net()->warn("failed to query device keys: {},{}",
|
||||
|
@ -101,16 +100,15 @@ UserProfile::callback_fn(const mtx::responses::QueryKeys &res,
|
|||
|
||||
// TODO: Verify signatures and ignore those that don't pass.
|
||||
verification::Status verified = verification::Status::UNVERIFIED;
|
||||
if (cross_verified.has_value()) {
|
||||
if (std::find(cross_verified->begin(), cross_verified->end(), d.first) !=
|
||||
cross_verified->end())
|
||||
if (device_verified.has_value()) {
|
||||
if (std::find(device_verified->cross_verified.begin(),
|
||||
device_verified->cross_verified.end(),
|
||||
d.first) != device_verified->cross_verified.end())
|
||||
verified = verification::Status::VERIFIED;
|
||||
} else if (device_verified.has_value()) {
|
||||
if (std::find(device_verified->device_verified.begin(),
|
||||
device_verified->device_verified.end(),
|
||||
d.first) != device_verified->device_verified.end())
|
||||
verified = verification::Status::VERIFIED;
|
||||
} else if (device_verified.has_value()) {
|
||||
if (std::find(device_verified->device_blocked.begin(),
|
||||
device_verified->device_blocked.end(),
|
||||
d.first) != device_verified->device_blocked.end())
|
||||
|
@ -138,8 +136,7 @@ UserProfile::fetchDeviceList(const QString &userID)
|
|||
auto user_cache = cache::getUserCache(userID.toStdString());
|
||||
|
||||
if (user_cache.has_value()) {
|
||||
this->callback_fn(
|
||||
user_cache->keys, {}, userID.toStdString(), user_cache->cross_verified);
|
||||
this->callback_fn(user_cache->keys, {}, userID.toStdString());
|
||||
} else {
|
||||
mtx::requests::QueryKeys req;
|
||||
req.device_keys[userID.toStdString()] = {};
|
||||
|
@ -147,7 +144,7 @@ UserProfile::fetchDeviceList(const QString &userID)
|
|||
req,
|
||||
[user_id = userID.toStdString(), this](const mtx::responses::QueryKeys &res,
|
||||
mtx::http::RequestErr err) {
|
||||
this->callback_fn(res, err, user_id, {});
|
||||
this->callback_fn(res, err, user_id);
|
||||
});
|
||||
}
|
||||
}
|
||||
|
|
|
@ -103,6 +103,5 @@ private:
|
|||
|
||||
void callback_fn(const mtx::responses::QueryKeys &res,
|
||||
mtx::http::RequestErr err,
|
||||
std::string user_id,
|
||||
std::optional<std::vector<std::string>> cross_verified);
|
||||
std::string user_id);
|
||||
};
|
||||
|
|
Loading…
Reference in a new issue