summary refs log tree commit diff
path: root/synapse/crypto/keyring.py
diff options
context:
space:
mode:
authorMark Haines <mark.haines@matrix.org>2016-07-27 15:11:02 +0100
committerMark Haines <mark.haines@matrix.org>2016-07-27 15:11:02 +0100
commit29b25d59c6de7da759f152fbcaba0e323a75af71 (patch)
tree508289fc88ee4b51b6c0bd5bd49538809f5a2bbf /synapse/crypto/keyring.py
parentClean up verify_json_objects_for_server (diff)
parentMerge pull request #955 from matrix-org/markjh/only_from2 (diff)
downloadsynapse-29b25d59c6de7da759f152fbcaba0e323a75af71.tar.xz
Merge branch 'develop' into markjh/verify
Conflicts:
	synapse/crypto/keyring.py
Diffstat (limited to 'synapse/crypto/keyring.py')
-rw-r--r--synapse/crypto/keyring.py11
1 files changed, 9 insertions, 2 deletions
diff --git a/synapse/crypto/keyring.py b/synapse/crypto/keyring.py
index f3924e23d8..5012c10ee8 100644
--- a/synapse/crypto/keyring.py
+++ b/synapse/crypto/keyring.py
@@ -454,7 +454,7 @@ class Keyring(object):
                 )
 
             processed_response = yield self.process_v2_response(
-                perspective_name, response
+                perspective_name, response, only_from_server=False
             )
 
             for server_name, response_keys in processed_response.items():
@@ -534,7 +534,7 @@ class Keyring(object):
 
     @defer.inlineCallbacks
     def process_v2_response(self, from_server, response_json,
-                            requested_ids=[]):
+                            requested_ids=[], only_from_server=True):
         time_now_ms = self.clock.time_msec()
         response_keys = {}
         verify_keys = {}
@@ -558,6 +558,13 @@ class Keyring(object):
 
         results = {}
         server_name = response_json["server_name"]
+        if only_from_server:
+            if server_name != from_server:
+                raise ValueError(
+                    "Expected a response for server %r not %r" % (
+                        from_server, server_name
+                    )
+                )
         for key_id in response_json["signatures"].get(server_name, {}):
             if key_id not in response_json["verify_keys"]:
                 raise ValueError(