From adc867dc9957f994633a01312b71f8cd6f842950 Mon Sep 17 00:00:00 2001 From: Michael Albert Date: Wed, 15 Jul 2020 21:40:09 +0200 Subject: [PATCH 1/3] Fix E2EE for guests --- proposals/2689-fix-e2ee-for-guests.md | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) create mode 100644 proposals/2689-fix-e2ee-for-guests.md diff --git a/proposals/2689-fix-e2ee-for-guests.md b/proposals/2689-fix-e2ee-for-guests.md new file mode 100644 index 00000000..ad235a26 --- /dev/null +++ b/proposals/2689-fix-e2ee-for-guests.md @@ -0,0 +1,20 @@ +# MSC2689: Allow guests to operate in encrypted rooms + +MSC751 suggested to allow guests to use several endpoints in order to allow guests to use E2EE. +I found that guests are able to join encrypted rooms and read messages from other members. But when the +guest wants to send an event into the room the client receives an "guest access not allowed" error +for the `/rooms/room_id/members` endpoint. I assume the client tries to read the list of room members +to prepare the encryption of the event for the present members. Tests with a patched Synapse showed that +allowing guests to use this endpoint results in a normal behaviour and enables guests to communicate in +encrypted rooms. + + +## Proposal + +Allow guests to use the `GET /_matrix/client/r0/rooms//members` endpoint to enable them to +operate properly in encrypted rooms. + + +## Alternatives + +The list of room members could also be read from the sync. However that would not work with Lazy Loading. From 250f0e47c183eb505615b853853f0340c72dc3d2 Mon Sep 17 00:00:00 2001 From: Michael Albert Date: Wed, 15 Jul 2020 22:06:19 +0200 Subject: [PATCH 2/3] Fix typos --- proposals/2689-fix-e2ee-for-guests.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/proposals/2689-fix-e2ee-for-guests.md b/proposals/2689-fix-e2ee-for-guests.md index ad235a26..64323664 100644 --- a/proposals/2689-fix-e2ee-for-guests.md +++ b/proposals/2689-fix-e2ee-for-guests.md @@ -2,8 +2,8 @@ MSC751 suggested to allow guests to use several endpoints in order to allow guests to use E2EE. I found that guests are able to join encrypted rooms and read messages from other members. But when the -guest wants to send an event into the room the client receives an "guest access not allowed" error -for the `/rooms/room_id/members` endpoint. I assume the client tries to read the list of room members +guest wants to send an event into the room the client receives a "guest access not allowed" error +for the `/rooms/{room_id}/members` endpoint. I assume the client tries to read the list of room members to prepare the encryption of the event for the present members. Tests with a patched Synapse showed that allowing guests to use this endpoint results in a normal behaviour and enables guests to communicate in encrypted rooms. @@ -11,7 +11,7 @@ encrypted rooms. ## Proposal -Allow guests to use the `GET /_matrix/client/r0/rooms//members` endpoint to enable them to +Allow guests to use the `GET /_matrix/client/r0/rooms/{room_id}/members` endpoint to enable them to operate properly in encrypted rooms. From 78f3c3dac87775b77f54c2fdb43be24b9346fcb8 Mon Sep 17 00:00:00 2001 From: Michael Albert <37796947+awesome-michael@users.noreply.github.com> Date: Fri, 24 Jul 2020 21:47:45 +0200 Subject: [PATCH 3/3] Update proposals/2689-fix-e2ee-for-guests.md Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com> --- proposals/2689-fix-e2ee-for-guests.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/proposals/2689-fix-e2ee-for-guests.md b/proposals/2689-fix-e2ee-for-guests.md index 64323664..94413098 100644 --- a/proposals/2689-fix-e2ee-for-guests.md +++ b/proposals/2689-fix-e2ee-for-guests.md @@ -1,6 +1,6 @@ # MSC2689: Allow guests to operate in encrypted rooms -MSC751 suggested to allow guests to use several endpoints in order to allow guests to use E2EE. +[#751](https://github.com/matrix-org/matrix-doc/pull/751) granted guest users access to several endpoints in order to allow them to use E2EE. I found that guests are able to join encrypted rooms and read messages from other members. But when the guest wants to send an event into the room the client receives a "guest access not allowed" error for the `/rooms/{room_id}/members` endpoint. I assume the client tries to read the list of room members