Matrix-Mirrors/forked-synapse
1
0
Fork 0
mirror of https://mau.dev/maunium/synapse.git synced 2024-07-08 04:02:16 +00:00
Code Issues Packages Projects Releases Wiki Activity
cc33d9eee2
forked-synapse/synapse/handlers
History
Richard van der Hoff cc33d9eee2
Check auth on received events' auth_events (#11001) 
Currently, when we receive an event whose auth_events differ from those we expect, we state-resolve between the two state sets, and check that the event passes auth based on the resolved state.

This means that it's possible for us to accept events which don't pass auth at their declared auth_events (or where the auth events themselves were rejected), leading to problems down the line like #10083.

This change means we will:

 * ignore any events where we cannot find the auth events
 * reject any events whose auth events were rejected
 * reject any events which do not pass auth at their declared auth_events.

Together with a whole raft of previous work, this is a partial fix to #9595.

Fixes #6643.

Based on #11009.
2021-10-18 18:29:37 +01:00
..
ui_auth Use direct references for configuration variables (part 7). (#10959) 2021-10-04 07:18:54 -04:00
__init__.py Remove redundant "coding: utf-8" lines (#9786) 2021-04-14 15:34:27 +01:00
account_data.py Add type hints for event streams. (#10856) 2021-09-21 13:34:26 -04:00
account_validity.py Require direct references to configuration variables. (#10985) 2021-10-06 10:47:41 -04:00
admin.py Remove the deprecated BaseHandler. (#11005) 2021-10-08 07:44:43 -04:00
appservice.py Use direct references for some configuration variables (part 3) (#10885) 2021-09-23 07:13:34 -04:00
auth.py Port the Password Auth Providers module interface to the new generic interface (#10548) 2021-10-13 11:21:52 +00:00
cas.py Use direct references for some configuration variables (part 3) (#10885) 2021-09-23 07:13:34 -04:00
deactivate_account.py Remove the deprecated BaseHandler. (#11005) 2021-10-08 07:44:43 -04:00
device.py Add type hints to synapse.storage.databases.main.client_ips (#10972) 2021-10-12 13:50:34 +01:00
devicemessage.py Use direct references for some configuration variables (#10798) 2021-09-13 13:07:12 -04:00
directory.py Remove the deprecated BaseHandler. (#11005) 2021-10-08 07:44:43 -04:00
e2e_keys.py Require type hints in the handlers module. (#10831) 2021-09-20 08:56:23 -04:00
e2e_room_keys.py Remove redundant "coding: utf-8" lines (#9786) 2021-04-14 15:34:27 +01:00
event_auth.py Check *all* auth events for room id and rejection (#11009) 2021-10-18 18:28:30 +01:00
events.py Remove the deprecated BaseHandler. (#11005) 2021-10-08 07:44:43 -04:00
federation_event.py Check auth on received events' auth_events (#11001) 2021-10-18 18:29:37 +01:00
federation.py Check *all* auth events for room id and rejection (#11009) 2021-10-18 18:28:30 +01:00
groups_local.py Require type hints in the handlers module. (#10831) 2021-09-20 08:56:23 -04:00
identity.py Remove the deprecated BaseHandler. (#11005) 2021-10-08 07:44:43 -04:00
initial_sync.py Remove the deprecated BaseHandler. (#11005) 2021-10-08 07:44:43 -04:00
message.py Resolve and share state_groups for all historical events in batch (MSC2716) (#10975) 2021-10-13 17:44:00 -05:00
oidc.py Use direct references for configuration variables (part 4). (#10893) 2021-09-23 12:03:01 -04:00
pagination.py Move experimental & retention config out of the server module. (#11070) 2021-10-15 14:30:48 +00:00
password_policy.py Use direct references for some configuration variables (part 3) (#10885) 2021-09-23 07:13:34 -04:00
presence.py Fix issue causing sending presence to ASes to fail (due to incomplete type annotations) (#10944) 2021-09-30 11:06:47 +01:00
profile.py Remove the deprecated BaseHandler. (#11005) 2021-10-08 07:44:43 -04:00
read_marker.py Remove the deprecated BaseHandler. (#11005) 2021-10-08 07:44:43 -04:00
receipts.py Remove the deprecated BaseHandler. (#11005) 2021-10-08 07:44:43 -04:00
register.py Remove the deprecated BaseHandler. (#11005) 2021-10-08 07:44:43 -04:00
room_batch.py Resolve and share state_groups for all historical events in batch (MSC2716) (#10975) 2021-10-13 17:44:00 -05:00
room_list.py Remove the deprecated BaseHandler. (#11005) 2021-10-08 07:44:43 -04:00
room_member_worker.py Implement knock feature (#6739) 2021-06-09 19:39:51 +01:00
room_member.py Remove the deprecated BaseHandler. (#11005) 2021-10-08 07:44:43 -04:00
room_summary.py Remove unnecessary parentheses around tuples returned from methods (#10889) 2021-09-23 11:59:07 +01:00
room.py Add type hints to synapse.events.*. (#11066) 2021-10-13 07:24:07 -04:00
saml.py Remove the deprecated BaseHandler. (#11005) 2021-10-08 07:44:43 -04:00
search.py Remove the deprecated BaseHandler. (#11005) 2021-10-08 07:44:43 -04:00
send_email.py Pass str to twisted's IReactorTCP (#10895) 2021-09-30 12:51:47 +01:00
set_password.py Remove the deprecated BaseHandler. (#11005) 2021-10-08 07:44:43 -04:00
sso.py Use direct references for configuration variables (part 5). (#10897) 2021-09-24 07:25:21 -04:00
state_deltas.py Easy refactors of the user directory (#10789) 2021-09-10 10:54:38 +01:00
stats.py Use direct references for configuration variables (part 5). (#10897) 2021-09-24 07:25:21 -04:00
sync.py Add type hints for event streams. (#10856) 2021-09-21 13:34:26 -04:00
typing.py Remove unnecessary parentheses around tuples returned from methods (#10889) 2021-09-23 11:59:07 +01:00
user_directory.py Don't remove local users from dir when the leave their last room (#11103) 2021-10-18 13:20:04 +00:00