diff options
| author | Shay <hillerys@element.io> | 2022-07-20 11:17:26 -0700 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-07-20 11:17:26 -0700 |
| commit | a1b62af2afc4a5439b7276a02f9fd981fbfd06a4 (patch) | |
| tree | cb8c9181d954c4757e27f277348c83ce0d942439 /synapse | |
| parent | Merge remote-tracking branch 'origin/master' into develop (diff) | |
| download | synapse-a1b62af2afc4a5439b7276a02f9fd981fbfd06a4.tar.xz | |
Validate federation destinations and log an error if server name is invalid. (#13318)
Diffstat (limited to 'synapse')
| -rw-r--r-- | synapse/http/matrixfederationclient.py | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/synapse/http/matrixfederationclient.py b/synapse/http/matrixfederationclient.py index c63d068f74..3c35b1d2c7 100644 --- a/synapse/http/matrixfederationclient.py +++ b/synapse/http/matrixfederationclient.py @@ -79,6 +79,7 @@ from synapse.types import JsonDict from synapse.util import json_decoder from synapse.util.async_helpers import AwakenableSleeper, timeout_deferred from synapse.util.metrics import Measure +from synapse.util.stringutils import parse_and_validate_server_name if TYPE_CHECKING: from synapse.server import HomeServer @@ -479,6 +480,14 @@ class MatrixFederationHttpClient: RequestSendFailed: If there were problems connecting to the remote, due to e.g. DNS failures, connection timeouts etc. """ + # Validate server name and log if it is an invalid destination, this is + # partially to help track down code paths where we haven't validated before here + try: + parse_and_validate_server_name(request.destination) + except ValueError: + logger.exception(f"Invalid destination: {request.destination}.") + raise FederationDeniedError(request.destination) + if timeout: _sec_timeout = timeout / 1000 else: |