improvement: maybe cross signing really works now

This commit is contained in:
Timo Kösters 2023-08-07 13:55:44 +02:00
parent acfe381dd3
commit c1e2ffc0cd
No known key found for this signature in database
GPG key ID: 0B25E636FBA7E4CB
7 changed files with 35 additions and 15 deletions

View file

@ -132,6 +132,7 @@ pub async fn upload_signing_keys_route(
master_key, master_key,
&body.self_signing_key, &body.self_signing_key,
&body.user_signing_key, &body.user_signing_key,
true, // notify so that other users see the new keys
)?; )?;
} }
@ -375,6 +376,10 @@ pub(crate) async fn get_keys_helper<F: Fn(&UserId) -> bool>(
} }
let json = serde_json::to_value(master_key).expect("to_value always works"); let json = serde_json::to_value(master_key).expect("to_value always works");
let raw = serde_json::from_value(json).expect("Raw::from_value always works"); let raw = serde_json::from_value(json).expect("Raw::from_value always works");
services().users.add_cross_signing_keys(
&user, &raw, &None, &None,
false, // Dont notify. A notification would trigger another key request resulting in an endless loop
)?;
master_keys.insert(user, raw); master_keys.insert(user, raw);
} }

View file

@ -20,9 +20,8 @@ use ruma::{
StateEventType, TimelineEventType, StateEventType, TimelineEventType,
}, },
serde::Raw, serde::Raw,
uint, DeviceId, OwnedDeviceId, OwnedEventId, OwnedUserId, RoomId, UInt, UserId, uint, DeviceId, OwnedDeviceId, OwnedUserId, RoomId, UInt, UserId,
}; };
use serde::Deserialize;
use std::{ use std::{
collections::{hash_map::Entry, BTreeMap, BTreeSet, HashMap, HashSet}, collections::{hash_map::Entry, BTreeMap, BTreeSet, HashMap, HashSet},
sync::Arc, sync::Arc,

View file

@ -55,7 +55,7 @@ use std::{
time::{Duration, Instant, SystemTime}, time::{Duration, Instant, SystemTime},
}; };
use tracing::{debug, error, info, warn}; use tracing::{debug, error, warn};
/// Wraps either an literal IP address plus port, or a hostname plus complement /// Wraps either an literal IP address plus port, or a hostname plus complement
/// (colon-plus-port if it was specified). /// (colon-plus-port if it was specified).
@ -917,6 +917,7 @@ pub async fn send_transaction_message_route(
&master_key, &master_key,
&self_signing_key, &self_signing_key,
&None, &None,
true,
)?; )?;
} }
} }

View file

@ -449,6 +449,7 @@ impl service::users::Data for KeyValueDatabase {
master_key: &Raw<CrossSigningKey>, master_key: &Raw<CrossSigningKey>,
self_signing_key: &Option<Raw<CrossSigningKey>>, self_signing_key: &Option<Raw<CrossSigningKey>>,
user_signing_key: &Option<Raw<CrossSigningKey>>, user_signing_key: &Option<Raw<CrossSigningKey>>,
notify: bool,
) -> Result<()> { ) -> Result<()> {
// TODO: Check signatures // TODO: Check signatures
let mut prefix = user_id.as_bytes().to_vec(); let mut prefix = user_id.as_bytes().to_vec();
@ -530,7 +531,9 @@ impl service::users::Data for KeyValueDatabase {
.insert(user_id.as_bytes(), &user_signing_key_key)?; .insert(user_id.as_bytes(), &user_signing_key_key)?;
} }
self.mark_device_key_update(user_id)?; if notify {
self.mark_device_key_update(user_id)?;
}
Ok(()) Ok(())
} }

View file

@ -14,6 +14,7 @@ use ruma::{
serde::Raw, serde::Raw,
OwnedRoomId, OwnedServerName, OwnedUserId, RoomId, ServerName, UserId, OwnedRoomId, OwnedServerName, OwnedUserId, RoomId, ServerName, UserId,
}; };
use tracing::warn;
use crate::{services, Error, Result}; use crate::{services, Error, Result};
@ -88,8 +89,9 @@ impl Service {
RoomAccountDataEventType::Tag, RoomAccountDataEventType::Tag,
)? )?
.map(|event| { .map(|event| {
serde_json::from_str(event.get()).map_err(|_| { serde_json::from_str(event.get()).map_err(|e| {
Error::bad_database("Invalid account data event in db.") warn!("Invalid account data event in db: {e:?}");
Error::BadDatabase("Invalid account data event in db.")
}) })
}) })
{ {
@ -113,8 +115,9 @@ impl Service {
GlobalAccountDataEventType::Direct.to_string().into(), GlobalAccountDataEventType::Direct.to_string().into(),
)? )?
.map(|event| { .map(|event| {
serde_json::from_str::<DirectEvent>(event.get()).map_err(|_| { serde_json::from_str::<DirectEvent>(event.get()).map_err(|e| {
Error::bad_database("Invalid account data event in db.") warn!("Invalid account data event in db: {e:?}");
Error::BadDatabase("Invalid account data event in db.")
}) })
}) })
{ {
@ -155,8 +158,10 @@ impl Service {
.into(), .into(),
)? )?
.map(|event| { .map(|event| {
serde_json::from_str::<IgnoredUserListEvent>(event.get()) serde_json::from_str::<IgnoredUserListEvent>(event.get()).map_err(|e| {
.map_err(|_| Error::bad_database("Invalid account data event in db.")) warn!("Invalid account data event in db: {e:?}");
Error::BadDatabase("Invalid account data event in db.")
})
}) })
.transpose()? .transpose()?
.map_or(false, |ignored| { .map_or(false, |ignored| {

View file

@ -111,6 +111,7 @@ pub trait Data: Send + Sync {
master_key: &Raw<CrossSigningKey>, master_key: &Raw<CrossSigningKey>,
self_signing_key: &Option<Raw<CrossSigningKey>>, self_signing_key: &Option<Raw<CrossSigningKey>>,
user_signing_key: &Option<Raw<CrossSigningKey>>, user_signing_key: &Option<Raw<CrossSigningKey>>,
notify: bool,
) -> Result<()>; ) -> Result<()>;
fn sign_key( fn sign_key(

View file

@ -66,7 +66,7 @@ impl Service {
return BTreeMap::new(); return BTreeMap::new();
}; };
let cache = &mut self.connections.lock().unwrap(); let mut cache = self.connections.lock().unwrap();
let cached = Arc::clone( let cached = Arc::clone(
cache cache
.entry((user_id, device_id, conn_id)) .entry((user_id, device_id, conn_id))
@ -185,7 +185,7 @@ impl Service {
conn_id: String, conn_id: String,
subscriptions: BTreeMap<OwnedRoomId, sync_events::v4::RoomSubscription>, subscriptions: BTreeMap<OwnedRoomId, sync_events::v4::RoomSubscription>,
) { ) {
let cache = &mut self.connections.lock().unwrap(); let mut cache = self.connections.lock().unwrap();
let cached = Arc::clone( let cached = Arc::clone(
cache cache
.entry((user_id, device_id, conn_id)) .entry((user_id, device_id, conn_id))
@ -212,7 +212,7 @@ impl Service {
list_id: String, list_id: String,
new_cached_rooms: BTreeMap<OwnedRoomId, bool>, new_cached_rooms: BTreeMap<OwnedRoomId, bool>,
) { ) {
let cache = &mut self.connections.lock().unwrap(); let mut cache = self.connections.lock().unwrap();
let cached = Arc::clone( let cached = Arc::clone(
cache cache
.entry((user_id, device_id, conn_id)) .entry((user_id, device_id, conn_id))
@ -398,9 +398,15 @@ impl Service {
master_key: &Raw<CrossSigningKey>, master_key: &Raw<CrossSigningKey>,
self_signing_key: &Option<Raw<CrossSigningKey>>, self_signing_key: &Option<Raw<CrossSigningKey>>,
user_signing_key: &Option<Raw<CrossSigningKey>>, user_signing_key: &Option<Raw<CrossSigningKey>>,
notify: bool,
) -> Result<()> { ) -> Result<()> {
self.db self.db.add_cross_signing_keys(
.add_cross_signing_keys(user_id, master_key, self_signing_key, user_signing_key) user_id,
master_key,
self_signing_key,
user_signing_key,
notify,
)
} }
pub fn sign_key( pub fn sign_key(