matrix/matrix-js-sdk
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-js-sdk.git synced 2025-11-26 17:03:12 +03:00
Code Activity

Don't force more than one new session per device per hour

Browse Source
This commit is contained in:
David Baker
2018-11-14 14:20:55 +00:00
parent 93d9c40323
commit ebf20d5b2c
2 changed files with 25 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/crypto/algorithms/megolm.js
View File

@@ -499,7 +499,7 @@ MegolmEncryption.prototype.reshareKeyWithDevice = async function(
}, },
}); });
logger.debug( logger.debug(
`Re-shared key for session ${sessionId} with {userId}:{device.deviceId}`, `Re-shared key for session ${sessionId} with ${userId}:${device.deviceId}`,
); );
}; };

24
src/crypto/index.js
View File

@@ -41,6 +41,8 @@ export function isCryptoAvailable() {
return Boolean(global.Olm); return Boolean(global.Olm);
} }
const MIN_FORCE_SESSION_INTERVAL_MS = 60 * 60 * 1000;
/** /**
* Cryptography bits * Cryptography bits
* *
@@ -120,6 +122,15 @@ export default function Crypto(baseApis, sessionStore, userId, deviceId,
// has happened for a given room. This is delayed // has happened for a given room. This is delayed
// to avoid loading room members as long as possible. // to avoid loading room members as long as possible.
this._roomDeviceTrackingState = {}; this._roomDeviceTrackingState = {};
// The timestamp of the last time we forced establishment
// of a new session for each device, in milliseconds.
// {
// userId: {
// deviceId: 1234567890000,
// },
// }
this._lastNewSessionForced = {};
} }
utils.inherits(Crypto, EventEmitter); utils.inherits(Crypto, EventEmitter);
@@ -1180,6 +1191,19 @@ Crypto.prototype._onToDeviceBadEncrypted = async function(event) {
return; return;
} }
// check when we last forced a new session with this device: if we've already done so
// recently, don't do it again.
this._lastNewSessionForced[sender] = this._lastNewSessionForced[sender] || {};
const lastNewSessionForced = this._lastNewSessionForced[sender][deviceKey] || 0;
if (lastNewSessionForced + MIN_FORCE_SESSION_INTERVAL_MS > Date.now()) {
logger.debug(
"New session already forced with device " + sender + ":" + deviceKey +
" at " + lastNewSessionForced + ": not forcing another",
);
return;
}
this._lastNewSessionForced[sender][deviceKey] = Date.now();
// establish a new olm session with this device since we're failing to decrypt messages // establish a new olm session with this device since we're failing to decrypt messages
// on a current session. // on a current session.
// Note that an undecryptable message from another device could easily be spoofed - // Note that an undecryptable message from another device could easily be spoofed -