diff options
| author | Richard van der Hoff <1389908+richvdh@users.noreply.github.com> | 2021-10-18 19:28:30 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-10-18 18:28:30 +0100 |
| commit | a5d2ea3d08f780cdb746ea7101824513a9ec9610 (patch) | |
| tree | 0ee52c77d7386117d1e5c83f201f38e624148fd8 /synapse/handlers/event_auth.py | |
| parent | Document Synapse's behaviour when dealing with multiple modules (#11096) (diff) | |
| download | synapse-a5d2ea3d08f780cdb746ea7101824513a9ec9610.tar.xz | |
Check *all* auth events for room id and rejection (#11009)
This fixes a bug where we would accept an event whose `auth_events` include rejected events, if the rejected event was shadowed by another `auth_event` with same `(type, state_key)`. The approach is to pass a list of auth events into `check_auth_rules_for_event` instead of a dict, which of course means updating the call sites. This is an extension of #10956.
Diffstat (limited to 'synapse/handlers/event_auth.py')
| -rw-r--r-- | synapse/handlers/event_auth.py | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/synapse/handlers/event_auth.py b/synapse/handlers/event_auth.py index d089c56286..365063ebdf 100644 --- a/synapse/handlers/event_auth.py +++ b/synapse/handlers/event_auth.py @@ -55,8 +55,7 @@ class EventAuthHandler: """Check an event passes the auth rules at its own auth events""" auth_event_ids = event.auth_event_ids() auth_events_by_id = await self._store.get_events(auth_event_ids) - auth_events = {(e.type, e.state_key): e for e in auth_events_by_id.values()} - check_auth_rules_for_event(room_version_obj, event, auth_events) + check_auth_rules_for_event(room_version_obj, event, auth_events_by_id.values()) def compute_auth_events( self, |