don't insert into the device table for remote cross-signing keys (#6956)
parent
4fb5f4d0ce
commit
a90d0dc5c2
|
@ -0,0 +1 @@
|
|||
Don't record remote cross-signing keys in the `devices` table.
|
|
@ -680,11 +680,6 @@ class EndToEndKeyStore(EndToEndKeyWorkerStore, SQLBaseStore):
|
|||
'user_signing' for a user-signing key
|
||||
key (dict): the key data
|
||||
"""
|
||||
# the cross-signing keys need to occupy the same namespace as devices,
|
||||
# since signatures are identified by device ID. So add an entry to the
|
||||
# device table to make sure that we don't have a collision with device
|
||||
# IDs
|
||||
|
||||
# the 'key' dict will look something like:
|
||||
# {
|
||||
# "user_id": "@alice:example.com",
|
||||
|
@ -701,6 +696,14 @@ class EndToEndKeyStore(EndToEndKeyWorkerStore, SQLBaseStore):
|
|||
# The "keys" property must only have one entry, which will be the public
|
||||
# key, so we just grab the first value in there
|
||||
pubkey = next(iter(key["keys"].values()))
|
||||
|
||||
# The cross-signing keys need to occupy the same namespace as devices,
|
||||
# since signatures are identified by device ID. So add an entry to the
|
||||
# device table to make sure that we don't have a collision with device
|
||||
# IDs.
|
||||
# We only need to do this for local users, since remote servers should be
|
||||
# responsible for checking this for their own users.
|
||||
if self.hs.is_mine_id(user_id):
|
||||
self.db.simple_insert_txn(
|
||||
txn,
|
||||
"devices",
|
||||
|
|
Loading…
Reference in New Issue