Perspective key fetching, some federation room join fixes (#975)

* Update gomatrixserverlib * Test matrix.org as perspective key server * Base64 decode better * Optional strict validity checking in gmsl * Update gomatrixserverlib * Attempt to find missing auth events over federation (this shouldn't happen but I am guessing there is a synapse bug involved where we don't get all of the auth events) * Update gomatrixserverlib, debug logging * Remove debugging output * More verbose debugging * Print outliers * Increase timeouts for testing, observe contexts before trying to join over more servers * Don't block on roomserver (experimental) * Don't block on roomserver * Update gomatrixserverlib * Update gomatrixserverlib * Configurable perspective key fetchers * Output number of configured keys for perspective * Example perspective config included * Undo debug stack trace * Undo debug stack trace * Restore original HTTP listener in monolith * Fix lint * Review comments * Set default HTTP server timeout to 5 minutes now, block again when joining * Don't use HTTP address for HTTPS whoops * Update gomatrixserverlib * Update gomatrixserverlib * Update gomatrixserverlib * Actually add perspectives * Actually add perspectives * Update gomatrixserverlib
2025-07-30 04:52:46 +00:00 · 2020-04-20 17:42:34 +01:00 · 2020-04-20 17:42:34 +01:00 · 9045b8e89f
commit 9045b8e89f
parent c62844234b
15 changed files with 189 additions and 40 deletions
--- a/federationapi/routing/invite.go
+++ b/federationapi/routing/invite.go
@ -63,9 +63,10 @@ func Invite(
 	// Check that the event is signed by the server sending the request.
 	redacted := event.Redact()
 	verifyRequests := []gomatrixserverlib.VerifyJSONRequest{{
-		ServerName: event.Origin(),
-		Message:    redacted.JSON(),
-		AtTS:       event.OriginServerTS(),
+		ServerName:             event.Origin(),
+		Message:                redacted.JSON(),
+		AtTS:                   event.OriginServerTS(),
+		StrictValidityChecking: true,
 	}}
 	verifyResults, err := keys.VerifyJSONs(httpReq.Context(), verifyRequests)
 	if err != nil {
--- a/federationapi/routing/join.go
+++ b/federationapi/routing/join.go
@ -196,9 +196,10 @@ func SendJoin(
 	// Check that the event is signed by the server sending the request.
 	redacted := event.Redact()
 	verifyRequests := []gomatrixserverlib.VerifyJSONRequest{{
-		ServerName: event.Origin(),
-		Message:    redacted.JSON(),
-		AtTS:       event.OriginServerTS(),
+		ServerName:             event.Origin(),
+		Message:                redacted.JSON(),
+		AtTS:                   event.OriginServerTS(),
+		StrictValidityChecking: true,
 	}}
 	verifyResults, err := keys.VerifyJSONs(httpReq.Context(), verifyRequests)
 	if err != nil {
--- a/federationapi/routing/leave.go
+++ b/federationapi/routing/leave.go
@ -145,9 +145,10 @@ func SendLeave(
 	// Check that the event is signed by the server sending the request.
 	redacted := event.Redact()
 	verifyRequests := []gomatrixserverlib.VerifyJSONRequest{{
-		ServerName: event.Origin(),
-		Message:    redacted.JSON(),
-		AtTS:       event.OriginServerTS(),
+		ServerName:             event.Origin(),
+		Message:                redacted.JSON(),
+		AtTS:                   event.OriginServerTS(),
+		StrictValidityChecking: true,
 	}}
 	verifyResults, err := keys.VerifyJSONs(httpReq.Context(), verifyRequests)
 	if err != nil {