Matrix-Mirrors/anonymousland-synapse
1
0
Fork 0
mirror of https://git.anonymousland.org/anonymousland/synapse.git synced 2025-05-02 09:56:05 -04:00
Code Issues Projects Releases Packages Wiki Activity

Verify third party ID server certificates

Browse source
This commit is contained in:
Daniel Wagner-Hall 2015-10-16 14:54:54 +01:00
parent 6ffbcf45c6
commit b8dd5b1a2d
4 changed files with 43 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

11
synapse/api/auth.py
View file

@ -397,13 +397,24 @@ class Auth(object):
(EventTypes.ThirdPartyInvite, token,)
)
if not invite_event:
logger.info("Failing 3pid invite because no invite found for token %s", token)
return False
try:
public_key = join_third_party_invite["public_key"]
key_validity_url = join_third_party_invite["key_validity_url"]
if invite_event.content["public_key"] != public_key:
logger.info(
"Failing 3pid invite because public key invite: %s != join: %s",
invite_event.content["public_key"],
public_key
)
return False
if invite_event.content["key_validity_url"] != key_validity_url:
logger.info(
"Failing 3pid invite because key_validity_url invite: %s != join: %s",
invite_event.content["key_validity_url"],
key_validity_url
)
return False
verify_key = nacl.signing.VerifyKey(decode_base64(public_key))
encoded_signature = join_third_party_invite["signature"]