Drop OTK counts intended for other devices

mautrix · Jul 24, 2021 · 02f00b9 · 02f00b9
1 parent be2dee6
commit 02f00b9
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 1 deletion.
diff --git a/crypto/machine.go b/crypto/machine.go
@@ -179,6 +179,12 @@ func (mach *OlmMachine) HandleDeviceLists(dl *mautrix.DeviceLists, since string)
 }
 
 func (mach *OlmMachine) HandleOTKCounts(otkCount *mautrix.OTKCount) {
+	if (len(otkCount.UserID) > 0 && otkCount.UserID != mach.Client.UserID) || (len(otkCount.DeviceID) > 0 && otkCount.DeviceID != mach.Client.DeviceID) {
+		// TODO This log probably needs to be silence-able if someone wants to use encrypted appservices with multiple e2ee sessions
+		mach.Log.Debug("Dropping OTK counts targeted to %s/%s (not us)", otkCount.UserID, otkCount.DeviceID)
+		return
+	}
+
 	minCount := mach.account.Internal.MaxNumberOfOneTimeKeys() / 2
 	if otkCount.SignedCurve25519 < int(minCount) {
 		mach.Log.Debug("Sync response said we have %d signed curve25519 keys left, sharing new ones...", otkCount.SignedCurve25519)

diff --git a/responses.go b/responses.go
@@ -200,7 +200,8 @@ type OTKCount struct {
 	SignedCurve25519 int `json:"signed_curve25519"`
 
 	// For appservice OTK counts only: the user ID in question
-	UserID id.UserID `json:"-"`
+	UserID   id.UserID   `json:"-"`
+	DeviceID id.DeviceID `json:"-"`
 }
 
 type SyncLeftRoom struct {