Be less panicky about auth event signatures in case they are not fatal after all
This commit is contained in:
parent
97a3b6bd00
commit
a72f687b95
|
@ -169,7 +169,7 @@ func (r *Inputer) processRoomEvent(
|
||||||
authEvents := gomatrixserverlib.NewAuthEvents(nil)
|
authEvents := gomatrixserverlib.NewAuthEvents(nil)
|
||||||
knownEvents := map[string]*types.Event{}
|
knownEvents := map[string]*types.Event{}
|
||||||
if err = r.fetchAuthEvents(ctx, logger, headered, &authEvents, knownEvents, serverRes.ServerNames); err != nil {
|
if err = r.fetchAuthEvents(ctx, logger, headered, &authEvents, knownEvents, serverRes.ServerNames); err != nil {
|
||||||
return fmt.Errorf("r.checkForMissingAuthEvents: %w", err)
|
return fmt.Errorf("r.fetchAuthEvents: %w", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
// Check if the event is allowed by its auth events. If it isn't then
|
// Check if the event is allowed by its auth events. If it isn't then
|
||||||
|
@ -415,12 +415,11 @@ func (r *Inputer) fetchAuthEvents(
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
|
|
||||||
// Check the signatures of the event.
|
// Check the signatures of the event. If this fails then we'll simply
|
||||||
// TODO: It really makes sense for the federation API to be doing this,
|
// skip it, because gomatrixserverlib.Allowed() will notice a problem
|
||||||
// because then it can attempt another server if one serves up an event
|
// if a critical event is missing anyway.
|
||||||
// with an invalid signature. For now this will do.
|
|
||||||
if err := authEvent.VerifyEventSignatures(ctx, r.FSAPI.KeyRing()); err != nil {
|
if err := authEvent.VerifyEventSignatures(ctx, r.FSAPI.KeyRing()); err != nil {
|
||||||
return fmt.Errorf("event.VerifyEventSignatures: %w", err)
|
continue
|
||||||
}
|
}
|
||||||
|
|
||||||
// In order to store the new auth event, we need to know its auth chain
|
// In order to store the new auth event, we need to know its auth chain
|
||||||
|
|
Loading…
Reference in a new issue