mirror of
https://mau.dev/maunium/synapse.git
synced 2024-12-14 09:43:46 +01:00
Only do restricted join rules signature checks for room versions 8/9. (#10927)
Otherwise the presence of a (bogus, unused) field could cause auth checks to fail.
This commit is contained in:
parent
a8bbf08576
commit
c3ccad7785
2 changed files with 3 additions and 1 deletions
1
changelog.d/10927.bugfix
Normal file
1
changelog.d/10927.bugfix
Normal file
|
@ -0,0 +1 @@
|
||||||
|
Fix a bug introduced in Synapse v1.40.0 where the signature checks for room version 8/9 could be applied to earlier room versions in some situations.
|
|
@ -113,7 +113,8 @@ def check(
|
||||||
raise AuthError(403, "Event not signed by sending server")
|
raise AuthError(403, "Event not signed by sending server")
|
||||||
|
|
||||||
is_invite_via_allow_rule = (
|
is_invite_via_allow_rule = (
|
||||||
event.type == EventTypes.Member
|
room_version_obj.msc3083_join_rules
|
||||||
|
and event.type == EventTypes.Member
|
||||||
and event.membership == Membership.JOIN
|
and event.membership == Membership.JOIN
|
||||||
and "join_authorised_via_users_server" in event.content
|
and "join_authorised_via_users_server" in event.content
|
||||||
)
|
)
|
||||||
|
|
Loading…
Reference in a new issue