New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
crypto: Expose a function to customize SAS accepting #171
Conversation
b665605
to
ae7121d
Compare
Offer specifying settings to SAS accept() requests to limit the allowed verification methods.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks mostly good, a bit of polish in the docs and we can merge this. Thanks.
matrix_sdk/src/sas.rs
Outdated
|
||
/// Accept the interactive verification flow with specific settings. | ||
/// | ||
/// Pass `settings` to customizes the accept-request before sending it. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Let's add a big warning that the settings must be a subset of the offered one, if they aren't a subset of the offered ones the other side will cancel the verification flow. It would be neat if the settings builder would check this but that's probably not worth it considering the limited use-case.
Please document the settings argument under an # Arguments
section as a markdown list item like so
/// # Arguments
///
/// * `foo` - bar
An example would be very much welcome as well.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I wasn't aware of this subset restriction, so I changed the behaviour to only purge disallowed methods. I think it is better to design it safely than to add a warning and hope for the best.
Doc is done, with example.
Intersect the allowed methods passed from the user with the methods supported by the other party. If the user added new methods to the request, the remote party would cancel the verification.
Document arguments explicitly. Adapt to changed implementation. Provide example call.
/// | ||
/// # Examples | ||
/// | ||
/// ```ignore |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't know how to construct an Sas
value :/
Thanks. |
Offer callers to modify the SAS accept() request before being sent by
passing in a function which allows arbitrary modifications to the
request.