Ignore state events with invalid signatures when joining rooms (#1407)

* Use state from RespSendJoin post-check * Don't create input events for invalid events * Let's try this again * Update gomatrixserverlib * Update gomatrixserverlib to matrix-org/gomatrixserverlib@38f437f
2025-07-29 12:42:46 +00:00 · 2020-09-07 16:54:51 +01:00 · 2020-09-07 16:54:51 +01:00 · 1602df8752
commit 1602df8752
parent c992f4f1f4
4 changed files with 14 additions and 12 deletions
--- a/federationsender/internal/perform.go
+++ b/federationsender/internal/perform.go
@ -185,20 +185,21 @@ func (r *FederationSenderInternalAPI) performJoinUsingServer(

 	// Check that the send_join response was valid.
 	joinCtx := perform.JoinContext(r.federation, r.keyRing)
-	if err = joinCtx.CheckSendJoinResponse(
+	respState, err := joinCtx.CheckSendJoinResponse(
 		ctx, event, serverName, respMakeJoin, respSendJoin,
-	); err != nil {
+	)
+	if err != nil {
 		return fmt.Errorf("joinCtx.CheckSendJoinResponse: %w", err)
 	}

 	// If we successfully performed a send_join above then the other
 	// server now thinks we're a part of the room. Send the newly
 	// returned state to the roomserver to update our local view.
-	respState := respSendJoin.ToRespState()
 	if err = roomserverAPI.SendEventWithState(
 		ctx, r.rsAPI,
-		&respState,
-		event.Headered(respMakeJoin.RoomVersion), nil,
+		respState,
+		event.Headered(respMakeJoin.RoomVersion),
+		nil,
 	); err != nil {
 		return fmt.Errorf("r.producer.SendEventWithState: %w", err)
 	}
--- a/federationsender/internal/perform/join.go
+++ b/federationsender/internal/perform/join.go
@ -30,7 +30,7 @@ func (r joinContext) CheckSendJoinResponse(
 	server gomatrixserverlib.ServerName,
 	respMakeJoin gomatrixserverlib.RespMakeJoin,
 	respSendJoin gomatrixserverlib.RespSendJoin,
-) error {
+) (*gomatrixserverlib.RespState, error) {
 	// A list of events that we have retried, if they were not included in
 	// the auth events supplied in the send_join.
 	retries := map[string][]gomatrixserverlib.Event{}
@ -97,8 +97,9 @@ func (r joinContext) CheckSendJoinResponse(

 	// TODO: Can we expand Check here to return a list of missing auth
 	// events rather than failing one at a time?
-	if err := respSendJoin.Check(ctx, r.keyRing, event, missingAuth); err != nil {
-		return fmt.Errorf("respSendJoin: %w", err)
+	rs, err := respSendJoin.Check(ctx, r.keyRing, event, missingAuth)
+	if err != nil {
+		return nil, fmt.Errorf("respSendJoin: %w", err)
 	}
-	return nil
+	return rs, nil
 }