mirror of
https://github.com/hoernschen/dendrite.git
synced 2025-08-01 13:52:46 +00:00
Merge SenderID & Per Room User Key work (#3109)
This commit is contained in:
devonh
GitHub
parent
7a2e325d10
commit
e4665979bf
75 changed files with 801 additions and 379 deletions
|
|
@ -128,7 +128,11 @@ func (r *Inputer) processRoomEvent(
|
|||
if roomInfo == nil && !isCreateEvent {
|
||||
return fmt.Errorf("room %s does not exist for event %s", event.RoomID(), event.EventID())
|
||||
}
|
||||
sender, err := r.DB.GetUserIDForSender(ctx, event.RoomID(), event.SenderID())
|
||||
validRoomID, err := spec.NewRoomID(event.RoomID())
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
sender, err := r.Queryer.QueryUserIDForSender(ctx, *validRoomID, event.SenderID())
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed getting userID for sender %q. %w", event.SenderID(), err)
|
||||
}
|
||||
|
|
@ -282,8 +286,8 @@ func (r *Inputer) processRoomEvent(
|
|||
|
||||
// Check if the event is allowed by its auth events. If it isn't then
|
||||
// we consider the event to be "rejected" — it will still be persisted.
|
||||
if err = gomatrixserverlib.Allowed(event, &authEvents, func(roomID string, senderID spec.SenderID) (*spec.UserID, error) {
|
||||
return r.DB.GetUserIDForSender(ctx, roomID, senderID)
|
||||
if err = gomatrixserverlib.Allowed(event, &authEvents, func(roomID spec.RoomID, senderID spec.SenderID) (*spec.UserID, error) {
|
||||
return r.Queryer.QueryUserIDForSender(ctx, roomID, senderID)
|
||||
}); err != nil {
|
||||
isRejected = true
|
||||
rejectionErr = err
|
||||
|
|
@ -321,7 +325,7 @@ func (r *Inputer) processRoomEvent(
|
|||
if input.Kind == api.KindNew && !isCreateEvent {
|
||||
// Check that the event passes authentication checks based on the
|
||||
// current room state.
|
||||
softfail, err = helpers.CheckForSoftFail(ctx, r.DB, roomInfo, headered, input.StateEventIDs)
|
||||
softfail, err = helpers.CheckForSoftFail(ctx, r.DB, roomInfo, headered, input.StateEventIDs, r.Queryer)
|
||||
if err != nil {
|
||||
logger.WithError(err).Warn("Error authing soft-failed event")
|
||||
}
|
||||
|
|
@ -401,7 +405,7 @@ func (r *Inputer) processRoomEvent(
|
|||
redactedEvent gomatrixserverlib.PDU
|
||||
)
|
||||
if !isRejected && !isCreateEvent {
|
||||
resolver := state.NewStateResolution(r.DB, roomInfo)
|
||||
resolver := state.NewStateResolution(r.DB, roomInfo, r.Queryer)
|
||||
redactionEvent, redactedEvent, err = r.DB.MaybeRedactEvent(ctx, roomInfo, eventNID, event, &resolver)
|
||||
if err != nil {
|
||||
return err
|
||||
|
|
@ -587,8 +591,8 @@ func (r *Inputer) processStateBefore(
|
|||
stateBeforeAuth := gomatrixserverlib.NewAuthEvents(
|
||||
gomatrixserverlib.ToPDUs(stateBeforeEvent),
|
||||
)
|
||||
if rejectionErr = gomatrixserverlib.Allowed(event, &stateBeforeAuth, func(roomID string, senderID spec.SenderID) (*spec.UserID, error) {
|
||||
return r.DB.GetUserIDForSender(ctx, roomID, senderID)
|
||||
if rejectionErr = gomatrixserverlib.Allowed(event, &stateBeforeAuth, func(roomID spec.RoomID, senderID spec.SenderID) (*spec.UserID, error) {
|
||||
return r.Queryer.QueryUserIDForSender(ctx, roomID, senderID)
|
||||
}); rejectionErr != nil {
|
||||
rejectionErr = fmt.Errorf("Allowed() failed for stateBeforeEvent: %w", rejectionErr)
|
||||
return
|
||||
|
|
@ -700,8 +704,8 @@ nextAuthEvent:
|
|||
// Check the signatures of the event. If this fails then we'll simply
|
||||
// skip it, because gomatrixserverlib.Allowed() will notice a problem
|
||||
// if a critical event is missing anyway.
|
||||
if err := gomatrixserverlib.VerifyEventSignatures(ctx, authEvent, r.FSAPI.KeyRing(), func(roomID string, senderID spec.SenderID) (*spec.UserID, error) {
|
||||
return r.DB.GetUserIDForSender(ctx, roomID, senderID)
|
||||
if err := gomatrixserverlib.VerifyEventSignatures(ctx, authEvent, r.FSAPI.KeyRing(), func(roomID spec.RoomID, senderID spec.SenderID) (*spec.UserID, error) {
|
||||
return r.Queryer.QueryUserIDForSender(ctx, roomID, senderID)
|
||||
}); err != nil {
|
||||
continue nextAuthEvent
|
||||
}
|
||||
|
|
@ -718,8 +722,8 @@ nextAuthEvent:
|
|||
}
|
||||
|
||||
// Check if the auth event should be rejected.
|
||||
err := gomatrixserverlib.Allowed(authEvent, auth, func(roomID string, senderID spec.SenderID) (*spec.UserID, error) {
|
||||
return r.DB.GetUserIDForSender(ctx, roomID, senderID)
|
||||
err := gomatrixserverlib.Allowed(authEvent, auth, func(roomID spec.RoomID, senderID spec.SenderID) (*spec.UserID, error) {
|
||||
return r.Queryer.QueryUserIDForSender(ctx, roomID, senderID)
|
||||
})
|
||||
if isRejected = err != nil; isRejected {
|
||||
logger.WithError(err).Warnf("Auth event %s rejected", authEvent.EventID())
|
||||
|
|
@ -783,7 +787,7 @@ func (r *Inputer) calculateAndSetState(
|
|||
return fmt.Errorf("r.DB.GetRoomUpdater: %w", err)
|
||||
}
|
||||
defer sqlutil.EndTransactionWithCheck(updater, &succeeded, &err)
|
||||
roomState := state.NewStateResolution(updater, roomInfo)
|
||||
roomState := state.NewStateResolution(updater, roomInfo, r.Queryer)
|
||||
|
||||
if input.HasState {
|
||||
// We've been told what the state at the event is so we don't need to calculate it.
|
||||
|
|
@ -836,13 +840,18 @@ func (r *Inputer) kickGuests(ctx context.Context, event gomatrixserverlib.PDU, r
|
|||
return err
|
||||
}
|
||||
|
||||
validRoomID, err := spec.NewRoomID(event.RoomID())
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
prevEvents := latestRes.LatestEvents
|
||||
for _, memberEvent := range memberEvents {
|
||||
if memberEvent.StateKey() == nil {
|
||||
continue
|
||||
}
|
||||
|
||||
memberUserID, err := r.Queryer.QueryUserIDForSender(ctx, memberEvent.RoomID(), spec.SenderID(*memberEvent.StateKey()))
|
||||
memberUserID, err := r.Queryer.QueryUserIDForSender(ctx, *validRoomID, spec.SenderID(*memberEvent.StateKey()))
|
||||
if err != nil {
|
||||
continue
|
||||
}
|
||||
|
|
|
|||
|
|
@ -58,7 +58,7 @@ func Test_EventAuth(t *testing.T) {
|
|||
}
|
||||
|
||||
// Finally check that the event is NOT allowed
|
||||
if err := gomatrixserverlib.Allowed(ev.PDU, &allower, func(roomID string, senderID spec.SenderID) (*spec.UserID, error) {
|
||||
if err := gomatrixserverlib.Allowed(ev.PDU, &allower, func(roomID spec.RoomID, senderID spec.SenderID) (*spec.UserID, error) {
|
||||
return spec.NewUserID(string(senderID), true)
|
||||
}); err == nil {
|
||||
t.Fatalf("event should not be allowed, but it was")
|
||||
|
|
|
|||
|
|
@ -213,7 +213,7 @@ func (u *latestEventsUpdater) latestState() error {
|
|||
defer trace.EndRegion()
|
||||
|
||||
var err error
|
||||
roomState := state.NewStateResolution(u.updater, u.roomInfo)
|
||||
roomState := state.NewStateResolution(u.updater, u.roomInfo, u.api.Queryer)
|
||||
|
||||
// Work out if the state at the extremities has actually changed
|
||||
// or not. If they haven't then we won't bother doing all of the
|
||||
|
|
|
|||
|
|
@ -139,7 +139,11 @@ func (r *Inputer) updateMembership(
|
|||
func (r *Inputer) isLocalTarget(ctx context.Context, event *types.Event) bool {
|
||||
isTargetLocalUser := false
|
||||
if statekey := event.StateKey(); statekey != nil {
|
||||
userID, err := r.Queryer.QueryUserIDForSender(ctx, event.RoomID(), spec.SenderID(*statekey))
|
||||
validRoomID, err := spec.NewRoomID(event.RoomID())
|
||||
if err != nil {
|
||||
return isTargetLocalUser
|
||||
}
|
||||
userID, err := r.Queryer.QueryUserIDForSender(ctx, *validRoomID, spec.SenderID(*statekey))
|
||||
if err != nil || userID == nil {
|
||||
return isTargetLocalUser
|
||||
}
|
||||
|
|
|
|||
|
|
@ -383,7 +383,7 @@ func (t *missingStateReq) lookupStateAfterEventLocally(ctx context.Context, even
|
|||
defer trace.EndRegion()
|
||||
|
||||
var res parsedRespState
|
||||
roomState := state.NewStateResolution(t.db, t.roomInfo)
|
||||
roomState := state.NewStateResolution(t.db, t.roomInfo, t.inputer.Queryer)
|
||||
stateAtEvents, err := t.db.StateAtEventIDs(ctx, []string{eventID})
|
||||
if err != nil {
|
||||
t.log.WithError(err).Warnf("failed to get state after %s locally", eventID)
|
||||
|
|
@ -473,8 +473,8 @@ func (t *missingStateReq) resolveStatesAndCheck(ctx context.Context, roomVersion
|
|||
stateEventList = append(stateEventList, state.StateEvents...)
|
||||
}
|
||||
resolvedStateEvents, err := gomatrixserverlib.ResolveConflicts(
|
||||
roomVersion, gomatrixserverlib.ToPDUs(stateEventList), gomatrixserverlib.ToPDUs(authEventList), func(roomID string, senderID spec.SenderID) (*spec.UserID, error) {
|
||||
return t.db.GetUserIDForSender(ctx, roomID, senderID)
|
||||
roomVersion, gomatrixserverlib.ToPDUs(stateEventList), gomatrixserverlib.ToPDUs(authEventList), func(roomID spec.RoomID, senderID spec.SenderID) (*spec.UserID, error) {
|
||||
return t.inputer.Queryer.QueryUserIDForSender(ctx, roomID, senderID)
|
||||
},
|
||||
)
|
||||
if err != nil {
|
||||
|
|
@ -482,8 +482,8 @@ func (t *missingStateReq) resolveStatesAndCheck(ctx context.Context, roomVersion
|
|||
}
|
||||
// apply the current event
|
||||
retryAllowedState:
|
||||
if err = checkAllowedByState(backwardsExtremity, resolvedStateEvents, func(roomID string, senderID spec.SenderID) (*spec.UserID, error) {
|
||||
return t.db.GetUserIDForSender(ctx, roomID, senderID)
|
||||
if err = checkAllowedByState(backwardsExtremity, resolvedStateEvents, func(roomID spec.RoomID, senderID spec.SenderID) (*spec.UserID, error) {
|
||||
return t.inputer.Queryer.QueryUserIDForSender(ctx, roomID, senderID)
|
||||
}); err != nil {
|
||||
switch missing := err.(type) {
|
||||
case gomatrixserverlib.MissingAuthEventError:
|
||||
|
|
@ -569,8 +569,8 @@ func (t *missingStateReq) getMissingEvents(ctx context.Context, e gomatrixserver
|
|||
// will be added and duplicates will be removed.
|
||||
missingEvents := make([]gomatrixserverlib.PDU, 0, len(missingResp.Events))
|
||||
for _, ev := range missingResp.Events.UntrustedEvents(roomVersion) {
|
||||
if err = gomatrixserverlib.VerifyEventSignatures(ctx, ev, t.keys, func(roomID string, senderID spec.SenderID) (*spec.UserID, error) {
|
||||
return t.db.GetUserIDForSender(ctx, roomID, senderID)
|
||||
if err = gomatrixserverlib.VerifyEventSignatures(ctx, ev, t.keys, func(roomID spec.RoomID, senderID spec.SenderID) (*spec.UserID, error) {
|
||||
return t.inputer.Queryer.QueryUserIDForSender(ctx, roomID, senderID)
|
||||
}); err != nil {
|
||||
continue
|
||||
}
|
||||
|
|
@ -660,8 +660,8 @@ func (t *missingStateReq) lookupMissingStateViaState(
|
|||
authEvents, stateEvents, err := gomatrixserverlib.CheckStateResponse(ctx, &fclient.RespState{
|
||||
StateEvents: state.GetStateEvents(),
|
||||
AuthEvents: state.GetAuthEvents(),
|
||||
}, roomVersion, t.keys, nil, func(roomID string, senderID spec.SenderID) (*spec.UserID, error) {
|
||||
return t.db.GetUserIDForSender(ctx, roomID, senderID)
|
||||
}, roomVersion, t.keys, nil, func(roomID spec.RoomID, senderID spec.SenderID) (*spec.UserID, error) {
|
||||
return t.inputer.Queryer.QueryUserIDForSender(ctx, roomID, senderID)
|
||||
})
|
||||
if err != nil {
|
||||
return nil, err
|
||||
|
|
@ -897,8 +897,8 @@ func (t *missingStateReq) lookupEvent(ctx context.Context, roomVersion gomatrixs
|
|||
t.log.WithField("missing_event_id", missingEventID).Warnf("Failed to get missing /event for event ID from %d server(s)", len(t.servers))
|
||||
return nil, fmt.Errorf("wasn't able to find event via %d server(s)", len(t.servers))
|
||||
}
|
||||
if err := gomatrixserverlib.VerifyEventSignatures(ctx, event, t.keys, func(roomID string, senderID spec.SenderID) (*spec.UserID, error) {
|
||||
return t.db.GetUserIDForSender(ctx, roomID, senderID)
|
||||
if err := gomatrixserverlib.VerifyEventSignatures(ctx, event, t.keys, func(roomID spec.RoomID, senderID spec.SenderID) (*spec.UserID, error) {
|
||||
return t.inputer.Queryer.QueryUserIDForSender(ctx, roomID, senderID)
|
||||
}); err != nil {
|
||||
t.log.WithError(err).Warnf("Couldn't validate signature of event %q from /event", event.EventID())
|
||||
return nil, verifySigError{event.EventID(), err}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue