synapse icon indicating copy to clipboard operation
synapse copied to clipboard
verified publisher icon matrix-org

peeking doesn't work over federation

Open jevolk opened this issue 7 years ago • 2 comments

The specification states in 13.12

In all cases except world_readable, a user needs to join a room to view events in that room.

It goes on to say:

world_readable - All events while this is the m.room.history_visibility value may be shared by any participating homeserver with anyone, regardless of whether they have ever joined the room.

Exhibited Behavior

Synapse denies world_readable information by imposing a condition which checks if the requesting server has at least one user joined to the room. It responds with the error:

403 Forbidden
{"errcode":"M_FORBIDDEN","error":"Host not in room."}

This is not world_readable as specified. This check occurs on all relevant federation endpoints, making it impossible to access information about a room without joining at least one user. This exhibits a shared rather than world_readable visibility.

Proper Behavior

Synapse should not care whether a requesting server is joined to a room when it attempts to elicit information for events covered by a world_readable visibility state.

Conclusion

As the reference implementation for the specification, this is a problem. Either this is an implementation error by synapse or this is an omission by the written specification. Should server implementations follow suit with synapse de facto or should they follow the specification de jure in contrast with it?

Furthermore, if this condition was implemented to mitigate a security vulnerability, spam or DoS vector, or even a performance problem: other implementations will surely fall victim to it, and the specification should not blindly lead them into doing so. In contrast, if a server developer believes the preceding statement might be true because this discrepancy merely exists, when it is not true, they will degrade the functionality of their server for no reason.

jevolk avatar Nov 28 '18 20:11 jevolk

Synapse bug, spec describes the correct behaviour.

neilisfragile avatar Nov 30 '18 17:11 neilisfragile

I think this is effectively a dup or very closely related to https://github.com/matrix-org/matrix-doc/issues/913. It's not clear what endpoints this bug is actually concerned about though (/sync, /events, or SS API queries?)

ara4n avatar Apr 21 '19 07:04 ara4n