Nicolas Werner
537fa437e2
Store secrets (apart from the pickle key) in the database
2022-11-06 03:36:56 +01:00
Nicolas Werner
676a6506cb
Speedup sending encrypted messages after metasync was reenabled
...
Calling fsync everytime we save to the db is slow, which is actually
fairly noticeable in some larger E2EE rooms. Speed that up slightly by
batching the olm session persisting.
2022-11-01 20:58:01 +01:00
Nicolas Werner
b28fa86e6a
Enable -Wconversion
2022-10-26 01:10:35 +02:00
Nicolas Werner
af699eb83e
Mark classes as final where possible
2022-10-10 14:38:45 +02:00
Loren Burkholder
8ecbb39dc6
cppcheck stuff ( #1200 )
...
* cppcheck stuff
* Update src/ui/RoomSettings.cpp
Co-authored-by: DeepBlueV7.X <nicolas.werner@hotmail.de>
* Update src/ui/RoomSettings.cpp
Co-authored-by: DeepBlueV7.X <nicolas.werner@hotmail.de>
* Fix linting
Co-authored-by: DeepBlueV7.X <nicolas.werner@hotmail.de>
2022-10-03 21:57:30 +00:00
Nicolas Werner
a55fc8e43b
Work around MSVC bug with structured bindings in lambdas
...
Causes error messages like:
error C3493: 'key_id' cannot be implicitly captured because no default capture mode has been specified
2022-10-02 02:06:09 +02:00
Nicolas Werner
2fde381a82
Merge branch 'v0.10.2-fixes'
2022-09-28 14:27:54 +02:00
Nicolas Werner
67bee15a38
Prevent the homeserver from inserting malicious secrets
...
Correctly verify that the reply to a secrets request is actually coming
from a verified device. While we did verify that it was us who replied,
we didn't properly cancel storing the secret if the sending device was
one of ours but was maliciously inserted by the homeserver and
unverified. We only send secret requests to verified devices in the
first place, so only the homeserver could abuse this issue.
Additionally we protected against malicious secret poisoning by
verifying that the secret is actually the reply to a request. This means
the server only has 2 places where it can poison the secrets:
- After a verification when we automatically request the secrets
- When the user manually hits the request button
It also needs to prevent other secret answers to reach the client first
since we ignore all replies after that one.
The impact of this might be quite severe. It could allow the server to
replace the cross-signing keys silently and while we might not trust
that key, we possibly could trust it in the future if we rely on the
stored secret. Similarly this could potentially be abused to make the
client trust a malicious online key backup.
If your deployment is not patched yet and you don't control your
homeserver, you can protect against this by simply not doing any
verifications of your own devices and not pressing the request button in
the settings menu.
2022-09-28 13:36:52 +02:00
Nicolas Werner
851333a50d
Switch to clang-format14
2022-09-25 20:05:08 +02:00
Nicolas Werner
db43743697
Fix too many fmt parameters
2022-07-30 16:47:55 +02:00
Nicolas Werner
3c480d47f1
Make code compile with hidden friends
2022-07-29 04:04:44 +02:00
Nicolas Werner
904745543a
Verifications sneakily accumulating in the background
2022-07-22 11:46:37 +02:00
Nicolas Werner
ead10cd0fd
Request full online keybackup when turning it on
2022-06-19 16:37:00 +02:00
Nicolas Werner
35ff02ce48
Remove a few more headers
2022-06-18 02:31:01 +02:00
Nicolas Werner
8cdfbf9391
Get rid of 'using json = nlohmann::json'
2022-06-17 22:03:54 +02:00
Nicolas Werner
ef941920ea
Fix compilation without implicit nlohmann conversions
2022-06-17 03:14:48 +02:00
Nicolas Werner
beb59d5d2e
Simplify includes a bit
2022-06-16 01:19:26 +02:00
Nicolas Werner
62b3b461ec
Fix comparison for glare algorithm
2022-06-12 19:09:07 +02:00
Nicolas Werner
00740a7e65
Properly handle glare when verifying
2022-06-12 17:53:17 +02:00
Nicolas Werner
90da39313f
Use right linter
2022-05-10 03:53:35 +02:00
Nicolas Werner
a6b2be112b
More image dialog fixes
2022-05-10 03:20:09 +02:00
Nicolas Werner
66b7ff639c
Remove sender key from megolm session index
...
implements MSC3700
see https://github.com/matrix-org/matrix-spec-proposals/pull/3700
2022-04-08 01:53:00 +02:00
Nicolas Werner
8e20139079
Allow properly editing pending encrypted messages
2022-02-27 06:43:45 +01:00
Nicolas Werner
1bc986fd3b
Prevent old verification requests from showing up
2022-02-14 15:25:55 +01:00
Nicolas Werner
61404641d9
Update year in copyright notice to shut up lint job
2022-01-01 04:57:53 +01:00
Nicolas Werner
19dc6cadea
Reserve size of some containers we are filling
2021-12-29 06:01:38 +01:00
Nicolas Werner
d8ead9573b
Reduce allocations using QStringLiteral
2021-12-29 04:52:52 +01:00
Nicolas Werner
bb290f9fec
Fix more warnings and remove dead code
2021-12-28 22:30:12 +01:00
Nicolas Werner
89e58f78f1
Fix a few shadowing warnings
...
fixes #824
2021-12-11 06:19:54 +01:00
Nicolas Werner
a13f492e7d
Make clang-format <13 and clang-format >=13 behave the same
...
I think old clang-format is just buggy in those cases, so we should
reenable those blocks, once everyone has 13 or up.
2021-11-22 00:33:43 +01:00
Nicolas Werner
f9362c75cf
Fix no replies being rendered for edits sent from Element in encrypted rooms
2021-11-11 00:41:21 +01:00
Nicolas Werner
ff560a09f5
Improve fetching of device keys after login
2021-11-08 17:01:22 +01:00
Nicolas Werner
809be93e20
Fix self verification status never updating
2021-11-07 21:27:58 +01:00
Nicolas Werner
7de24a4271
Don't try to load verification status before db is ready
2021-11-07 20:27:56 +01:00
Nicolas Werner
5ca1fb18bb
Move away from using an event loop to access secrets
...
Fixes messages in room flickering and being stuck
fixes #760
relates to #770
relates to #789
2021-11-07 03:52:57 +01:00
Nicolas Werner
373e124bf7
Fix translation nits
2021-11-04 01:10:56 +01:00
Nicolas Werner
2aabe9dcac
Prompt user when there are unverified devices
2021-11-01 22:20:15 +01:00
Nicolas Werner
5688b2647e
Add self verification after login
2021-10-30 00:23:07 +02:00
Nicolas Werner
2981f71d22
lint using clang11
2021-10-17 17:33:59 +02:00
Nicolas Werner
6793bdf3fd
lint
2021-10-17 17:20:51 +02:00
Nicolas Werner
a5030bdd4d
move device verification management to its own file
2021-10-17 17:18:14 +02:00
Nicolas Werner
550c80525a
Move voip and encryption stuff into their own directories
2021-10-17 17:18:14 +02:00