oss/conduit
oss/conduit
1
0
Fork 0
mirror of https://gitlab.com/famedly/conduit.git synced 2025-09-15 18:57:03 +00:00
Code Wiki Activity

feat: updated MSC4311 support

Browse source 
(cherry picked from commit 1c6b2e0016)
This commit is contained in:
Matthias Ahouansou 2025-09-10 18:41:06 +01:00
parent 7a45c25d7a
commit 47745daa64
No known key found for this signature in database
10 changed files with 216 additions and 176 deletions
Download patch file Download diff file Expand all files Collapse all files

22
Cargo.lock generated
View file

@ -2519,7 +2519,7 @@ dependencies = [
[[package]]
name = "ruma"
version = "0.12.6"
source = "git+https://github.com/ruma/ruma.git#547efbf24831066ae3199dc51b93f6b3a30ea8e7"
source = "git+https://github.com/ruma/ruma.git#d879f7df16ba9928a73649f8149dabeee939691e"
dependencies = [
"assign",
"js_int",
@ -2538,7 +2538,7 @@ dependencies = [
[[package]]
name = "ruma-appservice-api"
version = "0.12.2"
source = "git+https://github.com/ruma/ruma.git#547efbf24831066ae3199dc51b93f6b3a30ea8e7"
source = "git+https://github.com/ruma/ruma.git#d879f7df16ba9928a73649f8149dabeee939691e"
dependencies = [
"js_int",
"ruma-common",
@ -2550,7 +2550,7 @@ dependencies = [
[[package]]
name = "ruma-client-api"
version = "0.20.4"
source = "git+https://github.com/ruma/ruma.git#547efbf24831066ae3199dc51b93f6b3a30ea8e7"
source = "git+https://github.com/ruma/ruma.git#d879f7df16ba9928a73649f8149dabeee939691e"
dependencies = [
"as_variant",
"assign",
@ -2573,7 +2573,7 @@ dependencies = [
[[package]]
name = "ruma-common"
version = "0.15.4"
source = "git+https://github.com/ruma/ruma.git#547efbf24831066ae3199dc51b93f6b3a30ea8e7"
source = "git+https://github.com/ruma/ruma.git#d879f7df16ba9928a73649f8149dabeee939691e"
dependencies = [
"as_variant",
"base64 0.22.1",
@ -2605,7 +2605,7 @@ dependencies = [
[[package]]
name = "ruma-events"
version = "0.30.5"
source = "git+https://github.com/ruma/ruma.git#547efbf24831066ae3199dc51b93f6b3a30ea8e7"
source = "git+https://github.com/ruma/ruma.git#d879f7df16ba9928a73649f8149dabeee939691e"
dependencies = [
"as_variant",
"indexmap 2.9.0",
@ -2629,7 +2629,7 @@ dependencies = [
[[package]]
name = "ruma-federation-api"
version = "0.11.2"
source = "git+https://github.com/ruma/ruma.git#547efbf24831066ae3199dc51b93f6b3a30ea8e7"
source = "git+https://github.com/ruma/ruma.git#d879f7df16ba9928a73649f8149dabeee939691e"
dependencies = [
"bytes",
"headers",
@ -2651,7 +2651,7 @@ dependencies = [
[[package]]
name = "ruma-identifiers-validation"
version = "0.10.1"
source = "git+https://github.com/ruma/ruma.git#547efbf24831066ae3199dc51b93f6b3a30ea8e7"
source = "git+https://github.com/ruma/ruma.git#d879f7df16ba9928a73649f8149dabeee939691e"
dependencies = [
"js_int",
"thiserror 2.0.12",
@ -2660,7 +2660,7 @@ dependencies = [
[[package]]
name = "ruma-macros"
version = "0.15.2"
source = "git+https://github.com/ruma/ruma.git#547efbf24831066ae3199dc51b93f6b3a30ea8e7"
source = "git+https://github.com/ruma/ruma.git#d879f7df16ba9928a73649f8149dabeee939691e"
dependencies = [
"cfg-if",
"proc-macro-crate",
@ -2675,7 +2675,7 @@ dependencies = [
[[package]]
name = "ruma-push-gateway-api"
version = "0.11.0"
source = "git+https://github.com/ruma/ruma.git#547efbf24831066ae3199dc51b93f6b3a30ea8e7"
source = "git+https://github.com/ruma/ruma.git#d879f7df16ba9928a73649f8149dabeee939691e"
dependencies = [
"js_int",
"ruma-common",
@ -2687,7 +2687,7 @@ dependencies = [
[[package]]
name = "ruma-signatures"
version = "0.17.1"
source = "git+https://github.com/ruma/ruma.git#547efbf24831066ae3199dc51b93f6b3a30ea8e7"
source = "git+https://github.com/ruma/ruma.git#d879f7df16ba9928a73649f8149dabeee939691e"
dependencies = [
"base64 0.22.1",
"ed25519-dalek",
@ -2703,7 +2703,7 @@ dependencies = [
[[package]]
name = "ruma-state-res"
version = "0.13.0"
source = "git+https://github.com/ruma/ruma.git#547efbf24831066ae3199dc51b93f6b3a30ea8e7"
source = "git+https://github.com/ruma/ruma.git#d879f7df16ba9928a73649f8149dabeee939691e"
dependencies = [
"js_int",
"ruma-common",

7
src/api/client_server/membership.rs
View file

@ -188,9 +188,6 @@ pub async fn knock_room_route(
}
_ => return Err(Error::BadServerResponse("Room version is not supported")),
};
let rules = room_version_id
.rules()
.expect("Supported room version has rules");
let (event_id, knock_event, _) = services().rooms.helpers.populate_membership_template(
&knock_template.event,
@ -215,8 +212,6 @@ pub async fn knock_room_route(
)
.await?;
utils::check_stripped_state(&send_kock_response.knock_room_state, &room_id, &rules)?;
info!("send_knock finished");
let mut stripped_state = send_kock_response.knock_room_state;
@ -231,7 +226,7 @@ pub async fn knock_room_route(
.to_stripped_state_event()
.into(),
);
let stripped_state = utils::convert_stripped_state(stripped_state, &rules)?;
let stripped_state = utils::convert_stripped_state(stripped_state)?;
services().rooms.state_cache.update_membership(
&room_id,

4
src/api/server_server.rs
View file

@ -2105,7 +2105,7 @@ pub async fn create_invite_route(
.rules()
.expect("Supported room version has rules");
utils::check_stripped_state(&invite_room_state, &room_id, &rules)?;
utils::check_stripped_state(&invite_room_state, &room_id, &rules).await?;
let mut signed_event = utils::to_canonical_object(&event)
.map_err(|_| Error::BadRequest(ErrorKind::InvalidParam, "Invite event is invalid."))?;
@ -2169,7 +2169,7 @@ pub async fn create_invite_route(
})?;
invite_state.push(pdu.to_stripped_state_event().into());
let invite_state = utils::convert_stripped_state(invite_state, &rules)?;
let invite_state = utils::convert_stripped_state(invite_state)?;
// If we are active in the room, the remote server will notify us about the join via /send
if !services()

17
src/database/key_value/rooms/state_cache.rs
View file

@ -1,7 +1,8 @@
use std::{collections::HashSet, sync::Arc};
use ruma::{
api::client::sync::sync_events::StrippedState, events::AnySyncStateEvent, serde::Raw,
events::{AnyStrippedStateEvent, AnySyncStateEvent},
serde::Raw,
OwnedRoomId, OwnedServerName, OwnedUserId, RoomId, ServerName, UserId,
};
@ -38,7 +39,7 @@ impl service::rooms::state_cache::Data for KeyValueDatabase {
&self,
user_id: &UserId,
room_id: &RoomId,
last_state: Option<Vec<Raw<StrippedState>>>,
last_state: Option<Vec<Raw<AnyStrippedStateEvent>>>,
) -> Result<()> {
let (roomuser_id, userroom_id) = get_room_and_user_byte_ids(room_id, user_id);
@ -65,7 +66,7 @@ impl service::rooms::state_cache::Data for KeyValueDatabase {
&self,
user_id: &UserId,
room_id: &RoomId,
last_state: Option<Vec<Raw<StrippedState>>>,
last_state: Option<Vec<Raw<AnyStrippedStateEvent>>>,
) -> Result<()> {
let (roomuser_id, userroom_id) = get_room_and_user_byte_ids(room_id, user_id);
@ -482,7 +483,7 @@ impl service::rooms::state_cache::Data for KeyValueDatabase {
fn rooms_invited<'a>(
&'a self,
user_id: &UserId,
) -> Box<dyn Iterator<Item = Result<(OwnedRoomId, Vec<Raw<StrippedState>>)>> + 'a> {
) -> Box<dyn Iterator<Item = Result<(OwnedRoomId, Vec<Raw<AnyStrippedStateEvent>>)>> + 'a> {
scan_userroom_id_memberstate_tree(user_id, &self.userroomid_invitestate)
}
@ -492,7 +493,7 @@ impl service::rooms::state_cache::Data for KeyValueDatabase {
fn rooms_knocked<'a>(
&'a self,
user_id: &UserId,
) -> Box<dyn Iterator<Item = Result<(OwnedRoomId, Vec<Raw<StrippedState>>)>> + 'a> {
) -> Box<dyn Iterator<Item = Result<(OwnedRoomId, Vec<Raw<AnyStrippedStateEvent>>)>> + 'a> {
scan_userroom_id_memberstate_tree(user_id, &self.userroomid_knockstate)
}
@ -501,7 +502,7 @@ impl service::rooms::state_cache::Data for KeyValueDatabase {
&self,
user_id: &UserId,
room_id: &RoomId,
) -> Result<Option<Vec<Raw<StrippedState>>>> {
) -> Result<Option<Vec<Raw<AnyStrippedStateEvent>>>> {
let mut key = user_id.as_bytes().to_vec();
key.push(0xff);
key.extend_from_slice(room_id.as_bytes());
@ -522,7 +523,7 @@ impl service::rooms::state_cache::Data for KeyValueDatabase {
&self,
user_id: &UserId,
room_id: &RoomId,
) -> Result<Option<Vec<Raw<StrippedState>>>> {
) -> Result<Option<Vec<Raw<AnyStrippedStateEvent>>>> {
let mut key = user_id.as_bytes().to_vec();
key.push(0xff);
key.extend_from_slice(room_id.as_bytes());
@ -543,7 +544,7 @@ impl service::rooms::state_cache::Data for KeyValueDatabase {
&self,
user_id: &UserId,
room_id: &RoomId,
) -> Result<Option<Vec<Raw<StrippedState>>>> {
) -> Result<Option<Vec<Raw<AnyStrippedStateEvent>>>> {
let mut key = user_id.as_bytes().to_vec();
key.push(0xff);
key.extend_from_slice(room_id.as_bytes());

79
src/service/rooms/event_handler/mod.rs
View file

@ -32,6 +32,7 @@ use ruma::{
},
int,
room_version_rules::{AuthorizationRules, RoomVersionRules, StateResolutionV2Rules},
serde::Base64,
state_res::{self, StateMap},
uint, CanonicalJsonObject, CanonicalJsonValue, EventId, MilliSecondsSinceUnixEpoch,
OwnedServerName, OwnedServerSigningKeyId, RoomId, ServerName,
@ -338,43 +339,14 @@ impl Service {
}
// TODO: For RoomVersion6 we must check that Raw<..> is canonical do we anywhere?: https://matrix.org/docs/spec/rooms/v6#canonical-json
// We go through all the signatures we see on the value and fetch the corresponding signing
// keys
self.fetch_required_signing_keys(&value, pub_key_map)
.await?;
let origin_server_ts = value.get("origin_server_ts").ok_or_else(|| {
error!("Invalid PDU, no origin_server_ts field");
Error::BadRequest(
ErrorKind::MissingParam,
"Invalid PDU, no origin_server_ts field",
)
})?;
let origin_server_ts: MilliSecondsSinceUnixEpoch = {
let ts = origin_server_ts.as_integer().ok_or_else(|| {
Error::BadRequest(
ErrorKind::InvalidParam,
"origin_server_ts must be an integer",
)
})?;
MilliSecondsSinceUnixEpoch(i64::from(ts).try_into().map_err(|_| {
Error::BadRequest(ErrorKind::InvalidParam, "Time must be after the unix epoch")
})?)
};
let guard = pub_key_map.read().await;
let pkey_map = (*guard).clone();
// Removing all the expired keys, unless the room version allows stale keys
let filtered_keys = services().globals.filter_keys_server_map(
pkey_map,
origin_server_ts,
&room_version_rules,
);
let filtered_keys = self
.filter_required_signing_keys(&value, pub_key_map, &room_version_rules)
.await?;
let mut val =
match ruma::signatures::verify_event(&filtered_keys, &value, &room_version_rules) {
@ -416,8 +388,6 @@ impl Service {
Ok(ruma::signatures::Verified::All) => value,
};
drop(guard);
// Now that we have checked the signature and hashes we can add the eventID and convert
// to our PduEvent type
val.insert(
@ -1451,6 +1421,47 @@ impl Service {
Ok((sorted, eventid_info))
}
/// Filters down the given signing keys, only keeping those which could be valid for this event.
#[tracing::instrument(skip_all)]
pub async fn filter_required_signing_keys(
&self,
event: &BTreeMap<String, CanonicalJsonValue>,
pub_key_map: &RwLock<BTreeMap<String, SigningKeys>>,
room_version_rules: &RoomVersionRules,
) -> Result<BTreeMap<String, BTreeMap<String, Base64>>> {
let origin_server_ts = event.get("origin_server_ts").ok_or_else(|| {
error!("Invalid PDU, no origin_server_ts field");
Error::BadRequest(
ErrorKind::MissingParam,
"Invalid PDU, no origin_server_ts field",
)
})?;
let origin_server_ts: MilliSecondsSinceUnixEpoch = {
let ts = origin_server_ts.as_integer().ok_or_else(|| {
Error::BadRequest(
ErrorKind::InvalidParam,
"origin_server_ts must be an integer",
)
})?;
MilliSecondsSinceUnixEpoch(i64::from(ts).try_into().map_err(|_| {
Error::BadRequest(ErrorKind::InvalidParam, "Time must be after the unix epoch")
})?)
};
let guard = pub_key_map.write().await;
let pkey_map = (*guard).clone();
// Removing all the expired keys, unless the room version allows stale keys
Ok(services().globals.filter_keys_server_map(
pkey_map,
origin_server_ts,
room_version_rules,
))
}
#[tracing::instrument(skip_all)]
pub(crate) async fn fetch_required_signing_keys(
&self,

25
src/service/rooms/state/mod.rs
View file

@ -6,13 +6,11 @@ use std::{
pub use data::Data;
use ruma::{
api::{
client::{error::ErrorKind, sync::sync_events::StrippedState},
federation::membership::RawStrippedState,
},
api::{client::error::ErrorKind, federation::membership::RawStrippedState},
events::{
room::{create::RoomCreateEventContent, member::MembershipState},
StateEventType, TimelineEventType, RECOMMENDED_STRIPPED_STATE_EVENT_TYPES,
AnyStrippedStateEvent, StateEventType, TimelineEventType,
RECOMMENDED_STRIPPED_STATE_EVENT_TYPES,
},
room_version_rules::AuthorizationRules,
serde::Raw,
@ -273,31 +271,28 @@ impl Service {
services()
.rooms
.state_accessor
.room_state_get(room_id, state_event_type, "")
.room_state_get_id(room_id, state_event_type, "")
.transpose()
})
.map(|e| {
if e.as_ref()
.is_ok_and(|e| e.kind == TimelineEventType::RoomCreate)
{
e.and_then(|e| {
services()
.rooms
.timeline
.get_pdu_json(&e.event_id)
.get_pdu_json(&e)
.transpose()
.expect("Event must be present for it to make up the current state")
.map(PduEvent::convert_to_outgoing_federation_event)
.map(RawStrippedState::Pdu)
})
} else {
e.map(|e| RawStrippedState::Stripped(e.to_stripped_state_event()))
}
})
.collect::<Result<Vec<_>>>()
}
pub fn stripped_state_client(&self, room_id: &RoomId) -> Result<Vec<Raw<StrippedState>>> {
pub fn stripped_state_client(
&self,
room_id: &RoomId,
) -> Result<Vec<Raw<AnyStrippedStateEvent>>> {
RECOMMENDED_STRIPPED_STATE_EVENT_TYPES
.iter()
.filter_map(|state_event_type| {
@ -307,7 +302,7 @@ impl Service {
.room_state_get(room_id, state_event_type, "")
.transpose()
})
.map(|e| e.map(|e| e.to_stripped_state_event().cast()))
.map(|e| e.map(|e| e.to_stripped_state_event()))
.collect::<Result<Vec<_>>>()
}

17
src/service/rooms/state_cache/data.rs
View file

@ -2,7 +2,8 @@ use std::{collections::HashSet, sync::Arc};
use crate::{service::appservice::RegistrationInfo, Result};
use ruma::{
api::client::sync::sync_events::StrippedState, events::AnySyncStateEvent, serde::Raw,
events::{AnyStrippedStateEvent, AnySyncStateEvent},
serde::Raw,
OwnedRoomId, OwnedServerName, OwnedUserId, RoomId, ServerName, UserId,
};
@ -13,13 +14,13 @@ pub trait Data: Send + Sync {
&self,
user_id: &UserId,
room_id: &RoomId,
last_state: Option<Vec<Raw<StrippedState>>>,
last_state: Option<Vec<Raw<AnyStrippedStateEvent>>>,
) -> Result<()>;
fn mark_as_knocked(
&self,
user_id: &UserId,
room_id: &RoomId,
last_state: Option<Vec<Raw<StrippedState>>>,
last_state: Option<Vec<Raw<AnyStrippedStateEvent>>>,
) -> Result<()>;
fn mark_as_left(&self, user_id: &UserId, room_id: &RoomId) -> Result<()>;
@ -85,32 +86,32 @@ pub trait Data: Send + Sync {
fn rooms_invited<'a>(
&'a self,
user_id: &UserId,
) -> Box<dyn Iterator<Item = Result<(OwnedRoomId, Vec<Raw<StrippedState>>)>> + 'a>;
) -> Box<dyn Iterator<Item = Result<(OwnedRoomId, Vec<Raw<AnyStrippedStateEvent>>)>> + 'a>;
/// Returns an iterator over all rooms a user has knocked on.
#[allow(clippy::type_complexity)]
fn rooms_knocked<'a>(
&'a self,
user_id: &UserId,
) -> Box<dyn Iterator<Item = Result<(OwnedRoomId, Vec<Raw<StrippedState>>)>> + 'a>;
) -> Box<dyn Iterator<Item = Result<(OwnedRoomId, Vec<Raw<AnyStrippedStateEvent>>)>> + 'a>;
fn invite_state(
&self,
user_id: &UserId,
room_id: &RoomId,
) -> Result<Option<Vec<Raw<StrippedState>>>>;
) -> Result<Option<Vec<Raw<AnyStrippedStateEvent>>>>;
fn knock_state(
&self,
user_id: &UserId,
room_id: &RoomId,
) -> Result<Option<Vec<Raw<StrippedState>>>>;
) -> Result<Option<Vec<Raw<AnyStrippedStateEvent>>>>;
fn left_state(
&self,
user_id: &UserId,
room_id: &RoomId,
) -> Result<Option<Vec<Raw<StrippedState>>>>;
) -> Result<Option<Vec<Raw<AnyStrippedStateEvent>>>>;
/// Returns an iterator over all rooms a user left.
#[allow(clippy::type_complexity)]

16
src/service/rooms/state_cache/mod.rs
View file

@ -4,12 +4,12 @@ use std::{collections::HashSet, sync::Arc};
pub use data::Data;
use ruma::{
api::client::sync::sync_events::StrippedState,
events::{
direct::DirectEvent,
ignored_user_list::IgnoredUserListEvent,
room::{create::RoomCreateEventContent, member::MembershipState},
AnySyncStateEvent, GlobalAccountDataEventType, RoomAccountDataEventType, StateEventType,
AnyStrippedStateEvent, AnySyncStateEvent, GlobalAccountDataEventType,
RoomAccountDataEventType, StateEventType,
},
serde::Raw,
OwnedRoomId, OwnedRoomOrAliasId, OwnedServerName, OwnedUserId, RoomId, ServerName, UserId,
@ -31,7 +31,7 @@ impl Service {
user_id: &UserId,
membership: MembershipState,
sender: &UserId,
last_state: Option<Vec<Raw<StrippedState>>>,
last_state: Option<Vec<Raw<AnyStrippedStateEvent>>>,
update_joined_count: bool,
) -> Result<()> {
// Keep track what remote users exist by adding them as "deactivated" users
@ -317,7 +317,7 @@ impl Service {
pub fn rooms_invited<'a>(
&'a self,
user_id: &UserId,
) -> impl Iterator<Item = Result<(OwnedRoomId, Vec<Raw<StrippedState>>)>> + 'a {
) -> impl Iterator<Item = Result<(OwnedRoomId, Vec<Raw<AnyStrippedStateEvent>>)>> + 'a {
self.db.rooms_invited(user_id)
}
@ -326,7 +326,7 @@ impl Service {
pub fn rooms_knocked<'a>(
&'a self,
user_id: &UserId,
) -> impl Iterator<Item = Result<(OwnedRoomId, Vec<Raw<StrippedState>>)>> + 'a {
) -> impl Iterator<Item = Result<(OwnedRoomId, Vec<Raw<AnyStrippedStateEvent>>)>> + 'a {
self.db.rooms_knocked(user_id)
}
@ -335,7 +335,7 @@ impl Service {
&self,
user_id: &UserId,
room_id: &RoomId,
) -> Result<Option<Vec<Raw<StrippedState>>>> {
) -> Result<Option<Vec<Raw<AnyStrippedStateEvent>>>> {
self.db.invite_state(user_id, room_id)
}
@ -344,7 +344,7 @@ impl Service {
&self,
user_id: &UserId,
room_id: &RoomId,
) -> Result<Option<Vec<Raw<StrippedState>>>> {
) -> Result<Option<Vec<Raw<AnyStrippedStateEvent>>>> {
self.db.knock_state(user_id, room_id)
}
@ -353,7 +353,7 @@ impl Service {
&self,
user_id: &UserId,
room_id: &RoomId,
) -> Result<Option<Vec<Raw<StrippedState>>>> {
) -> Result<Option<Vec<Raw<AnyStrippedStateEvent>>>> {
self.db.left_state(user_id, room_id)
}

2
src/service/rooms/timeline/mod.rs
View file

@ -455,7 +455,7 @@ impl Service {
.state
.stripped_state_client(&pdu.room_id())?;
// So that clients can get info about who invitied them (not relevant for knocking), the reason, when, etc.
state.push(pdu.to_stripped_state_event().cast());
state.push(pdu.to_stripped_state_event());
Some(state)
}
_ => None,

175
src/utils/mod.rs
View file

@ -5,24 +5,26 @@ use cmp::Ordering;
use rand::prelude::*;
use ring::digest;
use ruma::{
api::{
client::{error::ErrorKind, sync::sync_events::StrippedState},
federation::membership::RawStrippedState,
},
api::{client::error::ErrorKind, federation::membership::RawStrippedState},
canonical_json::try_from_json_map,
events::{AnyStateEvent, StateEventType},
events::AnyStrippedStateEvent,
room_version_rules::RoomVersionRules,
serde::Raw,
signatures::Verified,
CanonicalJsonError, CanonicalJsonObject, CanonicalJsonValue, RoomId,
};
use serde_json::value::to_raw_value;
use std::{
cmp, fmt,
cmp,
collections::BTreeMap,
fmt,
str::FromStr,
time::{SystemTime, UNIX_EPOCH},
};
use tokio::sync::RwLock;
use tracing::warn;
use crate::{service::pdu::gen_event_id_canonical_json, Result};
use crate::{service::pdu::gen_event_id_canonical_json, services, Error, Result};
pub fn millis_since_unix_epoch() -> u64 {
SystemTime::now()
@ -199,45 +201,39 @@ impl fmt::Display for HtmlEscape<'_> {
}
}
/// Converts `RawStrippedState` (federation format) into `Raw<StrippedState>` (client format)
/// Converts `RawStrippedState` (federation format) into `Raw<AnyStrippedState>` (client format)
pub fn convert_stripped_state(
stripped_state: Vec<RawStrippedState>,
rules: &RoomVersionRules,
) -> Result<Vec<Raw<StrippedState>>> {
) -> Result<Vec<Raw<AnyStrippedStateEvent>>> {
stripped_state
.into_iter()
.map(|stripped_state| match stripped_state {
RawStrippedState::Stripped(state) => Ok(state.cast()),
RawStrippedState::Stripped(state) => Ok(state),
RawStrippedState::Pdu(state) => {
let (event_id, mut event) = gen_event_id_canonical_json(&state, rules)?;
let mut event: CanonicalJsonObject =
serde_json::from_str(state.get()).map_err(|e| {
warn!("Error parsing incoming event {:?}: {:?}", state, e);
Error::BadServerResponse("Invalid PDU in server response")
})?;
event.retain(|k, _| {
matches!(
k.as_str(),
"content"
| "event_id"
| "origin_server_ts"
| "room_id"
| "sender"
| "state_key"
| "type"
| "unsigned"
)
matches!(k.as_str(), "content" | "sender" | "state_key" | "type")
});
event.insert("event_id".to_owned(), event_id.as_str().into());
let raw_value = to_raw_value(&CanonicalJsonValue::Object(event))
.expect("To raw json should not fail since only change was adding signature");
Ok(Raw::<AnyStateEvent>::from_json(raw_value).cast())
Ok(Raw::<AnyStrippedStateEvent>::from_json(raw_value))
}
})
.collect()
}
pub fn check_stripped_state(
stripped_state: &Vec<RawStrippedState>,
/// Performs checks on incoming stripped state, as per [MSC4311]
///
/// [MSC4311]: https://github.com/matrix-org/matrix-spec-proposals/pull/4311
pub async fn check_stripped_state(
stripped_state: &[RawStrippedState],
room_id: &RoomId,
rules: &RoomVersionRules,
) -> Result<()> {
@ -246,65 +242,106 @@ pub fn check_stripped_state(
return Ok(());
}
#[cfg(feature = "enforce_msc4311")]
let mut seen_create_event = false;
#[cfg(feature = "enforce_msc4311")]
let mut seen_valid_create_event = false;
for state in stripped_state {
match state {
RawStrippedState::Pdu(pdu) => {
let Ok((event_id, value)) = gen_event_id_canonical_json(pdu, rules) else {
continue;
};
let Some(event_type) = value.get("type").and_then(|t| t.as_str()) else {
continue;
};
if event_type != "m.room.create" {
continue;
}
if seen_create_event {
return Err(error::Error::BadRequest(
if !stripped_state.iter().all(|state| match state {
RawStrippedState::Pdu(_) => true,
RawStrippedState::Stripped(_) => false,
}) {
return Err(Error::BadRequest(
ErrorKind::InvalidParam,
"Stripped state has multiple create events",
"Non-pdu found in stripped state",
));
}
if event_id.localpart() != room_id.strip_sigil() {
return Err(error::Error::BadRequest(
let stripped_state = stripped_state
.iter()
.filter_map(|event| {
if let RawStrippedState::Pdu(pdu) = event {
Some(pdu)
} else {
None
}
})
.map(|pdu| gen_event_id_canonical_json(pdu, rules))
.collect::<Result<Vec<_>>>()?;
let pub_key_map = RwLock::new(BTreeMap::new());
for (_, pdu) in &stripped_state {
services()
.rooms
.event_handler
.fetch_required_signing_keys(pdu, &pub_key_map)
.await?;
}
for (event_id, pdu) in stripped_state {
let filtered_keys = services()
.rooms
.event_handler
.filter_required_signing_keys(&pdu, &pub_key_map, rules)
.await?;
if !ruma::signatures::verify_event(&filtered_keys, &pdu, rules)
.is_ok_and(|verified| verified == Verified::All)
{
return Err(Error::BadRequest(
ErrorKind::InvalidParam,
"Signature check on stripped state failed",
));
}
let Some(event_type) = pdu.get("type").and_then(|t| t.as_str()) else {
return Err(Error::BadRequest(
ErrorKind::InvalidParam,
"Event with no type returned",
));
};
if !(event_type == "m.room.create" && rules.authorization.room_create_event_id_as_room_id) {
let pdu_room_id = pdu
.get("room_id")
.ok_or_else(|| Error::BadRequest(ErrorKind::InvalidParam, "Event missing room ID"))
.map(|v| v.as_str())?
.ok_or_else(|| {
Error::BadRequest(ErrorKind::InvalidParam, "Event has non-string room id")
})
.map(RoomId::parse)?
.map_err(|_| {
Error::BadRequest(ErrorKind::InvalidParam, "Event has invalid room ID")
})?;
if pdu_room_id != room_id {
return Err(Error::BadRequest(
ErrorKind::InvalidParam,
"Stripped state room ID does not match the one of the request",
));
}
}
if event_type == "m.room.create" {
#[allow(clippy::collapsible_if)]
if event_id.localpart() != room_id.strip_sigil()
&& rules.authorization.room_create_event_id_as_room_id
{
return Err(Error::BadRequest(
ErrorKind::InvalidParam,
"Room ID generated from create event does not match that from the request",
));
}
seen_create_event = true;
#[cfg(feature = "enforce_msc4311")]
{
seen_valid_create_event = true;
}
}
RawStrippedState::Stripped(event) => {
let Ok(event) = event.deserialize() else {
continue;
};
if event.event_type() != StateEventType::RoomCreate {
continue;
}
if seen_create_event {
return Err(error::Error::BadRequest(
ErrorKind::InvalidParam,
"Stripped state has multiple create events",
));
}
seen_create_event = true;
}
}
}
#[cfg(feature = "enforce_msc4311")]
if !seen_valid_create_event {
return Err(error::Error::BadRequest(
if !seen_create_event {
return Err(Error::BadRequest(
ErrorKind::InvalidParam,
"Stripped state contained no valid create PDUs",
));