Matthias Ahouansou
d95345377b
fix: remove TLS name override when no SRV record is present (but properly)
...
The previous attempt only did so when no IP could be resolved, which isn't enough
2024-07-06 17:31:31 +01:00
Matthias Ahouansou
11187b3fad
fix: remove TLS name override when no SRV record is present
...
this could have been an issue in cases where there was previously a SRV record, but later got removed
2024-07-06 17:06:11 +01:00
Matthias Ahouansou
1f313c6807
Merge branch 'finite-servername-cache' into 'next'
...
fix: don't cache server name lookups indefinitely
See merge request famedly/conduit!702
2024-07-01 09:52:18 +00:00
Matthias Ahouansou
e70d27af98
Merge branch 'timestamped-messaging' into 'next'
...
feat(appservice): support timestamped messaging
See merge request famedly/conduit!703
2024-07-01 09:36:14 +00:00
Matthias Ahouansou
ba8429cafe
fix: don't cache server name lookups indefinitely
2024-07-01 10:17:01 +01:00
Matthias Ahouansou
7a4d0f6fe8
Merge branch 'acl-dont-have-empty-exception' into 'next'
...
fix: don't ignore ACLs when there is no content
See merge request famedly/conduit!705
2024-06-26 21:41:42 +00:00
Matthias Ahouansou
2f45a907f9
fix: don't ignore ACLs when there is no content
...
despite this being very bad behavior, it is required by the spec
2024-06-26 22:06:46 +01:00
Matthias Ahouansou
62f1da053f
feat(appservice): support timestamped messaging
2024-06-25 10:25:58 +01:00
Matthias Ahouansou
602c56cae9
chore: bump ruma
2024-06-25 10:10:53 +01:00
Matthias Ahouansou
9014e43ce1
chore: bump rust to 1.79.0 and apply new lints
2024-06-21 08:29:33 +01:00
Matthias Ahouansou
fd19dda5cb
ci: use nightly rustfmt
...
we were using this before, but it broke when refactoring the flake out into separate files
2024-06-16 17:28:05 +01:00
Matthias Ahouansou
c453d45598
fix(keys): only use keys valid at the time of PDU or transaction, and actually refresh keys
...
Previously, we only fetched keys once, only requesting them again if we have any missing, allowing for ancient keys to be used to sign PDUs and transactions
Now we refresh keys that either have or are about to expire, preventing attacks that make use of leaked private keys of a homeserver
We also ensure that when validating PDUs or transactions, that they are valid at the origin_server_ts or time of us receiving the transaction respectfully
As to not break event authorization for old rooms, we need to keep old keys around
We move verify_keys which we no longer see in direct requests to the origin to old_verify_keys
We keep old_verify_keys indefinitely as mentioned above, as to not break event authorization (at least until a future MSC addresses this)
2024-06-12 19:41:43 +02:00
Matthias Ahouansou
144d548ef7
fix: permission checks for aliases
2024-06-12 19:41:31 +02:00
Benjamin Lee
7b259272ce
fix: do not return redacted events from search
2024-06-12 19:41:02 +02:00
Matthias Ahouansou
48c1f3bdba
fix: userid checks for incoming EDUs
2024-06-12 19:39:27 +02:00
Matthias Ahouansou
ba2a5a6115
chore: bump all dependencies
2024-06-11 20:35:56 +01:00
Matthias Ahouansou
c45e52f45a
Merge branch 'media-csp' into 'next'
...
fix(media): use csp instead of modifying content-type
See merge request famedly/conduit!689
2024-06-04 05:31:35 +00:00
Matthias Ahouansou
1dbb3433e0
fix(media): use csp instead of modifying content-type
2024-06-03 21:40:25 +01:00
Matthias Ahouansou
efecb78888
Merge branch 'local-event-non-restricted-room-vers' into 'next'
...
fix(membership): fallback to locally signed event if the join wasn't a restricted one on send_join response
See merge request famedly/conduit!680
2024-06-03 13:28:41 +00:00
Matthias Ahouansou
b46000fadc
feat: recurse relationships
2024-06-03 13:42:52 +01:00
Matthias Ahouansou
19154a9f70
refactor: add server_user to globals
2024-05-31 21:56:11 +01:00
Matthias Ahouansou
ec8dfc283c
fix(membership): fallback to locally signed event if the join wasn't a restricted one on send_join response
2024-05-31 16:37:06 +01:00
Matthias Ahouansou
6c2eb4c786
feat(admin): remove alias command
2024-05-29 17:49:51 +01:00
Matthias Ahouansou
3df791e030
Merge branch 'ruma-server-util' into 'next'
...
refactor: let ruma-server-util handle X-Matrix parsing
See merge request famedly/conduit!684
2024-05-29 13:16:08 +00:00
Matthias Ahouansou
9374b74e77
refactor: let ruma-server-util handle X-Matrix parsing
2024-05-29 12:27:37 +01:00
Matthias Ahouansou
c732c7c97f
Merge branch 'toggle_allow_register' into 'next'
...
add command to set the allow registration status
See merge request famedly/conduit!477
2024-05-29 09:08:59 +00:00
Matthias Ahouansou
59d7674b2a
fix: clarify that 3pids are currently unsupported
2024-05-29 09:36:35 +01:00
tony
6bcc2f80b8
add command to set the allow registration status
...
Co-Authored-By: Matthias Ahouansou <matthias@ahouansou.cz>
2024-05-29 09:25:08 +01:00
mikoto
a888c7cb16
OpenID routes
...
Co-Authored-By: Matthias Ahouansou <matthias@ahouansou.cz>
2024-05-28 15:39:19 +01:00
Timo Kösters
47aadcea1d
Merge branch 'membership-reason-fixes' into 'next'
...
fix(membership): always set reason & allow new events if reason changed
Closes #452
See merge request famedly/conduit!669
2024-05-26 07:22:29 +00:00
Matthias Ahouansou
11990e7524
Merge branch 'admin-hash-sign' into 'next'
...
feat(admin): add hash-and-sign-event command
See merge request famedly/conduit!670
2024-05-09 16:19:40 +00:00
Matthias Ahouansou
20d9f3fd5d
Merge branch 'media' into 'next'
...
fix: make media response match spec
See merge request famedly/conduit!672
2024-05-06 18:37:13 +00:00
Timo Kösters
965b6df83d
fix: make media response match spec
2024-05-06 20:05:51 +02:00
Matthias Ahouansou
8876d54d78
feat(admin): add hash-and-sign-event command
2024-05-05 17:35:02 +01:00
Matthias Ahouansou
d8badaf64b
fix(membership): always set reason & allow new events if reason changed
2024-05-05 15:28:18 +01:00
Matthias Ahouansou
256dae983b
chore: bump rust
...
and fix new lints that come with it
2024-05-05 13:27:56 +01:00
Matthias Ahouansou
9db1f5a13c
fix(admin): don't allow creation of remote users
2024-05-02 10:45:04 +01:00
Matthias Ahouansou
0074aca0ef
Merge branch '244-support-well-known' into 'next'
...
feat: add .well-known support
Closes #244 and #378
See merge request famedly/conduit!332
2024-05-02 09:35:14 +00:00
Jakub Kubík
c1f695653b
feat: support hosting .well-known from Conduit
...
Co-authored-by: Matthias Ahouansou <matthias@ahouansou.cz>
2024-05-02 09:26:43 +01:00
Matthias Ahouansou
e6b6cc77d1
Merge branch 'verify-x-matrix-destination' into 'next'
...
feat(auth): check if X-Matrix destination is correct if present
Closes #271
See merge request famedly/conduit!661
2024-05-02 07:15:20 +00:00
Matthias Ahouansou
b69a74961b
Merge branch 'x-matrix-destination-header' into 'next'
...
feat(federation): add destination field to X-Matrix header
See merge request famedly/conduit!660
2024-05-02 06:59:52 +00:00
Matthias Ahouansou
63ba157ef6
feat(auth): check if X-Matrix destination is correct if present
2024-05-02 07:14:44 +01:00
Matthias Ahouansou
dfe2916357
feat(federation): add destination field to X-Matrix header
2024-05-02 07:01:04 +01:00
Matthias Ahouansou
df0ad2d07c
fix(appservices): don't forward events relating to remote users, and forward events relating to remote aliases
2024-04-27 20:41:28 +01:00
Ossi Herrala
aff97e4032
Update image crate
2024-04-27 11:15:04 +03:00
Ossi Herrala
a56139549f
Trust-DNS has been renamed to Hickory-DNS
2024-04-27 11:14:59 +03:00
Timo Kösters
7c83372336
Merge branch 'exclusive-namespace-error' into 'next'
...
feat(appservice): ensure users/aliases outside of namespaces are not accessed
See merge request famedly/conduit!634
2024-04-24 21:39:20 +00:00
Matthias Ahouansou
74db555336
fix(membership): perform stricter checks when choosing an authorized user
2024-04-24 20:54:07 +01:00
Timo Kösters
08636ef236
Merge branch 'can-invite-state-lock' into 'next'
...
fix(state-accessor): hold the state_lock when checking if a user can invite
See merge request famedly/conduit!643
2024-04-24 19:29:01 +00:00
Matthias Ahouansou
3086271139
feat(appservice): ensure users/aliases outside of namespaces are not accessed
2024-04-24 19:51:28 +01:00