summary refs log tree commit diff
path: root/synapse/handlers
diff options
context:
space:
mode:
authorRichard van der Hoff <1389908+richvdh@users.noreply.github.com>2020-07-16 15:17:31 +0100
committerGitHub <noreply@github.com>2020-07-16 15:17:31 +0100
commit346476df211a36d008d23990fc53fffc34a1a0d9 (patch)
tree347d42184f7b04ee2a120910adec38dddbdcc9ca /synapse/handlers
parentAllow moving typing off master (#7869) (diff)
downloadsynapse-346476df211a36d008d23990fc53fffc34a1a0d9.tar.xz
Reject attempts to join empty rooms over federation (#7859)
We shouldn't allow others to make_join through us if we've left the room;
reject such attempts with a 404.

Fixes #7835. Fixes #6958.
Diffstat (limited to 'synapse/handlers')
-rw-r--r--synapse/handlers/federation.py15
1 files changed, 13 insertions, 2 deletions
diff --git a/synapse/handlers/federation.py b/synapse/handlers/federation.py

index e43bccd721..df885e45e8 100644
--- a/synapse/handlers/federation.py
+++ b/synapse/handlers/federation.py
@@ -44,6 +44,7 @@ from synapse.api.errors import (
     FederationDeniedError,
     FederationError,
     HttpResponseException,
+    NotFoundError,
     RequestSendFailed,
     SynapseError,
 )
@@ -1439,10 +1440,20 @@ class FederationHandler(BaseHandler):
             )
             raise SynapseError(403, "User not from origin", Codes.FORBIDDEN)
 
-        event_content = {"membership": Membership.JOIN}
-
+        # checking the room version will check that we've actually heard of the room
+        # (and return a 404 otherwise)
         room_version = await self.store.get_room_version_id(room_id)
 
+        # now check that we are *still* in the room
+        is_in_room = await self.auth.check_host_in_room(room_id, self.server_name)
+        if not is_in_room:
+            logger.info(
+                "Got /make_join request for room %s we are no longer in", room_id,
+            )
+            raise NotFoundError("Not an active room on this server")
+
+        event_content = {"membership": Membership.JOIN}
+
         builder = self.event_builder_factory.new(
             room_version,
             {
generated by cgit-magenta 1.5.1 (git 2.48.1) at 2025-03-12 23:33:33 +0000