Merge pull request matrix-org#2323 from matrix-org/markjh/invite_checks

Improve the error handling for bad invites received over federation
fiveop · Jul 4, 2017 · 1f12d80 · 1f12d80
2 parents 47574c9 + 3e27941
commit 1f12d80
Showing 1 changed file with 17 additions and 2 deletions.
diff --git a/synapse/handlers/federation.py b/synapse/handlers/federation.py
@@ -75,6 +75,7 @@ def __init__(self, hs):
         self.server_name = hs.hostname
         self.keyring = hs.get_keyring()
         self.action_generator = hs.get_action_generator()
+        self.is_mine_id = hs.is_mine_id
 
         self.replication_layer.set_handler(self)
 
@@ -1072,6 +1073,20 @@ def on_invite_request(self, origin, pdu):
         if is_blocked:
             raise SynapseError(403, "This room has been blocked on this server")
 
+        membership = event.content.get("membership")
+        if event.type != EventTypes.Member or membership != Membership.INVITE:
+            raise SynapseError(400, "The event was not an m.room.member invite event")
+
+        sender_domain = get_domain_from_id(event.sender)
+        if sender_domain != origin:
+            raise SynapseError(400, "The invite event was not from the server sending it")
+
+        if event.state_key is None:
+            raise SynapseError(400, "The invite event did not have a state key")
+
+        if not self.is_mine_id(event.state_key):
+            raise SynapseError(400, "The invite event must be for this server")
+
         event.internal_metadata.outlier = True
         event.internal_metadata.invite_from_remote = True
 
@@ -1280,7 +1295,7 @@ def get_state_for_pdu(self, room_id, event_id):
             for event in res:
                 # We sign these again because there was a bug where we
                 # incorrectly signed things the first time round
-                if self.hs.is_mine_id(event.event_id):
+                if self.is_mine_id(event.event_id):
                     event.signatures.update(
                         compute_event_signature(
                             event,
@@ -1353,7 +1368,7 @@ def get_persisted_pdu(self, origin, event_id, do_auth=True):
         )
 
         if event:
-            if self.hs.is_mine_id(event.event_id):
+            if self.is_mine_id(event.event_id):
                 # FIXME: This is a temporary work around where we occasionally
                 # return events slightly differently than when they were
                 # originally signed