mirror of
https://git.anonymousland.org/anonymousland/synapse-product.git
synced 2024-12-17 23:44:23 -05:00
Remove signature check on v1 identity server lookups (#8001)
We've [decided](https://github.com/matrix-org/synapse/issues/5253#issuecomment-665976308) to remove the signature check for v1 lookups. The signature check has been removed in v2 lookups. v1 lookups are currently deprecated. As mentioned in the above linked issue, this verification was causing deployments for the vector.im and matrix.org IS deployments, and this change is the simplest solution, without being unjustified. Implementations are encouraged to use the v2 lookup API as it has [increased privacy benefits](https://github.com/matrix-org/matrix-doc/pull/2134).
This commit is contained in:
parent
5d92a1428c
commit
481f76c7aa
1
changelog.d/8001.misc
Normal file
1
changelog.d/8001.misc
Normal file
@ -0,0 +1 @@
|
|||||||
|
Remove redundant and unreliable signature check for v1 Identity Service lookup responses.
|
@ -22,14 +22,10 @@ import urllib.parse
|
|||||||
from typing import Awaitable, Callable, Dict, List, Optional, Tuple
|
from typing import Awaitable, Callable, Dict, List, Optional, Tuple
|
||||||
|
|
||||||
from canonicaljson import json
|
from canonicaljson import json
|
||||||
from signedjson.key import decode_verify_key_bytes
|
|
||||||
from signedjson.sign import verify_signed_json
|
|
||||||
from unpaddedbase64 import decode_base64
|
|
||||||
|
|
||||||
from twisted.internet.error import TimeoutError
|
from twisted.internet.error import TimeoutError
|
||||||
|
|
||||||
from synapse.api.errors import (
|
from synapse.api.errors import (
|
||||||
AuthError,
|
|
||||||
CodeMessageException,
|
CodeMessageException,
|
||||||
Codes,
|
Codes,
|
||||||
HttpResponseException,
|
HttpResponseException,
|
||||||
@ -628,9 +624,9 @@ class IdentityHandler(BaseHandler):
|
|||||||
)
|
)
|
||||||
|
|
||||||
if "mxid" in data:
|
if "mxid" in data:
|
||||||
if "signatures" not in data:
|
# note: we used to verify the identity server's signature here, but no longer
|
||||||
raise AuthError(401, "No signatures on 3pid binding")
|
# require or validate it. See the following for context:
|
||||||
await self._verify_any_signature(data, id_server)
|
# https://github.com/matrix-org/synapse/issues/5253#issuecomment-666246950
|
||||||
return data["mxid"]
|
return data["mxid"]
|
||||||
except TimeoutError:
|
except TimeoutError:
|
||||||
raise SynapseError(500, "Timed out contacting identity server")
|
raise SynapseError(500, "Timed out contacting identity server")
|
||||||
@ -751,30 +747,6 @@ class IdentityHandler(BaseHandler):
|
|||||||
mxid = lookup_results["mappings"].get(lookup_value)
|
mxid = lookup_results["mappings"].get(lookup_value)
|
||||||
return mxid
|
return mxid
|
||||||
|
|
||||||
async def _verify_any_signature(self, data, server_hostname):
|
|
||||||
if server_hostname not in data["signatures"]:
|
|
||||||
raise AuthError(401, "No signature from server %s" % (server_hostname,))
|
|
||||||
for key_name, signature in data["signatures"][server_hostname].items():
|
|
||||||
try:
|
|
||||||
key_data = await self.blacklisting_http_client.get_json(
|
|
||||||
"%s%s/_matrix/identity/api/v1/pubkey/%s"
|
|
||||||
% (id_server_scheme, server_hostname, key_name)
|
|
||||||
)
|
|
||||||
except TimeoutError:
|
|
||||||
raise SynapseError(500, "Timed out contacting identity server")
|
|
||||||
if "public_key" not in key_data:
|
|
||||||
raise AuthError(
|
|
||||||
401, "No public key named %s from %s" % (key_name, server_hostname)
|
|
||||||
)
|
|
||||||
verify_signed_json(
|
|
||||||
data,
|
|
||||||
server_hostname,
|
|
||||||
decode_verify_key_bytes(
|
|
||||||
key_name, decode_base64(key_data["public_key"])
|
|
||||||
),
|
|
||||||
)
|
|
||||||
return
|
|
||||||
|
|
||||||
async def ask_id_server_for_third_party_invite(
|
async def ask_id_server_for_third_party_invite(
|
||||||
self,
|
self,
|
||||||
requester: Requester,
|
requester: Requester,
|
||||||
|
Loading…
Reference in New Issue
Block a user