Same behavior for no result and result blacklisted

2024-12-18 17:10:43 +03:00 · 2019-05-03 14:23:31 -07:00 · 2019-05-03 14:23:31 -07:00 · 13f430cee4
commit 13f430cee4
parent 131b9c00c6
3 changed files with 26 additions and 18 deletions
--- a/synapse/http/client.py
+++ b/synapse/http/client.py
@ -82,7 +82,6 @@ class IPBlacklistingResolver(object):
            reactor (twisted.internet.reactor)
            ip_whitelist (netaddr.IPSet)
            ip_blacklist (netaddr.IPSet)
-            federation (bool): this resolver is for federation traffic
        """
        self._reactor = reactor
        self._ip_whitelist = ip_whitelist
@ -104,7 +103,7 @@ class IPBlacklistingResolver(object):
                    ip_address, self._ip_whitelist, self._ip_blacklist
                ):
                    logger.info(
-                        "Dropped %s from DNS resolution to %s" % (ip_address, hostname)
+                        "Dropped %s from DNS resolution to %s due to blacklist" % (ip_address, hostname)
                    )
                    has_bad_ip = True

@ -165,9 +164,9 @@ class BlacklistingAgentWrapper(Agent):
                ip_address, self._ip_whitelist, self._ip_blacklist
            ):
                logger.info(
-                    "Blocking access to %s because of blacklist" % (ip_address,)
+                    "Blocking access to %s because of blacklist. Returning 0 results" % (ip_address,)
                )
-                e = SynapseError(403, "IP address blocked by IP blacklist entry")
+                e = SynapseError(404, "No results found")
                return defer.fail(Failure(e))
        except Exception:
            # Not an IP
--- a/synapse/rest/media/v1/preview_url_resource.py
+++ b/synapse/rest/media/v1/preview_url_resource.py
@ -31,6 +31,7 @@ from six.moves import urllib_parse as urlparse
 from canonicaljson import json

 from twisted.internet import defer
+from twisted.internet.error import DNSLookupError
 from twisted.web.resource import Resource
 from twisted.web.server import NOT_DONE_YET

@ -331,6 +332,14 @@ class PreviewUrlResource(Resource):
            except Exception as e:
                # FIXME: pass through 404s and other error messages nicely
                logger.warn("Error downloading %s: %r", url, e)
+
+                if isinstance(e, DNSLookupError):
+                    # DNS lookup returned no results
+                    # Note: This will also be the case if the found IP address is blacklisted
+                    raise SynapseError(
+                        404, "No results found", Codes.UNKNOWN
+                    )
+
                raise SynapseError(
                    500, "Failed to download content: %s" % (
                        traceback.format_exception_only(sys.exc_info()[0], e),
--- a/tests/rest/media/v1/test_url_preview.py
+++ b/tests/rest/media/v1/test_url_preview.py
@ -297,12 +297,12 @@ class URLPreviewTests(unittest.HomeserverTestCase):

        # No requests made.
        self.assertEqual(len(self.reactor.tcpClients), 0)
-        self.assertEqual(channel.code, 403)
+        self.assertEqual(channel.code, 404)
        self.assertEqual(
            channel.json_body,
            {
                'errcode': 'M_UNKNOWN',
-                'error': 'IP address blocked by IP blacklist entry',
+                'error': 'No results found',
            },
        )

@ -318,12 +318,12 @@ class URLPreviewTests(unittest.HomeserverTestCase):
        request.render(self.preview_url)
        self.pump()

-        self.assertEqual(channel.code, 403)
+        self.assertEqual(channel.code, 404)
        self.assertEqual(
            channel.json_body,
            {
                'errcode': 'M_UNKNOWN',
-                'error': 'IP address blocked by IP blacklist entry',
+                'error': 'No results found',
            },
        )

@ -339,14 +339,14 @@ class URLPreviewTests(unittest.HomeserverTestCase):

        # No requests made.
        self.assertEqual(len(self.reactor.tcpClients), 0)
-        self.assertEqual(channel.code, 403)
        self.assertEqual(
            channel.json_body,
            {
                'errcode': 'M_UNKNOWN',
-                'error': 'IP address blocked by IP blacklist entry',
+                'error': 'No results found',
            },
        )
+        self.assertEqual(channel.code, 404)

    def test_blacklisted_ip_range_direct(self):
        """
@ -358,12 +358,12 @@ class URLPreviewTests(unittest.HomeserverTestCase):
        request.render(self.preview_url)
        self.pump()

-        self.assertEqual(channel.code, 403)
+        self.assertEqual(channel.code, 404)
        self.assertEqual(
            channel.json_body,
            {
                'errcode': 'M_UNKNOWN',
-                'error': 'IP address blocked by IP blacklist entry',
+                'error': 'No results found',
            },
        )

@ -414,12 +414,12 @@ class URLPreviewTests(unittest.HomeserverTestCase):
        )
        request.render(self.preview_url)
        self.pump()
-        self.assertEqual(channel.code, 403)
+        self.assertEqual(channel.code, 404)
        self.assertEqual(
            channel.json_body,
            {
                'errcode': 'M_UNKNOWN',
-                'error': 'IP address blocked by IP blacklist entry',
+                'error': 'No results found',
            },
        )

@ -439,12 +439,12 @@ class URLPreviewTests(unittest.HomeserverTestCase):

        # No requests made.
        self.assertEqual(len(self.reactor.tcpClients), 0)
-        self.assertEqual(channel.code, 403)
+        self.assertEqual(channel.code, 404)
        self.assertEqual(
            channel.json_body,
            {
                'errcode': 'M_UNKNOWN',
-                'error': 'IP address blocked by IP blacklist entry',
+                'error': 'No results found',
            },
        )

@ -460,11 +460,11 @@ class URLPreviewTests(unittest.HomeserverTestCase):
        request.render(self.preview_url)
        self.pump()

-        self.assertEqual(channel.code, 403)
+        self.assertEqual(channel.code, 404)
        self.assertEqual(
            channel.json_body,
            {
                'errcode': 'M_UNKNOWN',
-                'error': 'IP address blocked by IP blacklist entry',
+                'error': 'No results found',
            },
        )