Merge pull request #1077 from matrix-org/bwindels/dm-verif-in-e2ee-rooms

Fix SAS verification in encrypted DMs
2025-12-01 04:43:29 +03:00 · 2019-11-19 14:32:01 +00:00
parent 10751e9a6d 90512bdd5f
commit c785b10603
3 changed files with 104 additions and 27 deletions
--- a/src/crypto/verification/Base.js
+++ b/src/crypto/verification/Base.js
@@ -75,14 +75,15 @@ export default class VerificationBase extends EventEmitter {
        this._done = false;
        this._promise = null;
        this._transactionTimeoutTimer = null;
+        this._eventsSubscription = null;

        // At this point, the verification request was received so start the timeout timer.
        this._resetTimer();

        if (this.roomId) {
-            this._send = this._sendMessage;
+            this._sendWithTxnId = this._sendMessage;
        } else {
-            this._send = this._sendToDevice;
+            this._sendWithTxnId = this._sendToDevice;
        }
    }

@@ -106,13 +107,43 @@ export default class VerificationBase extends EventEmitter {
        }
    }

+    _contentFromEventWithTxnId(event) {
+        if (this.roomId) {  // verification as timeline event
+            // ensure m.related_to is included in e2ee rooms
+            // as the field is excluded from encryption
+            const content = Object.assign({}, event.getContent());
+            content["m.relates_to"] = event.getRelation();
+            return content;
+        } else { // verification as to_device event
+            return event.getContent();
+        }
+    }
+
+    /* creates a content object with the transaction id added to it */
+    _contentWithTxnId(content) {
+        const copy = Object.assign({}, content);
+        if (this.roomId) { // verification as timeline event
+            copy["m.relates_to"] = {
+                rel_type: "m.reference",
+                event_id: this.transactionId,
+            };
+        } else { // verification as to_device event
+            copy.transaction_id = this.transactionId;
+        }
+        return copy;
+    }
+
+    _send(type, contentWithoutTxnId) {
+        const content = this._contentWithTxnId(contentWithoutTxnId);
+        return this._sendWithTxnId(type, content);
+    }
+
    /* send a message to the other participant, using to-device messages
     */
    _sendToDevice(type, content) {
        if (this._done) {
            return Promise.reject(new Error("Verification is already done"));
        }
-        content.transaction_id = this.transactionId;
        return this._baseApis.sendToDevice(type, {
            [this.userId]: { [this.deviceId]: content },
        });
@@ -124,12 +155,6 @@ export default class VerificationBase extends EventEmitter {
        if (this._done) {
            return Promise.reject(new Error("Verification is already done"));
        }
-        // FIXME: if MSC1849 decides to use m.relationship instead of
-        // m.relates_to, we should follow suit here
-        content["m.relates_to"] = {
-            rel_type: "m.reference",
-            event_id: this.transactionId,
-        };
        return this._baseApis.sendEvent(this.roomId, type, content);
    }

@@ -223,6 +248,10 @@ export default class VerificationBase extends EventEmitter {
                // but no reject function. If cancel is called again, we'd error.
                if (this._reject) this._reject(e);
            } else {
+                // unsubscribe from events, this happens in _reject usually but we don't have one here
+                if (this._eventsSubscription) {
+                    this._eventsSubscription = this._eventsSubscription();
+                }
                // FIXME: this causes an "Uncaught promise" console message
                // if nothing ends up chaining this promise.
                this._promise = Promise.reject(e);
@@ -247,7 +276,10 @@ export default class VerificationBase extends EventEmitter {
                this._done = true;
                this._endTimer();
                if (this.handler) {
-                    this._baseApis.off("event", this.handler);
+                    // these listeners are attached in Crypto.acceptVerificationDM
+                    if (this._eventsSubscription) {
+                        this._eventsSubscription = this._eventsSubscription();
+                    }
                }
                resolve(...args);
            };
@@ -255,7 +287,10 @@ export default class VerificationBase extends EventEmitter {
                this._done = true;
                this._endTimer();
                if (this.handler) {
-                    this._baseApis.off("event", this.handler);
+                    // these listeners are attached in Crypto.acceptVerificationDM
+                    if (this._eventsSubscription) {
+                        this._eventsSubscription = this._eventsSubscription();
+                    }
                }
                reject(...args);
            };
@@ -309,4 +344,8 @@ export default class VerificationBase extends EventEmitter {
            await this._baseApis.setDeviceVerified(userId, deviceId);
        }
    }
+
+    setEventsSubscription(subscription) {
+        this._eventsSubscription = subscription;
+    }
 }