mirror of
https://mau.dev/maunium/synapse.git
synced 2024-12-13 17:43:16 +01:00
Change upgrade script to not check hashes or signatures
This commit is contained in:
parent
f06161a307
commit
28f71ecf0d
1 changed files with 53 additions and 46 deletions
|
@ -21,7 +21,7 @@ from syutil.crypto.signing_key import decode_verify_key_bytes
|
||||||
from syutil.jsonutil import encode_canonical_json
|
from syutil.jsonutil import encode_canonical_json
|
||||||
|
|
||||||
import argparse
|
import argparse
|
||||||
import dns.resolver
|
# import dns.resolver
|
||||||
import hashlib
|
import hashlib
|
||||||
import httplib
|
import httplib
|
||||||
import json
|
import json
|
||||||
|
@ -147,44 +147,44 @@ class Store(object):
|
||||||
store = Store()
|
store = Store()
|
||||||
|
|
||||||
|
|
||||||
def get_key(server_name):
|
# def get_key(server_name):
|
||||||
print "Getting keys for: %s" % (server_name,)
|
# print "Getting keys for: %s" % (server_name,)
|
||||||
targets = []
|
# targets = []
|
||||||
if ":" in server_name:
|
# if ":" in server_name:
|
||||||
target, port = server_name.split(":")
|
# target, port = server_name.split(":")
|
||||||
targets.append((target, int(port)))
|
# targets.append((target, int(port)))
|
||||||
try:
|
# try:
|
||||||
answers = dns.resolver.query("_matrix._tcp." + server_name, "SRV")
|
# answers = dns.resolver.query("_matrix._tcp." + server_name, "SRV")
|
||||||
for srv in answers:
|
# for srv in answers:
|
||||||
targets.append((srv.target, srv.port))
|
# targets.append((srv.target, srv.port))
|
||||||
except dns.resolver.NXDOMAIN:
|
# except dns.resolver.NXDOMAIN:
|
||||||
targets.append((server_name, 8448))
|
# targets.append((server_name, 8448))
|
||||||
except:
|
# except:
|
||||||
print "Failed to lookup keys for %s" % (server_name,)
|
# print "Failed to lookup keys for %s" % (server_name,)
|
||||||
return {}
|
# return {}
|
||||||
|
#
|
||||||
for target, port in targets:
|
# for target, port in targets:
|
||||||
url = "https://%s:%i/_matrix/key/v1" % (target, port)
|
# url = "https://%s:%i/_matrix/key/v1" % (target, port)
|
||||||
try:
|
# try:
|
||||||
keys = json.load(urllib2.urlopen(url, timeout=2))
|
# keys = json.load(urllib2.urlopen(url, timeout=2))
|
||||||
verify_keys = {}
|
# verify_keys = {}
|
||||||
for key_id, key_base64 in keys["verify_keys"].items():
|
# for key_id, key_base64 in keys["verify_keys"].items():
|
||||||
verify_key = decode_verify_key_bytes(
|
# verify_key = decode_verify_key_bytes(
|
||||||
key_id, decode_base64(key_base64)
|
# key_id, decode_base64(key_base64)
|
||||||
)
|
# )
|
||||||
verify_signed_json(keys, server_name, verify_key)
|
# verify_signed_json(keys, server_name, verify_key)
|
||||||
verify_keys[key_id] = verify_key
|
# verify_keys[key_id] = verify_key
|
||||||
print "Got keys for: %s" % (server_name,)
|
# print "Got keys for: %s" % (server_name,)
|
||||||
return verify_keys
|
# return verify_keys
|
||||||
except urllib2.URLError:
|
# except urllib2.URLError:
|
||||||
pass
|
# pass
|
||||||
except urllib2.HTTPError:
|
# except urllib2.HTTPError:
|
||||||
pass
|
# pass
|
||||||
except httplib.HTTPException:
|
# except httplib.HTTPException:
|
||||||
pass
|
# pass
|
||||||
|
#
|
||||||
print "Failed to get keys for %s" % (server_name,)
|
# print "Failed to get keys for %s" % (server_name,)
|
||||||
return {}
|
# return {}
|
||||||
|
|
||||||
|
|
||||||
def reinsert_events(cursor, server_name, signing_key):
|
def reinsert_events(cursor, server_name, signing_key):
|
||||||
|
@ -219,13 +219,20 @@ def reinsert_events(cursor, server_name, signing_key):
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
i = 0
|
||||||
|
N = len(events)
|
||||||
|
|
||||||
for event in events:
|
for event in events:
|
||||||
for alg_name in event.hashes:
|
if i % 100 == 0:
|
||||||
if check_event_content_hash(event, algorithms[alg_name]):
|
print "Processed: %d/%d events" % (i,N,)
|
||||||
pass
|
i += 1
|
||||||
else:
|
|
||||||
pass
|
# for alg_name in event.hashes:
|
||||||
print "FAIL content hash %s %s" % (alg_name, event.event_id, )
|
# if check_event_content_hash(event, algorithms[alg_name]):
|
||||||
|
# pass
|
||||||
|
# else:
|
||||||
|
# pass
|
||||||
|
# print "FAIL content hash %s %s" % (alg_name, event.event_id, )
|
||||||
|
|
||||||
have_own_correctly_signed = False
|
have_own_correctly_signed = False
|
||||||
for host, sigs in event.signatures.items():
|
for host, sigs in event.signatures.items():
|
||||||
|
@ -233,7 +240,7 @@ def reinsert_events(cursor, server_name, signing_key):
|
||||||
|
|
||||||
for key_id in sigs:
|
for key_id in sigs:
|
||||||
if host not in server_keys:
|
if host not in server_keys:
|
||||||
server_keys[host] = get_key(host)
|
server_keys[host] = {} # get_key(host)
|
||||||
if key_id in server_keys[host]:
|
if key_id in server_keys[host]:
|
||||||
try:
|
try:
|
||||||
verify_signed_json(
|
verify_signed_json(
|
||||||
|
|
Loading…
Reference in a new issue