Allow invites via 3pid to bypass sender sig check

When a server sends a third party invite another server may be the one that the inviting user registers with. In this case it is that remote server that will issue an actual invitation, and wants to do it "in the name of" the original invitee. However, the new proper invite will not be signed by the original server, and thus other servers would reject the invite if it was seen as coming from the original user. To fix this, a special case has been added to the auth rules whereby another server can send an invite "in the name of" another server's user, so long as that user had previously issued a third party invite that is now being accepted.
2025-05-02 12:16:09 -04:00 · 2016-09-22 10:56:53 +01:00 · 2016-09-22 10:56:53 +01:00 · 1168cbd54d
commit 1168cbd54d
parent bbc0d9617f
2 changed files with 22 additions and 7 deletions
--- a/synapse/handlers/federation.py
+++ b/synapse/handlers/federation.py
@ -1922,15 +1922,15 @@ class FederationHandler(BaseHandler):
            original_invite = yield self.store.get_event(
                original_invite_id, allow_none=True
            )
-        if not original_invite:
+        if original_invite:
+            display_name = original_invite.content["display_name"]
+            event_dict["content"]["third_party_invite"]["display_name"] = display_name
+        else:
            logger.info(
-                "Could not find invite event for third_party_invite - "
-                "discarding: %s" % (event_dict,)
+                "Could not find invite event for third_party_invite: %r",
+                event_dict
            )
-            return

-        display_name = original_invite.content["display_name"]
-        event_dict["content"]["third_party_invite"]["display_name"] = display_name
        builder = self.event_builder_factory.new(event_dict)
        EventValidator().validate_new(builder)
        message_handler = self.hs.get_handlers().message_handler