Add a cryptoConfig to limit room key requests #4333
Conversation
Unit Test Results0 files - 48 0 suites - 48 0s ⏱️ -52s Results for commit f343f84. ± Comparison against base commit f2c22c1. This pull request removes 91 tests. |
There was a problem hiding this comment.
I let @BillCarsonFr approve the PR if it's OK for him. I just have one question.
| @@ -68,7 +71,7 @@ internal class MXMegolmDecryption(private val userId: String, | |||
| override fun decryptEvent(event: Event, timeline: String): MXEventDecryptionResult { | |||
| // If cross signing is enabled, we don't send request until the keys are trusted | |||
| // There could be a race effect here when xsigning is enabled, we should ensure that keys was downloaded once | |||
| val requestOnFail = cryptoStore.getMyCrossSigningInfo()?.isTrusted() == true | |||
| val requestOnFail = cryptoStore.getMyCrossSigningInfo()?.isTrusted().orTrue() | |||
There was a problem hiding this comment.
The code is not strictly equivalent to the previous version. Is it intended?
There was a problem hiding this comment.
It's a bit strange yes, and unwanted I think (or should be guarded by a flag)
There was a problem hiding this comment.
I think that we should go with something more complete and configurable.
Probably a KeyForwardingStrategy:
Level 0 -> No Forwarding
Level 1 -> Forward if was intented to be shared initialy
Level 2 -> Level 1 + To current user verified sessions
Level 3 -> Level 2 + Key was initialy shared with another device belonging to a cross signed & verified user
Would Level 2 be what you want
|
This PR #5559 is adding a new boolean in MXCryptoConfig to limit room key requests to own devices |
In the case a fork wants to disable cross signing feature and to support legacy mode for the room key requests, it is best not to request the sender device.