summary refs log tree commit diff
path: root/src/encryption/Olm.cpp (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Include moc files for a tiny speedup on incremental buildsNicolas Werner2024-03-161-0/+2
|
* Upgrade trust of megolm sessions when receiving RoomKeyNicolas Werner2023-11-191-14/+32
| | | | | | | Before we only did that, when we basically didn't have the key yet. But since we usually get sent a RoomKey when a new message is sent after we sign in, we were discarding, that those messages should usually now be trusted.
* Cleanup headers a bit moreNicolas Werner2023-10-311-8/+8
|
* Speed up compilation a bitNicolas Werner2023-10-311-1/+0
|
* Migrate olm sessions to be stored in one database instead of thousandsNicolas Werner2023-10-231-1/+1
|
* Remove a few more QPairsNicolas Werner2023-06-081-3/+3
|
* Fix a few more clazy warningsNicolas Werner2023-06-081-2/+2
|
* Adapt to the new inherited variantNicolas Werner2023-04-111-4/+4
|
* Get rid of year in license headersNicolas Werner2023-02-211-3/+1
| | | | | | See also: https://daniel.haxx.se/blog/2023/01/08/copyright-without-years/ https://hynek.me/til/copyright-years/
* Switch to upstream olm error codeNicolas Werner2023-02-211-1/+1
|
* Reduce code bloat a bitNicolas Werner2023-02-191-0/+1
| | | | | | Especially the emoji array shrinks a lot with this, but adds a few extra relocations on startup. But it removes a lot of exception handling code at runtime, which is nice and possibly this is still faster.
* Automatically fetch keys for undecrypted messages after verificationNicolas Werner2023-02-181-11/+23
| | | | | | | | Also fix rerendering edited messages after keys are received. fixes #1375 fixes #770 fixes #888
* Warn when no secret can be requestedNicolas Werner2023-01-221-1/+3
|
* Skip empty requests for cross-signing keys when user only has one device.Jason Volk2023-01-221-0/+3
| | | | | | Cause: Request button pressed in user settings. Result: Request body is jsNull; sendToDevice requires jsObject.
* Add some more error loggingNicolas Werner2023-01-091-2/+2
|
* A whole new year full of excitement and possibilities!Nicolas Werner2023-01-021-0/+1
|
* Store secrets (apart from the pickle key) in the databaseNicolas Werner2022-11-061-7/+14
|
* Speedup sending encrypted messages after metasync was reenabledNicolas Werner2022-11-011-69/+80
| | | | | | Calling fsync everytime we save to the db is slow, which is actually fairly noticeable in some larger E2EE rooms. Speed that up slightly by batching the olm session persisting.
* Enable -WconversionNicolas Werner2022-10-261-1/+1
|
* cppcheck stuff (#1200)Loren Burkholder2022-10-031-2/+2
| | | | | | | | | | | | | | | * cppcheck stuff * Update src/ui/RoomSettings.cpp Co-authored-by: DeepBlueV7.X <nicolas.werner@hotmail.de> * Update src/ui/RoomSettings.cpp Co-authored-by: DeepBlueV7.X <nicolas.werner@hotmail.de> * Fix linting Co-authored-by: DeepBlueV7.X <nicolas.werner@hotmail.de>
* Prevent the homeserver from inserting malicious secretsNicolas Werner2022-09-281-15/+25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Correctly verify that the reply to a secrets request is actually coming from a verified device. While we did verify that it was us who replied, we didn't properly cancel storing the secret if the sending device was one of ours but was maliciously inserted by the homeserver and unverified. We only send secret requests to verified devices in the first place, so only the homeserver could abuse this issue. Additionally we protected against malicious secret poisoning by verifying that the secret is actually the reply to a request. This means the server only has 2 places where it can poison the secrets: - After a verification when we automatically request the secrets - When the user manually hits the request button It also needs to prevent other secret answers to reach the client first since we ignore all replies after that one. The impact of this might be quite severe. It could allow the server to replace the cross-signing keys silently and while we might not trust that key, we possibly could trust it in the future if we rely on the stored secret. Similarly this could potentially be abused to make the client trust a malicious online key backup. If your deployment is not patched yet and you don't control your homeserver, you can protect against this by simply not doing any verifications of your own devices and not pressing the request button in the settings menu.
* Fix too many fmt parametersNicolas Werner2022-07-301-1/+1
|
* Make code compile with hidden friendsNicolas Werner2022-07-291-1/+1
|
* Request full online keybackup when turning it onNicolas Werner2022-06-191-0/+67
|
* Get rid of 'using json = nlohmann::json'Nicolas Werner2022-06-171-11/+11
|
* Fix compilation without implicit nlohmann conversionsNicolas Werner2022-06-171-10/+11
|
* Remove sender key from megolm session indexNicolas Werner2022-04-081-24/+24
| | | | | | implements MSC3700 see https://github.com/matrix-org/matrix-spec-proposals/pull/3700
* Allow properly editing pending encrypted messagesNicolas Werner2022-02-271-13/+25
|
* Update year in copyright notice to shut up lint jobNicolas Werner2022-01-011-0/+1
|
* Reserve size of some containers we are fillingNicolas Werner2021-12-291-0/+1
|
* Fix more warnings and remove dead codeNicolas Werner2021-12-281-3/+3
|
* Fix a few shadowing warningsNicolas Werner2021-12-111-2/+2
| | | | fixes #824
* Fix no replies being rendered for edits sent from Element in encrypted roomsNicolas Werner2021-11-111-5/+4
|
* Add self verification after loginNicolas Werner2021-10-301-26/+43
|
* Move voip and encryption stuff into their own directoriesNicolas Werner2021-10-171-0/+1612
generated by cgit-magenta 1.5.1 (git 2.48.1) at 2025-08-16 12:38:47 +0000