forked from matrix-org/synapse
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Synapse 1.41.1 (2021-08-31) =========================== Due to the two security issues highlighted below, server administrators are encouraged to update Synapse. We are not aware of these vulnerabilities being exploited in the wild. Security advisory ----------------- The following issues are fixed in v1.41.1. - **[GHSA-3x4c-pq33-4w3q](GHSA-3x4c-pq33-4w3q) / [CVE-2021-39164](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39164): Enumerating a private room's list of members and their display names.** If an unauthorized user both knows the Room ID of a private room *and* that room's history visibility is set to `shared`, then they may be able to enumerate the room's members, including their display names. The unauthorized user must be on the same homeserver as a user who is a member of the target room. Fixed by [52c7a51](matrix-org@52c7a51cf). - **[GHSA-jj53-8fmw-f2w2](GHSA-jj53-8fmw-f2w2) / [CVE-2021-39163](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39163): Disclosing a private room's name, avatar, topic, and number of members.** If an unauthorized user knows the Room ID of a private room, then its name, avatar, topic, and number of members may be disclosed through Group / Community features. The unauthorized user must be on the same homeserver as a user who is a member of the target room, and their homeserver must allow non-administrators to create groups (`enable_group_creation` in the Synapse configuration; off by default). Fixed by [cb35df9](matrix-org@cb35df940a), [\matrix-org#10723](matrix-org#10723). Bugfixes -------- - Fix a regression introduced in Synapse 1.41 which broke email transmission on systems using older versions of the Twisted library. ([\matrix-org#10713](matrix-org#10713))
- Loading branch information
Showing
13 changed files
with
388 additions
and
28 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
Fix a regression introduced in Synapse 1.41 which broke email transmission on Systems using older versions of the Twisted library. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
Fix unauthorised exposure of room metadata to communities. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,112 @@ | ||
# Copyright 2021 The Matrix.org Foundation C.I.C. | ||
# | ||
# Licensed under the Apache License, Version 2.0 (the "License"); | ||
# you may not use this file except in compliance with the License. | ||
# You may obtain a copy of the License at | ||
# | ||
# http://www.apache.org/licenses/LICENSE-2.0 | ||
# | ||
# Unless required by applicable law or agreed to in writing, software | ||
# distributed under the License is distributed on an "AS IS" BASIS, | ||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
# See the License for the specific language governing permissions and | ||
# limitations under the License. | ||
|
||
|
||
from typing import List, Tuple | ||
|
||
from zope.interface import implementer | ||
|
||
from twisted.internet import defer | ||
from twisted.internet.address import IPv4Address | ||
from twisted.internet.defer import ensureDeferred | ||
from twisted.mail import interfaces, smtp | ||
|
||
from tests.server import FakeTransport | ||
from tests.unittest import HomeserverTestCase | ||
|
||
|
||
@implementer(interfaces.IMessageDelivery) | ||
class _DummyMessageDelivery: | ||
def __init__(self): | ||
# (recipient, message) tuples | ||
self.messages: List[Tuple[smtp.Address, bytes]] = [] | ||
|
||
def receivedHeader(self, helo, origin, recipients): | ||
return None | ||
|
||
def validateFrom(self, helo, origin): | ||
return origin | ||
|
||
def record_message(self, recipient: smtp.Address, message: bytes): | ||
self.messages.append((recipient, message)) | ||
|
||
def validateTo(self, user: smtp.User): | ||
return lambda: _DummyMessage(self, user) | ||
|
||
|
||
@implementer(interfaces.IMessageSMTP) | ||
class _DummyMessage: | ||
"""IMessageSMTP implementation which saves the message delivered to it | ||
to the _DummyMessageDelivery object. | ||
""" | ||
|
||
def __init__(self, delivery: _DummyMessageDelivery, user: smtp.User): | ||
self._delivery = delivery | ||
self._user = user | ||
self._buffer: List[bytes] = [] | ||
|
||
def lineReceived(self, line): | ||
self._buffer.append(line) | ||
|
||
def eomReceived(self): | ||
message = b"\n".join(self._buffer) + b"\n" | ||
self._delivery.record_message(self._user.dest, message) | ||
return defer.succeed(b"saved") | ||
|
||
def connectionLost(self): | ||
pass | ||
|
||
|
||
class SendEmailHandlerTestCase(HomeserverTestCase): | ||
def test_send_email(self): | ||
"""Happy-path test that we can send email to a non-TLS server.""" | ||
h = self.hs.get_send_email_handler() | ||
d = ensureDeferred( | ||
h.send_email( | ||
"foo@bar.com", "test subject", "Tests", "HTML content", "Text content" | ||
) | ||
) | ||
# there should be an attempt to connect to localhost:25 | ||
self.assertEqual(len(self.reactor.tcpClients), 1) | ||
(host, port, client_factory, _timeout, _bindAddress) = self.reactor.tcpClients[ | ||
0 | ||
] | ||
self.assertEqual(host, "localhost") | ||
self.assertEqual(port, 25) | ||
|
||
# wire it up to an SMTP server | ||
message_delivery = _DummyMessageDelivery() | ||
server_protocol = smtp.ESMTP() | ||
server_protocol.delivery = message_delivery | ||
# make sure that the server uses the test reactor to set timeouts | ||
server_protocol.callLater = self.reactor.callLater # type: ignore[assignment] | ||
|
||
client_protocol = client_factory.buildProtocol(None) | ||
client_protocol.makeConnection(FakeTransport(server_protocol, self.reactor)) | ||
server_protocol.makeConnection( | ||
FakeTransport( | ||
client_protocol, | ||
self.reactor, | ||
peer_address=IPv4Address("TCP", "127.0.0.1", 1234), | ||
) | ||
) | ||
|
||
# the message should now get delivered | ||
self.get_success(d, by=0.1) | ||
|
||
# check it arrived | ||
self.assertEqual(len(message_delivery.messages), 1) | ||
user, msg = message_delivery.messages.pop() | ||
self.assertEqual(str(user), "foo@bar.com") | ||
self.assertIn(b"Subject: test subject", msg) |
Oops, something went wrong.