mirror of
https://git.anonymousland.org/anonymousland/synapse.git
synced 2024-10-01 11:49:51 -04:00
_check_event_auth: move event validation earlier (#10988)
There's little point in doing a fancy state reconciliation dance if the event itself is invalid. Likewise, there's no point checking it again in `_check_for_soft_fail`.
This commit is contained in:
Richard van der Hoff
GitHub
parent
6f6e956338
commit
cb88ed912b
1
changelog.d/10988.misc
Normal file
1
changelog.d/10988.misc
Normal file
@ -0,0 +1 @@
|
|||||||
|
Clean up some of the federation event authentication code for clarity.
|
||||||
@ -1250,9 +1250,18 @@ class FederationEventHandler:
|
|||||||
# This method should only be used for non-outliers
|
# This method should only be used for non-outliers
|
||||||
assert not event.internal_metadata.outlier
|
assert not event.internal_metadata.outlier
|
||||||
|
|
||||||
|
# first of all, check that the event itself is valid.
|
||||||
room_version = await self._store.get_room_version_id(event.room_id)
|
room_version = await self._store.get_room_version_id(event.room_id)
|
||||||
room_version_obj = KNOWN_ROOM_VERSIONS[room_version]
|
room_version_obj = KNOWN_ROOM_VERSIONS[room_version]
|
||||||
|
|
||||||
|
try:
|
||||||
|
validate_event_for_room_version(room_version_obj, event)
|
||||||
|
except AuthError as e:
|
||||||
|
logger.warning("While validating received event %r: %s", event, e)
|
||||||
|
# TODO: use a different rejected reason here?
|
||||||
|
context.rejected = RejectedReason.AUTH_ERROR
|
||||||
|
return context
|
||||||
|
|
||||||
# calculate what the auth events *should* be, to use as a basis for auth.
|
# calculate what the auth events *should* be, to use as a basis for auth.
|
||||||
prev_state_ids = await context.get_prev_state_ids()
|
prev_state_ids = await context.get_prev_state_ids()
|
||||||
auth_events_ids = self._event_auth_handler.compute_auth_events(
|
auth_events_ids = self._event_auth_handler.compute_auth_events(
|
||||||
@ -1286,7 +1295,6 @@ class FederationEventHandler:
|
|||||||
auth_events_for_auth = calculated_auth_event_map
|
auth_events_for_auth = calculated_auth_event_map
|
||||||
|
|
||||||
try:
|
try:
|
||||||
validate_event_for_room_version(room_version_obj, event)
|
|
||||||
check_auth_rules_for_event(room_version_obj, event, auth_events_for_auth)
|
check_auth_rules_for_event(room_version_obj, event, auth_events_for_auth)
|
||||||
except AuthError as e:
|
except AuthError as e:
|
||||||
logger.warning("Failed auth resolution for %r because %s", event, e)
|
logger.warning("Failed auth resolution for %r because %s", event, e)
|
||||||
@ -1399,9 +1407,6 @@ class FederationEventHandler:
|
|||||||
}
|
}
|
||||||
|
|
||||||
try:
|
try:
|
||||||
# TODO: skip the call to validate_event_for_room_version? we should already
|
|
||||||
# have validated the event.
|
|
||||||
validate_event_for_room_version(room_version_obj, event)
|
|
||||||
check_auth_rules_for_event(room_version_obj, event, current_auth_events)
|
check_auth_rules_for_event(room_version_obj, event, current_auth_events)
|
||||||
except AuthError as e:
|
except AuthError as e:
|
||||||
logger.warning(
|
logger.warning(
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user