Merge pull request #919 from matrix-org/erikj/auth_fix

Various auth.py fixes.
2025-05-02 12:06:08 -04:00 · 2016-07-15 11:38:33 +01:00 · 2016-07-15 11:38:33 +01:00 · bd7c51921d
commit bd7c51921d
parent a3036ac37e 9e1b43bcbf
3 changed files with 35 additions and 5 deletions
--- a/synapse/api/auth.py
+++ b/synapse/api/auth.py
@ -63,7 +63,7 @@ class Auth(object):
            "user_id = ",
        ])

-    def check(self, event, auth_events):
+    def check(self, event, auth_events, do_sig_check=True):
        """ Checks if this event is correctly authed.

        Args:
@ -79,6 +79,13 @@ class Auth(object):

            if not hasattr(event, "room_id"):
                raise AuthError(500, "Event has no room_id: %s" % event)
+
+            sender_domain = get_domain_from_id(event.sender)
+
+            # Check the sender's domain has signed the event
+            if do_sig_check and not event.signatures.get(sender_domain):
+                raise AuthError(403, "Event not signed by sending server")
+
            if auth_events is None:
                # Oh, we don't know what the state of the room was, so we
                # are trusting that this is allowed (at least for now)
@ -86,6 +93,12 @@ class Auth(object):
                return True

            if event.type == EventTypes.Create:
+                room_id_domain = get_domain_from_id(event.room_id)
+                if room_id_domain != sender_domain:
+                    raise AuthError(
+                        403,
+                        "Creation event's room_id domain does not match sender's"
+                    )
                # FIXME
                return True

@ -108,6 +121,17 @@ class Auth(object):

            # FIXME: Temp hack
            if event.type == EventTypes.Aliases:
+                if not event.state_key:
+                    raise AuthError(
+                        403,
+                        "Alias event must have non-empty state_key"
+                    )
+                sender_domain = get_domain_from_id(event.sender)
+                if event.state_key != sender_domain:
+                    raise AuthError(
+                        403,
+                        "Alias event's state_key does not match sender's domain"
+                    )
                return True

            logger.debug(