From e417d211648672f27ddb3e99d19f99b3a54d0d64 Mon Sep 17 00:00:00 2001 From: Aaron Raimist Date: Thu, 6 May 2021 18:19:58 -0500 Subject: [PATCH 1/3] Add config option to hide device names over federation Signed-off-by: Aaron Raimist --- docs/sample_config.yaml | 6 ++++++ synapse/config/federation.py | 10 ++++++++++ synapse/storage/databases/main/end_to_end_keys.py | 4 +++- 3 files changed, 19 insertions(+), 1 deletion(-) diff --git a/docs/sample_config.yaml b/docs/sample_config.yaml index f469d6e54f66..7cf222d356cf 100644 --- a/docs/sample_config.yaml +++ b/docs/sample_config.yaml @@ -741,6 +741,12 @@ acme: # #allow_profile_lookup_over_federation: false +# Uncomment to disable device display name lookup over federation. By default, the +# Federation API allows other homeservers to obtain device display names of any user +# on this homeserver. Defaults to 'true'. +# +#allow_device_name_lookup_over_federation: false + ## Caching ## diff --git a/synapse/config/federation.py b/synapse/config/federation.py index 090ba047fa23..cdd7a1ef054e 100644 --- a/synapse/config/federation.py +++ b/synapse/config/federation.py @@ -44,6 +44,10 @@ def read_config(self, config, **kwargs): "allow_profile_lookup_over_federation", True ) + self.allow_device_name_lookup_over_federation = config.get( + "allow_device_name_lookup_over_federation", True + ) + def generate_config_section(self, config_dir_path, server_name, **kwargs): return """\ ## Federation ## @@ -75,6 +79,12 @@ def generate_config_section(self, config_dir_path, server_name, **kwargs): # on this homeserver. Defaults to 'true'. # #allow_profile_lookup_over_federation: false + + # Uncomment to disable device display name lookup over federation. By default, the + # Federation API allows other homeservers to obtain device display names of any user + # on this homeserver. Defaults to 'true'. + # + #allow_device_name_lookup_over_federation: false """ diff --git a/synapse/storage/databases/main/end_to_end_keys.py b/synapse/storage/databases/main/end_to_end_keys.py index 88afe97c41ac..398d6b6acb85 100644 --- a/synapse/storage/databases/main/end_to_end_keys.py +++ b/synapse/storage/databases/main/end_to_end_keys.py @@ -84,7 +84,9 @@ async def get_e2e_device_keys_for_federation_query( if keys: result["keys"] = keys - device_display_name = device.display_name + device_display_name = None + if self.hs.config.allow_device_name_lookup_over_federation: + device_display_name = device.display_name if device_display_name: result["device_display_name"] = device_display_name From 61fcfa11dfa90070db43b95255bdba08b4250db5 Mon Sep 17 00:00:00 2001 From: Aaron Raimist Date: Thu, 6 May 2021 18:25:47 -0500 Subject: [PATCH 2/3] Add changelog Signed-off-by: Aaron Raimist --- changelog.d/9945.feature | 1 + 1 file changed, 1 insertion(+) create mode 100644 changelog.d/9945.feature diff --git a/changelog.d/9945.feature b/changelog.d/9945.feature new file mode 100644 index 000000000000..7aa21a331fc7 --- /dev/null +++ b/changelog.d/9945.feature @@ -0,0 +1 @@ +Add a config option to allow you to prevent device display names from being shared over federation. \ No newline at end of file From 386608cb6582d925a29ea19d5bb0ada346ed87fe Mon Sep 17 00:00:00 2001 From: Richard van der Hoff <1389908+richvdh@users.noreply.github.com> Date: Tue, 11 May 2021 13:36:24 +0100 Subject: [PATCH 3/3] Update changelog.d/9945.feature --- changelog.d/9945.feature | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/changelog.d/9945.feature b/changelog.d/9945.feature index 7aa21a331fc7..84308e8cce18 100644 --- a/changelog.d/9945.feature +++ b/changelog.d/9945.feature @@ -1 +1 @@ -Add a config option to allow you to prevent device display names from being shared over federation. \ No newline at end of file +Add a config option to allow you to prevent device display names from being shared over federation. Contributed by @aaronraimist.