Home Explore Help
Sign In
RISCI_ATOM
/
synapse
mirror of https://github.com/matrix-org/synapse.git
1
0
Fork 0
Files Issues 3 Wiki
Browse Source

Fix `m.room_key_request` to-device messages (#9961)

fixes #9960
Richard van der Hoff 3 years ago
parent
2b2985b5cf
commit
7967b36efe
4 changed files with 32 additions and 26 deletions
Split View Show Diff Stats
  1. 1 0
      changelog.d/9961.bugfix
  2. 4 1
      synapse/api/constants.py
  3. 0 19
      synapse/federation/federation_server.py
  4. 27 6
      synapse/handlers/devicemessage.py

+ 1 - 0
changelog.d/9961.bugfix
View File 

@@ -0,0 +1 @@
 
+Fix a bug introduced in Synapse 1.29.0 which caused `m.room_key_request` to-device messages sent from one user to another to be dropped.

+ 4 - 1
synapse/api/constants.py
View File 

@@ -116,9 +116,12 @@ class EventTypes:
 
     MSC1772_SPACE_PARENT = "org.matrix.msc1772.space.parent"
 
 
 
+class ToDeviceEventTypes:
 
+    RoomKeyRequest = "m.room_key_request"
 
+
 
+
 
 class EduTypes:
 
     Presence = "m.presence"
 
-    RoomKeyRequest = "m.room_key_request"
 
 
 
 class RejectedReason:

+ 0 - 19
synapse/federation/federation_server.py
View File 

@@ -44,7 +44,6 @@ from synapse.api.errors import (
 
     SynapseError,
 
     UnsupportedRoomVersionError,
 
 )
 
-from synapse.api.ratelimiting import Ratelimiter
 
 from synapse.api.room_versions import KNOWN_ROOM_VERSIONS
 
 from synapse.events import EventBase
 
 from synapse.federation.federation_base import FederationBase, event_from_pdu_json
 
@@ -865,14 +864,6 @@ class FederationHandlerRegistry:
 
         # EDU received.
 
         self._edu_type_to_instance = {}  # type: Dict[str, List[str]]
 
 
-        # A rate limiter for incoming room key requests per origin.
 
-        self._room_key_request_rate_limiter = Ratelimiter(
 
-            store=hs.get_datastore(),
 
-            clock=self.clock,
 
-            rate_hz=self.config.rc_key_requests.per_second,
 
-            burst_count=self.config.rc_key_requests.burst_count,
 
-        )
 
-
 
     def register_edu_handler(
 
         self, edu_type: str, handler: Callable[[str, JsonDict], Awaitable[None]]
 
     ) -> None:
 
@@ -926,16 +917,6 @@ class FederationHandlerRegistry:
 
         if not self.config.use_presence and edu_type == EduTypes.Presence:
 
             return
 
 
-        # If the incoming room key requests from a particular origin are over
 
-        # the limit, drop them.
 
-        if (
 
-            edu_type == EduTypes.RoomKeyRequest
 
-            and not await self._room_key_request_rate_limiter.can_do_action(
 
-                None, origin
 
-            )
 
-        ):
 
-            return
 
-
 
         # Check if we have a handler on this instance
 
         handler = self.edu_handlers.get(edu_type)
 
         if handler:

+ 27 - 6
synapse/handlers/devicemessage.py
View File 

@@ -15,7 +15,7 @@
 
 import logging
 
 from typing import TYPE_CHECKING, Any, Dict
 
 
-from synapse.api.constants import EduTypes
 
+from synapse.api.constants import ToDeviceEventTypes
 
 from synapse.api.errors import SynapseError
 
 from synapse.api.ratelimiting import Ratelimiter
 
 from synapse.logging.context import run_in_background
 
@@ -79,6 +79,8 @@ class DeviceMessageHandler:
 
                 ReplicationUserDevicesResyncRestServlet.make_client(hs)
 
             )
 
 
+        # a rate limiter for room key requests.  The keys are
 
+        # (sending_user_id, sending_device_id).
 
         self._ratelimiter = Ratelimiter(
 
             store=self.store,
 
             clock=hs.get_clock(),
 
@@ -100,12 +102,25 @@ class DeviceMessageHandler:
 
         for user_id, by_device in content["messages"].items():
 
             # we use UserID.from_string to catch invalid user ids
 
             if not self.is_mine(UserID.from_string(user_id)):
 
-                logger.warning("Request for keys for non-local user %s", user_id)
 
+                logger.warning("To-device message to non-local user %s", user_id)
 
                 raise SynapseError(400, "Not a user here")
 
 
             if not by_device:
 
                 continue
 
 
+            # Ratelimit key requests by the sending user.
 
+            if message_type == ToDeviceEventTypes.RoomKeyRequest:
 
+                allowed, _ = await self._ratelimiter.can_do_action(
 
+                    None, (sender_user_id, None)
 
+                )
 
+                if not allowed:
 
+                    logger.info(
 
+                        "Dropping room_key_request from %s to %s due to rate limit",
 
+                        sender_user_id,
 
+                        user_id,
 
+                    )
 
+                    continue
 
+
 
             messages_by_device = {
 
                 device_id: {
 
                     "content": message_content,
 
@@ -192,13 +207,19 @@ class DeviceMessageHandler:
 
         for user_id, by_device in messages.items():
 
             # Ratelimit local cross-user key requests by the sending device.
 
             if (
 
-                message_type == EduTypes.RoomKeyRequest
 
+                message_type == ToDeviceEventTypes.RoomKeyRequest
 
                 and user_id != sender_user_id
 
-                and await self._ratelimiter.can_do_action(
 
+            ):
 
+                allowed, _ = await self._ratelimiter.can_do_action(
 
                     requester, (sender_user_id, requester.device_id)
 
                 )
 
-            ):
 
-                continue
 
+                if not allowed:
 
+                    logger.info(
 
+                        "Dropping room_key_request from %s to %s due to rate limit",
 
+                        sender_user_id,
 
+                        user_id,
 
+                    )
 
+                    continue
 
 
             # we use UserID.from_string to catch invalid user ids
 
             if self.is_mine(UserID.from_string(user_id)):