Fix fetching signing keys when old_verify_keys is omitted (#17568)

`old_verify_keys` isn't marked as required in https://spec.matrix.org/v1.11/server-server-api/#get_matrixkeyv2server and there's no functional difference between an empty object and omitting the object, so I don't think there's any reason synapse should explode when the field is omitted.
element-hq · Aug 14, 2024 · f77bfbf · f77bfbf
1 parent 1892ba5
commit f77bfbf
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 1 deletion.
diff --git a/changelog.d/17568.bugfix b/changelog.d/17568.bugfix
@@ -0,0 +1 @@
+Fix fetching federation signing keys from servers that omit `old_verify_keys`. Contributed by @tulir @ Beeper.
diff --git a/synapse/crypto/keyring.py b/synapse/crypto/keyring.py
@@ -589,7 +589,7 @@ async def process_v2_response(
                 % (server_name,)
             )
 
-        for key_id, key_data in response_json["old_verify_keys"].items():
+        for key_id, key_data in response_json.get("old_verify_keys", {}).items():
             if is_signing_algorithm_supported(key_id):
                 key_base64 = key_data["key"]
                 key_bytes = decode_base64(key_base64)
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		Fix fetching federation signing keys from servers that omit `old_verify_keys`. Contributed by @tulir @ Beeper.