diff options
author | Richard van der Hoff <1389908+richvdh@users.noreply.github.com> | 2019-07-26 12:38:37 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-07-26 12:38:37 +0100 |
commit | 1a93daf35326a91cb14d66a2ae63cdaf603d4585 (patch) | |
tree | cb993edd2bbc5f03eb2e190d55fce9e4832619df | |
parent | Convert RedactionTestCase to modern test style (#5768) (diff) | |
parent | Log when we receive a /make_* request from a different origin (diff) | |
download | synapse-1a93daf35326a91cb14d66a2ae63cdaf603d4585.tar.xz |
Merge pull request #5744 from matrix-org/erikj/log_leave_origin_mismatch
Log when we receive a /make_* request from a different origin
-rw-r--r-- | changelog.d/5744.bugfix | 1 | ||||
-rw-r--r-- | synapse/federation/federation_server.py | 4 | ||||
-rw-r--r-- | synapse/handlers/federation.py | 37 |
3 files changed, 38 insertions, 4 deletions
diff --git a/changelog.d/5744.bugfix b/changelog.d/5744.bugfix new file mode 100644 index 0000000000..7b67ebb2d3 --- /dev/null +++ b/changelog.d/5744.bugfix @@ -0,0 +1 @@ +Log when we receive a `/make_*` request from a different origin. diff --git a/synapse/federation/federation_server.py b/synapse/federation/federation_server.py index b4b9a05ca6..d216c46dfe 100644 --- a/synapse/federation/federation_server.py +++ b/synapse/federation/federation_server.py @@ -364,7 +364,7 @@ class FederationServer(FederationBase): logger.warn("Room version %s not in %s", room_version, supported_versions) raise IncompatibleRoomVersionError(room_version=room_version) - pdu = yield self.handler.on_make_join_request(room_id, user_id) + pdu = yield self.handler.on_make_join_request(origin, room_id, user_id) time_now = self._clock.time_msec() return {"event": pdu.get_pdu_json(time_now), "room_version": room_version} @@ -414,7 +414,7 @@ class FederationServer(FederationBase): def on_make_leave_request(self, origin, room_id, user_id): origin_host, _ = parse_server_name(origin) yield self.check_server_matches_acl(origin_host, room_id) - pdu = yield self.handler.on_make_leave_request(room_id, user_id) + pdu = yield self.handler.on_make_leave_request(origin, room_id, user_id) room_version = yield self.store.get_room_version(room_id) diff --git a/synapse/handlers/federation.py b/synapse/handlers/federation.py index 2aa208a2b8..89b37dbc1c 100644 --- a/synapse/handlers/federation.py +++ b/synapse/handlers/federation.py @@ -1204,11 +1204,28 @@ class FederationHandler(BaseHandler): @defer.inlineCallbacks @log_function - def on_make_join_request(self, room_id, user_id): + def on_make_join_request(self, origin, room_id, user_id): """ We've received a /make_join/ request, so we create a partial join event for the room and return that. We do *not* persist or process it until the other server has signed it and sent it back. + + Args: + origin (str): The (verified) server name of the requesting server. + room_id (str): Room to create join event in + user_id (str): The user to create the join for + + Returns: + Deferred[FrozenEvent] """ + + if get_domain_from_id(user_id) != origin: + logger.info( + "Got /make_join request for user %r from different origin %s, ignoring", + user_id, + origin, + ) + raise SynapseError(403, "User not from origin", Codes.FORBIDDEN) + event_content = {"membership": Membership.JOIN} room_version = yield self.store.get_room_version(room_id) @@ -1411,11 +1428,27 @@ class FederationHandler(BaseHandler): @defer.inlineCallbacks @log_function - def on_make_leave_request(self, room_id, user_id): + def on_make_leave_request(self, origin, room_id, user_id): """ We've received a /make_leave/ request, so we create a partial leave event for the room and return that. We do *not* persist or process it until the other server has signed it and sent it back. + + Args: + origin (str): The (verified) server name of the requesting server. + room_id (str): Room to create leave event in + user_id (str): The user to create the leave for + + Returns: + Deferred[FrozenEvent] """ + if get_domain_from_id(user_id) != origin: + logger.info( + "Got /make_leave request for user %r from different origin %s, ignoring", + user_id, + origin, + ) + raise SynapseError(403, "User not from origin", Codes.FORBIDDEN) + room_version = yield self.store.get_room_version(room_id) builder = self.event_builder_factory.new( room_version, |