Skip to content
This repository was archived by the owner on Apr 26, 2024. It is now read-only.

Commit a7304ad

Browse files
richvdhrichvdh
authored
Factor out _get_remote_auth_chain_for_event from _update_auth_events_and_context_for_auth (#10884)
* Reload auth events from db after fetching and persisting In `_update_auth_events_and_context_for_auth`, when we fetch the remote auth tree and persist the returned events: load the missing events from the database rather than using the copies we got from the remote server. This is mostly in preparation for additional refactors, but does have an advantage in that if we later get around to checking the rejected status, we'll be able to make use of it. * Factor out `_get_remote_auth_chain_for_event` from `_update_auth_events_and_context_for_auth` * changelog
1 parent 47854c7 commit a7304ad

File tree

2 files changed

+73
-52
lines changed

2 files changed

+73
-52
lines changed

changelog.d/10884.misc

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
Clean up some of the federation event authentication code for clarity.

synapse/handlers/federation_event.py

Lines changed: 72 additions & 52 deletions
Original file line numberDiff line numberDiff line change
@@ -1505,61 +1505,22 @@ async def _update_auth_events_and_context_for_auth(
15051505
# If we don't have all the auth events, we need to get them.
15061506
logger.info("auth_events contains unknown events: %s", missing_auth)
15071507
try:
1508-
try:
1509-
remote_auth_chain = await self._federation_client.get_event_auth(
1510-
origin, event.room_id, event.event_id
1511-
)
1512-
except RequestSendFailed as e1:
1513-
# The other side isn't around or doesn't implement the
1514-
# endpoint, so lets just bail out.
1515-
logger.info("Failed to get event auth from remote: %s", e1)
1516-
return context, auth_events
1517-
1518-
seen_remotes = await self._store.have_seen_events(
1519-
event.room_id, [e.event_id for e in remote_auth_chain]
1508+
await self._get_remote_auth_chain_for_event(
1509+
origin, event.room_id, event.event_id
15201510
)
1521-
1522-
for auth_event in remote_auth_chain:
1523-
if auth_event.event_id in seen_remotes:
1524-
continue
1525-
1526-
if auth_event.event_id == event.event_id:
1527-
continue
1528-
1529-
try:
1530-
auth_ids = auth_event.auth_event_ids()
1531-
auth = {
1532-
(e.type, e.state_key): e
1533-
for e in remote_auth_chain
1534-
if e.event_id in auth_ids or e.type == EventTypes.Create
1535-
}
1536-
auth_event.internal_metadata.outlier = True
1537-
1538-
logger.debug(
1539-
"_check_event_auth %s missing_auth: %s",
1540-
event.event_id,
1541-
auth_event.event_id,
1542-
)
1543-
missing_auth_event_context = EventContext.for_outlier()
1544-
missing_auth_event_context = await self._check_event_auth(
1545-
origin,
1546-
auth_event,
1547-
missing_auth_event_context,
1548-
claimed_auth_event_map=auth,
1549-
)
1550-
await self.persist_events_and_notify(
1551-
event.room_id, [(auth_event, missing_auth_event_context)]
1552-
)
1553-
1554-
if auth_event.event_id in event_auth_events:
1555-
auth_events[
1556-
(auth_event.type, auth_event.state_key)
1557-
] = auth_event
1558-
except AuthError:
1559-
pass
1560-
15611511
except Exception:
15621512
logger.exception("Failed to get auth chain")
1513+
else:
1514+
# load any auth events we might have persisted from the database. This
1515+
# has the side-effect of correctly setting the rejected_reason on them.
1516+
auth_events.update(
1517+
{
1518+
(ae.type, ae.state_key): ae
1519+
for ae in await self._store.get_events_as_list(
1520+
missing_auth, allow_rejected=True
1521+
)
1522+
}
1523+
)
15631524

15641525
if event.internal_metadata.is_outlier():
15651526
# XXX: given that, for an outlier, we'll be working with the
@@ -1633,6 +1594,65 @@ async def _update_auth_events_and_context_for_auth(
16331594

16341595
return context, auth_events
16351596

1597+
async def _get_remote_auth_chain_for_event(
1598+
self, destination: str, room_id: str, event_id: str
1599+
) -> None:
1600+
"""If we are missing some of an event's auth events, attempt to request them
1601+
1602+
Args:
1603+
destination: where to fetch the auth tree from
1604+
room_id: the room in which we are lacking auth events
1605+
event_id: the event for which we are lacking auth events
1606+
"""
1607+
try:
1608+
remote_auth_chain = await self._federation_client.get_event_auth(
1609+
destination, room_id, event_id
1610+
)
1611+
except RequestSendFailed as e1:
1612+
# The other side isn't around or doesn't implement the
1613+
# endpoint, so lets just bail out.
1614+
logger.info("Failed to get event auth from remote: %s", e1)
1615+
return
1616+
1617+
seen_remotes = await self._store.have_seen_events(
1618+
room_id, [e.event_id for e in remote_auth_chain]
1619+
)
1620+
1621+
for auth_event in remote_auth_chain:
1622+
if auth_event.event_id in seen_remotes:
1623+
continue
1624+
1625+
if auth_event.event_id == event_id:
1626+
continue
1627+
1628+
try:
1629+
auth_ids = auth_event.auth_event_ids()
1630+
auth = {
1631+
(e.type, e.state_key): e
1632+
for e in remote_auth_chain
1633+
if e.event_id in auth_ids or e.type == EventTypes.Create
1634+
}
1635+
auth_event.internal_metadata.outlier = True
1636+
1637+
logger.debug(
1638+
"_check_event_auth %s missing_auth: %s",
1639+
event_id,
1640+
auth_event.event_id,
1641+
)
1642+
missing_auth_event_context = EventContext.for_outlier()
1643+
missing_auth_event_context = await self._check_event_auth(
1644+
destination,
1645+
auth_event,
1646+
missing_auth_event_context,
1647+
claimed_auth_event_map=auth,
1648+
)
1649+
await self.persist_events_and_notify(
1650+
room_id,
1651+
[(auth_event, missing_auth_event_context)],
1652+
)
1653+
except AuthError:
1654+
pass
1655+
16361656
async def _update_context_for_auth_events(
16371657
self, event: EventBase, context: EventContext, auth_events: StateMap[EventBase]
16381658
) -> EventContext:

0 commit comments

Comments
 (0)