From ee9c010c374cd346621c4303b3924500dfd51916 Mon Sep 17 00:00:00 2001 From: Erik Johnston Date: Thu, 13 Dec 2018 14:11:03 +0000 Subject: [PATCH] Document the checks made for incoming PDUs --- specification/server_server_api.rst | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/specification/server_server_api.rst b/specification/server_server_api.rst index b8eaf715e..a3fb9ee0e 100644 --- a/specification/server_server_api.rst +++ b/specification/server_server_api.rst @@ -334,8 +334,22 @@ Authorization of PDUs ~~~~~~~~~~~~~~~~~~~~~ Whenever a server receives an event from a remote server, the receiving server -must check that the event is allowed by the authorization rules. These rules -depend on the state of the room at that event. +must ensure that the event: + +1. Is a valid event, otherwise it is dropped +2. Passes signature checks, otherwise it is dropped. +3. Passes hash checks, otherwise it is redacted before being processed + further. +4. Passes authorization rules based on the event's auth events, otherwise it + is rejected. +5. Passes authorization rules based on the state at the event, otherwise it + is rejected. +6. Passes auth rules based on the current state of the room, otherwise it + is "soft failed". + +Further details of these checks, and how to handle failures, are described +below. + Definitions +++++++++++