From f23fd5f8227fed68589584a0825f26717c51a52d Mon Sep 17 00:00:00 2001 From: Nicolas Werner Date: Tue, 6 Jul 2021 11:39:29 +0200 Subject: [PATCH] Fix a few embarrassing bugs with device list updates --- src/Cache.cpp | 22 ++++++++++++++-------- 1 file changed, 14 insertions(+), 8 deletions(-) diff --git a/src/Cache.cpp b/src/Cache.cpp index aba76406..8146e2cc 100644 --- a/src/Cache.cpp +++ b/src/Cache.cpp @@ -3588,25 +3588,31 @@ Cache::updateUserKeys(const std::string &sync_token, const mtx::responses::Query updateToWrite.self_signing_keys = update.self_signing_keys; updateToWrite.user_signing_keys = update.user_signing_keys; - // If we have keys for the device already, only update the signatures. + auto oldDeviceKeys = std::move(updateToWrite.device_keys); + updateToWrite.device_keys.clear(); + + // Don't insert keys, which we have seen once already for (const auto &[device_id, device_keys] : update.device_keys) { - if (updateToWrite.device_keys.count(device_id) && - updateToWrite.device_keys.at(device_id).keys == - device_keys.keys) { - updateToWrite.device_keys.at(device_id).signatures = - device_keys.signatures; + if (oldDeviceKeys.count(device_id) && + oldDeviceKeys.at(device_id).keys == device_keys.keys) { + // this is safe, since the keys are the same + updateToWrite.device_keys[device_id] = device_keys; } else { bool keyReused = false; for (const auto &[key_id, key] : device_keys.keys) { (void)key_id; if (updateToWrite.seen_device_keys.count(key)) { + nhlog::crypto()->warn( + "Key '{}' reused by ({}: {})", + key, + user, + device_id); keyReused = true; break; } } - if (!updateToWrite.device_keys.count(device_id) && - !keyReused) + if (!keyReused && !oldDeviceKeys.count(device_id)) updateToWrite.device_keys[device_id] = device_keys; }