summary refs log tree commit diff
path: root/synapse
diff options
context:
space:
mode:
authorPatrick Cloke <clokep@users.noreply.github.com>2021-09-28 08:44:19 -0400
committerGitHub <noreply@github.com>2021-09-28 08:44:19 -0400
commitc3ccad7785cd71372673136f329d5fa098ab9f04 (patch)
tree64fd0b11295621940cfcac286a9b30b64d16f2da /synapse
parentFix debian package builds. (#10931) (diff)
downloadsynapse-c3ccad7785cd71372673136f329d5fa098ab9f04.tar.xz
Only do restricted join rules signature checks for room versions 8/9. (#10927)
Otherwise the presence of a (bogus, unused) field could cause
auth checks to fail.
Diffstat (limited to 'synapse')
-rw-r--r--synapse/event_auth.py3
1 files changed, 2 insertions, 1 deletions
diff --git a/synapse/event_auth.py b/synapse/event_auth.py
index fc50a0e71a..5d7c6fa858 100644
--- a/synapse/event_auth.py
+++ b/synapse/event_auth.py
@@ -113,7 +113,8 @@ def check(
                 raise AuthError(403, "Event not signed by sending server")
 
         is_invite_via_allow_rule = (
-            event.type == EventTypes.Member
+            room_version_obj.msc3083_join_rules
+            and event.type == EventTypes.Member
             and event.membership == Membership.JOIN
             and "join_authorised_via_users_server" in event.content
         )