mirrors/dendrite
1
0
Fork 0
mirror of https://github.com/matrix-org/dendrite.git synced 2025-12-12 01:13:10 -06:00
Code Issues Packages Projects Releases Wiki Activity

Merge a2eefb85bd into 2183712e04

Browse source
This commit is contained in:
Brendan Abolivier 2017-08-29 16:50:25 +00:00 committed by GitHub
parent 2183712e04 a2eefb85bd
commit 7bfad86e92
3 changed files with 77 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/github.com/matrix-org/dendrite/clientapi/thirdpartyinvites/thirdpartyinvites.go
View file

@ -47,7 +47,7 @@ type MembershipRequest struct {
Address string `json:"address"` Address string `json:"address"`
} }
// idServerLookupResponse represents the response described at https://matrix.org/docs/spec/client_server/r0.2.0.html#get-matrix-identity-api-v1-lookup // idServerLookupResponse represents the response described at https://matrix.org/docs/spec/identity_service/unstable.html#get-matrix-identity-api-v1-lookup
type idServerLookupResponse struct { type idServerLookupResponse struct {
TS int64 `json:"ts"` TS int64 `json:"ts"`
NotBefore int64 `json:"not_before"` NotBefore int64 `json:"not_before"`
@ -58,7 +58,7 @@ type idServerLookupResponse struct {
Signatures map[string]map[string]string `json:"signatures"` Signatures map[string]map[string]string `json:"signatures"`
} }
// idServerLookupResponse represents the response described at https://matrix.org/docs/spec/client_server/r0.2.0.html#invitation-storage // idServerLookupResponse represents the response described at https://matrix.org/docs/spec/identity_service/unstable.html#invitation-storage
type idServerStoreInviteResponse struct { type idServerStoreInviteResponse struct {
PublicKey string `json:"public_key"` PublicKey string `json:"public_key"`
Token string `json:"token"` Token string `json:"token"`

11
src/github.com/matrix-org/dendrite/roomserver/input/events.go
View file

@ -22,6 +22,8 @@ import (
"github.com/matrix-org/dendrite/roomserver/state" "github.com/matrix-org/dendrite/roomserver/state"
"github.com/matrix-org/dendrite/roomserver/types" "github.com/matrix-org/dendrite/roomserver/types"
"github.com/matrix-org/gomatrixserverlib" "github.com/matrix-org/gomatrixserverlib"
"github.com/Sirupsen/logrus"
) )
// A RoomEventDatabase has the storage APIs needed to store a room event. // A RoomEventDatabase has the storage APIs needed to store a room event.
@ -56,6 +58,15 @@ func processRoomEvent(db RoomEventDatabase, ow OutputRoomEventWriter, input api.
// Parse and validate the event JSON // Parse and validate the event JSON
event := input.Event event := input.Event
if err := checkThirdPartyKeys(input.Event); err != nil {
// At least one of the key could not be validated. The specification
// says that it should not cause a rejection of the event.
// https://matrix.org/docs/spec/client_server/r0.2.0.html#id58
// There is no direct way to warn the users that the member's
// membership is questionable, so log the error as a warning.
logrus.Warn(err)
}
// Check that the event passes authentication checks and work out the numeric IDs for the auth events. // Check that the event passes authentication checks and work out the numeric IDs for the auth events.
authEventNIDs, err := checkAuthEvents(db, event, input.AuthEventIDs) authEventNIDs, err := checkAuthEvents(db, event, input.AuthEventIDs)
if err != nil { if err != nil {

64
src/github.com/matrix-org/dendrite/roomserver/input/thirdpartyinvites.go Normal file
View file

@ -0,0 +1,64 @@
// Copyright 2017 Vector Creations Ltd
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package input
import (
"encoding/json"
"errors"
"fmt"
"net/http"
"github.com/matrix-org/dendrite/common"
"github.com/matrix-org/gomatrixserverlib"
)
// checkThirdPartyKeys checks the validity of all the public keys in a given
// m.room.third_party_invite event.
// Returns with an error if a key could not be verified.
func checkThirdPartyKeys(event gomatrixserverlib.Event) error {
if event.Type() == "m.room.third_party_invite" {
var content common.ThirdPartyInviteContent
if err := json.Unmarshal(event.Content(), &content); err != nil {
return err
}
for _, key := range content.PublicKeys {
url := fmt.Sprintf("%s?public_key=%s", key.KeyValidityURL, key.PublicKey)
resp, err := http.Get(url)
if err != nil {
return err
}
if resp.StatusCode != http.StatusOK {
errMsg := fmt.Sprintf("Could not verify the validity of key %s at %s", key.PublicKey, key.KeyValidityURL)
return errors.New(errMsg)
}
var validity struct {
Valid bool `json:"valid"`
}
if err := json.NewDecoder(resp.Body).Decode(&validity); err != nil {
return err
}
if !validity.Valid {
errMsg := fmt.Sprintf("Invalid key %s according to %s", key.PublicKey, key.KeyValidityURL)
return errors.New(errMsg)
}
}
}
return nil
}