Merge pull request #153 from mautrix/max/be-12207

Add option to delete outdated inbound keys

Author: tulir

mautrix/bridge/config.py

@@ -150,6 +150,7 @@ def do_update(self, helper: ConfigUpdateHelper) -> None:
         copy("bridge.encryption.delete_keys.delete_prev_on_new_session")
         copy("bridge.encryption.delete_keys.delete_on_device_delete")
         copy("bridge.encryption.delete_keys.periodically_delete_expired")
+        copy("bridge.encryption.delete_keys.delete_outdated_inbound")
         copy("bridge.encryption.verification_levels.receive")
         copy("bridge.encryption.verification_levels.send")
         copy("bridge.encryption.verification_levels.share")

mautrix/bridge/e2ee.py

@@ -56,6 +56,7 @@ class EncryptionManager:
     key_sharing_enabled: bool
     appservice_mode: bool
     periodically_delete_expired_keys: bool
+    delete_outdated_inbound: bool
 
     bridge: br.Bridge
     az: AppService
@@ -113,6 +114,7 @@ def __init__(
             self.az.to_device_handler = self.crypto.handle_as_to_device_event
 
         self.periodically_delete_expired_keys = False
+        self.delete_outdated_inbound = False
         self._key_delete_task = None
         del_cfg = bridge.config["bridge.encryption.delete_keys"]
         if del_cfg:
@@ -123,6 +125,7 @@ def __init__(
             self.crypto.delete_fully_used_keys_on_decrypt = del_cfg["delete_fully_used_on_decrypt"]
             self.crypto.delete_keys_on_device_delete = del_cfg["delete_on_device_delete"]
             self.periodically_delete_expired_keys = del_cfg["periodically_delete_expired"]
+            self.delete_outdated_inbound = del_cfg["delete_outdated_inbound"]
         self.crypto.disable_device_change_key_rotation = bridge.config[
             "bridge.encryption.rotation.disable_device_change_key_rotation"
         ]
@@ -279,6 +282,12 @@ async def start(self) -> None:
         else:
             _ = self.client.start(self._filter)
             self.log.info("End-to-bridge encryption support is enabled (sync mode)")
+        if self.delete_outdated_inbound:
+            deleted = await self.crypto_store.redact_outdated_group_sessions()
+            if len(deleted) > 0:
+                self.log.debug(
+                    f"Deleted {len(deleted)} inbound keys which lacked expiration metadata"
+                )
         if self.periodically_delete_expired_keys:
             self._key_delete_task = background_task.create(self._periodically_delete_keys())
         background_task.create(self._resync_encryption_info())

mautrix/crypto/store/abstract.py

@@ -237,6 +237,16 @@ async def redact_expired_group_sessions(self) -> list[SessionID]:
             The list of session IDs that were deleted.
         """
 
+    @abstractmethod
+    async def redact_outdated_group_sessions(self) -> list[SessionID]:
+        """
+        Remove all Megolm group sessions which lack the metadata to determine when they should
+        expire.
+
+        Returns:
+            The list of session IDs that were deleted.
+        """
+
     @abstractmethod
     async def has_group_session(self, room_id: RoomID, session_id: SessionID) -> bool:
         """

mautrix/crypto/store/asyncpg/store.py

@@ -362,6 +362,21 @@ async def redact_expired_group_sessions(self) -> list[SessionID]:
         )
         return [row["session_id"] for row in rows]
 
+    async def redact_outdated_group_sessions(self) -> list[SessionID]:
+        q = """
+        UPDATE crypto_megolm_inbound_session
+        SET withheld_code=$1, withheld_reason=$2, session=NULL, forwarding_chains=NULL
+        WHERE account_id=$3 AND session IS NOT NULL AND received_at IS NULL
+        RETURNING session_id
+        """
+        rows = await self.db.fetch(
+            q,
+            RoomKeyWithheldCode.BEEPER_REDACTED.value,
+            f"Session redacted: outdated",
+            self.account_id,
+        )
+        return [row["session_id"] for row in rows]
+
     async def has_group_session(self, room_id: RoomID, session_id: SessionID) -> bool:
         q = """
         SELECT COUNT(session) FROM crypto_megolm_inbound_session

mautrix/crypto/store/memory.py

@@ -134,6 +134,9 @@ async def redact_group_sessions(
     async def redact_expired_group_sessions(self) -> list[SessionID]:
         raise NotImplementedError()
 
+    async def redact_outdated_group_sessions(self) -> list[SessionID]:
+        raise NotImplementedError()
+
     async def has_group_session(self, room_id: RoomID, session_id: SessionID) -> bool:
         return (room_id, session_id) in self._inbound_sessions