From 5e13b4c736b4b65c0c3e0c6f11116306300ba990 Mon Sep 17 00:00:00 2001
From: link2xt <link2xt@testrun.org>
Date: Fri, 18 Oct 2024 02:45:01 +0000
Subject: [PATCH] feat: log when late Autocrypt header is ignored

---
 src/decrypt.rs   |  2 +-
 src/peerstate.rs | 19 ++++++++++++++-----
 2 files changed, 15 insertions(+), 6 deletions(-)

diff --git a/src/decrypt.rs b/src/decrypt.rs
index 98bd0b16a..f3120926c 100644
--- a/src/decrypt.rs
+++ b/src/decrypt.rs
@@ -313,7 +313,7 @@ pub(crate) async fn get_autocrypt_peerstate(
         if let Some(ref mut peerstate) = peerstate {
             if addr_cmp(&peerstate.addr, from) {
                 if allow_change {
-                    peerstate.apply_header(header, message_time);
+                    peerstate.apply_header(context, header, message_time);
                     peerstate.save_to_db(&context.sql).await?;
                 } else {
                     info!(
diff --git a/src/peerstate.rs b/src/peerstate.rs
index c0d4c7e91..fc034fcde 100644
--- a/src/peerstate.rs
+++ b/src/peerstate.rs
@@ -343,7 +343,7 @@ impl Peerstate {
     }
 
     /// Updates peerstate according to the given `Autocrypt` header.
-    pub fn apply_header(&mut self, header: &Aheader, message_time: i64) {
+    pub fn apply_header(&mut self, context: &Context, header: &Aheader, message_time: i64) {
         if !addr_cmp(&self.addr, &header.addr) {
             return;
         }
@@ -362,6 +362,13 @@ impl Peerstate {
                 self.public_key = Some(header.public_key.clone());
                 self.recalc_fingerprint();
             }
+        } else {
+            warn!(
+                context,
+                "Ignoring outdated Autocrypt header because message_time={} < last_seen={}.",
+                message_time,
+                self.last_seen
+            );
         }
     }
 
@@ -842,7 +849,7 @@ pub(crate) async fn maybe_do_aeap_transition(
         let header = info.autocrypt_header.as_ref().context(
             "Internal error: Tried to do an AEAP transition without an autocrypt header??",
         )?;
-        peerstate.apply_header(header, info.message_time);
+        peerstate.apply_header(context, header, info.message_time);
 
         peerstate
             .save_to_db_ex(&context.sql, Some(&old_addr))
@@ -1021,6 +1028,8 @@ mod tests {
 
     #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
     async fn test_peerstate_degrade_reordering() {
+        let ctx = crate::test_utils::TestContext::new().await;
+
         let addr = "example@example.org";
         let pub_key = alice_keypair().public;
         let header = Aheader::new(addr.to_string(), pub_key, EncryptPreference::Mutual);
@@ -1045,7 +1054,7 @@ mod tests {
             fingerprint_changed: false,
         };
 
-        peerstate.apply_header(&header, 100);
+        peerstate.apply_header(&ctx, &header, 100);
         assert_eq!(peerstate.prefer_encrypt, EncryptPreference::Mutual);
 
         peerstate.degrade_encryption(300);
@@ -1053,11 +1062,11 @@ mod tests {
 
         // This has message time 200, while encryption was degraded at timestamp 300.
         // Because of reordering, header should not be applied.
-        peerstate.apply_header(&header, 200);
+        peerstate.apply_header(&ctx, &header, 200);
         assert_eq!(peerstate.prefer_encrypt, EncryptPreference::Reset);
 
         // Same header will be applied in the future.
-        peerstate.apply_header(&header, 300);
+        peerstate.apply_header(&ctx, &header, 300);
         assert_eq!(peerstate.prefer_encrypt, EncryptPreference::Mutual);
     }
 }