123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317131813191320132113221323132413251326132713281329133013311332133313341335133613371338133913401341134213431344134513461347134813491350135113521353135413551356135713581359136013611362136313641365136613671368136913701371137213731374137513761377137813791380138113821383138413851386138713881389139013911392139313941395139613971398139914001401140214031404140514061407140814091410141114121413141414151416141714181419142014211422142314241425142614271428142914301431143214331434143514361437143814391440144114421443144414451446144714481449145014511452145314541455145614571458145914601461146214631464146514661467146814691470147114721473147414751476147714781479148014811482148314841485148614871488148914901491149214931494149514961497149814991500150115021503150415051506150715081509151015111512151315141515151615171518151915201521152215231524152515261527152815291530153115321533153415351536153715381539154015411542154315441545154615471548154915501551155215531554155515561557155815591560156115621563156415651566156715681569157015711572157315741575157615771578157915801581158215831584158515861587158815891590159115921593159415951596159715981599160016011602160316041605160616071608160916101611161216131614161516161617161816191620162116221623162416251626162716281629163016311632163316341635163616371638163916401641164216431644164516461647164816491650165116521653165416551656165716581659166016611662166316641665166616671668166916701671167216731674167516761677167816791680168116821683168416851686168716881689169016911692169316941695169616971698169917001701170217031704170517061707170817091710171117121713171417151716171717181719172017211722172317241725172617271728172917301731173217331734173517361737173817391740174117421743174417451746174717481749175017511752175317541755175617571758175917601761176217631764176517661767176817691770177117721773177417751776177717781779178017811782178317841785178617871788178917901791179217931794179517961797179817991800180118021803180418051806180718081809181018111812181318141815181618171818181918201821182218231824182518261827182818291830183118321833183418351836183718381839184018411842184318441845184618471848184918501851185218531854185518561857185818591860186118621863186418651866186718681869187018711872187318741875187618771878187918801881188218831884188518861887188818891890189118921893189418951896189718981899190019011902190319041905190619071908190919101911191219131914191519161917191819191920192119221923192419251926192719281929193019311932193319341935193619371938193919401941194219431944194519461947194819491950195119521953195419551956195719581959196019611962196319641965196619671968196919701971197219731974197519761977197819791980198119821983198419851986198719881989199019911992199319941995199619971998199920002001200220032004200520062007200820092010201120122013201420152016201720182019202020212022202320242025202620272028202920302031203220332034203520362037203820392040204120422043204420452046204720482049205020512052205320542055205620572058205920602061206220632064206520662067206820692070207120722073207420752076207720782079208020812082208320842085208620872088208920902091209220932094209520962097209820992100210121022103210421052106210721082109211021112112211321142115211621172118211921202121212221232124212521262127212821292130213121322133213421352136213721382139214021412142214321442145214621472148214921502151215221532154215521562157215821592160216121622163216421652166216721682169217021712172217321742175217621772178217921802181218221832184218521862187218821892190219121922193219421952196219721982199220022012202220322042205220622072208220922102211221222132214221522162217221822192220222122222223222422252226222722282229223022312232223322342235223622372238223922402241224222432244224522462247224822492250225122522253225422552256225722582259226022612262226322642265226622672268226922702271227222732274227522762277227822792280228122822283228422852286228722882289229022912292229322942295229622972298229923002301230223032304230523062307230823092310231123122313231423152316231723182319232023212322232323242325232623272328232923302331233223332334233523362337233823392340234123422343234423452346234723482349235023512352235323542355235623572358235923602361236223632364236523662367236823692370237123722373237423752376237723782379238023812382238323842385238623872388238923902391239223932394239523962397239823992400240124022403240424052406240724082409241024112412241324142415241624172418241924202421242224232424242524262427242824292430243124322433243424352436243724382439244024412442244324442445244624472448244924502451245224532454245524562457245824592460246124622463246424652466246724682469247024712472247324742475247624772478247924802481248224832484248524862487248824892490249124922493249424952496249724982499250025012502 |
- # -*- coding: utf-8 -*-
- # Copyright 2014-2016 OpenMarket Ltd
- # Copyright 2018 New Vector Ltd
- #
- # Licensed under the Apache License, Version 2.0 (the "License");
- # you may not use this file except in compliance with the License.
- # You may obtain a copy of the License at
- #
- # http://www.apache.org/licenses/LICENSE-2.0
- #
- # Unless required by applicable law or agreed to in writing, software
- # distributed under the License is distributed on an "AS IS" BASIS,
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- # See the License for the specific language governing permissions and
- # limitations under the License.
- """Contains handlers for federation events."""
- import itertools
- import logging
- import sys
- import six
- from six import iteritems
- from six.moves import http_client
- from signedjson.key import decode_verify_key_bytes
- from signedjson.sign import verify_signed_json
- from unpaddedbase64 import decode_base64
- from twisted.internet import defer
- from synapse.api.constants import EventTypes, Membership, RejectedReason
- from synapse.api.errors import (
- AuthError,
- CodeMessageException,
- FederationDeniedError,
- FederationError,
- StoreError,
- SynapseError,
- )
- from synapse.crypto.event_signing import (
- add_hashes_and_signatures,
- compute_event_signature,
- )
- from synapse.events.utils import prune_event
- from synapse.events.validator import EventValidator
- from synapse.state import resolve_events_with_factory
- from synapse.types import UserID, get_domain_from_id
- from synapse.util import logcontext, unwrapFirstError
- from synapse.util.async import Linearizer
- from synapse.util.distributor import user_joined_room
- from synapse.util.frozenutils import unfreeze
- from synapse.util.logutils import log_function
- from synapse.util.metrics import measure_func
- from synapse.util.retryutils import NotRetryingDestination
- from ._base import BaseHandler
- logger = logging.getLogger(__name__)
- class FederationHandler(BaseHandler):
- """Handles events that originated from federation.
- Responsible for:
- a) handling received Pdus before handing them on as Events to the rest
- of the home server (including auth and state conflict resoultion)
- b) converting events that were produced by local clients that may need
- to be sent to remote home servers.
- c) doing the necessary dances to invite remote users and join remote
- rooms.
- """
- def __init__(self, hs):
- super(FederationHandler, self).__init__(hs)
- self.hs = hs
- self.store = hs.get_datastore()
- self.replication_layer = hs.get_federation_client()
- self.state_handler = hs.get_state_handler()
- self.server_name = hs.hostname
- self.keyring = hs.get_keyring()
- self.action_generator = hs.get_action_generator()
- self.is_mine_id = hs.is_mine_id
- self.pusher_pool = hs.get_pusherpool()
- self.spam_checker = hs.get_spam_checker()
- self.event_creation_handler = hs.get_event_creation_handler()
- self._server_notices_mxid = hs.config.server_notices_mxid
- # When joining a room we need to queue any events for that room up
- self.room_queues = {}
- self._room_pdu_linearizer = Linearizer("fed_room_pdu")
- @defer.inlineCallbacks
- @log_function
- def on_receive_pdu(
- self, origin, pdu, get_missing=True, sent_to_us_directly=False,
- ):
- """ Process a PDU received via a federation /send/ transaction, or
- via backfill of missing prev_events
- Args:
- origin (str): server which initiated the /send/ transaction. Will
- be used to fetch missing events or state.
- pdu (FrozenEvent): received PDU
- get_missing (bool): True if we should fetch missing prev_events
- Returns (Deferred): completes with None
- """
- # We reprocess pdus when we have seen them only as outliers
- existing = yield self.store.get_event(
- pdu.event_id,
- allow_none=True,
- allow_rejected=True,
- )
- # FIXME: Currently we fetch an event again when we already have it
- # if it has been marked as an outlier.
- already_seen = (
- existing and (
- not existing.internal_metadata.is_outlier()
- or pdu.internal_metadata.is_outlier()
- )
- )
- if already_seen:
- logger.debug("Already seen pdu %s", pdu.event_id)
- return
- # do some initial sanity-checking of the event. In particular, make
- # sure it doesn't have hundreds of prev_events or auth_events, which
- # could cause a huge state resolution or cascade of event fetches.
- try:
- self._sanity_check_event(pdu)
- except SynapseError as err:
- raise FederationError(
- "ERROR",
- err.code,
- err.msg,
- affected=pdu.event_id,
- )
- # If we are currently in the process of joining this room, then we
- # queue up events for later processing.
- if pdu.room_id in self.room_queues:
- logger.info("Ignoring PDU %s for room %s from %s for now; join "
- "in progress", pdu.event_id, pdu.room_id, origin)
- self.room_queues[pdu.room_id].append((pdu, origin))
- return
- # If we're no longer in the room just ditch the event entirely. This
- # is probably an old server that has come back and thinks we're still
- # in the room (or we've been rejoined to the room by a state reset).
- #
- # If we were never in the room then maybe our database got vaped and
- # we should check if we *are* in fact in the room. If we are then we
- # can magically rejoin the room.
- is_in_room = yield self.auth.check_host_in_room(
- pdu.room_id,
- self.server_name
- )
- if not is_in_room:
- was_in_room = yield self.store.was_host_joined(
- pdu.room_id, self.server_name,
- )
- if was_in_room:
- logger.info(
- "Ignoring PDU %s for room %s from %s as we've left the room!",
- pdu.event_id, pdu.room_id, origin,
- )
- defer.returnValue(None)
- state = None
- auth_chain = []
- # Get missing pdus if necessary.
- if not pdu.internal_metadata.is_outlier():
- # We only backfill backwards to the min depth.
- min_depth = yield self.get_min_depth_for_context(
- pdu.room_id
- )
- logger.debug(
- "_handle_new_pdu min_depth for %s: %d",
- pdu.room_id, min_depth
- )
- prevs = {e_id for e_id, _ in pdu.prev_events}
- seen = yield self.store.have_seen_events(prevs)
- if min_depth and pdu.depth < min_depth:
- # This is so that we don't notify the user about this
- # message, to work around the fact that some events will
- # reference really really old events we really don't want to
- # send to the clients.
- pdu.internal_metadata.outlier = True
- elif min_depth and pdu.depth > min_depth:
- if get_missing and prevs - seen:
- # If we're missing stuff, ensure we only fetch stuff one
- # at a time.
- logger.info(
- "Acquiring lock for room %r to fetch %d missing events: %r...",
- pdu.room_id, len(prevs - seen), list(prevs - seen)[:5],
- )
- with (yield self._room_pdu_linearizer.queue(pdu.room_id)):
- logger.info(
- "Acquired lock for room %r to fetch %d missing events",
- pdu.room_id, len(prevs - seen),
- )
- yield self._get_missing_events_for_pdu(
- origin, pdu, prevs, min_depth
- )
- # Update the set of things we've seen after trying to
- # fetch the missing stuff
- seen = yield self.store.have_seen_events(prevs)
- if not prevs - seen:
- logger.info(
- "Found all missing prev events for %s", pdu.event_id
- )
- elif prevs - seen:
- logger.info(
- "Not fetching %d missing events for room %r,event %s: %r...",
- len(prevs - seen), pdu.room_id, pdu.event_id,
- list(prevs - seen)[:5],
- )
- if sent_to_us_directly and prevs - seen:
- # If they have sent it to us directly, and the server
- # isn't telling us about the auth events that it's
- # made a message referencing, we explode
- raise FederationError(
- "ERROR",
- 403,
- (
- "Your server isn't divulging details about prev_events "
- "referenced in this event."
- ),
- affected=pdu.event_id,
- )
- elif prevs - seen:
- # Calculate the state of the previous events, and
- # de-conflict them to find the current state.
- state_groups = []
- auth_chains = set()
- try:
- # Get the state of the events we know about
- ours = yield self.store.get_state_groups(pdu.room_id, list(seen))
- state_groups.append(ours)
- # Ask the remote server for the states we don't
- # know about
- for p in prevs - seen:
- state, got_auth_chain = (
- yield self.replication_layer.get_state_for_room(
- origin, pdu.room_id, p
- )
- )
- auth_chains.update(got_auth_chain)
- state_group = {(x.type, x.state_key): x.event_id for x in state}
- state_groups.append(state_group)
- # Resolve any conflicting state
- def fetch(ev_ids):
- return self.store.get_events(
- ev_ids, get_prev_content=False, check_redacted=False
- )
- state_map = yield resolve_events_with_factory(
- state_groups, {pdu.event_id: pdu}, fetch
- )
- state = (yield self.store.get_events(state_map.values())).values()
- auth_chain = list(auth_chains)
- except Exception:
- raise FederationError(
- "ERROR",
- 403,
- "We can't get valid state history.",
- affected=pdu.event_id,
- )
- yield self._process_received_pdu(
- origin,
- pdu,
- state=state,
- auth_chain=auth_chain,
- )
- @defer.inlineCallbacks
- def _get_missing_events_for_pdu(self, origin, pdu, prevs, min_depth):
- """
- Args:
- origin (str): Origin of the pdu. Will be called to get the missing events
- pdu: received pdu
- prevs (set(str)): List of event ids which we are missing
- min_depth (int): Minimum depth of events to return.
- """
- # We recalculate seen, since it may have changed.
- seen = yield self.store.have_seen_events(prevs)
- if not prevs - seen:
- return
- latest = yield self.store.get_latest_event_ids_in_room(
- pdu.room_id
- )
- # We add the prev events that we have seen to the latest
- # list to ensure the remote server doesn't give them to us
- latest = set(latest)
- latest |= seen
- logger.info(
- "Missing %d events for room %r pdu %s: %r...",
- len(prevs - seen), pdu.room_id, pdu.event_id, list(prevs - seen)[:5]
- )
- # XXX: we set timeout to 10s to help workaround
- # https://github.com/matrix-org/synapse/issues/1733.
- # The reason is to avoid holding the linearizer lock
- # whilst processing inbound /send transactions, causing
- # FDs to stack up and block other inbound transactions
- # which empirically can currently take up to 30 minutes.
- #
- # N.B. this explicitly disables retry attempts.
- #
- # N.B. this also increases our chances of falling back to
- # fetching fresh state for the room if the missing event
- # can't be found, which slightly reduces our security.
- # it may also increase our DAG extremity count for the room,
- # causing additional state resolution? See #1760.
- # However, fetching state doesn't hold the linearizer lock
- # apparently.
- #
- # see https://github.com/matrix-org/synapse/pull/1744
- missing_events = yield self.replication_layer.get_missing_events(
- origin,
- pdu.room_id,
- earliest_events_ids=list(latest),
- latest_events=[pdu],
- limit=10,
- min_depth=min_depth,
- timeout=10000,
- )
- logger.info(
- "Got %d events: %r...",
- len(missing_events), [e.event_id for e in missing_events[:5]]
- )
- # We want to sort these by depth so we process them and
- # tell clients about them in order.
- missing_events.sort(key=lambda x: x.depth)
- for e in missing_events:
- logger.info("Handling found event %s", e.event_id)
- try:
- yield self.on_receive_pdu(
- origin,
- e,
- get_missing=False
- )
- except FederationError as e:
- if e.code == 403:
- logger.warn("Event %s failed history check.")
- else:
- raise
- @log_function
- @defer.inlineCallbacks
- def _process_received_pdu(self, origin, pdu, state, auth_chain):
- """ Called when we have a new pdu. We need to do auth checks and put it
- through the StateHandler.
- """
- event = pdu
- logger.debug("Processing event: %s", event)
- # FIXME (erikj): Awful hack to make the case where we are not currently
- # in the room work
- # If state and auth_chain are None, then we don't need to do this check
- # as we already know we have enough state in the DB to handle this
- # event.
- if state and auth_chain and not event.internal_metadata.is_outlier():
- is_in_room = yield self.auth.check_host_in_room(
- event.room_id,
- self.server_name
- )
- else:
- is_in_room = True
- if not is_in_room:
- logger.info(
- "Got event for room we're not in: %r %r",
- event.room_id, event.event_id
- )
- try:
- event_stream_id, max_stream_id = yield self._persist_auth_tree(
- origin, auth_chain, state, event
- )
- except AuthError as e:
- raise FederationError(
- "ERROR",
- e.code,
- e.msg,
- affected=event.event_id,
- )
- else:
- event_ids = set()
- if state:
- event_ids |= {e.event_id for e in state}
- if auth_chain:
- event_ids |= {e.event_id for e in auth_chain}
- seen_ids = yield self.store.have_seen_events(event_ids)
- if state and auth_chain is not None:
- # If we have any state or auth_chain given to us by the replication
- # layer, then we should handle them (if we haven't before.)
- event_infos = []
- for e in itertools.chain(auth_chain, state):
- if e.event_id in seen_ids:
- continue
- e.internal_metadata.outlier = True
- auth_ids = [e_id for e_id, _ in e.auth_events]
- auth = {
- (e.type, e.state_key): e for e in auth_chain
- if e.event_id in auth_ids or e.type == EventTypes.Create
- }
- event_infos.append({
- "event": e,
- "auth_events": auth,
- })
- seen_ids.add(e.event_id)
- yield self._handle_new_events(origin, event_infos)
- try:
- context, event_stream_id, max_stream_id = yield self._handle_new_event(
- origin,
- event,
- state=state,
- )
- except AuthError as e:
- raise FederationError(
- "ERROR",
- e.code,
- e.msg,
- affected=event.event_id,
- )
- room = yield self.store.get_room(event.room_id)
- if not room:
- try:
- yield self.store.store_room(
- room_id=event.room_id,
- room_creator_user_id="",
- is_public=False,
- )
- except StoreError:
- logger.exception("Failed to store room.")
- extra_users = []
- if event.type == EventTypes.Member:
- target_user_id = event.state_key
- target_user = UserID.from_string(target_user_id)
- extra_users.append(target_user)
- self.notifier.on_new_room_event(
- event, event_stream_id, max_stream_id,
- extra_users=extra_users
- )
- if event.type == EventTypes.Member:
- if event.membership == Membership.JOIN:
- # Only fire user_joined_room if the user has acutally
- # joined the room. Don't bother if the user is just
- # changing their profile info.
- newly_joined = True
- prev_state_id = context.prev_state_ids.get(
- (event.type, event.state_key)
- )
- if prev_state_id:
- prev_state = yield self.store.get_event(
- prev_state_id, allow_none=True,
- )
- if prev_state and prev_state.membership == Membership.JOIN:
- newly_joined = False
- if newly_joined:
- user = UserID.from_string(event.state_key)
- yield user_joined_room(self.distributor, user, event.room_id)
- @measure_func("_filter_events_for_server")
- @defer.inlineCallbacks
- def _filter_events_for_server(self, server_name, room_id, events):
- """Filter the given events for the given server, redacting those the
- server can't see.
- Assumes the server is currently in the room.
- Returns
- list[FrozenEvent]
- """
- # First lets check to see if all the events have a history visibility
- # of "shared" or "world_readable". If thats the case then we don't
- # need to check membership (as we know the server is in the room).
- event_to_state_ids = yield self.store.get_state_ids_for_events(
- frozenset(e.event_id for e in events),
- types=(
- (EventTypes.RoomHistoryVisibility, ""),
- )
- )
- visibility_ids = set()
- for sids in event_to_state_ids.itervalues():
- hist = sids.get((EventTypes.RoomHistoryVisibility, ""))
- if hist:
- visibility_ids.add(hist)
- # If we failed to find any history visibility events then the default
- # is "shared" visiblity.
- if not visibility_ids:
- defer.returnValue(events)
- event_map = yield self.store.get_events(visibility_ids)
- all_open = all(
- e.content.get("history_visibility") in (None, "shared", "world_readable")
- for e in event_map.itervalues()
- )
- if all_open:
- defer.returnValue(events)
- # Ok, so we're dealing with events that have non-trivial visibility
- # rules, so we need to also get the memberships of the room.
- event_to_state_ids = yield self.store.get_state_ids_for_events(
- frozenset(e.event_id for e in events),
- types=(
- (EventTypes.RoomHistoryVisibility, ""),
- (EventTypes.Member, None),
- )
- )
- # We only want to pull out member events that correspond to the
- # server's domain.
- def check_match(id):
- try:
- return server_name == get_domain_from_id(id)
- except Exception:
- return False
- # Parses mapping `event_id -> (type, state_key) -> state event_id`
- # to get all state ids that we're interested in.
- event_map = yield self.store.get_events([
- e_id
- for key_to_eid in list(event_to_state_ids.values())
- for key, e_id in key_to_eid.items()
- if key[0] != EventTypes.Member or check_match(key[1])
- ])
- event_to_state = {
- e_id: {
- key: event_map[inner_e_id]
- for key, inner_e_id in key_to_eid.iteritems()
- if inner_e_id in event_map
- }
- for e_id, key_to_eid in event_to_state_ids.iteritems()
- }
- erased_senders = yield self.store.are_users_erased(
- e.sender for e in events,
- )
- def redact_disallowed(event, state):
- # if the sender has been gdpr17ed, always return a redacted
- # copy of the event.
- if erased_senders[event.sender]:
- logger.info(
- "Sender of %s has been erased, redacting",
- event.event_id,
- )
- return prune_event(event)
- if not state:
- return event
- history = state.get((EventTypes.RoomHistoryVisibility, ''), None)
- if history:
- visibility = history.content.get("history_visibility", "shared")
- if visibility in ["invited", "joined"]:
- # We now loop through all state events looking for
- # membership states for the requesting server to determine
- # if the server is either in the room or has been invited
- # into the room.
- for ev in state.itervalues():
- if ev.type != EventTypes.Member:
- continue
- try:
- domain = get_domain_from_id(ev.state_key)
- except Exception:
- continue
- if domain != server_name:
- continue
- memtype = ev.membership
- if memtype == Membership.JOIN:
- return event
- elif memtype == Membership.INVITE:
- if visibility == "invited":
- return event
- else:
- return prune_event(event)
- return event
- defer.returnValue([
- redact_disallowed(e, event_to_state[e.event_id])
- for e in events
- ])
- @log_function
- @defer.inlineCallbacks
- def backfill(self, dest, room_id, limit, extremities):
- """ Trigger a backfill request to `dest` for the given `room_id`
- This will attempt to get more events from the remote. If the other side
- has no new events to offer, this will return an empty list.
- As the events are received, we check their signatures, and also do some
- sanity-checking on them. If any of the backfilled events are invalid,
- this method throws a SynapseError.
- TODO: make this more useful to distinguish failures of the remote
- server from invalid events (there is probably no point in trying to
- re-fetch invalid events from every other HS in the room.)
- """
- if dest == self.server_name:
- raise SynapseError(400, "Can't backfill from self.")
- events = yield self.replication_layer.backfill(
- dest,
- room_id,
- limit=limit,
- extremities=extremities,
- )
- # ideally we'd sanity check the events here for excess prev_events etc,
- # but it's hard to reject events at this point without completely
- # breaking backfill in the same way that it is currently broken by
- # events whose signature we cannot verify (#3121).
- #
- # So for now we accept the events anyway. #3124 tracks this.
- #
- # for ev in events:
- # self._sanity_check_event(ev)
- # Don't bother processing events we already have.
- seen_events = yield self.store.have_events_in_timeline(
- set(e.event_id for e in events)
- )
- events = [e for e in events if e.event_id not in seen_events]
- if not events:
- defer.returnValue([])
- event_map = {e.event_id: e for e in events}
- event_ids = set(e.event_id for e in events)
- edges = [
- ev.event_id
- for ev in events
- if set(e_id for e_id, _ in ev.prev_events) - event_ids
- ]
- logger.info(
- "backfill: Got %d events with %d edges",
- len(events), len(edges),
- )
- # For each edge get the current state.
- auth_events = {}
- state_events = {}
- events_to_state = {}
- for e_id in edges:
- state, auth = yield self.replication_layer.get_state_for_room(
- destination=dest,
- room_id=room_id,
- event_id=e_id
- )
- auth_events.update({a.event_id: a for a in auth})
- auth_events.update({s.event_id: s for s in state})
- state_events.update({s.event_id: s for s in state})
- events_to_state[e_id] = state
- required_auth = set(
- a_id
- for event in events + state_events.values() + auth_events.values()
- for a_id, _ in event.auth_events
- )
- auth_events.update({
- e_id: event_map[e_id] for e_id in required_auth if e_id in event_map
- })
- missing_auth = required_auth - set(auth_events)
- failed_to_fetch = set()
- # Try and fetch any missing auth events from both DB and remote servers.
- # We repeatedly do this until we stop finding new auth events.
- while missing_auth - failed_to_fetch:
- logger.info("Missing auth for backfill: %r", missing_auth)
- ret_events = yield self.store.get_events(missing_auth - failed_to_fetch)
- auth_events.update(ret_events)
- required_auth.update(
- a_id for event in ret_events.values() for a_id, _ in event.auth_events
- )
- missing_auth = required_auth - set(auth_events)
- if missing_auth - failed_to_fetch:
- logger.info(
- "Fetching missing auth for backfill: %r",
- missing_auth - failed_to_fetch
- )
- results = yield logcontext.make_deferred_yieldable(defer.gatherResults(
- [
- logcontext.run_in_background(
- self.replication_layer.get_pdu,
- [dest],
- event_id,
- outlier=True,
- timeout=10000,
- )
- for event_id in missing_auth - failed_to_fetch
- ],
- consumeErrors=True
- )).addErrback(unwrapFirstError)
- auth_events.update({a.event_id: a for a in results if a})
- required_auth.update(
- a_id
- for event in results if event
- for a_id, _ in event.auth_events
- )
- missing_auth = required_auth - set(auth_events)
- failed_to_fetch = missing_auth - set(auth_events)
- seen_events = yield self.store.have_seen_events(
- set(auth_events.keys()) | set(state_events.keys())
- )
- ev_infos = []
- for a in auth_events.values():
- if a.event_id in seen_events:
- continue
- a.internal_metadata.outlier = True
- ev_infos.append({
- "event": a,
- "auth_events": {
- (auth_events[a_id].type, auth_events[a_id].state_key):
- auth_events[a_id]
- for a_id, _ in a.auth_events
- if a_id in auth_events
- }
- })
- for e_id in events_to_state:
- ev_infos.append({
- "event": event_map[e_id],
- "state": events_to_state[e_id],
- "auth_events": {
- (auth_events[a_id].type, auth_events[a_id].state_key):
- auth_events[a_id]
- for a_id, _ in event_map[e_id].auth_events
- if a_id in auth_events
- }
- })
- yield self._handle_new_events(
- dest, ev_infos,
- backfilled=True,
- )
- events.sort(key=lambda e: e.depth)
- for event in events:
- if event in events_to_state:
- continue
- # We store these one at a time since each event depends on the
- # previous to work out the state.
- # TODO: We can probably do something more clever here.
- yield self._handle_new_event(
- dest, event, backfilled=True,
- )
- defer.returnValue(events)
- @defer.inlineCallbacks
- def maybe_backfill(self, room_id, current_depth):
- """Checks the database to see if we should backfill before paginating,
- and if so do.
- """
- extremities = yield self.store.get_oldest_events_with_depth_in_room(
- room_id
- )
- if not extremities:
- logger.debug("Not backfilling as no extremeties found.")
- return
- # Check if we reached a point where we should start backfilling.
- sorted_extremeties_tuple = sorted(
- extremities.items(),
- key=lambda e: -int(e[1])
- )
- max_depth = sorted_extremeties_tuple[0][1]
- # We don't want to specify too many extremities as it causes the backfill
- # request URI to be too long.
- extremities = dict(sorted_extremeties_tuple[:5])
- if current_depth > max_depth:
- logger.debug(
- "Not backfilling as we don't need to. %d < %d",
- max_depth, current_depth,
- )
- return
- # Now we need to decide which hosts to hit first.
- # First we try hosts that are already in the room
- # TODO: HEURISTIC ALERT.
- curr_state = yield self.state_handler.get_current_state(room_id)
- def get_domains_from_state(state):
- """Get joined domains from state
- Args:
- state (dict[tuple, FrozenEvent]): State map from type/state
- key to event.
- Returns:
- list[tuple[str, int]]: Returns a list of servers with the
- lowest depth of their joins. Sorted by lowest depth first.
- """
- joined_users = [
- (state_key, int(event.depth))
- for (e_type, state_key), event in state.iteritems()
- if e_type == EventTypes.Member
- and event.membership == Membership.JOIN
- ]
- joined_domains = {}
- for u, d in joined_users:
- try:
- dom = get_domain_from_id(u)
- old_d = joined_domains.get(dom)
- if old_d:
- joined_domains[dom] = min(d, old_d)
- else:
- joined_domains[dom] = d
- except Exception:
- pass
- return sorted(joined_domains.iteritems(), key=lambda d: d[1])
- curr_domains = get_domains_from_state(curr_state)
- likely_domains = [
- domain for domain, depth in curr_domains
- if domain != self.server_name
- ]
- @defer.inlineCallbacks
- def try_backfill(domains):
- # TODO: Should we try multiple of these at a time?
- for dom in domains:
- try:
- yield self.backfill(
- dom, room_id,
- limit=100,
- extremities=extremities,
- )
- # If this succeeded then we probably already have the
- # appropriate stuff.
- # TODO: We can probably do something more intelligent here.
- defer.returnValue(True)
- except SynapseError as e:
- logger.info(
- "Failed to backfill from %s because %s",
- dom, e,
- )
- continue
- except CodeMessageException as e:
- if 400 <= e.code < 500:
- raise
- logger.info(
- "Failed to backfill from %s because %s",
- dom, e,
- )
- continue
- except NotRetryingDestination as e:
- logger.info(e.message)
- continue
- except FederationDeniedError as e:
- logger.info(e)
- continue
- except Exception as e:
- logger.exception(
- "Failed to backfill from %s because %s",
- dom, e,
- )
- continue
- defer.returnValue(False)
- success = yield try_backfill(likely_domains)
- if success:
- defer.returnValue(True)
- # Huh, well *those* domains didn't work out. Lets try some domains
- # from the time.
- tried_domains = set(likely_domains)
- tried_domains.add(self.server_name)
- event_ids = list(extremities.iterkeys())
- logger.debug("calling resolve_state_groups in _maybe_backfill")
- resolve = logcontext.preserve_fn(
- self.state_handler.resolve_state_groups_for_events
- )
- states = yield logcontext.make_deferred_yieldable(defer.gatherResults(
- [resolve(room_id, [e]) for e in event_ids],
- consumeErrors=True,
- ))
- # dict[str, dict[tuple, str]], a map from event_id to state map of
- # event_ids.
- states = dict(zip(event_ids, [s.state for s in states]))
- state_map = yield self.store.get_events(
- [e_id for ids in states.itervalues() for e_id in ids.itervalues()],
- get_prev_content=False
- )
- states = {
- key: {
- k: state_map[e_id]
- for k, e_id in state_dict.iteritems()
- if e_id in state_map
- } for key, state_dict in states.iteritems()
- }
- for e_id, _ in sorted_extremeties_tuple:
- likely_domains = get_domains_from_state(states[e_id])
- success = yield try_backfill([
- dom for dom, _ in likely_domains
- if dom not in tried_domains
- ])
- if success:
- defer.returnValue(True)
- tried_domains.update(dom for dom, _ in likely_domains)
- defer.returnValue(False)
- def _sanity_check_event(self, ev):
- """
- Do some early sanity checks of a received event
- In particular, checks it doesn't have an excessive number of
- prev_events or auth_events, which could cause a huge state resolution
- or cascade of event fetches.
- Args:
- ev (synapse.events.EventBase): event to be checked
- Returns: None
- Raises:
- SynapseError if the event does not pass muster
- """
- if len(ev.prev_events) > 20:
- logger.warn("Rejecting event %s which has %i prev_events",
- ev.event_id, len(ev.prev_events))
- raise SynapseError(
- http_client.BAD_REQUEST,
- "Too many prev_events",
- )
- if len(ev.auth_events) > 10:
- logger.warn("Rejecting event %s which has %i auth_events",
- ev.event_id, len(ev.auth_events))
- raise SynapseError(
- http_client.BAD_REQUEST,
- "Too many auth_events",
- )
- @defer.inlineCallbacks
- def send_invite(self, target_host, event):
- """ Sends the invite to the remote server for signing.
- Invites must be signed by the invitee's server before distribution.
- """
- pdu = yield self.replication_layer.send_invite(
- destination=target_host,
- room_id=event.room_id,
- event_id=event.event_id,
- pdu=event
- )
- defer.returnValue(pdu)
- @defer.inlineCallbacks
- def on_event_auth(self, event_id):
- event = yield self.store.get_event(event_id)
- auth = yield self.store.get_auth_chain(
- [auth_id for auth_id, _ in event.auth_events],
- include_given=True
- )
- for event in auth:
- event.signatures.update(
- compute_event_signature(
- event,
- self.hs.hostname,
- self.hs.config.signing_key[0]
- )
- )
- defer.returnValue([e for e in auth])
- @log_function
- @defer.inlineCallbacks
- def do_invite_join(self, target_hosts, room_id, joinee, content):
- """ Attempts to join the `joinee` to the room `room_id` via the
- server `target_host`.
- This first triggers a /make_join/ request that returns a partial
- event that we can fill out and sign. This is then sent to the
- remote server via /send_join/ which responds with the state at that
- event and the auth_chains.
- We suspend processing of any received events from this room until we
- have finished processing the join.
- """
- logger.debug("Joining %s to %s", joinee, room_id)
- origin, event = yield self._make_and_verify_event(
- target_hosts,
- room_id,
- joinee,
- "join",
- content,
- )
- # This shouldn't happen, because the RoomMemberHandler has a
- # linearizer lock which only allows one operation per user per room
- # at a time - so this is just paranoia.
- assert (room_id not in self.room_queues)
- self.room_queues[room_id] = []
- yield self.store.clean_room_for_join(room_id)
- handled_events = set()
- try:
- event = self._sign_event(event)
- # Try the host we successfully got a response to /make_join/
- # request first.
- try:
- target_hosts.remove(origin)
- target_hosts.insert(0, origin)
- except ValueError:
- pass
- ret = yield self.replication_layer.send_join(target_hosts, event)
- origin = ret["origin"]
- state = ret["state"]
- auth_chain = ret["auth_chain"]
- auth_chain.sort(key=lambda e: e.depth)
- handled_events.update([s.event_id for s in state])
- handled_events.update([a.event_id for a in auth_chain])
- handled_events.add(event.event_id)
- logger.debug("do_invite_join auth_chain: %s", auth_chain)
- logger.debug("do_invite_join state: %s", state)
- logger.debug("do_invite_join event: %s", event)
- try:
- yield self.store.store_room(
- room_id=room_id,
- room_creator_user_id="",
- is_public=False
- )
- except Exception:
- # FIXME
- pass
- event_stream_id, max_stream_id = yield self._persist_auth_tree(
- origin, auth_chain, state, event
- )
- self.notifier.on_new_room_event(
- event, event_stream_id, max_stream_id,
- extra_users=[joinee]
- )
- logger.debug("Finished joining %s to %s", joinee, room_id)
- finally:
- room_queue = self.room_queues[room_id]
- del self.room_queues[room_id]
- # we don't need to wait for the queued events to be processed -
- # it's just a best-effort thing at this point. We do want to do
- # them roughly in order, though, otherwise we'll end up making
- # lots of requests for missing prev_events which we do actually
- # have. Hence we fire off the deferred, but don't wait for it.
- logcontext.run_in_background(self._handle_queued_pdus, room_queue)
- defer.returnValue(True)
- @defer.inlineCallbacks
- def _handle_queued_pdus(self, room_queue):
- """Process PDUs which got queued up while we were busy send_joining.
- Args:
- room_queue (list[FrozenEvent, str]): list of PDUs to be processed
- and the servers that sent them
- """
- for p, origin in room_queue:
- try:
- logger.info("Processing queued PDU %s which was received "
- "while we were joining %s", p.event_id, p.room_id)
- yield self.on_receive_pdu(origin, p)
- except Exception as e:
- logger.warn(
- "Error handling queued PDU %s from %s: %s",
- p.event_id, origin, e)
- @defer.inlineCallbacks
- @log_function
- def on_make_join_request(self, room_id, user_id):
- """ We've received a /make_join/ request, so we create a partial
- join event for the room and return that. We do *not* persist or
- process it until the other server has signed it and sent it back.
- """
- event_content = {"membership": Membership.JOIN}
- builder = self.event_builder_factory.new({
- "type": EventTypes.Member,
- "content": event_content,
- "room_id": room_id,
- "sender": user_id,
- "state_key": user_id,
- })
- try:
- event, context = yield self.event_creation_handler.create_new_client_event(
- builder=builder,
- )
- except AuthError as e:
- logger.warn("Failed to create join %r because %s", event, e)
- raise e
- # The remote hasn't signed it yet, obviously. We'll do the full checks
- # when we get the event back in `on_send_join_request`
- yield self.auth.check_from_context(event, context, do_sig_check=False)
- defer.returnValue(event)
- @defer.inlineCallbacks
- @log_function
- def on_send_join_request(self, origin, pdu):
- """ We have received a join event for a room. Fully process it and
- respond with the current state and auth chains.
- """
- event = pdu
- logger.debug(
- "on_send_join_request: Got event: %s, signatures: %s",
- event.event_id,
- event.signatures,
- )
- event.internal_metadata.outlier = False
- # Send this event on behalf of the origin server.
- #
- # The reasons we have the destination server rather than the origin
- # server send it are slightly mysterious: the origin server should have
- # all the neccessary state once it gets the response to the send_join,
- # so it could send the event itself if it wanted to. It may be that
- # doing it this way reduces failure modes, or avoids certain attacks
- # where a new server selectively tells a subset of the federation that
- # it has joined.
- #
- # The fact is that, as of the current writing, Synapse doesn't send out
- # the join event over federation after joining, and changing it now
- # would introduce the danger of backwards-compatibility problems.
- event.internal_metadata.send_on_behalf_of = origin
- context, event_stream_id, max_stream_id = yield self._handle_new_event(
- origin, event
- )
- logger.debug(
- "on_send_join_request: After _handle_new_event: %s, sigs: %s",
- event.event_id,
- event.signatures,
- )
- extra_users = []
- if event.type == EventTypes.Member:
- target_user_id = event.state_key
- target_user = UserID.from_string(target_user_id)
- extra_users.append(target_user)
- self.notifier.on_new_room_event(
- event, event_stream_id, max_stream_id, extra_users=extra_users
- )
- if event.type == EventTypes.Member:
- if event.content["membership"] == Membership.JOIN:
- user = UserID.from_string(event.state_key)
- yield user_joined_room(self.distributor, user, event.room_id)
- state_ids = list(context.prev_state_ids.values())
- auth_chain = yield self.store.get_auth_chain(state_ids)
- state = yield self.store.get_events(list(context.prev_state_ids.values()))
- defer.returnValue({
- "state": list(state.values()),
- "auth_chain": auth_chain,
- })
- @defer.inlineCallbacks
- def on_invite_request(self, origin, pdu):
- """ We've got an invite event. Process and persist it. Sign it.
- Respond with the now signed event.
- """
- event = pdu
- if event.state_key is None:
- raise SynapseError(400, "The invite event did not have a state key")
- is_blocked = yield self.store.is_room_blocked(event.room_id)
- if is_blocked:
- raise SynapseError(403, "This room has been blocked on this server")
- if self.hs.config.block_non_admin_invites:
- raise SynapseError(403, "This server does not accept room invites")
- if not self.spam_checker.user_may_invite(
- event.sender, event.state_key, event.room_id,
- ):
- raise SynapseError(
- 403, "This user is not permitted to send invites to this server/user"
- )
- membership = event.content.get("membership")
- if event.type != EventTypes.Member or membership != Membership.INVITE:
- raise SynapseError(400, "The event was not an m.room.member invite event")
- sender_domain = get_domain_from_id(event.sender)
- if sender_domain != origin:
- raise SynapseError(400, "The invite event was not from the server sending it")
- if not self.is_mine_id(event.state_key):
- raise SynapseError(400, "The invite event must be for this server")
- # block any attempts to invite the server notices mxid
- if event.state_key == self._server_notices_mxid:
- raise SynapseError(
- http_client.FORBIDDEN,
- "Cannot invite this user",
- )
- event.internal_metadata.outlier = True
- event.internal_metadata.invite_from_remote = True
- event.signatures.update(
- compute_event_signature(
- event,
- self.hs.hostname,
- self.hs.config.signing_key[0]
- )
- )
- context = yield self.state_handler.compute_event_context(event)
- event_stream_id, max_stream_id = yield self.store.persist_event(
- event,
- context=context,
- )
- target_user = UserID.from_string(event.state_key)
- self.notifier.on_new_room_event(
- event, event_stream_id, max_stream_id,
- extra_users=[target_user],
- )
- defer.returnValue(event)
- @defer.inlineCallbacks
- def do_remotely_reject_invite(self, target_hosts, room_id, user_id):
- origin, event = yield self._make_and_verify_event(
- target_hosts,
- room_id,
- user_id,
- "leave"
- )
- # Mark as outlier as we don't have any state for this event; we're not
- # even in the room.
- event.internal_metadata.outlier = True
- event = self._sign_event(event)
- # Try the host that we succesfully called /make_leave/ on first for
- # the /send_leave/ request.
- try:
- target_hosts.remove(origin)
- target_hosts.insert(0, origin)
- except ValueError:
- pass
- yield self.replication_layer.send_leave(
- target_hosts,
- event
- )
- context = yield self.state_handler.compute_event_context(event)
- event_stream_id, max_stream_id = yield self.store.persist_event(
- event,
- context=context,
- )
- target_user = UserID.from_string(event.state_key)
- self.notifier.on_new_room_event(
- event, event_stream_id, max_stream_id,
- extra_users=[target_user],
- )
- defer.returnValue(event)
- @defer.inlineCallbacks
- def _make_and_verify_event(self, target_hosts, room_id, user_id, membership,
- content={},):
- origin, pdu = yield self.replication_layer.make_membership_event(
- target_hosts,
- room_id,
- user_id,
- membership,
- content,
- )
- logger.debug("Got response to make_%s: %s", membership, pdu)
- event = pdu
- # We should assert some things.
- # FIXME: Do this in a nicer way
- assert(event.type == EventTypes.Member)
- assert(event.user_id == user_id)
- assert(event.state_key == user_id)
- assert(event.room_id == room_id)
- defer.returnValue((origin, event))
- def _sign_event(self, event):
- event.internal_metadata.outlier = False
- builder = self.event_builder_factory.new(
- unfreeze(event.get_pdu_json())
- )
- builder.event_id = self.event_builder_factory.create_event_id()
- builder.origin = self.hs.hostname
- if not hasattr(event, "signatures"):
- builder.signatures = {}
- add_hashes_and_signatures(
- builder,
- self.hs.hostname,
- self.hs.config.signing_key[0],
- )
- return builder.build()
- @defer.inlineCallbacks
- @log_function
- def on_make_leave_request(self, room_id, user_id):
- """ We've received a /make_leave/ request, so we create a partial
- join event for the room and return that. We do *not* persist or
- process it until the other server has signed it and sent it back.
- """
- builder = self.event_builder_factory.new({
- "type": EventTypes.Member,
- "content": {"membership": Membership.LEAVE},
- "room_id": room_id,
- "sender": user_id,
- "state_key": user_id,
- })
- event, context = yield self.event_creation_handler.create_new_client_event(
- builder=builder,
- )
- try:
- # The remote hasn't signed it yet, obviously. We'll do the full checks
- # when we get the event back in `on_send_leave_request`
- yield self.auth.check_from_context(event, context, do_sig_check=False)
- except AuthError as e:
- logger.warn("Failed to create new leave %r because %s", event, e)
- raise e
- defer.returnValue(event)
- @defer.inlineCallbacks
- @log_function
- def on_send_leave_request(self, origin, pdu):
- """ We have received a leave event for a room. Fully process it."""
- event = pdu
- logger.debug(
- "on_send_leave_request: Got event: %s, signatures: %s",
- event.event_id,
- event.signatures,
- )
- event.internal_metadata.outlier = False
- context, event_stream_id, max_stream_id = yield self._handle_new_event(
- origin, event
- )
- logger.debug(
- "on_send_leave_request: After _handle_new_event: %s, sigs: %s",
- event.event_id,
- event.signatures,
- )
- extra_users = []
- if event.type == EventTypes.Member:
- target_user_id = event.state_key
- target_user = UserID.from_string(target_user_id)
- extra_users.append(target_user)
- self.notifier.on_new_room_event(
- event, event_stream_id, max_stream_id, extra_users=extra_users
- )
- defer.returnValue(None)
- @defer.inlineCallbacks
- def get_state_for_pdu(self, room_id, event_id):
- """Returns the state at the event. i.e. not including said event.
- """
- state_groups = yield self.store.get_state_groups(
- room_id, [event_id]
- )
- if state_groups:
- _, state = list(iteritems(state_groups)).pop()
- results = {
- (e.type, e.state_key): e for e in state
- }
- event = yield self.store.get_event(event_id)
- if event and event.is_state():
- # Get previous state
- if "replaces_state" in event.unsigned:
- prev_id = event.unsigned["replaces_state"]
- if prev_id != event.event_id:
- prev_event = yield self.store.get_event(prev_id)
- results[(event.type, event.state_key)] = prev_event
- else:
- del results[(event.type, event.state_key)]
- res = list(results.values())
- for event in res:
- # We sign these again because there was a bug where we
- # incorrectly signed things the first time round
- if self.is_mine_id(event.event_id):
- event.signatures.update(
- compute_event_signature(
- event,
- self.hs.hostname,
- self.hs.config.signing_key[0]
- )
- )
- defer.returnValue(res)
- else:
- defer.returnValue([])
- @defer.inlineCallbacks
- def get_state_ids_for_pdu(self, room_id, event_id):
- """Returns the state at the event. i.e. not including said event.
- """
- state_groups = yield self.store.get_state_groups_ids(
- room_id, [event_id]
- )
- if state_groups:
- _, state = state_groups.items().pop()
- results = state
- event = yield self.store.get_event(event_id)
- if event and event.is_state():
- # Get previous state
- if "replaces_state" in event.unsigned:
- prev_id = event.unsigned["replaces_state"]
- if prev_id != event.event_id:
- results[(event.type, event.state_key)] = prev_id
- else:
- results.pop((event.type, event.state_key), None)
- defer.returnValue(list(results.values()))
- else:
- defer.returnValue([])
- @defer.inlineCallbacks
- @log_function
- def on_backfill_request(self, origin, room_id, pdu_list, limit):
- in_room = yield self.auth.check_host_in_room(room_id, origin)
- if not in_room:
- raise AuthError(403, "Host not in room.")
- events = yield self.store.get_backfill_events(
- room_id,
- pdu_list,
- limit
- )
- events = yield self._filter_events_for_server(origin, room_id, events)
- defer.returnValue(events)
- @defer.inlineCallbacks
- @log_function
- def get_persisted_pdu(self, origin, event_id):
- """Get an event from the database for the given server.
- Args:
- origin [str]: hostname of server which is requesting the event; we
- will check that the server is allowed to see it.
- event_id [str]: id of the event being requested
- Returns:
- Deferred[EventBase|None]: None if we know nothing about the event;
- otherwise the (possibly-redacted) event.
- Raises:
- AuthError if the server is not currently in the room
- """
- event = yield self.store.get_event(
- event_id,
- allow_none=True,
- allow_rejected=True,
- )
- if event:
- if self.is_mine_id(event.event_id):
- # FIXME: This is a temporary work around where we occasionally
- # return events slightly differently than when they were
- # originally signed
- event.signatures.update(
- compute_event_signature(
- event,
- self.hs.hostname,
- self.hs.config.signing_key[0]
- )
- )
- in_room = yield self.auth.check_host_in_room(
- event.room_id,
- origin
- )
- if not in_room:
- raise AuthError(403, "Host not in room.")
- events = yield self._filter_events_for_server(
- origin, event.room_id, [event]
- )
- event = events[0]
- defer.returnValue(event)
- else:
- defer.returnValue(None)
- @log_function
- def get_min_depth_for_context(self, context):
- return self.store.get_min_depth(context)
- @defer.inlineCallbacks
- @log_function
- def _handle_new_event(self, origin, event, state=None, auth_events=None,
- backfilled=False):
- context = yield self._prep_event(
- origin, event,
- state=state,
- auth_events=auth_events,
- )
- try:
- if not event.internal_metadata.is_outlier() and not backfilled:
- yield self.action_generator.handle_push_actions_for_event(
- event, context
- )
- event_stream_id, max_stream_id = yield self.store.persist_event(
- event,
- context=context,
- backfilled=backfilled,
- )
- except: # noqa: E722, as we reraise the exception this is fine.
- tp, value, tb = sys.exc_info()
- logcontext.run_in_background(
- self.store.remove_push_actions_from_staging,
- event.event_id,
- )
- six.reraise(tp, value, tb)
- if not backfilled:
- # this intentionally does not yield: we don't care about the result
- # and don't need to wait for it.
- logcontext.run_in_background(
- self.pusher_pool.on_new_notifications,
- event_stream_id, max_stream_id,
- )
- defer.returnValue((context, event_stream_id, max_stream_id))
- @defer.inlineCallbacks
- def _handle_new_events(self, origin, event_infos, backfilled=False):
- """Creates the appropriate contexts and persists events. The events
- should not depend on one another, e.g. this should be used to persist
- a bunch of outliers, but not a chunk of individual events that depend
- on each other for state calculations.
- """
- contexts = yield logcontext.make_deferred_yieldable(defer.gatherResults(
- [
- logcontext.run_in_background(
- self._prep_event,
- origin,
- ev_info["event"],
- state=ev_info.get("state"),
- auth_events=ev_info.get("auth_events"),
- )
- for ev_info in event_infos
- ], consumeErrors=True,
- ))
- yield self.store.persist_events(
- [
- (ev_info["event"], context)
- for ev_info, context in itertools.izip(event_infos, contexts)
- ],
- backfilled=backfilled,
- )
- @defer.inlineCallbacks
- def _persist_auth_tree(self, origin, auth_events, state, event):
- """Checks the auth chain is valid (and passes auth checks) for the
- state and event. Then persists the auth chain and state atomically.
- Persists the event seperately.
- Will attempt to fetch missing auth events.
- Args:
- origin (str): Where the events came from
- auth_events (list)
- state (list)
- event (Event)
- Returns:
- 2-tuple of (event_stream_id, max_stream_id) from the persist_event
- call for `event`
- """
- events_to_context = {}
- for e in itertools.chain(auth_events, state):
- e.internal_metadata.outlier = True
- ctx = yield self.state_handler.compute_event_context(e)
- events_to_context[e.event_id] = ctx
- event_map = {
- e.event_id: e
- for e in itertools.chain(auth_events, state, [event])
- }
- create_event = None
- for e in auth_events:
- if (e.type, e.state_key) == (EventTypes.Create, ""):
- create_event = e
- break
- missing_auth_events = set()
- for e in itertools.chain(auth_events, state, [event]):
- for e_id, _ in e.auth_events:
- if e_id not in event_map:
- missing_auth_events.add(e_id)
- for e_id in missing_auth_events:
- m_ev = yield self.replication_layer.get_pdu(
- [origin],
- e_id,
- outlier=True,
- timeout=10000,
- )
- if m_ev and m_ev.event_id == e_id:
- event_map[e_id] = m_ev
- else:
- logger.info("Failed to find auth event %r", e_id)
- for e in itertools.chain(auth_events, state, [event]):
- auth_for_e = {
- (event_map[e_id].type, event_map[e_id].state_key): event_map[e_id]
- for e_id, _ in e.auth_events
- if e_id in event_map
- }
- if create_event:
- auth_for_e[(EventTypes.Create, "")] = create_event
- try:
- self.auth.check(e, auth_events=auth_for_e)
- except SynapseError as err:
- # we may get SynapseErrors here as well as AuthErrors. For
- # instance, there are a couple of (ancient) events in some
- # rooms whose senders do not have the correct sigil; these
- # cause SynapseErrors in auth.check. We don't want to give up
- # the attempt to federate altogether in such cases.
- logger.warn(
- "Rejecting %s because %s",
- e.event_id, err.msg
- )
- if e == event:
- raise
- events_to_context[e.event_id].rejected = RejectedReason.AUTH_ERROR
- yield self.store.persist_events(
- [
- (e, events_to_context[e.event_id])
- for e in itertools.chain(auth_events, state)
- ],
- )
- new_event_context = yield self.state_handler.compute_event_context(
- event, old_state=state
- )
- event_stream_id, max_stream_id = yield self.store.persist_event(
- event, new_event_context,
- )
- defer.returnValue((event_stream_id, max_stream_id))
- @defer.inlineCallbacks
- def _prep_event(self, origin, event, state=None, auth_events=None):
- """
- Args:
- origin:
- event:
- state:
- auth_events:
- Returns:
- Deferred, which resolves to synapse.events.snapshot.EventContext
- """
- context = yield self.state_handler.compute_event_context(
- event, old_state=state,
- )
- if not auth_events:
- auth_events_ids = yield self.auth.compute_auth_events(
- event, context.prev_state_ids, for_verification=True,
- )
- auth_events = yield self.store.get_events(auth_events_ids)
- auth_events = {
- (e.type, e.state_key): e for e in auth_events.values()
- }
- # This is a hack to fix some old rooms where the initial join event
- # didn't reference the create event in its auth events.
- if event.type == EventTypes.Member and not event.auth_events:
- if len(event.prev_events) == 1 and event.depth < 5:
- c = yield self.store.get_event(
- event.prev_events[0][0],
- allow_none=True,
- )
- if c and c.type == EventTypes.Create:
- auth_events[(c.type, c.state_key)] = c
- try:
- yield self.do_auth(
- origin, event, context, auth_events=auth_events
- )
- except AuthError as e:
- logger.warn(
- "Rejecting %s because %s",
- event.event_id, e.msg
- )
- context.rejected = RejectedReason.AUTH_ERROR
- if event.type == EventTypes.GuestAccess and not context.rejected:
- yield self.maybe_kick_guest_users(event)
- defer.returnValue(context)
- @defer.inlineCallbacks
- def on_query_auth(self, origin, event_id, remote_auth_chain, rejects,
- missing):
- # Just go through and process each event in `remote_auth_chain`. We
- # don't want to fall into the trap of `missing` being wrong.
- for e in remote_auth_chain:
- try:
- yield self._handle_new_event(origin, e)
- except AuthError:
- pass
- # Now get the current auth_chain for the event.
- event = yield self.store.get_event(event_id)
- local_auth_chain = yield self.store.get_auth_chain(
- [auth_id for auth_id, _ in event.auth_events],
- include_given=True
- )
- # TODO: Check if we would now reject event_id. If so we need to tell
- # everyone.
- ret = yield self.construct_auth_difference(
- local_auth_chain, remote_auth_chain
- )
- for event in ret["auth_chain"]:
- event.signatures.update(
- compute_event_signature(
- event,
- self.hs.hostname,
- self.hs.config.signing_key[0]
- )
- )
- logger.debug("on_query_auth returning: %s", ret)
- defer.returnValue(ret)
- @defer.inlineCallbacks
- def on_get_missing_events(self, origin, room_id, earliest_events,
- latest_events, limit, min_depth):
- in_room = yield self.auth.check_host_in_room(
- room_id,
- origin
- )
- if not in_room:
- raise AuthError(403, "Host not in room.")
- limit = min(limit, 20)
- min_depth = max(min_depth, 0)
- missing_events = yield self.store.get_missing_events(
- room_id=room_id,
- earliest_events=earliest_events,
- latest_events=latest_events,
- limit=limit,
- min_depth=min_depth,
- )
- missing_events = yield self._filter_events_for_server(
- origin, room_id, missing_events,
- )
- defer.returnValue(missing_events)
- @defer.inlineCallbacks
- @log_function
- def do_auth(self, origin, event, context, auth_events):
- """
- Args:
- origin (str):
- event (synapse.events.FrozenEvent):
- context (synapse.events.snapshot.EventContext):
- auth_events (dict[(str, str)->str]):
- Returns:
- defer.Deferred[None]
- """
- # Check if we have all the auth events.
- current_state = set(e.event_id for e in auth_events.values())
- event_auth_events = set(e_id for e_id, _ in event.auth_events)
- if event.is_state():
- event_key = (event.type, event.state_key)
- else:
- event_key = None
- if event_auth_events - current_state:
- # TODO: can we use store.have_seen_events here instead?
- have_events = yield self.store.get_seen_events_with_rejections(
- event_auth_events - current_state
- )
- else:
- have_events = {}
- have_events.update({
- e.event_id: ""
- for e in auth_events.values()
- })
- seen_events = set(have_events.keys())
- missing_auth = event_auth_events - seen_events - current_state
- if missing_auth:
- logger.info("Missing auth: %s", missing_auth)
- # If we don't have all the auth events, we need to get them.
- try:
- remote_auth_chain = yield self.replication_layer.get_event_auth(
- origin, event.room_id, event.event_id
- )
- seen_remotes = yield self.store.have_seen_events(
- [e.event_id for e in remote_auth_chain]
- )
- for e in remote_auth_chain:
- if e.event_id in seen_remotes:
- continue
- if e.event_id == event.event_id:
- continue
- try:
- auth_ids = [e_id for e_id, _ in e.auth_events]
- auth = {
- (e.type, e.state_key): e for e in remote_auth_chain
- if e.event_id in auth_ids or e.type == EventTypes.Create
- }
- e.internal_metadata.outlier = True
- logger.debug(
- "do_auth %s missing_auth: %s",
- event.event_id, e.event_id
- )
- yield self._handle_new_event(
- origin, e, auth_events=auth
- )
- if e.event_id in event_auth_events:
- auth_events[(e.type, e.state_key)] = e
- except AuthError:
- pass
- have_events = yield self.store.get_seen_events_with_rejections(
- [e_id for e_id, _ in event.auth_events]
- )
- seen_events = set(have_events.keys())
- except Exception:
- # FIXME:
- logger.exception("Failed to get auth chain")
- # FIXME: Assumes we have and stored all the state for all the
- # prev_events
- current_state = set(e.event_id for e in auth_events.values())
- different_auth = event_auth_events - current_state
- if different_auth and not event.internal_metadata.is_outlier():
- # Do auth conflict res.
- logger.info("Different auth: %s", different_auth)
- different_events = yield logcontext.make_deferred_yieldable(
- defer.gatherResults([
- logcontext.run_in_background(
- self.store.get_event,
- d,
- allow_none=True,
- allow_rejected=False,
- )
- for d in different_auth
- if d in have_events and not have_events[d]
- ], consumeErrors=True)
- ).addErrback(unwrapFirstError)
- if different_events:
- local_view = dict(auth_events)
- remote_view = dict(auth_events)
- remote_view.update({
- (d.type, d.state_key): d for d in different_events if d
- })
- new_state = self.state_handler.resolve_events(
- [list(local_view.values()), list(remote_view.values())],
- event
- )
- auth_events.update(new_state)
- current_state = set(e.event_id for e in auth_events.values())
- different_auth = event_auth_events - current_state
- yield self._update_context_for_auth_events(
- event, context, auth_events, event_key,
- )
- if different_auth and not event.internal_metadata.is_outlier():
- logger.info("Different auth after resolution: %s", different_auth)
- # Only do auth resolution if we have something new to say.
- # We can't rove an auth failure.
- do_resolution = False
- provable = [
- RejectedReason.NOT_ANCESTOR, RejectedReason.NOT_ANCESTOR,
- ]
- for e_id in different_auth:
- if e_id in have_events:
- if have_events[e_id] in provable:
- do_resolution = True
- break
- if do_resolution:
- # 1. Get what we think is the auth chain.
- auth_ids = yield self.auth.compute_auth_events(
- event, context.prev_state_ids
- )
- local_auth_chain = yield self.store.get_auth_chain(
- auth_ids, include_given=True
- )
- try:
- # 2. Get remote difference.
- result = yield self.replication_layer.query_auth(
- origin,
- event.room_id,
- event.event_id,
- local_auth_chain,
- )
- seen_remotes = yield self.store.have_seen_events(
- [e.event_id for e in result["auth_chain"]]
- )
- # 3. Process any remote auth chain events we haven't seen.
- for ev in result["auth_chain"]:
- if ev.event_id in seen_remotes:
- continue
- if ev.event_id == event.event_id:
- continue
- try:
- auth_ids = [e_id for e_id, _ in ev.auth_events]
- auth = {
- (e.type, e.state_key): e
- for e in result["auth_chain"]
- if e.event_id in auth_ids
- or event.type == EventTypes.Create
- }
- ev.internal_metadata.outlier = True
- logger.debug(
- "do_auth %s different_auth: %s",
- event.event_id, e.event_id
- )
- yield self._handle_new_event(
- origin, ev, auth_events=auth
- )
- if ev.event_id in event_auth_events:
- auth_events[(ev.type, ev.state_key)] = ev
- except AuthError:
- pass
- except Exception:
- # FIXME:
- logger.exception("Failed to query auth chain")
- # 4. Look at rejects and their proofs.
- # TODO.
- yield self._update_context_for_auth_events(
- event, context, auth_events, event_key,
- )
- try:
- self.auth.check(event, auth_events=auth_events)
- except AuthError as e:
- logger.warn("Failed auth resolution for %r because %s", event, e)
- raise e
- @defer.inlineCallbacks
- def _update_context_for_auth_events(self, event, context, auth_events,
- event_key):
- """Update the state_ids in an event context after auth event resolution,
- storing the changes as a new state group.
- Args:
- event (Event): The event we're handling the context for
- context (synapse.events.snapshot.EventContext): event context
- to be updated
- auth_events (dict[(str, str)->str]): Events to update in the event
- context.
- event_key ((str, str)): (type, state_key) for the current event.
- this will not be included in the current_state in the context.
- """
- state_updates = {
- k: a.event_id for k, a in iteritems(auth_events)
- if k != event_key
- }
- context.current_state_ids = dict(context.current_state_ids)
- context.current_state_ids.update(state_updates)
- if context.delta_ids is not None:
- context.delta_ids = dict(context.delta_ids)
- context.delta_ids.update(state_updates)
- context.prev_state_ids = dict(context.prev_state_ids)
- context.prev_state_ids.update({
- k: a.event_id for k, a in iteritems(auth_events)
- })
- context.state_group = yield self.store.store_state_group(
- event.event_id,
- event.room_id,
- prev_group=context.prev_group,
- delta_ids=context.delta_ids,
- current_state_ids=context.current_state_ids,
- )
- @defer.inlineCallbacks
- def construct_auth_difference(self, local_auth, remote_auth):
- """ Given a local and remote auth chain, find the differences. This
- assumes that we have already processed all events in remote_auth
- Params:
- local_auth (list)
- remote_auth (list)
- Returns:
- dict
- """
- logger.debug("construct_auth_difference Start!")
- # TODO: Make sure we are OK with local_auth or remote_auth having more
- # auth events in them than strictly necessary.
- def sort_fun(ev):
- return ev.depth, ev.event_id
- logger.debug("construct_auth_difference after sort_fun!")
- # We find the differences by starting at the "bottom" of each list
- # and iterating up on both lists. The lists are ordered by depth and
- # then event_id, we iterate up both lists until we find the event ids
- # don't match. Then we look at depth/event_id to see which side is
- # missing that event, and iterate only up that list. Repeat.
- remote_list = list(remote_auth)
- remote_list.sort(key=sort_fun)
- local_list = list(local_auth)
- local_list.sort(key=sort_fun)
- local_iter = iter(local_list)
- remote_iter = iter(remote_list)
- logger.debug("construct_auth_difference before get_next!")
- def get_next(it, opt=None):
- try:
- return next(it)
- except Exception:
- return opt
- current_local = get_next(local_iter)
- current_remote = get_next(remote_iter)
- logger.debug("construct_auth_difference before while")
- missing_remotes = []
- missing_locals = []
- while current_local or current_remote:
- if current_remote is None:
- missing_locals.append(current_local)
- current_local = get_next(local_iter)
- continue
- if current_local is None:
- missing_remotes.append(current_remote)
- current_remote = get_next(remote_iter)
- continue
- if current_local.event_id == current_remote.event_id:
- current_local = get_next(local_iter)
- current_remote = get_next(remote_iter)
- continue
- if current_local.depth < current_remote.depth:
- missing_locals.append(current_local)
- current_local = get_next(local_iter)
- continue
- if current_local.depth > current_remote.depth:
- missing_remotes.append(current_remote)
- current_remote = get_next(remote_iter)
- continue
- # They have the same depth, so we fall back to the event_id order
- if current_local.event_id < current_remote.event_id:
- missing_locals.append(current_local)
- current_local = get_next(local_iter)
- if current_local.event_id > current_remote.event_id:
- missing_remotes.append(current_remote)
- current_remote = get_next(remote_iter)
- continue
- logger.debug("construct_auth_difference after while")
- # missing locals should be sent to the server
- # We should find why we are missing remotes, as they will have been
- # rejected.
- # Remove events from missing_remotes if they are referencing a missing
- # remote. We only care about the "root" rejected ones.
- missing_remote_ids = [e.event_id for e in missing_remotes]
- base_remote_rejected = list(missing_remotes)
- for e in missing_remotes:
- for e_id, _ in e.auth_events:
- if e_id in missing_remote_ids:
- try:
- base_remote_rejected.remove(e)
- except ValueError:
- pass
- reason_map = {}
- for e in base_remote_rejected:
- reason = yield self.store.get_rejection_reason(e.event_id)
- if reason is None:
- # TODO: e is not in the current state, so we should
- # construct some proof of that.
- continue
- reason_map[e.event_id] = reason
- if reason == RejectedReason.AUTH_ERROR:
- pass
- elif reason == RejectedReason.REPLACED:
- # TODO: Get proof
- pass
- elif reason == RejectedReason.NOT_ANCESTOR:
- # TODO: Get proof.
- pass
- logger.debug("construct_auth_difference returning")
- defer.returnValue({
- "auth_chain": local_auth,
- "rejects": {
- e.event_id: {
- "reason": reason_map[e.event_id],
- "proof": None,
- }
- for e in base_remote_rejected
- },
- "missing": [e.event_id for e in missing_locals],
- })
- @defer.inlineCallbacks
- @log_function
- def exchange_third_party_invite(
- self,
- sender_user_id,
- target_user_id,
- room_id,
- signed,
- ):
- third_party_invite = {
- "signed": signed,
- }
- event_dict = {
- "type": EventTypes.Member,
- "content": {
- "membership": Membership.INVITE,
- "third_party_invite": third_party_invite,
- },
- "room_id": room_id,
- "sender": sender_user_id,
- "state_key": target_user_id,
- }
- if (yield self.auth.check_host_in_room(room_id, self.hs.hostname)):
- builder = self.event_builder_factory.new(event_dict)
- EventValidator().validate_new(builder)
- event, context = yield self.event_creation_handler.create_new_client_event(
- builder=builder
- )
- event, context = yield self.add_display_name_to_third_party_invite(
- event_dict, event, context
- )
- try:
- yield self.auth.check_from_context(event, context)
- except AuthError as e:
- logger.warn("Denying new third party invite %r because %s", event, e)
- raise e
- yield self._check_signature(event, context)
- member_handler = self.hs.get_room_member_handler()
- yield member_handler.send_membership_event(None, event, context)
- else:
- destinations = set(x.split(":", 1)[-1] for x in (sender_user_id, room_id))
- yield self.replication_layer.forward_third_party_invite(
- destinations,
- room_id,
- event_dict,
- )
- @defer.inlineCallbacks
- @log_function
- def on_exchange_third_party_invite_request(self, origin, room_id, event_dict):
- """Handle an exchange_third_party_invite request from a remote server
- The remote server will call this when it wants to turn a 3pid invite
- into a normal m.room.member invite.
- Returns:
- Deferred: resolves (to None)
- """
- builder = self.event_builder_factory.new(event_dict)
- event, context = yield self.event_creation_handler.create_new_client_event(
- builder=builder,
- )
- event, context = yield self.add_display_name_to_third_party_invite(
- event_dict, event, context
- )
- try:
- self.auth.check_from_context(event, context)
- except AuthError as e:
- logger.warn("Denying third party invite %r because %s", event, e)
- raise e
- yield self._check_signature(event, context)
- # XXX we send the invite here, but send_membership_event also sends it,
- # so we end up making two requests. I think this is redundant.
- returned_invite = yield self.send_invite(origin, event)
- # TODO: Make sure the signatures actually are correct.
- event.signatures.update(returned_invite.signatures)
- member_handler = self.hs.get_room_member_handler()
- yield member_handler.send_membership_event(None, event, context)
- @defer.inlineCallbacks
- def add_display_name_to_third_party_invite(self, event_dict, event, context):
- key = (
- EventTypes.ThirdPartyInvite,
- event.content["third_party_invite"]["signed"]["token"]
- )
- original_invite = None
- original_invite_id = context.prev_state_ids.get(key)
- if original_invite_id:
- original_invite = yield self.store.get_event(
- original_invite_id, allow_none=True
- )
- if original_invite:
- display_name = original_invite.content["display_name"]
- event_dict["content"]["third_party_invite"]["display_name"] = display_name
- else:
- logger.info(
- "Could not find invite event for third_party_invite: %r",
- event_dict
- )
- # We don't discard here as this is not the appropriate place to do
- # auth checks. If we need the invite and don't have it then the
- # auth check code will explode appropriately.
- builder = self.event_builder_factory.new(event_dict)
- EventValidator().validate_new(builder)
- event, context = yield self.event_creation_handler.create_new_client_event(
- builder=builder,
- )
- defer.returnValue((event, context))
- @defer.inlineCallbacks
- def _check_signature(self, event, context):
- """
- Checks that the signature in the event is consistent with its invite.
- Args:
- event (Event): The m.room.member event to check
- context (EventContext):
- Raises:
- AuthError: if signature didn't match any keys, or key has been
- revoked,
- SynapseError: if a transient error meant a key couldn't be checked
- for revocation.
- """
- signed = event.content["third_party_invite"]["signed"]
- token = signed["token"]
- invite_event_id = context.prev_state_ids.get(
- (EventTypes.ThirdPartyInvite, token,)
- )
- invite_event = None
- if invite_event_id:
- invite_event = yield self.store.get_event(invite_event_id, allow_none=True)
- if not invite_event:
- raise AuthError(403, "Could not find invite")
- last_exception = None
- for public_key_object in self.hs.get_auth().get_public_keys(invite_event):
- try:
- for server, signature_block in signed["signatures"].items():
- for key_name, encoded_signature in signature_block.items():
- if not key_name.startswith("ed25519:"):
- continue
- public_key = public_key_object["public_key"]
- verify_key = decode_verify_key_bytes(
- key_name,
- decode_base64(public_key)
- )
- verify_signed_json(signed, server, verify_key)
- if "key_validity_url" in public_key_object:
- yield self._check_key_revocation(
- public_key,
- public_key_object["key_validity_url"]
- )
- return
- except Exception as e:
- last_exception = e
- raise last_exception
- @defer.inlineCallbacks
- def _check_key_revocation(self, public_key, url):
- """
- Checks whether public_key has been revoked.
- Args:
- public_key (str): base-64 encoded public key.
- url (str): Key revocation URL.
- Raises:
- AuthError: if they key has been revoked.
- SynapseError: if a transient error meant a key couldn't be checked
- for revocation.
- """
- try:
- response = yield self.hs.get_simple_http_client().get_json(
- url,
- {"public_key": public_key}
- )
- except Exception:
- raise SynapseError(
- 502,
- "Third party certificate could not be checked"
- )
- if "valid" not in response or not response["valid"]:
- raise AuthError(403, "Third party certificate was invalid")
|