diff options
| author | Erik Johnston <erik@matrix.org> | 2016-09-22 11:59:46 +0100 |
|---|---|---|
| committer | Erik Johnston <erik@matrix.org> | 2016-09-22 11:59:46 +0100 |
| commit | 2e9ee3096907573773d3f0e4ff22dd014b8253c8 (patch) | |
| tree | 897660da8a4440b4a667e3e202a96829f85df546 /synapse | |
| parent | Shuffle things around to make unit tests work (diff) | |
| download | synapse-2e9ee3096907573773d3f0e4ff22dd014b8253c8.tar.xz | |
Add comments
Diffstat (limited to 'synapse')
| -rw-r--r-- | synapse/api/auth.py | 3 | ||||
| -rw-r--r-- | synapse/handlers/federation.py | 3 |
2 files changed, 6 insertions, 0 deletions
diff --git a/synapse/api/auth.py b/synapse/api/auth.py index 377bfcc482..5bd250992a 100644 --- a/synapse/api/auth.py +++ b/synapse/api/auth.py @@ -103,6 +103,9 @@ class Auth(object): # Check the sender's domain has signed the event if not event.signatures.get(sender_domain): + # We allow invites via 3pid to have a sender from a differnt + # HS, as the sender must match the sender of the original + # 3pid invite. This is checked further down. if not is_invite_via_3pid: raise AuthError(403, "Event not signed by sender's server") diff --git a/synapse/handlers/federation.py b/synapse/handlers/federation.py index a393263e1e..2d801bad47 100644 --- a/synapse/handlers/federation.py +++ b/synapse/handlers/federation.py @@ -1930,6 +1930,9 @@ class FederationHandler(BaseHandler): "Could not find invite event for third_party_invite: %r", event_dict ) + # We don't discard here as this is not the appropriate place to do + # auth checks. If we need the invite and don't have it then the + # auth check code will explode appropriately. builder = self.event_builder_factory.new(event_dict) EventValidator().validate_new(builder) |