Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Sytests for invalid auth events #780

Merged
merged 2 commits into from
Jan 7, 2020
Merged

Sytests for invalid auth events #780

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
40120da
Test for receiving events with auth events in the wrong room
richvdh Dec 11, 2019
5975466
Test for outliers whose auth events are in a different room
richvdh Dec 11, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
91 changes: 91 additions & 0 deletions tests/50federation/31room-send.pl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -202,3 +202,94 @@
}
});
};


test "Events whose auth_events are in the wrong room do not mess up the room state",
requires => [
$main::OUTBOUND_CLIENT,
federated_rooms_fixture( room_count => 2 ),
],

do => sub {
my ( $outbound_client, $creator_user, $sytest_user_id, $room1, $room2 ) = @_;

my ( $event_P, $event_id_P );

# We're going to create and send an event P in room 2, whose auth_events
# refer to an event in room 1.
#
# P will be accepted, but we check that it doesn't leave room 1 in a messed-up state.

# update the state in room 1 to avoid duplicate key errors.
my $old_state = $room1->get_current_state_event( "m.room.member", $sytest_user_id );

matrix_put_room_state_synced(
$creator_user,
$room1->room_id,
type => "m.room.join_rules",
state_key => "",
content => {
join_rule => "public",
test => "test",
},
)->then( sub {
matrix_put_room_state_synced(
$creator_user,
$room1->room_id,
type => "m.room.member",
state_key => $creator_user->user_id,
content => {
membership => "join",
displayname => "Overridden",
},
);
})->then( sub {
# create and send an event in room 2, using an event in room 1 as an auth event
my @auth_events = (
$room2->get_current_state_event( "m.room.create" ),
$room2->get_current_state_event( "m.room.join_rules" ),
$room2->get_current_state_event( "m.room.power_levels" ),
$old_state,
);

( $event_P, $event_id_P ) = $room2->create_and_insert_event(
type => "m.room.message",
sender => $sytest_user_id,
content => { body => "event P" },
auth_events => $room2->make_event_refs( @auth_events ),
);

log_if_fail "sending dodgy event $event_id_P in ".$room2->room_id, $event_P;

$outbound_client->send_event(
event => $event_P,
destination => $creator_user->http->server_name,
);
})->then( sub {
await_sync_timeline_contains(
$creator_user, $room2->room_id, check => sub {
$_[0]->{event_id} eq $event_id_P,
},
);

# now check that the state in room 2 looks correct.
matrix_get_room_state_by_type(
$creator_user, $room2->room_id,
);
})->then( sub {
my ( $state ) = @_;

log_if_fail "state in room 2", $state;

my $state_event = $state->{'m.room.member'}{$sytest_user_id};
my $expected_state_event = $room2->get_current_state_event(
'm.room.member', $sytest_user_id
);
assert_eq(
$state_event->{event_id},
$room2->id_for_event( $expected_state_event ),
"event id for room 2 membership event",
);
Future->done;
});
};
201 changes: 201 additions & 0 deletions tests/50federation/33room-get-missing-events.pl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -207,3 +207,204 @@
});
};
}


sub sytest_user_and_room_fixture {
# returns a fixture which creates an invite-only room, and a sytest user,
# and joins the sytest user to the room.
#
# the fixture returns ( $room, $user_id )
my ( $creator_user_fixture ) = @_;
return fixture(
requires => [
$creator_user_fixture,
room_fixture(
$creator_user_fixture,
preset => 'private_chat',
),
federation_user_id_fixture(),
$main::INBOUND_SERVER,
$main::OUTBOUND_CLIENT,
],
setup => sub {
my (
$creator_user, $room_id, $sytest_user_id,
$inbound_server, $outbound_client,
) = @_;

Future->needs_all(
matrix_invite_user_to_room(
$creator_user, $sytest_user_id, $room_id,
),
$inbound_server->await_request_v2_invite( $room_id )->then( sub {
my ( $req, undef ) = @_;

my $body = $req->body_from_json;

# sign the invite event and send it back
my $invite = $body->{event};
$inbound_server->datastore->sign_event( $invite );
$req->respond_json( { event => $invite } );
Future->done;
}),
)->then( sub {
$outbound_client->join_room(
server_name => $creator_user->http->server_name,
room_id => $room_id,
user_id => $sytest_user_id,
);
})->then( sub {
my ( $room ) = @_;
log_if_fail "Joined room " . $room->room_id . " with user $sytest_user_id";
Future->done( $room, $sytest_user_id );
});
},
);
}


my $user_f = local_user_fixture();
test "outliers whose auth_events are in a different room are correctly rejected",
requires => [
$user_f,
sytest_user_and_room_fixture( $user_f ),
sytest_user_and_room_fixture( $user_f ),
$main::INBOUND_SERVER,
$main::OUTBOUND_CLIENT,
],

do => sub {
my (
$creator_user,
$room1, $sytest_user_1,
$room2, $sytest_user_2,
$inbound_server, $outbound_client,
) = @_;
my $synapse_server_name = $creator_user->http->server_name;

# this tests an edge-case with auth events
#
# we have two (invite-only) rooms (1 and 2), with a different user in
# each room (1 and 2).
#
# In room 2, we create three events, Q, R, S.
#
# We send S over federation, and allow the server to backfill R, leaving
# the server with a gap in the dag. It therefore requests the state at Q,
# which leads to Q being persisted as an outlier.
#
# Q is a membership event for user 1, but its auth_events point to the
# membership in room 1. It should be rejected.
#
# R is a regular event, but sent by user 1 (so again should be rejected).
#
# S is a legit event.

my %initial_room2_state = %{ $room2->{current_state} };

my ( $event_Q, $event_id_Q ) = $room2->create_and_insert_event(
type => 'm.room.member',
sender => $sytest_user_1,
state_key => $sytest_user_1,
content => { membership => 'join', },
auth_events => $room2->make_event_refs(
$room2->get_current_state_event( "m.room.create" ),
$room2->get_current_state_event( "m.room.power_levels" ),
$room1->get_current_state_event( "m.room.member", $sytest_user_1 ),
),
);

my ( $event_R, $event_id_R ) = $room2->create_and_insert_event(
type => "m.room.message",
sender => $sytest_user_1,
content => { body => "event R" },
);

my ( $event_S, $event_id_S ) = $room2->create_and_insert_event(
type => "m.room.message",
sender => $sytest_user_2,
content => { body => "event S" },
);

log_if_fail "events Q, R, S", [ $event_id_Q, $event_id_R, $event_id_S ];

Future->needs_all(
# send S
$outbound_client->send_event(
event => $event_S,
destination => $synapse_server_name,
),

# we expect to get a missing_events request
$inbound_server->await_request_get_missing_events( $room2->{room_id} )
->then( sub {
my ( $req ) = @_;
my $body = $req->body_from_json;
log_if_fail "/get_missing_events request", $body;

assert_deeply_eq(
$body->{latest_events},
[ $event_id_S ],
"latest_events in /get_missing_events request",
);

# just return R
my $resp = { events => [ $event_R ] };

log_if_fail "/get_missing_events response", $resp;
$req->respond_json( $resp );
Future->done(1);
}),

# there will still be a gap, so then we expect a state_ids request
$inbound_server->await_request_state_ids(
$room2->{room_id}, $event_id_Q,
)->then( sub {
my ( $req, @params ) = @_;
log_if_fail "/state_ids request", \@params;

my $resp = {
pdu_ids => [
map { $room2->id_for_event( $_ ) } values( %initial_room2_state ),
],
auth_chain_ids => $room2->event_ids_from_refs( $event_Q->{auth_events} ),
};

log_if_fail "/state_ids response", $resp;
$req->respond_json( $resp );
Future->done(1);
}),
)->then( sub {
# wait for S to turn up
await_sync_timeline_contains(
$creator_user, $room2->room_id, check => sub {
my ( $event ) = @_;
log_if_fail "Got event in room2", $event;

my $event_id = $event->{event_id};

# if either Q or R show up, that's a problem
if( $event->{sender} eq $sytest_user_1 ) {
die "Got an event $event_id from a user who shouldn't be a member";
}

return $event_id eq $event_id_S;
},
);
})->then( sub {
# finally, check that the state in room 2 looks correct.
matrix_get_room_state_by_type(
$creator_user, $room2->room_id,
);
})->then( sub {
my ( $state ) = @_;

log_if_fail "state in room 2", $state;

# there should not be a membership event for user 1.
if( exists $state->{'m.room.member'}{$sytest_user_1} ) {
die "user became a member of the room without an invite";
}
Future->done;
});
};