ma1uta / ma1sd

Federated Matrix Identity Server (formerly fork of kamax/mxisd)
GNU Affero General Public License v3.0
167 stars 56 forks source link

Hash lookup finds no matches on first attempt #81

Closed mrjohnson22 closed 3 years ago

mrjohnson22 commented 3 years ago

The first hash lookup request that ma1sd receives will return no matches if the request had originally used an invalid/expired token.

To reproduce, clear the account table in ma1sd's internal database, restart ma1sd, and view the Discovery page in Element Android. The first time the page is visited, all emails will appear as unshared (the toggles will be grey), even if some of them are actually shared. Exiting the page and viewing it again will show the proper results (the toggles of shared emails will be green).

Maybe something is wrong with the way 3pid hashes are initialized on ma1sd startup.

mrjohnson22 commented 3 years ago

This might be a bug in the Matrix Android SDK, because ma1sd compares against the same stored hashes for both the failed & successful lookups. The problem is that the hashes sent by Element Android are different when they are sent in response to M_INVALID_PEPPER. Re-running a contact lookup (which is successful) sends different hashes than the first (unsuccessful) lookup, even though the pepper used by both lookups is the same (and is the one chosen by ma1sd, as it should be).