summary refs log tree commit diff
diff options
context:
space:
mode:
authorTill Faelligen <2353100+S7evinK@users.noreply.github.com>2024-04-16 16:11:04 +0200
committerTill Faelligen <2353100+S7evinK@users.noreply.github.com>2024-04-16 16:56:52 +0200
commit3c0c30ad7d239e4ae325b7de79cadc8377ea5c99 (patch)
tree111e1e606cf24c1fc47c430ca18701e91d34f4a5
parentbugfix: make msc3967 idempotent (#16943) (diff)
downloadsynapse-3c0c30ad7d239e4ae325b7de79cadc8377ea5c99.tar.xz
Ensure that uploaded keys are dicts
Diffstat
-rw-r--r--synapse/handlers/e2e_keys.py30


1 files changed, 21 insertions, 9 deletions
diff --git a/synapse/handlers/e2e_keys.py b/synapse/handlers/e2e_keys.py

index 1ece54ccfc..d0d8484272 100644
--- a/synapse/handlers/e2e_keys.py
+++ b/synapse/handlers/e2e_keys.py
@@ -782,7 +782,7 @@ class E2eKeysHandler:
 
         # TODO: Validate the JSON to make sure it has the right keys.
         device_keys = keys.get("device_keys", None)
-        if device_keys:
+        if device_keys and isinstance(device_keys, dict):
             logger.info(
                 "Updating device_keys for device %r for user %s at %d",
                 device_id,
@@ -796,17 +796,26 @@ class E2eKeysHandler:
                     "device_id": device_id,
                 }
             )
-            # TODO: Sign the JSON with the server key
-            changed = await self.store.set_e2e_device_keys(
-                user_id, device_id, time_now, device_keys
-            )
-            if changed:
-                # Only notify about device updates *if* the keys actually changed
-                await self.device_handler.notify_device_update(user_id, [device_id])
+
+            # Validate that user_id and device_id match the requesting user
+            if device_keys["user_id"] == user_id and device_keys["device_id"] == device_id:
+                # TODO: Sign the JSON with the server key
+                changed = await self.store.set_e2e_device_keys(
+                    user_id, device_id, time_now, device_keys
+                )
+                if changed:
+                    # Only notify about device updates *if* the keys actually changed
+                    await self.device_handler.notify_device_update(user_id, [device_id])
+            else:
+                log_kv({"message": "Not updating device_keys for user, user_id or device_id mismatch",
+                        "user_id": user_id})
+        elif device_keys:
+            log_kv({"message": "Did not update device_keys", "reason": "not a dict"})
         else:
             log_kv({"message": "Not updating device_keys for user", "user_id": user_id})
+
         one_time_keys = keys.get("one_time_keys", None)
-        if one_time_keys:
+        if one_time_keys and isinstance(one_time_keys, dict):
             log_kv(
                 {
                     "message": "Updating one_time_keys for device.",
@@ -817,10 +826,13 @@ class E2eKeysHandler:
             await self._upload_one_time_keys_for_user(
                 user_id, device_id, time_now, one_time_keys
             )
+        elif one_time_keys:
+            log_kv({"message": "Did not update one_time_keys", "reason": "not a dict"})
         else:
             log_kv(
                 {"message": "Did not update one_time_keys", "reason": "no keys given"}
             )
+
         fallback_keys = keys.get("fallback_keys") or keys.get(
             "org.matrix.msc2732.fallback_keys"
         )

 

generated by cgit-magenta 1.5.1 (git 2.48.1) at 2025-07-31 11:26:11 +0000