mirror of
https://github.com/matrix-construct/construct
synced 2025-03-22 01:10:27 +01:00
modules/federation/send_join: Implement federation §10.0 Join amplification attack.
This commit is contained in:
Jason Volk
parent
1e0919de71
commit
0f3fea3b72
1 changed files with 24 additions and 0 deletions
|
|
@ -147,7 +147,31 @@ put__send_join(client &client,
|
|||
m::vm::opts vmopts
|
||||
{
|
||||
.node_id = request.node_id,
|
||||
|
||||
// Don't conduct fetches for any references they added.
|
||||
.fetch = false,
|
||||
|
||||
// Whether to conduct join amplification.
|
||||
.amplify =
|
||||
{
|
||||
// This is required by the spec, but...
|
||||
true
|
||||
|
||||
// Only if their server has no other users joined to the room.
|
||||
&& m::room::members(room_id).empty("join", request.node_id)
|
||||
|
||||
// If one of the following holds:
|
||||
&& (false
|
||||
|
||||
// If we've set an alias for this room, otherwise we're not
|
||||
// an official join server and they shouldn't be using us.
|
||||
|| m::room::aliases(room_id).has_server(origin(m::my()))
|
||||
|
||||
// Unless we invited them directly.
|
||||
// TODO: check if *we* invited them.
|
||||
|| m::membership(room_id, at<"state_key"_>(event), "invite")
|
||||
)
|
||||
}
|
||||
};
|
||||
|
||||
m::vm::eval eval
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue