Commit graph

2210 commits

Author SHA1 Message Date
strawberry
6063a671c3 bump MSRV to 1.75.0 for latest ruma
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-17 14:26:26 -05:00
strawberry
632276ae99 bump ruma to aa3acd88d21dfbb7595f54e619f52761bcb0259e
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-17 14:26:26 -05:00
strawberry
e944ed5eb4 fix /report endpoint a lot
in short, the `/report` endpoint now checks if:
- the reporting room in the URI matches the PDU/event reported
- sender user is in the room reported
- raises report reasoning to 750 characters (spec doesn't say to limit
these, but thorough and informative reports for server admins are not
a bad thing)
- (hopefully) fixes some broken formatting
- add a random short delay before sending a successful response to the
client to make it more annoying to enumerate for events on our server
(security by obscurity but spec suggests it)

basically, secure reports better lol

see https://spec.matrix.org/v1.9/client-server-api/#post_matrixclientv3roomsroomidreporteventid

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-17 14:26:26 -05:00
strawberry
7eb57a9fd5 explicitly fallback to None for invalid/empty room topics
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-17 14:26:26 -05:00
strawberry
1f117582ca update all transitive dependencies (cargo update)
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-17 14:26:26 -05:00
strawberry
9a3866afff return M_INVALID_PARAM instead of M_BAD_JSON for bad room aliases
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-17 14:26:26 -05:00
strawberry
92641d0628 first of many small code documentation
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-17 14:26:26 -05:00
strawberry
ad1d272e2a fix blocks_in_conditions clippy lint
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-17 14:26:26 -05:00
strawberry
8d42351e34 add presence options to show-config admin cmd
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-17 14:26:26 -05:00
strawberry
0252e9c2c7 split max build optimisations into release-high-perf build profile
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-17 14:26:26 -05:00
strawberry
a85ebdeaa0 require sender_user being in the reporting room for /report events
Matrix 1.8 change:
https://spec.matrix.org/v1.9/client-server-api/#post_matrixclientv3roomsroomidreporteventid

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-17 14:26:26 -05:00
strawberry
efa6308172 actually we can remove loole (for now) and crossbeam
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-17 14:26:26 -05:00
strawberry
bfc738d80e default to None for room topic event in spaces or /publicRooms
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-17 14:26:26 -05:00
strawberry
ef10a2df36 add more lints, bump image and crossbeam
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-17 14:26:26 -05:00
strawberry
59c7f93656 fix more clippy lints (part 1)
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-17 14:26:26 -05:00
renovate[bot]
44440f745f chore(deps): update actions/cache action to v4 2024-01-17 12:04:47 -05:00
strawberry
2074e36aa4 add missing ban reason to ban events
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
2f16726bac raise generated passwords to 25 chars
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
2b031e40a2 partially revert keeping track of remote user profiles
this seems to require some more work to properly ignore
dead server errors without breaking the entire room join

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
149d22eef7 make set avatar, displayname, and blurhash async and forgot another let _
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
9ec1532580 ignore potential errors when updating user profiles
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
4d410d7304 update DIFFERENCES.md
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
0297cfe307 remove cached destination for a destination if request fails
this can help if users change their well-known or such and we don't want
to keep on hitting the old destination.

from 11357d1f1a

Co-authored-by: Jacob Taylor <jacob@explodie.org>
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
ad792f4565 oops dedup only works on consecutive elements
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
52884abff6 don't validate or add signature if room is not v8 or above or not using restricted joins
should resolve https://github.com/matrix-org/matrix-spec/issues/1708 on
for conduwuit until spec clarifies.

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
5c4b8ad7a3 replace panics on unknown room versions with errors
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
c70ce49ec0 don't allow non-local users to have their creds modified in Deactivate admin cmds
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
edd74efbf2 dedup servers in get_alias_helper
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
da539efb98 only follow up to 6 redirects in default reqwest ClientBuilder
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
ae11e378d2 debug log well-known response body and text
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
14a0d12002 declare support for Matrix 1.5 in our federation requests
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
acc0bdad1a update rocksdb to 8.10.0
https://github.com/rust-rocksdb/rust-rocksdb/pull/852

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
424f02466c DIFFERENCES.md: suggest servers to join via at room directory
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
0b0b52c33b add all possible workspace clippy lints (with commenting out most for now)
this will be a major pain to work through. for now, let's
just add them and overtime work through these.

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
49b6f338fd feat: suggest servers to join at /_matrix/client/v3/directory/room/{roomAlias}
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
da3ac7a2f1 deps updates again
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
15ffc4951e oops forgot to bump 1.70.0 in flake and gitlab dockerfile
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
8e569b8d29 we also support webp images
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
6ea07da24d nix: update flake
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
468e5a48f3 add more stuff to DIFFERENCES.md
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
ee2f1c3084 the great persy, sled, and heed purge (and bump MSRV to 1.74.1)
these database backends are either unmaintained, broken in conduit, or
incredibly niche for something like conduwuit.

also i want to bump the MSRV.

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
b28a2fad97 feat: keep track of remote profiles for user directory and local requests
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
ef8dcdfe3c declare explicit support for room filtering (MSC3827)
conduit has supported this for a while now and is a Matrix 1.4 feature

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
c75674faf5 bump default_presence_offline_timeout to 30 minutes (too low imo)
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
966cca25f1 bump conduwuit version as we've made a lot of changes
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
85b2c6681b allow HEAD HTTP requests in CORS
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
20aa2cfca6 update device lists for user upon logout
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
830cd0e6d7 document we shutdown cleaner and safer
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-09 12:24:42 -05:00
strawberry
7021c52c9b send a User-Agent on all requests
amazing that this wasn't done in the first place. a lack of a UA is
suspicious and some providers may block our requests just for the sake
of no UA.

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-07 22:26:27 -05:00
strawberry
aa40e07d2d add some new things/fixes to DIFFERENCES.md
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-07 22:26:27 -05:00