Strip unauthorized fields from `unsigned` object in events received over federation (#11530)

* add some tests to verify we are stripping unauthorized fields out of unsigned * add function to strip unauthorized fields from the unsigned object of event * newsfragment * update newsfragment number * add check to on_send_membership_event * refactor tests * fix lint error * slightly refactor tests and add some comments * slight refactor * refactor tests * fix import error * slight refactor * remove unsigned filtration code from synapse/handlers/federation_event.py * lint * move unsigned filtering code to event base * refactor tests * update newsfragment * requested changes * remove unused retun values
author: Shay <hillerys@element.io> 2022-01-06 09:09:30 -0800
committer: GitHub <noreply@github.com> 2022-01-06 09:09:30 -0800
commit: 70ce9aea7183890cca435e2c4b462e24221d1d2e (patch)
tree: 5bd3ee2053b5c1b9b9fbe080dca15c551d3394c4 /changelog.d
parent: Make room creations denied by `user_may_create_room` cause an `M_FORBIDDEN` e... (diff)
download: synapse-70ce9aea7183890cca435e2c4b462e24221d1d2e.tar.xz
1 files changed, 2 insertions, 0 deletions
diff --git a/changelog.d/11530.bugfix b/changelog.d/11530.bugfix
new file mode 100644
index 0000000000..7ea9ba4e49
--- /dev/null
+++ b/changelog.d/11530.bugfix
@@ -0,0 +1,2 @@
+Fix a long-standing issue which could cause Synapse to incorrectly accept data in the unsigned field of events
+received over federation.
\ No newline at end of file
author	Shay <hillerys@element.io>	2022-01-06 09:09:30 -0800
committer	GitHub <noreply@github.com>	2022-01-06 09:09:30 -0800
commit	70ce9aea7183890cca435e2c4b462e24221d1d2e (patch)
tree	5bd3ee2053b5c1b9b9fbe080dca15c551d3394c4 /changelog.d
parent	Make room creations denied by `user_may_create_room` cause an `M_FORBIDDEN` e... (diff)
download	synapse-70ce9aea7183890cca435e2c4b462e24221d1d2e.tar.xz