Commit Graph
1433 Commits
Author SHA1 Message Date
strawberryandJune dac8b3db49 move these config checks to main.rs
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-02-11 21:56:55 -05:00
strawberryandJune 0ea8657070 default to Undefined if room avatar URL was not found despite checking if its Some
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-02-11 21:56:55 -05:00
strawberryandJune 244c1f7190 config option to check root domain with URL previews
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-02-11 21:56:55 -05:00
strawberryandJune 54ade97f96 add expect message when failing to send oneshot channel shutdown transaction
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-02-11 21:56:55 -05:00
strawberryandJune 48e4b71dd1 remove hardcoded 300kb limit on spider size with config option of 1MB default
modern websites are sadly massive, 300kb is pretty low. 1MB should be enough.

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-02-11 21:56:55 -05:00
strawberryandJune 2ea895199a dont drop true error with url str parse, fix url contains logic order, clarify config comment
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-02-11 21:56:55 -05:00
strawberryandJune 7786553cda doc+check if user does not have local presence enabled if using outgoing presence
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-02-11 21:56:55 -05:00
strawberryandJune d069379d77 (please) dont drop true error in presence timer creation failures
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-02-11 21:56:55 -05:00
strawberryandJune 8e6d52e7dd dont follow more than 2 redirects for URL previews for security reasons
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-02-11 21:56:55 -05:00
strawberryandJune fb2eba722d fix media tests for URL previews
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-02-11 21:56:55 -05:00
c0dd5b1cc2 feat: URL preview support
from upstream MR https://gitlab.com/famedly/conduit/-/merge_requests/347
with the following changes (so far):
- remove hardcoded list of allowed hosts (strongly disagree with this,
even if it is desired, it should not be harcoded)
- add more allow config options for granularity via URL contains,
host contains, and domain is (explicit match) for security
- warn if a user is allowing all URLs to be previewed for security reasons
- replace an expect with proper error handling
- bump webpage to 2.0
- improved code style a tad

Co-authored-by: rooot <hey@rooot.gay>
Signed-off-by: rooot <hey@rooot.gay>
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-02-11 21:56:55 -05:00
strawberryandJune 6f26be1c6e eat less /ban endpoint fields, fix ban reason not consistently applied
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-02-11 21:56:55 -05:00
strawberryandJune 3ff5bc5298 ask systemd for more time when shutting down if needed, raise axum shutdown timeout to 3 mins
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-02-11 21:56:55 -05:00
strawberryandJune 0b171a2b9c bump default max_concurrent_requests to 500, update config comment
also raise 1024 bytes to 4096 bytes in minimum max_request_size check

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-02-11 21:56:55 -05:00
strawberryandJune b8ab4754a5 slight wording addition
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-02-11 21:56:55 -05:00
strawberryandJune 7ddf08e8b7 filter out "config" as it's an expected config option
this seems to exist when using `CONDUIT_CONFIG`
environment variable, this is expected.

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-02-11 21:56:55 -05:00
strawberryandJune 6996d63a02 warn if a catchall config option (unknown config option) exists
a longer way of saying: warn if a config key is unknown

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-02-11 21:56:55 -05:00
strawberryandJune d4d8c6eb21 check if custom room ID is apart of forbidden room alias
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-02-11 21:56:55 -05:00
Matthias AhouansouandJune fc93b29abe feat: forbid certain usernames & room aliases
squashed from https://gitlab.com/famedly/conduit/-/merge_requests/582

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-02-11 21:56:55 -05:00
Matthias AhouansouandJune 784d307425 revamp appservice registration to ruma's Registration type
squashed from https://gitlab.com/famedly/conduit/-/merge_requests/583

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-02-11 21:56:55 -05:00
strawberryandJune 1f7ac6d112 update valid_until_ts comment
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-02-11 21:56:55 -05:00
Charles HallandJune 621c85fd3b run cargo update
`IndexMap::remove` was deprecated in favor of explicitly named methods.
I assume that we actually needed to be using `shift_remove`, otherwise
we probably wouldn't be bothering with `indexmap` here in the first
place. I wonder if this fixes any bugs lol

from: https://gitlab.com/famedly/conduit/-/merge_requests/580

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 16:20:26 -05:00
strawberryandJune 24605e151d make allow_federation default to true
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-27 16:47:33 -05:00
4ac568769b improvement: registration token now only works when registration is enabled
Co-authored-by: Timo Kösters <timo@koesters.xyz>
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberryandJune 0e8267656f fix room ID messages, remove comments
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberryandJune 08a183e8c7 assume well-known is None if text length exceeds 10000 chars
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
ec7aeb1096 move resolver logic into the resolver
Honestly not sure why it wasn't done like this before. This code is much
less awkward to follow and more compartmentalized.

These changes were mainly motivated by a clippy lint triggering on the
original code, which then made me wonder if I could get rid of some of
the `Box`ing. Turns out I could, and this is the result of that.

Co-authored-by: strawberry <strawberry@puppygock.gay>
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberryandJune 1536f08d81 use both is_ip_literal and IPAddress is_valid checks
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberryandJune 9858b33b37 just remove double quotes if found instead
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberryandJune e0419d9c5d custom room ID checks, dont use format! macro due to quotes being added
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberryandJune 7eff572e77 check if room ID already exists instead of erroring on auth check
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberryandJune 8754f0e2a5 additional character check on room alias
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberryandJune 89d9cdeb3a IP range denylist logging, and fix logic error
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberryandJune 382347353e add custom room ID support using room_id field
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberryandJune 2980af6490 move room creation config check higher up
dont bother wasting resources if we know we
arent even allowed to make the room to begin with

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberryandJune ead9a58dce dont crash failing to deserialise room creation content
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberryandJune 3453dcc344 add error checking to room aliases
length, colon, and spaces. also dont crash.

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberryandJune b51d148899 remove random space
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberryandJune 6c1358d0c8 send home_server on login response again
a 6+ year old deprecated field that isnt even spelled
right, and no clients use it must still be sent
according to spec

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberryandJune fa0c083555 don't send requests to specified list of IP CIDRs
this can most definitely be improved but this is a decent attempt.
the only annoying this is i couldn't just use a Vec<IPAddress> which
would have significantly simplified all of this, but serde can't
deserialise it on the config side i guess.

i may find a better way to do this in the future, but this should cover
most areas anyways.

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberryandJune 71d247232d oops forgot that endpoint too
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberryandJune 6c75087863 eat less of client parameters for media requests
still cantt respect allow_redirect yet

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberryandJune ab6cb4ad2d switch back to expect for sender_user
as far as i can tell, it will return a normal
error in the auth token handling code so this is fine.
we also shouldnt assume all errors from this are
access_token related.

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberryandJune 02bc818633 match explicit URI to see if we should authenticate the user
first attempt at forcing an endpoint to be authenticated

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberryandJune 9d0c85ab17 use ruma JsOption, bump figment
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberryandJune 4e8823dedb add warning about outgoing presence PDU/EDU relationship
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberryandJune 11bc725268 return joined member count of room for pushrules instead of hardcoded 10
im not sure what the TODO is trying to say here,
but since it's many years old and conduwuit is
fast, i dont see an issue with this.

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberryandJune b50c47e1c2 silence loud tower_http errors (move to info)
these are benign errors that are from things like
conduwuit fetching remote media from dead servers

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberryandJune 34bac4d1d9 support sending well_known client response in /login using well_known_client
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberryandJune cf62cb0d0a send avatar_url on invite member events like synapse
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00