Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add a test for an event with an invalid signature #821

Merged
merged 5 commits into from
Mar 4, 2020
Merged

Add a test for an event with an invalid signature #821

Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
6196a6b
Add a test for an event from a different origin.
clokep Feb 26, 2020
cb0b970
Clarify test-case.
clokep Feb 28, 2020
97c8dff
Add a basic assertion on the final response.
clokep Mar 2, 2020
aa255bb
Update test title in tests/50federation/30room-join.pl
clokep Mar 4, 2020
2ed42bc
Use a unique alias.
clokep Mar 4, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
107 changes: 105 additions & 2 deletions tests/50federation/30room-join.pl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -870,7 +870,7 @@ sub assert_is_valid_pdu {

# XXX currently synapse fails with a 500 here. I'm not really convinced that's
# a thing we want to enforce, but we don't really have a specced way to say
# "a remote server did something wierd".
# "a remote server did something weird".
Future->done(1);
}),
)
Expand Down Expand Up @@ -953,7 +953,110 @@ sub assert_is_valid_pdu {

# XXX currently synapse fails with a 500 here. I'm not really convinced that's
# a thing we want to enforce, but we don't really have a specced way to say
# "a remote server did something wierd".
# "a remote server did something weird".
Future->done(1);
}),
)
};

test "Event with an invalid signature in the send_join response should not cause room join to fail",
requires => [ local_user_fixture(), $main::INBOUND_SERVER,
federation_user_id_fixture() ],

do => sub {
my ( $user, $inbound_server, $creator_id ) = @_;

my $local_server_name = $inbound_server->server_name;
my $datastore = $inbound_server->datastore;

my $room_alias = "#50fed-room-alias-invalid-sig:$local_server_name";
my $room = $datastore->create_room(
creator => $creator_id,
alias => $room_alias,
);

my $room_id = $room->room_id;

my $event = $room->create_and_insert_event(
sender => "\@test:$local_server_name",
type => "test",
room_id => $room_id,
state_key => "",
content => {
body => "Test",
},
);

# Modify the event (after the signature was generated) to invalidate the signature.
$event->{origin} = "other-server:12345";

my $await_request_send_join;

$await_request_send_join = $inbound_server->await_request_v2_send_join( $room_id );

Future->needs_all(
$inbound_server->await_request_make_join( $room_id, $user->user_id )->then( sub {
my ( $req, $room_id, $user_id ) = @_;

my $proto = $room->make_join_protoevent(
user_id => $user_id,
);

$proto->{origin} = $inbound_server->server_name;
$proto->{origin_server_ts} = $inbound_server->time_ms;

$req->respond_json( {
event => $proto,
} );

Future->done;
}),

$await_request_send_join->then( sub {
my ( $req, $room_id, $event_id ) = @_;

$req->method eq "PUT" or
die "Expected send_join method to be PUT";

my $event = $req->body_from_json;
log_if_fail "send_join event", $event;

my @auth_chain = $datastore->get_auth_chain_events(
map { $_->[0] } @{ $event->{auth_events} }
);

my $response = {
auth_chain => \@auth_chain,
state => [ $room->current_state_events ],
};

$req->respond_json($response);

log_if_fail "send_join response", $response;

Future->done;
}),

do_request_json_for( $user,
method => "POST",
uri => "/r0/join/$room_alias",

content => {},
)->then( sub {
my ( $body ) = @_;
log_if_fail "Join response", $body;

assert_json_keys( $body, qw( room_id ));

$body->{room_id} eq $room_id or
die "Expected room_id to be $room_id";

matrix_get_my_member_event( $user, $room_id )
})->then( sub {
my ( $event ) = @_;

assert_json_keys( $event->{content}, qw( membership ) );

Future->done(1);
}),
)
Expand Down