serv/conduit
1
0
Fork 0
mirror of https://gitlab.com/famedly/conduit.git synced 2025-03-19 18:12:27 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions
2356 commits 47 branches 8 tags 7.8 MiB
Commit graph

261 commits

Author SHA1 Message Date
Matthias Ahouansou
2f45a907f9
fix: don't ignore ACLs when there is no content 
despite this being very bad behavior, it is required by the spec
 2024-06-26 22:06:46 +01:00
Matthias Ahouansou
9014e43ce1
chore: bump rust to 1.79.0 and apply new lints 2024-06-21 08:29:33 +01:00
Matthias Ahouansou
fd19dda5cb
ci: use nightly rustfmt 
we were using this before, but it broke when refactoring the flake out into separate files
 2024-06-16 17:28:05 +01:00
Matthias Ahouansou
c453d45598
fix(keys): only use keys valid at the time of PDU or transaction, and actually refresh keys 
Previously, we only fetched keys once, only requesting them again if we have any missing, allowing for ancient keys to be used to sign PDUs and transactions
Now we refresh keys that either have or are about to expire, preventing attacks that make use of leaked private keys of a homeserver
We also ensure that when validating PDUs or transactions, that they are valid at the origin_server_ts or time of us receiving the transaction respectfully
As to not break event authorization for old rooms, we need to keep old keys around
We move verify_keys which we no longer see in direct requests to the origin to old_verify_keys
We keep old_verify_keys indefinitely as mentioned above, as to not break event authorization (at least until a future MSC addresses this)
 2024-06-12 19:41:43 +02:00
Matthias Ahouansou
144d548ef7
fix: permission checks for aliases 2024-06-12 19:41:31 +02:00
Benjamin Lee
7b259272ce
fix: do not return redacted events from search 2024-06-12 19:41:02 +02:00
Matthias Ahouansou
ba2a5a6115
chore: bump all dependencies 2024-06-11 20:35:56 +01:00
Matthias Ahouansou
b46000fadc
feat: recurse relationships 2024-06-03 13:42:52 +01:00
Matthias Ahouansou
19154a9f70
refactor: add server_user to globals 2024-05-31 21:56:11 +01:00
Matthias Ahouansou
6c2eb4c786
feat(admin): remove alias command 2024-05-29 17:49:51 +01:00
tony
6bcc2f80b8
add command to set the allow registration status 
Co-Authored-By: Matthias Ahouansou <matthias@ahouansou.cz>
 2024-05-29 09:25:08 +01:00
mikoto
a888c7cb16
OpenID routes 
Co-Authored-By: Matthias Ahouansou <matthias@ahouansou.cz>
 2024-05-28 15:39:19 +01:00
Matthias Ahouansou
8876d54d78
feat(admin): add hash-and-sign-event command 2024-05-05 17:35:02 +01:00
Matthias Ahouansou
256dae983b
chore: bump rust 
and fix new lints that come with it
 2024-05-05 13:27:56 +01:00
Matthias Ahouansou
9db1f5a13c
fix(admin): don't allow creation of remote users 2024-05-02 10:45:04 +01:00
Matthias Ahouansou
0074aca0ef Merge branch '244-support-well-known' into 'next' 
feat: add .well-known support

Closes #244 and #378

See merge request famedly/conduit!332
 2024-05-02 09:35:14 +00:00
Jakub Kubík
c1f695653b
feat: support hosting .well-known from Conduit 
Co-authored-by: Matthias Ahouansou <matthias@ahouansou.cz>
 2024-05-02 09:26:43 +01:00
Matthias Ahouansou
df0ad2d07c
fix(appservices): don't forward events relating to remote users, and forward events relating to remote aliases 2024-04-27 20:41:28 +01:00
Ossi Herrala
aff97e4032
Update image crate 2024-04-27 11:15:04 +03:00
Ossi Herrala
a56139549f
Trust-DNS has been renamed to Hickory-DNS 2024-04-27 11:14:59 +03:00
Timo Kösters
7c83372336 Merge branch 'exclusive-namespace-error' into 'next' 
feat(appservice): ensure users/aliases outside of namespaces are not accessed

See merge request famedly/conduit!634
 2024-04-24 21:39:20 +00:00
Matthias Ahouansou
3086271139
feat(appservice): ensure users/aliases outside of namespaces are not accessed 2024-04-24 19:51:28 +01:00
Matthias Ahouansou
e40aed3a7d
fix(state-accessor): hold the state_lock when checking if a user can invite 2024-04-24 19:17:00 +01:00
Matthias Ahouansou
1c4ae8d268
fix(redaction): use content.redacts when checking v11 events 2024-04-24 10:52:33 +01:00
Valentin Lorentz
89c1c2109c Link to the specification from user_can_redact's documentation 2024-04-24 08:29:47 +02:00
Matthias Ahouansou
00d6aeddb6
refactor(redactions): move checks inside conduit 
ruma was already accidentally performing these checks for us, but this shouldn't be the case
 2024-04-23 23:05:27 +01:00
Valentin Lorentz
2d8c551cd5 Fix doc 2024-04-17 19:41:38 +02:00
Valentin Lorentz
eb6801290b Document copy_redacts 2024-04-17 19:37:32 +02:00
Matthias Ahouansou
7a7c09785e feat(pdu): copy top level redact to content and vice versa 2024-04-17 19:34:36 +02:00
Matthias Ahouansou
92817213d5 Add missing import 2024-04-12 05:15:37 +00:00
Matthias Ahouansou
ab8592526f Replace panic!() with unreachable!() 2024-04-12 05:14:39 +00:00
Val Lorentz
b5e21f761b Merge branch 'next' into 'room-v11' 
# Conflicts:
#   src/service/rooms/timeline/mod.rs
#   src/utils/error.rs
 2024-04-11 17:34:42 +00:00
Matthias Ahouansou
e88d137bd7 Replace panic!() with unreachable!() 2024-04-11 17:19:42 +00:00
Timo Kösters
f16bff2466 Merge branch 'user_can_membership' into 'next' 
refactor(state_accessor): add method to check if a user can invite another user

See merge request famedly/conduit!621
 2024-04-06 14:27:20 +00:00
Timo Kösters
e8796d6bf9 Merge branch 'admin-check-remote-users' into 'next' 
fix: do not allow administration of remote users

Closes #377

See merge request famedly/conduit!614
 2024-04-06 13:21:29 +00:00
Matthias Ahouansou
fe78cc8262
refactor(state_accessor): add method to check if a user can invite another user 2024-04-06 14:20:18 +01:00
Matthias Ahouansou
110b7e10e6
fix: do not allow administration of remote users 2024-04-05 10:56:28 +01:00
Timo Kösters
6c3ce71304 Merge branch 'dont-expect-reqwest-http-request' into 'next' 
fix: do not expect that all http requests are valid reqwest requests

Closes #396

See merge request famedly/conduit!611
 2024-04-05 09:53:14 +00:00
Matthias Ahouansou
3ce3d13378
fix: do not expect that all http requests are valid reqwest requests 2024-03-31 22:20:36 +01:00
Matthias Ahouansou
11612e347d
fix: return error when trying to unregister unknown appservice id 2024-03-31 21:24:15 +01:00
Timo Kösters
9176474513 Merge branch 'ruma-registration-type' into 'next' 
fix: don't panic if registration url is empty

See merge request famedly/conduit!583
 2024-03-23 15:33:01 +00:00
Matthias Ahouansou
b20483aa13
refactor(appservices): avoid cloning frequently 2024-03-22 20:53:27 +00:00
Matthias Ahouansou
5c650bb67e
refactor: use BTreeMap for cached registration info 2024-03-22 17:52:47 +00:00
Timo Kösters
0bb28f60cf
refactor: minor appservice code cleanup 2024-03-22 08:59:36 +01:00
Timo Kösters
d2817679e5
refactor: remove previous typing implementation and add sync wakeup for new one 2024-03-22 08:24:17 +01:00
Timo Kösters
6bd7ff4917
improvement: do not save typing edus in db 2024-03-22 07:48:44 +01:00
Matthias Ahouansou
fa930182ae
fix(appservices): don't panic on empty registration url 
perf(appservices): cache regex for namespaces
 2024-03-10 13:27:48 +00:00
Matthias Ahouansou
07bb369c5c
perf: remove unnecessary async 2024-03-05 20:20:19 +00:00
Matthias Ahouansou
17dd8cb918
style: rename Sync(Mutex|RwLock) to Std(Mutex|RwLock) 2024-03-05 20:16:28 +00:00
Matthias Ahouansou
c58af8485d
revert: remove dependency on async_recursion 2024-03-05 19:59:24 +00:00