matrix-rust-sdk
matrix-rust-sdk copied to clipboard
Make `collect_session_recipients` more resistent
Currently when collect_session_recipients
is figuring out to which devices a key was distributed it only looks at shared_with_set
and not to_share_with_set
(inflight).
That means that if the caller calls share_room_key, but fails to distribute the to_device, at the next call the device will not be seen has having the key but will eventually get it after ~~next call that processes outgoing requests~~ next message is sent in room.
As an example there was a bug in webR, where to-device was not marked as sent.
This leads to several strange side effect.
For example is you change the only_allow_trusted_devices
setting to true (with an unverified device in the room). Then collect session recipient won't rotate the megolm session, as the session as not been delivered (not in shared_with_set
, only in to_share_with_set
).
As a result the sdk will give you 2 to-devices, a room key for the device and a withheld for the same device and same session.
We could make the sdk more resistent by considering bothshared_with_set
and to_share_with_set