Page MenuHomePhabricator

[lib] Restart session when any Olm error is thrown
ClosedPublic

Authored by angelika on Oct 21 2024, 6:20 AM.
Tags
None
Referenced Files
Unknown Object (File)
Sat, Dec 21, 11:41 PM
Unknown Object (File)
Sat, Dec 21, 4:46 PM
Unknown Object (File)
Fri, Dec 20, 8:42 PM
Unknown Object (File)
Fri, Dec 20, 6:53 PM
Unknown Object (File)
Fri, Dec 20, 3:44 PM
Unknown Object (File)
Fri, Dec 20, 1:03 AM
Unknown Object (File)
Tue, Dec 17, 8:00 AM
Unknown Object (File)
Thu, Dec 5, 3:24 PM
Subscribers

Details

Summary

This diff restarts session when any Olm error is thrown by throwing an exception with OLM_ERROR flag set if error occured when decrypting the message.
If flag is included in the exception then the session is reset.

https://linear.app/comm/issue/ENG-9729/session-not-reset-after-getting-bad-message-mac

Test Plan
  1. Simulate BAD_MESSAGE_MAC by changing the last 3 characters of the message passed to session.decrypt() in the code
  2. Verify in the logs that BAD_MESSAGE_MAC is thrown and session is reset.

Diff Detail

Repository
rCOMM Comm
Lint
No Lint Coverage
Unit
No Test Coverage

Event Timeline

lib/tunnelbroker/use-peer-to-peer-message-handler.js
307 ↗(On Diff #45289)

I realize that this issue existed before, but there is a risk here... if the code throws a primitive (eg. throw 5), then we will get an error when trying to dereference 5.message

This can be mitigated by using getMessageForException. Given this pattern exists in the DMs code in more places than just here, perhaps it should be handled in a separate diff.

native/cpp/CommonCpp/CryptoTools/Session.cpp
177 ↗(On Diff #45289)

Given that OLM_ERROR has some magical importance, I think we should do more to make sure that somebody doesn't change it.

When we have two constants that need to match between two parts of the codebase, usually we add a code comment referring to the other location, and telling the reader to not change one location without changing the other.

Could you:

  1. Factor this out into a constant
  2. Add a code comment to the constant's definition, as well as the definition in olm-utils.js. Each comment should point to the other location, and should caution the reader to not change one without changing the other

Extract OLM_ERROR_FLAG to constant and add comments

ashoat added inline comments.
native/cpp/CommonCpp/CryptoTools/Session.h
20 ↗(On Diff #45300)

Should this be static?

This revision is now accepted and ready to land.Oct 21 2024, 1:35 PM
kamil added inline comments.
lib/tunnelbroker/use-peer-to-peer-message-handler.js
318 ↗(On Diff #45315)

The fact that this line was removed could cause an issue - when we receive an encrypted message for a non-existent session we should "heal" the state by calling createOlmSessionsWithUser

See that sessionDoesNotExist is different and does not have OLM_ERROR_FLAG

Bring back sessionDoesNotExist check