summary refs log tree commit diff
path: root/synapse/federation
diff options
context:
space:
mode:
authorMatthew <matthew@matrix.org>2017-01-07 02:13:06 +0000
committerMatthew <matthew@matrix.org>2017-01-07 02:13:14 +0000
commite10c52793079185b5b6171bbd5e1ee624367ad90 (patch)
tree4b92e7ebfaeeed1aaf305c21d6add5ae2a41f826 /synapse/federation
parentoops, this should have been rc1 (diff)
downloadsynapse-e10c52793079185b5b6171bbd5e1ee624367ad90.tar.xz
Discard PDUs from invalid origins due to #1753 in 0.18.[56] v0.18.7-rc1
Diffstat (limited to 'synapse/federation')
-rw-r--r--synapse/federation/federation_server.py24
1 files changed, 23 insertions, 1 deletions
diff --git a/synapse/federation/federation_server.py b/synapse/federation/federation_server.py
index 800f04189f..5f6e6cbb42 100644
--- a/synapse/federation/federation_server.py
+++ b/synapse/federation/federation_server.py
@@ -23,6 +23,7 @@ from synapse.util.async import Linearizer
 from synapse.util.logutils import log_function
 from synapse.util.caches.response_cache import ResponseCache
 from synapse.events import FrozenEvent
+from synapse.types import get_domain_from_id
 import synapse.metrics
 
 from synapse.api.errors import AuthError, FederationError, SynapseError
@@ -132,7 +133,7 @@ class FederationServer(FederationBase):
 
         if response:
             logger.debug(
-                "[%s] We've already responed to this request",
+                "[%s] We've already responded to this request",
                 transaction.transaction_id
             )
             defer.returnValue(response)
@@ -475,6 +476,27 @@ class FederationServer(FederationBase):
     @defer.inlineCallbacks
     @log_function
     def _handle_new_pdu(self, origin, pdu, get_missing=True):
+
+        # check that it's actually being sent from a valid destination to
+        # workaround bug #1753 in 0.18.5 and 0.18.6
+        if origin != get_domain_from_id(pdu.event_id):
+            if not (
+                pdu.type == 'm.room.member' and
+                pdu.content and
+                pdu.content.get("membership", None) == 'join' and
+                self.hs.is_mine_id(pdu.state_key)
+            ):
+                logger.info(
+                    "Discarding PDU %s from invalid origin %s",
+                    pdu.event_id, origin
+                )
+                return
+            else:
+                logger.info(
+                    "Accepting join PDU %s from %s",
+                    pdu.event_id, origin
+                )
+
         # We reprocess pdus when we have seen them only as outliers
         existing = yield self._get_persisted_pdu(
             origin, pdu.event_id, do_auth=False