This repository has been archived by the owner on Apr 26, 2024. It is now read-only.
-
-
Notifications
You must be signed in to change notification settings - Fork 2.1k
spoofed event breaks federation (SYN-739) #1574
Labels
A-Federation
S-Major
Major functionality / product severely impaired, no satisfactory workaround.
Security
T-Defect
Bugs, crashes, hangs, security vulnerabilities, or other reported issues.
Comments
Jira watchers: @NegativeMjark |
Links exported from Jira: relates to #1571 |
Looks like the same limiter is being applied for both sending messages and for getting events.
|
Except that should be handled by synapse/synapse/util/retryutils.py Line 94 in 9371019
|
Except maybe the key client errors are to blame? Cause they aren't CodeMessage exceptions and I think they also go through the retry limiter. |
matrixbot
changed the title
spoofed event breaks federation (SYN-739)
spoofed event breaks federation (https://github.com/matrix-org/synapse/issues/1574)
Nov 7, 2016
matrixbot
changed the title
spoofed event breaks federation (https://github.com/matrix-org/synapse/issues/1574)
spoofed event breaks federation (SYN-739)
Nov 7, 2016
Going through the list of untriaged events. Is there anything we can actually do here? |
possibly it's just a particular case of #8917. |
clokep
added
S-Major
Major functionality / product severely impaired, no satisfactory workaround.
T-Defect
Bugs, crashes, hangs, security vulnerabilities, or other reported issues.
A-Federation
labels
Feb 1, 2022
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Labels
A-Federation
S-Major
Major functionality / product severely impaired, no satisfactory workaround.
Security
T-Defect
Bugs, crashes, hangs, security vulnerabilities, or other reported issues.
Submitted by @richvdh:sw1v.org
My synapse stopped receiving events from matrix.org :/
I suspect that
$14691962031Kdruf:sw1v.org
was spoofed by Dylanger. Either way sw1v.org shouldn't be blacklisted if it returns a 404. One also has to assume that hveem.no has blacklisted matrix.org. Generally it's all a bit fucked.(Imported from https://matrix.org/jira/browse/SYN-739)
The text was updated successfully, but these errors were encountered: