From d63685af4c5677c3faee657e0c6dea43faf7eeb3 Mon Sep 17 00:00:00 2001 From: Till Faelligen <2353100+S7evinK@users.noreply.github.com> Date: Tue, 13 Jun 2023 18:05:28 +0200 Subject: [PATCH] Add MXIDMapping for pseudoID rooms, also sign with the pseudoIDKey --- .../internal/perform/perform_create_room.go | 101 ++++++++++++------ 1 file changed, 67 insertions(+), 34 deletions(-) diff --git a/roomserver/internal/perform/perform_create_room.go b/roomserver/internal/perform/perform_create_room.go index 121b257ed..d051140bb 100644 --- a/roomserver/internal/perform/perform_create_room.go +++ b/roomserver/internal/perform/perform_create_room.go @@ -16,9 +16,12 @@ package perform import ( "context" + "crypto/ed25519" + "encoding/base64" "encoding/json" "fmt" "net/http" + "strings" "github.com/getsentry/sentry-go" "github.com/matrix-org/dendrite/internal/eventutil" @@ -30,6 +33,7 @@ import ( "github.com/matrix-org/gomatrixserverlib/fclient" "github.com/matrix-org/gomatrixserverlib/spec" "github.com/matrix-org/util" + "github.com/sirupsen/logrus" ) const ( @@ -93,6 +97,15 @@ func (c *Creator) PerformCreateRoom(ctx context.Context, userID spec.UserID, roo } } + _, err = c.DB.AssignRoomNID(ctx, roomID, createRequest.RoomVersion) + if err != nil { + util.GetLogger(ctx).WithError(err).Error("failed to assign roomNID") + return "", &util.JSONResponse{ + Code: http.StatusInternalServerError, + JSON: spec.InternalServerError{}, + } + } + var guestsCanJoin bool switch createRequest.StatePreset { case spec.PresetPrivateChat: @@ -130,13 +143,59 @@ func (c *Creator) PerformCreateRoom(ctx context.Context, userID spec.UserID, roo membershipEvent := gomatrixserverlib.FledglingEvent{ Type: spec.MRoomMember, StateKey: string(senderID), - Content: gomatrixserverlib.MemberContent{ - Membership: spec.Join, - DisplayName: createRequest.UserDisplayName, - AvatarURL: createRequest.UserAvatarURL, - }, } + memberContent := gomatrixserverlib.MemberContent{ + Membership: spec.Join, + DisplayName: createRequest.UserDisplayName, + AvatarURL: createRequest.UserAvatarURL, + } + + // get the signing identity + identity, err := c.Cfg.Matrix.SigningIdentityFor(userID.Domain()) + if err != nil { + logrus.WithError(err).WithField("domain", userID.Domain()).Error("unable to find signing identity for domain") + return "", &util.JSONResponse{ + Code: http.StatusInternalServerError, + JSON: spec.InternalServerError{}, + } + } + + // If we are creating a room with pseudo IDs, create and sign the MXIDMapping + if createRequest.RoomVersion == gomatrixserverlib.RoomVersionPseudoIDs { + var pseudoIDKey ed25519.PrivateKey + pseudoIDKey, err = c.RSAPI.GetOrCreateUserRoomPrivateKey(ctx, userID, roomID) + if err != nil { + util.GetLogger(ctx).WithError(err).Error("GetOrCreateUserRoomPrivateKey failed") + return "", &util.JSONResponse{ + Code: http.StatusInternalServerError, + JSON: spec.InternalServerError{}, + } + } + + mapping := &gomatrixserverlib.MXIDMapping{ + UserRoomKey: strings.ToLower(base64.StdEncoding.WithPadding(base64.NoPadding).EncodeToString(pseudoIDKey.Public().(ed25519.PublicKey))), + UserID: userID.String(), + } + + // Sign the mapping with the server identity + if err = mapping.Sign(identity.ServerName, identity.KeyID, identity.PrivateKey); err != nil { + return "", &util.JSONResponse{ + Code: http.StatusInternalServerError, + JSON: spec.InternalServerError{}, + } + } + memberContent.MXIDMapping = mapping + + // sign all events with the pseudo ID key + identity = &fclient.SigningIdentity{ + ServerName: userID.Domain(), + KeyID: "self", + PrivateKey: pseudoIDKey, + } + } + membershipEvent.Content = memberContent + var nameEvent *gomatrixserverlib.FledglingEvent var topicEvent *gomatrixserverlib.FledglingEvent var guestAccessEvent *gomatrixserverlib.FledglingEvent @@ -314,7 +373,7 @@ func (c *Creator) PerformCreateRoom(ctx context.Context, userID spec.UserID, roo JSON: spec.InternalServerError{}, } } - ev, err = builder.Build(createRequest.EventTime, userID.Domain(), createRequest.KeyID, createRequest.PrivateKey) + ev, err = builder.Build(createRequest.EventTime, identity.ServerName, identity.KeyID, identity.PrivateKey) if err != nil { util.GetLogger(ctx).WithError(err).Error("buildEvent failed") return "", &util.JSONResponse{ @@ -355,29 +414,8 @@ func (c *Creator) PerformCreateRoom(ctx context.Context, userID spec.UserID, roo }) } - // first send the `m.room.create` event, so we have a roomNID - if err = api.SendInputRoomEvents(ctx, c.RSAPI, userID.Domain(), inputs[:1], false); err != nil { - util.GetLogger(ctx).WithError(err).Error("roomserverAPI.SendInputRoomEvents failed") - return "", &util.JSONResponse{ - Code: http.StatusInternalServerError, - JSON: spec.InternalServerError{}, - } - } - - // create user room key if needed - if createRequest.RoomVersion == gomatrixserverlib.RoomVersionPseudoIDs { - _, err = c.RSAPI.GetOrCreateUserRoomPrivateKey(ctx, userID, roomID) - if err != nil { - util.GetLogger(ctx).WithError(err).Error("GetOrCreateUserRoomPrivateKey failed") - return "", &util.JSONResponse{ - Code: http.StatusInternalServerError, - JSON: spec.InternalServerError{}, - } - } - } - - // send the remaining events - if err = api.SendInputRoomEvents(ctx, c.RSAPI, userID.Domain(), inputs[1:], false); err != nil { + // send the events to the roomserver + if err = api.SendInputRoomEvents(ctx, c.RSAPI, userID.Domain(), inputs, false); err != nil { util.GetLogger(ctx).WithError(err).Error("roomserverAPI.SendInputRoomEvents failed") return "", &util.JSONResponse{ Code: http.StatusInternalServerError, @@ -487,11 +525,6 @@ func (c *Creator) PerformCreateRoom(ctx context.Context, userID spec.UserID, roo } // Build the invite event. - identity := &fclient.SigningIdentity{ - ServerName: userID.Domain(), - KeyID: createRequest.KeyID, - PrivateKey: createRequest.PrivateKey, - } inviteEvent, err = eventutil.QueryAndBuildEvent(ctx, &proto, identity, createRequest.EventTime, c.RSAPI, nil) if err != nil {