strawberry
e944ed5eb4
fix /report
endpoint a lot
...
in short, the `/report` endpoint now checks if:
- the reporting room in the URI matches the PDU/event reported
- sender user is in the room reported
- raises report reasoning to 750 characters (spec doesn't say to limit
these, but thorough and informative reports for server admins are not
a bad thing)
- (hopefully) fixes some broken formatting
- add a random short delay before sending a successful response to the
client to make it more annoying to enumerate for events on our server
(security by obscurity but spec suggests it)
basically, secure reports better lol
see https://spec.matrix.org/v1.9/client-server-api/#post_matrixclientv3roomsroomidreporteventid
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-17 14:26:26 -05:00
strawberry
7eb57a9fd5
explicitly fallback to None for invalid/empty room topics
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-17 14:26:26 -05:00
strawberry
1f117582ca
update all transitive dependencies (cargo update)
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-17 14:26:26 -05:00
strawberry
9a3866afff
return M_INVALID_PARAM
instead of M_BAD_JSON
for bad room aliases
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-17 14:26:26 -05:00
strawberry
92641d0628
first of many small code documentation
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-17 14:26:26 -05:00
strawberry
ad1d272e2a
fix blocks_in_conditions clippy lint
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-17 14:26:26 -05:00
strawberry
8d42351e34
add presence options to show-config admin cmd
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-17 14:26:26 -05:00
strawberry
0252e9c2c7
split max build optimisations into release-high-perf
build profile
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-17 14:26:26 -05:00
strawberry
a85ebdeaa0
require sender_user being in the reporting room for /report events
...
Matrix 1.8 change:
https://spec.matrix.org/v1.9/client-server-api/#post_matrixclientv3roomsroomidreporteventid
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-17 14:26:26 -05:00
strawberry
efa6308172
actually we can remove loole (for now) and crossbeam
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-17 14:26:26 -05:00
strawberry
bfc738d80e
default to None for room topic event in spaces or /publicRooms
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-17 14:26:26 -05:00
strawberry
ef10a2df36
add more lints, bump image and crossbeam
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-17 14:26:26 -05:00
strawberry
59c7f93656
fix more clippy lints (part 1)
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-17 14:26:26 -05:00
renovate[bot]
44440f745f
chore(deps): update actions/cache action to v4
2024-01-17 12:04:47 -05:00
strawberry
2074e36aa4
add missing ban reason to ban events
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
2f16726bac
raise generated passwords to 25 chars
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
2b031e40a2
partially revert keeping track of remote user profiles
...
this seems to require some more work to properly ignore
dead server errors without breaking the entire room join
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
149d22eef7
make set avatar, displayname, and blurhash async and forgot another let _
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
9ec1532580
ignore potential errors when updating user profiles
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
4d410d7304
update DIFFERENCES.md
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
0297cfe307
remove cached destination for a destination if request fails
...
this can help if users change their well-known or such and we don't want
to keep on hitting the old destination.
from 11357d1f1a
Co-authored-by: Jacob Taylor <jacob@explodie.org>
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
ad792f4565
oops dedup only works on consecutive elements
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
52884abff6
don't validate or add signature if room is not v8 or above or not using restricted joins
...
should resolve https://github.com/matrix-org/matrix-spec/issues/1708 on
for conduwuit until spec clarifies.
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
5c4b8ad7a3
replace panics on unknown room versions with errors
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
c70ce49ec0
don't allow non-local users to have their creds modified in Deactivate admin cmds
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
edd74efbf2
dedup servers in get_alias_helper
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
da539efb98
only follow up to 6 redirects in default reqwest ClientBuilder
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
ae11e378d2
debug log well-known response body and text
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
14a0d12002
declare support for Matrix 1.5 in our federation requests
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
acc0bdad1a
update rocksdb to 8.10.0
...
https://github.com/rust-rocksdb/rust-rocksdb/pull/852
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
424f02466c
DIFFERENCES.md: suggest servers to join via at room directory
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
0b0b52c33b
add all possible workspace clippy lints (with commenting out most for now)
...
this will be a major pain to work through. for now, let's
just add them and overtime work through these.
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
49b6f338fd
feat: suggest servers to join at /_matrix/client/v3/directory/room/{roomAlias}
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
da3ac7a2f1
deps updates again
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
15ffc4951e
oops forgot to bump 1.70.0 in flake and gitlab dockerfile
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
8e569b8d29
we also support webp images
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
6ea07da24d
nix: update flake
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
468e5a48f3
add more stuff to DIFFERENCES.md
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
ee2f1c3084
the great persy, sled, and heed purge (and bump MSRV to 1.74.1)
...
these database backends are either unmaintained, broken in conduit, or
incredibly niche for something like conduwuit.
also i want to bump the MSRV.
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
b28a2fad97
feat: keep track of remote profiles for user directory and local requests
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
ef8dcdfe3c
declare explicit support for room filtering (MSC3827)
...
conduit has supported this for a while now and is a Matrix 1.4 feature
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
c75674faf5
bump default_presence_offline_timeout to 30 minutes (too low imo)
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
966cca25f1
bump conduwuit version as we've made a lot of changes
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
85b2c6681b
allow HEAD HTTP requests in CORS
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
20aa2cfca6
update device lists for user upon logout
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry
830cd0e6d7
document we shutdown cleaner and safer
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-09 12:24:42 -05:00
strawberry
7021c52c9b
send a User-Agent on all requests
...
amazing that this wasn't done in the first place. a lack of a UA is
suspicious and some providers may block our requests just for the sake
of no UA.
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-07 22:26:27 -05:00
strawberry
aa40e07d2d
add some new things/fixes to DIFFERENCES.md
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-07 22:26:27 -05:00
strawberry
8586b15e1a
add support for serving client+server well-known and /client/server.json
endpoints from conduwuit
...
the last endpoint is a non-standard health check endpoint used by at
least Element Web as a weird way to determine if syncv3 is available
there can also be some valid use-cases for serving well-knowns from the
application itself
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-07 22:26:27 -05:00
strawberry
bb2f213ac3
more helpful panic msg on failing to increase soft/hard FD limits
...
this can be caused by security policies, hardening, etc
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-07 22:26:27 -05:00