TudbuT/conduit
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

rename misleading sender_servername to origin

Browse source 
this is the X-Matrix origin/server, NOT the `"sender"``
user's server name.

Signed-off-by: strawberry <strawberry@puppygock.gay>
This commit is contained in:
strawberry 2024-05-26 14:29:56 -04:00 committed by June 🍓🦴
parent 6ccf578437
commit 7328ed7509
3 changed files with 74 additions and 121 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/api/ruma_wrapper/axum.rs
View file

@ -119,7 +119,7 @@ where
let mut json_body = serde_json::from_slice::<CanonicalJsonValue>(&body).ok(); let mut json_body = serde_json::from_slice::<CanonicalJsonValue>(&body).ok();
let (sender_user, sender_device, sender_servername, appservice_info) = match (metadata.authentication, token) { let (sender_user, sender_device, origin, appservice_info) = match (metadata.authentication, token) {
(_, Token::Invalid) => { (_, Token::Invalid) => {
return Err(Error::BadRequest( return Err(Error::BadRequest(
ErrorKind::UnknownToken { ErrorKind::UnknownToken {
@ -322,7 +322,7 @@ where
body, body,
sender_user, sender_user,
sender_device, sender_device,
sender_servername, origin,
json_body, json_body,
appservice_info, appservice_info,
}) })

4
src/api/ruma_wrapper/mod.rs
View file

@ -9,10 +9,12 @@ use crate::service::appservice::RegistrationInfo;
/// Extractor for Ruma request structs /// Extractor for Ruma request structs
pub(crate) struct Ruma<T> { pub(crate) struct Ruma<T> {
/// Request struct body
pub(crate) body: T, pub(crate) body: T,
pub(crate) sender_user: Option<OwnedUserId>, pub(crate) sender_user: Option<OwnedUserId>,
pub(crate) sender_device: Option<OwnedDeviceId>, pub(crate) sender_device: Option<OwnedDeviceId>,
pub(crate) sender_servername: Option<OwnedServerName>, /// X-Matrix origin/server
pub(crate) origin: Option<OwnedServerName>,
pub(crate) json_body: Option<CanonicalJsonValue>, // This is None when body is not a valid string pub(crate) json_body: Option<CanonicalJsonValue>, // This is None when body is not a valid string
pub(crate) appservice_info: Option<RegistrationInfo>, pub(crate) appservice_info: Option<RegistrationInfo>,
} }

187
src/api/server_server.rs
View file

@ -206,10 +206,7 @@ pub(crate) async fn get_public_rooms_route(
pub(crate) async fn send_transaction_message_route( pub(crate) async fn send_transaction_message_route(
body: Ruma<send_transaction_message::v1::Request>, body: Ruma<send_transaction_message::v1::Request>,
) -> Result<send_transaction_message::v1::Response> { ) -> Result<send_transaction_message::v1::Response> {
let sender_servername = body let origin = body.origin.as_ref().expect("server is authenticated");
.sender_servername
.as_ref()
.expect("server is authenticated");
// This is all the auth_events that have been recursively fetched so they don't // This is all the auth_events that have been recursively fetched so they don't
// have to be deserialized over and over again. // have to be deserialized over and over again.
@ -253,7 +250,7 @@ pub(crate) async fn send_transaction_message_route(
.fetch_required_signing_keys(parsed_pdus.iter().map(|(_event_id, event, _room_id)| event), &pub_key_map) .fetch_required_signing_keys(parsed_pdus.iter().map(|(_event_id, event, _room_id)| event), &pub_key_map)
.await .await
.unwrap_or_else(|e| { .unwrap_or_else(|e| {
warn!("Could not fetch all signatures for PDUs from {}: {:?}", sender_servername, e); warn!("Could not fetch all signatures for PDUs from {origin}: {:?}", e);
}); });
debug!( debug!(
@ -280,7 +277,7 @@ pub(crate) async fn send_transaction_message_route(
services() services()
.rooms .rooms
.event_handler .event_handler
.handle_incoming_pdu(sender_servername, &room_id, &event_id, value, true, &pub_key_map) .handle_incoming_pdu(origin, &room_id, &event_id, value, true, &pub_key_map)
.await .await
.map(|_| ()), .map(|_| ()),
); );
@ -463,7 +460,8 @@ pub(crate) async fn send_transaction_message_route(
master_key, master_key,
self_signing_key, self_signing_key,
}) => { }) => {
if user_id.server_name() != sender_servername { if user_id.server_name() != origin {
debug_info!(%user_id, %origin, "received signing key update EDU from server that does not belong to user's server");
continue; continue;
} }
if let Some(master_key) = master_key { if let Some(master_key) = master_key {
@ -500,10 +498,7 @@ pub(crate) async fn send_transaction_message_route(
/// - Only works if a user of this server is currently invited or joined the /// - Only works if a user of this server is currently invited or joined the
/// room /// room
pub(crate) async fn get_event_route(body: Ruma<get_event::v1::Request>) -> Result<get_event::v1::Response> { pub(crate) async fn get_event_route(body: Ruma<get_event::v1::Request>) -> Result<get_event::v1::Response> {
let sender_servername = body let origin = body.origin.as_ref().expect("server is authenticated");
.sender_servername
.as_ref()
.expect("server is authenticated");
let event = services() let event = services()
.rooms .rooms
@ -522,7 +517,7 @@ pub(crate) async fn get_event_route(body: Ruma<get_event::v1::Request>) -> Resul
if !services() if !services()
.rooms .rooms
.state_cache .state_cache
.server_in_room(sender_servername, room_id)? .server_in_room(origin, room_id)?
{ {
return Err(Error::BadRequest(ErrorKind::forbidden(), "Server is not in room")); return Err(Error::BadRequest(ErrorKind::forbidden(), "Server is not in room"));
} }
@ -530,7 +525,7 @@ pub(crate) async fn get_event_route(body: Ruma<get_event::v1::Request>) -> Resul
if !services() if !services()
.rooms .rooms
.state_accessor .state_accessor
.server_can_see_event(sender_servername, room_id, &body.event_id)? .server_can_see_event(origin, room_id, &body.event_id)?
{ {
return Err(Error::BadRequest(ErrorKind::forbidden(), "Server is not allowed to see event.")); return Err(Error::BadRequest(ErrorKind::forbidden(), "Server is not allowed to see event."));
} }
@ -547,15 +542,12 @@ pub(crate) async fn get_event_route(body: Ruma<get_event::v1::Request>) -> Resul
/// Retrieves events from before the sender joined the room, if the room's /// Retrieves events from before the sender joined the room, if the room's
/// history visibility allows. /// history visibility allows.
pub(crate) async fn get_backfill_route(body: Ruma<get_backfill::v1::Request>) -> Result<get_backfill::v1::Response> { pub(crate) async fn get_backfill_route(body: Ruma<get_backfill::v1::Request>) -> Result<get_backfill::v1::Response> {
let sender_servername = body let origin = body.origin.as_ref().expect("server is authenticated");
.sender_servername
.as_ref()
.expect("server is authenticated");
if !services() if !services()
.rooms .rooms
.state_cache .state_cache
.server_in_room(sender_servername, &body.room_id)? .server_in_room(origin, &body.room_id)?
{ {
return Err(Error::BadRequest(ErrorKind::forbidden(), "Server is not in room.")); return Err(Error::BadRequest(ErrorKind::forbidden(), "Server is not in room."));
} }
@ -563,7 +555,7 @@ pub(crate) async fn get_backfill_route(body: Ruma<get_backfill::v1::Request>) ->
services() services()
.rooms .rooms
.event_handler .event_handler
.acl_check(sender_servername, &body.room_id)?; .acl_check(origin, &body.room_id)?;
let until = body let until = body
.v .v
@ -588,7 +580,7 @@ pub(crate) async fn get_backfill_route(body: Ruma<get_backfill::v1::Request>) ->
services() services()
.rooms .rooms
.state_accessor .state_accessor
.server_can_see_event(sender_servername, &e.room_id, &e.event_id,), .server_can_see_event(origin, &e.room_id, &e.event_id,),
Ok(true), Ok(true),
) )
}) })
@ -610,15 +602,12 @@ pub(crate) async fn get_backfill_route(body: Ruma<get_backfill::v1::Request>) ->
pub(crate) async fn get_missing_events_route( pub(crate) async fn get_missing_events_route(
body: Ruma<get_missing_events::v1::Request>, body: Ruma<get_missing_events::v1::Request>,
) -> Result<get_missing_events::v1::Response> { ) -> Result<get_missing_events::v1::Response> {
let sender_servername = body let origin = body.origin.as_ref().expect("server is authenticated");
.sender_servername
.as_ref()
.expect("server is authenticated");
if !services() if !services()
.rooms .rooms
.state_cache .state_cache
.server_in_room(sender_servername, &body.room_id)? .server_in_room(origin, &body.room_id)?
{ {
return Err(Error::BadRequest(ErrorKind::forbidden(), "Server is not in room")); return Err(Error::BadRequest(ErrorKind::forbidden(), "Server is not in room"));
} }
@ -626,7 +615,7 @@ pub(crate) async fn get_missing_events_route(
services() services()
.rooms .rooms
.event_handler .event_handler
.acl_check(sender_servername, &body.room_id)?; .acl_check(origin, &body.room_id)?;
let mut queued_events = body.latest_events.clone(); let mut queued_events = body.latest_events.clone();
let mut events = Vec::new(); let mut events = Vec::new();
@ -651,11 +640,11 @@ pub(crate) async fn get_missing_events_route(
continue; continue;
} }
if !services().rooms.state_accessor.server_can_see_event( if !services()
sender_servername, .rooms
&body.room_id, .state_accessor
&queued_events[i], .server_can_see_event(origin, &body.room_id, &queued_events[i])?
)? { {
i = i.saturating_add(1); i = i.saturating_add(1);
continue; continue;
} }
@ -689,15 +678,12 @@ pub(crate) async fn get_missing_events_route(
pub(crate) async fn get_event_authorization_route( pub(crate) async fn get_event_authorization_route(
body: Ruma<get_event_authorization::v1::Request>, body: Ruma<get_event_authorization::v1::Request>,
) -> Result<get_event_authorization::v1::Response> { ) -> Result<get_event_authorization::v1::Response> {
let sender_servername = body let origin = body.origin.as_ref().expect("server is authenticated");
.sender_servername
.as_ref()
.expect("server is authenticated");
if !services() if !services()
.rooms .rooms
.state_cache .state_cache
.server_in_room(sender_servername, &body.room_id)? .server_in_room(origin, &body.room_id)?
{ {
return Err(Error::BadRequest(ErrorKind::forbidden(), "Server is not in room.")); return Err(Error::BadRequest(ErrorKind::forbidden(), "Server is not in room."));
} }
@ -705,7 +691,7 @@ pub(crate) async fn get_event_authorization_route(
services() services()
.rooms .rooms
.event_handler .event_handler
.acl_check(sender_servername, &body.room_id)?; .acl_check(origin, &body.room_id)?;
let event = services() let event = services()
.rooms .rooms
@ -741,15 +727,12 @@ pub(crate) async fn get_event_authorization_route(
pub(crate) async fn get_room_state_route( pub(crate) async fn get_room_state_route(
body: Ruma<get_room_state::v1::Request>, body: Ruma<get_room_state::v1::Request>,
) -> Result<get_room_state::v1::Response> { ) -> Result<get_room_state::v1::Response> {
let sender_servername = body let origin = body.origin.as_ref().expect("server is authenticated");
.sender_servername
.as_ref()
.expect("server is authenticated");
if !services() if !services()
.rooms .rooms
.state_cache .state_cache
.server_in_room(sender_servername, &body.room_id)? .server_in_room(origin, &body.room_id)?
{ {
return Err(Error::BadRequest(ErrorKind::forbidden(), "Server is not in room.")); return Err(Error::BadRequest(ErrorKind::forbidden(), "Server is not in room."));
} }
@ -757,7 +740,7 @@ pub(crate) async fn get_room_state_route(
services() services()
.rooms .rooms
.event_handler .event_handler
.acl_check(sender_servername, &body.room_id)?; .acl_check(origin, &body.room_id)?;
let shortstatehash = services() let shortstatehash = services()
.rooms .rooms
@ -810,15 +793,12 @@ pub(crate) async fn get_room_state_route(
pub(crate) async fn get_room_state_ids_route( pub(crate) async fn get_room_state_ids_route(
body: Ruma<get_room_state_ids::v1::Request>, body: Ruma<get_room_state_ids::v1::Request>,
) -> Result<get_room_state_ids::v1::Response> { ) -> Result<get_room_state_ids::v1::Response> {
let sender_servername = body let origin = body.origin.as_ref().expect("server is authenticated");
.sender_servername
.as_ref()
.expect("server is authenticated");
if !services() if !services()
.rooms .rooms
.state_cache .state_cache
.server_in_room(sender_servername, &body.room_id)? .server_in_room(origin, &body.room_id)?
{ {
return Err(Error::BadRequest(ErrorKind::forbidden(), "Server is not in room.")); return Err(Error::BadRequest(ErrorKind::forbidden(), "Server is not in room."));
} }
@ -826,7 +806,7 @@ pub(crate) async fn get_room_state_ids_route(
services() services()
.rooms .rooms
.event_handler .event_handler
.acl_check(sender_servername, &body.room_id)?; .acl_check(origin, &body.room_id)?;
let shortstatehash = services() let shortstatehash = services()
.rooms .rooms
@ -865,11 +845,9 @@ pub(crate) async fn create_join_event_template_route(
return Err(Error::BadRequest(ErrorKind::NotFound, "Room is unknown to this server.")); return Err(Error::BadRequest(ErrorKind::NotFound, "Room is unknown to this server."));
} }
let sender_servername = body let origin = body.origin.as_ref().expect("server is authenticated");
.sender_servername
.as_ref()
.expect("server is authenticated");
// ACL check origin server
services() services()
.rooms .rooms
.event_handler .event_handler
@ -879,11 +857,11 @@ pub(crate) async fn create_join_event_template_route(
.globals .globals
.config .config
.forbidden_remote_server_names .forbidden_remote_server_names
.contains(sender_servername) .contains(origin)
{ {
warn!( warn!(
"Server {sender_servername} for remote user {} tried joining room ID {} which has a server name that is \ "Server {origin} for remote user {} tried joining room ID {} which has a server name that is globally \
globally forbidden. Rejecting.", forbidden. Rejecting.",
&body.user_id, &body.room_id, &body.user_id, &body.room_id,
); );
return Err(Error::BadRequest( return Err(Error::BadRequest(
@ -1073,16 +1051,14 @@ pub(crate) async fn create_join_event_template_route(
} }
async fn create_join_event( async fn create_join_event(
sender_servername: &ServerName, room_id: &RoomId, pdu: &RawJsonValue, origin: &ServerName, room_id: &RoomId, pdu: &RawJsonValue,
) -> Result<create_join_event::v1::RoomState> { ) -> Result<create_join_event::v1::RoomState> {
if !services().rooms.metadata.exists(room_id)? { if !services().rooms.metadata.exists(room_id)? {
return Err(Error::BadRequest(ErrorKind::NotFound, "Room is unknown to this server.")); return Err(Error::BadRequest(ErrorKind::NotFound, "Room is unknown to this server."));
} }
services() // ACL check origin server
.rooms services().rooms.event_handler.acl_check(origin, room_id)?;
.event_handler
.acl_check(sender_servername, room_id)?;
// We need to return the state prior to joining, let's keep a reference to that // We need to return the state prior to joining, let's keep a reference to that
// here // here
@ -1119,7 +1095,7 @@ async fn create_join_event(
serde_json::to_value( serde_json::to_value(
value value
.get("origin") .get("origin")
.ok_or(Error::BadRequest(ErrorKind::InvalidParam, "Event needs an origin field."))?, .ok_or_else(|| Error::BadRequest(ErrorKind::InvalidParam, "Event needs an origin field."))?,
) )
.expect("CanonicalJson is valid json value"), .expect("CanonicalJson is valid json value"),
) )
@ -1189,20 +1165,16 @@ async fn create_join_event(
pub(crate) async fn create_join_event_v1_route( pub(crate) async fn create_join_event_v1_route(
body: Ruma<create_join_event::v1::Request>, body: Ruma<create_join_event::v1::Request>,
) -> Result<create_join_event::v1::Response> { ) -> Result<create_join_event::v1::Response> {
let sender_servername = body let origin = body.origin.as_ref().expect("server is authenticated");
.sender_servername
.as_ref()
.expect("server is authenticated");
if services() if services()
.globals .globals
.config .config
.forbidden_remote_server_names .forbidden_remote_server_names
.contains(sender_servername) .contains(origin)
{ {
warn!( warn!(
"Server {sender_servername} tried joining room ID {} who has a server name that is globally forbidden. \ "Server {origin} tried joining room ID {} who has a server name that is globally forbidden. Rejecting.",
Rejecting.",
&body.room_id, &body.room_id,
); );
return Err(Error::BadRequest( return Err(Error::BadRequest(
@ -1219,8 +1191,8 @@ pub(crate) async fn create_join_event_v1_route(
.contains(&server.to_owned()) .contains(&server.to_owned())
{ {
warn!( warn!(
"Server {sender_servername} tried joining room ID {} which has a server name that is globally \ "Server {origin} tried joining room ID {} which has a server name that is globally forbidden. \
forbidden. Rejecting.", Rejecting.",
&body.room_id, &body.room_id,
); );
return Err(Error::BadRequest( return Err(Error::BadRequest(
@ -1230,7 +1202,7 @@ pub(crate) async fn create_join_event_v1_route(
} }
} }
let room_state = create_join_event(sender_servername, &body.room_id, &body.pdu).await?; let room_state = create_join_event(origin, &body.room_id, &body.pdu).await?;
Ok(create_join_event::v1::Response { Ok(create_join_event::v1::Response {
room_state, room_state,
@ -1243,16 +1215,13 @@ pub(crate) async fn create_join_event_v1_route(
pub(crate) async fn create_join_event_v2_route( pub(crate) async fn create_join_event_v2_route(
body: Ruma<create_join_event::v2::Request>, body: Ruma<create_join_event::v2::Request>,
) -> Result<create_join_event::v2::Response> { ) -> Result<create_join_event::v2::Response> {
let sender_servername = body let origin = body.origin.as_ref().expect("server is authenticated");
.sender_servername
.as_ref()
.expect("server is authenticated");
if services() if services()
.globals .globals
.config .config
.forbidden_remote_server_names .forbidden_remote_server_names
.contains(sender_servername) .contains(origin)
{ {
return Err(Error::BadRequest( return Err(Error::BadRequest(
ErrorKind::forbidden(), ErrorKind::forbidden(),
@ -1278,7 +1247,7 @@ pub(crate) async fn create_join_event_v2_route(
auth_chain, auth_chain,
state, state,
event, event,
} = create_join_event(sender_servername, &body.room_id, &body.pdu).await?; } = create_join_event(origin, &body.room_id, &body.pdu).await?;
let room_state = create_join_event::v2::RoomState { let room_state = create_join_event::v2::RoomState {
members_omitted: false, members_omitted: false,
auth_chain, auth_chain,
@ -1298,11 +1267,9 @@ pub(crate) async fn create_join_event_v2_route(
pub(crate) async fn create_leave_event_template_route( pub(crate) async fn create_leave_event_template_route(
body: Ruma<prepare_leave_event::v1::Request>, body: Ruma<prepare_leave_event::v1::Request>,
) -> Result<prepare_leave_event::v1::Response> { ) -> Result<prepare_leave_event::v1::Response> {
let sender_servername = body let origin = body.origin.as_ref().expect("server is authenticated");
.sender_servername
.as_ref()
.expect("server is authenticated");
// ACL check origin
services() services()
.rooms .rooms
.event_handler .event_handler
@ -1376,15 +1343,13 @@ pub(crate) async fn create_leave_event_template_route(
}) })
} }
async fn create_leave_event(sender_servername: &ServerName, room_id: &RoomId, pdu: &RawJsonValue) -> Result<()> { async fn create_leave_event(origin: &ServerName, room_id: &RoomId, pdu: &RawJsonValue) -> Result<()> {
if !services().rooms.metadata.exists(room_id)? { if !services().rooms.metadata.exists(room_id)? {
return Err(Error::BadRequest(ErrorKind::NotFound, "Room is unknown to this server.")); return Err(Error::BadRequest(ErrorKind::NotFound, "Room is unknown to this server."));
} }
services() // ACL check origin
.rooms services().rooms.event_handler.acl_check(origin, room_id)?;
.event_handler
.acl_check(sender_servername, room_id)?;
let pub_key_map = RwLock::new(BTreeMap::new()); let pub_key_map = RwLock::new(BTreeMap::new());
@ -1455,12 +1420,9 @@ async fn create_leave_event(sender_servername: &ServerName, room_id: &RoomId, pd
pub(crate) async fn create_leave_event_v1_route( pub(crate) async fn create_leave_event_v1_route(
body: Ruma<create_leave_event::v1::Request>, body: Ruma<create_leave_event::v1::Request>,
) -> Result<create_leave_event::v1::Response> { ) -> Result<create_leave_event::v1::Response> {
let sender_servername = body let origin = body.origin.as_ref().expect("server is authenticated");
.sender_servername
.as_ref()
.expect("server is authenticated");
create_leave_event(sender_servername, &body.room_id, &body.pdu).await?; create_leave_event(origin, &body.room_id, &body.pdu).await?;
Ok(create_leave_event::v1::Response::new()) Ok(create_leave_event::v1::Response::new())
} }
@ -1471,12 +1433,9 @@ pub(crate) async fn create_leave_event_v1_route(
pub(crate) async fn create_leave_event_v2_route( pub(crate) async fn create_leave_event_v2_route(
body: Ruma<create_leave_event::v2::Request>, body: Ruma<create_leave_event::v2::Request>,
) -> Result<create_leave_event::v2::Response> { ) -> Result<create_leave_event::v2::Response> {
let sender_servername = body let origin = body.origin.as_ref().expect("server is authenticated");
.sender_servername
.as_ref()
.expect("server is authenticated");
create_leave_event(sender_servername, &body.room_id, &body.pdu).await?; create_leave_event(origin, &body.room_id, &body.pdu).await?;
Ok(create_leave_event::v2::Response::new()) Ok(create_leave_event::v2::Response::new())
} }
@ -1485,15 +1444,13 @@ pub(crate) async fn create_leave_event_v2_route(
/// ///
/// Invites a remote user to a room. /// Invites a remote user to a room.
pub(crate) async fn create_invite_route(body: Ruma<create_invite::v2::Request>) -> Result<create_invite::v2::Response> { pub(crate) async fn create_invite_route(body: Ruma<create_invite::v2::Request>) -> Result<create_invite::v2::Response> {
let sender_servername = body let origin = body.origin.as_ref().expect("server is authenticated");
.sender_servername
.as_ref()
.expect("server is authenticated");
// ACL check origin
services() services()
.rooms .rooms
.event_handler .event_handler
.acl_check(sender_servername, &body.room_id)?; .acl_check(origin, &body.room_id)?;
if !services() if !services()
.globals .globals
@ -1526,10 +1483,10 @@ pub(crate) async fn create_invite_route(body: Ruma<create_invite::v2::Request>)
.globals .globals
.config .config
.forbidden_remote_server_names .forbidden_remote_server_names
.contains(&sender_servername.to_owned()) .contains(origin)
{ {
warn!( warn!(
"Received federated/remote invite from banned server {sender_servername} for room ID {}. Rejecting.", "Received federated/remote invite from banned server {origin} for room ID {}. Rejecting.",
body.room_id body.room_id
); );
return Err(Error::BadRequest( return Err(Error::BadRequest(
@ -1569,7 +1526,7 @@ pub(crate) async fn create_invite_route(body: Ruma<create_invite::v2::Request>)
let sender: OwnedUserId = serde_json::from_value( let sender: OwnedUserId = serde_json::from_value(
signed_event signed_event
.get("sender") .get("sender")
.ok_or(Error::BadRequest(ErrorKind::InvalidParam, "Event had no sender field."))? .ok_or_else(|| Error::BadRequest(ErrorKind::InvalidParam, "Event had no sender field."))?
.clone() .clone()
.into(), .into(),
) )
@ -1578,7 +1535,7 @@ pub(crate) async fn create_invite_route(body: Ruma<create_invite::v2::Request>)
let invited_user: Box<_> = serde_json::from_value( let invited_user: Box<_> = serde_json::from_value(
signed_event signed_event
.get("state_key") .get("state_key")
.ok_or(Error::BadRequest(ErrorKind::InvalidParam, "Event had no state_key field."))? .ok_or_else(|| Error::BadRequest(ErrorKind::InvalidParam, "Event had no state_key field."))?
.clone() .clone()
.into(), .into(),
) )
@ -1644,10 +1601,7 @@ pub(crate) async fn get_devices_route(body: Ruma<get_devices::v1::Request>) -> R
)); ));
} }
let sender_servername = body let origin = body.origin.as_ref().expect("server is authenticated");
.sender_servername
.as_ref()
.expect("server is authenticated");
Ok(get_devices::v1::Response { Ok(get_devices::v1::Response {
user_id: body.user_id.clone(), user_id: body.user_id.clone(),
@ -1680,10 +1634,10 @@ pub(crate) async fn get_devices_route(body: Ruma<get_devices::v1::Request>) -> R
.collect(), .collect(),
master_key: services() master_key: services()
.users .users
.get_master_key(None, &body.user_id, &|u| u.server_name() == sender_servername)?, .get_master_key(None, &body.user_id, &|u| u.server_name() == origin)?,
self_signing_key: services() self_signing_key: services()
.users .users
.get_self_signing_key(None, &body.user_id, &|u| u.server_name() == sender_servername)?, .get_self_signing_key(None, &body.user_id, &|u| u.server_name() == origin)?,
}) })
} }
@ -1792,7 +1746,7 @@ pub(crate) async fn get_keys_route(body: Ruma<get_keys::v1::Request>) -> Result<
let result = get_keys_helper( let result = get_keys_helper(
None, None,
&body.device_keys, &body.device_keys,
|u| Some(u.server_name()) == body.sender_servername.as_deref(), |u| Some(u.server_name()) == body.origin.as_deref(),
services().globals.allow_device_name_federation(), services().globals.allow_device_name_federation(),
) )
.await?; .await?;
@ -1841,16 +1795,13 @@ pub(crate) async fn well_known_server(
/// Gets the space tree in a depth-first manner to locate child rooms of a given /// Gets the space tree in a depth-first manner to locate child rooms of a given
/// space. /// space.
pub(crate) async fn get_hierarchy_route(body: Ruma<get_hierarchy::v1::Request>) -> Result<get_hierarchy::v1::Response> { pub(crate) async fn get_hierarchy_route(body: Ruma<get_hierarchy::v1::Request>) -> Result<get_hierarchy::v1::Response> {
let sender_servername = body let origin = body.origin.as_ref().expect("server is authenticated");
.sender_servername
.as_ref()
.expect("server is authenticated");
if services().rooms.metadata.exists(&body.room_id)? { if services().rooms.metadata.exists(&body.room_id)? {
services() services()
.rooms .rooms
.spaces .spaces
.get_federation_hierarchy(&body.room_id, sender_servername, body.suggested_only) .get_federation_hierarchy(&body.room_id, origin, body.suggested_only)
.await .await
} else { } else {
Err(Error::BadRequest(ErrorKind::NotFound, "Room does not exist.")) Err(Error::BadRequest(ErrorKind::NotFound, "Room does not exist."))