Skip to content
This repository has been archived by the owner on Apr 26, 2024. It is now read-only.

Add a couple more checks to the keyring #955

Merged
merged 1 commit into from
Jul 27, 2016
Merged

Add a couple more checks to the keyring #955

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 9 additions & 2 deletions synapse/crypto/keyring.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -447,7 +447,7 @@ def get_server_verify_key_v2_indirect(self, server_names_and_key_ids,
)

processed_response = yield self.process_v2_response(
perspective_name, response
perspective_name, response, only_from_server=False
)

for server_name, response_keys in processed_response.items():
Expand Down Expand Up @@ -527,7 +527,7 @@ def get_server_verify_key_v2_direct(self, server_name, key_ids):

@defer.inlineCallbacks
def process_v2_response(self, from_server, response_json,
requested_ids=[]):
requested_ids=[], only_from_server=True):
time_now_ms = self.clock.time_msec()
response_keys = {}
verify_keys = {}
Expand All @@ -551,6 +551,13 @@ def process_v2_response(self, from_server, response_json,

results = {}
server_name = response_json["server_name"]
if only_from_server:
if server_name != from_server:
raise ValueError(
"Expected a response for server %r not %r" % (
from_server, server_name
)
)
for key_id in response_json["signatures"].get(server_name, {}):
if key_id not in response_json["verify_keys"]:
raise ValueError(
Expand Down