Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Remove usage of deprecated logger.warn method from codebase (#6271) | Andrew Morgan | 2019-10-31 | 1 | -3/+3 |
| | | | Replace every instance of `logger.warn` with `logger.warning` as the former is deprecated. | ||||
* | Improve signature checking on some federation APIs (#6262) | Richard van der Hoff | 2019-10-28 | 1 | -5/+2 |
| | | | | | Make sure that we check that events sent over /send_join, /send_leave, and /invite, are correctly signed and come from the expected servers. | ||||
* | Replace returnValue with return (#5736) | Amber Brown | 2019-07-23 | 1 | -3/+3 |
| | |||||
* | Move logging utilities out of the side drawer of util/ and into logging/ (#5606) | Amber Brown | 2019-07-04 | 1 | -9/+15 |
| | |||||
* | Fix logging error when a tampered event is detected. (#5500) | Richard van der Hoff | 2019-06-21 | 1 | -1/+0 |
| | |||||
* | Run Black. (#5482) | Amber Brown | 2019-06-20 | 1 | -46/+32 |
| | |||||
* | Associate a request_name with each verify request, for logging | Richard van der Hoff | 2019-06-05 | 1 | -0/+2 |
| | | | | | | | Also: * rename VerifyKeyRequest->VerifyJsonRequest * calculate key_ids on VerifyJsonRequest construction * refactor things to pass around VerifyJsonRequests instead of 4-tuples | ||||
* | Add a test room version where we enforce key validity (#5348) | Richard van der Hoff | 2019-06-05 | 1 | -15/+24 |
| | |||||
* | Enforce validity period on server_keys for fed requests. (#5321) | Richard van der Hoff | 2019-06-03 | 1 | -2/+2 |
| | | | | | | | | When handling incoming federation requests, make sure that we have an up-to-date copy of the signing key. We do not yet enforce the validity period for event signatures. | ||||
* | more logging improvements | Richard van der Hoff | 2019-04-25 | 1 | -8/+11 |
| | |||||
* | remove extraneous exception logging | Richard van der Hoff | 2019-04-25 | 1 | -2/+2 |
| | |||||
* | Clarify logging when PDU signature checking fails | Richard van der Hoff | 2019-04-25 | 1 | -0/+19 |
| | |||||
* | Collect room-version variations into one place (#4969) | Richard van der Hoff | 2019-04-01 | 1 | -8/+8 |
| | | | | Collect all the things that make room-versions different to one another into one place, so that it's easier to define new room versions. | ||||
* | No vdh tests! | Erik Johnston | 2019-01-29 | 1 | -2/+1 |
| | |||||
* | Enable room version v3 | Erik Johnston | 2019-01-29 | 1 | -2/+9 |
| | |||||
* | Update comment | Erik Johnston | 2019-01-29 | 1 | -3/+3 |
| | |||||
* | Only check event ID domain for signatures for V1 events | Erik Johnston | 2019-01-29 | 1 | -27/+37 |
| | | | | | In future version events won't have an event ID, so we won't be able to do this check. | ||||
* | Require event format version to parse or create events | Erik Johnston | 2019-01-25 | 1 | -4/+5 |
| | |||||
* | Revert "Require event format version to parse or create events" | Erik Johnston | 2019-01-25 | 1 | -5/+4 |
| | |||||
* | Require event format version to parse or create events | Erik Johnston | 2019-01-23 | 1 | -4/+5 |
| | |||||
* | Add room_version param to get_pdu | Erik Johnston | 2019-01-23 | 1 | -3/+8 |
| | | | | | When we add new event format we'll need to know the event format or room version when parsing events. | ||||
* | Fix handling of redacted events from federation | Erik Johnston | 2018-09-13 | 1 | -1/+1 |
| | | | | | | | | | | If we receive an event that doesn't pass their content hash check (e.g. due to already being redacted) then we hit a bug which causes an exception to be raised, which then promplty stops the event (and request) from being processed. This effects all sorts of federation APIs, including joining rooms with a redacted state event. | ||||
* | clearer logging when things fail, too | Richard van der Hoff | 2018-09-06 | 1 | -7/+27 |
| | |||||
* | Check that signatures on events are valid | Richard van der Hoff | 2018-09-05 | 1 | -16/+110 |
| | | | | | | We should check that both the sender's server, and the server which created the event_id (which may be different from whatever the remote server has told us the origin is), have signed the event. | ||||
* | rename assert_params_in_request to assert_params_in_dict | Krombel | 2018-07-13 | 1 | -2/+2 |
| | | | | | | the method "assert_params_in_request" does handle dicts and not requests. A request body has to be parsed to json before this method can be used | ||||
* | run isort | Amber Brown | 2018-07-09 | 1 | -3/+4 |
| | |||||
* | Apply some limits to depth to counter abuse | Richard van der Hoff | 2018-05-01 | 1 | -3/+18 |
| | | | | | | | * When creating a new event, cap its depth to 2^63 - 1 * When receiving events, reject any without a sensible depth As per https://docs.google.com/document/d/1I3fi2S-XnpO45qrpCsowZv8P8dHcNZ4fsBsbOW7KABI | ||||
* | Move property setting from ReplicationLayer to FederationBase | Erik Johnston | 2018-03-13 | 1 | -0/+6 |
| | |||||
* | Check missing fields in event_from_pdu_json | Richard van der Hoff | 2017-12-30 | 1 | -0/+7 |
| | | | | Return a 400 rather than a 500 when somebody messes up their send_join | ||||
* | Factor out `event_from_pdu_json` | Richard van der Hoff | 2017-12-30 | 1 | -0/+20 |
| | | | | | turns out we have two copies of this, and neither needs to be an instance method | ||||
* | Make the spam checker a module | David Baker | 2017-09-26 | 1 | -3/+2 |
| | |||||
* | Fix logcontexts in _check_sigs_and_hashes | Richard van der Hoff | 2017-09-20 | 1 | -56/+58 |
| | |||||
* | Remove redundant `preserve_fn` | Richard van der Hoff | 2017-09-20 | 1 | -2/+2 |
| | | | | | | preserve_fn is a no-op unless the wrapped function returns a Deferred. verify_json_objects_for_server returns a list, so this is doing nothing. | ||||
* | PoC for filtering spammy events (#2456) | Richard van der Hoff | 2017-09-19 | 1 | -16/+24 |
| | | | Demonstration of how you might add some hooks to filter out spammy events. | ||||
* | Preserve some logcontexts | Erik Johnston | 2016-08-24 | 1 | -3/+4 |
| | |||||
* | Linearize fetching of gaps on incoming events | Erik Johnston | 2016-06-15 | 1 | -0/+3 |
| | | | | | This potentially stops the server from doing multiple requests for the same data. | ||||
* | copyrights | Matthew Hodgson | 2016-01-07 | 1 | -1/+1 |
| | |||||
* | Implement bulk verify_signed_json API | Erik Johnston | 2015-06-26 | 1 | -50/+75 |
| | |||||
* | Rephrase log line | Erik Johnston | 2015-06-02 | 1 | -1/+1 |
| | |||||
* | Don't about JSON when warning about content tampering | Erik Johnston | 2015-06-02 | 1 | -7/+4 |
| | |||||
* | Add a timeout param to get_event | Erik Johnston | 2015-05-19 | 1 | -0/+1 |
| | |||||
* | Unwrap defer.gatherResults failures | Erik Johnston | 2015-05-12 | 1 | -1/+3 |
| | |||||
* | Fix logging | Erik Johnston | 2015-02-12 | 1 | -1/+4 |
| | |||||
* | Parrellize fetching of events | Erik Johnston | 2015-02-12 | 1 | -3/+11 |
| | |||||
* | Correctly handle all the places that can throw exceptions | Erik Johnston | 2015-02-12 | 1 | -10/+14 |
| | |||||
* | New line | Erik Johnston | 2015-02-03 | 1 | -1/+1 |
| | |||||
* | Actually, the old prune_event function was non-deterministic, so no point ↵ | Erik Johnston | 2015-02-03 | 1 | -12/+4 |
| | | | | keeping it around :( | ||||
* | Add new FederationBase | Erik Johnston | 2015-02-03 | 1 | -0/+126 |