Merge pull request #954 from uhoreg/fix_verification_request

Key verification request fixes
2025-11-26 17:03:12 +03:00 · 2019-06-14 15:39:01 -04:00
parent efbdf4e1a8 64daa444dd
commit d694ee3ef3
2 changed files with 10 additions and 5 deletions
--- a/src/client.js
+++ b/src/client.js
@@ -734,19 +734,19 @@ async function _setDeviceVerification(
 * Request a key verification from another user.
 *
 * @param {string} userId the user to request verification with
- * @param {Array} devices array of device IDs to send requests to.  Defaults to
- *    all devices owned by the user
 * @param {Array} methods array of verification methods to use.  Defaults to
 *    all known methods
+ * @param {Array} devices array of device IDs to send requests to.  Defaults to
+ *    all devices owned by the user
 *
 * @returns {Promise<module:crypto/verification/Base>} resolves to a verifier
 *    when the request is accepted by the other user
 */
-MatrixClient.prototype.requestVerification = function(userId, devices, methods) {
+MatrixClient.prototype.requestVerification = function(userId, methods, devices) {
    if (this._crypto === null) {
        throw new Error("End-to-end encryption disabled");
    }
-    return this._crypto.requestVerification(userId, devices);
+    return this._crypto.requestVerification(userId, methods, devices);
 };

 /**
--- a/src/crypto/index.js
+++ b/src/crypto/index.js
@@ -1667,6 +1667,11 @@ Crypto.prototype._onKeyVerificationRequest = function(event) {
    }

    const sender = event.getSender();
+    if (sender === this._userId && content.from_device === this._deviceId) {
+        // ignore requests from ourselves, because it doesn't make sense for a
+        // device to verify itself
+        return;
+    }
    if (this._verificationTransactions.has(sender)) {
        if (this._verificationTransactions.get(sender).has(content.transaction_id)) {
            // transaction already exists: cancel it and drop the existing
@@ -1719,7 +1724,7 @@ Crypto.prototype._onKeyVerificationRequest = function(event) {
            },
        );
    } else {
-        // notify the application that of the verification request, so it can
+        // notify the application of the verification request, so it can
        // decide what to do with it
        const request = {
            event: event,