summary refs log tree commit diff
diff options
context:
space:
mode:
authorMatthew <matthew@matrix.org>2017-01-07 03:46:16 +0000
committerMatthew <matthew@matrix.org>2017-01-07 03:46:16 +0000
commit6d363cea9d201b1e3807a991b4f88bdf9793d604 (patch)
treec74dec00f1e708b3f22c7473b6f247a4863981d8
parentMerge branch 'release-v0.18.7' into develop (diff)
parentbump changelog & version (diff)
downloadsynapse-6d363cea9d201b1e3807a991b4f88bdf9793d604.tar.xz
Merge branch 'release-v0.18.7' into develop
-rw-r--r--CHANGES.rst10
-rw-r--r--synapse/__init__.py2
-rw-r--r--synapse/federation/federation_server.py40
3 files changed, 31 insertions, 21 deletions
diff --git a/CHANGES.rst b/CHANGES.rst
index 3db747df38..3fb3197ace 100644
--- a/CHANGES.rst
+++ b/CHANGES.rst
@@ -1,3 +1,11 @@
+Changes in synapse v0.18.7-rc2 (2017-01-07)
+===========================================
+
+Bug fixes:
+
+* Fix error in rc1's discarding invalid inbound traffic logic that was
+  incorrectly discarding missing events
+
 Changes in synapse v0.18.7-rc1 (2017-01-06)
 ===========================================
 
@@ -5,6 +13,8 @@ Bug fixes:
 
 * Fix error in #PR 1764 to actually fix the nightmare #1753 bug.
 * Improve deadlock logging further
+* Discard inbound federation traffic from invalid domains, to immunise
+  against #1753
 
 Changes in synapse v0.18.6 (2017-01-06)
 =======================================
diff --git a/synapse/__init__.py b/synapse/__init__.py
index 91e3a2c2e0..cb332279df 100644
--- a/synapse/__init__.py
+++ b/synapse/__init__.py
@@ -16,4 +16,4 @@
 """ This is a reference implementation of a Matrix home server.
 """
 
-__version__ = "0.18.7-rc1"
+__version__ = "0.18.7-rc2"
diff --git a/synapse/federation/federation_server.py b/synapse/federation/federation_server.py
index 5f6e6cbb42..1fee4e83a6 100644
--- a/synapse/federation/federation_server.py
+++ b/synapse/federation/federation_server.py
@@ -144,6 +144,26 @@ class FederationServer(FederationBase):
         results = []
 
         for pdu in pdu_list:
+            # check that it's actually being sent from a valid destination to
+            # workaround bug #1753 in 0.18.5 and 0.18.6
+            if transaction.origin != get_domain_from_id(pdu.event_id):
+                if not (
+                    pdu.type == 'm.room.member' and
+                    pdu.content and
+                    pdu.content.get("membership", None) == 'join' and
+                    self.hs.is_mine_id(pdu.state_key)
+                ):
+                    logger.info(
+                        "Discarding PDU %s from invalid origin %s",
+                        pdu.event_id, transaction.origin
+                    )
+                    continue
+                else:
+                    logger.info(
+                        "Accepting join PDU %s from %s",
+                        pdu.event_id, transaction.origin
+                    )
+
             try:
                 yield self._handle_new_pdu(transaction.origin, pdu)
                 results.append({})
@@ -477,26 +497,6 @@ class FederationServer(FederationBase):
     @log_function
     def _handle_new_pdu(self, origin, pdu, get_missing=True):
 
-        # check that it's actually being sent from a valid destination to
-        # workaround bug #1753 in 0.18.5 and 0.18.6
-        if origin != get_domain_from_id(pdu.event_id):
-            if not (
-                pdu.type == 'm.room.member' and
-                pdu.content and
-                pdu.content.get("membership", None) == 'join' and
-                self.hs.is_mine_id(pdu.state_key)
-            ):
-                logger.info(
-                    "Discarding PDU %s from invalid origin %s",
-                    pdu.event_id, origin
-                )
-                return
-            else:
-                logger.info(
-                    "Accepting join PDU %s from %s",
-                    pdu.event_id, origin
-                )
-
         # We reprocess pdus when we have seen them only as outliers
         existing = yield self._get_persisted_pdu(
             origin, pdu.event_id, do_auth=False