search

mautrix / facebook

A Matrix-Facebook Messenger puppeting bridge
https://matrix.to/#/#facebook:maunium.net
GNU Affero General Public License v3.0
389 stars 64 forks source link

Crypto device confusion. #176

Closed kevincox closed 10 months ago

kevincox commented 3 years ago

I'm having trouble communicating with the bridge. It was working previously but after a restart I get this error when trying to send a message in the management room.

⚠ Your message was not bridged: the bridge hasn't received the decryption keys. If this error keeps happening, try restarting your client.

Sure enough all of my clients get this same message and restarts or cache clears do not help. I am using Element clients.

The problem appears to be that the bridges account crypto devices are not correct. If I look in the Element Web UI I see these devices:

However if I check the database:

mautrix-facebook> select device_id from crypto_account;
+-------------+
| device_id   |
|-------------|
| VITGIDEZVV  |
+-------------+
SELECT 1

If I check messages sent by the bridge I see that their sender device ID matches the device ID in the database, which leads me to think that the devices listed in the account are wrong for some reason.

mautrix-facebook config:

{
  "appservice": {
    "address": "http://localhost:29319",
    "bot_username": "facebookbot",
    "database": "postgresql://",
    "hostname": "localhost",
    "port": 29319
  },
  "bridge": {
    "backfill": {
      "initial_limit": 1000,
      "missed_limit": 1000
    },
    "delivery_receipts": true,
    "disable_bridge_notices": false,
    "displayname_template": "{displayname}",
    "encryption": {
      "allow": true,
      "default": true
    },
    "invite_own_puppet_to_pm": true,
    "permissions": {
      "REDACTED": "admin"
    },
    "presence": false,
    "resync_max_disconnected_time": 0,
    "username_template": "facebook_{userid}"
  },
  "homeserver": {
    "address": "http://localhost:8008",
    "domain": "REDACTED"
  },
  "logging": {
    "formatters": {
      "journal_fmt": {
        "format": "%(name)s: %(message)s"
      }
    },
    "handlers": {
      "journal": {
        "SYSLOG_IDENTIFIER": "mautrix-facebook",
        "class": "systemd.journal.JournalHandler",
        "formatter": "journal_fmt"
      }
    },
    "root": {
      "handlers": [
        "journal"
      ],
      "level": "INFO"
    },
    "version": 1
  },
  "manhole": {
    "enabled": false
  },
  "metrics": {
    "enabled": false
  }
}

(hs and as tokens are passed in as environment variables)

Synapse appservice registration:

{
  "as_token": "REDACTED",
  "de.sorunome.msc2409.push_ephemeral": true,
  "hs_token": "REDACTED",
  "id": "mautrix-facebook",
  "namespaces": {
    "aliases": [],
    "users": [
      {
        "exclusive": true,
        "regex": "@facebookbot:REDACTED"
      },
      {
        "exclusive": true,
        "regex": "@facebook_.*:REDACTED"
      }
    ]
  },
  "push_ephemeral": true,
  "rate_limited": false,
  "sender_localpart": "mautrix-facebook-sender",
  "url": "http://localhost:29319"
}
kevincox commented 3 years ago

I turned on debug logging and it appears that the startup gets stuck somewhere between

https://github.com/mautrix/python/blob/v0.10.6/mautrix/appservice/appservice.py#L130

and

https://github.com/mautrix/python/blob/v0.10.6/mautrix/bridge/matrix.py#L97

called from

https://github.com/mautrix/python/blob/v0.10.6/mautrix/bridge/bridge.py#L160-L161

It makes sense that this would cause the problem as it prevents the code from reaching

https://github.com/mautrix/python/blob/v0.10.6/mautrix/bridge/bridge.py#L167

Which is were the account ID is sent:

https://github.com/mautrix/python/blob/8b4b33b99b3ae74ae929429446c8634b4e1a1c99/mautrix/bridge/e2ee.py#L184-L191

kevincox commented 3 years ago

Hmm, a manhole check for bridge.az.ready returns True though, implying that we are reaching https://github.com/mautrix/python/blob/v0.10.6/mautrix/bridge/bridge.py#L170.

kevincox commented 3 years ago

Hmm, it just appears that logging for bridge.matrix.e2ee just isn't working because even manually making a critical log from a manhole isn't appearing.

kevincox commented 3 years ago

I managed to work around this by clearing the crypto_account table and restarting mautrix-facebook. This lead to it generating and registering a new session. It didn't clear the old sessions but at least it works now.

delete from crypto_account;
kevincox commented 10 months ago

I haven't seen this in a long time.