ember/continuwuity
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

fix: Perform additional membership validation on remote knocks too

Browse source
This commit is contained in:
timedout 2026-02-08 15:34:07 +00:00
parent 184ae2ebb9
commit e0b7d03018
No known key found for this signature in database
GPG key ID: 0FA334385D0B689F
1 changed files with 12 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
src/api/client/membership/knock.rs
View file

@ -10,7 +10,7 @@ use conduwuit::{
},
result::FlatOk,
trace,
utils::{self, shuffle, stream::IterStream},
utils::{self, shuffle, stream::IterStream, to_canonical_object},
warn,
};
use futures::{FutureExt, StreamExt};
@ -741,6 +741,17 @@ async fn make_knock_request(
trace!("make_knock response: {make_knock_response:?}");
make_knock_counter = make_knock_counter.saturating_add(1);
if let Ok(r) = &make_knock_response {
if let Err(e) = validate_remote_member_event_stub(
&MembershipState::Knock,
sender_user,
room_id,
&to_canonical_object(&r.event)?,
) {
warn!("make_knock response from {remote_server} failed validation: {e}");
continue;
}
}
make_knock_response_and_server = make_knock_response.map(|r| (r, remote_server.clone()));