0
0
Fork 1
mirror of https://mau.dev/maunium/synapse.git synced 2024-12-13 17:43:16 +01:00

Change upgrade script to not check hashes or signatures

This commit is contained in:
Erik Johnston 2014-12-16 17:29:22 +00:00
parent f06161a307
commit 28f71ecf0d

View file

@ -21,7 +21,7 @@ from syutil.crypto.signing_key import decode_verify_key_bytes
from syutil.jsonutil import encode_canonical_json from syutil.jsonutil import encode_canonical_json
import argparse import argparse
import dns.resolver # import dns.resolver
import hashlib import hashlib
import httplib import httplib
import json import json
@ -147,44 +147,44 @@ class Store(object):
store = Store() store = Store()
def get_key(server_name): # def get_key(server_name):
print "Getting keys for: %s" % (server_name,) # print "Getting keys for: %s" % (server_name,)
targets = [] # targets = []
if ":" in server_name: # if ":" in server_name:
target, port = server_name.split(":") # target, port = server_name.split(":")
targets.append((target, int(port))) # targets.append((target, int(port)))
try: # try:
answers = dns.resolver.query("_matrix._tcp." + server_name, "SRV") # answers = dns.resolver.query("_matrix._tcp." + server_name, "SRV")
for srv in answers: # for srv in answers:
targets.append((srv.target, srv.port)) # targets.append((srv.target, srv.port))
except dns.resolver.NXDOMAIN: # except dns.resolver.NXDOMAIN:
targets.append((server_name, 8448)) # targets.append((server_name, 8448))
except: # except:
print "Failed to lookup keys for %s" % (server_name,) # print "Failed to lookup keys for %s" % (server_name,)
return {} # return {}
#
for target, port in targets: # for target, port in targets:
url = "https://%s:%i/_matrix/key/v1" % (target, port) # url = "https://%s:%i/_matrix/key/v1" % (target, port)
try: # try:
keys = json.load(urllib2.urlopen(url, timeout=2)) # keys = json.load(urllib2.urlopen(url, timeout=2))
verify_keys = {} # verify_keys = {}
for key_id, key_base64 in keys["verify_keys"].items(): # for key_id, key_base64 in keys["verify_keys"].items():
verify_key = decode_verify_key_bytes( # verify_key = decode_verify_key_bytes(
key_id, decode_base64(key_base64) # key_id, decode_base64(key_base64)
) # )
verify_signed_json(keys, server_name, verify_key) # verify_signed_json(keys, server_name, verify_key)
verify_keys[key_id] = verify_key # verify_keys[key_id] = verify_key
print "Got keys for: %s" % (server_name,) # print "Got keys for: %s" % (server_name,)
return verify_keys # return verify_keys
except urllib2.URLError: # except urllib2.URLError:
pass # pass
except urllib2.HTTPError: # except urllib2.HTTPError:
pass # pass
except httplib.HTTPException: # except httplib.HTTPException:
pass # pass
#
print "Failed to get keys for %s" % (server_name,) # print "Failed to get keys for %s" % (server_name,)
return {} # return {}
def reinsert_events(cursor, server_name, signing_key): def reinsert_events(cursor, server_name, signing_key):
@ -219,13 +219,20 @@ def reinsert_events(cursor, server_name, signing_key):
} }
} }
i = 0
N = len(events)
for event in events: for event in events:
for alg_name in event.hashes: if i % 100 == 0:
if check_event_content_hash(event, algorithms[alg_name]): print "Processed: %d/%d events" % (i,N,)
pass i += 1
else:
pass # for alg_name in event.hashes:
print "FAIL content hash %s %s" % (alg_name, event.event_id, ) # if check_event_content_hash(event, algorithms[alg_name]):
# pass
# else:
# pass
# print "FAIL content hash %s %s" % (alg_name, event.event_id, )
have_own_correctly_signed = False have_own_correctly_signed = False
for host, sigs in event.signatures.items(): for host, sigs in event.signatures.items():
@ -233,7 +240,7 @@ def reinsert_events(cursor, server_name, signing_key):
for key_id in sigs: for key_id in sigs:
if host not in server_keys: if host not in server_keys:
server_keys[host] = get_key(host) server_keys[host] = {} # get_key(host)
if key_id in server_keys[host]: if key_id in server_keys[host]:
try: try:
verify_signed_json( verify_signed_json(