diff --git a/synapse/crypto/keyring.py b/synapse/crypto/keyring.py
index ed2e994437..b6d1b4cf0b 100644
--- a/synapse/crypto/keyring.py
+++ b/synapse/crypto/keyring.py
@@ -120,11 +120,9 @@ class Keyring(object):
key_ids = signature_ids(json_object, server_name)
if not key_ids:
- logger.warn("Request from %s: no supported signature keys",
- server_name)
deferred = defer.fail(SynapseError(
400,
- "Not signed with a supported algorithm",
+ "Not signed by %s" % (server_name, ),
Codes.UNAUTHORIZED,
))
else:
diff --git a/synapse/federation/federation_base.py b/synapse/federation/federation_base.py
index dfe6b4aa5c..1d641337da 100644
--- a/synapse/federation/federation_base.py
+++ b/synapse/federation/federation_base.py
@@ -269,7 +269,17 @@ def _check_sigs_on_pdus(keyring, room_version, pdus):
for p in pdus_to_check_sender
])
+ def sender_err(e, pdu_to_check):
+ logger.warning(
+ "event id %s: unable to verify signature for sender %s: %s",
+ pdu_to_check.pdu.event_id,
+ pdu_to_check.sender_domain,
+ e,
+ )
+ return e
+
for p, d in zip(pdus_to_check_sender, more_deferreds):
+ d.addErrback(sender_err, p)
p.deferreds.append(d)
# now let's look for events where the sender's domain is different to the
@@ -291,7 +301,16 @@ def _check_sigs_on_pdus(keyring, room_version, pdus):
for p in pdus_to_check_event_id
])
+ def event_err(e, pdu_to_check):
+ logger.warning(
+ "event id %s: unable to verify signature for event id domain: %s",
+ pdu_to_check.pdu.event_id,
+ e,
+ )
+ return e
+
for p, d in zip(pdus_to_check_event_id, more_deferreds):
+ d.addErrback(event_err, p)
p.deferreds.append(d)
# replace lists of deferreds with single Deferreds
|
