fix: Allow cargo_common_metadata clippy lint

CHANGELOG.md

@@ -1,28 +1,3 @@
-# Continuwuity 0.5.2 (2026-01-09)
-
-## Features
-
-- Added support for issuing additional registration tokens, stored in the database, which supplement the existing registration token hardcoded in the config file. These tokens may optionally expire after a certain number of uses or after a certain amount of time has passed. Additionally, the `registration_token_file` configuration option is superseded by this feature and **has been removed**. Use the new `!admin token` command family to manage registration tokens. Contributed by @ginger (#783).
-- Implemented a configuration defined admin list independent of the admin room. Contributed by @Terryiscool160. (#1253)
-- Added support for invite and join anti-spam via Draupnir and Meowlnir, similar to that of synapse-http-antispam. Contributed by @nex. (#1263)
-- Implemented account locking functionality, to complement user suspension. Contributed by @nex. (#1266)
-- Added admin command to forcefully log out all of a user's existing sessions. Contributed by @nex. (#1271)
-- Implemented toggling the ability for an account to log in without mutating any of its data. Contributed by @nex. (#1272)
-- Add support for custom room create event timestamps, to allow generating custom prefixes in hashed room IDs. Contributed by @nex. (#1277)
-- Certain potentially dangerous admin commands are now restricted to only be usable in the admin room and server console. Contributed by @ginger.
-
-## Bugfixes
-
-- Fixed unreliable room summary fetching and improved error messages. Contributed by @nex. (#1257)
-- Client requested timeout parameter is now applied to e2ee key lookups and claims. Related federation requests are now also concurrent. Contributed by @nex. (#1261)
-- Fixed the whoami endpoint returning HTTP 404 instead of HTTP 403, which confused some appservices. Contributed by @nex. (#1276)
-
-## Misc
-
-- The `console` feature is now enabled by default, allowing the server console to be used for running admin commands directly. To automatically open the console on startup, set the `admin_console_automatic` config option to `true`. Contributed by @ginger.
-- We now (finally) document our container image mirrors. Contributed by @Jade
-
-
 # Continuwuity 0.5.0 (2025-12-30)
 
 **This release contains a CRITICAL vulnerability patch, and you must update as soon as possible**

Cargo.lock

@@ -940,7 +940,7 @@ dependencies = [
 
 [[package]]
 name = "conduwuit"
-version = "0.5.2"
+version = "0.5.1"
 dependencies = [
  "clap",
  "conduwuit_admin",
@@ -972,7 +972,7 @@ dependencies = [
 
 [[package]]
 name = "conduwuit_admin"
-version = "0.5.2"
+version = "0.5.1"
 dependencies = [
  "clap",
  "conduwuit_api",
@@ -994,7 +994,7 @@ dependencies = [
 
 [[package]]
 name = "conduwuit_api"
-version = "0.5.2"
+version = "0.5.1"
 dependencies = [
  "async-trait",
  "axum 0.7.9",
@@ -1027,14 +1027,14 @@ dependencies = [
 
 [[package]]
 name = "conduwuit_build_metadata"
-version = "0.5.2"
+version = "0.5.1"
 dependencies = [
  "built",
 ]
 
 [[package]]
 name = "conduwuit_core"
-version = "0.5.2"
+version = "0.5.1"
 dependencies = [
  "argon2",
  "arrayvec",
@@ -1095,7 +1095,7 @@ dependencies = [
 
 [[package]]
 name = "conduwuit_database"
-version = "0.5.2"
+version = "0.5.1"
 dependencies = [
  "async-channel",
  "conduwuit_core",
@@ -1114,7 +1114,7 @@ dependencies = [
 
 [[package]]
 name = "conduwuit_macros"
-version = "0.5.2"
+version = "0.5.1"
 dependencies = [
  "itertools 0.14.0",
  "proc-macro2",
@@ -1124,7 +1124,7 @@ dependencies = [
 
 [[package]]
 name = "conduwuit_router"
-version = "0.5.2"
+version = "0.5.1"
 dependencies = [
  "axum 0.7.9",
  "axum-client-ip",
@@ -1159,7 +1159,7 @@ dependencies = [
 
 [[package]]
 name = "conduwuit_service"
-version = "0.5.2"
+version = "0.5.1"
 dependencies = [
  "async-trait",
  "base64 0.22.1",
@@ -1200,7 +1200,7 @@ dependencies = [
 
 [[package]]
 name = "conduwuit_web"
-version = "0.5.2"
+version = "0.5.1"
 dependencies = [
  "askama",
  "axum 0.7.9",
@@ -1635,7 +1635,7 @@ dependencies = [
 [[package]]
 name = "draupnir-antispam"
 version = "0.1.0"
-source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=f9e74cb206cfa45cf5f17d39282253b43a15fcd5#f9e74cb206cfa45cf5f17d39282253b43a15fcd5"
+source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=79abd5d331bca596b7f37e367a9f2cebccd9f64d#79abd5d331bca596b7f37e367a9f2cebccd9f64d"
 dependencies = [
  "ruma-common",
  "serde",
@@ -2995,7 +2995,7 @@ checksum = "f52b00d39961fc5b2736ea853c9cc86238e165017a493d1d5c8eac6bdc4cc273"
 [[package]]
 name = "meowlnir-antispam"
 version = "0.1.0"
-source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=f9e74cb206cfa45cf5f17d39282253b43a15fcd5#f9e74cb206cfa45cf5f17d39282253b43a15fcd5"
+source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=79abd5d331bca596b7f37e367a9f2cebccd9f64d#79abd5d331bca596b7f37e367a9f2cebccd9f64d"
 dependencies = [
  "ruma-common",
  "serde",
@@ -4085,7 +4085,7 @@ checksum = "88f8660c1ff60292143c98d08fc6e2f654d722db50410e3f3797d40baaf9d8f3"
 [[package]]
 name = "ruma"
 version = "0.10.1"
-source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=f9e74cb206cfa45cf5f17d39282253b43a15fcd5#f9e74cb206cfa45cf5f17d39282253b43a15fcd5"
+source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=79abd5d331bca596b7f37e367a9f2cebccd9f64d#79abd5d331bca596b7f37e367a9f2cebccd9f64d"
 dependencies = [
  "assign",
  "draupnir-antispam",
@@ -4107,7 +4107,7 @@ dependencies = [
 [[package]]
 name = "ruma-appservice-api"
 version = "0.10.0"
-source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=f9e74cb206cfa45cf5f17d39282253b43a15fcd5#f9e74cb206cfa45cf5f17d39282253b43a15fcd5"
+source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=79abd5d331bca596b7f37e367a9f2cebccd9f64d#79abd5d331bca596b7f37e367a9f2cebccd9f64d"
 dependencies = [
  "js_int",
  "ruma-common",
@@ -4119,7 +4119,7 @@ dependencies = [
 [[package]]
 name = "ruma-client-api"
 version = "0.18.0"
-source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=f9e74cb206cfa45cf5f17d39282253b43a15fcd5#f9e74cb206cfa45cf5f17d39282253b43a15fcd5"
+source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=79abd5d331bca596b7f37e367a9f2cebccd9f64d#79abd5d331bca596b7f37e367a9f2cebccd9f64d"
 dependencies = [
  "as_variant",
  "assign",
@@ -4142,7 +4142,7 @@ dependencies = [
 [[package]]
 name = "ruma-common"
 version = "0.13.0"
-source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=f9e74cb206cfa45cf5f17d39282253b43a15fcd5#f9e74cb206cfa45cf5f17d39282253b43a15fcd5"
+source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=79abd5d331bca596b7f37e367a9f2cebccd9f64d#79abd5d331bca596b7f37e367a9f2cebccd9f64d"
 dependencies = [
  "as_variant",
  "base64 0.22.1",
@@ -4174,7 +4174,7 @@ dependencies = [
 [[package]]
 name = "ruma-events"
 version = "0.28.1"
-source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=f9e74cb206cfa45cf5f17d39282253b43a15fcd5#f9e74cb206cfa45cf5f17d39282253b43a15fcd5"
+source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=79abd5d331bca596b7f37e367a9f2cebccd9f64d#79abd5d331bca596b7f37e367a9f2cebccd9f64d"
 dependencies = [
  "as_variant",
  "indexmap",
@@ -4199,7 +4199,7 @@ dependencies = [
 [[package]]
 name = "ruma-federation-api"
 version = "0.9.0"
-source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=f9e74cb206cfa45cf5f17d39282253b43a15fcd5#f9e74cb206cfa45cf5f17d39282253b43a15fcd5"
+source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=79abd5d331bca596b7f37e367a9f2cebccd9f64d#79abd5d331bca596b7f37e367a9f2cebccd9f64d"
 dependencies = [
  "bytes",
  "headers",
@@ -4221,7 +4221,7 @@ dependencies = [
 [[package]]
 name = "ruma-identifiers-validation"
 version = "0.9.5"
-source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=f9e74cb206cfa45cf5f17d39282253b43a15fcd5#f9e74cb206cfa45cf5f17d39282253b43a15fcd5"
+source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=79abd5d331bca596b7f37e367a9f2cebccd9f64d#79abd5d331bca596b7f37e367a9f2cebccd9f64d"
 dependencies = [
  "js_int",
  "thiserror 2.0.17",
@@ -4230,7 +4230,7 @@ dependencies = [
 [[package]]
 name = "ruma-identity-service-api"
 version = "0.9.0"
-source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=f9e74cb206cfa45cf5f17d39282253b43a15fcd5#f9e74cb206cfa45cf5f17d39282253b43a15fcd5"
+source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=79abd5d331bca596b7f37e367a9f2cebccd9f64d#79abd5d331bca596b7f37e367a9f2cebccd9f64d"
 dependencies = [
  "js_int",
  "ruma-common",
@@ -4240,7 +4240,7 @@ dependencies = [
 [[package]]
 name = "ruma-macros"
 version = "0.13.0"
-source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=f9e74cb206cfa45cf5f17d39282253b43a15fcd5#f9e74cb206cfa45cf5f17d39282253b43a15fcd5"
+source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=79abd5d331bca596b7f37e367a9f2cebccd9f64d#79abd5d331bca596b7f37e367a9f2cebccd9f64d"
 dependencies = [
  "cfg-if",
  "proc-macro-crate",
@@ -4255,7 +4255,7 @@ dependencies = [
 [[package]]
 name = "ruma-push-gateway-api"
 version = "0.9.0"
-source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=f9e74cb206cfa45cf5f17d39282253b43a15fcd5#f9e74cb206cfa45cf5f17d39282253b43a15fcd5"
+source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=79abd5d331bca596b7f37e367a9f2cebccd9f64d#79abd5d331bca596b7f37e367a9f2cebccd9f64d"
 dependencies = [
  "js_int",
  "ruma-common",
@@ -4267,7 +4267,7 @@ dependencies = [
 [[package]]
 name = "ruma-signatures"
 version = "0.15.0"
-source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=f9e74cb206cfa45cf5f17d39282253b43a15fcd5#f9e74cb206cfa45cf5f17d39282253b43a15fcd5"
+source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=79abd5d331bca596b7f37e367a9f2cebccd9f64d#79abd5d331bca596b7f37e367a9f2cebccd9f64d"
 dependencies = [
  "base64 0.22.1",
  "ed25519-dalek",
@@ -6228,7 +6228,7 @@ dependencies = [
 
 [[package]]
 name = "xtask"
-version = "0.5.2"
+version = "0.5.1"
 dependencies = [
  "clap",
  "serde",
@@ -6237,7 +6237,7 @@ dependencies = [
 
 [[package]]
 name = "xtask-generate-commands"
-version = "0.5.2"
+version = "0.5.1"
 dependencies = [
  "clap-markdown",
  "clap_builder",

Cargo.toml

@@ -12,7 +12,7 @@ license = "Apache-2.0"
 # See also `rust-toolchain.toml`
 readme = "README.md"
 repository = "https://forgejo.ellis.link/continuwuation/continuwuity"
-version = "0.5.2"
+version = "0.5.1"
 
 [workspace.metadata.crane]
 name = "conduwuit"
@@ -342,7 +342,7 @@ version = "0.1.2"
 # Used for matrix spec type definitions and helpers
 [workspace.dependencies.ruma]
 git = "https://forgejo.ellis.link/continuwuation/ruwuma"
-rev = "f9e74cb206cfa45cf5f17d39282253b43a15fcd5"
+rev = "79abd5d331bca596b7f37e367a9f2cebccd9f64d"
 features = [
     "compat",
     "rand",
@@ -840,7 +840,7 @@ unknown_lints = "allow"
 ###################
 cargo = { level = "warn", priority = -1 }
 # Nobody except for us should be consuming these crates, they don't need metadata
-cargo_common_metadata = { level = "allow" }
+cargo_common_metadata = { level = "allow"}
 
 ## some sadness
 multiple_crate_versions = { level = "allow", priority = 1 }

changelog.d/+6de5f7b2.misc.md

@@ -0,0 +1 @@
+The `console` feature is now enabled by default, allowing the server console to be used for running admin commands directly.

changelog.d/+f4a756d9.feature.md

@@ -0,0 +1 @@
+Certain potentially dangerous admin commands are now restricted to only be usable in the admin room and server console.

changelog.d/1253.feature

@@ -0,0 +1 @@
+Implemented a configuration defined admin list independent of the admin room. (@Terryiscool160).

changelog.d/1257.bugfix

@@ -0,0 +1 @@
+Fixed unreliable room summary fetching and improved error messages. Contributed by @nex.

changelog.d/1261.bugfix

@@ -0,0 +1,2 @@
+Client requested timeout parameter is now applied to e2ee key lookups and claims. Related federation requests are now
+also concurrent. Contributed by @nex.

changelog.d/1263.feature

@@ -0,0 +1,2 @@
+Added support for invite and join anti-spam via Draupnir and Meowlnir, similar to that of synapse-http-antispam.
+Contributed by @nex.

changelog.d/1266.feature

@@ -0,0 +1 @@
+Implemented account locking functionality, to complement user suspension. Contributed by @nex.

changelog.d/1271.feature

@@ -0,0 +1 @@
+Added admin command to forcefully log out all of a user's existing sessions. Contributed by @nex.

changelog.d/1272.feature

@@ -0,0 +1 @@
+Implemented toggling the ability for an account to log in without mutating any of its data. Contributed by @nex.

changelog.d/1278.misc.md

@@ -1 +0,0 @@
-Improve timeout-related code for federation and URL previews. Contributed by @Jade

changelog.d/1279.feature.md

@@ -1 +0,0 @@
-Improve the display of nested configuration with the `!admin server show-config` command. Contributed by @Jade

changelog.d/783.feature.md

@@ -0,0 +1 @@
+Added support for issuing additional registration tokens, stored in the database, which supplement the existing registration token hardcoded in the config file. These tokens may optionally expire after a certain number of uses or after a certain amount of time has passed. Additionally, the `registration_token_file` configuration option is superseded by this feature and **has been removed**.

conduwuit-example.toml

@@ -340,9 +340,7 @@
 # this to be high to account for extremely large room joins, slow
 # homeservers, your own resources etc.
 #
-# Joins have 6x the timeout.
-#
-#federation_timeout = 60
+#federation_timeout = 300
 
 # MSC4284 Policy server request timeout (seconds). Generally policy
 # servers should respond near instantly, however may slow down under
@@ -391,15 +389,7 @@
 #
 #appservice_idle_timeout = 300
 
-# Notification gateway pusher request connection timeout (seconds).
-#
-#pusher_conn_timeout = 15
-
-# Notification gateway pusher total request timeout (seconds).
-#
-#pusher_timeout = 60
-
-# Notification gateway pusher idle connection pool timeout (seconds).
+# Notification gateway pusher idle connection pool timeout.
 #
 #pusher_idle_timeout = 15
 
@@ -1456,11 +1446,6 @@
 #
 #url_preview_max_spider_size = 256000
 
-# Total request timeout for URL previews (seconds). This includes
-# connection, request, and response body reading time.
-#
-#url_preview_timeout = 120
-
 # Option to decide whether you would like to run the domain allowlist
 # checks (contains and explicit) on the root domain or not. Does not apply
 # to URL contains allowlist. Defaults to false.
@@ -1759,6 +1744,10 @@
 #
 #config_reload_signal = true
 
+# This item is undocumented. Please contribute documentation for it.
+#
+#ldap = false
+
 [global.tls]
 
 # Path to a valid TLS certificate file.
@@ -1926,8 +1915,6 @@
 #
 #admin_filter = ""
 
-[global.antispam]
-
 [global.antispam.meowlnir]
 
 # The base URL on which to contact Meowlnir (before /_meowlnir/antispam).

docs/deploying/docker.mdx

@@ -13,8 +13,8 @@ ### Use a registry
 | --------------- | --------------------------------------------------------------- | -----------------------|
 | Forgejo Registry| [forgejo.ellis.link/continuwuation/continuwuity:latest](https://forgejo.ellis.link/continuwuation/-/packages/container/continuwuity/latest)     | Latest tagged image.   |
 | Forgejo Registry| [forgejo.ellis.link/continuwuation/continuwuity:main](https://forgejo.ellis.link/continuwuation/-/packages/container/continuwuity/main)       | Main branch image.     |
-| Forgejo Registry| [forgejo.ellis.link/continuwuation/continuwuity:latest-maxperf](https://forgejo.ellis.link/continuwuation/-/packages/container/continuwuity/latest-maxperf) | [Performance optimised version.](./generic.mdx#performance-optimised-builds) |
-| Forgejo Registry| [forgejo.ellis.link/continuwuation/continuwuity:main-maxperf](https://forgejo.ellis.link/continuwuation/-/packages/container/continuwuity/main-maxperf)   | [Performance optimised version.](./generic.mdx#performance-optimised-builds) |
+| Forgejo Registry| [forgejo.ellis.link/continuwuation/continuwuity:latest-maxperf](https://forgejo.ellis.link/continuwuation/-/packages/container/continuwuity/latest-maxperf) | Performance optimised version. |
+| Forgejo Registry| [forgejo.ellis.link/continuwuation/continuwuity:main-maxperf](https://forgejo.ellis.link/continuwuation/-/packages/container/continuwuity/main-maxperf)   | Performance optimised version. |
 
 Use
 

release.toml

@@ -1,8 +1 @@
 tag-message = "chore: Release v{{version}}"
-tag-prefix = ""
-shared-version = true
-
-publish = false
-
-sign-commit = true
-sign-tag = true

src/api/client/account.rs

@@ -724,7 +724,7 @@ pub(crate) async fn change_password_route(
 	Ok(change_password::v3::Response {})
 }
 
-/// # `GET /_matrix/client/v3/account/whoami`
+/// # `GET _matrix/client/r0/account/whoami`
 ///
 /// Get `user_id` of the sender user.
 ///
@@ -733,17 +733,11 @@ pub(crate) async fn whoami_route(
 	State(services): State<crate::State>,
 	body: Ruma<whoami::v3::Request>,
 ) -> Result<whoami::v3::Response> {
-	let is_guest = services
-		.users
-		.is_deactivated(body.sender_user())
-		.await
-		.map_err(|_| {
-			err!(Request(Forbidden("Application service has not registered this user.")))
-		})? && body.appservice_info.is_none();
 	Ok(whoami::v3::Response {
 		user_id: body.sender_user().to_owned(),
 		device_id: body.sender_device.clone(),
-		is_guest,
+		is_guest: services.users.is_deactivated(body.sender_user()).await?
+			&& body.appservice_info.is_none(),
 	})
 }
 

src/api/client/membership/invite.rs

@@ -7,7 +7,7 @@
 };
 use futures::FutureExt;
 use ruma::{
-	RoomId, UserId,
+	OwnedServerName, RoomId, UserId,
 	api::{client::membership::invite_user, federation::membership::create_invite},
 	events::{
 		invite_permission_config::FilterLevel,
@@ -203,10 +203,19 @@ pub(crate) async fn invite_helper(
 			))));
 		}
 
+		let origin: OwnedServerName = serde_json::from_value(serde_json::to_value(
+			value
+				.get("origin")
+				.ok_or_else(|| err!(Request(BadJson("Event missing origin field."))))?,
+		)?)
+		.map_err(|e| {
+			err!(Request(BadJson(warn!("Origin field in event is not a valid server name: {e}"))))
+		})?;
+
 		let pdu_id = services
 			.rooms
 			.event_handler
-			.handle_incoming_pdu(recipient_user.server_name(), room_id, &event_id, value, true)
+			.handle_incoming_pdu(&origin, room_id, &event_id, value, true)
 			.boxed()
 			.await?
 			.ok_or_else(|| {

src/api/client/room/create.rs

@@ -238,7 +238,6 @@ pub(crate) async fn create_room_route(
 				event_type: TimelineEventType::RoomCreate,
 				content: to_raw_value(&create_content)?,
 				state_key: Some(StateKey::new()),
-				timestamp: body.origin_server_ts,
 				..Default::default()
 			},
 			sender_user,
@@ -257,14 +256,6 @@ pub(crate) async fn create_room_route(
 		},
 	};
 	drop(state_lock);
-	if let Some(expected_room_id) = body.room_id.as_ref() {
-		if expected_room_id.as_str() != room_id.as_str() {
-			return Err!(Request(InvalidParam(
-				"Custom room ID {expected_room_id} does not match the generated room ID \
-				 {room_id}.",
-			)));
-		}
-	}
 	debug!("Room created with ID {room_id}");
 	let state_lock = services.rooms.state.mutex.lock(&room_id).await;
 

src/core/config/mod.rs

@@ -53,7 +53,8 @@
 ### For more information, see:
 ### https://continuwuity.org/configuration.html
 "#,
-	ignore = "config_paths catchall"
+	ignore = "config_paths catchall well_known tls blurhashing \
+	allow_invalid_tls_certificates_yes_i_know_what_the_fuck_i_am_doing_with_this_and_i_know_this_is_insecure antispam"
 )]
 pub struct Config {
 	// Paths to config file(s). Not supposed to be set manually in the config file,
@@ -104,7 +105,7 @@ pub struct Config {
 	#[serde(default = "default_port")]
 	port: ListeningPort,
 
-	/// display: nested
+	// external structure; separate section
 	#[serde(default)]
 	pub tls: TlsConfig,
 
@@ -434,9 +435,7 @@ pub struct Config {
 	/// this to be high to account for extremely large room joins, slow
 	/// homeservers, your own resources etc.
 	///
-	/// Joins have 6x the timeout.
-	///
-	/// default: 60
+	/// default: 300
 	#[serde(default = "default_federation_timeout")]
 	pub federation_timeout: u64,
 
@@ -502,19 +501,7 @@ pub struct Config {
 	#[serde(default = "default_appservice_idle_timeout")]
 	pub appservice_idle_timeout: u64,
 
-	/// Notification gateway pusher request connection timeout (seconds).
-	///
-	/// default: 15
-	#[serde(default = "default_pusher_conn_timeout")]
-	pub pusher_conn_timeout: u64,
-
-	/// Notification gateway pusher total request timeout (seconds).
-	///
-	/// default: 60
-	#[serde(default = "default_pusher_timeout")]
-	pub pusher_timeout: u64,
-
-	/// Notification gateway pusher idle connection pool timeout (seconds).
+	/// Notification gateway pusher idle connection pool timeout.
 	///
 	/// default: 15
 	#[serde(default = "default_pusher_idle_timeout")]
@@ -723,7 +710,7 @@ pub struct Config {
 	#[serde(default = "default_default_room_version")]
 	pub default_room_version: RoomVersionId,
 
-	/// display: nested
+	// external structure; separate section
 	#[serde(default)]
 	pub well_known: WellKnownConfig,
 
@@ -1676,13 +1663,6 @@ pub struct Config {
 	#[serde(default = "default_url_preview_max_spider_size")]
 	pub url_preview_max_spider_size: usize,
 
-	/// Total request timeout for URL previews (seconds). This includes
-	/// connection, request, and response body reading time.
-	///
-	/// default: 120
-	#[serde(default = "default_url_preview_timeout")]
-	pub url_preview_timeout: u64,
-
 	/// Option to decide whether you would like to run the domain allowlist
 	/// checks (contains and explicit) on the root domain or not. Does not apply
 	/// to URL contains allowlist. Defaults to false.
@@ -2029,22 +2009,19 @@ pub struct Config {
 	/// etc. This is a hidden argument that should NOT be used in production as
 	/// it is highly insecure and I will personally yell at you if I catch you
 	/// using this.
-	///
-	/// display: hidden
 	#[serde(default)]
 	pub allow_invalid_tls_certificates_yes_i_know_what_the_fuck_i_am_doing_with_this_and_i_know_this_is_insecure:
 		bool,
 
-	/// display: nested
+	// external structure; separate section
 	#[serde(default)]
 	pub ldap: LdapConfig,
 
 	/// Configuration for antispam support
-	/// display: nested
 	#[serde(default)]
 	pub antispam: Option<Antispam>,
 
-	/// display: nested
+	// external structure; separate section
 	#[serde(default)]
 	pub blurhashing: BlurhashConfig,
 	#[serde(flatten)]
@@ -2261,11 +2238,8 @@ struct ListeningAddr {
 }
 
 #[derive(Clone, Debug, Deserialize)]
-#[config_example_generator(filename = "conduwuit-example.toml", section = "global.antispam")]
 pub struct Antispam {
-	/// display: nested
 	pub meowlnir: Option<MeowlnirConfig>,
-	/// display: nested
 	pub draupnir: Option<DraupnirConfig>,
 }
 
@@ -2481,7 +2455,7 @@ fn default_well_known_timeout() -> u64 { 10 }
 
 fn default_federation_conn_timeout() -> u64 { 10 }
 
-fn default_federation_timeout() -> u64 { 60 }
+fn default_federation_timeout() -> u64 { 25 }
 
 fn default_policy_server_request_timeout() -> u64 { 10 }
 
@@ -2499,10 +2473,6 @@ fn default_appservice_timeout() -> u64 { 35 }
 
 fn default_appservice_idle_timeout() -> u64 { 300 }
 
-fn default_pusher_conn_timeout() -> u64 { 15 }
-
-fn default_pusher_timeout() -> u64 { 60 }
-
 fn default_pusher_idle_timeout() -> u64 { 15 }
 
 fn default_max_fetch_prev_events() -> u16 { 192_u16 }
@@ -2630,8 +2600,6 @@ fn default_url_preview_max_spider_size() -> usize {
 	256_000 // 256KB
 }
 
-fn default_url_preview_timeout() -> u64 { 120 }
-
 fn default_new_user_displayname_suffix() -> String { "🏳️‍⚧️".to_owned() }
 
 fn default_sentry_endpoint() -> Option<Url> { None }

src/macros/config.rs

@@ -78,8 +78,6 @@ fn generate_example(input: &ItemStruct, args: &[Meta], write: bool) -> Result<To
 	}
 
 	let mut summary: Vec<TokenStream2> = Vec::new();
-	let mut nested_displays: Vec<TokenStream2> = Vec::new();
-
 	if let Fields::Named(FieldsNamed { named, .. }) = &input.fields {
 		for field in named {
 			let Some(ident) = &field.ident else {
@@ -94,6 +92,35 @@ fn generate_example(input: &ItemStruct, args: &[Meta], write: bool) -> Result<To
 				continue;
 			};
 
+			let doc = get_doc_comment(field)
+				.unwrap_or_else(|| undocumented.into())
+				.trim_end()
+				.to_owned();
+
+			let doc = if doc.ends_with('#') {
+				format!("{doc}\n")
+			} else {
+				format!("{doc}\n#\n")
+			};
+
+			let default = get_doc_comment_line(field, "default")
+				.or_else(|| get_default(field))
+				.unwrap_or_default();
+
+			let default = if !default.is_empty() {
+				format!(" {default}")
+			} else {
+				default
+			};
+
+			if let Some(file) = file.as_mut() {
+				file.write_fmt(format_args!("\n{doc}"))
+					.expect("written to config file");
+
+				file.write_fmt(format_args!("#{ident} ={default}\n"))
+					.expect("written to config file");
+			}
+
 			let display = get_doc_comment_line(field, "display");
 			let display_directive = |key| {
 				display
@@ -102,77 +129,17 @@ fn generate_example(input: &ItemStruct, args: &[Meta], write: bool) -> Result<To
 					.flat_map(|display| display.split(' '))
 					.any(|directive| directive == key)
 			};
-			let is_nested = display_directive("nested");
-			let is_hidden = display_directive("hidden");
 
-			// Only generate config file entries for non-nested, visible types
-			if !is_nested && !is_hidden {
-				let doc = get_doc_comment(field)
-					.unwrap_or_else(|| undocumented.into())
-					.trim_end()
-					.to_owned();
-
-				let doc = if doc.ends_with('#') {
-					format!("{doc}\n")
+			if !display_directive("hidden") {
+				let value = if display_directive("sensitive") {
+					quote! { "***********" }
 				} else {
-					format!("{doc}\n#\n")
+					quote! { format_args!("{:?}", self.#ident) }
 				};
 
-				let default = get_doc_comment_line(field, "default")
-					.or_else(|| get_default(field))
-					.unwrap_or_default();
-
-				let default = if !default.is_empty() {
-					format!(" {default}")
-				} else {
-					default
-				};
-
-				if let Some(file) = file.as_mut() {
-					file.write_fmt(format_args!("\n{doc}"))
-						.expect("written to config file");
-
-					file.write_fmt(format_args!("#{ident} ={default}\n"))
-						.expect("written to config file");
-				}
-			}
-
-			// Generate Display implementation for all fields
-			let name = ident.to_string();
-
-			if display_directive("sensitive") {
+				let name = ident.to_string();
 				summary.push(quote! {
-					writeln!(out, "| {} | {} |", #name, "***********")?;
-				});
-			} else if is_nested {
-				let is_option = matches!(type_name.as_str(), "Option");
-				if is_option {
-					summary.push(quote! {
-						writeln!(out, "| {} | {} |", #name,
-							if self.#ident.is_some() { "[configured]" } else { "None" })?;
-					});
-
-					nested_displays.push(quote! {
-						if let Some(nested) = &self.#ident {
-							writeln!(out)?;
-							writeln!(out, "## {}", #name)?;
-							write!(out, "{}", nested)?;
-						}
-					});
-				} else {
-					summary.push(quote! {
-						writeln!(out, "| {} | [configured] |", #name)?;
-					});
-
-					nested_displays.push(quote! {
-						writeln!(out)?;
-						writeln!(out, "## {}", #name)?;
-						write!(out, "{}", &self.#ident)?;
-					});
-				}
-			} else {
-				summary.push(quote! {
-					writeln!(out, "| {} | {:?} |", #name, self.#ident)?;
+					writeln!(out, "| {} | {} |", #name, #value)?;
 				});
 			}
 		}
@@ -192,7 +159,6 @@ fn fmt(&self, out: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
 				writeln!(out, "| name | value |")?;
 				writeln!(out, "| :--- | :---  |")?;
 				#( #summary )*
-				#( #nested_displays )*
 				Ok(())
 			}
 		}

src/service/client/mod.rs

@@ -47,7 +47,6 @@ fn build(args: crate::Args<'_>) -> Result<Arc<Self>> {
 				})?
 				.local_address(url_preview_bind_addr)
 				.dns_resolver(resolver.resolver.clone())
-				.timeout(Duration::from_secs(config.url_preview_timeout))
 				.redirect(redirect::Policy::limited(3))
 				.build()?,
 
@@ -69,11 +68,6 @@ fn build(args: crate::Args<'_>) -> Result<Arc<Self>> {
 				.dns_resolver(resolver.resolver.hooked.clone())
 				.connect_timeout(Duration::from_secs(config.federation_conn_timeout))
 				.read_timeout(Duration::from_secs(config.federation_timeout))
-				.timeout(Duration::from_secs(
-					config
-						.federation_timeout
-						.saturating_add(config.federation_conn_timeout),
-				))
 				.pool_max_idle_per_host(config.federation_idle_per_host.into())
 				.pool_idle_timeout(Duration::from_secs(config.federation_idle_timeout))
 				.redirect(redirect::Policy::limited(3))
@@ -82,13 +76,7 @@ fn build(args: crate::Args<'_>) -> Result<Arc<Self>> {
 			synapse: base(config)?
 				.dns_resolver(resolver.resolver.hooked.clone())
 				.connect_timeout(Duration::from_secs(config.federation_conn_timeout))
-				.read_timeout(Duration::from_secs(config.federation_timeout.saturating_mul(6)))
-				.timeout(Duration::from_secs(
-					config
-						.federation_timeout
-						.saturating_mul(6)
-						.saturating_add(config.federation_conn_timeout),
-				))
+				.read_timeout(Duration::from_secs(305))
 				.pool_max_idle_per_host(0)
 				.redirect(redirect::Policy::limited(3))
 				.build()?,
@@ -115,8 +103,6 @@ fn build(args: crate::Args<'_>) -> Result<Arc<Self>> {
 
 			pusher: base(config)?
 				.dns_resolver(resolver.resolver.clone())
-				.connect_timeout(Duration::from_secs(config.pusher_conn_timeout))
-				.timeout(Duration::from_secs(config.pusher_timeout))
 				.pool_max_idle_per_host(1)
 				.pool_idle_timeout(Duration::from_secs(config.pusher_idle_timeout))
 				.redirect(redirect::Policy::limited(2))

src/service/federation/execute.rs

@@ -3,7 +3,7 @@
 use bytes::Bytes;
 use conduwuit::{
 	Err, Error, Result, debug, debug::INFO_SPAN_LEVEL, debug_error, debug_warn, err,
-	error::inspect_debug_log, implement, trace,
+	error::inspect_debug_log, implement, trace, utils::string::EMPTY,
 };
 use http::{HeaderValue, header::AUTHORIZATION};
 use ipaddress::IPAddress;
@@ -90,9 +90,7 @@ async fn perform<T>(
 
 	debug!(%method, %url, "Sending request");
 	match client.execute(request).await {
-		| Ok(response) =>
-			self.handle_response::<T>(dest, actual, &method, &url, response)
-				.await,
+		| Ok(response) => handle_response::<T>(dest, actual, &method, &url, response).await,
 		| Err(error) =>
 			Err(handle_error(actual, &method, &url, error).expect_err("always returns error")),
 	}
@@ -121,9 +119,7 @@ fn validate_url(&self, url: &Url) -> Result<()> {
 	Ok(())
 }
 
-#[implement(super::Service)]
 async fn handle_response<T>(
-	&self,
 	dest: &ServerName,
 	actual: &ActualDest,
 	method: &Method,
@@ -166,6 +162,7 @@ async fn into_http_response(
 			.expect("http::response::Builder is usable"),
 	);
 
+	// TODO: handle timeout
 	trace!("Waiting for response body...");
 	let body = response
 		.bytes()
@@ -289,13 +286,10 @@ fn into_http_request<T>(actual: &ActualDest, request: T) -> Result<http::Request
 	T: OutgoingRequest + Send,
 {
 	const VERSIONS: [MatrixVersion; 1] = [MatrixVersion::V1_11];
+	const SATIR: SendAccessToken<'_> = SendAccessToken::IfRequired(EMPTY);
 
 	let http_request = request
-		.try_into_http_request::<Vec<u8>>(
-			actual.string().as_str(),
-			SendAccessToken::None,
-			&VERSIONS,
-		)
+		.try_into_http_request::<Vec<u8>>(actual.string().as_str(), SATIR, &VERSIONS)
 		.map_err(|e| err!(BadServerResponse("Invalid destination: {e:?}")))?;
 
 	Ok(http_request)

src/service/pusher/mod.rs

@@ -198,7 +198,7 @@ pub async fn send_request<T>(&self, dest: &str, request: T) -> Result<T::Incomin
 		trace!("Push gateway destination: {dest}");
 
 		let http_request = request
-			.try_into_http_request::<BytesMut>(&dest, SendAccessToken::None, &VERSIONS)
+			.try_into_http_request::<BytesMut>(&dest, SendAccessToken::IfRequired(""), &VERSIONS)
 			.map_err(|e| {
 				err!(BadServerResponse(warn!(
 					"Failed to find destination {dest} for push gateway: {e}"
@@ -245,7 +245,7 @@ pub async fn send_request<T>(&self, dest: &str, request: T) -> Result<T::Incomin
 						.expect("http::response::Builder is usable"),
 				);
 
-				let body = response.bytes().await?;
+				let body = response.bytes().await?; // TODO: handle timeout
 
 				if !status.is_success() {
 					debug_warn!("Push gateway response body: {:?}", string_from_bytes(&body));
@@ -288,7 +288,7 @@ pub async fn send_push_notice<E>(
 		let mut notify = None;
 		let mut tweaks = Vec::new();
 		if event.room_id().is_none() {
-			// This only affects v12+ create events
+			// TODO(hydra): does this matter?
 			return Ok(());
 		}
 

src/service/rooms/event_handler/handle_incoming_pdu.rs

@@ -131,6 +131,10 @@ pub async fn handle_incoming_pdu<'a>(
 		.await?
 		.origin_server_ts();
 
+	if incoming_pdu.origin_server_ts() < first_ts_in_room {
+		return Ok(None);
+	}
+
 	// 9. Fetch any missing prev events doing all checks listed here starting at 1.
 	//    These are timeline events
 	let (sorted_prev_events, mut eventid_info) = self

src/service/rooms/timeline/create.rs

@@ -15,6 +15,7 @@
 use ruma::{
 	CanonicalJsonObject, CanonicalJsonValue, OwnedEventId, OwnedRoomId, RoomId, RoomVersionId,
 	UserId,
+	canonical_json::to_canonical_value,
 	events::{StateEventType, TimelineEventType, room::create::RoomCreateEventContent},
 	uint,
 };
@@ -209,7 +210,7 @@ fn from_evt(
 		} else {
 			Some(to_raw_value(&unsigned)?)
 		},
-		hashes: EventHash { sha256: String::new() },
+		hashes: EventHash { sha256: "aaa".to_owned() },
 		signatures: None,
 	};
 
@@ -268,6 +269,12 @@ fn from_evt(
 		},
 	}
 
+	pdu_json.insert(
+		"origin".to_owned(),
+		to_canonical_value(self.services.globals.server_name())
+			.expect("server name is a valid CanonicalJsonValue"),
+	);
+
 	trace!("hashing and signing event {}", pdu.event_id);
 	if let Err(e) = self
 		.services

src/service/sending/appservice.rs

@@ -1,7 +1,8 @@
 use std::{fmt::Debug, mem};
 
 use bytes::BytesMut;
-use conduwuit::{Err, Result, debug_error, err, implement, trace, utils, warn};
+use conduwuit::{Err, Result, debug_error, err, trace, utils, warn};
+use reqwest::Client;
 use ruma::api::{
 	IncomingResponse, MatrixVersion, OutgoingRequest, SendAccessToken, appservice::Registration,
 };
@@ -10,9 +11,8 @@
 ///
 /// Only returns Ok(None) if there is no url specified in the appservice
 /// registration file
-#[implement(super::Service)]
-pub async fn send_appservice_request<T>(
-	&self,
+pub(crate) async fn send_request<T>(
+	client: &Client,
 	registration: Registration,
 	request: T,
 ) -> Result<Option<T::IncomingResponse>>
@@ -35,7 +35,7 @@ pub async fn send_appservice_request<T>(
 	let mut http_request = request
 		.try_into_http_request::<BytesMut>(
 			&dest,
-			SendAccessToken::Appservice(hs_token),
+			SendAccessToken::IfRequired(hs_token),
 			&VERSIONS,
 		)
 		.map_err(|e| {
@@ -58,8 +58,6 @@ pub async fn send_appservice_request<T>(
 
 	let reqwest_request = reqwest::Request::try_from(http_request)?;
 
-	let client = &self.services.client.appservice;
-
 	let mut response = client.execute(reqwest_request).await.map_err(|e| {
 		warn!("Could not send request to appservice \"{}\" at {dest}: {e:?}", registration.id);
 		e
@@ -77,7 +75,7 @@ pub async fn send_appservice_request<T>(
 			.expect("http::response::Builder is usable"),
 	);
 
-	let body = response.bytes().await?;
+	let body = response.bytes().await?; // TODO: handle timeout
 
 	if !status.is_success() {
 		debug_error!("Appservice response bytes: {:?}", utils::string_from_bytes(&body));

src/service/sending/mod.rs

@@ -19,7 +19,10 @@
 	warn,
 };
 use futures::{FutureExt, Stream, StreamExt};
-use ruma::{RoomId, ServerName, UserId, api::OutgoingRequest};
+use ruma::{
+	RoomId, ServerName, UserId,
+	api::{OutgoingRequest, appservice::Registration},
+};
 use tokio::{task, task::JoinSet};
 
 use self::data::Data;
@@ -316,6 +319,22 @@ pub async fn send_synapse_request<T>(
 			.await
 	}
 
+	/// Sends a request to an appservice
+	///
+	/// Only returns None if there is no url specified in the appservice
+	/// registration file
+	pub async fn send_appservice_request<T>(
+		&self,
+		registration: Registration,
+		request: T,
+	) -> Result<Option<T::IncomingResponse>>
+	where
+		T: OutgoingRequest + Debug + Send,
+	{
+		let client = &self.services.client.appservice;
+		appservice::send_request(client, registration, request).await
+	}
+
 	/// Clean up queued sending event data
 	///
 	/// Used after we remove an appservice registration or a user deletes a push

src/service/sending/sender.rs

@@ -50,7 +50,9 @@
 };
 use serde_json::value::{RawValue as RawJsonValue, to_raw_value};
 
-use super::{Destination, EduBuf, EduVec, Msg, SendingEvent, Service, data::QueueItem};
+use super::{
+	Destination, EduBuf, EduVec, Msg, SendingEvent, Service, appservice, data::QueueItem,
+};
 
 #[derive(Debug)]
 enum TransactionStatus {
@@ -718,18 +720,18 @@ async fn send_events_dest_appservice(
 
 		//debug_assert!(pdu_jsons.len() + edu_jsons.len() > 0, "sending empty
 		// transaction");
-
-		match self
-			.send_appservice_request(
-				appservice,
-				ruma::api::appservice::event::push_events::v1::Request {
-					events: pdu_jsons,
-					txn_id: txn_id.into(),
-					ephemeral: edu_jsons,
-					to_device: Vec::new(), // TODO
-				},
-			)
-			.await
+		let client = &self.services.client.appservice;
+		match appservice::send_request(
+			client,
+			appservice,
+			ruma::api::appservice::event::push_events::v1::Request {
+				events: pdu_jsons,
+				txn_id: txn_id.into(),
+				ephemeral: edu_jsons,
+				to_device: Vec::new(), // TODO
+			},
+		)
+		.await
 		{
 			| Ok(_) => Ok(Destination::Appservice(id)),
 			| Err(e) => Err((Destination::Appservice(id), e)),