char
/
matrix-rust-sdk
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

crypto: Clamp the rotation period ms so users can't wedge E2E. 

Users may set a very small rotation period this might mean that a
session might expire by the time it's shared ending up in a loop where
we constantly need to share a group session yet never manage to send a
message.
master
Damir Jelić 2020-08-21 12:46:11 +02:00
parent 9fe23227af
commit aee40977a3
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
matrix_sdk_crypto/src/olm/group_sessions.rs
View File

@ -13,6 +13,7 @@
// limitations under the License. // limitations under the License.
use std::{ use std::{
cmp::min,
convert::TryInto, convert::TryInto,
fmt, fmt,
sync::{ sync::{
@ -406,7 +407,11 @@ impl OutboundGroupSession {
let count = self.message_count.load(Ordering::SeqCst); let count = self.message_count.load(Ordering::SeqCst);
count >= self.settings.rotation_period_msgs count >= self.settings.rotation_period_msgs
|| self.creation_time.elapsed() >= self.settings.rotation_period || self.creation_time.elapsed()
// Since the encryption settings are provided by users and not
// checked someone could set a really low rotation perdiod so
// clamp it at a minute.
>= min(self.settings.rotation_period, Duration::from_secs(3600))
} }
/// Mark the session as shared. /// Mark the session as shared.