diff --git a/CHANGES.rst b/CHANGES.rst
index c1a8dd7613..da42327903 100644
--- a/CHANGES.rst
+++ b/CHANGES.rst
@@ -1,3 +1,20 @@
+Changes in synapse v0.18.7-rc1 (2017-01-06)
+===========================================
+
+Bug fixes:
+
+* Fix error in #PR 1764 to actually fix the nightmare #1753 bug.
+* Improve deadlock logging further
+* Discard inbound federation traffic from invalid domains, to immunise
+ against #1753
+
+Changes in synapse v0.18.6 (2017-01-06)
+=======================================
+
+Bug fixes:
+
+* Fix bug when checking if a guest user is allowed to join a room (PR #1772)
+
Changes in synapse v0.18.6-rc3 (2017-01-05)
===========================================
diff --git a/synapse/__init__.py b/synapse/__init__.py
index a1da92ef92..91e3a2c2e0 100644
--- a/synapse/__init__.py
+++ b/synapse/__init__.py
@@ -16,4 +16,4 @@
""" This is a reference implementation of a Matrix home server.
"""
-__version__ = "0.18.6-rc3"
+__version__ = "0.18.7-rc1"
diff --git a/synapse/events/__init__.py b/synapse/events/__init__.py
index 8c71aeb5e4..da9f3ad436 100644
--- a/synapse/events/__init__.py
+++ b/synapse/events/__init__.py
@@ -43,7 +43,7 @@ class _EventInternalMetadata(object):
returns a str with the name of the server this event is sent on behalf of.
"""
- return getattr(self, "get_send_on_behalf_of", None)
+ return getattr(self, "send_on_behalf_of", None)
def _event_dict_property(key):
diff --git a/synapse/federation/federation_server.py b/synapse/federation/federation_server.py
index 800f04189f..5f6e6cbb42 100644
--- a/synapse/federation/federation_server.py
+++ b/synapse/federation/federation_server.py
@@ -23,6 +23,7 @@ from synapse.util.async import Linearizer
from synapse.util.logutils import log_function
from synapse.util.caches.response_cache import ResponseCache
from synapse.events import FrozenEvent
+from synapse.types import get_domain_from_id
import synapse.metrics
from synapse.api.errors import AuthError, FederationError, SynapseError
@@ -132,7 +133,7 @@ class FederationServer(FederationBase):
if response:
logger.debug(
- "[%s] We've already responed to this request",
+ "[%s] We've already responded to this request",
transaction.transaction_id
)
defer.returnValue(response)
@@ -475,6 +476,27 @@ class FederationServer(FederationBase):
@defer.inlineCallbacks
@log_function
def _handle_new_pdu(self, origin, pdu, get_missing=True):
+
+ # check that it's actually being sent from a valid destination to
+ # workaround bug #1753 in 0.18.5 and 0.18.6
+ if origin != get_domain_from_id(pdu.event_id):
+ if not (
+ pdu.type == 'm.room.member' and
+ pdu.content and
+ pdu.content.get("membership", None) == 'join' and
+ self.hs.is_mine_id(pdu.state_key)
+ ):
+ logger.info(
+ "Discarding PDU %s from invalid origin %s",
+ pdu.event_id, origin
+ )
+ return
+ else:
+ logger.info(
+ "Accepting join PDU %s from %s",
+ pdu.event_id, origin
+ )
+
# We reprocess pdus when we have seen them only as outliers
existing = yield self._get_persisted_pdu(
origin, pdu.event_id, do_auth=False
diff --git a/synapse/handlers/room_member.py b/synapse/handlers/room_member.py
index ba49075a20..2f8782e522 100644
--- a/synapse/handlers/room_member.py
+++ b/synapse/handlers/room_member.py
@@ -232,10 +232,12 @@ class RoomMemberHandler(BaseHandler):
is_host_in_room = yield self._is_host_in_room(current_state_ids)
if effective_membership_state == Membership.JOIN:
- if requester.is_guest and not self._can_guest_join(current_state_ids):
- # This should be an auth check, but guests are a local concept,
- # so don't really fit into the general auth process.
- raise AuthError(403, "Guest access not allowed")
+ if requester.is_guest:
+ guest_can_join = yield self._can_guest_join(current_state_ids)
+ if not guest_can_join:
+ # This should be an auth check, but guests are a local concept,
+ # so don't really fit into the general auth process.
+ raise AuthError(403, "Guest access not allowed")
if not is_host_in_room:
inviter = yield self.get_inviter(target.to_string(), room_id)
diff --git a/synapse/state.py b/synapse/state.py
index ba0d2a39ac..8003099c88 100644
--- a/synapse/state.py
+++ b/synapse/state.py
@@ -160,9 +160,9 @@ class StateHandler(object):
@defer.inlineCallbacks
def get_current_user_in_room(self, room_id, latest_event_ids=None):
- logger.info("calling resolve_state_groups from get_current_user_in_room")
if not latest_event_ids:
latest_event_ids = yield self.store.get_latest_event_ids_in_room(room_id)
+ logger.info("calling resolve_state_groups from get_current_user_in_room")
entry = yield self.resolve_state_groups(room_id, latest_event_ids)
joined_users = yield self.store.get_joined_users_from_state(
room_id, entry.state_id, entry.state
|
