diff options
author | Patrick Cloke <clokep@users.noreply.github.com> | 2021-09-28 08:44:19 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-09-28 08:44:19 -0400 |
commit | c3ccad7785cd71372673136f329d5fa098ab9f04 (patch) | |
tree | 64fd0b11295621940cfcac286a9b30b64d16f2da /synapse/event_auth.py | |
parent | Fix debian package builds. (#10931) (diff) | |
download | synapse-c3ccad7785cd71372673136f329d5fa098ab9f04.tar.xz |
Only do restricted join rules signature checks for room versions 8/9. (#10927)
Otherwise the presence of a (bogus, unused) field could cause auth checks to fail.
Diffstat (limited to '')
-rw-r--r-- | synapse/event_auth.py | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/synapse/event_auth.py b/synapse/event_auth.py index fc50a0e71a..5d7c6fa858 100644 --- a/synapse/event_auth.py +++ b/synapse/event_auth.py @@ -113,7 +113,8 @@ def check( raise AuthError(403, "Event not signed by sending server") is_invite_via_allow_rule = ( - event.type == EventTypes.Member + room_version_obj.msc3083_join_rules + and event.type == EventTypes.Member and event.membership == Membership.JOIN and "join_authorised_via_users_server" in event.content ) |