diff --git a/src/Cache.cpp b/src/Cache.cpp
index a1242633..b12c8679 100644
--- a/src/Cache.cpp
+++ b/src/Cache.cpp
@@ -1714,6 +1714,19 @@ Cache::getMembers(const std::string &room_id, std::size_t startIndex, std::size_
return members;
}
+bool
+Cache::isRoomMember(const std::string &user_id, const std::string &room_id)
+{
+ auto txn = lmdb::txn::begin(env_);
+ auto db = getMembersDb(txn, room_id);
+
+ lmdb::val value;
+ bool res = lmdb::dbi_get(txn, db, lmdb::val(user_id), value);
+ txn.commit();
+
+ return res;
+}
+
void
Cache::saveTimelineMessages(lmdb::txn &txn,
const std::string &room_id,
diff --git a/src/Cache.h b/src/Cache.h
index d5d1729e..beca502f 100644
--- a/src/Cache.h
+++ b/src/Cache.h
@@ -400,6 +400,9 @@ public:
void setDeviceList(const std::string &user_id, const std::vector<std::string> &devices);
std::vector<std::string> getDeviceList(const std::string &user_id);
+ //! Check if a user is a member of the room.
+ bool isRoomMember(const std::string &user_id, const std::string &room_id);
+
//
// Outbound Megolm Sessions
//
diff --git a/src/Olm.cpp b/src/Olm.cpp
index fe4265d7..963bea41 100644
--- a/src/Olm.cpp
+++ b/src/Olm.cpp
@@ -369,6 +369,14 @@ handle_key_request_message(const mtx::events::msg::KeyRequest &req)
return;
}
+ if (!cache::client()->isRoomMember(req.sender, req.room_id)) {
+ nhlog::crypto()->warn(
+ "user {} that requested the session key is not member of the room {}",
+ req.sender,
+ req.room_id);
+ return;
+ }
+
//
// Prepare the m.room_key event.
//
|
