mirrors/dendrite
1
0
Fork 0
mirror of https://github.com/matrix-org/dendrite.git synced 2025-12-29 01:33:10 -06:00
Code Issues Packages Projects Releases Wiki Activity

Various wtweaks

Browse source
This commit is contained in:
Neil Alexander 2021-08-06 18:00:54 +01:00
parent d57c39ce7f
commit 1195dd7139
No known key found for this signature in database
GPG key ID: A02A2019A2BB0944
4 changed files with 17 additions and 42 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
keyserver/api/api.go
View file

@ -160,7 +160,7 @@ type PerformClaimKeysResponse struct {
type PerformUploadDeviceKeysRequest struct { type PerformUploadDeviceKeysRequest struct {
gomatrixserverlib.CrossSigningKeys gomatrixserverlib.CrossSigningKeys
// The user that uploaded the key, should be populated by the clientapi. // The user that uploaded the key, should be populated by the clientapi.
UserID string `json:"user_id"` UserID string
} }
type PerformUploadDeviceKeysResponse struct { type PerformUploadDeviceKeysResponse struct {
@ -170,7 +170,7 @@ type PerformUploadDeviceKeysResponse struct {
type PerformUploadDeviceSignaturesRequest struct { type PerformUploadDeviceSignaturesRequest struct {
Signatures map[string]map[gomatrixserverlib.KeyID]gomatrixserverlib.CrossSigningForKeyOrDevice Signatures map[string]map[gomatrixserverlib.KeyID]gomatrixserverlib.CrossSigningForKeyOrDevice
// The user that uploaded the sig, should be populated by the clientapi. // The user that uploaded the sig, should be populated by the clientapi.
UserID string `json:"user_id"` UserID string
} }
type PerformUploadDeviceSignaturesResponse struct { type PerformUploadDeviceSignaturesResponse struct {

37
keyserver/internal/cross_signing.go
View file

@ -117,46 +117,11 @@ func (a *KeyInternalAPI) PerformUploadDeviceKeys(ctx context.Context, req *api.P
masterKey, hasMasterKey = existingKeys[gomatrixserverlib.CrossSigningKeyPurposeMaster] masterKey, hasMasterKey = existingKeys[gomatrixserverlib.CrossSigningKeyPurposeMaster]
} }
// If the user isn't a local user and we haven't successfully found a key
// through any local means then ask over federation.
if !hasMasterKey {
_, host, err := gomatrixserverlib.SplitID('@', req.UserID)
if err != nil {
res.Error = &api.KeyError{
Err: "Retrieving cross-signing keys from federation failed: " + err.Error(),
}
return
}
keys, err := a.FedClient.QueryKeys(ctx, host, map[string][]string{
req.UserID: {},
})
if err != nil {
res.Error = &api.KeyError{
Err: "Retrieving cross-signing keys from federation failed: " + err.Error(),
}
return
}
switch k := keys.MasterKeys[req.UserID].CrossSigningBody.(type) {
case *gomatrixserverlib.CrossSigningKey:
if err := sanityCheckKey(*k, req.UserID, gomatrixserverlib.CrossSigningKeyPurposeMaster); err != nil {
res.Error = &api.KeyError{
Err: "Master key sanity check failed: " + err.Error(),
}
return
}
default:
res.Error = &api.KeyError{
Err: "Unexpected type for master key retrieved from federation",
}
return
}
}
// If we still don't have a master key at this point then there's nothing else // If we still don't have a master key at this point then there's nothing else
// we can do - we've checked both the request and the database. // we can do - we've checked both the request and the database.
if !hasMasterKey { if !hasMasterKey {
res.Error = &api.KeyError{ res.Error = &api.KeyError{
Err: "No master key was found, either in the database or in the request!", Err: "No master key was found either in the database or in the request!",
IsMissingParam: true, IsMissingParam: true,
} }
return return

12
keyserver/internal/internal.go
View file

@ -372,9 +372,15 @@ func (a *KeyInternalAPI) queryRemoteKeys(
domains := map[string]struct{}{} domains := map[string]struct{}{}
for domain := range domainToDeviceKeys { for domain := range domainToDeviceKeys {
if domain == string(a.ThisServer) {
continue
}
domains[domain] = struct{}{} domains[domain] = struct{}{}
} }
for domain := range domainToCrossSigningKeys { for domain := range domainToCrossSigningKeys {
if domain == string(a.ThisServer) {
continue
}
domains[domain] = struct{}{} domains[domain] = struct{}{}
} }
wg.Add(len(domains)) wg.Add(len(domains))
@ -430,8 +436,12 @@ func (a *KeyInternalAPI) queryRemoteKeysOnServer(
res *api.QueryKeysResponse, res *api.QueryKeysResponse,
) { ) {
defer wg.Done() defer wg.Done()
fedCtx, cancel := context.WithTimeout(ctx, timeout) fedCtx := ctx
if timeout > 0 {
var cancel context.CancelFunc
fedCtx, cancel = context.WithTimeout(ctx, timeout)
defer cancel() defer cancel()
}
// for users who we do not have any knowledge about, try to start doing device list updates for them // for users who we do not have any knowledge about, try to start doing device list updates for them
// by hitting /users/devices - otherwise fallback to /keys/query which has nicer bulk properties but // by hitting /users/devices - otherwise fallback to /keys/query which has nicer bulk properties but
// lack a stream ID. // lack a stream ID.

4
keyserver/inthttp/server.go
View file

@ -62,7 +62,7 @@ func AddRoutes(internalAPIMux *mux.Router, s api.KeyInternalAPI) {
httputil.MakeInternalAPI("performUploadDeviceKeys", func(req *http.Request) util.JSONResponse { httputil.MakeInternalAPI("performUploadDeviceKeys", func(req *http.Request) util.JSONResponse {
request := api.PerformUploadDeviceKeysRequest{} request := api.PerformUploadDeviceKeysRequest{}
response := api.PerformUploadDeviceKeysResponse{} response := api.PerformUploadDeviceKeysResponse{}
if err := json.NewDecoder(req.Body).Decode(&request.CrossSigningKeys); err != nil { if err := json.NewDecoder(req.Body).Decode(&request); err != nil {
return util.MessageResponse(http.StatusBadRequest, err.Error()) return util.MessageResponse(http.StatusBadRequest, err.Error())
} }
s.PerformUploadDeviceKeys(req.Context(), &request, &response) s.PerformUploadDeviceKeys(req.Context(), &request, &response)
@ -73,7 +73,7 @@ func AddRoutes(internalAPIMux *mux.Router, s api.KeyInternalAPI) {
httputil.MakeInternalAPI("performUploadDeviceSignatures", func(req *http.Request) util.JSONResponse { httputil.MakeInternalAPI("performUploadDeviceSignatures", func(req *http.Request) util.JSONResponse {
request := api.PerformUploadDeviceSignaturesRequest{} request := api.PerformUploadDeviceSignaturesRequest{}
response := api.PerformUploadDeviceSignaturesResponse{} response := api.PerformUploadDeviceSignaturesResponse{}
if err := json.NewDecoder(req.Body).Decode(&request.Signatures); err != nil { if err := json.NewDecoder(req.Body).Decode(&request); err != nil {
return util.MessageResponse(http.StatusBadRequest, err.Error()) return util.MessageResponse(http.StatusBadRequest, err.Error())
} }
s.PerformUploadDeviceSignatures(req.Context(), &request, &response) s.PerformUploadDeviceSignatures(req.Context(), &request, &response)