diff options
| author | Richard van der Hoff <1389908+richvdh@users.noreply.github.com> | 2021-10-18 19:28:30 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-10-18 18:28:30 +0100 |
| commit | a5d2ea3d08f780cdb746ea7101824513a9ec9610 (patch) | |
| tree | 0ee52c77d7386117d1e5c83f201f38e624148fd8 /synapse/state | |
| parent | Document Synapse's behaviour when dealing with multiple modules (#11096) (diff) | |
| download | synapse-a5d2ea3d08f780cdb746ea7101824513a9ec9610.tar.xz | |
Check *all* auth events for room id and rejection (#11009)
This fixes a bug where we would accept an event whose `auth_events` include rejected events, if the rejected event was shadowed by another `auth_event` with same `(type, state_key)`. The approach is to pass a list of auth events into `check_auth_rules_for_event` instead of a dict, which of course means updating the call sites. This is an extension of #10956.
Diffstat (limited to 'synapse/state')
| -rw-r--r-- | synapse/state/v1.py | 4 | ||||
| -rw-r--r-- | synapse/state/v2.py | 2 |
2 files changed, 3 insertions, 3 deletions
diff --git a/synapse/state/v1.py b/synapse/state/v1.py index ffe6207a3c..6edadea550 100644 --- a/synapse/state/v1.py +++ b/synapse/state/v1.py @@ -332,7 +332,7 @@ def _resolve_auth_events( event_auth.check_auth_rules_for_event( RoomVersions.V1, event, - auth_events, + auth_events.values(), ) prev_event = event except AuthError: @@ -350,7 +350,7 @@ def _resolve_normal_events( event_auth.check_auth_rules_for_event( RoomVersions.V1, event, - auth_events, + auth_events.values(), ) return event except AuthError: diff --git a/synapse/state/v2.py b/synapse/state/v2.py index bd18eefd58..c618df2fde 100644 --- a/synapse/state/v2.py +++ b/synapse/state/v2.py @@ -549,7 +549,7 @@ async def _iterative_auth_checks( event_auth.check_auth_rules_for_event( room_version, event, - auth_events, + auth_events.values(), ) resolved_state[(event.type, event.state_key)] = event_id |