From 9045b8e89fbe3fa1c441a59029365a98318180d8 Mon Sep 17 00:00:00 2001 From: Neil Alexander Date: Mon, 20 Apr 2020 17:42:34 +0100 Subject: Perspective key fetching, some federation room join fixes (#975) * Update gomatrixserverlib * Test matrix.org as perspective key server * Base64 decode better * Optional strict validity checking in gmsl * Update gomatrixserverlib * Attempt to find missing auth events over federation (this shouldn't happen but I am guessing there is a synapse bug involved where we don't get all of the auth events) * Update gomatrixserverlib, debug logging * Remove debugging output * More verbose debugging * Print outliers * Increase timeouts for testing, observe contexts before trying to join over more servers * Don't block on roomserver (experimental) * Don't block on roomserver * Update gomatrixserverlib * Update gomatrixserverlib * Configurable perspective key fetchers * Output number of configured keys for perspective * Example perspective config included * Undo debug stack trace * Undo debug stack trace * Restore original HTTP listener in monolith * Fix lint * Review comments * Set default HTTP server timeout to 5 minutes now, block again when joining * Don't use HTTP address for HTTPS whoops * Update gomatrixserverlib * Update gomatrixserverlib * Update gomatrixserverlib * Actually add perspectives * Actually add perspectives * Update gomatrixserverlib --- federationapi/routing/invite.go | 7 ++++--- federationapi/routing/join.go | 7 ++++--- federationapi/routing/leave.go | 7 ++++--- 3 files changed, 12 insertions(+), 9 deletions(-) (limited to 'federationapi') diff --git a/federationapi/routing/invite.go b/federationapi/routing/invite.go index 6c3e12e2..4b367e00 100644 --- a/federationapi/routing/invite.go +++ b/federationapi/routing/invite.go @@ -63,9 +63,10 @@ func Invite( // Check that the event is signed by the server sending the request. redacted := event.Redact() verifyRequests := []gomatrixserverlib.VerifyJSONRequest{{ - ServerName: event.Origin(), - Message: redacted.JSON(), - AtTS: event.OriginServerTS(), + ServerName: event.Origin(), + Message: redacted.JSON(), + AtTS: event.OriginServerTS(), + StrictValidityChecking: true, }} verifyResults, err := keys.VerifyJSONs(httpReq.Context(), verifyRequests) if err != nil { diff --git a/federationapi/routing/join.go b/federationapi/routing/join.go index 0a7b2300..e0678595 100644 --- a/federationapi/routing/join.go +++ b/federationapi/routing/join.go @@ -196,9 +196,10 @@ func SendJoin( // Check that the event is signed by the server sending the request. redacted := event.Redact() verifyRequests := []gomatrixserverlib.VerifyJSONRequest{{ - ServerName: event.Origin(), - Message: redacted.JSON(), - AtTS: event.OriginServerTS(), + ServerName: event.Origin(), + Message: redacted.JSON(), + AtTS: event.OriginServerTS(), + StrictValidityChecking: true, }} verifyResults, err := keys.VerifyJSONs(httpReq.Context(), verifyRequests) if err != nil { diff --git a/federationapi/routing/leave.go b/federationapi/routing/leave.go index e0a14263..6fc3b12e 100644 --- a/federationapi/routing/leave.go +++ b/federationapi/routing/leave.go @@ -145,9 +145,10 @@ func SendLeave( // Check that the event is signed by the server sending the request. redacted := event.Redact() verifyRequests := []gomatrixserverlib.VerifyJSONRequest{{ - ServerName: event.Origin(), - Message: redacted.JSON(), - AtTS: event.OriginServerTS(), + ServerName: event.Origin(), + Message: redacted.JSON(), + AtTS: event.OriginServerTS(), + StrictValidityChecking: true, }} verifyResults, err := keys.VerifyJSONs(httpReq.Context(), verifyRequests) if err != nil { -- cgit v1.2.3