melody/continuwuity
1
0
Fork 0
mirror of https://forgejo.ellis.link/continuwuation/continuwuity.git synced 2025-06-27 13:34:50 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge remote-tracking branch 'origin/nex/fix-create-auth' into illegal-car-mods

Browse source
This commit is contained in:
Jacob Taylor 2025-06-10 18:50:13 -07:00
commit 712c8f4f89
4 changed files with 47 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

31
src/core/matrix/state_res/event_auth.rs
View file

@ -13,6 +13,7 @@ use ruma::{
power_levels::RoomPowerLevelsEventContent, power_levels::RoomPowerLevelsEventContent,
third_party_invite::RoomThirdPartyInviteEventContent, third_party_invite::RoomThirdPartyInviteEventContent,
}, },
EventId,
int, int,
serde::{Base64, Raw}, serde::{Base64, Raw},
}; };
@ -21,7 +22,6 @@ use serde::{
de::{Error as _, IgnoredAny}, de::{Error as _, IgnoredAny},
}; };
use serde_json::{from_str as from_json_str, value::RawValue as RawJsonValue}; use serde_json::{from_str as from_json_str, value::RawValue as RawJsonValue};
use super::{ use super::{
Error, Event, Result, StateEventType, StateKey, TimelineEventType, Error, Event, Result, StateEventType, StateKey, TimelineEventType,
power_levels::{ power_levels::{
@ -217,8 +217,9 @@ where
} }
/* /*
// TODO: In the past this code caused problems federating with synapse, maybe this has been // TODO: In the past this code was commented as it caused problems with Synapse. This is no
// resolved already. Needs testing. // longer the case. This needs to be implemented.
// See also: https://github.com/ruma/ruma/pull/2064
// //
// 2. Reject if auth_events // 2. Reject if auth_events
// a. auth_events cannot have duplicate keys since it's a BTree // a. auth_events cannot have duplicate keys since it's a BTree
@ -250,11 +251,33 @@ where
let room_create_event = match room_create_event { let room_create_event = match room_create_event {
| None => { | None => {
warn!("no m.room.create event in auth chain"); error!(
create_event = room_create_event.as_ref().map(Event::event_id).unwrap_or(<&EventId>::try_from("$unknown").unwrap()).as_str(),
power_levels = power_levels_event.as_ref().map(Event::event_id).unwrap_or(<&EventId>::try_from("$unknown").unwrap()).as_str(),
member_event = sender_member_event.as_ref().map(Event::event_id).unwrap_or(<&EventId>::try_from("$unknown").unwrap()).as_str(),
"no m.room.create event found for {} ({})!",
incoming_event.event_id().as_str(),
incoming_event.room_id().as_str()
);
return Ok(false); return Ok(false);
}, },
| Some(e) => e, | Some(e) => e,
}; };
// just re-check 1.2 to work around a bug
let Some(room_id_server_name) = incoming_event.room_id().server_name() else {
warn!("room ID has no servername");
return Ok(false);
};
if room_id_server_name != room_create_event.sender().server_name() {
warn!(
"servername of room ID origin ({}) does not match servername of m.room.create \
sender ({})",
room_id_server_name,
room_create_event.sender().server_name()
);
return Ok(false);
}
// 3. If event does not have m.room.create in auth_events reject // 3. If event does not have m.room.create in auth_events reject
if !incoming_event if !incoming_event

6
src/core/matrix/state_res/mod.rs
View file

@ -726,8 +726,12 @@ where
Fut: Future<Output = Option<E>> + Send, Fut: Future<Output = Option<E>> + Send,
E: Event + Send + Sync, E: Event + Send + Sync,
{ {
let mut room_id = None;
while let Some(sort_ev) = event { while let Some(sort_ev) = event {
debug!(event_id = sort_ev.event_id().as_str(), "mainline"); debug!(event_id = sort_ev.event_id().as_str(), "mainline");
if room_id.is_none() {
room_id = Some(sort_ev.room_id().to_owned());
}
let id = sort_ev.event_id(); let id = sort_ev.event_id();
if let Some(depth) = mainline_map.get(id) { if let Some(depth) = mainline_map.get(id) {
@ -746,7 +750,7 @@ where
} }
} }
} }
// Did not find a power level event so we default to zero warn!("could not find a power event in the mainline map for {room_id:?}, defaulting to zero depth");
Ok(0) Ok(0)
} }

5
src/service/rooms/event_handler/handle_outlier_pdu.rs
View file

@ -119,10 +119,7 @@ pub(super) async fn handle_outlier_pdu<'a>(
} }
// The original create event must be in the auth events // The original create event must be in the auth events
if !matches!( if !auth_events.contains_key(&(StateEventType::RoomCreate, String::new().into())) {
auth_events.get(&(StateEventType::RoomCreate, String::new().into())),
Some(_) | None
) {
return Err!(Request(InvalidParam("Incoming event refers to wrong create event."))); return Err!(Request(InvalidParam("Incoming event refers to wrong create event.")));
} }

14
src/service/rooms/timeline/mod.rs
View file

@ -698,6 +698,20 @@ impl Service {
.await .await
.saturating_add(uint!(1)); .saturating_add(uint!(1));
if state_key.is_none() {
if prev_events.is_empty() {
warn!("Timeline event had zero prev_events, something broke.");
return Err!(Request(Unknown("Timeline event had zero prev_events.")));
}
if depth.le(&uint!(2)) {
warn!(
"Had unsafe depth of {depth} in {room_id} when creating non-state event. \
Bad!"
);
return Err!(Request(Unknown("Unsafe depth for non-state event.")));
}
};
let mut unsigned = unsigned.unwrap_or_default(); let mut unsigned = unsigned.unwrap_or_default();
if let Some(state_key) = &state_key { if let Some(state_key) = &state_key {