State-reset and security mitigations.

Upgrade Ruma to present. The following are intentionally benign for activation in a later commit: - Hydra backports not default. - Room version 12 not default. - Room version 12 not listed as stable. Do not enable them manually or you can brick your database. Signed-off-by: Jason Volk <jason@zemos.net>
2025-06-29 03:33:29 +00:00
parent 2c6dd78502
commit 628597c318
134 changed files with 14961 additions and 4935 deletions
--- a/src/api/client/membership/mod.rs
+++ b/src/api/client/membership/mod.rs
@@ -70,15 +70,16 @@ pub(crate) async fn banned_room_check(

 	if let Some(room_id) = room_id {
 		if services.rooms.metadata.is_banned(room_id).await
-			|| services
-				.config
-				.forbidden_remote_server_names
-				.is_match(
-					room_id
-						.server_name()
-						.expect("legacy room mxid")
-						.host(),
-				) {
+			|| (room_id.server_name().is_some()
+				&& services
+					.config
+					.forbidden_remote_server_names
+					.is_match(
+						room_id
+							.server_name()
+							.expect("legacy room mxid")
+							.host(),
+					)) {
 			warn!(
 				"User {user_id} who is not an admin attempted to send an invite for or \
 				 attempted to join a banned room or banned room server name: {room_id}"