diff options
-rw-r--r-- | changelog.d/3732.bugfix | 1 | ||||
-rw-r--r-- | synapse/rest/consent/consent_resource.py | 15 |
2 files changed, 13 insertions, 3 deletions
diff --git a/changelog.d/3732.bugfix b/changelog.d/3732.bugfix new file mode 100644 index 0000000000..638b6334b0 --- /dev/null +++ b/changelog.d/3732.bugfix @@ -0,0 +1 @@ +Fix bug introduced in v0.33.3rc1 which made the ToS give a 500 error \ No newline at end of file diff --git a/synapse/rest/consent/consent_resource.py b/synapse/rest/consent/consent_resource.py index 147ff7d79b..7362e1858d 100644 --- a/synapse/rest/consent/consent_resource.py +++ b/synapse/rest/consent/consent_resource.py @@ -140,7 +140,7 @@ class ConsentResource(Resource): version = parse_string(request, "v", default=self._default_consent_version) username = parse_string(request, "u", required=True) - userhmac = parse_string(request, "h", required=True) + userhmac = parse_string(request, "h", required=True, encoding=None) self._check_hash(username, userhmac) @@ -175,7 +175,7 @@ class ConsentResource(Resource): """ version = parse_string(request, "v", required=True) username = parse_string(request, "u", required=True) - userhmac = parse_string(request, "h", required=True) + userhmac = parse_string(request, "h", required=True, encoding=None) self._check_hash(username, userhmac) @@ -210,9 +210,18 @@ class ConsentResource(Resource): finish_request(request) def _check_hash(self, userid, userhmac): + """ + Args: + userid (unicode): + userhmac (bytes): + + Raises: + SynapseError if the hash doesn't match + + """ want_mac = hmac.new( key=self._hmac_secret, - msg=userid, + msg=userid.encode('utf-8'), digestmod=sha256, ).hexdigest() |