mirrors/dendrite
1
0
Fork 0
mirror of https://github.com/matrix-org/dendrite.git synced 2025-12-17 03:43:11 -06:00
Code Issues Packages Projects Releases Wiki Activity

Correct invite signing

Browse source
This commit is contained in:
Neil Alexander 2020-05-06 16:47:55 +01:00
parent 63775d5b1b
commit c9dc2bcd9b
4 changed files with 21 additions and 25 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
federationsender/federationsender.go
View file

@ -43,7 +43,9 @@ func SetupFederationSenderComponent(
logrus.WithError(err).Panic("failed to connect to federation sender db") logrus.WithError(err).Panic("failed to connect to federation sender db")
} }
roomserverProducer := producers.NewRoomserverProducer(rsAPI, base.Cfg.Matrix.ServerName) roomserverProducer := producers.NewRoomserverProducer(
rsAPI, base.Cfg.Matrix.ServerName, base.Cfg.Matrix.KeyID, base.Cfg.Matrix.PrivateKey,
)
statistics := &types.Statistics{} statistics := &types.Statistics{}
queues := queue.NewOutgoingQueues( queues := queue.NewOutgoingQueues(

8
federationsender/producers/roomserver.go
View file

@ -16,6 +16,7 @@ package producers
import ( import (
"context" "context"
"crypto/ed25519"
"github.com/matrix-org/dendrite/roomserver/api" "github.com/matrix-org/dendrite/roomserver/api"
"github.com/matrix-org/gomatrixserverlib" "github.com/matrix-org/gomatrixserverlib"
@ -25,15 +26,20 @@ import (
type RoomserverProducer struct { type RoomserverProducer struct {
InputAPI api.RoomserverInternalAPI InputAPI api.RoomserverInternalAPI
serverName gomatrixserverlib.ServerName serverName gomatrixserverlib.ServerName
keyID gomatrixserverlib.KeyID
privateKey ed25519.PrivateKey
} }
// NewRoomserverProducer creates a new RoomserverProducer // NewRoomserverProducer creates a new RoomserverProducer
func NewRoomserverProducer( func NewRoomserverProducer(
rsAPI api.RoomserverInternalAPI, serverName gomatrixserverlib.ServerName, rsAPI api.RoomserverInternalAPI, serverName gomatrixserverlib.ServerName,
keyID gomatrixserverlib.KeyID, privateKey ed25519.PrivateKey,
) *RoomserverProducer { ) *RoomserverProducer {
return &RoomserverProducer{ return &RoomserverProducer{
InputAPI: rsAPI, InputAPI: rsAPI,
serverName: serverName, serverName: serverName,
keyID: keyID,
privateKey: privateKey,
} }
} }
@ -43,7 +49,7 @@ func NewRoomserverProducer(
func (c *RoomserverProducer) SendInviteResponse( func (c *RoomserverProducer) SendInviteResponse(
ctx context.Context, res gomatrixserverlib.RespInviteV2, roomVersion gomatrixserverlib.RoomVersion, ctx context.Context, res gomatrixserverlib.RespInviteV2, roomVersion gomatrixserverlib.RoomVersion,
) (string, error) { ) (string, error) {
ev := res.Event.Headered(roomVersion) ev := res.Event.Sign(string(c.serverName), c.keyID, c.privateKey).Headered(roomVersion)
ire := api.InputRoomEvent{ ire := api.InputRoomEvent{
Kind: api.KindNew, Kind: api.KindNew,
Event: ev, Event: ev,

16
roomserver/internal/input.go
View file

@ -54,27 +54,15 @@ func (r *RoomserverInternalAPI) InputRoomEvents(
ctx context.Context, ctx context.Context,
request *api.InputRoomEventsRequest, request *api.InputRoomEventsRequest,
response *api.InputRoomEventsResponse, response *api.InputRoomEventsResponse,
) error { ) (err error) {
// We lock as processRoomEvent can only be called once at a time // We lock as processRoomEvent can only be called once at a time
r.mutex.Lock() r.mutex.Lock()
defer r.mutex.Unlock() defer r.mutex.Unlock()
for i := range request.InputInviteEvents { for i := range request.InputInviteEvents {
if event, err := processInviteEvent(ctx, r.DB, r, request.InputInviteEvents[i]); err != nil { if err = processInviteEvent(ctx, r.DB, r, request.InputInviteEvents[i]); err != nil {
return err return err
} else {
// If the room is one that we know about then append the invite
// event to the list of room events to process.
if nid, err := r.DB.RoomNIDExcludingStubs(ctx, event.RoomID()); err == nil && nid > 0 {
request.InputRoomEvents = append(request.InputRoomEvents, api.InputRoomEvent{
Kind: api.KindNew,
Event: *event,
AuthEventIDs: event.AuthEventIDs(),
SendAsServer: string(r.Cfg.Matrix.ServerName),
})
} }
} }
}
var err error
for i := range request.InputRoomEvents { for i := range request.InputRoomEvents {
if response.EventID, err = processRoomEvent(ctx, r.DB, r, request.InputRoomEvents[i]); err != nil { if response.EventID, err = processRoomEvent(ctx, r.DB, r, request.InputRoomEvents[i]); err != nil {
return err return err

18
roomserver/internal/input_events.go
View file

@ -134,9 +134,9 @@ func processInviteEvent(
db storage.Database, db storage.Database,
ow OutputRoomEventWriter, ow OutputRoomEventWriter,
input api.InputInviteEvent, input api.InputInviteEvent,
) (returned *gomatrixserverlib.HeaderedEvent, err error) { ) (err error) {
if input.Event.StateKey() == nil { if input.Event.StateKey() == nil {
return nil, fmt.Errorf("invite must be a state event") return fmt.Errorf("invite must be a state event")
} }
roomID := input.Event.RoomID() roomID := input.Event.RoomID()
@ -151,7 +151,7 @@ func processInviteEvent(
updater, err := db.MembershipUpdater(ctx, roomID, targetUserID, input.RoomVersion) updater, err := db.MembershipUpdater(ctx, roomID, targetUserID, input.RoomVersion)
if err != nil { if err != nil {
return nil, err return err
} }
succeeded := false succeeded := false
defer func() { defer func() {
@ -189,7 +189,7 @@ func processInviteEvent(
// For now we will implement option 2. Since in the abesence of a retry // For now we will implement option 2. Since in the abesence of a retry
// mechanism it will be equivalent to option 1, and we don't have a // mechanism it will be equivalent to option 1, and we don't have a
// signalling mechanism to implement option 3. // signalling mechanism to implement option 3.
return nil, nil return nil
} }
event := input.Event.Unwrap() event := input.Event.Unwrap()
@ -199,7 +199,7 @@ func processInviteEvent(
// most likely to be if the event came in over federation) then use // most likely to be if the event came in over federation) then use
// that. // that.
if err = event.SetUnsignedField("invite_room_state", input.InviteRoomState); err != nil { if err = event.SetUnsignedField("invite_room_state", input.InviteRoomState); err != nil {
return nil, err return err
} }
} else { } else {
// There's no invite room state, so let's have a go at building it // There's no invite room state, so let's have a go at building it
@ -208,22 +208,22 @@ func processInviteEvent(
// the invite room state, if we don't then we just fail quietly. // the invite room state, if we don't then we just fail quietly.
if irs, ierr := buildInviteStrippedState(ctx, db, input); ierr == nil { if irs, ierr := buildInviteStrippedState(ctx, db, input); ierr == nil {
if err = event.SetUnsignedField("invite_room_state", irs); err != nil { if err = event.SetUnsignedField("invite_room_state", irs); err != nil {
return nil, err return err
} }
} }
} }
outputUpdates, err := updateToInviteMembership(updater, &event, nil, input.Event.RoomVersion) outputUpdates, err := updateToInviteMembership(updater, &event, nil, input.Event.RoomVersion)
if err != nil { if err != nil {
return nil, err return err
} }
if err = ow.WriteOutputEvents(roomID, outputUpdates); err != nil { if err = ow.WriteOutputEvents(roomID, outputUpdates); err != nil {
return nil, err return err
} }
succeeded = true succeeded = true
return &input.Event, nil return nil
} }
func buildInviteStrippedState( func buildInviteStrippedState(