diff options
| author | Hubert Chathi <hubertc@matrix.org> | 2022-05-18 06:19:30 -0400 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-05-18 11:19:30 +0100 |
| commit | 8afb7b55d0527f8c6af7690b162ebaabe9b5d9f5 (patch) | |
| tree | e2c360534b4a76cea7c928c3177d458a6cb261ca /synapse | |
| parent | Move methods that call add_push_rule to PushRuleStore (#12772) (diff) | |
| download | synapse-8afb7b55d0527f8c6af7690b162ebaabe9b5d9f5.tar.xz | |
Make handling of federation Authorization header (more) compliant with RFC7230 (#12774)
The main differences are: - values with delimiters (such as colons) should be quoted, so always quote the origin, since it could contain a colon followed by a port number - should allow more than one space after "X-Matrix" - quoted values with backslash-escaped characters should be unescaped - names should be case insensitive
Diffstat (limited to 'synapse')
| -rw-r--r-- | synapse/federation/transport/server/_base.py | 8 | ||||
| -rw-r--r-- | synapse/http/matrixfederationclient.py | 2 |
2 files changed, 6 insertions, 4 deletions
diff --git a/synapse/federation/transport/server/_base.py b/synapse/federation/transport/server/_base.py index 103861644a..84100a5a52 100644 --- a/synapse/federation/transport/server/_base.py +++ b/synapse/federation/transport/server/_base.py @@ -169,14 +169,16 @@ def _parse_auth_header(header_bytes: bytes) -> Tuple[str, str, str, Optional[str """ try: header_str = header_bytes.decode("utf-8") - params = header_str.split(" ")[1].split(",") + params = re.split(" +", header_str)[1].split(",") param_dict: Dict[str, str] = { - k: v for k, v in [param.split("=", maxsplit=1) for param in params] + k.lower(): v for k, v in [param.split("=", maxsplit=1) for param in params] } def strip_quotes(value: str) -> str: if value.startswith('"'): - return value[1:-1] + return re.sub( + "\\\\(.)", lambda matchobj: matchobj.group(1), value[1:-1] + ) else: return value diff --git a/synapse/http/matrixfederationclient.py b/synapse/http/matrixfederationclient.py index 725b5c33b8..0b9475debd 100644 --- a/synapse/http/matrixfederationclient.py +++ b/synapse/http/matrixfederationclient.py @@ -747,7 +747,7 @@ class MatrixFederationHttpClient: for key, sig in request["signatures"][self.server_name].items(): auth_headers.append( ( - 'X-Matrix origin=%s,key="%s",sig="%s",destination="%s"' + 'X-Matrix origin="%s",key="%s",sig="%s",destination="%s"' % ( self.server_name, key, |