Add new room ID check to m.room.create auth

src/core/matrix/state_res/event_auth.rs

@@ -56,6 +56,7 @@ pub fn auth_types_for_event(
 	sender: &UserId,
 	state_key: Option<&str>,
 	content: &RawJsonValue,
+	room_version: &RoomVersion,
 ) -> serde_json::Result<Vec<(StateEventType, StateKey)>> {
 	if kind == &TimelineEventType::RoomCreate {
 		return Ok(vec![]);
@@ -64,8 +65,11 @@ pub fn auth_types_for_event(
 	let mut auth_types = vec![
 		(StateEventType::RoomPowerLevels, StateKey::new()),
 		(StateEventType::RoomMember, sender.as_str().into()),
-		(StateEventType::RoomCreate, StateKey::new()),
 	];
+	if !room_version.create_id_as_room_id {
+		auth_types.push((StateEventType::RoomCreate, StateKey::new()))
+		// m.room.create is only referenced if it isn't the room ID
+	}
 
 	if kind == &TimelineEventType::RoomMember {
 		#[derive(Deserialize)]
@@ -183,16 +187,20 @@ where
 			return Ok(false);
 		}
 
-		// If the domain of the room_id does not match the domain of the sender, reject
-		let Some(room_id_server_name) = incoming_event.room_id().server_name() else {
-			warn!("room ID has no servername");
-			return Ok(false);
-		};
-
-		if room_id_server_name != sender.server_name() {
-			warn!("servername of room ID does not match servername of sender");
-			return Ok(false);
+		if room_version.create_id_as_room_id {
+			let expected = format!("!{}:{}", incoming_event.event_id().localpart(), sender.server_name());
+			if incoming_event.room_id().as_str() != expected {
+				warn!("room create included a room ID that does not match the event ID");
+				return Ok(false);
+			}
+		} else {
+			// If the domain of the room_id does not match the domain of the sender, reject
+			let Some(_room_id_server_name) = incoming_event.room_id().server_name() else {
+				warn!("room ID has no servername");
+				return Ok(false);
+			};
 		}
+		
 
 		// If content.room_version is present and is not a recognized version, reject
 		let content: RoomCreateContentFields = from_json_str(incoming_event.content().get())?;