From fda30f5602e5e28ead4c06ada08bda2a1bb78125 Mon Sep 17 00:00:00 2001 From: girlbossceo Date: Wed, 13 Sep 2023 21:33:45 -0400 Subject: [PATCH] fix: add destination field authorization handler (not my commit) Signed-off-by: girlbossceo --- src/api/ruma_wrapper/axum.rs | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) diff --git a/src/api/ruma_wrapper/axum.rs b/src/api/ruma_wrapper/axum.rs index bbd48614..c8ef9fff 100644 --- a/src/api/ruma_wrapper/axum.rs +++ b/src/api/ruma_wrapper/axum.rs @@ -178,6 +178,18 @@ where CanonicalJsonValue::Object(origin_signatures), )]); + let server_destination = + services().globals.server_name().as_str().to_owned(); + + if let Some(destination) = x_matrix.destination.as_ref() { + if destination != &server_destination { + return Err(Error::BadRequest( + ErrorKind::Forbidden, + "Invalid authorization.", + )); + } + } + let mut request_map = BTreeMap::from_iter([ ( "method".to_owned(), @@ -193,9 +205,7 @@ where ), ( "destination".to_owned(), - CanonicalJsonValue::String( - services().globals.server_name().as_str().to_owned(), - ), + CanonicalJsonValue::String(server_destination), ), ( "signatures".to_owned(), @@ -310,6 +320,7 @@ where struct XMatrix { origin: OwnedServerName, + destination: Option, key: String, // KeyName? sig: String, } @@ -328,6 +339,7 @@ impl Credentials for XMatrix { .trim_start(); let mut origin = None; + let mut destination = None; let mut key = None; let mut sig = None; @@ -346,6 +358,7 @@ impl Credentials for XMatrix { "origin" => origin = Some(value.try_into().ok()?), "key" => key = Some(value.to_owned()), "sig" => sig = Some(value.to_owned()), + "destination" => destination = Some(value.to_owned()), _ => debug!( "Unexpected field `{}` in X-Matrix Authorization header", name @@ -357,6 +370,7 @@ impl Credentials for XMatrix { origin: origin?, key: key?, sig: sig?, + destination, }) }