-
Notifications
You must be signed in to change notification settings - Fork 216
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
e2ee should not hinder verification #1598
base: develop
Are you sure you want to change the base?
e2ee should not hinder verification #1598
Conversation
Codecov ReportBase: 13.48% // Head: 13.48% // Decreases project coverage by
Additional details and impacted files@@ Coverage Diff @@
## develop #1598 +/- ##
===========================================
- Coverage 13.48% 13.48% -0.01%
===========================================
Files 541 541
Lines 86690 86712 +22
Branches 36828 36842 +14
===========================================
Hits 11693 11693
- Misses 74555 74577 +22
Partials 442 442
Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here. ☔ View full report at Codecov. |
@@ -60,7 +60,7 @@ | |||
|
|||
@return a MXHTTPOperation instance. May be nil if all required materials is already in place. | |||
*/ | |||
- (MXHTTPOperation*)ensureSessionForUsers:(NSArray<NSString*>*)users | |||
- (MXHTTPOperation*)ensureSessionForUsers:(NSArray<NSString*>*)users forceDistributeToUnverified: (BOOL) forceDistributeToUnverified |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sadly we don't have obj-c style checker / formatter to check this automatically, but to aligh the style:
- no spaces between type and parameter, i.e.
forceDistributeToUnverified: (BOOL) forceDistributeToUnverified
=>forceDistributeToUnverified:(BOOL)forceDistributeToUnverified
(across the whole PR) - if some parameters are on multiple lines (e.g.
success
andfailure
), then all should be, inclforceDistributeToUnverified
, and aligned vertically by the double colon
@@ -166,6 +190,7 @@ - (BOOL)isSessionSharingHistory:(MXOutboundSessionInfo *)session | |||
@param failure A block object called when the operation fails. | |||
*/ | |||
- (MXHTTPOperation *)getDevicesInRoom:(NSArray<NSString*>*)users |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This method includes documentation above so would be good to include the new parameter. Also perhaps just a matter of personal preference, but the method getDevicesInRoom
does not suggest anything about distributing keys so perhaps the new parameter would be clearer as includeUnverifiedUsers
rather than forceDistributeToUnverified
@@ -198,7 +223,7 @@ - (MXHTTPOperation *)getDevicesInRoom:(NSArray<NSString*>*)users | |||
} | |||
|
|||
if (deviceInfo.trustLevel.localVerificationStatus == MXDeviceBlocked | |||
|| (!deviceInfo.trustLevel.isVerified && encryptToVerifiedDevicesOnly)) | |||
|| (!deviceInfo.trustLevel.isVerified && encryptToVerifiedDevicesOnly && !forceDistributeToUnverified)) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think it would be better / cleaner to include this extra condition in the BOOL encryptToVerifiedDevicesOnly =
declaration.
@@ -103,14 +104,37 @@ - (MXHTTPOperation*)encryptEventContent:(NSDictionary*)eventContent eventType:(M | |||
}]; | |||
} | |||
|
|||
- (MXHTTPOperation*)ensureSessionForUsers:(NSArray<NSString*>*)users | |||
- (BOOL) isVerificationEvent:(MXEventTypeString) eventType eventContent:(NSDictionary*)eventContent |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Optionally this whole method could be moved into MXTools
, as [MXTools isVerificationEvent]
, which will make it easier to unit test
Pull Request Checklist
Fixes #6519
Verification events sent in e2ee rooms should bypass the encrypt to verified devices only option. If not it renders verification impossible.
Motivation and context
As per spec: