Commit graph

29 commits

Author SHA1 Message Date
Nicolas Werner
5fed4d21b1
Fix a few more clazy warnings 2023-06-08 22:32:11 +02:00
Nicolas Werner
10b65b78fa
Adapt to the new inherited variant 2023-04-11 01:38:46 +02:00
Nicolas Werner
96f791daf1
Get rid of year in license headers
See also:
https://daniel.haxx.se/blog/2023/01/08/copyright-without-years/
https://hynek.me/til/copyright-years/
2023-02-21 23:48:49 +01:00
Nicolas Werner
a11b1221a3
Switch to upstream olm error code 2023-02-21 02:21:31 +01:00
Nicolas Werner
920409e914
Reduce code bloat a bit
Especially the emoji array shrinks a lot with this, but adds a few extra
relocations on startup. But it removes a lot of exception handling code
at runtime, which is nice and possibly this is still faster.
2023-02-19 21:38:28 +01:00
Nicolas Werner
20740c9976
Automatically fetch keys for undecrypted messages after verification
Also fix rerendering edited messages after keys are received.

fixes #1375
fixes #770
fixes #888
2023-02-18 03:08:23 +01:00
Nicolas Werner
1d8fc18304
Warn when no secret can be requested 2023-01-22 05:31:33 +01:00
Jason Volk
0253aa59c7
Skip empty requests for cross-signing keys when user only has one device.
Cause: Request button pressed in user settings.

Result: Request body is jsNull; sendToDevice requires jsObject.
2023-01-22 05:26:10 +01:00
Nicolas Werner
b84bc7895e
Add some more error logging 2023-01-09 02:06:49 +01:00
Nicolas Werner
3a6a905429
A whole new year full of excitement and possibilities! 2023-01-02 04:25:33 +01:00
Nicolas Werner
537fa437e2
Store secrets (apart from the pickle key) in the database 2022-11-06 03:36:56 +01:00
Nicolas Werner
676a6506cb
Speedup sending encrypted messages after metasync was reenabled
Calling fsync everytime we save to the db is slow, which is actually
fairly noticeable in some larger E2EE rooms. Speed that up slightly by
batching the olm session persisting.
2022-11-01 20:58:01 +01:00
Nicolas Werner
b28fa86e6a
Enable -Wconversion 2022-10-26 01:10:35 +02:00
Loren Burkholder
8ecbb39dc6
cppcheck stuff (#1200)
* cppcheck stuff

* Update src/ui/RoomSettings.cpp

Co-authored-by: DeepBlueV7.X <nicolas.werner@hotmail.de>

* Update src/ui/RoomSettings.cpp

Co-authored-by: DeepBlueV7.X <nicolas.werner@hotmail.de>

* Fix linting

Co-authored-by: DeepBlueV7.X <nicolas.werner@hotmail.de>
2022-10-03 21:57:30 +00:00
Nicolas Werner
67bee15a38
Prevent the homeserver from inserting malicious secrets
Correctly verify that the reply to a secrets request is actually coming
from a verified device. While we did verify that it was us who replied,
we didn't properly cancel storing the secret if the sending device was
one of ours but was maliciously inserted by the homeserver and
unverified. We only send secret requests to verified devices in the
first place, so only the homeserver could abuse this issue.

Additionally we protected against malicious secret poisoning by
verifying that the secret is actually the reply to a request. This means
the server only has 2 places where it can poison the secrets:

- After a verification when we automatically request the secrets
- When the user manually hits the request button

It also needs to prevent other secret answers to reach the client first
since we ignore all replies after that one.

The impact of this might be quite severe. It could allow the server to
replace the cross-signing keys silently and while we might not trust
that key, we possibly could trust it in the future if we rely on the
stored secret. Similarly this could potentially be abused to make the
client trust a malicious online key backup.

If your deployment is not patched yet and you don't control your
homeserver, you can protect against this by simply not doing any
verifications of your own devices and not pressing the request button in
the settings menu.
2022-09-28 13:36:52 +02:00
Nicolas Werner
db43743697
Fix too many fmt parameters 2022-07-30 16:47:55 +02:00
Nicolas Werner
3c480d47f1
Make code compile with hidden friends 2022-07-29 04:04:44 +02:00
Nicolas Werner
ead10cd0fd
Request full online keybackup when turning it on 2022-06-19 16:37:00 +02:00
Nicolas Werner
8cdfbf9391
Get rid of 'using json = nlohmann::json' 2022-06-17 22:03:54 +02:00
Nicolas Werner
ef941920ea
Fix compilation without implicit nlohmann conversions 2022-06-17 03:14:48 +02:00
Nicolas Werner
66b7ff639c Remove sender key from megolm session index
implements MSC3700

see https://github.com/matrix-org/matrix-spec-proposals/pull/3700
2022-04-08 01:53:00 +02:00
Nicolas Werner
8e20139079
Allow properly editing pending encrypted messages 2022-02-27 06:43:45 +01:00
Nicolas Werner
61404641d9
Update year in copyright notice to shut up lint job 2022-01-01 04:57:53 +01:00
Nicolas Werner
19dc6cadea
Reserve size of some containers we are filling 2021-12-29 06:01:38 +01:00
Nicolas Werner
bb290f9fec
Fix more warnings and remove dead code 2021-12-28 22:30:12 +01:00
Nicolas Werner
89e58f78f1
Fix a few shadowing warnings
fixes #824
2021-12-11 06:19:54 +01:00
Nicolas Werner
f9362c75cf
Fix no replies being rendered for edits sent from Element in encrypted rooms 2021-11-11 00:41:21 +01:00
Nicolas Werner
5688b2647e
Add self verification after login 2021-10-30 00:23:07 +02:00
Nicolas Werner
550c80525a
Move voip and encryption stuff into their own directories 2021-10-17 17:18:14 +02:00
Renamed from src/Olm.cpp (Browse further)