Skip to content

Clarify when an event is returned from /send_join.#1840

Merged
clokep merged 3 commits intomatrix-org:mainfrom
clokep:clokep/send-join-event
Jun 11, 2024
Merged

Clarify when an event is returned from /send_join.#1840
clokep merged 3 commits intomatrix-org:mainfrom
clokep:clokep/send-join-event

Conversation

@clokep
Copy link
Member

@clokep clokep commented Jun 5, 2024
edited by github-actions bot
Loading

@clokep clokep marked this pull request as ready for review June 5, 2024 00:16
@clokep clokep requested a review from a team as a code owner June 5, 2024 00:16
@clokep clokep requested a review from richvdh June 5, 2024 00:17
@clokep clokep mentioned this pull request Jun 5, 2024
Closed
Kladki
Kladki reviewed Jun 5, 2024
View reviewed changes
data/api/server-server/joins-v2.yaml Outdated
field. The signed copy of the membership event sent to other servers by the resident server,
including the resident server's signature.
The signed copy of the membership event sent to other servers by the resident server.
Required if the event is signed by the resident server.
Copy link
Contributor

@Kladki Kladki Jun 5, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So as the sender of the /send_join request, should we still ensure that the signed event is present when performing a restricted join, as it must be signed in this case?

Copy link
Member Author

@clokep clokep Jun 5, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What do you mean by present? Present when you get the room state?

As the joining server I think the important things to do are:

  1. Verify the signatures as with any event.
  2. Ensure this copy of the event is persisted locally and not the copy that was used to make the /send_join call.

I'd have to double check what synapse does to see if there's anything else though.

Copy link
Contributor

@Kladki Kladki Jun 5, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What do you mean by present?

The signed event being returned in the event field of the response.

Copy link
Member Author

@clokep clokep Jun 10, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The signature needs to be checked (as is in the auth rules), Synapse does this @ https://github.com/matrix-org/synapse/blob/23740eaa3da94fbe2e25180376961979fc4e8cd3/synapse/federation/federation_base.py#L238-L259.

I'm still unsure if that's your question or not though.

@richvdh richvdh mentioned this pull request Jun 5, 2024
Merged
3 tasks
richvdh
richvdh requested changes Jun 5, 2024
View reviewed changes
data/api/server-server/joins-v2.yaml Outdated
field. The signed copy of the membership event sent to other servers by the resident server,
including the resident server's signature.
The signed copy of the membership event sent to other servers by the resident server.
Required if the event is signed by the resident server.
Copy link
Member

@richvdh richvdh Jun 5, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hrm. I think we need to clarify this a bit more. It just begs the question, "so when should the event be signed by the resident server".

Copy link
Member Author

@clokep clokep Jun 5, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Would linking back to restricted joins be enough?

Copy link
Member

@richvdh richvdh Jun 5, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Probably?

Copy link
Member Author

@clokep clokep Jun 10, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I took another attempt at this, let me know what you think.

@clokep clokep requested a review from richvdh June 10, 2024 14:47
richvdh
richvdh approved these changes Jun 11, 2024
View reviewed changes
Copy link
Member

@richvdh richvdh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@clokep clokep merged commit a7a7ead into matrix-org:main Jun 11, 2024
@clokep clokep deleted the clokep/send-join-event branch June 11, 2024 17:02
@zecakeh zecakeh mentioned this pull request Jun 20, 2024
Closed
53 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@richvdh richvdh richvdh approved these changes

+1 more reviewer

@Kladki Kladki Kladki left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Clarify that join events only need to be signed by resident servers if using join_authorised_via_users_server

3 participants

@clokep @richvdh @Kladki