From ccfae3c78a0ad9025b139eb78b3e8d50b5675ad5 Mon Sep 17 00:00:00 2001 From: lilia Date: Fri, 31 Jul 2015 11:14:43 -0700 Subject: [PATCH] Fix bug in identity key conflict edge case When resolving conflicts, we should not only discard the old key, but set the new trusted key to the one the user has verified. Previously, we would end up trusting the first-seen new key, which may not be the one the user verified. // FREEBIE --- js/models/conversations.js | 16 ++++++++++------ js/views/key_conflict_dialogue_view.js | 2 +- 2 files changed, 11 insertions(+), 7 deletions(-) diff --git a/js/models/conversations.js b/js/models/conversations.js index 499e4b2a0..90d33c71c 100644 --- a/js/models/conversations.js +++ b/js/models/conversations.js @@ -258,7 +258,9 @@ } }, - resolveConflicts: function(number) { + resolveConflicts: function(conflict) { + var number = conflict.number; + var identityKey = conflict.identityKey; if (this.isPrivate()) { number = this.id; } else if (!_.include(this.get('members'), number)) { @@ -270,11 +272,13 @@ } return textsecure.storage.axolotl.removeIdentityKey(number).then(function() { - this.messageCollection.each(function(message) { - if (message.hasKeyConflict(number)) { - message.resolveConflict(number); - } - }); + return textsecure.storage.axolotl.putIdentityKey(number, identityKey).then(function() { + this.messageCollection.each(function(message) { + if (message.hasKeyConflict(number)) { + message.resolveConflict(number); + } + }); + }.bind(this)); }.bind(this)); }, hashCode: function() { diff --git a/js/views/key_conflict_dialogue_view.js b/js/views/key_conflict_dialogue_view.js index 52fd9e24d..f582bf3d0 100644 --- a/js/views/key_conflict_dialogue_view.js +++ b/js/views/key_conflict_dialogue_view.js @@ -41,7 +41,7 @@ }, resolve: function() { new Promise(function(resolve) { - this.conversation.resolveConflicts(this.model.number).then(resolve); + this.conversation.resolveConflicts(this.model).then(resolve); }.bind(this)); this.trigger('resolve'); this.remove();