Merge branch 'release-v1.8.0' of github.com:matrix-org/synapse into matrix-org-hotfixes
This commit is contained in:
commit
bace86ed15
70
CHANGES.md
70
CHANGES.md
|
@ -1,3 +1,73 @@
|
|||
Synapse 1.8.0rc1 (2020-01-07)
|
||||
=============================
|
||||
|
||||
Features
|
||||
--------
|
||||
|
||||
- Add v2 APIs for the `send_join` and `send_leave` federation endpoints (as described in [MSC1802](https://github.com/matrix-org/matrix-doc/pull/1802)). ([\#6349](https://github.com/matrix-org/synapse/issues/6349))
|
||||
- Add a develop script to generate full SQL schemas. ([\#6394](https://github.com/matrix-org/synapse/issues/6394))
|
||||
- Add custom SAML username mapping functinality through an external provider plugin. ([\#6411](https://github.com/matrix-org/synapse/issues/6411))
|
||||
- Automatically delete empty groups/communities. ([\#6453](https://github.com/matrix-org/synapse/issues/6453))
|
||||
- Add option `limit_profile_requests_to_users_who_share_rooms` to prevent requirement of a local user sharing a room with another user to query their profile information. ([\#6523](https://github.com/matrix-org/synapse/issues/6523))
|
||||
- Add an `export_signing_key` script to extract the public part of signing keys when rotating them. ([\#6546](https://github.com/matrix-org/synapse/issues/6546))
|
||||
- Add experimental config option to specify multiple databases. ([\#6580](https://github.com/matrix-org/synapse/issues/6580))
|
||||
- Raise an error if someone tries to use the `log_file` config option. ([\#6626](https://github.com/matrix-org/synapse/issues/6626))
|
||||
|
||||
|
||||
Bugfixes
|
||||
--------
|
||||
|
||||
- Prevent redacted events from being returned during message search. ([\#6377](https://github.com/matrix-org/synapse/issues/6377), [\#6522](https://github.com/matrix-org/synapse/issues/6522))
|
||||
- Prevent error on trying to search a upgraded room when the server is not in the predecessor room. ([\#6385](https://github.com/matrix-org/synapse/issues/6385))
|
||||
- Improve performance of looking up cross-signing keys. ([\#6486](https://github.com/matrix-org/synapse/issues/6486))
|
||||
- Fix race which occasionally caused deleted devices to reappear. ([\#6514](https://github.com/matrix-org/synapse/issues/6514))
|
||||
- Fix missing row in `device_max_stream_id` that could cause unable to decrypt errors after server restart. ([\#6555](https://github.com/matrix-org/synapse/issues/6555))
|
||||
- Fix a bug which meant that we did not send systemd notifications on startup if acme was enabled. ([\#6571](https://github.com/matrix-org/synapse/issues/6571))
|
||||
- Fix exception when fetching the `matrix.org:ed25519:auto` key. ([\#6625](https://github.com/matrix-org/synapse/issues/6625))
|
||||
- Fix bug where a moderator upgraded a room and became an admin in the new room. ([\#6633](https://github.com/matrix-org/synapse/issues/6633))
|
||||
- Fix an error which was thrown by the `PresenceHandler` `_on_shutdown` handler. ([\#6640](https://github.com/matrix-org/synapse/issues/6640))
|
||||
- Fix exceptions in the synchrotron worker log when events are rejected. ([\#6645](https://github.com/matrix-org/synapse/issues/6645))
|
||||
- Ensure that upgraded rooms are removed from the directory. ([\#6648](https://github.com/matrix-org/synapse/issues/6648))
|
||||
- Fix a bug causing Synapse not to fetch missing events when it believes it has every event in the room. ([\#6652](https://github.com/matrix-org/synapse/issues/6652))
|
||||
|
||||
|
||||
Improved Documentation
|
||||
----------------------
|
||||
|
||||
- Document the Room Shutdown Admin API. ([\#6541](https://github.com/matrix-org/synapse/issues/6541))
|
||||
- Reword sections of [docs/federate.md](docs/federate.md) that explained delegation at time of Synapse 1.0 transition. ([\#6601](https://github.com/matrix-org/synapse/issues/6601))
|
||||
- Added the section 'Configuration' in [docs/turn-howto.md](docs/turn-howto.md). ([\#6614](https://github.com/matrix-org/synapse/issues/6614))
|
||||
|
||||
|
||||
Deprecations and Removals
|
||||
-------------------------
|
||||
|
||||
- Remove redundant code from event authorisation implementation. ([\#6502](https://github.com/matrix-org/synapse/issues/6502))
|
||||
- Remove unused, undocumented `/_matrix/content` API. ([\#6628](https://github.com/matrix-org/synapse/issues/6628))
|
||||
|
||||
|
||||
Internal Changes
|
||||
----------------
|
||||
|
||||
- Add *experimental* support for multiple physical databases and split out state storage to separate data store. ([\#6245](https://github.com/matrix-org/synapse/issues/6245), [\#6510](https://github.com/matrix-org/synapse/issues/6510), [\#6511](https://github.com/matrix-org/synapse/issues/6511), [\#6513](https://github.com/matrix-org/synapse/issues/6513), [\#6564](https://github.com/matrix-org/synapse/issues/6564), [\#6565](https://github.com/matrix-org/synapse/issues/6565))
|
||||
- Port sections of code base to async/await. ([\#6496](https://github.com/matrix-org/synapse/issues/6496), [\#6504](https://github.com/matrix-org/synapse/issues/6504), [\#6505](https://github.com/matrix-org/synapse/issues/6505), [\#6517](https://github.com/matrix-org/synapse/issues/6517), [\#6559](https://github.com/matrix-org/synapse/issues/6559), [\#6647](https://github.com/matrix-org/synapse/issues/6647), [\#6653](https://github.com/matrix-org/synapse/issues/6653))
|
||||
- Remove `SnapshotCache` in favour of `ResponseCache`. ([\#6506](https://github.com/matrix-org/synapse/issues/6506))
|
||||
- Silence mypy errors for files outside those specified. ([\#6512](https://github.com/matrix-org/synapse/issues/6512))
|
||||
- Clean up some logging when handling incoming events over federation. ([\#6515](https://github.com/matrix-org/synapse/issues/6515))
|
||||
- Test more folders against mypy. ([\#6534](https://github.com/matrix-org/synapse/issues/6534))
|
||||
- Update `mypy` to new version. ([\#6537](https://github.com/matrix-org/synapse/issues/6537))
|
||||
- Adjust the sytest blacklist for worker mode. ([\#6538](https://github.com/matrix-org/synapse/issues/6538))
|
||||
- Remove unused `get_pagination_rows` methods from `EventSource` classes. ([\#6557](https://github.com/matrix-org/synapse/issues/6557))
|
||||
- Clean up logs from the push notifier at startup. ([\#6558](https://github.com/matrix-org/synapse/issues/6558))
|
||||
- Improve diagnostics on database upgrade failure. ([\#6570](https://github.com/matrix-org/synapse/issues/6570))
|
||||
- Reduce the reconnect time when worker replication fails, to make it easier to catch up. ([\#6617](https://github.com/matrix-org/synapse/issues/6617))
|
||||
- Simplify http handling by removing redundant `SynapseRequestFactory`. ([\#6619](https://github.com/matrix-org/synapse/issues/6619))
|
||||
- Add a workaround for synapse raising exceptions when fetching the notary's own key from the notary. ([\#6620](https://github.com/matrix-org/synapse/issues/6620))
|
||||
- Automate generation of the sample log config. ([\#6627](https://github.com/matrix-org/synapse/issues/6627))
|
||||
- Simplify event creation code by removing redundant queries on the `event_reference_hashes` table. ([\#6629](https://github.com/matrix-org/synapse/issues/6629))
|
||||
- Fix errors when `frozen_dicts` are enabled. ([\#6642](https://github.com/matrix-org/synapse/issues/6642))
|
||||
|
||||
|
||||
Synapse 1.7.3 (2019-12-31)
|
||||
==========================
|
||||
|
||||
|
|
|
@ -1 +0,0 @@
|
|||
Split out state storage into separate data store.
|
|
@ -1 +0,0 @@
|
|||
Implement v2 APIs for the `send_join` and `send_leave` federation endpoints (as described in [MSC1802](https://github.com/matrix-org/matrix-doc/pull/1802)).
|
|
@ -1 +0,0 @@
|
|||
Prevent redacted events from being returned during message search.
|
|
@ -1 +0,0 @@
|
|||
Prevent error on trying to search a upgraded room when the server is not in the predecessor room.
|
|
@ -1 +0,0 @@
|
|||
Add a develop script to generate full SQL schemas.
|
|
@ -1 +0,0 @@
|
|||
Allow custom SAML username mapping functinality through an external provider plugin.
|
|
@ -1 +0,0 @@
|
|||
Automatically delete empty groups/communities.
|
|
@ -1 +0,0 @@
|
|||
Improve performance of looking up cross-signing keys.
|
|
@ -1 +0,0 @@
|
|||
Port synapse.handlers.initial_sync to async/await.
|
|
@ -1 +0,0 @@
|
|||
Remove redundant code from event authorisation implementation.
|
|
@ -1 +0,0 @@
|
|||
Port handlers.account_data and handlers.account_validity to async/await.
|
|
@ -1 +0,0 @@
|
|||
Make `make_deferred_yieldable` to work with async/await.
|
|
@ -1 +0,0 @@
|
|||
Remove `SnapshotCache` in favour of `ResponseCache`.
|
|
@ -1 +0,0 @@
|
|||
Change phone home stats to not assume there is a single database and report information about the database used by the main data store.
|
|
@ -1 +0,0 @@
|
|||
Move database config from apps into HomeServer object.
|
|
@ -1 +0,0 @@
|
|||
Silence mypy errors for files outside those specified.
|
|
@ -1 +0,0 @@
|
|||
Remove all assumptions of there being a single phyiscal DB apart from the `synapse.config`.
|
|
@ -1 +0,0 @@
|
|||
Fix race which occasionally caused deleted devices to reappear.
|
|
@ -1 +0,0 @@
|
|||
Clean up some logging when handling incoming events over federation.
|
|
@ -1 +0,0 @@
|
|||
Port some of FederationHandler to async/await.
|
|
@ -1 +0,0 @@
|
|||
Prevent redacted events from being returned during message search.
|
|
@ -1 +0,0 @@
|
|||
Add option `limit_profile_requests_to_users_who_share_rooms` to prevent requirement of a local user sharing a room with another user to query their profile information.
|
|
@ -1 +0,0 @@
|
|||
Test more folders against mypy.
|
|
@ -1 +0,0 @@
|
|||
Update `mypy` to new version.
|
|
@ -1 +0,0 @@
|
|||
Adjust the sytest blacklist for worker mode.
|
|
@ -1 +0,0 @@
|
|||
Document the Room Shutdown Admin API.
|
|
@ -1 +0,0 @@
|
|||
Add an export_signing_key script to extract the public part of signing keys when rotating them.
|
|
@ -1 +0,0 @@
|
|||
Fix missing row in device_max_stream_id that could cause unable to decrypt errors after server restart.
|
|
@ -1 +0,0 @@
|
|||
Remove unused `get_pagination_rows` methods from `EventSource` classes.
|
|
@ -1 +0,0 @@
|
|||
Clean up logs from the push notifier at startup.
|
|
@ -1 +0,0 @@
|
|||
Port `synapse.handlers.admin` and `synapse.handlers.deactivate_account` to async/await.
|
1
changelog.d/6563.bugfix
Normal file
1
changelog.d/6563.bugfix
Normal file
|
@ -0,0 +1 @@
|
|||
Fix GET request on /_synapse/admin/v2/users endpoint. Contributed by Awesome Technologies Innovationslabor GmbH.
|
|
@ -1 +0,0 @@
|
|||
Change `EventContext` to use the `Storage` class, in preparation for moving state database queries to a separate data store.
|
|
@ -1 +0,0 @@
|
|||
Add assertion that schema delta file names are unique.
|
|
@ -1 +0,0 @@
|
|||
Improve diagnostics on database upgrade failure.
|
|
@ -1 +0,0 @@
|
|||
Fix a bug which meant that we did not send systemd notifications on startup if acme was enabled.
|
|
@ -1 +0,0 @@
|
|||
Add experimental config option to specify multiple databases.
|
|
@ -1 +0,0 @@
|
|||
Reword sections of federate.md that explained delegation at time of Synapse 1.0 transition.
|
|
@ -1 +0,0 @@
|
|||
Added the section 'Configuration' in /docs/turn-howto.md.
|
|
@ -1 +0,0 @@
|
|||
Reduce the reconnect time when worker replication fails, to make it easier to catch up.
|
|
@ -1 +0,0 @@
|
|||
Simplify http handling by removing redundant SynapseRequestFactory.
|
|
@ -1 +0,0 @@
|
|||
Add a workaround for synapse raising exceptions when fetching the notary's own key from the notary.
|
|
@ -1 +0,0 @@
|
|||
Fix exception when fetching the `matrix.org:ed25519:auto` key.
|
|
@ -1 +0,0 @@
|
|||
Raise an error if someone tries to use the log_file config option.
|
|
@ -1 +0,0 @@
|
|||
Automate generation of the sample log config.
|
|
@ -1 +0,0 @@
|
|||
Remove unused, undocumented /_matrix/content API.
|
|
@ -1 +0,0 @@
|
|||
Simplify event creation code by removing redundant queries on the event_reference_hashes table.
|
|
@ -1 +0,0 @@
|
|||
Fix bug where a moderator upgraded a room and became an admin in the new room.
|
|
@ -1 +0,0 @@
|
|||
Fix an error which was thrown by the PresenceHandler _on_shutdown handler.
|
|
@ -1 +0,0 @@
|
|||
Fix errors when frozen_dicts are enabled.
|
|
@ -1 +0,0 @@
|
|||
Fix exceptions in the synchrotron worker log when events are rejected.
|
|
@ -1 +0,0 @@
|
|||
Port core background update routines to async/await.
|
|
@ -1 +0,0 @@
|
|||
Ensure that upgraded rooms are removed from the directory.
|
|
@ -1 +0,0 @@
|
|||
Fix a bug causing Synapse not to fetch missing events when it believes it has every event in the room.
|
|
@ -1 +0,0 @@
|
|||
Port core background update routines to async/await.
|
1
changelog.d/6657.bugfix
Normal file
1
changelog.d/6657.bugfix
Normal file
|
@ -0,0 +1 @@
|
|||
Fix incorrect signing of responses from the key server implementation.
|
|
@ -36,7 +36,7 @@ try:
|
|||
except ImportError:
|
||||
pass
|
||||
|
||||
__version__ = "1.7.3"
|
||||
__version__ = "1.8.0rc1"
|
||||
|
||||
if bool(os.environ.get("SYNAPSE_TEST_PATCH_LOG_CONTEXTS", False)):
|
||||
# We import here so that we don't have to install a bunch of deps when
|
||||
|
|
|
@ -15,7 +15,6 @@
|
|||
import logging
|
||||
|
||||
from canonicaljson import encode_canonical_json, json
|
||||
from signedjson.key import encode_verify_key_base64
|
||||
from signedjson.sign import sign_json
|
||||
|
||||
from twisted.internet import defer
|
||||
|
@ -217,28 +216,15 @@ class RemoteKey(DirectServeResource):
|
|||
if cache_misses and query_remote_on_cache_miss:
|
||||
yield self.fetcher.get_keys(cache_misses)
|
||||
yield self.query_keys(request, query, query_remote_on_cache_miss=False)
|
||||
return
|
||||
|
||||
signed_keys = []
|
||||
for key_json in json_results:
|
||||
key_json = json.loads(key_json)
|
||||
|
||||
# backwards-compatibility hack for #6596: if the requested key belongs
|
||||
# to us, make sure that all of the signing keys appear in the
|
||||
# "verify_keys" section.
|
||||
if key_json["server_name"] == self.config.server_name:
|
||||
verify_keys = key_json["verify_keys"]
|
||||
else:
|
||||
signed_keys = []
|
||||
for key_json in json_results:
|
||||
key_json = json.loads(key_json)
|
||||
for signing_key in self.config.key_server_signing_keys:
|
||||
key_id = "%s:%s" % (signing_key.alg, signing_key.version)
|
||||
verify_keys[key_id] = {
|
||||
"key": encode_verify_key_base64(signing_key.verify_key)
|
||||
}
|
||||
key_json = sign_json(key_json, self.config.server_name, signing_key)
|
||||
|
||||
for signing_key in self.config.key_server_signing_keys:
|
||||
key_json = sign_json(key_json, self.config.server_name, signing_key)
|
||||
signed_keys.append(key_json)
|
||||
|
||||
signed_keys.append(key_json)
|
||||
results = {"server_keys": signed_keys}
|
||||
|
||||
results = {"server_keys": signed_keys}
|
||||
|
||||
respond_with_json_bytes(request, 200, encode_canonical_json(results))
|
||||
respond_with_json_bytes(request, 200, encode_canonical_json(results))
|
||||
|
|
|
@ -526,9 +526,9 @@ class DataStore(
|
|||
|
||||
attr_filter = {}
|
||||
if not guests:
|
||||
attr_filter["is_guest"] = False
|
||||
attr_filter["is_guest"] = 0
|
||||
if not deactivated:
|
||||
attr_filter["deactivated"] = False
|
||||
attr_filter["deactivated"] = 0
|
||||
|
||||
return self.db.simple_select_list_paginate(
|
||||
desc="get_users_paginate",
|
||||
|
|
|
@ -341,6 +341,47 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):
|
|||
self.assertEqual("Invalid user type", channel.json_body["error"])
|
||||
|
||||
|
||||
class UsersListTestCase(unittest.HomeserverTestCase):
|
||||
|
||||
servlets = [
|
||||
synapse.rest.admin.register_servlets,
|
||||
login.register_servlets,
|
||||
]
|
||||
url = "/_synapse/admin/v2/users"
|
||||
|
||||
def prepare(self, reactor, clock, hs):
|
||||
self.admin_user = self.register_user("admin", "pass", admin=True)
|
||||
self.admin_user_tok = self.login("admin", "pass")
|
||||
|
||||
self.register_user("user1", "pass1", admin=False)
|
||||
self.register_user("user2", "pass2", admin=False)
|
||||
|
||||
def test_no_auth(self):
|
||||
"""
|
||||
Try to list users without authentication.
|
||||
"""
|
||||
request, channel = self.make_request("GET", self.url, b"{}")
|
||||
self.render(request)
|
||||
|
||||
self.assertEqual(401, int(channel.result["code"]), msg=channel.result["body"])
|
||||
self.assertEqual("M_MISSING_TOKEN", channel.json_body["errcode"])
|
||||
|
||||
def test_all_users(self):
|
||||
"""
|
||||
List all users, including deactivated users.
|
||||
"""
|
||||
request, channel = self.make_request(
|
||||
"GET",
|
||||
self.url + "?deactivated=true",
|
||||
b"{}",
|
||||
access_token=self.admin_user_tok,
|
||||
)
|
||||
self.render(request)
|
||||
|
||||
self.assertEqual(200, int(channel.result["code"]), msg=channel.result["body"])
|
||||
self.assertEqual(3, len(channel.json_body["users"]))
|
||||
|
||||
|
||||
class ShutdownRoomTestCase(unittest.HomeserverTestCase):
|
||||
servlets = [
|
||||
synapse.rest.admin.register_servlets_for_client_rest_resource,
|
||||
|
|
0
tests/rest/key/__init__.py
Normal file
0
tests/rest/key/__init__.py
Normal file
0
tests/rest/key/v2/__init__.py
Normal file
0
tests/rest/key/v2/__init__.py
Normal file
|
@ -13,25 +13,30 @@
|
|||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
import urllib.parse
|
||||
from io import BytesIO
|
||||
from io import BytesIO, StringIO
|
||||
|
||||
from mock import Mock
|
||||
|
||||
import signedjson.key
|
||||
from canonicaljson import encode_canonical_json
|
||||
from nacl.signing import SigningKey
|
||||
from signedjson.sign import sign_json
|
||||
|
||||
from twisted.web.resource import NoResource
|
||||
|
||||
from synapse.crypto.keyring import PerspectivesKeyFetcher
|
||||
from synapse.http.site import SynapseRequest
|
||||
from synapse.rest.key.v2 import KeyApiV2Resource
|
||||
from synapse.storage.keys import FetchKeyResult
|
||||
from synapse.util.httpresourcetree import create_resource_tree
|
||||
from synapse.util.stringutils import random_string
|
||||
|
||||
from tests import unittest
|
||||
from tests.server import FakeChannel, wait_until_result
|
||||
from tests.utils import default_config
|
||||
|
||||
|
||||
class RemoteKeyResourceTestCase(unittest.HomeserverTestCase):
|
||||
class BaseRemoteKeyResourceTestCase(unittest.HomeserverTestCase):
|
||||
def make_homeserver(self, reactor, clock):
|
||||
self.http_client = Mock()
|
||||
return self.setup_test_homeserver(http_client=self.http_client)
|
||||
|
@ -73,6 +78,8 @@ class RemoteKeyResourceTestCase(unittest.HomeserverTestCase):
|
|||
|
||||
self.http_client.get_json.side_effect = get_json
|
||||
|
||||
|
||||
class RemoteKeyResourceTestCase(BaseRemoteKeyResourceTestCase):
|
||||
def make_notary_request(self, server_name: str, key_id: str) -> dict:
|
||||
"""Send a GET request to the test server requesting the given key.
|
||||
|
||||
|
@ -125,6 +132,126 @@ class RemoteKeyResourceTestCase(unittest.HomeserverTestCase):
|
|||
oursigs = sigs[self.hs.hostname]
|
||||
self.assertEqual(len(oursigs), 2)
|
||||
|
||||
# and both keys should be present in the verify_keys section
|
||||
# the requested key should be present in the verify_keys section
|
||||
self.assertIn("ed25519:ver1", keys[0]["verify_keys"])
|
||||
self.assertIn("ed25519:a_lPym", keys[0]["verify_keys"])
|
||||
|
||||
|
||||
class EndToEndPerspectivesTests(BaseRemoteKeyResourceTestCase):
|
||||
"""End-to-end tests of the perspectives fetch case
|
||||
|
||||
The idea here is to actually wire up a PerspectivesKeyFetcher to the notary
|
||||
endpoint, to check that the two implementations are compatible.
|
||||
"""
|
||||
|
||||
def default_config(self, *args, **kwargs):
|
||||
config = super().default_config(*args, **kwargs)
|
||||
|
||||
# replace the signing key with our own
|
||||
self.hs_signing_key = signedjson.key.generate_signing_key("kssk")
|
||||
strm = StringIO()
|
||||
signedjson.key.write_signing_keys(strm, [self.hs_signing_key])
|
||||
config["signing_key"] = strm.getvalue()
|
||||
|
||||
return config
|
||||
|
||||
def prepare(self, reactor, clock, homeserver):
|
||||
# make a second homeserver, configured to use the first one as a key notary
|
||||
self.http_client2 = Mock()
|
||||
config = default_config(name="keyclient")
|
||||
config["trusted_key_servers"] = [
|
||||
{
|
||||
"server_name": self.hs.hostname,
|
||||
"verify_keys": {
|
||||
"ed25519:%s"
|
||||
% (
|
||||
self.hs_signing_key.version,
|
||||
): signedjson.key.encode_verify_key_base64(
|
||||
self.hs_signing_key.verify_key
|
||||
)
|
||||
},
|
||||
}
|
||||
]
|
||||
self.hs2 = self.setup_test_homeserver(
|
||||
http_client=self.http_client2, config=config
|
||||
)
|
||||
|
||||
# wire up outbound POST /key/v2/query requests from hs2 so that they
|
||||
# will be forwarded to hs1
|
||||
def post_json(destination, path, data):
|
||||
self.assertEqual(destination, self.hs.hostname)
|
||||
self.assertEqual(
|
||||
path, "/_matrix/key/v2/query",
|
||||
)
|
||||
|
||||
channel = FakeChannel(self.site, self.reactor)
|
||||
req = SynapseRequest(channel)
|
||||
req.content = BytesIO(encode_canonical_json(data))
|
||||
|
||||
req.requestReceived(
|
||||
b"POST", path.encode("utf-8"), b"1.1",
|
||||
)
|
||||
wait_until_result(self.reactor, req)
|
||||
self.assertEqual(channel.code, 200)
|
||||
resp = channel.json_body
|
||||
return resp
|
||||
|
||||
self.http_client2.post_json.side_effect = post_json
|
||||
|
||||
def test_get_key(self):
|
||||
"""Fetch a key belonging to a random server"""
|
||||
# make up a key to be fetched.
|
||||
testkey = signedjson.key.generate_signing_key("abc")
|
||||
|
||||
# we expect hs1 to make a regular key request to the target server
|
||||
self.expect_outgoing_key_request("targetserver", testkey)
|
||||
keyid = "ed25519:%s" % (testkey.version,)
|
||||
|
||||
fetcher = PerspectivesKeyFetcher(self.hs2)
|
||||
d = fetcher.get_keys({"targetserver": {keyid: 1000}})
|
||||
res = self.get_success(d)
|
||||
self.assertIn("targetserver", res)
|
||||
keyres = res["targetserver"][keyid]
|
||||
assert isinstance(keyres, FetchKeyResult)
|
||||
self.assertEqual(
|
||||
signedjson.key.encode_verify_key_base64(keyres.verify_key),
|
||||
signedjson.key.encode_verify_key_base64(testkey.verify_key),
|
||||
)
|
||||
|
||||
def test_get_notary_key(self):
|
||||
"""Fetch a key belonging to the notary server"""
|
||||
# make up a key to be fetched. We randomise the keyid to try to get it to
|
||||
# appear before the key server signing key sometimes (otherwise we bail out
|
||||
# before fetching its signature)
|
||||
testkey = signedjson.key.generate_signing_key(random_string(5))
|
||||
|
||||
# we expect hs1 to make a regular key request to itself
|
||||
self.expect_outgoing_key_request(self.hs.hostname, testkey)
|
||||
keyid = "ed25519:%s" % (testkey.version,)
|
||||
|
||||
fetcher = PerspectivesKeyFetcher(self.hs2)
|
||||
d = fetcher.get_keys({self.hs.hostname: {keyid: 1000}})
|
||||
res = self.get_success(d)
|
||||
self.assertIn(self.hs.hostname, res)
|
||||
keyres = res[self.hs.hostname][keyid]
|
||||
assert isinstance(keyres, FetchKeyResult)
|
||||
self.assertEqual(
|
||||
signedjson.key.encode_verify_key_base64(keyres.verify_key),
|
||||
signedjson.key.encode_verify_key_base64(testkey.verify_key),
|
||||
)
|
||||
|
||||
def test_get_notary_keyserver_key(self):
|
||||
"""Fetch the notary's keyserver key"""
|
||||
# we expect hs1 to make a regular key request to itself
|
||||
self.expect_outgoing_key_request(self.hs.hostname, self.hs_signing_key)
|
||||
keyid = "ed25519:%s" % (self.hs_signing_key.version,)
|
||||
|
||||
fetcher = PerspectivesKeyFetcher(self.hs2)
|
||||
d = fetcher.get_keys({self.hs.hostname: {keyid: 1000}})
|
||||
res = self.get_success(d)
|
||||
self.assertIn(self.hs.hostname, res)
|
||||
keyres = res[self.hs.hostname][keyid]
|
||||
assert isinstance(keyres, FetchKeyResult)
|
||||
self.assertEqual(
|
||||
signedjson.key.encode_verify_key_base64(keyres.verify_key),
|
||||
signedjson.key.encode_verify_key_base64(self.hs_signing_key.verify_key),
|
||||
)
|
||||
|
|
Loading…
Reference in a new issue