Richard van der Hoff
804dd41e18
Check that signatures on events are valid
...
We should check that both the sender's server, and the server which created the
event_id (which may be different from whatever the remote server has told us
the origin is), have signed the event.
2018-09-05 13:08:07 +01:00
Krombel
3366b9c534
rename assert_params_in_request to assert_params_in_dict
...
the method "assert_params_in_request" does handle dicts and not
requests. A request body has to be parsed to json before this method
can be used
2018-07-13 21:53:01 +02:00
Amber Brown
49af402019
run isort
2018-07-09 16:09:20 +10:00
Richard van der Hoff
33f469ba19
Apply some limits to depth to counter abuse
...
* When creating a new event, cap its depth to 2^63 - 1
* When receiving events, reject any without a sensible depth
As per https://docs.google.com/document/d/1I3fi2S-XnpO45qrpCsowZv8P8dHcNZ4fsBsbOW7KABI
2018-05-01 17:54:19 +01:00
Erik Johnston
e05bf34117
Move property setting from ReplicationLayer to FederationBase
2018-03-13 10:51:30 +00:00
Richard van der Hoff
bd91857028
Check missing fields in event_from_pdu_json
...
Return a 400 rather than a 500 when somebody messes up their send_join
2017-12-30 18:40:19 +00:00
Richard van der Hoff
3079f80d4a
Factor out event_from_pdu_json
...
turns out we have two copies of this, and neither needs to be an instance
method
2017-12-30 18:40:19 +00:00
David Baker
6cd5fcd536
Make the spam checker a module
2017-09-26 19:20:23 +01:00
Richard van der Hoff
6de74ea6d7
Fix logcontexts in _check_sigs_and_hashes
2017-09-20 01:32:42 +01:00
Richard van der Hoff
fcf2c0fd1a
Remove redundant preserve_fn
...
preserve_fn is a no-op unless the wrapped function returns a
Deferred. verify_json_objects_for_server returns a list, so this is doing
nothing.
2017-09-20 01:32:42 +01:00
Richard van der Hoff
5ed109d59f
PoC for filtering spammy events ( #2456 )
...
Demonstration of how you might add some hooks to filter out spammy events.
2017-09-19 12:20:11 +01:00
Erik Johnston
9219139351
Preserve some logcontexts
2016-08-24 11:58:40 +01:00
Erik Johnston
d41a1a91d3
Linearize fetching of gaps on incoming events
...
This potentially stops the server from doing multiple requests for the
same data.
2016-06-15 15:16:14 +01:00
Matthew Hodgson
6c28ac260c
copyrights
2016-01-07 04:26:29 +00:00
Erik Johnston
b5f55a1d85
Implement bulk verify_signed_json API
2015-06-26 10:39:34 +01:00
Erik Johnston
d3ded420b1
Rephrase log line
2015-06-02 16:30:52 +01:00
Erik Johnston
22716774d5
Don't about JSON when warning about content tampering
2015-06-02 16:30:52 +01:00
Erik Johnston
5b1631a4a9
Add a timeout param to get_event
2015-05-19 14:53:32 +01:00
Erik Johnston
95dedb866f
Unwrap defer.gatherResults failures
2015-05-12 13:14:29 +01:00
Erik Johnston
789251afa7
Fix logging
2015-02-12 19:29:43 +00:00
Erik Johnston
58d848adc0
Parrellize fetching of events
2015-02-12 18:35:36 +00:00
Erik Johnston
963256638d
Correctly handle all the places that can throw exceptions
2015-02-12 18:17:11 +00:00
Erik Johnston
3c39f42a05
New line
2015-02-03 16:14:19 +00:00
Erik Johnston
9bace3a367
Actually, the old prune_event function was non-deterministic, so no point keeping it around :(
2015-02-03 15:32:17 +00:00
Erik Johnston
7b810e136e
Add new FederationBase
2015-02-03 15:00:42 +00:00