1
0

test_federation.py 14 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352
  1. # Copyright 2020 The Matrix.org Foundation C.I.C.
  2. #
  3. # Licensed under the Apache License, Version 2.0 (the "License");
  4. # you may not use this file except in compliance with the License.
  5. # You may obtain a copy of the License at
  6. #
  7. # http://www.apache.org/licenses/LICENSE-2.0
  8. #
  9. # Unless required by applicable law or agreed to in writing, software
  10. # distributed under the License is distributed on an "AS IS" BASIS,
  11. # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  12. # See the License for the specific language governing permissions and
  13. # limitations under the License.
  14. from unittest.mock import Mock
  15. from twisted.internet.defer import succeed
  16. from synapse.api.errors import FederationError
  17. from synapse.api.room_versions import RoomVersions
  18. from synapse.events import make_event_from_dict
  19. from synapse.federation.federation_base import event_from_pdu_json
  20. from synapse.logging.context import LoggingContext
  21. from synapse.types import UserID, create_requester
  22. from synapse.util import Clock
  23. from synapse.util.retryutils import NotRetryingDestination
  24. from tests import unittest
  25. from tests.server import ThreadedMemoryReactorClock, setup_test_homeserver
  26. from tests.test_utils import make_awaitable
  27. class MessageAcceptTests(unittest.HomeserverTestCase):
  28. def setUp(self):
  29. self.http_client = Mock()
  30. self.reactor = ThreadedMemoryReactorClock()
  31. self.hs_clock = Clock(self.reactor)
  32. self.homeserver = setup_test_homeserver(
  33. self.addCleanup,
  34. federation_http_client=self.http_client,
  35. clock=self.hs_clock,
  36. reactor=self.reactor,
  37. )
  38. user_id = UserID("us", "test")
  39. our_user = create_requester(user_id)
  40. room_creator = self.homeserver.get_room_creation_handler()
  41. self.room_id = self.get_success(
  42. room_creator.create_room(
  43. our_user, room_creator._presets_dict["public_chat"], ratelimit=False
  44. )
  45. )[0]["room_id"]
  46. self.store = self.homeserver.get_datastores().main
  47. # Figure out what the most recent event is
  48. most_recent = self.get_success(
  49. self.homeserver.get_datastores().main.get_latest_event_ids_in_room(
  50. self.room_id
  51. )
  52. )[0]
  53. join_event = make_event_from_dict(
  54. {
  55. "room_id": self.room_id,
  56. "sender": "@baduser:test.serv",
  57. "state_key": "@baduser:test.serv",
  58. "event_id": "$join:test.serv",
  59. "depth": 1000,
  60. "origin_server_ts": 1,
  61. "type": "m.room.member",
  62. "origin": "test.servx",
  63. "content": {"membership": "join"},
  64. "auth_events": [],
  65. "prev_state": [(most_recent, {})],
  66. "prev_events": [(most_recent, {})],
  67. }
  68. )
  69. self.handler = self.homeserver.get_federation_handler()
  70. federation_event_handler = self.homeserver.get_federation_event_handler()
  71. async def _check_event_auth(
  72. origin,
  73. event,
  74. context,
  75. ):
  76. return context
  77. federation_event_handler._check_event_auth = _check_event_auth
  78. self.client = self.homeserver.get_federation_client()
  79. self.client._check_sigs_and_hash_and_fetch = lambda dest, pdus, **k: succeed(
  80. pdus
  81. )
  82. # Send the join, it should return None (which is not an error)
  83. self.assertEqual(
  84. self.get_success(
  85. federation_event_handler.on_receive_pdu("test.serv", join_event)
  86. ),
  87. None,
  88. )
  89. # Make sure we actually joined the room
  90. self.assertEqual(
  91. self.get_success(self.store.get_latest_event_ids_in_room(self.room_id))[0],
  92. "$join:test.serv",
  93. )
  94. def test_cant_hide_direct_ancestors(self):
  95. """
  96. If you send a message, you must be able to provide the direct
  97. prev_events that said event references.
  98. """
  99. async def post_json(destination, path, data, headers=None, timeout=0):
  100. # If it asks us for new missing events, give them NOTHING
  101. if path.startswith("/_matrix/federation/v1/get_missing_events/"):
  102. return {"events": []}
  103. self.http_client.post_json = post_json
  104. # Figure out what the most recent event is
  105. most_recent = self.get_success(
  106. self.store.get_latest_event_ids_in_room(self.room_id)
  107. )[0]
  108. # Now lie about an event
  109. lying_event = make_event_from_dict(
  110. {
  111. "room_id": self.room_id,
  112. "sender": "@baduser:test.serv",
  113. "event_id": "one:test.serv",
  114. "depth": 1000,
  115. "origin_server_ts": 1,
  116. "type": "m.room.message",
  117. "origin": "test.serv",
  118. "content": {"body": "hewwo?"},
  119. "auth_events": [],
  120. "prev_events": [("two:test.serv", {}), (most_recent, {})],
  121. }
  122. )
  123. federation_event_handler = self.homeserver.get_federation_event_handler()
  124. with LoggingContext("test-context"):
  125. failure = self.get_failure(
  126. federation_event_handler.on_receive_pdu("test.serv", lying_event),
  127. FederationError,
  128. )
  129. # on_receive_pdu should throw an error
  130. self.assertEqual(
  131. failure.value.args[0],
  132. (
  133. "ERROR 403: Your server isn't divulging details about prev_events "
  134. "referenced in this event."
  135. ),
  136. )
  137. # Make sure the invalid event isn't there
  138. extrem = self.get_success(self.store.get_latest_event_ids_in_room(self.room_id))
  139. self.assertEqual(extrem[0], "$join:test.serv")
  140. def test_retry_device_list_resync(self):
  141. """Tests that device lists are marked as stale if they couldn't be synced, and
  142. that stale device lists are retried periodically.
  143. """
  144. remote_user_id = "@john:test_remote"
  145. remote_origin = "test_remote"
  146. # Track the number of attempts to resync the user's device list.
  147. self.resync_attempts = 0
  148. # When this function is called, increment the number of resync attempts (only if
  149. # we're querying devices for the right user ID), then raise a
  150. # NotRetryingDestination error to fail the resync gracefully.
  151. def query_user_devices(destination, user_id):
  152. if user_id == remote_user_id:
  153. self.resync_attempts += 1
  154. raise NotRetryingDestination(0, 0, destination)
  155. # Register the mock on the federation client.
  156. federation_client = self.homeserver.get_federation_client()
  157. federation_client.query_user_devices = Mock(side_effect=query_user_devices)
  158. # Register a mock on the store so that the incoming update doesn't fail because
  159. # we don't share a room with the user.
  160. store = self.homeserver.get_datastores().main
  161. store.get_rooms_for_user = Mock(return_value=make_awaitable(["!someroom:test"]))
  162. # Manually inject a fake device list update. We need this update to include at
  163. # least one prev_id so that the user's device list will need to be retried.
  164. device_list_updater = self.homeserver.get_device_handler().device_list_updater
  165. self.get_success(
  166. device_list_updater.incoming_device_list_update(
  167. origin=remote_origin,
  168. edu_content={
  169. "deleted": False,
  170. "device_display_name": "Mobile",
  171. "device_id": "QBUAZIFURK",
  172. "prev_id": [5],
  173. "stream_id": 6,
  174. "user_id": remote_user_id,
  175. },
  176. )
  177. )
  178. # Check that there was one resync attempt.
  179. self.assertEqual(self.resync_attempts, 1)
  180. # Check that the resync attempt failed and caused the user's device list to be
  181. # marked as stale.
  182. need_resync = self.get_success(
  183. store.get_user_ids_requiring_device_list_resync()
  184. )
  185. self.assertIn(remote_user_id, need_resync)
  186. # Check that waiting for 30 seconds caused Synapse to retry resyncing the device
  187. # list.
  188. self.reactor.advance(30)
  189. self.assertEqual(self.resync_attempts, 2)
  190. def test_cross_signing_keys_retry(self):
  191. """Tests that resyncing a device list correctly processes cross-signing keys from
  192. the remote server.
  193. """
  194. remote_user_id = "@john:test_remote"
  195. remote_master_key = "85T7JXPFBAySB/jwby4S3lBPTqY3+Zg53nYuGmu1ggY"
  196. remote_self_signing_key = "QeIiFEjluPBtI7WQdG365QKZcFs9kqmHir6RBD0//nQ"
  197. # Register mock device list retrieval on the federation client.
  198. federation_client = self.homeserver.get_federation_client()
  199. federation_client.query_user_devices = Mock(
  200. return_value=make_awaitable(
  201. {
  202. "user_id": remote_user_id,
  203. "stream_id": 1,
  204. "devices": [],
  205. "master_key": {
  206. "user_id": remote_user_id,
  207. "usage": ["master"],
  208. "keys": {"ed25519:" + remote_master_key: remote_master_key},
  209. },
  210. "self_signing_key": {
  211. "user_id": remote_user_id,
  212. "usage": ["self_signing"],
  213. "keys": {
  214. "ed25519:"
  215. + remote_self_signing_key: remote_self_signing_key
  216. },
  217. },
  218. }
  219. )
  220. )
  221. # Resync the device list.
  222. device_handler = self.homeserver.get_device_handler()
  223. self.get_success(
  224. device_handler.device_list_updater.user_device_resync(remote_user_id),
  225. )
  226. # Retrieve the cross-signing keys for this user.
  227. keys = self.get_success(
  228. self.store.get_e2e_cross_signing_keys_bulk(user_ids=[remote_user_id]),
  229. )
  230. self.assertTrue(remote_user_id in keys)
  231. # Check that the master key is the one returned by the mock.
  232. master_key = keys[remote_user_id]["master"]
  233. self.assertEqual(len(master_key["keys"]), 1)
  234. self.assertTrue("ed25519:" + remote_master_key in master_key["keys"].keys())
  235. self.assertTrue(remote_master_key in master_key["keys"].values())
  236. # Check that the self-signing key is the one returned by the mock.
  237. self_signing_key = keys[remote_user_id]["self_signing"]
  238. self.assertEqual(len(self_signing_key["keys"]), 1)
  239. self.assertTrue(
  240. "ed25519:" + remote_self_signing_key in self_signing_key["keys"].keys(),
  241. )
  242. self.assertTrue(remote_self_signing_key in self_signing_key["keys"].values())
  243. class StripUnsignedFromEventsTestCase(unittest.TestCase):
  244. def test_strip_unauthorized_unsigned_values(self):
  245. event1 = {
  246. "sender": "@baduser:test.serv",
  247. "state_key": "@baduser:test.serv",
  248. "event_id": "$event1:test.serv",
  249. "depth": 1000,
  250. "origin_server_ts": 1,
  251. "type": "m.room.member",
  252. "origin": "test.servx",
  253. "content": {"membership": "join"},
  254. "auth_events": [],
  255. "unsigned": {"malicious garbage": "hackz", "more warez": "more hackz"},
  256. }
  257. filtered_event = event_from_pdu_json(event1, RoomVersions.V1)
  258. # Make sure unauthorized fields are stripped from unsigned
  259. self.assertNotIn("more warez", filtered_event.unsigned)
  260. def test_strip_event_maintains_allowed_fields(self):
  261. event2 = {
  262. "sender": "@baduser:test.serv",
  263. "state_key": "@baduser:test.serv",
  264. "event_id": "$event2:test.serv",
  265. "depth": 1000,
  266. "origin_server_ts": 1,
  267. "type": "m.room.member",
  268. "origin": "test.servx",
  269. "auth_events": [],
  270. "content": {"membership": "join"},
  271. "unsigned": {
  272. "malicious garbage": "hackz",
  273. "more warez": "more hackz",
  274. "age": 14,
  275. "invite_room_state": [],
  276. },
  277. }
  278. filtered_event2 = event_from_pdu_json(event2, RoomVersions.V1)
  279. self.assertIn("age", filtered_event2.unsigned)
  280. self.assertEqual(14, filtered_event2.unsigned["age"])
  281. self.assertNotIn("more warez", filtered_event2.unsigned)
  282. # Invite_room_state is allowed in events of type m.room.member
  283. self.assertIn("invite_room_state", filtered_event2.unsigned)
  284. self.assertEqual([], filtered_event2.unsigned["invite_room_state"])
  285. def test_strip_event_removes_fields_based_on_event_type(self):
  286. event3 = {
  287. "sender": "@baduser:test.serv",
  288. "state_key": "@baduser:test.serv",
  289. "event_id": "$event3:test.serv",
  290. "depth": 1000,
  291. "origin_server_ts": 1,
  292. "type": "m.room.power_levels",
  293. "origin": "test.servx",
  294. "content": {},
  295. "auth_events": [],
  296. "unsigned": {
  297. "malicious garbage": "hackz",
  298. "more warez": "more hackz",
  299. "age": 14,
  300. "invite_room_state": [],
  301. },
  302. }
  303. filtered_event3 = event_from_pdu_json(event3, RoomVersions.V1)
  304. self.assertIn("age", filtered_event3.unsigned)
  305. # Invite_room_state field is only permitted in event type m.room.member
  306. self.assertNotIn("invite_room_state", filtered_event3.unsigned)
  307. self.assertNotIn("more warez", filtered_event3.unsigned)