MirrorHub/construct
0
0
Fork 0
mirror of https://github.com/matrix-construct/construct synced 2024-11-10 20:11:07 +01:00
Code Issues Releases Wiki Activity

modules/federation/send_join: Implement federation §10.0 Join amplification attack.

Browse source
This commit is contained in:
Jason Volk 2023-02-18 13:51:17 -08:00
parent 1e0919de71
commit 0f3fea3b72
1 changed files with 24 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

24
modules/federation/send_join.cc
View file

@ -147,7 +147,31 @@ put__send_join(client &client,
m::vm::opts vmopts m::vm::opts vmopts
{ {
.node_id = request.node_id, .node_id = request.node_id,
// Don't conduct fetches for any references they added.
.fetch = false, .fetch = false,
// Whether to conduct join amplification.
.amplify =
{
// This is required by the spec, but...
true
// Only if their server has no other users joined to the room.
&& m::room::members(room_id).empty("join", request.node_id)
// If one of the following holds:
&& (false
// If we've set an alias for this room, otherwise we're not
// an official join server and they shouldn't be using us.
|| m::room::aliases(room_id).has_server(origin(m::my()))
// Unless we invited them directly.
// TODO: check if *we* invited them.
|| m::membership(room_id, at<"state_key"_>(event), "invite")
)
}
}; };
m::vm::eval eval m::vm::eval eval