Fix PDU and event signatures

8c2b5ea7 · Mark Haines · de1ec901 · 8c2b5ea7 · 8c2b5ea7 · 8c2b5ea7
Commit 8c2b5ea7 authored 10 years ago by Mark Haines
--- a/synapse/crypto/event_signing.py
+++ b/synapse/crypto/event_signing.py
@@ -16,6 +16,7 @@


 from synapse.api.events.utils import prune_event
+from synapse.federation.units import Pdu
 from syutil.jsonutil import encode_canonical_json
 from syutil.base64util import encode_base64, decode_base64
 from syutil.crypto.jsonsign import sign_json
@@ -58,6 +59,8 @@ def _compute_content_hash(event, hash_algorithm):
    event_json.pop("unsigned", None)
    event_json.pop("signatures", None)
    event_json.pop("hashes", None)
+    event_json.pop("outlier", None)
+    event_json.pop("destinations", None)
    event_json_bytes = encode_canonical_json(event_json)
    return hash_algorithm(event_json_bytes)

@@ -75,7 +78,13 @@ def compute_event_reference_hash(event, hash_algorithm=hashlib.sha256):

 def compute_event_signature(event, signature_name, signing_key):
    tmp_event = prune_event(event)
-    redact_json = tmp_event.get_full_dict()
+    tmp_event.origin = event.origin
+    tmp_event.origin_server_ts = event.origin_server_ts
+    d = tmp_event.get_full_dict()
+    kwargs = dict(event.unrecognized_keys)
+    kwargs.update({k: v for k, v in d.items()})
+    tmp_pdu = Pdu(**kwargs)
+    redact_json = tmp_pdu.get_dict()
    redact_json.pop("signatures", None)
    redact_json.pop("age_ts", None)
    redact_json.pop("unsigned", None)

--- a/synapse/handlers/federation.py
+++ b/synapse/handlers/federation.py
@@ -139,9 +139,10 @@ class FederationHandler(BaseHandler):
                affected=event.event_id,
            )

-        if not check_event_content_hash(pdu):
+        if not check_event_content_hash(event):
            logger.warn(
-                "Event content has been tampered, redacting %s", event.event_id
+                "Event content has been tampered, redacting %s, %s",
+                event.event_id, encode_canonical_json(event.get_full_dict())
            )
            event = redacted_event


--- a/synapse/storage/__init__.py
+++ b/synapse/storage/__init__.py
@@ -132,8 +132,8 @@ class DataStore(RoomMemberStore, RoomStore,
        if not events_dict:
            defer.returnValue(None)

-        event = self._parse_event_from_row(events_dict)
-        defer.returnValue(event)
+        event = yield self._parse_events([events_dict])
+        defer.returnValue(event[0])

    @log_function
    def _persist_event_txn(self, txn, event, backfilled, stream_ordering=None,

--- a/synapse/storage/feedback.py
+++ b/synapse/storage/feedback.py
@@ -41,7 +41,7 @@ class FeedbackStore(SQLBaseStore):

        defer.returnValue(
            [
-                self._parse_event_from_row(r)
+                (yield self._parse_events(r))
                for r in rows
            ]
        )