diff options
author | Erik Johnston <erik@matrix.org> | 2016-07-13 13:12:25 +0100 |
---|---|---|
committer | Erik Johnston <erik@matrix.org> | 2016-07-13 13:12:25 +0100 |
commit | 2cb758ac75e529d9d093122a207ec43bcfa5f067 (patch) | |
tree | 0eb9f58fb96c0c482204b3d3cbb86b27cf5c608d | |
parent | Check creation event's room_id domain matches sender's (diff) | |
download | synapse-2cb758ac75e529d9d093122a207ec43bcfa5f067.tar.xz |
Check if alias event's state_key matches sender's domain
-rw-r--r-- | synapse/api/auth.py | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/synapse/api/auth.py b/synapse/api/auth.py index 29b4ac456c..e05defd7d8 100644 --- a/synapse/api/auth.py +++ b/synapse/api/auth.py @@ -115,6 +115,17 @@ class Auth(object): # FIXME: Temp hack if event.type == EventTypes.Aliases: + if not event.state_key: + raise AuthError( + 403, + "Alias event must have non-empty state_key" + ) + sender_domain = get_domain_from_id(event.sender) + if event.state_key != sender_domain: + raise AuthError( + 403, + "Alias event's state_key does not match sender's domain" + ) return True logger.debug( |