From 926091223d40192e290af1f7f491369e82e2ca1b Mon Sep 17 00:00:00 2001 From: Stephen D Date: Sun, 25 Aug 2024 17:24:31 -0300 Subject: [PATCH] fetch keys that are expired --- src/service/rooms/event_handler.rs | 23 +++++++++++++++++++++-- 1 file changed, 21 insertions(+), 2 deletions(-) diff --git a/src/service/rooms/event_handler.rs b/src/service/rooms/event_handler.rs index afd2604d..0f1ac9b7 100644 --- a/src/service/rooms/event_handler.rs +++ b/src/service/rooms/event_handler.rs @@ -36,6 +36,7 @@ use ruma::{ MilliSecondsSinceUnixEpoch, OwnedServerName, OwnedServerSigningKeyId, RoomId, RoomVersionId, ServerName, }; +use serde::Deserialize; use serde_json::value::RawValue as RawJsonValue; use tokio::sync::{RwLock, RwLockWriteGuard, Semaphore}; use tracing::{debug, error, info, trace, warn}; @@ -48,6 +49,11 @@ use crate::{ Error, PduEvent, Result, }; +#[derive(Deserialize)] +struct ExtractOriginServerTs { + origin_server_ts: MilliSecondsSinceUnixEpoch, +} + pub(crate) struct Service; impl Service { @@ -1630,6 +1636,15 @@ impl Service { let event_id = <&EventId>::try_from(event_id.as_str()) .expect("ruma's reference hashes are valid event ids"); + let ExtractOriginServerTs { + origin_server_ts, + } = ExtractOriginServerTs::deserialize(pdu).map_err(|_| { + Error::BadServerResponse( + "Invalid PDU in server response, origin_server_ts field is \ + missing or invalid", + ) + })?; + if let Some((time, tries)) = services().globals.bad_event_ratelimiter.read().await.get(event_id) { @@ -1669,8 +1684,12 @@ impl Service { let contains_all_ids = |keys: &SigningKeys| { signature_ids.iter().all(|id| { - keys.verify_keys.contains_key(id) - || keys.old_verify_keys.contains_key(id) + keys.verify_keys.get(id).is_some_and(|_| { + keys.valid_until_ts >= origin_server_ts + }) || keys + .old_verify_keys + .get(id) + .is_some_and(|v| v.expired_ts >= origin_server_ts) }) };