diff options
author | Richard van der Hoff <1389908+richvdh@users.noreply.github.com> | 2019-06-03 13:19:20 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-06-03 13:19:20 +0100 |
commit | 862b2f9ad583adaa509337b69f4b9cd0715100c2 (patch) | |
tree | 39ef92b1f0a61cf019d7fe60bac3aa0aeb8ae589 | |
parent | Unify v1 and v2 REST client APIs (#5226) (diff) | |
parent | Stop overwriting server keys with other keys (diff) | |
download | synapse-862b2f9ad583adaa509337b69f4b9cd0715100c2.tar.xz |
Merge pull request #5307 from matrix-org/rav/server_keys/07-fix-notary-cache-poison
Stop overwriting server keys with other keys
Diffstat (limited to '')
-rw-r--r-- | changelog.d/5307.bugfix | 1 | ||||
-rw-r--r-- | synapse/crypto/keyring.py | 14 |
2 files changed, 3 insertions, 12 deletions
diff --git a/changelog.d/5307.bugfix b/changelog.d/5307.bugfix new file mode 100644 index 0000000000..6b152f4854 --- /dev/null +++ b/changelog.d/5307.bugfix @@ -0,0 +1 @@ +Fix bug where a notary server would sometimes forget old keys. diff --git a/synapse/crypto/keyring.py b/synapse/crypto/keyring.py index f4918d1bc6..b2f4cea536 100644 --- a/synapse/crypto/keyring.py +++ b/synapse/crypto/keyring.py @@ -399,7 +399,7 @@ class BaseV2KeyFetcher(object): @defer.inlineCallbacks def process_v2_response( - self, from_server, response_json, time_added_ms, requested_ids=[] + self, from_server, response_json, time_added_ms ): """Parse a 'Server Keys' structure from the result of a /key request @@ -422,10 +422,6 @@ class BaseV2KeyFetcher(object): time_added_ms (int): the timestamp to record in server_keys_json - requested_ids (iterable[str]): a list of the key IDs that were requested. - We will store the json for these key ids as well as any that are - actually in the response - Returns: Deferred[dict[str, FetchKeyResult]]: map from key_id to result object """ @@ -481,11 +477,6 @@ class BaseV2KeyFetcher(object): signed_key_json_bytes = encode_canonical_json(signed_key_json) - # for reasons I don't quite understand, we store this json for the key ids we - # requested, as well as those we got. - updated_key_ids = set(requested_ids) - updated_key_ids.update(verify_keys) - yield logcontext.make_deferred_yieldable( defer.gatherResults( [ @@ -498,7 +489,7 @@ class BaseV2KeyFetcher(object): ts_expires_ms=ts_valid_until_ms, key_json_bytes=signed_key_json_bytes, ) - for key_id in updated_key_ids + for key_id in verify_keys ], consumeErrors=True, ).addErrback(unwrapFirstError) @@ -754,7 +745,6 @@ class ServerKeyFetcher(BaseV2KeyFetcher): response_keys = yield self.process_v2_response( from_server=server_name, - requested_ids=[requested_key_id], response_json=response, time_added_ms=time_now_ms, ) |