From f7baff6f7b4af039254ec16e9272b90adb58dab3 Mon Sep 17 00:00:00 2001 From: Richard van der Hoff Date: Tue, 21 Aug 2018 22:41:41 +0100 Subject: [PATCH 1/3] Fix 500 error from /consent form Fixes #3731 --- synapse/rest/consent/consent_resource.py | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/synapse/rest/consent/consent_resource.py b/synapse/rest/consent/consent_resource.py index 147ff7d79..52954ada1 100644 --- a/synapse/rest/consent/consent_resource.py +++ b/synapse/rest/consent/consent_resource.py @@ -175,7 +175,7 @@ class ConsentResource(Resource): """ version = parse_string(request, "v", required=True) username = parse_string(request, "u", required=True) - userhmac = parse_string(request, "h", required=True) + userhmac = parse_string(request, "h", required=True, encoding=None) self._check_hash(username, userhmac) @@ -210,9 +210,18 @@ class ConsentResource(Resource): finish_request(request) def _check_hash(self, userid, userhmac): + """ + Args: + userid (unicode): + userhmac (bytes): + + Raises: + SynapseError if the hash doesn't match + + """ want_mac = hmac.new( key=self._hmac_secret, - msg=userid, + msg=userid.encode('utf-8'), digestmod=sha256, ).hexdigest() From f7bf181a909384b649d2b615569921ae6add0505 Mon Sep 17 00:00:00 2001 From: Richard van der Hoff Date: Tue, 21 Aug 2018 23:14:25 +0100 Subject: [PATCH 2/3] fix another consent encoding fail --- synapse/rest/consent/consent_resource.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/synapse/rest/consent/consent_resource.py b/synapse/rest/consent/consent_resource.py index 52954ada1..7362e1858 100644 --- a/synapse/rest/consent/consent_resource.py +++ b/synapse/rest/consent/consent_resource.py @@ -140,7 +140,7 @@ class ConsentResource(Resource): version = parse_string(request, "v", default=self._default_consent_version) username = parse_string(request, "u", required=True) - userhmac = parse_string(request, "h", required=True) + userhmac = parse_string(request, "h", required=True, encoding=None) self._check_hash(username, userhmac) From afb4b490a417aec9223cfd1dcf5aa36c0fc5a6d1 Mon Sep 17 00:00:00 2001 From: Richard van der Hoff Date: Tue, 21 Aug 2018 23:19:14 +0100 Subject: [PATCH 3/3] changelog --- changelog.d/3732.bugfix | 1 + 1 file changed, 1 insertion(+) create mode 100644 changelog.d/3732.bugfix diff --git a/changelog.d/3732.bugfix b/changelog.d/3732.bugfix new file mode 100644 index 000000000..638b6334b --- /dev/null +++ b/changelog.d/3732.bugfix @@ -0,0 +1 @@ +Fix bug introduced in v0.33.3rc1 which made the ToS give a 500 error \ No newline at end of file