9858b33b37
just remove double quotes if found instead
...
Signed-off-by: strawberry <strawberry@puppygock.gay >
2024-01-25 19:28:33 -05:00
e0419d9c5d
custom room ID checks, dont use format! macro due to quotes being added
...
Signed-off-by: strawberry <strawberry@puppygock.gay >
2024-01-25 19:28:33 -05:00
7eff572e77
check if room ID already exists instead of erroring on auth check
...
Signed-off-by: strawberry <strawberry@puppygock.gay >
2024-01-25 19:28:33 -05:00
8754f0e2a5
additional character check on room alias
...
Signed-off-by: strawberry <strawberry@puppygock.gay >
2024-01-25 19:28:33 -05:00
89d9cdeb3a
IP range denylist logging, and fix logic error
...
Signed-off-by: strawberry <strawberry@puppygock.gay >
2024-01-25 19:28:33 -05:00
382347353e
add custom room ID support using room_id field
...
Signed-off-by: strawberry <strawberry@puppygock.gay >
2024-01-25 19:28:33 -05:00
2980af6490
move room creation config check higher up
...
dont bother wasting resources if we know we
arent even allowed to make the room to begin with
Signed-off-by: strawberry <strawberry@puppygock.gay >
2024-01-25 19:28:33 -05:00
ead9a58dce
dont crash failing to deserialise room creation content
...
Signed-off-by: strawberry <strawberry@puppygock.gay >
2024-01-25 19:28:33 -05:00
3453dcc344
add error checking to room aliases
...
length, colon, and spaces. also dont crash.
Signed-off-by: strawberry <strawberry@puppygock.gay >
2024-01-25 19:28:33 -05:00
6c1358d0c8
send home_server on login response again
...
a 6+ year old deprecated field that isnt even spelled
right, and no clients use it must still be sent
according to spec
Signed-off-by: strawberry <strawberry@puppygock.gay >
2024-01-25 19:28:33 -05:00
fa0c083555
don't send requests to specified list of IP CIDRs
...
this can most definitely be improved but this is a decent attempt.
the only annoying this is i couldn't just use a Vec<IPAddress> which
would have significantly simplified all of this, but serde can't
deserialise it on the config side i guess.
i may find a better way to do this in the future, but this should cover
most areas anyways.
Signed-off-by: strawberry <strawberry@puppygock.gay >
2024-01-25 19:28:33 -05:00
71d247232d
oops forgot that endpoint too
...
Signed-off-by: strawberry <strawberry@puppygock.gay >
2024-01-25 19:28:33 -05:00
6c75087863
eat less of client parameters for media requests
...
still cantt respect allow_redirect yet
Signed-off-by: strawberry <strawberry@puppygock.gay >
2024-01-25 19:28:33 -05:00
ab6cb4ad2d
switch back to expect for sender_user
...
as far as i can tell, it will return a normal
error in the auth token handling code so this is fine.
we also shouldnt assume all errors from this are
access_token related.
Signed-off-by: strawberry <strawberry@puppygock.gay >
2024-01-25 19:28:33 -05:00
02bc818633
match explicit URI to see if we should authenticate the user
...
first attempt at forcing an endpoint to be authenticated
Signed-off-by: strawberry <strawberry@puppygock.gay >
2024-01-25 19:28:33 -05:00
9d0c85ab17
use ruma JsOption, bump figment
...
Signed-off-by: strawberry <strawberry@puppygock.gay >
2024-01-25 19:28:33 -05:00
34bac4d1d9
support sending well_known client response in /login using well_known_client
...
Signed-off-by: strawberry <strawberry@puppygock.gay >
2024-01-25 19:28:33 -05:00
cf62cb0d0a
send avatar_url on invite member events like synapse
...
Signed-off-by: strawberry <strawberry@puppygock.gay >
2024-01-25 19:28:33 -05:00
f275a0dfbe
fix obvious copy-paste error
...
Signed-off-by: strawberry <strawberry@puppygock.gay >
2024-01-25 19:28:33 -05:00
6ffc54e241
support blocking servers from fetching remote media from
...
akin to synapse's `prevent_media_downloads_from`
Signed-off-by: strawberry <strawberry@puppygock.gay >
2024-01-17 23:57:45 -05:00
1a06c8c9d3
more error checking for deserialising events and canonical JSON
...
Signed-off-by: strawberry <strawberry@puppygock.gay >
2024-01-17 23:57:45 -05:00
3ffca25f6f
update few endpoint docs versions
...
Signed-off-by: strawberry <strawberry@puppygock.gay >
2024-01-17 23:57:45 -05:00
2bbc75d68e
why did i have to run cargo fmt twice
...
Signed-off-by: strawberry <strawberry@puppygock.gay >
2024-01-17 14:26:26 -05:00
40f5345586
fix formatting and links of user reports more
...
Signed-off-by: strawberry <strawberry@puppygock.gay >
2024-01-17 14:26:26 -05:00
e944ed5eb4
fix /report endpoint a lot
...
in short, the `/report` endpoint now checks if:
- the reporting room in the URI matches the PDU/event reported
- sender user is in the room reported
- raises report reasoning to 750 characters (spec doesn't say to limit
these, but thorough and informative reports for server admins are not
a bad thing)
- (hopefully) fixes some broken formatting
- add a random short delay before sending a successful response to the
client to make it more annoying to enumerate for events on our server
(security by obscurity but spec suggests it)
basically, secure reports better lol
see https://spec.matrix.org/v1.9/client-server-api/#post_matrixclientv3roomsroomidreporteventid
Signed-off-by: strawberry <strawberry@puppygock.gay >
2024-01-17 14:26:26 -05:00
7eb57a9fd5
explicitly fallback to None for invalid/empty room topics
...
Signed-off-by: strawberry <strawberry@puppygock.gay >
2024-01-17 14:26:26 -05:00
9a3866afff
return M_INVALID_PARAM instead of M_BAD_JSON for bad room aliases
...
Signed-off-by: strawberry <strawberry@puppygock.gay >
2024-01-17 14:26:26 -05:00
92641d0628
first of many small code documentation
...
Signed-off-by: strawberry <strawberry@puppygock.gay >
2024-01-17 14:26:26 -05:00
a85ebdeaa0
require sender_user being in the reporting room for /report events
...
Matrix 1.8 change:
https://spec.matrix.org/v1.9/client-server-api/#post_matrixclientv3roomsroomidreporteventid
Signed-off-by: strawberry <strawberry@puppygock.gay >
2024-01-17 14:26:26 -05:00
bfc738d80e
default to None for room topic event in spaces or /publicRooms
...
Signed-off-by: strawberry <strawberry@puppygock.gay >
2024-01-17 14:26:26 -05:00
59c7f93656
fix more clippy lints (part 1)
...
Signed-off-by: strawberry <strawberry@puppygock.gay >
2024-01-17 14:26:26 -05:00
2074e36aa4
add missing ban reason to ban events
...
Signed-off-by: strawberry <strawberry@puppygock.gay >
2024-01-14 20:55:56 -05:00
2f16726bac
raise generated passwords to 25 chars
...
Signed-off-by: strawberry <strawberry@puppygock.gay >
2024-01-14 20:55:56 -05:00
2b031e40a2
partially revert keeping track of remote user profiles
...
this seems to require some more work to properly ignore
dead server errors without breaking the entire room join
Signed-off-by: strawberry <strawberry@puppygock.gay >
2024-01-14 20:55:56 -05:00
149d22eef7
make set avatar, displayname, and blurhash async and forgot another let _
...
Signed-off-by: strawberry <strawberry@puppygock.gay >
2024-01-14 20:55:56 -05:00
9ec1532580
ignore potential errors when updating user profiles
...
Signed-off-by: strawberry <strawberry@puppygock.gay >
2024-01-14 20:55:56 -05:00
0297cfe307
remove cached destination for a destination if request fails
...
this can help if users change their well-known or such and we don't want
to keep on hitting the old destination.
from https://gitlab.com/Aranjedeath/conduit/-/commit/11357d1f1af27b0cbd06ee2d8431bd965bc6d95e
Co-authored-by: Jacob Taylor <jacob@explodie.org >
Signed-off-by: strawberry <strawberry@puppygock.gay >
2024-01-14 20:55:56 -05:00
ad792f4565
oops dedup only works on consecutive elements
...
Signed-off-by: strawberry <strawberry@puppygock.gay >
2024-01-14 20:55:56 -05:00
52884abff6
don't validate or add signature if room is not v8 or above or not using restricted joins
...
should resolve https://github.com/matrix-org/matrix-spec/issues/1708 on
for conduwuit until spec clarifies.
Signed-off-by: strawberry <strawberry@puppygock.gay >
2024-01-14 20:55:56 -05:00
5c4b8ad7a3
replace panics on unknown room versions with errors
...
Signed-off-by: strawberry <strawberry@puppygock.gay >
2024-01-14 20:55:56 -05:00
edd74efbf2
dedup servers in get_alias_helper
...
Signed-off-by: strawberry <strawberry@puppygock.gay >
2024-01-14 20:55:56 -05:00
ae11e378d2
debug log well-known response body and text
...
Signed-off-by: strawberry <strawberry@puppygock.gay >
2024-01-14 20:55:56 -05:00
14a0d12002
declare support for Matrix 1.5 in our federation requests
...
Signed-off-by: strawberry <strawberry@puppygock.gay >
2024-01-14 20:55:56 -05:00
49b6f338fd
feat: suggest servers to join at /_matrix/client/v3/directory/room/{roomAlias}
...
Signed-off-by: strawberry <strawberry@puppygock.gay >
2024-01-14 20:55:56 -05:00
b28a2fad97
feat: keep track of remote profiles for user directory and local requests
...
Signed-off-by: strawberry <strawberry@puppygock.gay >
2024-01-14 20:55:56 -05:00
ef8dcdfe3c
declare explicit support for room filtering (MSC3827)
...
conduit has supported this for a while now and is a Matrix 1.4 feature
Signed-off-by: strawberry <strawberry@puppygock.gay >
2024-01-14 20:55:56 -05:00
20aa2cfca6
update device lists for user upon logout
...
Signed-off-by: strawberry <strawberry@puppygock.gay >
2024-01-14 20:55:56 -05:00
8586b15e1a
add support for serving client+server well-known and /client/server.json endpoints from conduwuit
...
the last endpoint is a non-standard health check endpoint used by at
least Element Web as a weird way to determine if syncv3 is available
there can also be some valid use-cases for serving well-knowns from the
application itself
Signed-off-by: strawberry <strawberry@puppygock.gay >
2024-01-07 22:26:27 -05:00
1308574db0
bump ruma to latest commit (syncv3 JsOption and push optional power levels)
...
Signed-off-by: strawberry <strawberry@puppygock.gay >
2024-01-07 22:26:27 -05:00
5422d0cedd
declare support for various missing matrix versions
...
this is another one of those things that upstream has neglected
Signed-off-by: strawberry <strawberry@puppygock.gay >
2024-01-07 22:26:27 -05:00
strawberry