diff options
author | Patrick Cloke <clokep@users.noreply.github.com> | 2021-07-16 10:36:38 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-07-16 10:36:38 -0400 |
commit | d427f64724569d606add3c1e6f3008bdd82c092d (patch) | |
tree | 9303df2b4b45ed64c62e9ff2320a56142352a4e6 | |
parent | Use inline type hints in `http/federation/`, `storage/` and `util/` (#10381) (diff) | |
download | synapse-d427f64724569d606add3c1e6f3008bdd82c092d.tar.xz |
Do not include signatures/hashes in make_{join,leave,knock} responses. (#10404)
These signatures would end up invalid since the joining/leaving/knocking server would modify the response before calling send_{join,leave,knock}.
-rw-r--r-- | changelog.d/10404.bugfix | 1 | ||||
-rw-r--r-- | synapse/events/__init__.py | 14 | ||||
-rw-r--r-- | synapse/federation/federation_server.py | 9 |
3 files changed, 18 insertions, 6 deletions
diff --git a/changelog.d/10404.bugfix b/changelog.d/10404.bugfix new file mode 100644 index 0000000000..2e095b6402 --- /dev/null +++ b/changelog.d/10404.bugfix @@ -0,0 +1 @@ +Responses from `/make_{join,leave,knock}` no longer include signatures, which will turn out to be invalid after events are returned to `/send_{join,leave,knock}`. diff --git a/synapse/events/__init__.py b/synapse/events/__init__.py index 65dc7a4ed0..0298af4c02 100644 --- a/synapse/events/__init__.py +++ b/synapse/events/__init__.py @@ -291,6 +291,20 @@ class EventBase(metaclass=abc.ABCMeta): return pdu_json + def get_templated_pdu_json(self) -> JsonDict: + """ + Return a JSON object suitable for a templated event, as used in the + make_{join,leave,knock} workflow. + """ + # By using _dict directly we don't pull in signatures/unsigned. + template_json = dict(self._dict) + # The hashes (similar to the signature) need to be recalculated by the + # joining/leaving/knocking server after (potentially) modifying the + # event. + template_json.pop("hashes") + + return template_json + def __set__(self, instance, value): raise AttributeError("Unrecognized attribute %s" % (instance,)) diff --git a/synapse/federation/federation_server.py b/synapse/federation/federation_server.py index d91f0ff32f..29619aeeb8 100644 --- a/synapse/federation/federation_server.py +++ b/synapse/federation/federation_server.py @@ -562,8 +562,7 @@ class FederationServer(FederationBase): raise IncompatibleRoomVersionError(room_version=room_version) pdu = await self.handler.on_make_join_request(origin, room_id, user_id) - time_now = self._clock.time_msec() - return {"event": pdu.get_pdu_json(time_now), "room_version": room_version} + return {"event": pdu.get_templated_pdu_json(), "room_version": room_version} async def on_invite_request( self, origin: str, content: JsonDict, room_version_id: str @@ -611,8 +610,7 @@ class FederationServer(FederationBase): room_version = await self.store.get_room_version_id(room_id) - time_now = self._clock.time_msec() - return {"event": pdu.get_pdu_json(time_now), "room_version": room_version} + return {"event": pdu.get_templated_pdu_json(), "room_version": room_version} async def on_send_leave_request( self, origin: str, content: JsonDict, room_id: str @@ -659,9 +657,8 @@ class FederationServer(FederationBase): ) pdu = await self.handler.on_make_knock_request(origin, room_id, user_id) - time_now = self._clock.time_msec() return { - "event": pdu.get_pdu_json(time_now), + "event": pdu.get_templated_pdu_json(), "room_version": room_version.identifier, } |