This repository has been archived by the owner on Apr 26, 2024. It is now read-only.
FEDERATION: Problem with synchronisation between homeservers #16379
Comments
|
This is somewhat expected. All servers in the room should be able to see all events in the room, no matter the whitelist, as (in your case) A can pull in events sent by C via B. It appears that we don't highlight this in the configuration documentation (I thought we did). |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Description
SCENARIO:
I have three homeservers, we will call them A, B and C. The three of them federate as such:
C is the matrix.org homeserver. B and C are the personal homeservers. Homeserver B user creates a private encrypted room and invites users from homeservers A and C. Due to the whitelist, homeserver A user cannot read the messages from homeserver C user and vice-versa but homeserver B user can read the messages from both.
EXPLOIT:
Homeserver C user quits the room and gets re-invited into the room.
RESULT:
Homeserver C user can now see all the messages from homeserver user A but not the other way around. This shouldn't happen due to the whitelist and the expected behaviour would be the same as before the homeserver A user quit the room.
CAUSE:
I believe this happens when homeserver user C rejoins the room, the server asks homeserver B to get everything he needs and homeserver B (which can federate with both homeservers) gives him all the encryption keys, even the ones from homeserver A as he doesn't know about the whitelist.
Is this behaviour normal or is this a bug? Thanks in advance.
Steps to reproduce
Homeserver
Matrix.org and 2 personal homeservers
Synapse Version
1.85.2
Installation Method
Docker (matrixdotorg/synapse)
Database
PostgreSQL
Workers
Single process
Platform
Container
Configuration
No response
Relevant log output
.Anything else that would be useful to know?
No response
The text was updated successfully, but these errors were encountered: