Merge branch 'erikj/log_leave_origin_mismatch' into release-v1.2.1

author: Andrew Morgan <andrew@amorgan.xyz> 2020-02-19 16:06:06 +0000
committer: Andrew Morgan <andrew@amorgan.xyz> 2020-02-19 16:06:06 +0000
commit: c89770f0e63c1925107efebf7b78bd375a1bcd4b (patch)
tree: 1ba2f47559cecdf54891a473a09b0fd0a2f4fc73 /synapse/handlers/federation.py
parent: Convert RedactionTestCase to modern test style (#5768) (diff)
parent: Merge branch 'erikj/log_leave_origin_mismatch' into release-v1.2.1 (diff)
download: synapse-c89770f0e63c1925107efebf7b78bd375a1bcd4b.tar.xz
1 files changed, 35 insertions, 2 deletions
diff --git a/synapse/handlers/federation.py b/synapse/handlers/federation.py
index ca0cdf1a3b..319ee35d9a 100644
--- a/synapse/handlers/federation.py
+++ b/synapse/handlers/federation.py
@@ -1204,11 +1204,28 @@ class FederationHandler(BaseHandler):
 
     @defer.inlineCallbacks
     @log_function
-    def on_make_join_request(self, room_id, user_id):
+    def on_make_join_request(self, origin, room_id, user_id):
         """ We've received a /make_join/ request, so we create a partial
         join event for the room and return that. We do *not* persist or
         process it until the other server has signed it and sent it back.
+
+        Args:
+            origin (str): The (verified) server name of the requesting server.
+            room_id (str): Room to create join event in
+            user_id (str): The user to create the join for
+
+        Returns:
+            Deferred[FrozenEvent]
         """
+
+        if get_domain_from_id(user_id) != origin:
+            logger.info(
+                "Got /make_join request for user %r from different origin %s, ignoring",
+                user_id,
+                origin,
+            )
+            raise SynapseError(403, "User not from origin", Codes.FORBIDDEN)
+
         event_content = {"membership": Membership.JOIN}
 
         room_version = yield self.store.get_room_version(room_id)
@@ -1418,11 +1435,27 @@ class FederationHandler(BaseHandler):
 
     @defer.inlineCallbacks
     @log_function
-    def on_make_leave_request(self, room_id, user_id):
+    def on_make_leave_request(self, origin, room_id, user_id):
         """ We've received a /make_leave/ request, so we create a partial
         leave event for the room and return that. We do *not* persist or
         process it until the other server has signed it and sent it back.
+
+        Args:
+            origin (str): The (verified) server name of the requesting server.
+            room_id (str): Room to create leave event in
+            user_id (str): The user to create the leave for
+
+        Returns:
+            Deferred[FrozenEvent]
         """
+        if get_domain_from_id(user_id) != origin:
+            logger.info(
+                "Got /make_leave request for user %r from different origin %s, ignoring",
+                user_id,
+                origin,
+            )
+            raise SynapseError(403, "User not from origin", Codes.FORBIDDEN)
+
         room_version = yield self.store.get_room_version(room_id)
         builder = self.event_builder_factory.new(
             room_version,
author	Andrew Morgan <andrew@amorgan.xyz>	2020-02-19 16:06:06 +0000
committer	Andrew Morgan <andrew@amorgan.xyz>	2020-02-19 16:06:06 +0000
commit	c89770f0e63c1925107efebf7b78bd375a1bcd4b (patch)
tree	1ba2f47559cecdf54891a473a09b0fd0a2f4fc73 /synapse/handlers/federation.py
parent	Convert RedactionTestCase to modern test style (#5768) (diff)
parent	Merge branch 'erikj/log_leave_origin_mismatch' into release-v1.2.1 (diff)
download	synapse-c89770f0e63c1925107efebf7b78bd375a1bcd4b.tar.xz