Crypto: Take into account pending to-device room key sharing requests when collecting devices #4975
Conversation
…uests when collecting devices that have already received a session. This avoids conditions where a key may be shared with a device only after we decided that it is fine to reuse (and not rotate) the session based on the wrong assumption that that particular device does not have the keys. Fixes matrix-org#2729
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #4975 +/- ##
==========================================
- Coverage 85.88% 85.88% -0.01%
==========================================
Files 325 325
Lines 35699 35712 +13
==========================================
+ Hits 30661 30671 +10
- Misses 5038 5041 +3 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
| if let Some(for_user) = guard.get(user_id) { | ||
| shared.extend(for_user.iter().filter_map(|(d, info)| { | ||
| if is_actually_shared(info) { | ||
| Some(AsRef::<DeviceId>::as_ref(d)) | ||
| } else { | ||
| None | ||
| } | ||
| })); | ||
| } |
There was a problem hiding this comment.
A bit of a shame that we can't reuse OutboundGroupSession::is_shared_with or at least put this into a new method.
But that would introduce unnecessary allocations due to the locking.
Oh well...
I was thinking that it would be nice to have something like But that is tricky to add due to the locks protecting the sets. We would need to combine the return value with the lock guards, or we would need to clone the device IDs. So I think the current approach is fine. |
|
@poljar In my limited understanding of rust patterns I guess the typical approach would be to return an |
Yeah that would likely work but as you have to take ownership of the guard and borrow a value behind the guard this gets quite tricky. I'm not sure if the borrow checker is smart enough to know that you should be able to do this, i.e. not sure if you can get away without using I would say it's not really worth it to spend time on this, but if you manage to get it work without
Thank you for the patches and for the patience while waiting for the review. |
For js-sdk users, this includes the following:
- Send stable identifier `sender_device_keys` for MSC4147 (Including device keys with Olm-encrypted events).
([#4964](matrix-org/matrix-rust-sdk#4964))
- Check the `sender_device_keys` field on _all_ incoming Olm-encrypted to-device messages and ignore any to-device messages which include the field but whose data is invalid (as per [MSC4147](matrix-org/matrix-spec-proposals#4147)).
([#4922](matrix-org/matrix-rust-sdk#4922))
- Fix bug which caused room keys to be unnecessarily rotated on every send in the presence of blacklisted/withheld devices in the room.
([#4954](matrix-org/matrix-rust-sdk#4954))
- Fix [matrix-rust-sdk#2729](matrix-org/matrix-rust-sdk#2729) which in rare cases can cause room key oversharing.
([#4975](matrix-org/matrix-rust-sdk#4975))
For js-sdk users, this includes the following:
- Send stable identifier `sender_device_keys` for MSC4147 (Including device keys with Olm-encrypted events).
([#4964](matrix-org/matrix-rust-sdk#4964))
- Check the `sender_device_keys` field on _all_ incoming Olm-encrypted to-device messages and ignore any to-device messages which include the field but whose data is invalid (as per [MSC4147](matrix-org/matrix-spec-proposals#4147)).
([#4922](matrix-org/matrix-rust-sdk#4922))
- Fix bug which caused room keys to be unnecessarily rotated on every send in the presence of blacklisted/withheld devices in the room.
([#4954](matrix-org/matrix-rust-sdk#4954))
- Fix [matrix-rust-sdk#2729](matrix-org/matrix-rust-sdk#2729) which in rare cases can cause room key oversharing.
([#4975](matrix-org/matrix-rust-sdk#4975))
For js-sdk users, this includes the following:
- Send stable identifier `sender_device_keys` for MSC4147 (Including device keys with Olm-encrypted events).
([#4964](matrix-org/matrix-rust-sdk#4964))
- Check the `sender_device_keys` field on _all_ incoming Olm-encrypted to-device messages and ignore any to-device messages which include the field but whose data is invalid (as per [MSC4147](matrix-org/matrix-spec-proposals#4147)).
([#4922](matrix-org/matrix-rust-sdk#4922))
- Fix bug which caused room keys to be unnecessarily rotated on every send in the presence of blacklisted/withheld devices in the room.
([#4954](matrix-org/matrix-rust-sdk#4954))
- Fix [matrix-rust-sdk#2729](matrix-org/matrix-rust-sdk#2729) which in rare cases can cause room key oversharing.
([#4975](matrix-org/matrix-rust-sdk#4975))
For js-sdk users, this includes the following:
- Send stable identifier `sender_device_keys` for MSC4147 (Including device keys with Olm-encrypted events).
([#4964](matrix-org/matrix-rust-sdk#4964))
- Check the `sender_device_keys` field on _all_ incoming Olm-encrypted to-device messages and ignore any to-device messages which include the field but whose data is invalid (as per [MSC4147](matrix-org/matrix-spec-proposals#4147)).
([#4922](matrix-org/matrix-rust-sdk#4922))
- Fix bug which caused room keys to be unnecessarily rotated on every send in the presence of blacklisted/withheld devices in the room.
([#4954](matrix-org/matrix-rust-sdk#4954))
- Fix [matrix-rust-sdk#2729](matrix-org/matrix-rust-sdk#2729) which in rare cases can cause room key oversharing.
([#4975](matrix-org/matrix-rust-sdk#4975))
For js-sdk users, this includes the following:
- Send stable identifier `sender_device_keys` for MSC4147 (Including device keys with Olm-encrypted events).
([#4964](matrix-org/matrix-rust-sdk#4964))
- Check the `sender_device_keys` field on _all_ incoming Olm-encrypted to-device messages and ignore any to-device messages which include the field but whose data is invalid (as per [MSC4147](matrix-org/matrix-spec-proposals#4147)).
([#4922](matrix-org/matrix-rust-sdk#4922))
- Fix bug which caused room keys to be unnecessarily rotated on every send in the presence of blacklisted/withheld devices in the room.
([#4954](matrix-org/matrix-rust-sdk#4954))
- Fix [matrix-rust-sdk#2729](matrix-org/matrix-rust-sdk#2729) which in rare cases can cause room key oversharing.
([#4975](matrix-org/matrix-rust-sdk#4975))
3 participants
Attempted fix for #2729 based on previous discussion in #4954.
To summarize, the situation of pending room key sharing requests prior to calls to
GroupSessionManager::share_room_keycan indeed occur ifmatrix-sdk-cryptois used directly. In the case wherematrix-sdkwraps it,Room::share_room_keymakes sure to send pending requests right after, as well as mark them as sent which will cause the corresponding entry into_share_with_setto be moved toshared_with_set. If there is a failure, the room key is discarded right after (to avoid UTD errors from missing keys).This is of course racy, since this entire sequence is not atomic. After an interruption and restart, we can end up back in
GroupSessionManager::share_room_keywith pending requests (which after all is the point of persisting the pending requests in the first place).It seems ugly to export
shared_with_setandto_share_with_set. It feels like there should be abstractions similar tois_shared_withthat provide a semantic view intoGroupSessionManager's state carrying sufficient information for all existing uses ofshared_with_setandto_share_with_setoutside of the impl (all of which are inshare_strategy.rs). If you prefer this approach let me know.Signed-off-by: Niklas Baumstark [email protected]