diff options
author | Shay <shaysquared@gmail.com> | 2021-10-28 10:27:17 -0700 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-10-28 10:27:17 -0700 |
commit | e002faee01615c1976437af28f66544c5f2eed84 (patch) | |
tree | d5517e76ad3a030d8e2011aa1b8a144cb8a246e6 /tests/crypto | |
parent | Add a ModuleApi method to update a user's membership in a room (#11147) (diff) | |
download | synapse-e002faee01615c1976437af28f66544c5f2eed84.tar.xz |
Fetch verify key locally rather than trying to do so over federation if origin and host are the same. (#11129)
* add tests for fetching key locally * add logic to check if origin server is same as host and fetch verify key locally rather than over federation * add changelog * slight refactor, add docstring, change changelog entry * Make changelog entry one line * remove verify_json_locally and push locality check to process_request, add function process_request_locally * remove leftover code reference * refactor to add common call to 'verify_json and associated handling code * add type hint to process_json * add some docstrings + very slight refactor
Diffstat (limited to 'tests/crypto')
-rw-r--r-- | tests/crypto/test_keyring.py | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/tests/crypto/test_keyring.py b/tests/crypto/test_keyring.py index 745c295d3b..cbecc1c20f 100644 --- a/tests/crypto/test_keyring.py +++ b/tests/crypto/test_keyring.py @@ -197,6 +197,18 @@ class KeyringTestCase(unittest.HomeserverTestCase): # self.assertFalse(d.called) self.get_success(d) + def test_verify_for_server_locally(self): + """Ensure that locally signed JSON can be verified without fetching keys + over federation + """ + kr = keyring.Keyring(self.hs) + json1 = {} + signedjson.sign.sign_json(json1, self.hs.hostname, self.hs.signing_key) + + # Test that verify_json_for_server succeeds on a object signed by ourselves + d = kr.verify_json_for_server(self.hs.hostname, json1, 0) + self.get_success(d) + def test_verify_json_for_server_with_null_valid_until_ms(self): """Tests that we correctly handle key requests for keys we've stored with a null `ts_valid_until_ms` |