0
0
Fork 0
mirror of https://github.com/matrix-construct/construct synced 2025-01-13 16:33:53 +01:00

ircd:Ⓜ️:fetch: Add result check opts to request interface opts; feature authoritative_redactions.

This commit is contained in:
Jason Volk 2020-10-03 03:53:58 -07:00
parent 6179c511d4
commit e362a509d8
2 changed files with 52 additions and 13 deletions

View file

@ -106,6 +106,29 @@ struct ircd::m::fetch::opts
/// by the user here. The default of 0 will be replaced by some internal
/// configured limit like 8 or 16 etc.
size_t backfill_limit {0};
/// Whether to hash the result for event_id (ignored for v1/v2); this is
/// important to ignore poisonous results and continuing.
bool check_event_id {true};
/// Whether to run the conforms checks on the result; this is important
/// to screen out poisonous results while continuing to try other servers.
bool check_conforms {true};
/// Whether to check if the content hash matches. This might not match if
/// the event is redacted (or junk), so other servers will then be tried.
/// Note the case of authoriative redactions below; and if true that may
/// allow a condition for forcing check_hashes=false.
bool check_hashes {true};
/// Whether to allow content hash mismatch iff the result was received from
/// the event's origin. If the origin of the event wants to redact the
/// event we accept; otherwise we continue to look for an unredacted copy.
bool authoritative_redaction {true};
/// Whether to verify signature of result before accepting; this is
/// important to ignore poisonous results and continuing.
bool check_signature {true};
};
struct ircd::m::fetch::result

View file

@ -728,7 +728,8 @@ namespace ircd::m::fetch
extern conf::item<bool> check_event_id;
extern conf::item<bool> check_conforms;
extern conf::item<bool> check_signature;
extern conf::item<bool> check_redacted;
extern conf::item<bool> check_hashes;
extern conf::item<bool> check_authoritative_redaction;
}
decltype(ircd::m::fetch::check_event_id)
@ -745,10 +746,17 @@ ircd::m::fetch::check_conforms
{ "default", true },
};
decltype(ircd::m::fetch::check_redacted)
ircd::m::fetch::check_redacted
decltype(ircd::m::fetch::check_hashes)
ircd::m::fetch::check_hashes
{
{ "name", "ircd.m.fetch.check.redacted" },
{ "name", "ircd.m.fetch.check.hashes" },
{ "default", true },
};
decltype(ircd::m::fetch::check_authoritative_redaction)
ircd::m::fetch::check_authoritative_redaction
{
{ "name", "ircd.m.fetch.check.authoritative_redaction" },
{ "default", true },
};
@ -861,7 +869,7 @@ void
ircd::m::fetch::_check_event(const request &request,
const m::event &event)
{
if(check_event_id && !m::check_id(event))
if(request.opts.check_event_id && check_event_id && !m::check_id(event))
{
event::id::buf buf;
const m::event &claim
@ -877,21 +885,29 @@ ircd::m::fetch::_check_event(const request &request,
};
}
if(check_conforms)
if(request.opts.check_conforms && check_conforms)
{
m::event::conforms conforms
{
event
};
const bool redacted
const bool mismatch_hashes
{
check_redacted && conforms.has(m::event::conforms::MISMATCH_HASHES)?
bool(m::redacted(request.opts.event_id)):
false
check_hashes
&& request.opts.check_hashes
&& conforms.has(m::event::conforms::MISMATCH_HASHES)
};
if(redacted || !check_redacted)
const bool authoritative_redaction
{
check_authoritative_redaction
&& request.opts.authoritative_redaction
&& mismatch_hashes
&& json::get<"origin"_>(event) == request.origin
};
if(authoritative_redaction)
conforms.del(m::event::conforms::MISMATCH_HASHES);
thread_local char buf[128];
@ -910,7 +926,7 @@ ircd::m::fetch::_check_event(const request &request,
}
// only check signature for v1 events
if(check_signature && request.opts.event_id.version() == "1")
if(request.opts.check_signature && check_signature && request.opts.event_id.version() == "1")
{
const string_view &server
{