diff options
| -rw-r--r-- | changelog.d/10956.bugfix | 1 | ||||
| -rw-r--r-- | synapse/event_auth.py | 6 |
2 files changed, 7 insertions, 0 deletions
diff --git a/changelog.d/10956.bugfix b/changelog.d/10956.bugfix new file mode 100644 index 0000000000..13b8e5983b --- /dev/null +++ b/changelog.d/10956.bugfix @@ -0,0 +1 @@ +Fix a long-standing bug which meant that events received over federation were sometimes incorrectly accepted into the room state. diff --git a/synapse/event_auth.py b/synapse/event_auth.py index 7a1adc2750..ca0293a3dc 100644 --- a/synapse/event_auth.py +++ b/synapse/event_auth.py @@ -155,6 +155,12 @@ def check_auth_rules_for_event( "which is in room %s" % (event.event_id, room_id, auth_event.event_id, auth_event.room_id), ) + if auth_event.rejected_reason: + raise AuthError( + 403, + "During auth for event %s: found rejected event %s in the state" + % (event.event_id, auth_event.event_id), + ) # Implementation of https://matrix.org/docs/spec/rooms/v1#authorization-rules # |