summary refs log tree commit diff
diff options
context:
space:
mode:
authorNicolas Werner <nicolas.werner@hotmail.de>2022-06-12 19:09:07 +0200
committerNicolas Werner <nicolas.werner@hotmail.de>2022-06-12 19:09:07 +0200
commit62b3b461ec59b9b3ecd47d92b036d403359d229d (patch)
tree89c8e93628e19647a8b8d20d50f2096e84d6fc89
parentProperly handle glare when verifying (diff)
downloadnheko-62b3b461ec59b9b3ecd47d92b036d403359d229d.tar.xz
Fix comparison for glare algorithm
Diffstat (limited to '')
-rw-r--r--src/encryption/DeviceVerificationFlow.cpp9


-rw-r--r--src/encryption/DeviceVerificationFlow.h5


2 files changed, 9 insertions, 5 deletions
diff --git a/src/encryption/DeviceVerificationFlow.cpp b/src/encryption/DeviceVerificationFlow.cpp

index 32473522..cc12bb9b 100644
--- a/src/encryption/DeviceVerificationFlow.cpp
+++ b/src/encryption/DeviceVerificationFlow.cpp
@@ -15,6 +15,7 @@
 #include <QDateTime>
 #include <QTimer>
 #include <iostream>
+#include <tuple>
 
 static constexpr int TIMEOUT = 2 * 60 * 1000; // 2 minutes
 
@@ -569,10 +570,10 @@ DeviceVerificationFlow::handleStartMessage(const mtx::events::msg::KeyVerificati
             this->canonical_json = nlohmann::json(msg);
         else {
             // resolve glare
-            if (utils::localUser().toStdString() > this->toClient.to_string() &&
-                http::client()->device_id() > this->deviceId.toStdString()) {
-                // treat this as if the user with the smaller mxid and deviceid was the sender of
-                // "start"
+            if (std::tuple(this->toClient.to_string(), this->deviceId.toStdString()) <
+                std::tuple(utils::localUser().toStdString(), http::client()->device_id())) {
+                // treat this as if the user with the smaller mxid or smaller deviceid (if the mxid
+                // was the same) was the sender of "start"
                 this->canonical_json = nlohmann::json(msg);
                 this->sender         = false;
             }
diff --git a/src/encryption/DeviceVerificationFlow.h b/src/encryption/DeviceVerificationFlow.h

index e980d2ec..1955fab3 100644
--- a/src/encryption/DeviceVerificationFlow.h
+++ b/src/encryption/DeviceVerificationFlow.h
@@ -37,7 +37,7 @@ using sas_ptr = std::unique_ptr<mtx::crypto::SAS>;
  * &&                 |      n  |                                 |                                         |
  * no canonical_json  |      a  |      (m.key.verification.start) |                                         | waitingForKeys
  *                    |      l  |<--------------------------------| Not sending to prevent the glare resolve| && no commitment
- *                    |         |                                 |                                         | && no canonical_json
+ *                    |         |                                 |                               (1)       | && no canonical_json
  *                    |         | m.key.verification.start        |                                         |
  * waitForOtherAccept |         |-------------------------------->| (IF NOT ALREADY ASKED,                  |
  * &&                 |         |                                 |  ASK FOR VERIFICATION REQUEST)          | promptStartVerify, if not accepted
@@ -57,6 +57,9 @@ using sas_ptr = std::unique_ptr<mtx::crypto::SAS>;
  *                    |         |                                 |                                         |
  * success/fail       |         |         m.key.verification.done |                                         | success/fail
  *                    |         |<------------------------------->|                                         |
+ *
+ *  (1) Sometimes the other side does send this start. In this case we run the glare algorithm and send an accept only if
+ *      We are the bigger mxid and deviceid (since we discard our start message). <- GLARE RESOLUTION
  */
 // clang-format on
 class DeviceVerificationFlow : public QObject

 

generated by cgit-magenta 1.5.1 (git 2.48.1) at 2025-03-13 12:17:17 +0000