diff options
author | Brendan Abolivier <contact@brendanabolivier.com> | 2019-04-04 17:25:47 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-04-04 17:25:47 +0100 |
commit | 8e85493b0cdae25dd07c94c010dbf11bca947c2d (patch) | |
tree | b29f75868cf26a0de6005f28d700d82e738cfacc /synapse | |
parent | Clean up the database pagination code (#5007) (diff) | |
download | synapse-8e85493b0cdae25dd07c94c010dbf11bca947c2d.tar.xz |
Add config option to block users from looking up 3PIDs (#5010)
Diffstat (limited to 'synapse')
-rw-r--r-- | synapse/config/registration.py | 5 | ||||
-rw-r--r-- | synapse/handlers/room_member.py | 5 |
2 files changed, 10 insertions, 0 deletions
diff --git a/synapse/config/registration.py b/synapse/config/registration.py index f6b2b9ceee..fcfda341e9 100644 --- a/synapse/config/registration.py +++ b/synapse/config/registration.py @@ -33,6 +33,7 @@ class RegistrationConfig(Config): self.registrations_require_3pid = config.get("registrations_require_3pid", []) self.allowed_local_3pids = config.get("allowed_local_3pids", []) + self.enable_3pid_lookup = config.get("enable_3pid_lookup", True) self.registration_shared_secret = config.get("registration_shared_secret") self.bcrypt_rounds = config.get("bcrypt_rounds", 12) @@ -97,6 +98,10 @@ class RegistrationConfig(Config): # - medium: msisdn # pattern: '\\+44' + # Enable 3PIDs lookup requests to identity servers from this server. + # + #enable_3pid_lookup: true + # If set, allows registration of standard or admin accounts by anyone who # has the shared secret, even if registration is otherwise disabled. # diff --git a/synapse/handlers/room_member.py b/synapse/handlers/room_member.py index e432740832..024d6db27a 100644 --- a/synapse/handlers/room_member.py +++ b/synapse/handlers/room_member.py @@ -70,6 +70,7 @@ class RoomMemberHandler(object): self.clock = hs.get_clock() self.spam_checker = hs.get_spam_checker() self._server_notices_mxid = self.config.server_notices_mxid + self._enable_lookup = hs.config.enable_3pid_lookup @abc.abstractmethod def _remote_join(self, requester, remote_room_hosts, room_id, user, content): @@ -738,6 +739,10 @@ class RoomMemberHandler(object): Returns: str: the matrix ID of the 3pid, or None if it is not recognized. """ + if not self._enable_lookup: + raise SynapseError( + 403, "Looking up third-party identifiers is denied from this server", + ) try: data = yield self.simple_http_client.get_json( "%s%s/_matrix/identity/api/v1/lookup" % (id_server_scheme, id_server,), |