Merge pull request #3995 from matrix-org/jryans/4s-in-mem
Add advanced option to keep secret storage in memory for sessionpull/21833/head
commit
19ab395c18
|
@ -20,6 +20,7 @@ import {MatrixClientPeg} from './MatrixClientPeg';
|
|||
import { deriveKey } from 'matrix-js-sdk/src/crypto/key_passphrase';
|
||||
import { decodeRecoveryKey } from 'matrix-js-sdk/src/crypto/recoverykey';
|
||||
import { _t } from './languageHandler';
|
||||
import SettingsStore from './settings/SettingsStore';
|
||||
|
||||
// This stores the secret storage private keys in memory for the JS SDK. This is
|
||||
// only meant to act as a cache to avoid prompting the user multiple times
|
||||
|
@ -27,7 +28,14 @@ import { _t } from './languageHandler';
|
|||
// single secret storage operation, as it will clear the cached keys once the
|
||||
// operation ends.
|
||||
let secretStorageKeys = {};
|
||||
let cachingAllowed = false;
|
||||
let secretStorageBeingAccessed = false;
|
||||
|
||||
function isCachingAllowed() {
|
||||
return (
|
||||
secretStorageBeingAccessed ||
|
||||
SettingsStore.getValue("keepSecretStoragePassphraseForSession")
|
||||
);
|
||||
}
|
||||
|
||||
async function getSecretStorageKey({ keys: keyInfos }) {
|
||||
const keyInfoEntries = Object.entries(keyInfos);
|
||||
|
@ -37,7 +45,7 @@ async function getSecretStorageKey({ keys: keyInfos }) {
|
|||
const [name, info] = keyInfoEntries[0];
|
||||
|
||||
// Check the in-memory cache
|
||||
if (cachingAllowed && secretStorageKeys[name]) {
|
||||
if (isCachingAllowed() && secretStorageKeys[name]) {
|
||||
return [name, secretStorageKeys[name]];
|
||||
}
|
||||
|
||||
|
@ -71,7 +79,7 @@ async function getSecretStorageKey({ keys: keyInfos }) {
|
|||
const key = await inputToKey(input);
|
||||
|
||||
// Save to cache to avoid future prompts in the current session
|
||||
if (cachingAllowed) {
|
||||
if (isCachingAllowed()) {
|
||||
secretStorageKeys[name] = key;
|
||||
}
|
||||
|
||||
|
@ -104,7 +112,7 @@ export const crossSigningCallbacks = {
|
|||
*/
|
||||
export async function accessSecretStorage(func = async () => { }) {
|
||||
const cli = MatrixClientPeg.get();
|
||||
cachingAllowed = true;
|
||||
secretStorageBeingAccessed = true;
|
||||
|
||||
try {
|
||||
if (!await cli.hasSecretStorageKey()) {
|
||||
|
@ -143,7 +151,9 @@ export async function accessSecretStorage(func = async () => { }) {
|
|||
return await func();
|
||||
} finally {
|
||||
// Clear secret storage key cache now that work is complete
|
||||
cachingAllowed = false;
|
||||
secretStorageKeys = {};
|
||||
secretStorageBeingAccessed = false;
|
||||
if (!isCachingAllowed()) {
|
||||
secretStorageKeys = {};
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -66,6 +66,7 @@ export default class LabsUserSettingsTab extends React.Component {
|
|||
<SettingsFlag name={"showHiddenEventsInTimeline"} level={SettingLevel.DEVICE} />
|
||||
<SettingsFlag name={"lowBandwidth"} level={SettingLevel.DEVICE} />
|
||||
<SettingsFlag name={"sendReadReceipts"} level={SettingLevel.ACCOUNT} />
|
||||
<SettingsFlag name={"keepSecretStoragePassphraseForSession"} level={SettingLevel.DEVICE} />
|
||||
</div>
|
||||
</div>
|
||||
);
|
||||
|
|
|
@ -413,6 +413,7 @@
|
|||
"Send read receipts for messages (requires compatible homeserver to disable)": "Send read receipts for messages (requires compatible homeserver to disable)",
|
||||
"Show previews/thumbnails for images": "Show previews/thumbnails for images",
|
||||
"Enable message search in encrypted rooms": "Enable message search in encrypted rooms",
|
||||
"Keep secret storage passphrase in memory for this session": "Keep secret storage passphrase in memory for this session",
|
||||
"Collecting app version information": "Collecting app version information",
|
||||
"Collecting logs": "Collecting logs",
|
||||
"Uploading report": "Uploading report",
|
||||
|
|
|
@ -485,4 +485,9 @@ export const SETTINGS = {
|
|||
displayName: _td("Enable message search in encrypted rooms"),
|
||||
default: true,
|
||||
},
|
||||
"keepSecretStoragePassphraseForSession": {
|
||||
supportedLevels: LEVELS_DEVICE_ONLY_SETTINGS,
|
||||
displayName: _td("Keep secret storage passphrase in memory for this session"),
|
||||
default: false,
|
||||
},
|
||||
};
|
||||
|
|
Loading…
Reference in New Issue