updated deps

2023-06-16 16:29:28 +03:00
parent 4c11919a46
commit f9d05d94c9
64 changed files with 12175 additions and 5221 deletions
--- a/vendor/maunium.net/go/mautrix/crypto/cryptohelper/cryptohelper.go
+++ b/vendor/maunium.net/go/mautrix/crypto/cryptohelper/cryptohelper.go
@@ -189,7 +189,7 @@ func (helper *CryptoHelper) Init() error {

 func (helper *CryptoHelper) Close() error {
 	if helper != nil && helper.dbForManagedStores != nil {
-		err := helper.dbForManagedStores.RawDB.Close()
+		err := helper.dbForManagedStores.Close()
 		if err != nil {
 			return err
 		}
--- a/vendor/maunium.net/go/mautrix/crypto/decryptmegolm.go
+++ b/vendor/maunium.net/go/mautrix/crypto/decryptmegolm.go
@@ -15,6 +15,7 @@ import (

 	"github.com/rs/zerolog"

+	"maunium.net/go/mautrix/crypto/olm"
 	"maunium.net/go/mautrix/event"
 	"maunium.net/go/mautrix/id"
 )
@@ -163,6 +164,26 @@ func removeItem(slice []uint, item uint) ([]uint, bool) {

 const missedIndexCutoff = 10

+func (mach *OlmMachine) checkUndecryptableMessageIndexDuplication(ctx context.Context, sess *InboundGroupSession, evt *event.Event, content *event.EncryptedEventContent) (uint, error) {
+	log := *zerolog.Ctx(ctx)
+	messageIndex, decodeErr := parseMessageIndex(content.MegolmCiphertext)
+	if decodeErr != nil {
+		log.Warn().Err(decodeErr).Msg("Failed to parse message index to check if it's a duplicate for message that failed to decrypt")
+		return 0, fmt.Errorf("%w (also failed to parse message index)", olm.UnknownMessageIndex)
+	}
+	firstKnown := sess.Internal.FirstKnownIndex()
+	log = log.With().Uint("message_index", messageIndex).Uint32("first_known_index", firstKnown).Logger()
+	if ok, err := mach.CryptoStore.ValidateMessageIndex(ctx, sess.SenderKey, content.SessionID, evt.ID, messageIndex, evt.Timestamp); err != nil {
+		log.Debug().Err(err).Msg("Failed to check if message index is duplicate")
+		return messageIndex, fmt.Errorf("%w (failed to check if index is duplicate; received: %d, earliest known: %d)", olm.UnknownMessageIndex, messageIndex, firstKnown)
+	} else if !ok {
+		log.Debug().Msg("Failed to decrypt message due to unknown index and found duplicate")
+		return messageIndex, fmt.Errorf("%w %d (also failed to decrypt because earliest known index is %d)", DuplicateMessageIndex, messageIndex, firstKnown)
+	}
+	log.Debug().Msg("Failed to decrypt message due to unknown index, but index is not duplicate")
+	return messageIndex, fmt.Errorf("%w (not duplicate index; received: %d, earliest known: %d)", olm.UnknownMessageIndex, messageIndex, firstKnown)
+}
+
 func (mach *OlmMachine) actuallyDecryptMegolmEvent(ctx context.Context, evt *event.Event, encryptionRoomID id.RoomID, content *event.EncryptedEventContent) (*InboundGroupSession, []byte, uint, error) {
 	mach.megolmDecryptLock.Lock()
 	defer mach.megolmDecryptLock.Unlock()
@@ -177,11 +198,15 @@ func (mach *OlmMachine) actuallyDecryptMegolmEvent(ctx context.Context, evt *eve
 	}
 	plaintext, messageIndex, err := sess.Internal.Decrypt(content.MegolmCiphertext)
 	if err != nil {
+		if errors.Is(err, olm.UnknownMessageIndex) && mach.RatchetKeysOnDecrypt {
+			messageIndex, err = mach.checkUndecryptableMessageIndexDuplication(ctx, sess, evt, content)
+			return sess, nil, messageIndex, fmt.Errorf("failed to decrypt megolm event: %w", err)
+		}
 		return sess, nil, 0, fmt.Errorf("failed to decrypt megolm event: %w", err)
 	} else if ok, err := mach.CryptoStore.ValidateMessageIndex(ctx, sess.SenderKey, content.SessionID, evt.ID, messageIndex, evt.Timestamp); err != nil {
 		return sess, nil, messageIndex, fmt.Errorf("failed to check if message index is duplicate: %w", err)
 	} else if !ok {
-		return sess, nil, messageIndex, DuplicateMessageIndex
+		return sess, nil, messageIndex, fmt.Errorf("%w %d", DuplicateMessageIndex, messageIndex)
 	}

 	expectedMessageIndex := sess.RatchetSafety.NextIndex
--- a/vendor/maunium.net/go/mautrix/crypto/devicelist.go
+++ b/vendor/maunium.net/go/mautrix/crypto/devicelist.go
@@ -198,6 +198,9 @@ func (mach *OlmMachine) fetchKeys(ctx context.Context, users []id.UserID, sinceT
 // This is called automatically whenever a device list change is noticed in ProcessSyncResponse and usually does
 // not need to be called manually.
 func (mach *OlmMachine) OnDevicesChanged(userID id.UserID) {
+	if mach.DisableDeviceChangeKeyRotation {
+		return
+	}
 	for _, roomID := range mach.StateStore.FindSharedRooms(userID) {
 		mach.Log.Debug().
 			Str("user_id", userID.String()).
--- a/vendor/maunium.net/go/mautrix/crypto/encryptmegolm.go
+++ b/vendor/maunium.net/go/mautrix/crypto/encryptmegolm.go
@@ -61,7 +61,7 @@ func IsShareError(err error) bool {
 	return err == SessionExpired || err == SessionNotShared || err == NoGroupSession
 }

-func parseMessageIndex(ciphertext []byte) (uint64, error) {
+func parseMessageIndex(ciphertext []byte) (uint, error) {
 	decoded := make([]byte, base64.RawStdEncoding.DecodedLen(len(ciphertext)))
 	var err error
 	_, err = base64.RawStdEncoding.Decode(decoded, ciphertext)
@@ -74,7 +74,7 @@ func parseMessageIndex(ciphertext []byte) (uint64, error) {
 	if read <= 0 {
 		return 0, fmt.Errorf("failed to decode varint, read value %d", read)
 	}
-	return index, nil
+	return uint(index), nil
 }

 // EncryptMegolmEvent encrypts data with the m.megolm.v1.aes-sha2 algorithm.
@@ -102,6 +102,7 @@ func (mach *OlmMachine) EncryptMegolmEvent(ctx context.Context, roomID id.RoomID
 		Str("event_type", evtType.Type).
 		Str("room_id", roomID.String()).
 		Str("session_id", session.ID().String()).
+		Uint("expected_index", session.Internal.MessageIndex()).
 		Logger()
 	log.Trace().Msg("Encrypting event...")
 	ciphertext, err := session.Encrypt(plaintext)
@@ -112,7 +113,7 @@ func (mach *OlmMachine) EncryptMegolmEvent(ctx context.Context, roomID id.RoomID
 	if err != nil {
 		log.Warn().Err(err).Msg("Failed to get megolm message index of encrypted event")
 	} else {
-		log = log.With().Uint64("message_index", idx).Logger()
+		log = log.With().Uint("message_index", idx).Logger()
 	}
 	log.Debug().Msg("Encrypted event successfully")
 	err = mach.CryptoStore.UpdateOutboundGroupSession(session)
--- a/vendor/maunium.net/go/mautrix/crypto/machine.go
+++ b/vendor/maunium.net/go/mautrix/crypto/machine.go
@@ -73,6 +73,8 @@ type OlmMachine struct {
 	RatchetKeysOnDecrypt         bool
 	DeleteFullyUsedKeysOnDecrypt bool
 	DeleteKeysOnDeviceDelete     bool
+
+	DisableDeviceChangeKeyRotation bool
 }

 // StateStore is used by OlmMachine to get room state information that's needed for encryption.
--- a/vendor/maunium.net/go/mautrix/crypto/olm/inboundgroupsession.go
+++ b/vendor/maunium.net/go/mautrix/crypto/olm/inboundgroupsession.go
@@ -230,12 +230,14 @@ func (s *InboundGroupSession) Decrypt(message []byte) ([]byte, uint, error) {
 	if err != nil {
 		return nil, 0, err
 	}
+	messageCopy := make([]byte, len(message))
+	copy(messageCopy, message)
 	plaintext := make([]byte, decryptMaxPlaintextLen)
 	var messageIndex uint32
 	r := C.olm_group_decrypt(
 		(*C.OlmInboundGroupSession)(s.int),
-		(*C.uint8_t)(&message[0]),
-		C.size_t(len(message)),
+		(*C.uint8_t)(&messageCopy[0]),
+		C.size_t(len(messageCopy)),
 		(*C.uint8_t)(&plaintext[0]),
 		C.size_t(len(plaintext)),
 		(*C.uint32_t)(&messageIndex))
--- a/vendor/maunium.net/go/mautrix/crypto/olm/session.go
+++ b/vendor/maunium.net/go/mautrix/crypto/olm/session.go
@@ -326,12 +326,13 @@ func (s *Session) Decrypt(message string, msgType id.OlmMsgType) ([]byte, error)
 	if err != nil {
 		return nil, err
 	}
+	messageCopy := []byte(message)
 	plaintext := make([]byte, decryptMaxPlaintextLen)
 	r := C.olm_decrypt(
 		(*C.OlmSession)(s.int),
 		C.size_t(msgType),
-		unsafe.Pointer(&([]byte(message))[0]),
-		C.size_t(len(message)),
+		unsafe.Pointer(&(messageCopy)[0]),
+		C.size_t(len(messageCopy)),
 		unsafe.Pointer(&plaintext[0]),
 		C.size_t(len(plaintext)))
 	if r == errorVal() {