forked-synapse/synapse
Andrew Morgan 27c1abc7b8
Use _check_sigs_and_hash_and_fetch to validate backfill requests (#8350)
This is a bit of a hack, as `_check_sigs_and_hash_and_fetch` is intended
for attempting to pull an event from the database/(re)pull it from the
server that originally sent the event if checking the signature of the
event fails.

During backfill we *know* that we won't have the event in our database,
however it is still useful to be able to query the original sending
server as the server we're backfilling from may be acting maliciously.

The main benefit and reason for this change however is that
`_check_sigs_and_hash_and_fetch` will drop an event during backfill if
it cannot be successfully validated, whereas the current code will
simply fail the backfill request - resulting in the client's /messages
request silently being dropped.

This is a quick patch to fix backfilling rooms that contain malformed
events. A better implementation in planned in future.
2020-09-18 14:51:11 +01:00
..
_scripts Replace all remaining six usage with native Python 3 equivalents (#7704) 2020-06-16 08:51:47 -04:00
api Do not apply ratelimiting on joins to appservices (#8139) 2020-08-24 14:53:53 +01:00
app Change HomeServer definition to work with typing. 2020-08-11 18:00:17 +01:00
appservice Convert the SimpleHttpClient to async. (#8016) 2020-08-04 07:22:04 -04:00
config Move setting of Filter into code. 2020-08-11 18:10:46 +01:00
crypto Add a comment about SSLv23_METHOD (#8043) 2020-08-07 15:14:29 +01:00
events Add type hints to handlers.message and events.builder (#8067) 2020-08-12 15:05:50 +01:00
federation Use _check_sigs_and_hash_and_fetch to validate backfill requests (#8350) 2020-09-18 14:51:11 +01:00
groups Convert groups and visibility code to async / await. (#7951) 2020-07-27 12:32:08 -04:00
handlers Fix join ratelimiter breaking profile updates and idempotency (#8153) 2020-08-24 18:06:04 +01:00
http Reduce INFO logging (#8050) 2020-08-11 18:10:07 +01:00
logging Fix error reporting when using opentracing.trace (#7961) 2020-07-27 16:20:24 +01:00
metrics Convert run_as_background_process inner function to async. (#8032) 2020-08-06 08:20:42 -04:00
module_api Convert synapse.api to async/await (#8031) 2020-08-06 08:30:06 -04:00
push Implement new experimental push rules (#7997) 2020-08-10 11:48:01 +01:00
replication Reduce unnecessary whitespace in JSON. (#7372) 2020-08-07 08:02:55 -04:00
res/templates Implement login blocking based on SAML attributes (#8052) 2020-08-11 16:08:10 +01:00
rest Implement new experimental push rules (#7997) 2020-08-10 11:48:01 +01:00
server_notices Fix some comments and types in service notices (#7996) 2020-07-31 16:22:06 -04:00
spam_checker_api Add type hints to the spam check module (#6915) 2020-02-14 12:49:40 -05:00
state Rename database classes to make some sense (#8033) 2020-08-05 21:38:57 +01:00
static Clean-up the fallback login code. (#7657) 2020-06-10 09:50:39 -04:00
storage Convert the roommember database to async/await. (#8070) 2020-08-12 12:14:34 -04:00
streams Convert streams to async. (#8014) 2020-08-04 07:21:47 -04:00
util Fix typing for notifier (#8064) 2020-08-12 14:03:08 +01:00
__init__.py 1.19.2 2020-09-16 13:37:03 +01:00
event_auth.py Fix recursion error when fetching auth chain over federation (#7817) 2020-07-10 18:15:35 +01:00
notifier.py Fix typing for notifier (#8064) 2020-08-12 14:03:08 +01:00
python_dependencies.py re-implement daemonize (#8011) 2020-08-04 10:03:41 +01:00
secrets.py Change HomeServer definition to work with typing. 2020-08-11 18:00:17 +01:00
server.py Add comment explaining cast 2020-08-11 22:01:12 +01:00
types.py Fix typing for notifier (#8064) 2020-08-12 14:03:08 +01:00
visibility.py Convert groups and visibility code to async / await. (#7951) 2020-07-27 12:32:08 -04:00