matrix/weechat-matrix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

encryption: Disallow sending messages until the devices are verified.

Browse source
This commit is contained in:
poljar (Damir Jelić) 2018-05-17 14:34:34 +02:00
parent bb06293031
commit c8fb416f88
2 changed files with 44 additions and 18 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
matrix/encryption.py
View file

@ -59,6 +59,10 @@ class ParseError(Exception):
pass pass
class OlmTrustError(Exception):
pass
class WeechatArgParse(argparse.ArgumentParser): class WeechatArgParse(argparse.ArgumentParser):
def print_usage(self, file): def print_usage(self, file):
pass pass
@ -470,6 +474,7 @@ class Olm():
self.session_path = session_path self.session_path = session_path
self.database = database self.database = database
self.device_keys = {} self.device_keys = {}
self.shared_sessions = []
if not database: if not database:
db_file = "{}_{}.db".format(user, device_id) db_file = "{}_{}.db".format(user, device_id)
@ -615,7 +620,12 @@ class Olm():
if room_id not in self.outbound_group_sessions: if room_id not in self.outbound_group_sessions:
self.create_outbound_group_session(room_id) self.create_outbound_group_session(room_id)
if self.outbound_group_sessions[room_id].id not in self.shared_sessions:
to_device_dict = self.share_group_session(room_id, own_id, users) to_device_dict = self.share_group_session(room_id, own_id, users)
self.shared_sessions.append(
self.outbound_group_sessions[room_id].id
)
session = self.outbound_group_sessions[room_id] session = self.outbound_group_sessions[room_id]
@ -681,6 +691,9 @@ class Olm():
if not self.sessions[user][key.device_id]: if not self.sessions[user][key.device_id]:
continue continue
if not self.trust_db.check(key):
raise OlmTrustError
device_payload_dict = payload_dict.copy() device_payload_dict = payload_dict.copy()
# TODO sort the sessions # TODO sort the sessions
session = self.sessions[user][key.device_id][0] session = self.sessions[user][key.device_id][0]

49
matrix/server.py
View file

@ -44,7 +44,12 @@ from matrix.api import (
MatrixKeyClaimMessage MatrixKeyClaimMessage
) )
from matrix.encryption import Olm, EncryptionError, encrypt_enabled from matrix.encryption import (
Olm,
EncryptionError,
OlmTrustError,
encrypt_enabled
)
try: try:
FileNotFoundError FileNotFoundError
@ -518,26 +523,34 @@ class MatrixServer:
W.prnt("", "matrix: Encrypting message") W.prnt("", "matrix: Encrypting message")
payload_dict, to_device_dict = self.olm.group_encrypt( try:
room_id, payload_dict, to_device_dict = self.olm.group_encrypt(
plaintext_dict, room_id,
self.user_id, plaintext_dict,
room.users.keys() self.user_id,
) room.users.keys()
)
if to_device_dict:
W.prnt("", "matrix: Megolm session missing for room.")
message = MatrixToDeviceMessage(self.client, to_device_dict)
self.send_queue.append(message)
message = MatrixEncryptedMessage(
self.client,
room_id,
formatted_data,
payload_dict
)
if to_device_dict:
W.prnt("", "matrix: Megolm session missing for room.")
message = MatrixToDeviceMessage(self.client, to_device_dict)
self.send_queue.append(message) self.send_queue.append(message)
message = MatrixEncryptedMessage( except OlmTrustError:
self.client, m = ("{prefix}matrix: Untrusted devices found in room, "
room_id, "verification is needed before sending a message").format(
formatted_data, prefix=W.prefix("error"))
payload_dict W.prnt(self.server_buffer, m)
) return
self.send_queue.append(message)
@encrypt_enabled @encrypt_enabled
def upload_keys(self, device_keys=False, one_time_keys=False): def upload_keys(self, device_keys=False, one_time_keys=False):