encryption: Disallow sending messages until the devices are verified.

This commit is contained in:
poljar (Damir Jelić) 2018-05-17 14:34:34 +02:00
parent bb06293031
commit c8fb416f88
2 changed files with 44 additions and 18 deletions

View file

@ -59,6 +59,10 @@ class ParseError(Exception):
pass
class OlmTrustError(Exception):
pass
class WeechatArgParse(argparse.ArgumentParser):
def print_usage(self, file):
pass
@ -470,6 +474,7 @@ class Olm():
self.session_path = session_path
self.database = database
self.device_keys = {}
self.shared_sessions = []
if not database:
db_file = "{}_{}.db".format(user, device_id)
@ -615,7 +620,12 @@ class Olm():
if room_id not in self.outbound_group_sessions:
self.create_outbound_group_session(room_id)
if self.outbound_group_sessions[room_id].id not in self.shared_sessions:
to_device_dict = self.share_group_session(room_id, own_id, users)
self.shared_sessions.append(
self.outbound_group_sessions[room_id].id
)
session = self.outbound_group_sessions[room_id]
@ -681,6 +691,9 @@ class Olm():
if not self.sessions[user][key.device_id]:
continue
if not self.trust_db.check(key):
raise OlmTrustError
device_payload_dict = payload_dict.copy()
# TODO sort the sessions
session = self.sessions[user][key.device_id][0]

View file

@ -44,7 +44,12 @@ from matrix.api import (
MatrixKeyClaimMessage
)
from matrix.encryption import Olm, EncryptionError, encrypt_enabled
from matrix.encryption import (
Olm,
EncryptionError,
OlmTrustError,
encrypt_enabled
)
try:
FileNotFoundError
@ -518,26 +523,34 @@ class MatrixServer:
W.prnt("", "matrix: Encrypting message")
payload_dict, to_device_dict = self.olm.group_encrypt(
room_id,
plaintext_dict,
self.user_id,
room.users.keys()
)
try:
payload_dict, to_device_dict = self.olm.group_encrypt(
room_id,
plaintext_dict,
self.user_id,
room.users.keys()
)
if to_device_dict:
W.prnt("", "matrix: Megolm session missing for room.")
message = MatrixToDeviceMessage(self.client, to_device_dict)
self.send_queue.append(message)
message = MatrixEncryptedMessage(
self.client,
room_id,
formatted_data,
payload_dict
)
if to_device_dict:
W.prnt("", "matrix: Megolm session missing for room.")
message = MatrixToDeviceMessage(self.client, to_device_dict)
self.send_queue.append(message)
message = MatrixEncryptedMessage(
self.client,
room_id,
formatted_data,
payload_dict
)
self.send_queue.append(message)
except OlmTrustError:
m = ("{prefix}matrix: Untrusted devices found in room, "
"verification is needed before sending a message").format(
prefix=W.prefix("error"))
W.prnt(self.server_buffer, m)
return
@encrypt_enabled
def upload_keys(self, device_keys=False, one_time_keys=False):