diff --git a/src/core/matrix/state_res/event_auth.rs b/src/core/matrix/state_res/event_auth.rs index 759ab5cb..6c16182f 100644 --- a/src/core/matrix/state_res/event_auth.rs +++ b/src/core/matrix/state_res/event_auth.rs @@ -56,6 +56,7 @@ pub fn auth_types_for_event( sender: &UserId, state_key: Option<&str>, content: &RawJsonValue, + room_version: &RoomVersion, ) -> serde_json::Result> { if kind == &TimelineEventType::RoomCreate { return Ok(vec![]); @@ -64,8 +65,11 @@ pub fn auth_types_for_event( let mut auth_types = vec![ (StateEventType::RoomPowerLevels, StateKey::new()), (StateEventType::RoomMember, sender.as_str().into()), - (StateEventType::RoomCreate, StateKey::new()), ]; + if !room_version.create_id_as_room_id { + auth_types.push((StateEventType::RoomCreate, StateKey::new())) + // m.room.create is only referenced if it isn't the room ID + } if kind == &TimelineEventType::RoomMember { #[derive(Deserialize)] @@ -183,16 +187,20 @@ where return Ok(false); } - // If the domain of the room_id does not match the domain of the sender, reject - let Some(room_id_server_name) = incoming_event.room_id().server_name() else { - warn!("room ID has no servername"); - return Ok(false); - }; - - if room_id_server_name != sender.server_name() { - warn!("servername of room ID does not match servername of sender"); - return Ok(false); + if room_version.create_id_as_room_id { + let expected = format!("!{}:{}", incoming_event.event_id().localpart(), sender.server_name()); + if incoming_event.room_id().as_str() != expected { + warn!("room create included a room ID that does not match the event ID"); + return Ok(false); + } + } else { + // If the domain of the room_id does not match the domain of the sender, reject + let Some(_room_id_server_name) = incoming_event.room_id().server_name() else { + warn!("room ID has no servername"); + return Ok(false); + }; } + // If content.room_version is present and is not a recognized version, reject let content: RoomCreateContentFields = from_json_str(incoming_event.content().get())?;