diff --git a/synapse/handlers/federation.py b/synapse/handlers/federation.py
index 4e8ffa8f7ba5bed708754c341a6cee84e383d68b..7622962d46af8a117ccae100876b998eaf11e8cb 100644
--- a/synapse/handlers/federation.py
+++ b/synapse/handlers/federation.py
@@ -688,6 +688,8 @@ class FederationHandler(BaseHandler):
logger.warn("Failed to create join %r because %s", event, e)
raise e
+ # The remote hasn't signed it yet, obviously. We'll do the full checks
+ # when we get the event back in `on_send_join_request`
self.auth.check(event, auth_events=context.current_state, do_sig_check=False)
defer.returnValue(event)
@@ -918,6 +920,8 @@ class FederationHandler(BaseHandler):
)
try:
+ # The remote hasn't signed it yet, obviously. We'll do the full checks
+ # when we get the event back in `on_send_leave_request`
self.auth.check(event, auth_events=context.current_state, do_sig_check=False)
except AuthError as e:
logger.warn("Failed to create new leave %r because %s", event, e)
diff --git a/synapse/state.py b/synapse/state.py
index d7d08570c934aa51f6b3acd95d873806d3f8c450..ef1bc470be62c0a77ff8a5e740730bf4587a4407 100644
--- a/synapse/state.py
+++ b/synapse/state.py
@@ -379,6 +379,7 @@ class StateHandler(object):
try:
# FIXME: hs.get_auth() is bad style, but we need to do it to
# get around circular deps.
+ # The signatures have already been checked at this point
self.hs.get_auth().check(event, auth_events, do_sig_check=False)
prev_event = event
except AuthError:
@@ -391,6 +392,7 @@ class StateHandler(object):
try:
# FIXME: hs.get_auth() is bad style, but we need to do it to
# get around circular deps.
+ # The signatures have already been checked at this point
self.hs.get_auth().check(event, auth_events, do_sig_check=False)
return event
except AuthError: