Fix bug in identity key conflict edge case

When resolving conflicts, we should not only discard the old key, but set the new trusted key to the one the user has verified. Previously, we would end up trusting the first-seen new key, which may not be the one the user verified. // FREEBIE
2015-07-31 11:14:43 -07:00
parent d808d255eb
commit ccfae3c78a
2 changed files with 11 additions and 7 deletions
--- a/js/models/conversations.js
+++ b/js/models/conversations.js
@@ -258,7 +258,9 @@
        }
    },

-    resolveConflicts: function(number) {
+    resolveConflicts: function(conflict) {
+        var number = conflict.number;
+        var identityKey = conflict.identityKey;
        if (this.isPrivate()) {
            number = this.id;
        } else if (!_.include(this.get('members'), number)) {
@@ -270,11 +272,13 @@
        }

        return textsecure.storage.axolotl.removeIdentityKey(number).then(function() {
-            this.messageCollection.each(function(message) {
-                if (message.hasKeyConflict(number)) {
-                    message.resolveConflict(number);
-                }
-            });
+            return textsecure.storage.axolotl.putIdentityKey(number, identityKey).then(function() {
+                this.messageCollection.each(function(message) {
+                    if (message.hasKeyConflict(number)) {
+                        message.resolveConflict(number);
+                    }
+                });
+            }.bind(this));
        }.bind(this));
    },
    hashCode: function() {