Open hardcore-sushi opened 2 weeks ago
This issue actually affects more that just the reset cross-signing key feature.
If the first login to the account is made with Element (typically when registering), it sends the same request to configure the initial cross-signing keys. Due to the malformed request payload, the setup fails, although Element reports it as properly enabled in the settings. Consequently, the session is reported as not verified (red shield) in encrypted chats, and any keys verification with other accounts is thus prevented.
For people stumbled upon this issue and looking for a workaround, you can add a rule in your nginx reverse proxy (if you use one) to fix the JSON payload. You need lua support with the cjson library. Here is an example configuration snippet:
location = /_matrix/client/unstable/keys/device_signing/upload {
if ($request_method = POST) {
access_by_lua_block {
local cjson = require "cjson"
ngx.req.read_body()
local data = cjson.decode(ngx.req.get_body_data())
if data["auth"] ~= nil and data.auth["user"] ~= nil then
data.auth.identifier = {
type = "m.id.user",
user = data.auth.user,
};
ngx.req.set_body_data(cjson.encode(data))
end
}
}
proxy_pass http://<CONDUIT ENDPOINT>$request_uri;
# ...
}
Steps to reproduce
Outcome
What did you expect?
Cross-signing keys to be reset.
What happened instead?
Element show the error message: "Failed to set up Cross Signing". Conduit prints:
The exact request sent by Element is:
As you can see, the
user
field is directly located under theauth
object, whereas element-web (which works) sends thisauth
object:It seems that element-android does not respect the Matrix spec:
Your phone model
No response
Operating system version
No response
Application version and app store
1.6.18 from F-Droid
Homeserver
conduit v0.8.0
Will you send logs?
Yes
Are you willing to provide a PR?
No