Skip to content

Commit

Permalink
fix(federation): Change the Talk-Hash header when overwriting capabil…
Browse files Browse the repository at this point in the history 
…ities

Signed-off-by: Joas Schilling <[email protected]>
  • Loading branch information
@nickvergessen
nickvergessen committed Mar 22, 2024
1 parent 5a28d95 commit 455231a
Show file tree
Hide file tree
Showing 3 changed files with 23 additions and 2 deletions.
7 changes: 7 additions & 0 deletions lib/Controller/RoomController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,7 @@
use OCA\Talk\Exceptions\UnauthorizedException;
use OCA\Talk\Federation\Authenticator;
use OCA\Talk\Federation\FederationManager;
use OCA\Talk\Federation\Proxy\TalkV1\ProxyRequest;
use OCA\Talk\GuestManager;
use OCA\Talk\Manager;
use OCA\Talk\MatterbridgeManager;
Expand Down Expand Up @@ -2259,6 +2260,12 @@ public function getCapabilities(): DataResponse {
/** @var TalkCapabilities|array<empty> $data */
$data = $response->getData();

/**
* IMPORTANT:
* When adding, changing or removing anything here, update
* @see ProxyRequest::overwrittenRemoteTalkHash()
* so clients correctly refresh their capabilities.
*/
if (isset($data['config']['chat']['read-privacy'])) {
$data['config']['chat']['read-privacy'] = Participant::PRIVACY_PRIVATE;
}
Expand Down
4 changes: 2 additions & 2 deletions lib/Federation/Proxy/TalkV1/Controller/RoomController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -99,7 +99,7 @@ public function joinFederatedRoom(Room $room, Participant $participant): DataRes
throw new CannotReachRemoteException();
}

$headers = ['X-Nextcloud-Talk-Proxy-Hash' => $proxy->getHeader('X-Nextcloud-Talk-Hash')];
$headers = ['X-Nextcloud-Talk-Proxy-Hash' => $this->proxy->overwrittenRemoteTalkHash($proxy->getHeader('X-Nextcloud-Talk-Hash'))];

return new DataResponse([], $statusCode, $headers);
}
Expand All @@ -123,7 +123,7 @@ public function getCapabilities(Room $room, Participant $participant): DataRespo
$data = $this->proxy->getOCSData($proxy);

$headers = [
'X-Nextcloud-Talk-Hash' => $proxy->getHeader('X-Nextcloud-Talk-Hash'),
'X-Nextcloud-Talk-Hash' => $this->proxy->overwrittenRemoteTalkHash($proxy->getHeader('X-Nextcloud-Talk-Hash')),
];

return new DataResponse($data, Http::STATUS_OK, $headers);
Expand Down
14 changes: 14 additions & 0 deletions lib/Federation/Proxy/TalkV1/ProxyRequest.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,20 @@ public function __construct(
) {
}

public function overwrittenRemoteTalkHash(string $hash): string {
return sha1(json_encode([
'remoteHash' => $hash,
'manipulated' => [
'config' => [
'chat' => [
'read-privacy',
'typing-privacy',
],
],
]
]));
}

/**
* @return Http::STATUS_BAD_REQUEST
*/
Expand Down

0 comments on commit 455231a

Please sign in to comment.