Merge branch 'develop' into dbkr/cross_signing

2025-11-28 05:03:59 +03:00 · 2019-06-14 22:57:02 -04:00
parent 5bcbe76f2c d694ee3ef3
commit 07c2e34d87
17 changed files with 279 additions and 77 deletions
--- a/src/crypto/index.js
+++ b/src/crypto/index.js
@@ -693,7 +693,9 @@ Crypto.prototype.isKeyBackupTrusted = async function(backupInfo) {
            try {
                await olmlib.verifySignature(
                    this._olmDevice,
-                    backupInfo.auth_data,
+                    // verifySignature modifies the object so we need to copy
+                    // if we verify more than one sig
+                    Object.assign({}, backupInfo.auth_data),
                    this._userId,
                    device.deviceId,
                    device.getFingerprint(),
@@ -2095,6 +2097,11 @@ Crypto.prototype._onKeyVerificationRequest = function(event) {
    }

    const sender = event.getSender();
+    if (sender === this._userId && content.from_device === this._deviceId) {
+        // ignore requests from ourselves, because it doesn't make sense for a
+        // device to verify itself
+        return;
+    }
    if (this._verificationTransactions.has(sender)) {
        if (this._verificationTransactions.get(sender).has(content.transaction_id)) {
            // transaction already exists: cancel it and drop the existing
@@ -2147,7 +2154,7 @@ Crypto.prototype._onKeyVerificationRequest = function(event) {
            },
        );
    } else {
-        // notify the application that of the verification request, so it can
+        // notify the application of the verification request, so it can
        // decide what to do with it
        const request = {
            event: event,