matrix/weechat-matrix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

encryption: Disallow sending messages until the devices are verified.

Browse source
This commit is contained in:
poljar (Damir Jelić) 2018-05-17 14:34:34 +02:00
parent bb06293031
commit c8fb416f88
2 changed files with 44 additions and 18 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
matrix/encryption.py
View file

@ -59,6 +59,10 @@ class ParseError(Exception):
pass pass
class OlmTrustError(Exception):
pass
class WeechatArgParse(argparse.ArgumentParser): class WeechatArgParse(argparse.ArgumentParser):
def print_usage(self, file): def print_usage(self, file):
pass pass
@ -470,6 +474,7 @@ class Olm():
self.session_path = session_path self.session_path = session_path
self.database = database self.database = database
self.device_keys = {} self.device_keys = {}
self.shared_sessions = []
if not database: if not database:
db_file = "{}_{}.db".format(user, device_id) db_file = "{}_{}.db".format(user, device_id)
@ -615,7 +620,12 @@ class Olm():
if room_id not in self.outbound_group_sessions: if room_id not in self.outbound_group_sessions:
self.create_outbound_group_session(room_id) self.create_outbound_group_session(room_id)
if self.outbound_group_sessions[room_id].id not in self.shared_sessions:
to_device_dict = self.share_group_session(room_id, own_id, users) to_device_dict = self.share_group_session(room_id, own_id, users)
self.shared_sessions.append(
self.outbound_group_sessions[room_id].id
)
session = self.outbound_group_sessions[room_id] session = self.outbound_group_sessions[room_id]
@ -681,6 +691,9 @@ class Olm():
if not self.sessions[user][key.device_id]: if not self.sessions[user][key.device_id]:
continue continue
if not self.trust_db.check(key):
raise OlmTrustError
device_payload_dict = payload_dict.copy() device_payload_dict = payload_dict.copy()
# TODO sort the sessions # TODO sort the sessions
session = self.sessions[user][key.device_id][0] session = self.sessions[user][key.device_id][0]

15
matrix/server.py
View file

@ -44,7 +44,12 @@ from matrix.api import (
MatrixKeyClaimMessage MatrixKeyClaimMessage
) )
from matrix.encryption import Olm, EncryptionError, encrypt_enabled from matrix.encryption import (
Olm,
EncryptionError,
OlmTrustError,
encrypt_enabled
)
try: try:
FileNotFoundError FileNotFoundError
@ -518,6 +523,7 @@ class MatrixServer:
W.prnt("", "matrix: Encrypting message") W.prnt("", "matrix: Encrypting message")
try:
payload_dict, to_device_dict = self.olm.group_encrypt( payload_dict, to_device_dict = self.olm.group_encrypt(
room_id, room_id,
plaintext_dict, plaintext_dict,
@ -539,6 +545,13 @@ class MatrixServer:
self.send_queue.append(message) self.send_queue.append(message)
except OlmTrustError:
m = ("{prefix}matrix: Untrusted devices found in room, "
"verification is needed before sending a message").format(
prefix=W.prefix("error"))
W.prnt(self.server_buffer, m)
return
@encrypt_enabled @encrypt_enabled
def upload_keys(self, device_keys=False, one_time_keys=False): def upload_keys(self, device_keys=False, one_time_keys=False):
keys = self.olm.account.identity_keys() if device_keys else None keys = self.olm.account.identity_keys() if device_keys else None