Clarify logging when PDU signature checking fails

2019-04-25 20:53:10 +01:00 · 2019-04-25 20:53:10 +01:00 · 7ca638c761
parent ce6d47934b
commit 7ca638c761
2 changed files with 20 additions and 3 deletions
--- a/synapse/crypto/keyring.py
+++ b/synapse/crypto/keyring.py
@ -120,11 +120,9 @@ class Keyring(object):
            key_ids = signature_ids(json_object, server_name)
            if not key_ids:
                logger.warn("Request from %s: no supported signature keys",
                            server_name)
                deferred = defer.fail(SynapseError(
                    400,
-                    "Not signed with a supported algorithm",
+                    "Not signed by %s" % (server_name, ),
                    Codes.UNAUTHORIZED,
                ))
            else:
--- a/synapse/federation/federation_base.py
+++ b/synapse/federation/federation_base.py
@ -269,7 +269,17 @@ def _check_sigs_on_pdus(keyring, room_version, pdus):
        for p in pdus_to_check_sender
    ])
    def sender_err(e, pdu_to_check):
        logger.warning(
            "event id %s: unable to verify signature for sender %s: %s",
            pdu_to_check.pdu.event_id,
            pdu_to_check.sender_domain,
            e,
        )
        return e
    for p, d in zip(pdus_to_check_sender, more_deferreds):
        d.addErrback(sender_err, p)
        p.deferreds.append(d)
    # now let's look for events where the sender's domain is different to the
@ -291,7 +301,16 @@ def _check_sigs_on_pdus(keyring, room_version, pdus):
            for p in pdus_to_check_event_id
        ])
        def event_err(e, pdu_to_check):
            logger.warning(
                "event id %s: unable to verify signature for event id domain: %s",
                pdu_to_check.pdu.event_id,
                e,
            )
            return e
        for p, d in zip(pdus_to_check_event_id, more_deferreds):
            d.addErrback(event_err, p)
            p.deferreds.append(d)
    # replace lists of deferreds with single Deferreds