only send decrypted events to Verifier in e2ee rooms

2025-12-02 17:02:31 +03:00 · 2019-11-18 18:30:43 +01:00
parent fbc4bd0c96
commit 180fea8ace
2 changed files with 57 additions and 7 deletions
--- a/src/crypto/index.js
+++ b/src/crypto/index.js
@@ -65,6 +65,32 @@ export function isCryptoAvailable() {
    return Boolean(global.Olm);
 }

+/* subscribes to timeline events for SAS verification */
+function listenForEvents(client, roomId, listener) {
+    let isEncrypted = false;
+    if (roomId) {
+        isEncrypted = client.isRoomEncrypted(roomId);
+    }
+
+    if (isEncrypted) {
+        client.on("Event.decrypted", listener);
+    } else {
+        client.on("event", listener);
+    }
+    let subscribed = true;
+    return function() {
+        if (subscribed) {
+            if (isEncrypted) {
+                client.off("Event.decrypted", listener);
+            } else {
+                client.off("event", listener);
+            }
+            subscribed = false;
+        }
+        return null;
+    };
+}
+
 const MIN_FORCE_SESSION_INTERVAL_MS = 60 * 60 * 1000;
 const KEY_BACKUP_KEYS_PER_REQUEST = 200;

@@ -826,7 +852,9 @@ Crypto.prototype.requestVerificationDM = async function(userId, roomId, methods)
                );
                // this handler gets removed when the verification finishes
                // (see the verify method of crypto/verification/Base.js)
-                this._baseApis.on("event", verifier.handler);
+                const subscription =
+                    listenForEvents(this._baseApis, roomId, verifier.handler);
+                verifier.setEventsSubscription(subscription);
                resolve(verifier);
                break;
            }
@@ -836,14 +864,19 @@ Crypto.prototype.requestVerificationDM = async function(userId, roomId, methods)
            }
            }
        };
-        this._baseApis.on("event", listener);
+        let initialResponseSubscription =
+            listenForEvents(this._baseApis, roomId, listener);

        const resolve = (...args) => {
-            this._baseApis.off("event", listener);
+            if (initialResponseSubscription) {
+                initialResponseSubscription = initialResponseSubscription();
+            }
            _resolve(...args);
        };
        const reject = (...args) => {
-            this._baseApis.off("event", listener);
+            if (initialResponseSubscription) {
+                initialResponseSubscription = initialResponseSubscription();
+            }
            _reject(...args);
        };
    });
@@ -878,7 +911,9 @@ Crypto.prototype.acceptVerificationDM = function(event, Method) {
    verifier.handler = verificationEventHandler(
        verifier, event.getSender(), event.getRoomId(), event.getId(),
    );
-    this._baseApis.on("event", verifier.handler);
+    const subscription = listenForEvents(
+        this._baseApis, event.getRoomId(), verifier.handler);
+    verifier.setEventsSubscription(subscription);
    return verifier;
 };

--- a/src/crypto/verification/Base.js
+++ b/src/crypto/verification/Base.js
@@ -74,6 +74,7 @@ export default class VerificationBase extends EventEmitter {
        this._done = false;
        this._promise = null;
        this._transactionTimeoutTimer = null;
+        this._eventsSubscription = null;

        // At this point, the verification request was received so start the timeout timer.
        this._resetTimer();
@@ -222,6 +223,10 @@ export default class VerificationBase extends EventEmitter {
                // but no reject function. If cancel is called again, we'd error.
                if (this._reject) this._reject(e);
            } else {
+                // unsubscribe from events, this happens in _reject usually but we don't have one here
+                if (this._eventsSubscription) {
+                    this._eventsSubscription = this._eventsSubscription();
+                }
                // FIXME: this causes an "Uncaught promise" console message
                // if nothing ends up chaining this promise.
                this._promise = Promise.reject(e);
@@ -246,7 +251,10 @@ export default class VerificationBase extends EventEmitter {
                this._done = true;
                this._endTimer();
                if (this.handler) {
-                    this._baseApis.off("event", this.handler);
+                    // these listeners are attached in Crypto.acceptVerificationDM
+                    if (this._eventsSubscription) {
+                        this._eventsSubscription = this._eventsSubscription();
+                    }
                }
                resolve(...args);
            };
@@ -254,7 +262,10 @@ export default class VerificationBase extends EventEmitter {
                this._done = true;
                this._endTimer();
                if (this.handler) {
-                    this._baseApis.off("event", this.handler);
+                    // these listeners are attached in Crypto.acceptVerificationDM
+                    if (this._eventsSubscription) {
+                        this._eventsSubscription = this._eventsSubscription();
+                    }
                }
                reject(...args);
            };
@@ -295,4 +306,8 @@ export default class VerificationBase extends EventEmitter {
            await this._baseApis.setDeviceVerified(userId, deviceId);
        }
    }
+
+    setEventsSubscription(subscription) {
+        this._eventsSubscription = subscription;
+    }
 }