crypto: Make sure that we don't hold on to a mutex guard over an await.

matrix_sdk_crypto/src/verification/machine.rs

@@ -196,6 +196,12 @@ mod test {
         let alice_device = Device::from_account(&alice).await;
 
         store.save_devices(&[bob_device]).await.unwrap();
+        bob_store
+            .read()
+            .await
+            .save_devices(&[alice_device.clone()])
+            .await
+            .unwrap();
 
         let machine = VerificationMachine::new(alice, Arc::new(RwLock::new(Box::new(store))));
         let (bob_sas, start_content) = Sas::start(bob, alice_device, bob_store);

matrix_sdk_crypto/src/verification/sas/mod.rs

@@ -153,13 +153,19 @@ impl Sas {
     /// string, otherwise returns a `MacEventContent` that needs to be sent to
     /// the server.
     pub async fn confirm(&self) -> Result<Option<ToDeviceRequest>, CryptoStoreError> {
+        let (content, done) = {
             let mut guard = self.inner.lock().unwrap();
             let sas: InnerSas = (*guard).clone();
             let (sas, content) = sas.confirm();
-        *guard = sas;
 
-        if guard.is_done() {
-            self.mark_device_as_verified().await?;
+            *guard = sas;
+            (content, guard.is_done())
+        };
+
+        if done {
+            if !self.mark_device_as_verified().await? {
+                return Ok(self.cancel());
+            }
         }
 
         Ok(content.map(|c| {
@@ -600,6 +606,13 @@ mod test {
         let bob_store: Arc<RwLock<Box<dyn CryptoStore>>> =
             Arc::new(RwLock::new(Box::new(MemoryStore::new())));
 
+        bob_store
+            .read()
+            .await
+            .save_devices(&[alice_device.clone()])
+            .await
+            .unwrap();
+
         let (alice, content) = Sas::start(alice, bob_device, alice_store);
         let event = wrap_to_device_event(alice.user_id(), content);