Matrix-Mirrors/forked-synapse
1
0
Fork 0
mirror of https://mau.dev/maunium/synapse.git synced 2024-07-02 17:31:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

Always check guest = true in macaroons

Browse Source
This commit is contained in:
Steven Hammerton 2015-11-17 10:58:05 +00:00
parent f5e25c5f35
commit f20d064e05
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
synapse/api/auth.py
View File

@ -589,7 +589,7 @@ class Auth(object):
macaroon = pymacaroons.Macaroon.deserialize(macaroon_str)
self.validate_macaroon(
macaroon, "access",
[lambda c: c == "guest = true", lambda c: c.startswith("time < ")]
[lambda c: c.startswith("time < ")]
)
user_prefix = "user_id = "
@ -643,6 +643,7 @@ class Auth(object):
v.satisfy_exact("gen = 1")
v.satisfy_exact("type = " + type_string)
v.satisfy_general(lambda c: c.startswith("user_id = "))
v.satisfy_exact("guest = true")
for validation_function in additional_validation_functions:
v.satisfy_general(validation_function)