rnhmjoj
/
nheko
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Updating keys of outdated encrypted users

This commit is contained in:
CH Chethan Reddy 2020-07-06 21:32:21 +05:30
parent 1103cc15cf
commit a2979c2df1
7 changed files with 89 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
src/Cache.cpp
View File

@ -31,8 +31,10 @@
#include "Cache.h" #include "Cache.h"
#include "Cache_p.h" #include "Cache_p.h"
#include "ChatPage.h"
#include "EventAccessors.h" #include "EventAccessors.h"
#include "Logging.h" #include "Logging.h"
#include "MatrixClient.h"
#include "Utils.h" #include "Utils.h"
//! Should be changed when a breaking change occurs in the cache format. //! Should be changed when a breaking change occurs in the cache format.
@ -1009,6 +1011,8 @@ Cache::saveState(const mtx::responses::Sync &res)
savePresence(txn, res.presence); savePresence(txn, res.presence);
updateUserCache(res.device_lists);
removeLeftRooms(txn, res.rooms.leave); removeLeftRooms(txn, res.rooms.leave);
txn.commit(); txn.commit();
@ -2885,17 +2889,13 @@ Cache::statusMessage(const std::string &user_id)
void void
to_json(json &j, const UserCache &info) to_json(json &j, const UserCache &info)
{ {
j["is_user_verified"] = info.is_user_verified; j["keys"] = info.keys;
j["cross_verified"] = info.cross_verified;
j["keys"] = info.keys;
} }
void void
from_json(const json &j, UserCache &info) from_json(const json &j, UserCache &info)
{ {
info.is_user_verified = j.at("is_user_verified"); info.keys = j.at("keys").get<mtx::responses::QueryKeys>();
info.cross_verified = j.at("cross_verified").get<std::vector<std::string>>();
info.keys = j.at("keys").get<mtx::responses::QueryKeys>();
} }
std::optional<UserCache> std::optional<UserCache>
@ -2932,6 +2932,32 @@ Cache::setUserCache(const std::string &user_id, const UserCache &body)
return res; return res;
} }
void
Cache::updateUserCache(const mtx::responses::DeviceLists body)
{
for (auto user_id : body.changed) {
mtx::requests::QueryKeys req;
req.device_keys[user_id] = {};
http::client()->query_keys(
req,
[user_id, this](const mtx::responses::QueryKeys res, mtx::http::RequestErr err) {
if (err) {
nhlog::net()->warn("failed to query device keys: {},{}",
err->matrix_error.errcode,
static_cast<int>(err->status_code));
return;
}
setUserCache(user_id, UserCache{std::move(res)});
});
}
for (std::string user_id : body.left) {
deleteUserCache(user_id);
}
}
int int
Cache::deleteUserCache(const std::string &user_id) Cache::deleteUserCache(const std::string &user_id)
{ {
@ -2947,15 +2973,19 @@ Cache::deleteUserCache(const std::string &user_id)
void void
to_json(json &j, const DeviceVerifiedCache &info) to_json(json &j, const DeviceVerifiedCache &info)
{ {
j["device_verified"] = info.device_verified; j["is_user_verified"] = info.is_user_verified;
j["device_blocked"] = info.device_blocked; j["cross_verified"] = info.cross_verified;
j["device_verified"] = info.device_verified;
j["device_blocked"] = info.device_blocked;
} }
void void
from_json(const json &j, DeviceVerifiedCache &info) from_json(const json &j, DeviceVerifiedCache &info)
{ {
info.device_verified = j.at("device_verified").get<std::vector<std::string>>(); info.is_user_verified = j.at("is_user_verified");
info.device_blocked = j.at("device_blocked").get<std::vector<std::string>>(); info.cross_verified = j.at("cross_verified").get<std::vector<std::string>>();
info.device_verified = j.at("device_verified").get<std::vector<std::string>>();
info.device_blocked = j.at("device_blocked").get<std::vector<std::string>>();
} }
std::optional<DeviceVerifiedCache> std::optional<DeviceVerifiedCache>
@ -3178,6 +3208,12 @@ getUserCache(const std::string &user_id)
return instance_->getUserCache(user_id); return instance_->getUserCache(user_id);
} }
void
updateUserCache(const mtx::responses::DeviceLists body)
{
instance_->updateUserCache(body);
}
int int
setUserCache(const std::string &user_id, const UserCache &body) setUserCache(const std::string &user_id, const UserCache &body)
{ {

3
src/Cache.h
View File

@ -64,6 +64,9 @@ statusMessage(const std::string &user_id);
std::optional<UserCache> std::optional<UserCache>
getUserCache(const std::string &user_id); getUserCache(const std::string &user_id);
void
updateUserCache(const mtx::responses::DeviceLists body);
int int
setUserCache(const std::string &user_id, const UserCache &body); setUserCache(const std::string &user_id, const UserCache &body);

29
src/CacheCryptoStructs.h
View File

@ -66,14 +66,16 @@ struct OlmSessionStorage
std::mutex group_inbound_mtx; std::mutex group_inbound_mtx;
}; };
// this will store the keys of the user with whom a encrypted room is shared with
struct UserCache struct UserCache
{ {
//! this stores if the user is verified (with cross-signing)
bool is_user_verified = false;
//! list of verified device_ids with cross-signing
std::vector<std::string> cross_verified;
//! map of public key key_ids and their public_key //! map of public key key_ids and their public_key
mtx::responses::QueryKeys keys; mtx::responses::QueryKeys keys;
UserCache(mtx::responses::QueryKeys res)
: keys(res)
{}
UserCache() {}
}; };
void void
@ -81,11 +83,30 @@ to_json(nlohmann::json &j, const UserCache &info);
void void
from_json(const nlohmann::json &j, UserCache &info); from_json(const nlohmann::json &j, UserCache &info);
// the reason these are stored in a seperate cache rather than storing it in the user cache is
// UserCache stores only keys of users with which encrypted room is shared
struct DeviceVerifiedCache struct DeviceVerifiedCache
{ {
//! list of verified device_ids with device-verification //! list of verified device_ids with device-verification
std::vector<std::string> device_verified; std::vector<std::string> device_verified;
//! list of verified device_ids with cross-signing
std::vector<std::string> cross_verified;
//! list of devices the user blocks
std::vector<std::string> device_blocked; std::vector<std::string> device_blocked;
//! this stores if the user is verified (with cross-signing)
bool is_user_verified = false;
DeviceVerifiedCache(std::vector<std::string> device_verified_,
std::vector<std::string> cross_verified_,
std::vector<std::string> device_blocked_,
bool is_user_verified_ = false)
: device_verified(device_verified_)
, cross_verified(cross_verified_)
, device_blocked(device_blocked_)
, is_user_verified(is_user_verified_)
{}
DeviceVerifiedCache() {}
}; };
void void

5
src/Cache_p.h
View File

@ -56,6 +56,7 @@ public:
// user cache stores user keys // user cache stores user keys
std::optional<UserCache> getUserCache(const std::string &user_id); std::optional<UserCache> getUserCache(const std::string &user_id);
void updateUserCache(const mtx::responses::DeviceLists body);
int setUserCache(const std::string &user_id, const UserCache &body); int setUserCache(const std::string &user_id, const UserCache &body);
int deleteUserCache(const std::string &user_id); int deleteUserCache(const std::string &user_id);
@ -521,12 +522,12 @@ private:
lmdb::dbi getUserCacheDb(lmdb::txn &txn) lmdb::dbi getUserCacheDb(lmdb::txn &txn)
{ {
return lmdb::dbi::open(txn, std::string("user_cache").c_str(), MDB_CREATE); return lmdb::dbi::open(txn, "user_cache", MDB_CREATE);
} }
lmdb::dbi getDeviceVerifiedDb(lmdb::txn &txn) lmdb::dbi getDeviceVerifiedDb(lmdb::txn &txn)
{ {
return lmdb::dbi::open(txn, std::string("verified").c_str(), MDB_CREATE); return lmdb::dbi::open(txn, "verified", MDB_CREATE);
} }
//! Retrieves or creates the database that stores the open OLM sessions between our device //! Retrieves or creates the database that stores the open OLM sessions between our device

8
src/DeviceVerificationFlow.cpp
View File

@ -477,7 +477,7 @@ DeviceVerificationFlow::cancelVerification(DeviceVerificationFlow::Error error_c
} else { } else {
cache::setVerifiedCache( cache::setVerifiedCache(
this->userId.toStdString(), this->userId.toStdString(),
DeviceVerifiedCache{{}, {this->deviceId.toStdString()}}); DeviceVerifiedCache{{}, {}, {this->deviceId.toStdString()}});
} }
this->deleteLater(); this->deleteLater();
}); });
@ -564,8 +564,9 @@ DeviceVerificationFlow::acceptDevice()
} }
cache::setVerifiedCache(this->userId.toStdString(), verified_cache.value()); cache::setVerifiedCache(this->userId.toStdString(), verified_cache.value());
} else { } else {
cache::setVerifiedCache(this->userId.toStdString(), cache::setVerifiedCache(
DeviceVerifiedCache{{this->deviceId.toStdString()}, {}}); this->userId.toStdString(),
DeviceVerifiedCache{{this->deviceId.toStdString()}, {}, {}});
} }
emit deviceVerified(); emit deviceVerified();
@ -616,5 +617,4 @@ DeviceVerificationFlow::unverify()
} }
emit refreshProfile(); emit refreshProfile();
this->deleteLater();
} }

17
src/ui/UserProfile.cpp
View File

@ -77,8 +77,7 @@ UserProfile::avatarUrl()
void void
UserProfile::callback_fn(const mtx::responses::QueryKeys &res, UserProfile::callback_fn(const mtx::responses::QueryKeys &res,
mtx::http::RequestErr err, mtx::http::RequestErr err,
std::string user_id, std::string user_id)
std::optional<std::vector<std::string>> cross_verified)
{ {
if (err) { if (err) {
nhlog::net()->warn("failed to query device keys: {},{}", nhlog::net()->warn("failed to query device keys: {},{}",
@ -101,16 +100,15 @@ UserProfile::callback_fn(const mtx::responses::QueryKeys &res,
// TODO: Verify signatures and ignore those that don't pass. // TODO: Verify signatures and ignore those that don't pass.
verification::Status verified = verification::Status::UNVERIFIED; verification::Status verified = verification::Status::UNVERIFIED;
if (cross_verified.has_value()) { if (device_verified.has_value()) {
if (std::find(cross_verified->begin(), cross_verified->end(), d.first) != if (std::find(device_verified->cross_verified.begin(),
cross_verified->end()) device_verified->cross_verified.end(),
d.first) != device_verified->cross_verified.end())
verified = verification::Status::VERIFIED; verified = verification::Status::VERIFIED;
} else if (device_verified.has_value()) {
if (std::find(device_verified->device_verified.begin(), if (std::find(device_verified->device_verified.begin(),
device_verified->device_verified.end(), device_verified->device_verified.end(),
d.first) != device_verified->device_verified.end()) d.first) != device_verified->device_verified.end())
verified = verification::Status::VERIFIED; verified = verification::Status::VERIFIED;
} else if (device_verified.has_value()) {
if (std::find(device_verified->device_blocked.begin(), if (std::find(device_verified->device_blocked.begin(),
device_verified->device_blocked.end(), device_verified->device_blocked.end(),
d.first) != device_verified->device_blocked.end()) d.first) != device_verified->device_blocked.end())
@ -138,8 +136,7 @@ UserProfile::fetchDeviceList(const QString &userID)
auto user_cache = cache::getUserCache(userID.toStdString()); auto user_cache = cache::getUserCache(userID.toStdString());
if (user_cache.has_value()) { if (user_cache.has_value()) {
this->callback_fn( this->callback_fn(user_cache->keys, {}, userID.toStdString());
user_cache->keys, {}, userID.toStdString(), user_cache->cross_verified);
} else { } else {
mtx::requests::QueryKeys req; mtx::requests::QueryKeys req;
req.device_keys[userID.toStdString()] = {}; req.device_keys[userID.toStdString()] = {};
@ -147,7 +144,7 @@ UserProfile::fetchDeviceList(const QString &userID)
req, req,
[user_id = userID.toStdString(), this](const mtx::responses::QueryKeys &res, [user_id = userID.toStdString(), this](const mtx::responses::QueryKeys &res,
mtx::http::RequestErr err) { mtx::http::RequestErr err) {
this->callback_fn(res, err, user_id, {}); this->callback_fn(res, err, user_id);
}); });
} }
} }

3
src/ui/UserProfile.h
View File

@ -103,6 +103,5 @@ private:
void callback_fn(const mtx::responses::QueryKeys &res, void callback_fn(const mtx::responses::QueryKeys &res,
mtx::http::RequestErr err, mtx::http::RequestErr err,
std::string user_id, std::string user_id);
std::optional<std::vector<std::string>> cross_verified);
}; };