Optional strict validity checking in gmsl

common/keydb/keyring.go

@@ -35,9 +35,9 @@ func CreateKeyRing(client gomatrixserverlib.Client,
 	return gomatrixserverlib.KeyRing{
 		KeyFetchers: []gomatrixserverlib.KeyFetcher{
 			// TODO: Use perspective key fetchers for production.
-			&gomatrixserverlib.DirectKeyFetcher{
+			//&gomatrixserverlib.DirectKeyFetcher{
-				Client: client,
+			//	Client: client,
-			},
+			//},
 			&gomatrixserverlib.PerspectiveKeyFetcher{
 				PerspectiveServerName: "matrix.org",
 				PerspectiveServerKeys: map[gomatrixserverlib.KeyID]ed25519.PublicKey{

federationapi/routing/invite.go

@@ -63,9 +63,10 @@ func Invite(
 	// Check that the event is signed by the server sending the request.
 	redacted := event.Redact()
 	verifyRequests := []gomatrixserverlib.VerifyJSONRequest{{
-		ServerName: event.Origin(),
+		ServerName:             event.Origin(),
-		Message:    redacted.JSON(),
+		Message:                redacted.JSON(),
-		AtTS:       event.OriginServerTS(),
+		AtTS:                   event.OriginServerTS(),
+		StrictValidityChecking: true,
 	}}
 	verifyResults, err := keys.VerifyJSONs(httpReq.Context(), verifyRequests)
 	if err != nil {

federationapi/routing/join.go

@@ -196,9 +196,10 @@ func SendJoin(
 	// Check that the event is signed by the server sending the request.
 	redacted := event.Redact()
 	verifyRequests := []gomatrixserverlib.VerifyJSONRequest{{
-		ServerName: event.Origin(),
+		ServerName:             event.Origin(),
-		Message:    redacted.JSON(),
+		Message:                redacted.JSON(),
-		AtTS:       event.OriginServerTS(),
+		AtTS:                   event.OriginServerTS(),
+		StrictValidityChecking: true,
 	}}
 	verifyResults, err := keys.VerifyJSONs(httpReq.Context(), verifyRequests)
 	if err != nil {

federationapi/routing/leave.go

@@ -145,9 +145,10 @@ func SendLeave(
 	// Check that the event is signed by the server sending the request.
 	redacted := event.Redact()
 	verifyRequests := []gomatrixserverlib.VerifyJSONRequest{{
-		ServerName: event.Origin(),
+		ServerName:             event.Origin(),
-		Message:    redacted.JSON(),
+		Message:                redacted.JSON(),
-		AtTS:       event.OriginServerTS(),
+		AtTS:                   event.OriginServerTS(),
+		StrictValidityChecking: true,
 	}}
 	verifyResults, err := keys.VerifyJSONs(httpReq.Context(), verifyRequests)
 	if err != nil {

go.mod

@@ -17,7 +17,7 @@ require (
 	github.com/matrix-org/go-http-js-libp2p v0.0.0-20200318135427-31631a9ef51f
 	github.com/matrix-org/go-sqlite3-js v0.0.0-20200325174927-327088cdef10
 	github.com/matrix-org/gomatrix v0.0.0-20190528120928-7df988a63f26
-	github.com/matrix-org/gomatrixserverlib v0.0.0-20200417084707-818540c5c01d
+	github.com/matrix-org/gomatrixserverlib v0.0.0-20200417120145-f3bec8551e12
 	github.com/matrix-org/naffka v0.0.0-20200127221512-0716baaabaf1
 	github.com/matrix-org/util v0.0.0-20190711121626-527ce5ddefc7
 	github.com/mattn/go-sqlite3 v2.0.3+incompatible

go.sum

@@ -366,6 +366,8 @@ github.com/matrix-org/gomatrixserverlib v0.0.0-20200124100636-0c2ec91d1df5 h1:km
 github.com/matrix-org/gomatrixserverlib v0.0.0-20200124100636-0c2ec91d1df5/go.mod h1:FsKa2pWE/bpQql9H7U4boOPXFoJX/QcqaZZ6ijLkaZI=
 github.com/matrix-org/gomatrixserverlib v0.0.0-20200417084707-818540c5c01d h1:8NtWlu1Y/A1DemRIflG2+9WYSaUrfcWw3QJoKGIUoBs=
 github.com/matrix-org/gomatrixserverlib v0.0.0-20200417084707-818540c5c01d/go.mod h1:FsKa2pWE/bpQql9H7U4boOPXFoJX/QcqaZZ6ijLkaZI=
+github.com/matrix-org/gomatrixserverlib v0.0.0-20200417120145-f3bec8551e12 h1:0tDKsk6HQ7w/zeW3FIdjC/XhQZCsYXI3TLCq28J1Klg=
+github.com/matrix-org/gomatrixserverlib v0.0.0-20200417120145-f3bec8551e12/go.mod h1:FsKa2pWE/bpQql9H7U4boOPXFoJX/QcqaZZ6ijLkaZI=
 github.com/matrix-org/naffka v0.0.0-20200127221512-0716baaabaf1 h1:osLoFdOy+ChQqVUn2PeTDETFftVkl4w9t/OW18g3lnk=
 github.com/matrix-org/naffka v0.0.0-20200127221512-0716baaabaf1/go.mod h1:cXoYQIENbdWIQHt1SyCo6Bl3C3raHwJ0wgVrXHSqf+A=
 github.com/matrix-org/util v0.0.0-20171127121716-2e2df66af2f5 h1:W7l5CP4V7wPyPb4tYE11dbmeAOwtFQBTW0rf4OonOS8=