Merge pull request #6787 from matrix-org/rav/msc2260

Implement updated auth rules from MSC2260

Merge pull request #6787 from matrix-org/rav/msc2260
cc109b79 · Richard van der Hoff · GitHub · e17a1106 · a1f307f7 · cc109b79
Unverified Commit cc109b79 authored 5 years ago by Richard van der Hoff Committed by GitHub 5 years ago
--- a/changelog.d/6787.feature
+++ b/changelog.d/6787.feature
+Implement updated authorization rules for aliases events, from [MSC2260](https://github.com/matrix-org/matrix-doc/pull/2260).
--- a/synapse/api/room_versions.py
+++ b/synapse/api/room_versions.py
@@ -57,6 +57,9 @@ class RoomVersion(object):
    state_res = attr.ib()  # int; one of the StateResolutionVersions
    enforce_key_validity = attr.ib()  # bool
+    # bool: before MSC2260, anyone was allowed to send an aliases event
+    special_case_aliases_auth = attr.ib(type=bool, default=False)
 class RoomVersions(object):
    V1 = RoomVersion(
@@ -65,6 +68,7 @@ class RoomVersions(object):
        EventFormatVersions.V1,
        StateResolutionVersions.V1,
        enforce_key_validity=False,
+        special_case_aliases_auth=True,
    )
    V2 = RoomVersion(
        "2",
@@ -72,6 +76,7 @@ class RoomVersions(object):
        EventFormatVersions.V1,
        StateResolutionVersions.V2,
        enforce_key_validity=False,
+        special_case_aliases_auth=True,
    )
    V3 = RoomVersion(
        "3",
@@ -79,6 +84,7 @@ class RoomVersions(object):
        EventFormatVersions.V2,
        StateResolutionVersions.V2,
        enforce_key_validity=False,
+        special_case_aliases_auth=True,
    )
    V4 = RoomVersion(
        "4",
@@ -86,6 +92,7 @@ class RoomVersions(object):
        EventFormatVersions.V3,
        StateResolutionVersions.V2,
        enforce_key_validity=False,
+        special_case_aliases_auth=True,
    )
    V5 = RoomVersion(
        "5",
@@ -93,6 +100,14 @@ class RoomVersions(object):
        EventFormatVersions.V3,
        StateResolutionVersions.V2,
        enforce_key_validity=True,
+        special_case_aliases_auth=True,
+    )
+    MSC2260_DEV = RoomVersion(
+        "org.matrix.msc2260",
+        RoomDisposition.UNSTABLE,
+        EventFormatVersions.V3,
+        StateResolutionVersions.V2,
+        enforce_key_validity=True,
    )
@@ -104,5 +119,6 @@ KNOWN_ROOM_VERSIONS = {
        RoomVersions.V3,
        RoomVersions.V4,
        RoomVersions.V5,
+        RoomVersions.MSC2260_DEV,
    )
 }  # type: Dict[str, RoomVersion]
--- a/synapse/event_auth.py
+++ b/synapse/event_auth.py
@@ -100,7 +100,12 @@ def check(
            if not event.signatures.get(event_id_domain):
                raise AuthError(403, "Event not signed by sending server")
+    # Implementation of https://matrix.org/docs/spec/rooms/v1#authorization-rules
+    #
+    # 1. If type is m.room.create:
    if event.type == EventTypes.Create:
+        # 1b. If the domain of the room_id does not match the domain of the sender,
+        # reject.
        sender_domain = get_domain_from_id(event.sender)
        room_id_domain = get_domain_from_id(event.room_id)
        if room_id_domain != sender_domain:
@@ -108,40 +113,49 @@ def check(
                403, "Creation event's room_id domain does not match sender's"
            )
+        # 1c. If content.room_version is present and is not a recognised version, reject
        room_version_prop = event.content.get("room_version", "1")
        if room_version_prop not in KNOWN_ROOM_VERSIONS:
            raise AuthError(
                403,
                "room appears to have unsupported version %s" % (room_version_prop,),
            )
-        # FIXME
        logger.debug("Allowing! %s", event)
        return
+    # 3. If event does not have a m.room.create in its auth_events, reject.
    creation_event = auth_events.get((EventTypes.Create, ""), None)
    if not creation_event:
        raise AuthError(403, "No create event in auth events")
+    # additional check for m.federate
    creating_domain = get_domain_from_id(event.room_id)
    originating_domain = get_domain_from_id(event.sender)
    if creating_domain != originating_domain:
        if not _can_federate(event, auth_events):
            raise AuthError(403, "This room has been marked as unfederatable.")
-    # FIXME: Temp hack
+    # 4. If type is m.room.aliases
    if event.type == EventTypes.Aliases:
+        # 4a. If event has no state_key, reject
        if not event.is_state():
            raise AuthError(403, "Alias event must be a state event")
        if not event.state_key:
            raise AuthError(403, "Alias event must have non-empty state_key")
+        # 4b. If sender's domain doesn't matches [sic] state_key, reject
        sender_domain = get_domain_from_id(event.sender)
        if event.state_key != sender_domain:
            raise AuthError(
                403, "Alias event's state_key does not match sender's domain"
            )
-        logger.debug("Allowing! %s", event)
-        return
+        # 4c. Otherwise, allow.
+        # This is removed by https://github.com/matrix-org/matrix-doc/pull/2260
+        if room_version_obj.special_case_aliases_auth:
+            logger.debug("Allowing! %s", event)
+            return
    if logger.isEnabledFor(logging.DEBUG):
        logger.debug("Auth events: %s", [a.event_id for a in auth_events.values()])