mirror of
https://mau.dev/maunium/synapse.git
synced 2024-12-14 10:13:48 +01:00
Sanity-check room ids in event auth (#6530)
When we do an event auth operation, check that all of the events involved are in the right room.
This commit is contained in:
parent
5cadbd9ebb
commit
971a0702b5
2 changed files with 14 additions and 0 deletions
2
changelog.d/6530.misc
Normal file
2
changelog.d/6530.misc
Normal file
|
@ -0,0 +1,2 @@
|
||||||
|
Improve sanity-checking when receiving events over federation.
|
||||||
|
|
|
@ -50,6 +50,18 @@ def check(room_version, event, auth_events, do_sig_check=True, do_size_check=Tru
|
||||||
if not hasattr(event, "room_id"):
|
if not hasattr(event, "room_id"):
|
||||||
raise AuthError(500, "Event has no room_id: %s" % event)
|
raise AuthError(500, "Event has no room_id: %s" % event)
|
||||||
|
|
||||||
|
room_id = event.room_id
|
||||||
|
|
||||||
|
# I'm not really expecting to get auth events in the wrong room, but let's
|
||||||
|
# sanity-check it
|
||||||
|
for auth_event in auth_events.values():
|
||||||
|
if auth_event.room_id != room_id:
|
||||||
|
raise Exception(
|
||||||
|
"During auth for event %s in room %s, found event %s in the state "
|
||||||
|
"which is in room %s"
|
||||||
|
% (event.event_id, room_id, auth_event.event_id, auth_event.room_id)
|
||||||
|
)
|
||||||
|
|
||||||
if do_sig_check:
|
if do_sig_check:
|
||||||
sender_domain = get_domain_from_id(event.sender)
|
sender_domain = get_domain_from_id(event.sender)
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue