diff --git a/clientapi/routing/joinroom.go b/clientapi/routing/joinroom.go index e3748731e..dbce305fd 100644 --- a/clientapi/routing/joinroom.go +++ b/clientapi/routing/joinroom.go @@ -425,12 +425,14 @@ func (r joinRoomReq) checkSendJoinResponse( retries := map[string]bool{} retryCheck: + // TODO: Can we expand Check here to return a list of missing auth + // events rather than failing one at a time? if err := respSendJoin.Check(r.req.Context(), r.keyRing, event); err != nil { switch e := err.(type) { case gomatrixserverlib.MissingAuthEventError: // Check that we haven't already retried for this event, prevents // us from ending up in endless loops - if _, ok := retries[e.AuthEventID]; !ok { + if !retries[e.AuthEventID] { // Ask the server that we're talking to right now for the event tx, txerr := r.federation.GetEvent(r.req.Context(), server, e.AuthEventID) if txerr != nil { diff --git a/cmd/dendrite-client-api-server/main.go b/cmd/dendrite-client-api-server/main.go index eb6b1c63f..815a978a8 100644 --- a/cmd/dendrite-client-api-server/main.go +++ b/cmd/dendrite-client-api-server/main.go @@ -33,7 +33,7 @@ func main() { deviceDB := base.CreateDeviceDB() keyDB := base.CreateKeyDB() federation := base.CreateFederationClient() - keyRing := keydb.CreateKeyRing(federation.Client, keyDB, cfg) + keyRing := keydb.CreateKeyRing(federation.Client, keyDB, cfg.Matrix.KeyPerspectives) asQuery := base.CreateHTTPAppServiceAPIs() alias, input, query := base.CreateHTTPRoomserverAPIs() diff --git a/cmd/dendrite-demo-libp2p/main.go b/cmd/dendrite-demo-libp2p/main.go index 9843bf79f..f280c7483 100644 --- a/cmd/dendrite-demo-libp2p/main.go +++ b/cmd/dendrite-demo-libp2p/main.go @@ -146,7 +146,7 @@ func main() { deviceDB := base.Base.CreateDeviceDB() keyDB := createKeyDB(base) federation := createFederationClient(base) - keyRing := keydb.CreateKeyRing(federation.Client, keyDB, &cfg) + keyRing := keydb.CreateKeyRing(federation.Client, keyDB, cfg.Matrix.KeyPerspectives) alias, input, query := roomserver.SetupRoomServerComponent(&base.Base) eduInputAPI := eduserver.SetupEDUServerComponent(&base.Base, cache.New()) diff --git a/cmd/dendrite-federation-api-server/main.go b/cmd/dendrite-federation-api-server/main.go index 91ebee905..dd06cd3f9 100644 --- a/cmd/dendrite-federation-api-server/main.go +++ b/cmd/dendrite-federation-api-server/main.go @@ -33,7 +33,7 @@ func main() { keyDB := base.CreateKeyDB() federation := base.CreateFederationClient() federationSender := base.CreateHTTPFederationSenderAPIs() - keyRing := keydb.CreateKeyRing(federation.Client, keyDB, cfg) + keyRing := keydb.CreateKeyRing(federation.Client, keyDB, cfg.Matrix.KeyPerspectives) alias, input, query := base.CreateHTTPRoomserverAPIs() asQuery := base.CreateHTTPAppServiceAPIs() diff --git a/cmd/dendrite-monolith-server/main.go b/cmd/dendrite-monolith-server/main.go index 9e6782762..e105d3019 100644 --- a/cmd/dendrite-monolith-server/main.go +++ b/cmd/dendrite-monolith-server/main.go @@ -55,7 +55,7 @@ func main() { deviceDB := base.CreateDeviceDB() keyDB := base.CreateKeyDB() federation := base.CreateFederationClient() - keyRing := keydb.CreateKeyRing(federation.Client, keyDB, cfg) + keyRing := keydb.CreateKeyRing(federation.Client, keyDB, cfg.Matrix.KeyPerspectives) alias, input, query := roomserver.SetupRoomServerComponent(base) eduInputAPI := eduserver.SetupEDUServerComponent(base, cache.New()) diff --git a/common/config/config.go b/common/config/config.go index 98252782d..6b61fda7c 100644 --- a/common/config/config.go +++ b/common/config/config.go @@ -101,18 +101,7 @@ type Dendrite struct { RegistrationDisabled bool `yaml:"registration_disabled"` // Perspective keyservers, to use as a backup when direct key fetch // requests don't succeed - KeyPerspectives []struct { - // The server name of the perspective key server - ServerName gomatrixserverlib.ServerName `yaml:"server_name"` - // Server keys for the perspective user, used to verify the - // keys have been signed by the perspective server - Keys []struct { - // The key ID, e.g. ed25519:auto - KeyID gomatrixserverlib.KeyID `yaml:"key_id"` - // The public key in base64 unpadded format - PublicKey string `yaml:"public_key"` - } `yaml:"keys"` - } `yaml:"key_perspectives"` + KeyPerspectives KeyPerspectives `yaml:"key_perspectives"` } `yaml:"matrix"` // The configuration specific to the media repostitory. @@ -299,6 +288,21 @@ type Dendrite struct { } `yaml:"-"` } +// KeyPerspectives are used to configure perspective key servers for +// retrieving server keys. +type KeyPerspectives []struct { + // The server name of the perspective key server + ServerName gomatrixserverlib.ServerName `yaml:"server_name"` + // Server keys for the perspective user, used to verify the + // keys have been signed by the perspective server + Keys []struct { + // The key ID, e.g. ed25519:auto + KeyID gomatrixserverlib.KeyID `yaml:"key_id"` + // The public key in base64 unpadded format + PublicKey string `yaml:"public_key"` + } `yaml:"keys"` +} + // A Path on the filesystem. type Path string diff --git a/common/keydb/keyring.go b/common/keydb/keyring.go index b11a639de..7b6fa0d21 100644 --- a/common/keydb/keyring.go +++ b/common/keydb/keyring.go @@ -29,7 +29,7 @@ import ( // backed by the given KeyDatabase. func CreateKeyRing(client gomatrixserverlib.Client, keyDB gomatrixserverlib.KeyDatabase, - cfg *config.Dendrite) gomatrixserverlib.KeyRing { + cfg config.KeyPerspectives) gomatrixserverlib.KeyRing { fetchers := gomatrixserverlib.KeyRing{ KeyFetchers: []gomatrixserverlib.KeyFetcher{ @@ -43,7 +43,7 @@ func CreateKeyRing(client gomatrixserverlib.Client, logrus.Info("Enabled direct key fetcher") var b64e = base64.StdEncoding.WithPadding(base64.NoPadding) - for _, ps := range cfg.Matrix.KeyPerspectives { + for _, ps := range cfg { perspective := &gomatrixserverlib.PerspectiveKeyFetcher{ PerspectiveServerName: ps.ServerName, PerspectiveServerKeys: map[gomatrixserverlib.KeyID]ed25519.PublicKey{}, diff --git a/sytest-whitelist b/sytest-whitelist index d47bf1f60..7bd2a63c4 100644 --- a/sytest-whitelist +++ b/sytest-whitelist @@ -252,3 +252,4 @@ Outbound federation can send invites via v2 API User can invite local user to room with version 3 User can invite local user to room with version 4 A pair of servers can establish a join in a v2 room +Can logout all devices