diff options
author | Richard van der Hoff <richard@matrix.org> | 2019-05-31 15:48:36 +0100 |
---|---|---|
committer | Richard van der Hoff <richard@matrix.org> | 2019-05-31 15:58:35 +0100 |
commit | 3600f5568b5f8c6902a0dbeeb349c1891f8114b9 (patch) | |
tree | 73fe52c7e72eb4d41d9a1ed6f2b712c58acd6462 /synapse/crypto/keyring.py | |
parent | Merge pull request #5300 from matrix-org/rav/server_keys/06-fix-serverkeys-ha... (diff) | |
download | synapse-3600f5568b5f8c6902a0dbeeb349c1891f8114b9.tar.xz |
Stop overwriting server keys with other keys
Fix a bug where we would discard a key result which the origin server is no longer returning. Fixes #5305.
Diffstat (limited to '')
-rw-r--r-- | synapse/crypto/keyring.py | 14 |
1 files changed, 2 insertions, 12 deletions
diff --git a/synapse/crypto/keyring.py b/synapse/crypto/keyring.py index 5756478ad7..8f47469a1c 100644 --- a/synapse/crypto/keyring.py +++ b/synapse/crypto/keyring.py @@ -394,7 +394,7 @@ class BaseV2KeyFetcher(object): @defer.inlineCallbacks def process_v2_response( - self, from_server, response_json, time_added_ms, requested_ids=[] + self, from_server, response_json, time_added_ms ): """Parse a 'Server Keys' structure from the result of a /key request @@ -417,10 +417,6 @@ class BaseV2KeyFetcher(object): time_added_ms (int): the timestamp to record in server_keys_json - requested_ids (iterable[str]): a list of the key IDs that were requested. - We will store the json for these key ids as well as any that are - actually in the response - Returns: Deferred[dict[str, FetchKeyResult]]: map from key_id to result object """ @@ -476,11 +472,6 @@ class BaseV2KeyFetcher(object): signed_key_json_bytes = encode_canonical_json(signed_key_json) - # for reasons I don't quite understand, we store this json for the key ids we - # requested, as well as those we got. - updated_key_ids = set(requested_ids) - updated_key_ids.update(verify_keys) - yield logcontext.make_deferred_yieldable( defer.gatherResults( [ @@ -493,7 +484,7 @@ class BaseV2KeyFetcher(object): ts_expires_ms=ts_valid_until_ms, key_json_bytes=signed_key_json_bytes, ) - for key_id in updated_key_ids + for key_id in verify_keys ], consumeErrors=True, ).addErrback(unwrapFirstError) @@ -749,7 +740,6 @@ class ServerKeyFetcher(BaseV2KeyFetcher): response_keys = yield self.process_v2_response( from_server=server_name, - requested_ids=[requested_key_id], response_json=response, time_added_ms=time_now_ms, ) |