Improve signature checking on some federation APIs (#6262)
Make sure that we check that events sent over /send_join, /send_leave, and /invite, are correctly signed and come from the expected servers.
This commit is contained in:
Richard van der Hoff
GitHub
parent
87259b3a3a
commit
172f264ed3
|
|
@ -0,0 +1 @@
|
||||||
|
Improve signature checking on some federation APIs.
|
||||||
|
|
@ -278,9 +278,7 @@ def _check_sigs_on_pdus(keyring, room_version, pdus):
|
||||||
pdu_to_check.sender_domain,
|
pdu_to_check.sender_domain,
|
||||||
e.getErrorMessage(),
|
e.getErrorMessage(),
|
||||||
)
|
)
|
||||||
# XX not really sure if these are the right codes, but they are what
|
raise SynapseError(403, errmsg, Codes.FORBIDDEN)
|
||||||
# we've done for ages
|
|
||||||
raise SynapseError(400, errmsg, Codes.UNAUTHORIZED)
|
|
||||||
|
|
||||||
for p, d in zip(pdus_to_check_sender, more_deferreds):
|
for p, d in zip(pdus_to_check_sender, more_deferreds):
|
||||||
d.addErrback(sender_err, p)
|
d.addErrback(sender_err, p)
|
||||||
|
|
@ -314,8 +312,7 @@ def _check_sigs_on_pdus(keyring, room_version, pdus):
|
||||||
"event id %s: unable to verify signature for event id domain: %s"
|
"event id %s: unable to verify signature for event id domain: %s"
|
||||||
% (pdu_to_check.pdu.event_id, e.getErrorMessage())
|
% (pdu_to_check.pdu.event_id, e.getErrorMessage())
|
||||||
)
|
)
|
||||||
# XX as above: not really sure if these are the right codes
|
raise SynapseError(403, errmsg, Codes.FORBIDDEN)
|
||||||
raise SynapseError(400, errmsg, Codes.UNAUTHORIZED)
|
|
||||||
|
|
||||||
for p, d in zip(pdus_to_check_event_id, more_deferreds):
|
for p, d in zip(pdus_to_check_event_id, more_deferreds):
|
||||||
d.addErrback(event_err, p)
|
d.addErrback(event_err, p)
|
||||||
|
|
|
||||||
|
|
@ -370,6 +370,7 @@ class FederationServer(FederationBase):
|
||||||
pdu = event_from_pdu_json(content, format_ver)
|
pdu = event_from_pdu_json(content, format_ver)
|
||||||
origin_host, _ = parse_server_name(origin)
|
origin_host, _ = parse_server_name(origin)
|
||||||
yield self.check_server_matches_acl(origin_host, pdu.room_id)
|
yield self.check_server_matches_acl(origin_host, pdu.room_id)
|
||||||
|
pdu = yield self._check_sigs_and_hash(room_version, pdu)
|
||||||
ret_pdu = yield self.handler.on_invite_request(origin, pdu)
|
ret_pdu = yield self.handler.on_invite_request(origin, pdu)
|
||||||
time_now = self._clock.time_msec()
|
time_now = self._clock.time_msec()
|
||||||
return {"event": ret_pdu.get_pdu_json(time_now)}
|
return {"event": ret_pdu.get_pdu_json(time_now)}
|
||||||
|
|
@ -386,6 +387,9 @@ class FederationServer(FederationBase):
|
||||||
yield self.check_server_matches_acl(origin_host, pdu.room_id)
|
yield self.check_server_matches_acl(origin_host, pdu.room_id)
|
||||||
|
|
||||||
logger.debug("on_send_join_request: pdu sigs: %s", pdu.signatures)
|
logger.debug("on_send_join_request: pdu sigs: %s", pdu.signatures)
|
||||||
|
|
||||||
|
pdu = yield self._check_sigs_and_hash(room_version, pdu)
|
||||||
|
|
||||||
res_pdus = yield self.handler.on_send_join_request(origin, pdu)
|
res_pdus = yield self.handler.on_send_join_request(origin, pdu)
|
||||||
time_now = self._clock.time_msec()
|
time_now = self._clock.time_msec()
|
||||||
return (
|
return (
|
||||||
|
|
@ -421,6 +425,9 @@ class FederationServer(FederationBase):
|
||||||
yield self.check_server_matches_acl(origin_host, pdu.room_id)
|
yield self.check_server_matches_acl(origin_host, pdu.room_id)
|
||||||
|
|
||||||
logger.debug("on_send_leave_request: pdu sigs: %s", pdu.signatures)
|
logger.debug("on_send_leave_request: pdu sigs: %s", pdu.signatures)
|
||||||
|
|
||||||
|
pdu = yield self._check_sigs_and_hash(room_version, pdu)
|
||||||
|
|
||||||
yield self.handler.on_send_leave_request(origin, pdu)
|
yield self.handler.on_send_leave_request(origin, pdu)
|
||||||
return 200, {}
|
return 200, {}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1222,7 +1222,6 @@ class FederationHandler(BaseHandler):
|
||||||
Returns:
|
Returns:
|
||||||
Deferred[FrozenEvent]
|
Deferred[FrozenEvent]
|
||||||
"""
|
"""
|
||||||
|
|
||||||
if get_domain_from_id(user_id) != origin:
|
if get_domain_from_id(user_id) != origin:
|
||||||
logger.info(
|
logger.info(
|
||||||
"Got /make_join request for user %r from different origin %s, ignoring",
|
"Got /make_join request for user %r from different origin %s, ignoring",
|
||||||
|
|
@ -1280,11 +1279,20 @@ class FederationHandler(BaseHandler):
|
||||||
event = pdu
|
event = pdu
|
||||||
|
|
||||||
logger.debug(
|
logger.debug(
|
||||||
"on_send_join_request: Got event: %s, signatures: %s",
|
"on_send_join_request from %s: Got event: %s, signatures: %s",
|
||||||
|
origin,
|
||||||
event.event_id,
|
event.event_id,
|
||||||
event.signatures,
|
event.signatures,
|
||||||
)
|
)
|
||||||
|
|
||||||
|
if get_domain_from_id(event.sender) != origin:
|
||||||
|
logger.info(
|
||||||
|
"Got /send_join request for user %r from different origin %s",
|
||||||
|
event.sender,
|
||||||
|
origin,
|
||||||
|
)
|
||||||
|
raise SynapseError(403, "User not from origin", Codes.FORBIDDEN)
|
||||||
|
|
||||||
event.internal_metadata.outlier = False
|
event.internal_metadata.outlier = False
|
||||||
# Send this event on behalf of the origin server.
|
# Send this event on behalf of the origin server.
|
||||||
#
|
#
|
||||||
|
|
@ -1503,6 +1511,14 @@ class FederationHandler(BaseHandler):
|
||||||
event.signatures,
|
event.signatures,
|
||||||
)
|
)
|
||||||
|
|
||||||
|
if get_domain_from_id(event.sender) != origin:
|
||||||
|
logger.info(
|
||||||
|
"Got /send_leave request for user %r from different origin %s",
|
||||||
|
event.sender,
|
||||||
|
origin,
|
||||||
|
)
|
||||||
|
raise SynapseError(403, "User not from origin", Codes.FORBIDDEN)
|
||||||
|
|
||||||
event.internal_metadata.outlier = False
|
event.internal_metadata.outlier = False
|
||||||
|
|
||||||
context = yield self._handle_new_event(origin, event)
|
context = yield self._handle_new_event(origin, event)
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue