From d233dd0cafe7200f0d5a9e9e013f9236f1df6a09 Mon Sep 17 00:00:00 2001 From: Andrew Morgan Date: Thu, 30 Jul 2020 11:42:47 -0700 Subject: [PATCH 1/3] Remove signature check on v1 identity server lookups --- synapse/handlers/identity.py | 34 +++------------------------------- 1 file changed, 3 insertions(+), 31 deletions(-) diff --git a/synapse/handlers/identity.py b/synapse/handlers/identity.py index 0bd2c3e37a9b..92b74047067b 100644 --- a/synapse/handlers/identity.py +++ b/synapse/handlers/identity.py @@ -22,14 +22,10 @@ from typing import Awaitable, Callable, Dict, List, Optional, Tuple from canonicaljson import json -from signedjson.key import decode_verify_key_bytes -from signedjson.sign import verify_signed_json -from unpaddedbase64 import decode_base64 from twisted.internet.error import TimeoutError from synapse.api.errors import ( - AuthError, CodeMessageException, Codes, HttpResponseException, @@ -628,9 +624,9 @@ async def _lookup_3pid_v1( ) if "mxid" in data: - if "signatures" not in data: - raise AuthError(401, "No signatures on 3pid binding") - await self._verify_any_signature(data, id_server) + # note: we used to verify the identity server's signature here, but no longer + # require or validate it. See the following for context: + # https://github.com/matrix-org/synapse/issues/5253#issuecomment-666246950 return data["mxid"] except TimeoutError: raise SynapseError(500, "Timed out contacting identity server") @@ -751,30 +747,6 @@ async def _lookup_3pid_v2( mxid = lookup_results["mappings"].get(lookup_value) return mxid - async def _verify_any_signature(self, data, server_hostname): - if server_hostname not in data["signatures"]: - raise AuthError(401, "No signature from server %s" % (server_hostname,)) - for key_name, signature in data["signatures"][server_hostname].items(): - try: - key_data = await self.blacklisting_http_client.get_json( - "%s%s/_matrix/identity/api/v1/pubkey/%s" - % (id_server_scheme, server_hostname, key_name) - ) - except TimeoutError: - raise SynapseError(500, "Timed out contacting identity server") - if "public_key" not in key_data: - raise AuthError( - 401, "No public key named %s from %s" % (key_name, server_hostname) - ) - verify_signed_json( - data, - server_hostname, - decode_verify_key_bytes( - key_name, decode_base64(key_data["public_key"]) - ), - ) - return - async def ask_id_server_for_third_party_invite( self, requester: Requester, From 7863f49a4d729dc472cbd665dfcab8e306832c9b Mon Sep 17 00:00:00 2001 From: Andrew Morgan Date: Thu, 30 Jul 2020 11:51:35 -0700 Subject: [PATCH 2/3] Changelog --- changelog.d/8001.misc | 1 + 1 file changed, 1 insertion(+) create mode 100644 changelog.d/8001.misc diff --git a/changelog.d/8001.misc b/changelog.d/8001.misc new file mode 100644 index 000000000000..0df9a9db55f7 --- /dev/null +++ b/changelog.d/8001.misc @@ -0,0 +1 @@ +Remove the signature check for v1 Identity Service lookup responses as they are effectively useless. \ No newline at end of file From 9cae2fef8594a57e767ec8a1650dee8656315ca8 Mon Sep 17 00:00:00 2001 From: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com> Date: Mon, 3 Aug 2020 13:29:19 -0700 Subject: [PATCH 3/3] Update changelog.d/8001.misc Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com> --- changelog.d/8001.misc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/changelog.d/8001.misc b/changelog.d/8001.misc index 0df9a9db55f7..0be4b37d22c5 100644 --- a/changelog.d/8001.misc +++ b/changelog.d/8001.misc @@ -1 +1 @@ -Remove the signature check for v1 Identity Service lookup responses as they are effectively useless. \ No newline at end of file +Remove redundant and unreliable signature check for v1 Identity Service lookup responses.