diff options
| author | Erik Johnston <erik@matrix.org> | 2017-07-11 14:31:36 +0100 |
|---|---|---|
| committer | Erik Johnston <erik@matrix.org> | 2017-07-11 14:31:36 +0100 |
| commit | bbb739d24a448c500dbc56c9cedf262d42c7f2f4 (patch) | |
| tree | 04ded47ce1508b52f41485ed857c15e9d809c996 /synapse/groups | |
| parent | Typo (diff) | |
| download | synapse-bbb739d24a448c500dbc56c9cedf262d42c7f2f4.tar.xz | |
Comment
Diffstat (limited to 'synapse/groups')
| -rw-r--r-- | synapse/groups/attestations.py | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/synapse/groups/attestations.py b/synapse/groups/attestations.py index 9ac09366d3..5ef7a12cb7 100644 --- a/synapse/groups/attestations.py +++ b/synapse/groups/attestations.py @@ -22,8 +22,10 @@ from synapse.util.logcontext import preserve_fn from signedjson.sign import sign_json +# Default validity duration for new attestations we create DEFAULT_ATTESTATION_LENGTH_MS = 3 * 24 * 60 * 60 * 1000 -MIN_ATTESTATION_LENGTH_MS = 1 * 60 * 60 * 1000 + +# Start trying to update our attestations when they come this close to expiring UPDATE_ATTESTATION_TIME_MS = 1 * 24 * 60 * 60 * 1000 @@ -58,11 +60,12 @@ class GroupAttestationSigning(object): if group_id != attestation["group_id"]: raise SynapseError(400, "Attestation has incorrect group_id") - - # TODO: valid_until_ms = attestation["valid_until_ms"] - if valid_until_ms - self.clock.time_msec() < MIN_ATTESTATION_LENGTH_MS: - raise SynapseError(400, "Attestation not valid for long enough") + + # TODO: We also want to check that *new* attestations that people give + # us to store are valid for at least a little while. + if valid_until_ms < self.clock.time_msec(): + raise SynapseError(400, "Attestation expired") yield self.keyring.verify_json_for_server(server_name, attestation) |