summary refs log tree commit diff
path: root/synapse/crypto
diff options
context:
space:
mode:
authorErik Johnston <erik@matrix.org>2021-06-08 11:07:46 +0100
committerGitHub <noreply@github.com>2021-06-08 11:07:46 +0100
commitc842c581ed3d33cf0ca1972507508758f7aad1c8 (patch)
tree5f58e9a4bd974b5ff2ced5c3c09b1bb82683dee4 /synapse/crypto
parentHandle /backfill returning no events (#10133) (diff)
downloadsynapse-c842c581ed3d33cf0ca1972507508758f7aad1c8.tar.xz
When joining a remote room limit the number of events we concurrently check signatures/hashes for (#10117)
If we do hundreds of thousands at once the memory overhead can easily reach 500+ MB.
Diffstat (limited to 'synapse/crypto')
-rw-r--r--synapse/crypto/keyring.py46
1 files changed, 12 insertions, 34 deletions
diff --git a/synapse/crypto/keyring.py b/synapse/crypto/keyring.py
index c840ffca71..e5a4685ed4 100644
--- a/synapse/crypto/keyring.py
+++ b/synapse/crypto/keyring.py
@@ -233,41 +233,19 @@ class Keyring:
             for server_name, json_object, validity_time in server_and_json
         ]
 
-    def verify_events_for_server(
-        self, server_and_events: Iterable[Tuple[str, EventBase, int]]
-    ) -> List[defer.Deferred]:
-        """Bulk verification of signatures on events.
-
-        Args:
-            server_and_events:
-                Iterable of `(server_name, event, validity_time)` tuples.
-
-                `server_name` is which server we are verifying the signature for
-                on the event.
-
-                `event` is the event that we'll verify the signatures of for
-                the given `server_name`.
-
-                `validity_time` is a timestamp at which the signing key must be
-                valid.
-
-        Returns:
-            List<Deferred[None]>: for each input triplet, a deferred indicating success
-                or failure to verify each event's signature for the given
-                server_name. The deferreds run their callbacks in the sentinel
-                logcontext.
-        """
-        return [
-            run_in_background(
-                self.process_request,
-                VerifyJsonRequest.from_event(
-                    server_name,
-                    event,
-                    validity_time,
-                ),
+    async def verify_event_for_server(
+        self,
+        server_name: str,
+        event: EventBase,
+        validity_time: int,
+    ) -> None:
+        await self.process_request(
+            VerifyJsonRequest.from_event(
+                server_name,
+                event,
+                validity_time,
             )
-            for server_name, event, validity_time in server_and_events
-        ]
+        )
 
     async def process_request(self, verify_request: VerifyJsonRequest) -> None:
         """Processes the `VerifyJsonRequest`. Raises if the object is not signed