improvement: maybe cross signing really works now

This commit is contained in:
Timo Kösters 2023-08-07 13:55:44 +02:00
parent acfe381dd3
commit c1e2ffc0cd
No known key found for this signature in database
GPG key ID: 0B25E636FBA7E4CB
7 changed files with 35 additions and 15 deletions

View file

@ -132,6 +132,7 @@ pub async fn upload_signing_keys_route(
master_key,
&body.self_signing_key,
&body.user_signing_key,
true, // notify so that other users see the new keys
)?;
}
@ -375,6 +376,10 @@ pub(crate) async fn get_keys_helper<F: Fn(&UserId) -> bool>(
}
let json = serde_json::to_value(master_key).expect("to_value always works");
let raw = serde_json::from_value(json).expect("Raw::from_value always works");
services().users.add_cross_signing_keys(
&user, &raw, &None, &None,
false, // Dont notify. A notification would trigger another key request resulting in an endless loop
)?;
master_keys.insert(user, raw);
}

View file

@ -20,9 +20,8 @@ use ruma::{
StateEventType, TimelineEventType,
},
serde::Raw,
uint, DeviceId, OwnedDeviceId, OwnedEventId, OwnedUserId, RoomId, UInt, UserId,
uint, DeviceId, OwnedDeviceId, OwnedUserId, RoomId, UInt, UserId,
};
use serde::Deserialize;
use std::{
collections::{hash_map::Entry, BTreeMap, BTreeSet, HashMap, HashSet},
sync::Arc,

View file

@ -55,7 +55,7 @@ use std::{
time::{Duration, Instant, SystemTime},
};
use tracing::{debug, error, info, warn};
use tracing::{debug, error, warn};
/// Wraps either an literal IP address plus port, or a hostname plus complement
/// (colon-plus-port if it was specified).
@ -917,6 +917,7 @@ pub async fn send_transaction_message_route(
&master_key,
&self_signing_key,
&None,
true,
)?;
}
}

View file

@ -449,6 +449,7 @@ impl service::users::Data for KeyValueDatabase {
master_key: &Raw<CrossSigningKey>,
self_signing_key: &Option<Raw<CrossSigningKey>>,
user_signing_key: &Option<Raw<CrossSigningKey>>,
notify: bool,
) -> Result<()> {
// TODO: Check signatures
let mut prefix = user_id.as_bytes().to_vec();
@ -530,7 +531,9 @@ impl service::users::Data for KeyValueDatabase {
.insert(user_id.as_bytes(), &user_signing_key_key)?;
}
self.mark_device_key_update(user_id)?;
if notify {
self.mark_device_key_update(user_id)?;
}
Ok(())
}

View file

@ -14,6 +14,7 @@ use ruma::{
serde::Raw,
OwnedRoomId, OwnedServerName, OwnedUserId, RoomId, ServerName, UserId,
};
use tracing::warn;
use crate::{services, Error, Result};
@ -88,8 +89,9 @@ impl Service {
RoomAccountDataEventType::Tag,
)?
.map(|event| {
serde_json::from_str(event.get()).map_err(|_| {
Error::bad_database("Invalid account data event in db.")
serde_json::from_str(event.get()).map_err(|e| {
warn!("Invalid account data event in db: {e:?}");
Error::BadDatabase("Invalid account data event in db.")
})
})
{
@ -113,8 +115,9 @@ impl Service {
GlobalAccountDataEventType::Direct.to_string().into(),
)?
.map(|event| {
serde_json::from_str::<DirectEvent>(event.get()).map_err(|_| {
Error::bad_database("Invalid account data event in db.")
serde_json::from_str::<DirectEvent>(event.get()).map_err(|e| {
warn!("Invalid account data event in db: {e:?}");
Error::BadDatabase("Invalid account data event in db.")
})
})
{
@ -155,8 +158,10 @@ impl Service {
.into(),
)?
.map(|event| {
serde_json::from_str::<IgnoredUserListEvent>(event.get())
.map_err(|_| Error::bad_database("Invalid account data event in db."))
serde_json::from_str::<IgnoredUserListEvent>(event.get()).map_err(|e| {
warn!("Invalid account data event in db: {e:?}");
Error::BadDatabase("Invalid account data event in db.")
})
})
.transpose()?
.map_or(false, |ignored| {

View file

@ -111,6 +111,7 @@ pub trait Data: Send + Sync {
master_key: &Raw<CrossSigningKey>,
self_signing_key: &Option<Raw<CrossSigningKey>>,
user_signing_key: &Option<Raw<CrossSigningKey>>,
notify: bool,
) -> Result<()>;
fn sign_key(

View file

@ -66,7 +66,7 @@ impl Service {
return BTreeMap::new();
};
let cache = &mut self.connections.lock().unwrap();
let mut cache = self.connections.lock().unwrap();
let cached = Arc::clone(
cache
.entry((user_id, device_id, conn_id))
@ -185,7 +185,7 @@ impl Service {
conn_id: String,
subscriptions: BTreeMap<OwnedRoomId, sync_events::v4::RoomSubscription>,
) {
let cache = &mut self.connections.lock().unwrap();
let mut cache = self.connections.lock().unwrap();
let cached = Arc::clone(
cache
.entry((user_id, device_id, conn_id))
@ -212,7 +212,7 @@ impl Service {
list_id: String,
new_cached_rooms: BTreeMap<OwnedRoomId, bool>,
) {
let cache = &mut self.connections.lock().unwrap();
let mut cache = self.connections.lock().unwrap();
let cached = Arc::clone(
cache
.entry((user_id, device_id, conn_id))
@ -398,9 +398,15 @@ impl Service {
master_key: &Raw<CrossSigningKey>,
self_signing_key: &Option<Raw<CrossSigningKey>>,
user_signing_key: &Option<Raw<CrossSigningKey>>,
notify: bool,
) -> Result<()> {
self.db
.add_cross_signing_keys(user_id, master_key, self_signing_key, user_signing_key)
self.db.add_cross_signing_keys(
user_id,
master_key,
self_signing_key,
user_signing_key,
notify,
)
}
pub fn sign_key(