Add more thorough E2E replace key checks (#179)

kegsay · web-flow · commit 078dea07ceb9 · 2021-07-28T11:19:16.000+01:00
* Add more thorough E2E replace key checks

There was a bug in the Dendrite impl which Sytest did not pick up.
These are regression tests for that bug.

* goimports -local github.com/matrix-org/complement

* Use the same lint version as buildkite and the lint script in this repo
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -13,7 +13,7 @@ jobs:
       - run: sudo apt-get -qq install libolm-dev
       - uses: golangci/golangci-lint-action@v2
         with:
-          version: v1.39
+          version: v1.33
           args: ./internal/... ./tests/... 
 
   complement:
diff --git a/go.mod b/go.mod
@@ -17,6 +17,8 @@ require (
 	github.com/sirupsen/logrus v1.6.0
 	github.com/tidwall/gjson v1.6.8
 	github.com/tidwall/sjson v1.1.5
-	golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9 // indirect
+	golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4 // indirect
+	golang.org/x/sync v0.0.0-20210220032951-036812b2e83c // indirect
+	golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c // indirect
 	maunium.net/go/mautrix v0.8.3
 )
diff --git a/go.sum b/go.sum
@@ -53,8 +53,6 @@ github.com/lib/pq v1.9.0 h1:L8nSXQQzAYByakOFMTwpjRoHsMJklur4Gi59b6VivR8=
 github.com/lib/pq v1.9.0/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
 github.com/matrix-org/gomatrix v0.0.0-20190528120928-7df988a63f26 h1:Hr3zjRsq2bhrnp3Ky1qgx/fzCtCALOoGYylh2tpS9K4=
 github.com/matrix-org/gomatrix v0.0.0-20190528120928-7df988a63f26/go.mod h1:3fxX6gUjWyI/2Bt7J1OLhpCzOfO/bB3AiX0cJtEKud0=
-github.com/matrix-org/gomatrixserverlib v0.0.0-20210621174423-185789a71f3a h1:ttpygr7uLtACsxDoTol1BTVqmMOyib0ZBovMOD6OzkU=
-github.com/matrix-org/gomatrixserverlib v0.0.0-20210621174423-185789a71f3a/go.mod h1:JsAzE1Ll3+gDWS9JSUHPJiiyAksvOOnGWF2nXdg4ZzU=
 github.com/matrix-org/gomatrixserverlib v0.0.0-20210624115417-42ac4e797a58 h1:PVn5mCHmdONm0k5d0/H+fdtI+/C156+J7vylnnvQWPY=
 github.com/matrix-org/gomatrixserverlib v0.0.0-20210624115417-42ac4e797a58/go.mod h1:JsAzE1Ll3+gDWS9JSUHPJiiyAksvOOnGWF2nXdg4ZzU=
 github.com/matrix-org/util v0.0.0-20190711121626-527ce5ddefc7 h1:ntrLa/8xVzeSs8vHFHK25k0C+NV74sYMJnNSg5NoSRo=
@@ -111,10 +109,12 @@ golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn
 golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20210220033124-5f55cee0dc0d h1:1aflnvSoWWLI2k/dMUAl5lvU1YO4Mb4hz0gh+1rjcxU=
 golang.org/x/net v0.0.0-20210220033124-5f55cee0dc0d/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
+golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4 h1:4nGaVu0QrbjT/AK2PRLuQfQuh6DJve+pELhqTdAj3x0=
+golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9 h1:SQFwaSi55rU7vdNs9Yr0Z324VNlrF+0wMqRXT4St8ck=
-golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20210220032951-036812b2e83c h1:5KslGYwFpkhGh+Q16bwMP3cOontH8FOep7tGV86Y7SQ=
+golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
@@ -125,10 +125,14 @@ golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20201119102817-f84b799fce68 h1:nxC68pudNYkKU6jWhgrqdreuFiOQWj1Fs7T3VrH4Pjw=
 golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c h1:F1jZWGFhYfh0Ci55sIpILtKKK8p3i2/krTr0H1rg74I=
+golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
+golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e h1:FDhOuMEY4JVRztM/gsbk+IKUQ8kj74bxZrgw87eMMVc=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
diff --git a/internal/client/client.go b/internal/client/client.go
@@ -266,7 +266,9 @@ func (c *CSAPI) MustDoFunc(t *testing.T, method string, paths []string, opts ...
 	t.Helper()
 	res := c.DoFunc(t, method, paths, opts...)
 	if res.StatusCode < 200 || res.StatusCode >= 300 {
-		t.Fatalf("CSAPI.MustDoFunc response return non-2xx code: %s", res.Status)
+		defer res.Body.Close()
+		body, _ := ioutil.ReadAll(res.Body)
+		t.Fatalf("CSAPI.MustDoFunc response return non-2xx code: %s - body: %s", res.Status, string(body))
 	}
 	return res
 }
diff --git a/tests/csapi/e2e_key_backup_test.go b/tests/csapi/e2e_key_backup_test.go
@@ -0,0 +1,159 @@
+package csapi_tests
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/tidwall/gjson"
+
+	"github.com/matrix-org/complement/internal/b"
+	"github.com/matrix-org/complement/internal/client"
+	"github.com/matrix-org/complement/internal/match"
+	"github.com/matrix-org/complement/internal/must"
+)
+
+type backupKey struct {
+	isVerified        bool
+	firstMessageIndex float64
+	forwardedCount    float64
+}
+
+// This test checks that the rules for replacing room keys are implemented correctly.
+// Specifically:
+//
+//    if the keys have different values for is_verified, then it will keep the key that has is_verified set to true;
+//    if they have the same values for is_verified, then it will keep the key with a lower first_message_index;
+//    and finally, is is_verified and first_message_index are equal, then it will keep the key with a lower forwarded_count.
+func TestE2EKeyBackupReplaceRoomKeyRules(t *testing.T) {
+	deployment := Deploy(t, b.BlueprintAlice)
+	defer deployment.Destroy(t)
+	userID := "@alice:hs1"
+	roomID := "!foo:hs1"
+	alice := deployment.Client(t, "hs1", userID)
+
+	// make a new key backup
+	res := alice.MustDoFunc(t, "POST", []string{"_matrix", "client", "r0", "room_keys", "version"}, client.WithJSONBody(t, map[string]interface{}{
+		"algorithm": "m.megolm_backup.v1",
+		"auth_data": map[string]interface{}{
+			"foo": "bar",
+		},
+	}))
+	defer res.Body.Close()
+	body := must.ParseJSON(t, res.Body)
+	backupVersion := gjson.GetBytes(body, "version").Str
+	if backupVersion == "" {
+		t.Fatalf("failed to get 'version' key from response: %s", string(body))
+	}
+
+	testCases := []struct {
+		sessionID           string      // change this for each test case to namespace tests correctly
+		input               backupKey   // the key to compare against
+		keysThatDontReplace []backupKey // the keys which won't update the input key
+	}{
+		{
+			sessionID: "a",
+			input: backupKey{
+				isVerified:        false,
+				firstMessageIndex: 10,
+				forwardedCount:    5,
+			},
+			keysThatDontReplace: []backupKey{
+				{
+					isVerified:        false,
+					firstMessageIndex: 11, // higher first message index
+					forwardedCount:    5,
+				},
+				{
+					isVerified:        false,
+					firstMessageIndex: 10,
+					forwardedCount:    6, // higher forwarded count
+				},
+				{
+					isVerified:        false,
+					firstMessageIndex: 11, // higher first message index
+					forwardedCount:    6,  // higher forwarded count
+				},
+			},
+		},
+		{
+			sessionID: "b",
+			input: backupKey{
+				isVerified:        true,
+				firstMessageIndex: 10,
+				forwardedCount:    5,
+			},
+			keysThatDontReplace: []backupKey{
+				{
+					isVerified:        false, // is verified is false
+					firstMessageIndex: 11,    // higher first message index
+					forwardedCount:    5,
+				},
+				{
+					isVerified:        false, // is verified is false
+					firstMessageIndex: 10,
+					forwardedCount:    6, // higher forwarded count
+				},
+				{
+					isVerified:        false, // is verified is false
+					firstMessageIndex: 11,    // higher first message index
+					forwardedCount:    6,     // higher forwarded count
+				},
+				{
+					isVerified:        true,
+					firstMessageIndex: 11, // higher first message index
+					forwardedCount:    5,
+				},
+				{
+					isVerified:        true,
+					firstMessageIndex: 10,
+					forwardedCount:    6, // higher forwarded count
+				},
+				{
+					isVerified:        true,
+					firstMessageIndex: 11, // higher first message index
+					forwardedCount:    6,  // higher forwarded count
+				},
+			},
+		},
+	}
+
+	t.Run("parallel", func(t *testing.T) {
+		for i := range testCases {
+			tc := testCases[i]
+			t.Run(fmt.Sprintf("%+v", tc.input), func(t *testing.T) {
+				t.Parallel()
+				// insert the key that will be tested against
+				alice.MustDoFunc(t, "PUT", []string{"_matrix", "client", "r0", "room_keys", "keys", roomID, tc.sessionID},
+					client.WithQueries(map[string][]string{"version": {backupVersion}}), client.WithJSONBody(t, map[string]interface{}{
+						"first_message_index": tc.input.firstMessageIndex,
+						"forwarded_count":     tc.input.forwardedCount,
+						"is_verified":         tc.input.isVerified,
+						"session_data":        map[string]interface{}{"a": "b"},
+					}),
+				)
+				// now check that each key in keysThatDontReplace do not replace this key
+				for _, testKey := range tc.keysThatDontReplace {
+					alice.MustDoFunc(t, "PUT", []string{"_matrix", "client", "r0", "room_keys", "keys", roomID, tc.sessionID},
+						client.WithQueries(map[string][]string{"version": {backupVersion}}), client.WithJSONBody(t, map[string]interface{}{
+							"first_message_index": testKey.firstMessageIndex,
+							"forwarded_count":     testKey.forwardedCount,
+							"is_verified":         testKey.isVerified,
+							"session_data":        map[string]interface{}{"a": "b"},
+						}),
+					)
+					checkResp := alice.MustDoFunc(t, "GET", []string{"_matrix", "client", "r0", "room_keys", "keys", roomID, tc.sessionID},
+						client.WithQueries(map[string][]string{"version": {backupVersion}}),
+					)
+					must.MatchResponse(t, checkResp, match.HTTPResponse{
+						StatusCode: 200,
+						JSON: []match.JSON{
+							match.JSONKeyEqual("first_message_index", tc.input.firstMessageIndex),
+							match.JSONKeyEqual("forwarded_count", tc.input.forwardedCount),
+							match.JSONKeyEqual("is_verified", tc.input.isVerified),
+						},
+					})
+				}
+			})
+		}
+	})
+}
diff --git a/tests/msc2716_test.go b/tests/msc2716_test.go
@@ -15,11 +15,12 @@ import (
 	"testing"
 	"time"
 
+	"github.com/tidwall/gjson"
+
 	"github.com/matrix-org/complement/internal/b"
 	"github.com/matrix-org/complement/internal/client"
 	"github.com/matrix-org/complement/internal/match"
 	"github.com/matrix-org/complement/internal/must"
-	"github.com/tidwall/gjson"
 )
 
 type event struct {
diff --git a/tests/msc2946_test.go b/tests/msc2946_test.go
@@ -7,11 +7,12 @@ import (
 	"net/url"
 	"testing"
 
+	"github.com/tidwall/gjson"
+
 	"github.com/matrix-org/complement/internal/b"
 	"github.com/matrix-org/complement/internal/client"
 	"github.com/matrix-org/complement/internal/match"
 	"github.com/matrix-org/complement/internal/must"
-	"github.com/tidwall/gjson"
 )
 
 var (
diff --git a/tests/msc3083_test.go b/tests/msc3083_test.go
@@ -9,12 +9,13 @@ import (
 	"net/url"
 	"testing"
 
+	"github.com/tidwall/gjson"
+
 	"github.com/matrix-org/complement/internal/b"
 	"github.com/matrix-org/complement/internal/client"
 	"github.com/matrix-org/complement/internal/docker"
 	"github.com/matrix-org/complement/internal/match"
 	"github.com/matrix-org/complement/internal/must"
-	"github.com/tidwall/gjson"
 )
 
 func failJoinRoom(t *testing.T, c *client.CSAPI, roomIDOrAlias string, serverName string) {

Original file line number	Diff line number	Diff line change
`@@ -266,7 +266,9 @@ func (c CSAPI) MustDoFunc(t testing.T, method string, paths []string, opts ...`
`266`	`266`	`t.Helper()`
`267`	`267`	`res := c.DoFunc(t, method, paths, opts...)`
`268`	`268`	`if res.StatusCode < 200 \|\| res.StatusCode >= 300 {`
`269`		`- t.Fatalf("CSAPI.MustDoFunc response return non-2xx code: %s", res.Status)`
	`269`	`+ defer res.Body.Close()`
	`270`	`+ body, _ := ioutil.ReadAll(res.Body)`
	`271`	`+ t.Fatalf("CSAPI.MustDoFunc response return non-2xx code: %s - body: %s", res.Status, string(body))`
`270`	`272`	`}`
`271`	`273`	`return res`
`272`	`274`	`}`