Skip to content
This repository has been archived by the owner on Apr 26, 2024. It is now read-only.

Commit

Permalink
Do not include signatures/hashes in make_{join,leave,knock} responses. (
Browse files Browse the repository at this point in the history 
#10404)

These signatures would end up invalid since the joining/leaving/knocking
server would modify the response before calling send_{join,leave,knock}.
  • Loading branch information
@clokep
clokep authored Jul 16, 2021
1 parent bdfde6d commit d427f64
Show file tree
Hide file tree
Showing 3 changed files with 18 additions and 6 deletions.
1 change: 1 addition & 0 deletions changelog.d/10404.bugfix
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Responses from `/make_{join,leave,knock}` no longer include signatures, which will turn out to be invalid after events are returned to `/send_{join,leave,knock}`.
14 changes: 14 additions & 0 deletions synapse/events/__init__.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -291,6 +291,20 @@ def get_pdu_json(self, time_now=None) -> JsonDict:

return pdu_json

def get_templated_pdu_json(self) -> JsonDict:
"""
Return a JSON object suitable for a templated event, as used in the
make_{join,leave,knock} workflow.
"""
# By using _dict directly we don't pull in signatures/unsigned.
template_json = dict(self._dict)
# The hashes (similar to the signature) need to be recalculated by the
# joining/leaving/knocking server after (potentially) modifying the
# event.
template_json.pop("hashes")

return template_json

def __set__(self, instance, value):
raise AttributeError("Unrecognized attribute %s" % (instance,))

Expand Down
9 changes: 3 additions & 6 deletions synapse/federation/federation_server.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -562,8 +562,7 @@ async def on_make_join_request(
raise IncompatibleRoomVersionError(room_version=room_version)

pdu = await self.handler.on_make_join_request(origin, room_id, user_id)
time_now = self._clock.time_msec()
return {"event": pdu.get_pdu_json(time_now), "room_version": room_version}
return {"event": pdu.get_templated_pdu_json(), "room_version": room_version}

async def on_invite_request(
self, origin: str, content: JsonDict, room_version_id: str
Expand Down Expand Up @@ -611,8 +610,7 @@ async def on_make_leave_request(

room_version = await self.store.get_room_version_id(room_id)

time_now = self._clock.time_msec()
return {"event": pdu.get_pdu_json(time_now), "room_version": room_version}
return {"event": pdu.get_templated_pdu_json(), "room_version": room_version}

async def on_send_leave_request(
self, origin: str, content: JsonDict, room_id: str
Expand Down Expand Up @@ -659,9 +657,8 @@ async def on_make_knock_request(
)

pdu = await self.handler.on_make_knock_request(origin, room_id, user_id)
time_now = self._clock.time_msec()
return {
"event": pdu.get_pdu_json(time_now),
"event": pdu.get_templated_pdu_json(),
"room_version": room_version.identifier,
}

Expand Down

0 comments on commit d427f64

Please sign in to comment.