OlmSession: Sanity/Validation when importing olm session pickle

[BillCarsonFr]

Currently when importing an olm session, the last_use_time and creation_time are blindly copied without checks:

matrix-rust-sdk/crates/matrix-sdk-crypto/src/olm/session.rs

Lines 251 to 261 in 75fe874

	Session {
	user_id,
	device_id,
	our_identity_keys,
	inner: Arc::new(Mutex::new(session)),
	session_id: session_id.into(),
	created_using_fallback_key: pickle.created_using_fallback_key,
	sender_key: pickle.sender_key,
	creation_time: pickle.creation_time,
	last_use_time: pickle.last_use_time,
	}

It maybe reasonable to check that these timestamps are not in the future.
As an example (developer error), the creation_time of the pickle could be set in millis. That would mean that if some unwedging occurs this session will ~always be seen is the most recent session and will be wrongly used.

[bnjbvr]

It maybe reasonable to check that these timestamps are not in the future.

Not sure, time is a complicated topic. What about desync'd clocks (be it the server that sent the event, or the receiver's device)? One could say "well, we'll accept events that are up to N minutes off << now >>", but then we enter the realm of heuristics...

[richvdh]

but then we enter the realm of heuristics...

I think the proposal is just defensive code to guard against the obvious footgun of setting them to milliseconds rather than seconds. We could say: if it's more than 10000 years in the future, it's probably wrong...

(Of course, if the fields had a sensible name, people would be less likely to set off the footgun in the first place.)