forked from MirrorHub/synapse
Add config option to hide device names over federation (#9945)
Now that cross signing exists there is much less of a need for other people to look at devices and verify them individually. This PR adds a config option to allow you to prevent device display names from being shared with other servers. Signed-off-by: Aaron Raimist <aaron@raim.ist>
This commit is contained in:
parent
b378d98c8f
commit
dc6366a9bd
4 changed files with 20 additions and 1 deletions
1
changelog.d/9945.feature
Normal file
1
changelog.d/9945.feature
Normal file
|
@ -0,0 +1 @@
|
||||||
|
Add a config option to allow you to prevent device display names from being shared over federation. Contributed by @aaronraimist.
|
|
@ -741,6 +741,12 @@ acme:
|
||||||
#
|
#
|
||||||
#allow_profile_lookup_over_federation: false
|
#allow_profile_lookup_over_federation: false
|
||||||
|
|
||||||
|
# Uncomment to disable device display name lookup over federation. By default, the
|
||||||
|
# Federation API allows other homeservers to obtain device display names of any user
|
||||||
|
# on this homeserver. Defaults to 'true'.
|
||||||
|
#
|
||||||
|
#allow_device_name_lookup_over_federation: false
|
||||||
|
|
||||||
|
|
||||||
## Caching ##
|
## Caching ##
|
||||||
|
|
||||||
|
|
|
@ -44,6 +44,10 @@ class FederationConfig(Config):
|
||||||
"allow_profile_lookup_over_federation", True
|
"allow_profile_lookup_over_federation", True
|
||||||
)
|
)
|
||||||
|
|
||||||
|
self.allow_device_name_lookup_over_federation = config.get(
|
||||||
|
"allow_device_name_lookup_over_federation", True
|
||||||
|
)
|
||||||
|
|
||||||
def generate_config_section(self, config_dir_path, server_name, **kwargs):
|
def generate_config_section(self, config_dir_path, server_name, **kwargs):
|
||||||
return """\
|
return """\
|
||||||
## Federation ##
|
## Federation ##
|
||||||
|
@ -75,6 +79,12 @@ class FederationConfig(Config):
|
||||||
# on this homeserver. Defaults to 'true'.
|
# on this homeserver. Defaults to 'true'.
|
||||||
#
|
#
|
||||||
#allow_profile_lookup_over_federation: false
|
#allow_profile_lookup_over_federation: false
|
||||||
|
|
||||||
|
# Uncomment to disable device display name lookup over federation. By default, the
|
||||||
|
# Federation API allows other homeservers to obtain device display names of any user
|
||||||
|
# on this homeserver. Defaults to 'true'.
|
||||||
|
#
|
||||||
|
#allow_device_name_lookup_over_federation: false
|
||||||
"""
|
"""
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -84,6 +84,8 @@ class EndToEndKeyWorkerStore(EndToEndKeyBackgroundStore):
|
||||||
if keys:
|
if keys:
|
||||||
result["keys"] = keys
|
result["keys"] = keys
|
||||||
|
|
||||||
|
device_display_name = None
|
||||||
|
if self.hs.config.allow_device_name_lookup_over_federation:
|
||||||
device_display_name = device.display_name
|
device_display_name = device.display_name
|
||||||
if device_display_name:
|
if device_display_name:
|
||||||
result["device_display_name"] = device_display_name
|
result["device_display_name"] = device_display_name
|
||||||
|
|
Loading…
Reference in a new issue