From ed21938d90d9a9320265285a0538145a3d2e6bb0 Mon Sep 17 00:00:00 2001
From: Patrick Cloke <patrickc@matrix.org>
Date: Mon, 24 Aug 2020 14:53:51 -0400
Subject: [PATCH 1/3] Do not allow send_nonmember_event to be called with
 shadow-banned users.

---
 changelog.d/8158.feature    |  1 +
 synapse/handlers/message.py | 17 ++++++++++++++++-
 2 files changed, 17 insertions(+), 1 deletion(-)
 create mode 100644 changelog.d/8158.feature

diff --git a/changelog.d/8158.feature b/changelog.d/8158.feature
new file mode 100644
index 000000000000..47c4c39167ed
--- /dev/null
+++ b/changelog.d/8158.feature
@@ -0,0 +1 @@
+ Add support for shadow-banning users (ignoring any message send requests).
diff --git a/synapse/handlers/message.py b/synapse/handlers/message.py
index 593c0cc6f12b..d75a5cf37394 100644
--- a/synapse/handlers/message.py
+++ b/synapse/handlers/message.py
@@ -647,6 +647,7 @@ async def send_nonmember_event(
         event: EventBase,
         context: EventContext,
         ratelimit: bool = True,
+        ignore_shadow_ban: bool = False,
     ) -> int:
         """
         Persists and notifies local clients and federation of an event.
@@ -659,12 +660,20 @@ async def send_nonmember_event(
 
         Return:
             The stream_id of the persisted event.
+
+        Raises:
+            ShadowBanError if the requester has been shadow-banned.
         """
         if event.type == EventTypes.Member:
             raise SynapseError(
                 500, "Tried to send member event through non-member codepath"
             )
 
+        if not ignore_shadow_ban and requester.shadow_banned:
+            # We randomly sleep a bit just to annoy the requester.
+            await self.clock.sleep(random.randint(1, 10))
+            raise ShadowBanError()
+
         user = UserID.from_string(event.sender)
 
         assert self.hs.is_mine(user), "User must be our own: %s" % (user,)
@@ -1190,8 +1199,14 @@ async def _send_dummy_events_to_fill_extremities(self):
 
                     event.internal_metadata.proactively_send = False
 
+                    # Since this is a dummy-event it is OK if it is sent by a
+                    # shadow-banned user.
                     await self.send_nonmember_event(
-                        requester, event, context, ratelimit=False
+                        requester,
+                        event,
+                        context,
+                        ratelimit=False,
+                        ignore_shadow_ban=True,
                     )
                     dummy_event_sent = True
                     break

From 3b9e498fbdb6e259033ac40bc624a75a547854c0 Mon Sep 17 00:00:00 2001
From: Patrick Cloke <patrickc@matrix.org>
Date: Mon, 24 Aug 2020 15:14:39 -0400
Subject: [PATCH 2/3] Propagate whether to ignore shadow-ban.

---
 synapse/handlers/message.py | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/synapse/handlers/message.py b/synapse/handlers/message.py
index d75a5cf37394..d255fe1830b2 100644
--- a/synapse/handlers/message.py
+++ b/synapse/handlers/message.py
@@ -759,7 +759,11 @@ async def create_and_send_nonmember_event(
                 raise SynapseError(403, spam_error, Codes.FORBIDDEN)
 
             stream_id = await self.send_nonmember_event(
-                requester, event, context, ratelimit=ratelimit
+                requester,
+                event,
+                context,
+                ratelimit=ratelimit,
+                ignore_shadow_ban=ignore_shadow_ban,
             )
         return event, stream_id
 

From b57ff5967567b76b7f76ec1238285fb5bf21d7e5 Mon Sep 17 00:00:00 2001
From: Patrick Cloke <patrickc@matrix.org>
Date: Tue, 25 Aug 2020 07:55:15 -0400
Subject: [PATCH 3/3] Update docstrings.

---
 synapse/handlers/message.py | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

diff --git a/synapse/handlers/message.py b/synapse/handlers/message.py
index d255fe1830b2..02d624268bee 100644
--- a/synapse/handlers/message.py
+++ b/synapse/handlers/message.py
@@ -653,10 +653,12 @@ async def send_nonmember_event(
         Persists and notifies local clients and federation of an event.
 
         Args:
-            requester
-            event the event to send.
-            context: the context of the event.
+            requester: The requester sending the event.
+            event: The event to send.
+            context: The context of the event.
             ratelimit: Whether to rate limit this send.
+            ignore_shadow_ban: True if shadow-banned users should be allowed to
+                send this event.
 
         Return:
             The stream_id of the persisted event.
@@ -734,6 +736,14 @@ async def create_and_send_nonmember_event(
 
         See self.create_event and self.send_nonmember_event.
 
+        Args:
+            requester: The requester sending the event.
+            event_dict: An entire event.
+            ratelimit: Whether to rate limit this send.
+            txn_id: The transaction ID.
+            ignore_shadow_ban: True if shadow-banned users should be allowed to
+                send this event.
+
         Raises:
             ShadowBanError if the requester has been shadow-banned.
         """