diff options
| author | Richard van der Hoff <1389908+richvdh@users.noreply.github.com> | 2020-01-06 12:33:56 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-01-06 12:33:56 +0000 |
| commit | 4b36b482e0cc1a63db27534c4ea5d9608cdb6a79 (patch) | |
| tree | df0dc32ac3f7b2c2d2c4f59836bd3c7d7af71586 /synapse | |
| parent | Workaround for error when fetching notary's own key (#6620) (diff) | |
| download | synapse-4b36b482e0cc1a63db27534c4ea5d9608cdb6a79.tar.xz | |
Fix exception when fetching notary server's old keys (#6625)
Lift the restriction that *all* the keys used for signing v2 key responses be present in verify_keys. Fixes #6596.
Diffstat (limited to 'synapse')
| -rw-r--r-- | synapse/crypto/keyring.py | 13 |
1 files changed, 7 insertions, 6 deletions
diff --git a/synapse/crypto/keyring.py b/synapse/crypto/keyring.py index 7cfad192e8..6fe5a6a26a 100644 --- a/synapse/crypto/keyring.py +++ b/synapse/crypto/keyring.py @@ -511,17 +511,18 @@ class BaseV2KeyFetcher(object): server_name = response_json["server_name"] verified = False for key_id in response_json["signatures"].get(server_name, {}): - # each of the keys used for the signature must be present in the response - # json. key = verify_keys.get(key_id) if not key: - raise KeyLookupError( - "Key response is signed by key id %s:%s but that key is not " - "present in the response" % (server_name, key_id) - ) + # the key may not be present in verify_keys if: + # * we got the key from the notary server, and: + # * the key belongs to the notary server, and: + # * the notary server is using a different key to sign notary + # responses. + continue verify_signed_json(response_json, server_name, key.verify_key) verified = True + break if not verified: raise KeyLookupError( |