Add broken in-room verification and other stuff
This commit is contained in:
parent
c6d1c62b65
commit
5f999121f4
2
go.mod
2
go.mod
@ -29,4 +29,4 @@ require (
|
||||
)
|
||||
|
||||
//replace maunium.net/go/mautrix => ../mautrix-go
|
||||
replace maunium.net/go/mautrix => github.com/nikofil/mautrix-go v0.5.2-0.20200911234625-a585557b3750
|
||||
replace maunium.net/go/mautrix => github.com/nikofil/mautrix-go v0.5.2-0.20200912211003-156aad4c3f86
|
||||
|
2
go.sum
2
go.sum
@ -56,6 +56,8 @@ github.com/nikofil/mautrix-go v0.5.2-0.20200911232449-6010305aed05 h1:WFyJHdXasA
|
||||
github.com/nikofil/mautrix-go v0.5.2-0.20200911232449-6010305aed05/go.mod h1:xd0D0ekVts/UDBbjeDSs4wGlBfcarJDg0MMhVgHbxhs=
|
||||
github.com/nikofil/mautrix-go v0.5.2-0.20200911234625-a585557b3750 h1:3eUgrAhYHnI0HidL2uO1uga8dpnqpAXIN0DB7uWc95Y=
|
||||
github.com/nikofil/mautrix-go v0.5.2-0.20200911234625-a585557b3750/go.mod h1:xd0D0ekVts/UDBbjeDSs4wGlBfcarJDg0MMhVgHbxhs=
|
||||
github.com/nikofil/mautrix-go v0.5.2-0.20200912211003-156aad4c3f86 h1:cVz8JHJyGRwve5EPDN7X6pUsP3/6Dy2c7gj7RCkZa50=
|
||||
github.com/nikofil/mautrix-go v0.5.2-0.20200912211003-156aad4c3f86/go.mod h1:xd0D0ekVts/UDBbjeDSs4wGlBfcarJDg0MMhVgHbxhs=
|
||||
github.com/nu7hatch/gouuid v0.0.0-20131221200532-179d4d0c4d8d/go.mod h1:YUTz3bUH2ZwIWBy3CJBeOBEugqcmXREj14T+iG/4k4U=
|
||||
github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
|
||||
github.com/onsi/ginkgo v1.7.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
|
||||
|
@ -83,6 +83,7 @@ type Crypto interface {
|
||||
Load() error
|
||||
FlushStore() error
|
||||
ProcessSyncResponse(resp *mautrix.RespSync, since string)
|
||||
ProcessInRoomVerification(evt *event.Event) error
|
||||
HandleMemberEvent(*event.Event)
|
||||
DecryptMegolmEvent(*event.Event) (*event.Event, error)
|
||||
EncryptMegolmEvent(id.RoomID, event.Type, interface{}) (*event.EncryptedEventContent, error)
|
||||
|
@ -584,7 +584,16 @@ func (c *Container) HandleEncrypted(source mautrix.EventSource, mxEvent *event.E
|
||||
c.HandleMessage(source, mxEvent)
|
||||
return
|
||||
}
|
||||
if evt.Type.IsInRoomVerification() {
|
||||
err := c.crypto.ProcessInRoomVerification(evt)
|
||||
if err != nil {
|
||||
debug.Printf("[Crypto/Error] Failed to process in-room verification event %s of type %s: %v", evt.ID, evt.Type.String(), err)
|
||||
} else {
|
||||
debug.Printf("[Crypto/Debug] Processed in-room verification event %s of type %s", evt.ID, evt.Type.String())
|
||||
}
|
||||
} else {
|
||||
c.HandleMessage(source, evt)
|
||||
}
|
||||
}
|
||||
|
||||
// HandleMessage is the event handler for the m.room.message timeline event.
|
||||
@ -743,14 +752,14 @@ func (c *Container) HandleReadReceipt(source mautrix.EventSource, evt *event.Eve
|
||||
}
|
||||
}
|
||||
|
||||
func (c *Container) parseDirectChatInfo(evt *event.Event) map[*rooms.Room]bool {
|
||||
directChats := make(map[*rooms.Room]bool)
|
||||
for _, roomIDList := range *evt.Content.AsDirectChats() {
|
||||
func (c *Container) parseDirectChatInfo(evt *event.Event) map[*rooms.Room]id.UserID {
|
||||
directChats := make(map[*rooms.Room]id.UserID)
|
||||
for userID, roomIDList := range *evt.Content.AsDirectChats() {
|
||||
for _, roomID := range roomIDList {
|
||||
// TODO we shouldn't create direct chat rooms that we aren't in
|
||||
room := c.GetOrCreateRoom(roomID)
|
||||
if room != nil && !room.HasLeft {
|
||||
directChats[room] = true
|
||||
directChats[room] = userID
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -760,9 +769,10 @@ func (c *Container) parseDirectChatInfo(evt *event.Event) map[*rooms.Room]bool {
|
||||
func (c *Container) HandleDirectChatInfo(_ mautrix.EventSource, evt *event.Event) {
|
||||
directChats := c.parseDirectChatInfo(evt)
|
||||
for _, room := range c.config.Rooms.Map {
|
||||
shouldBeDirect := directChats[room]
|
||||
if shouldBeDirect != room.IsDirect {
|
||||
room.IsDirect = shouldBeDirect
|
||||
userID, isDirect := directChats[room]
|
||||
if isDirect != room.IsDirect {
|
||||
room.IsDirect = isDirect
|
||||
room.OtherUser = userID
|
||||
if c.config.AuthCache.InitialSyncDone {
|
||||
c.ui.MainView().UpdateTags(room)
|
||||
}
|
||||
|
@ -94,6 +94,7 @@ type Room struct {
|
||||
lastMarkedRead id.EventID
|
||||
// Whether or not this room is marked as a direct chat.
|
||||
IsDirect bool
|
||||
OtherUser id.UserID
|
||||
|
||||
// List of tags given to this room.
|
||||
RawTags []RoomTag
|
||||
|
@ -109,9 +109,10 @@ func NewCommandProcessor(parent *MainView) *CommandProcessor {
|
||||
"cs": {"cross-signing"},
|
||||
},
|
||||
autocompleters: map[string]CommandAutocompleter{
|
||||
"devices": autocompleteDevice,
|
||||
"devices": autocompleteUser,
|
||||
"device": autocompleteDevice,
|
||||
"verify": autocompleteDevice,
|
||||
"verify": autocompleteUser,
|
||||
"verify-device": autocompleteDevice,
|
||||
"unverify": autocompleteDevice,
|
||||
"blacklist": autocompleteDevice,
|
||||
"upload": autocompleteFile,
|
||||
@ -167,6 +168,7 @@ func NewCommandProcessor(parent *MainView) *CommandProcessor {
|
||||
|
||||
"fingerprint": cmdFingerprint,
|
||||
"devices": cmdDevices,
|
||||
"verify-device": cmdVerifyDevice,
|
||||
"verify": cmdVerify,
|
||||
"device": cmdDevice,
|
||||
"unverify": cmdUnverify,
|
||||
|
@ -81,15 +81,20 @@ func autocompleteDeviceDeviceID(cmd *CommandAutocomplete) (completions []string,
|
||||
return
|
||||
}
|
||||
|
||||
func autocompleteUser(cmd *CommandAutocomplete) ([]string, string) {
|
||||
if len(cmd.Args) == 1 && !unicode.IsSpace(rune(cmd.RawArgs[len(cmd.RawArgs)-1])) {
|
||||
return autocompleteDeviceUserID(cmd)
|
||||
}
|
||||
return []string{}, ""
|
||||
}
|
||||
|
||||
func autocompleteDevice(cmd *CommandAutocomplete) ([]string, string) {
|
||||
if len(cmd.Args) == 0 {
|
||||
return []string{}, ""
|
||||
} else if len(cmd.Args) == 1 && !unicode.IsSpace(rune(cmd.RawArgs[len(cmd.RawArgs)-1])) {
|
||||
return autocompleteDeviceUserID(cmd)
|
||||
} else if cmd.Command != "devices" {
|
||||
return autocompleteDeviceDeviceID(cmd)
|
||||
}
|
||||
return []string{}, ""
|
||||
return autocompleteDeviceDeviceID(cmd)
|
||||
}
|
||||
|
||||
func getDevice(cmd *Command) *crypto.DeviceIdentity {
|
||||
@ -138,7 +143,11 @@ func cmdDevices(cmd *Command) {
|
||||
}
|
||||
var buf strings.Builder
|
||||
for _, device := range devices {
|
||||
_, _ = fmt.Fprintf(&buf, "%s (%s) - %s\n Fingerprint: %s\n", device.DeviceID, device.Name, device.Trust.String(), device.Fingerprint())
|
||||
trust := device.Trust.String()
|
||||
if device.Trust == crypto.TrustStateUnset && mach.IsDeviceTrusted(device) {
|
||||
trust = "verified (transitive)"
|
||||
}
|
||||
_, _ = fmt.Fprintf(&buf, "%s (%s) - %s\n Fingerprint: %s\n", device.DeviceID, device.Name, trust, device.Fingerprint())
|
||||
}
|
||||
resp := buf.String()
|
||||
cmd.Reply("%s", resp[:len(resp)-1])
|
||||
@ -153,13 +162,28 @@ func cmdDevice(cmd *Command) {
|
||||
if device.Deleted {
|
||||
deviceType = "Deleted device"
|
||||
}
|
||||
mach := cmd.Matrix.Crypto().(*crypto.OlmMachine)
|
||||
trustState := device.Trust.String()
|
||||
if device.Trust == crypto.TrustStateUnset && mach.IsDeviceTrusted(device) {
|
||||
trustState = "verified (transitive)"
|
||||
}
|
||||
cmd.Reply("%s %s of %s\nFingerprint: %s\nIdentity key: %s\nDevice name: %s\nTrust state: %s",
|
||||
deviceType, device.DeviceID, device.UserID,
|
||||
device.Fingerprint(), device.IdentityKey,
|
||||
device.Name, device.Trust.String())
|
||||
device.Name, trustState)
|
||||
}
|
||||
|
||||
func cmdVerify(cmd *Command) {
|
||||
func crossSignDevice(cmd *Command, device *crypto.DeviceIdentity) {
|
||||
mach := cmd.Matrix.Crypto().(*crypto.OlmMachine)
|
||||
err := mach.SignOwnDevice(device)
|
||||
if err != nil {
|
||||
cmd.Reply("Failed to upload cross-signing signature: %v", err)
|
||||
} else {
|
||||
cmd.Reply("Successfully cross-signed %s (%s)", device.DeviceID, device.Name)
|
||||
}
|
||||
}
|
||||
|
||||
func cmdVerifyDevice(cmd *Command) {
|
||||
device := getDevice(cmd)
|
||||
if device == nil {
|
||||
return
|
||||
@ -188,9 +212,47 @@ func cmdVerify(cmd *Command) {
|
||||
if device.Trust == crypto.TrustStateBlacklisted {
|
||||
action = "unblacklisted and verified"
|
||||
}
|
||||
if device.UserID == cmd.Matrix.Client().UserID {
|
||||
crossSignDevice(cmd, device)
|
||||
device.Trust = crypto.TrustStateVerified
|
||||
putDevice(cmd, device, action)
|
||||
} else {
|
||||
putDevice(cmd, device, action)
|
||||
cmd.Reply("Warning: verifying individual devices of other users is not synced with cross-signing")
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
func cmdVerify(cmd *Command) {
|
||||
if len(cmd.Args) < 1 {
|
||||
cmd.Reply("Usage: /%s <user ID> [--force]", cmd.OrigCommand)
|
||||
return
|
||||
}
|
||||
force := len(cmd.Args) >= 2 && strings.ToLower(cmd.Args[1]) == "--force"
|
||||
userID := id.UserID(cmd.Args[0])
|
||||
room := cmd.Room.Room
|
||||
if !room.Encrypted {
|
||||
cmd.Reply("In-room verification is only supported in encrypted rooms")
|
||||
return
|
||||
}
|
||||
if (!room.IsDirect || room.OtherUser != userID) && !force {
|
||||
cmd.Reply("This doesn't seem to be a direct chat. Either switch to a direct chat with %s, "+
|
||||
"or use `--force` to start the verification anyway.", userID)
|
||||
return
|
||||
}
|
||||
mach := cmd.Matrix.Crypto().(*crypto.OlmMachine)
|
||||
if mach.CrossSigningKeys == nil && !force {
|
||||
cmd.Reply("Cross-signing private keys not cached. Generate or fetch cross-signing keys with `/cross-signing`, " +
|
||||
"or use `--force` to start the verification anyway")
|
||||
return
|
||||
}
|
||||
modal := NewVerificationModal(cmd.MainView, &crypto.DeviceIdentity{UserID: userID}, mach.DefaultSASTimeout)
|
||||
_, err := mach.NewInRoomSASVerificationWith(cmd.Room.Room.ID, userID, modal, 120*time.Second)
|
||||
if err != nil {
|
||||
cmd.Reply("Failed to start in-room verification: %v", err)
|
||||
return
|
||||
}
|
||||
cmd.MainView.ShowModal(modal)
|
||||
}
|
||||
|
||||
func cmdUnverify(cmd *Command) {
|
||||
@ -444,7 +506,7 @@ func cmdCrossSigning(cmd *Command) {
|
||||
|
||||
switch strings.ToLower(cmd.Args[0]) {
|
||||
case "status":
|
||||
cmdCrossSigningStatus(cmd, mach, client)
|
||||
cmdCrossSigningStatus(cmd, mach)
|
||||
case "generate":
|
||||
force := len(cmd.Args) > 1 && strings.ToLower(cmd.Args[1]) == "--force"
|
||||
cmdCrossSigningGenerate(cmd, cmd.Matrix, mach, client, force)
|
||||
@ -460,48 +522,24 @@ func cmdCrossSigning(cmd *Command) {
|
||||
}
|
||||
}
|
||||
|
||||
func parseKeyResp(keys *mautrix.RespQueryKeys, userID id.UserID) (id.Ed25519, id.Ed25519, id.Ed25519, bool) {
|
||||
masterKeys, ok := keys.MasterKeys[userID]
|
||||
if !ok {
|
||||
return "", "", "", false
|
||||
}
|
||||
selfSigningKeys, ok := keys.SelfSigningKeys[userID]
|
||||
if !ok {
|
||||
return "", "", "", false
|
||||
}
|
||||
userSigningKeys, ok := keys.UserSigningKeys[userID]
|
||||
if !ok {
|
||||
return masterKeys.FirstKey(), selfSigningKeys.FirstKey(), "", true
|
||||
}
|
||||
return masterKeys.FirstKey(), userSigningKeys.FirstKey(), selfSigningKeys.FirstKey(), true
|
||||
}
|
||||
|
||||
func cmdCrossSigningStatus(cmd *Command, mach *crypto.OlmMachine, client *mautrix.Client) {
|
||||
func cmdCrossSigningStatus(cmd *Command, mach *crypto.OlmMachine) {
|
||||
keys := mach.GetOwnCrossSigningPublicKeys()
|
||||
if keys == nil {
|
||||
if mach.CrossSigningKeys != nil {
|
||||
cmd.Reply("Cross-signing is set up and private keys are cached")
|
||||
cmd.Reply("Master key: %s", mach.CrossSigningKeys.MasterKey.PublicKey)
|
||||
cmd.Reply("User signing key: %s", mach.CrossSigningKeys.UserSigningKey.PublicKey)
|
||||
cmd.Reply("Self-signing key: %s", mach.CrossSigningKeys.SelfSigningKey.PublicKey)
|
||||
return
|
||||
}
|
||||
keys, err := client.QueryKeys(&mautrix.ReqQueryKeys{
|
||||
DeviceKeys: mautrix.DeviceKeysRequest{
|
||||
client.UserID: mautrix.DeviceIDList{client.DeviceID},
|
||||
},
|
||||
})
|
||||
if err != nil {
|
||||
cmd.Reply("Failed to query own keys: %v", err)
|
||||
return
|
||||
}
|
||||
masterKey, selfSigningKey, userSigningKey, ok := parseKeyResp(keys, client.UserID)
|
||||
if !ok {
|
||||
cmd.Reply("Cross-signing keys are cached, but not published")
|
||||
} else {
|
||||
cmd.Reply("Didn't find published cross-signing keys")
|
||||
}
|
||||
return
|
||||
}
|
||||
cmd.Reply("Cross-signing is set up, but private keys are not cached")
|
||||
cmd.Reply("Master key: %s", masterKey)
|
||||
cmd.Reply("User signing key: %s", userSigningKey)
|
||||
cmd.Reply("Self-signing key: %s", selfSigningKey)
|
||||
if mach.CrossSigningKeys != nil {
|
||||
cmd.Reply("Cross-signing keys are published and private keys are cached")
|
||||
} else {
|
||||
cmd.Reply("Cross-signing keys are published, but private keys are not cached")
|
||||
}
|
||||
cmd.Reply("Master key: %s", keys.MasterKey)
|
||||
cmd.Reply("User signing key: %s", keys.UserSigningKey)
|
||||
cmd.Reply("Self-signing key: %s", keys.SelfSigningKey)
|
||||
}
|
||||
|
||||
func cmdCrossSigningFetch(cmd *Command, mach *crypto.OlmMachine, saveToDisk bool) {
|
||||
@ -523,19 +561,12 @@ func cmdCrossSigningFetch(cmd *Command, mach *crypto.OlmMachine, saveToDisk bool
|
||||
|
||||
func cmdCrossSigningGenerate(cmd *Command, container ifc.MatrixContainer, mach *crypto.OlmMachine, client *mautrix.Client, force bool) {
|
||||
if !force {
|
||||
keys, err := client.QueryKeys(&mautrix.ReqQueryKeys{
|
||||
DeviceKeys: mautrix.DeviceKeysRequest{
|
||||
client.UserID: mautrix.DeviceIDList{client.DeviceID},
|
||||
},
|
||||
})
|
||||
if err == nil {
|
||||
_, _, _, ok := parseKeyResp(keys, client.UserID)
|
||||
if ok {
|
||||
existingKeys := mach.GetOwnCrossSigningPublicKeys()
|
||||
if existingKeys != nil {
|
||||
cmd.Reply("Found existing cross-signing keys. Use `--force` if you want to overwrite them.")
|
||||
return
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
keys, err := mach.GenerateCrossSigningKeys()
|
||||
if err != nil {
|
||||
@ -580,8 +611,6 @@ func cmdCrossSigningGenerate(cmd *Command, container ifc.MatrixContainer, mach *
|
||||
cmd.Reply("Failed to publish cross-signing keys: %v", err)
|
||||
return
|
||||
}
|
||||
|
||||
mach.CrossSigningKeys = keys
|
||||
cmd.Reply("Successfully generated and published cross-signing keys")
|
||||
|
||||
err = mach.SignOwnMasterKey()
|
||||
|
@ -29,6 +29,7 @@ func cmdNoCrypto(cmd *Command) {
|
||||
var (
|
||||
cmdDevices = cmdNoCrypto
|
||||
cmdDevice = cmdNoCrypto
|
||||
cmdVerifyDevice = cmdNoCrypto
|
||||
cmdVerify = cmdNoCrypto
|
||||
cmdUnverify = cmdNoCrypto
|
||||
cmdBlacklist = cmdNoCrypto
|
||||
|
@ -148,7 +148,8 @@ func (vm *VerificationModal) VerificationMethods() []crypto.VerificationMethod {
|
||||
return []crypto.VerificationMethod{crypto.VerificationMethodEmoji{}, crypto.VerificationMethodDecimal{}}
|
||||
}
|
||||
|
||||
func (vm *VerificationModal) VerifySASMatch(_ *crypto.DeviceIdentity, data crypto.SASData) bool {
|
||||
func (vm *VerificationModal) VerifySASMatch(device *crypto.DeviceIdentity, data crypto.SASData) bool {
|
||||
vm.device = device
|
||||
var typeName string
|
||||
if data.Type() == event.SASDecimal {
|
||||
typeName = "numbers"
|
||||
|
Loading…
Reference in New Issue
Block a user