Add a test room version where we enforce key validity (#5348)

This commit is contained in:
Richard van der Hoff 2019-06-05 10:38:25 +01:00 committed by GitHub
parent 2615c6bd9e
commit 14f13babb0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 38 additions and 22 deletions

1
changelog.d/5348.bugfix Normal file
View File

@ -0,0 +1 @@
Add a new room version where the timestamps on events are checked against the validity periods on signing keys.

View File

@ -50,6 +50,7 @@ class RoomVersion(object):
disposition = attr.ib() # str; one of the RoomDispositions disposition = attr.ib() # str; one of the RoomDispositions
event_format = attr.ib() # int; one of the EventFormatVersions event_format = attr.ib() # int; one of the EventFormatVersions
state_res = attr.ib() # int; one of the StateResolutionVersions state_res = attr.ib() # int; one of the StateResolutionVersions
enforce_key_validity = attr.ib() # bool
class RoomVersions(object): class RoomVersions(object):
@ -58,30 +59,35 @@ class RoomVersions(object):
RoomDisposition.STABLE, RoomDisposition.STABLE,
EventFormatVersions.V1, EventFormatVersions.V1,
StateResolutionVersions.V1, StateResolutionVersions.V1,
) enforce_key_validity=False,
STATE_V2_TEST = RoomVersion(
"state-v2-test",
RoomDisposition.UNSTABLE,
EventFormatVersions.V1,
StateResolutionVersions.V2,
) )
V2 = RoomVersion( V2 = RoomVersion(
"2", "2",
RoomDisposition.STABLE, RoomDisposition.STABLE,
EventFormatVersions.V1, EventFormatVersions.V1,
StateResolutionVersions.V2, StateResolutionVersions.V2,
enforce_key_validity=False,
) )
V3 = RoomVersion( V3 = RoomVersion(
"3", "3",
RoomDisposition.STABLE, RoomDisposition.STABLE,
EventFormatVersions.V2, EventFormatVersions.V2,
StateResolutionVersions.V2, StateResolutionVersions.V2,
enforce_key_validity=False,
) )
V4 = RoomVersion( V4 = RoomVersion(
"4", "4",
RoomDisposition.STABLE, RoomDisposition.STABLE,
EventFormatVersions.V3, EventFormatVersions.V3,
StateResolutionVersions.V2, StateResolutionVersions.V2,
enforce_key_validity=False,
)
VDH_TEST_KEY_VALIDITY = RoomVersion(
"vdh-test-key-validity",
RoomDisposition.UNSTABLE,
EventFormatVersions.V3,
StateResolutionVersions.V2,
enforce_key_validity=False,
) )
@ -90,7 +96,7 @@ KNOWN_ROOM_VERSIONS = {
RoomVersions.V1, RoomVersions.V1,
RoomVersions.V2, RoomVersions.V2,
RoomVersions.V3, RoomVersions.V3,
RoomVersions.STATE_V2_TEST,
RoomVersions.V4, RoomVersions.V4,
RoomVersions.VDH_TEST_KEY_VALIDITY,
) )
} # type: dict[str, RoomVersion] } # type: dict[str, RoomVersion]

View File

@ -223,9 +223,6 @@ def _check_sigs_on_pdus(keyring, room_version, pdus):
the signatures are valid, or fail (with a SynapseError) if not. the signatures are valid, or fail (with a SynapseError) if not.
""" """
# (currently this is written assuming the v1 room structure; we'll probably want a
# separate function for checking v2 rooms)
# we want to check that the event is signed by: # we want to check that the event is signed by:
# #
# (a) the sender's server # (a) the sender's server
@ -257,6 +254,10 @@ def _check_sigs_on_pdus(keyring, room_version, pdus):
for p in pdus for p in pdus
] ]
v = KNOWN_ROOM_VERSIONS.get(room_version)
if not v:
raise RuntimeError("Unrecognized room version %s" % (room_version,))
# First we check that the sender event is signed by the sender's domain # First we check that the sender event is signed by the sender's domain
# (except if its a 3pid invite, in which case it may be sent by any server) # (except if its a 3pid invite, in which case it may be sent by any server)
pdus_to_check_sender = [ pdus_to_check_sender = [
@ -264,10 +265,16 @@ def _check_sigs_on_pdus(keyring, room_version, pdus):
if not _is_invite_via_3pid(p.pdu) if not _is_invite_via_3pid(p.pdu)
] ]
more_deferreds = keyring.verify_json_objects_for_server([ more_deferreds = keyring.verify_json_objects_for_server(
(p.sender_domain, p.redacted_pdu_json, 0) [
(
p.sender_domain,
p.redacted_pdu_json,
p.pdu.origin_server_ts if v.enforce_key_validity else 0,
)
for p in pdus_to_check_sender for p in pdus_to_check_sender
]) ]
)
def sender_err(e, pdu_to_check): def sender_err(e, pdu_to_check):
errmsg = "event id %s: unable to verify signature for sender %s: %s" % ( errmsg = "event id %s: unable to verify signature for sender %s: %s" % (
@ -287,20 +294,22 @@ def _check_sigs_on_pdus(keyring, room_version, pdus):
# event id's domain (normally only the case for joins/leaves), and add additional # event id's domain (normally only the case for joins/leaves), and add additional
# checks. Only do this if the room version has a concept of event ID domain # checks. Only do this if the room version has a concept of event ID domain
# (ie, the room version uses old-style non-hash event IDs). # (ie, the room version uses old-style non-hash event IDs).
v = KNOWN_ROOM_VERSIONS.get(room_version)
if not v:
raise RuntimeError("Unrecognized room version %s" % (room_version,))
if v.event_format == EventFormatVersions.V1: if v.event_format == EventFormatVersions.V1:
pdus_to_check_event_id = [ pdus_to_check_event_id = [
p for p in pdus_to_check p for p in pdus_to_check
if p.sender_domain != get_domain_from_id(p.pdu.event_id) if p.sender_domain != get_domain_from_id(p.pdu.event_id)
] ]
more_deferreds = keyring.verify_json_objects_for_server([ more_deferreds = keyring.verify_json_objects_for_server(
(get_domain_from_id(p.pdu.event_id), p.redacted_pdu_json, 0) [
(
get_domain_from_id(p.pdu.event_id),
p.redacted_pdu_json,
p.pdu.origin_server_ts if v.enforce_key_validity else 0,
)
for p in pdus_to_check_event_id for p in pdus_to_check_event_id
]) ]
)
def event_err(e, pdu_to_check): def event_err(e, pdu_to_check):
errmsg = ( errmsg = (