Ignore EDUs for rooms we're not in (#10317)

author: Dagfinn Ilmari Mannsåker <ilmari@ilmari.org> 2021-07-06 14:31:13 +0100
committer: GitHub <noreply@github.com> 2021-07-06 14:31:13 +0100
commit: 47e28b4031c7c5e2c87824c2b4873492b996d02e (patch)
tree: e39ddf668b7350b416f77bd54cea271704d8c29b /synapse
parent: Fix deactivate a user if he does not have a profile (#10252) (diff)
download: synapse-47e28b4031c7c5e2c87824c2b4873492b996d02e.tar.xz
2 files changed, 29 insertions, 0 deletions
diff --git a/synapse/handlers/receipts.py b/synapse/handlers/receipts.py
index f782d9db32..0059ad0f56 100644
--- a/synapse/handlers/receipts.py
+++ b/synapse/handlers/receipts.py
@@ -30,6 +30,8 @@ class ReceiptsHandler(BaseHandler):
 
         self.server_name = hs.config.server_name
         self.store = hs.get_datastore()
+        self.event_auth_handler = hs.get_event_auth_handler()
+
         self.hs = hs
 
         # We only need to poke the federation sender explicitly if its on the
@@ -59,6 +61,19 @@ class ReceiptsHandler(BaseHandler):
         """Called when we receive an EDU of type m.receipt from a remote HS."""
         receipts = []
         for room_id, room_values in content.items():
+            # If we're not in the room just ditch the event entirely. This is
+            # probably an old server that has come back and thinks we're still in
+            # the room (or we've been rejoined to the room by a state reset).
+            is_in_room = await self.event_auth_handler.check_host_in_room(
+                room_id, self.server_name
+            )
+            if not is_in_room:
+                logger.info(
+                    "Ignoring receipt from %s as we're not in the room",
+                    origin,
+                )
+                continue
+
             for receipt_type, users in room_values.items():
                 for user_id, user_values in users.items():
                     if get_domain_from_id(user_id) != origin:
diff --git a/synapse/handlers/typing.py b/synapse/handlers/typing.py
index e22393adc4..c0a8364755 100644
--- a/synapse/handlers/typing.py
+++ b/synapse/handlers/typing.py
@@ -208,6 +208,7 @@ class TypingWriterHandler(FollowerTypingHandler):
 
         self.auth = hs.get_auth()
         self.notifier = hs.get_notifier()
+        self.event_auth_handler = hs.get_event_auth_handler()
 
         self.hs = hs
 
@@ -326,6 +327,19 @@ class TypingWriterHandler(FollowerTypingHandler):
         room_id = content["room_id"]
         user_id = content["user_id"]
 
+        # If we're not in the room just ditch the event entirely. This is
+        # probably an old server that has come back and thinks we're still in
+        # the room (or we've been rejoined to the room by a state reset).
+        is_in_room = await self.event_auth_handler.check_host_in_room(
+            room_id, self.server_name
+        )
+        if not is_in_room:
+            logger.info(
+                "Ignoring typing update from %s as we're not in the room",
+                origin,
+            )
+            return
+
         member = RoomMember(user_id=user_id, room_id=room_id)
 
         # Check that the string is a valid user id
author	Dagfinn Ilmari Mannsåker <ilmari@ilmari.org>	2021-07-06 14:31:13 +0100
committer	GitHub <noreply@github.com>	2021-07-06 14:31:13 +0100
commit	47e28b4031c7c5e2c87824c2b4873492b996d02e (patch)
tree	e39ddf668b7350b416f77bd54cea271704d8c29b /synapse
parent	Fix deactivate a user if he does not have a profile (#10252) (diff)
download	synapse-47e28b4031c7c5e2c87824c2b4873492b996d02e.tar.xz