From c4710fb8cf6a85546c967d6471a5eb295e5a2069 Mon Sep 17 00:00:00 2001 From: Tulir Asokan Date: Wed, 18 Nov 2020 01:21:19 +0200 Subject: [PATCH] Allow specific users to send invalid events --- synapse/events/validator.py | 12 ++++++++++-- synapse/handlers/federation.py | 4 ++-- synapse/handlers/message.py | 7 ++++--- 3 files changed, 16 insertions(+), 7 deletions(-) diff --git a/synapse/events/validator.py b/synapse/events/validator.py index f8f3b1a31..23d27c754 100644 --- a/synapse/events/validator.py +++ b/synapse/events/validator.py @@ -34,7 +34,7 @@ class EventValidator: event: The event to validate. config: The homeserver's configuration. """ - self.validate_builder(event) + self.validate_builder(event, config) if event.format_version == EventFormatVersions.V1: EventID.from_string(event.event_id) @@ -66,6 +66,10 @@ class EventValidator: # checked, since we trust the portions of the event we created. validate_canonicaljson(event.content) + # meow: allow specific users to send potentially dangerous events. + if event.sender in config.meow.validation_override: + return + if event.type == EventTypes.Aliases: if "aliases" in event.content: for alias in event.content["aliases"]: @@ -128,7 +132,7 @@ class EventValidator: errcode=Codes.BAD_JSON, ) - def validate_builder(self, event: Union[EventBase, EventBuilder]): + def validate_builder(self, event: Union[EventBase, EventBuilder], config: HomeServerConfig): """Validates that the builder/event has roughly the right format. Only checks values that we expect a proto event to have, rather than all the fields an event would have @@ -146,6 +150,10 @@ class EventValidator: RoomID.from_string(event.room_id) UserID.from_string(event.sender) + # meow: allow specific users to send so-called invalid events + if event.sender in config.meow.validation_override: + return + if event.type == EventTypes.Message: strings = ["body", "msgtype"] diff --git a/synapse/handlers/federation.py b/synapse/handlers/federation.py index c38695770..4e7da96a8 100644 --- a/synapse/handlers/federation.py +++ b/synapse/handlers/federation.py @@ -2653,7 +2653,7 @@ class FederationHandler(BaseHandler): room_version = await self.store.get_room_version_id(room_id) builder = self.event_builder_factory.new(room_version, event_dict) - EventValidator().validate_builder(builder) + EventValidator().validate_builder(builder, self.hs.config) event, context = await self.event_creation_handler.create_new_client_event( builder=builder ) @@ -2758,7 +2758,7 @@ class FederationHandler(BaseHandler): # auth check code will explode appropriately. builder = self.event_builder_factory.new(room_version, event_dict) - EventValidator().validate_builder(builder) + EventValidator().validate_builder(builder, self.hs.config) event, context = await self.event_creation_handler.create_new_client_event( builder=builder ) diff --git a/synapse/handlers/message.py b/synapse/handlers/message.py index c6791fb91..6f345e429 100644 --- a/synapse/handlers/message.py +++ b/synapse/handlers/message.py @@ -486,7 +486,7 @@ class EventCreationHandler: builder = self.event_builder_factory.new(room_version, event_dict) - self.validator.validate_builder(builder) + self.validator.validate_builder(builder, self.config) if builder.type == EventTypes.Member: membership = builder.content.get("membership", None) @@ -1053,7 +1053,8 @@ class EventCreationHandler: await self.base_handler.maybe_kick_guest_users(event, context) - if event.type == EventTypes.CanonicalAlias: + validation_override = event.sender not in self.config.meow.validation_override + if event.type == EventTypes.CanonicalAlias and not validation_override: # Validate a newly added alias or newly added alt_aliases. original_alias = None @@ -1310,7 +1311,7 @@ class EventCreationHandler: builder = self.event_builder_factory.for_room_version( original_event.room_version, third_party_result ) - self.validator.validate_builder(builder) + self.validator.validate_builder(builder, self.config) except SynapseError as e: raise Exception( "Third party rules module created an invalid event: " + e.msg,