Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Undecryptable messages after a server fails to federate. #20670

Open
ara4n opened this issue Jan 21, 2022 · 0 comments
Open

Undecryptable messages after a server fails to federate. #20670

ara4n opened this issue Jan 21, 2022 · 0 comments
Labels
O-Uncommon Most users are unlikely to come across this or unexpected workflow S-Major Severely degrades major functionality or product features, with no satisfactory workaround T-Defect Z-UISI Unable to decrypt errors

Comments

@ara4n
Copy link
Member

ara4n commented Jan 21, 2022
edited
Loading

Steps to reproduce

  1. I stood up a new server
  2. I forgot to include the letsencrypt intermediary in its cert file, so it couldn't federate
  3. I fixed this and then invited it to a room from matrix.org
  4. however, matrix.org had been blacklisted as a destination (for 10 mins) thanks to federation not working
  5. surprisingly, the invite came through and i could answer it
  6. but messages sent to matrix.org were "** Unable to decrypt: The sender was unable to establish a secure channel. **" on the receiving EWs - it looks like the messages arrived transitively via another non-blacklisted server.
  7. Once the 10 minutes elapsed however, the history is still broken - and new messages in both directions are still broken too.

Outcome

Encryption should recover once federation recovers.

Instead, it looks like

a) my synapse didn't mark matrix.org as unblacklisted once we saw traffic from it
b) my test EW didn't retry setting up Olm correctly (or the megolm wasn't retried too)
c) my normal EW also wasn't able to set through.

Operating system

macOS 12.1 on M1

Application version

Nightly

How did you install the app?

No response

Homeserver

No response

Will you send logs?

Yes
@ara4n ara4n added the T-Defect label Jan 21, 2022
@BillCarsonFr BillCarsonFr added the Z-UISI Unable to decrypt errors label Jan 21, 2022
@dbkr dbkr added O-Uncommon Most users are unlikely to come across this or unexpected workflow S-Major Severely degrades major functionality or product features, with no satisfactory workaround labels Jan 21, 2022
@ShadowJonathan ShadowJonathan mentioned this issue Jan 22, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
O-Uncommon Most users are unlikely to come across this or unexpected workflow S-Major Severely degrades major functionality or product features, with no satisfactory workaround T-Defect Z-UISI Unable to decrypt errors
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@dbkr @ara4n @BillCarsonFr