diff options
| author | Richard van der Hoff <richard@matrix.org> | 2019-10-28 12:59:13 +0000 |
|---|---|---|
| committer | Richard van der Hoff <richard@matrix.org> | 2019-10-28 12:59:13 +0000 |
| commit | bcfc647e4de1962db12c85914d1a7eeb261b9f34 (patch) | |
| tree | e59641780b61393ae93b1a208c2d264f8b699ef8 /synapse/federation | |
| parent | Convert EventContext to attrs (#6218) (diff) | |
| parent | 1.5.0rc2 (diff) | |
| download | synapse-bcfc647e4de1962db12c85914d1a7eeb261b9f34.tar.xz | |
Merge tag 'v1.5.0rc2' into develop
Synapse 1.5.0rc2 (2019-10-28) ============================= Bugfixes -------- - Update list of boolean columns in `synapse_port_db`. ([\#6247](https://github.com/matrix-org/synapse/issues/6247)) - Fix /keys/query API on workers. ([\#6256](https://github.com/matrix-org/synapse/issues/6256)) - Improve signature checking on some federation APIs. ([\#6262](https://github.com/matrix-org/synapse/issues/6262)) Internal Changes ---------------- - Move schema delta files to the correct data store. ([\#6248](https://github.com/matrix-org/synapse/issues/6248)) - Small performance improvement by removing repeated config lookups in room stats calculation. ([\#6255](https://github.com/matrix-org/synapse/issues/6255))
Diffstat (limited to 'synapse/federation')
| -rw-r--r-- | synapse/federation/federation_base.py | 7 | ||||
| -rw-r--r-- | synapse/federation/federation_server.py | 7 |
2 files changed, 9 insertions, 5 deletions
diff --git a/synapse/federation/federation_base.py b/synapse/federation/federation_base.py index 5a1e23a145..223aace0d9 100644 --- a/synapse/federation/federation_base.py +++ b/synapse/federation/federation_base.py @@ -278,9 +278,7 @@ def _check_sigs_on_pdus(keyring, room_version, pdus): pdu_to_check.sender_domain, e.getErrorMessage(), ) - # XX not really sure if these are the right codes, but they are what - # we've done for ages - raise SynapseError(400, errmsg, Codes.UNAUTHORIZED) + raise SynapseError(403, errmsg, Codes.FORBIDDEN) for p, d in zip(pdus_to_check_sender, more_deferreds): d.addErrback(sender_err, p) @@ -314,8 +312,7 @@ def _check_sigs_on_pdus(keyring, room_version, pdus): "event id %s: unable to verify signature for event id domain: %s" % (pdu_to_check.pdu.event_id, e.getErrorMessage()) ) - # XX as above: not really sure if these are the right codes - raise SynapseError(400, errmsg, Codes.UNAUTHORIZED) + raise SynapseError(403, errmsg, Codes.FORBIDDEN) for p, d in zip(pdus_to_check_event_id, more_deferreds): d.addErrback(event_err, p) diff --git a/synapse/federation/federation_server.py b/synapse/federation/federation_server.py index 21e52c9695..5fc7c1d67b 100644 --- a/synapse/federation/federation_server.py +++ b/synapse/federation/federation_server.py @@ -370,6 +370,7 @@ class FederationServer(FederationBase): pdu = event_from_pdu_json(content, format_ver) origin_host, _ = parse_server_name(origin) yield self.check_server_matches_acl(origin_host, pdu.room_id) + pdu = yield self._check_sigs_and_hash(room_version, pdu) ret_pdu = yield self.handler.on_invite_request(origin, pdu) time_now = self._clock.time_msec() return {"event": ret_pdu.get_pdu_json(time_now)} @@ -386,6 +387,9 @@ class FederationServer(FederationBase): yield self.check_server_matches_acl(origin_host, pdu.room_id) logger.debug("on_send_join_request: pdu sigs: %s", pdu.signatures) + + pdu = yield self._check_sigs_and_hash(room_version, pdu) + res_pdus = yield self.handler.on_send_join_request(origin, pdu) time_now = self._clock.time_msec() return ( @@ -421,6 +425,9 @@ class FederationServer(FederationBase): yield self.check_server_matches_acl(origin_host, pdu.room_id) logger.debug("on_send_leave_request: pdu sigs: %s", pdu.signatures) + + pdu = yield self._check_sigs_and_hash(room_version, pdu) + yield self.handler.on_send_leave_request(origin, pdu) return 200, {} |