From aee40977a3304857b7beff8c33830d57f0653ffd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Damir=20Jeli=C4=87?= <poljar@termina.org.uk>
Date: Fri, 21 Aug 2020 12:46:11 +0200
Subject: [PATCH] crypto: Clamp the rotation period ms so users can't wedge
 E2E.

Users may set a very small rotation period this might mean that a
session might expire by the time it's shared ending up in a loop where
we constantly need to share a group session yet never manage to send a
message.
---
 matrix_sdk_crypto/src/olm/group_sessions.rs | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/matrix_sdk_crypto/src/olm/group_sessions.rs b/matrix_sdk_crypto/src/olm/group_sessions.rs
index a2710c38..40949632 100644
--- a/matrix_sdk_crypto/src/olm/group_sessions.rs
+++ b/matrix_sdk_crypto/src/olm/group_sessions.rs
@@ -13,6 +13,7 @@
 // limitations under the License.
 
 use std::{
+    cmp::min,
     convert::TryInto,
     fmt,
     sync::{
@@ -406,7 +407,11 @@ impl OutboundGroupSession {
         let count = self.message_count.load(Ordering::SeqCst);
 
         count >= self.settings.rotation_period_msgs
-            || self.creation_time.elapsed() >= self.settings.rotation_period
+            || self.creation_time.elapsed()
+                // Since the encryption settings are provided by users and not
+                // checked someone could set a really low rotation perdiod so
+                // clamp it at a minute.
+                >= min(self.settings.rotation_period, Duration::from_secs(3600))
     }
 
     /// Mark the session as shared.