TudbuT/conduit
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2626 commits 50 branches 7 tags 14 MiB
Commit graph

1590 commits

Author SHA1 Message Date
strawberry
0352ea7dda add rocksdb parallelism threads config option 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-03-08 12:51:21 -05:00
strawberry
9251727d57 return proper error if fail fetching and dont have profile 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-03-08 12:51:21 -05:00
strawberry
465533d32b attempt keeping track/cache remote profiles locally again 
also fixes logic error where we always say
we couldnt find the profile

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-03-08 12:51:21 -05:00
strawberry
daaf4b7bea add basic loopback address container checks 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-03-03 22:20:37 -05:00
strawberry
023c16e4f4 specify if registration token is set in show-config 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-03-03 22:20:37 -05:00
strawberry
608aa83ed2 check if invited user is an admin before rejecting instead 
i think this makes more sense tbh than what synapse does

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-03-03 22:20:37 -05:00
strawberry
34e8fd38cf extend room banning to local+remote room invites 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-03-03 22:20:37 -05:00
strawberry
ea66bff46b config option to block non-admin room invites 
works just like block_non_admin_invites from synapse

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-03-03 22:20:37 -05:00
strawberry
c97483dbd3 fix rocksdb-specific lints 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-03-03 22:20:37 -05:00
strawberry
e2c7afe69c go through a ton of pedantic clippy lints 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-03-03 22:20:37 -05:00
strawberry
33727a3423 replace database assert!s with if statements 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-03-03 22:20:37 -05:00
strawberry
624b866ed5 adjust lints for CI 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-03-03 22:20:37 -05:00
strawberry
04d16ac544 remove two unnecessary string heap allocs 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-03-03 22:20:37 -05:00
strawberry
a9f714ae8d remove single-use lifetimes 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-03-03 22:20:37 -05:00
strawberry
71654f26b9 add todo for MockedKVDatabase get_all_media_keys 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-03-03 22:20:37 -05:00
strawberry
cde6fdd741 resolve or_fun_call clippy lint 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-03-03 22:20:37 -05:00
strawberry
93cc98a04c fix cargo doc lint 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-03-03 22:20:37 -05:00
strawberry
d5bfef18a4 fix 1.77 clippy warning (multiple_bound_locations) 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-03-03 22:20:37 -05:00
strawberry
cd6a6b308b remove unnecessary clone 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-03-03 22:20:37 -05:00
strawberry
27f61a2dee add missing comment slash 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-03-03 22:20:37 -05:00
strawberry
b26c593a2a adjust max rocksdb LOG files based on hard drive or SSD option 
keeps 3 LOG files at most if on hard drive, else keeps 20

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-03-03 22:20:37 -05:00
strawberry
ee548bd2e7 admin command to delete all remote media within the past x time 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-03-03 22:20:37 -05:00
sininenkissa
e71855cd0b
make conduwuit show up as the server software name on /_matrix/federation/v1/version (#186) 
conduwuit > /_matrix/federation/v1/version

Co-authored-by: June <june@girlboss.ceo>
 2024-03-01 19:29:21 -05:00
strawberry
82f10214b3 remove all unused lifetimes 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-02-28 13:56:19 -05:00
strawberry
abf41f4c79 check if specified user belongs to us 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-02-28 13:56:19 -05:00
strawberry
ee4f0a0ae5 admin cmd to list all rooms a user is in 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-02-28 13:56:19 -05:00
Timo Kösters
f0ae99125a fix: avoid panic when client is confused about rooms 2024-02-28 13:56:19 -05:00
Timo Kösters
8e0f7b0d0a Avoid federation when it is not necessary 2024-02-28 13:56:19 -05:00
strawberry
3c12c2b6ca fix: add top level "redacts" key for v11 redactions 
at least with Element Web: they still rely on the
"redacts" top level key. it was reported that
federated redactions were not working for v11 rooms
with conduwuit. after adding back the top level
key when appending a PDU to the timeline, they
now work again.

spec below says to continue adding the top level
key for compatibility with older clients.

https://spec.matrix.org/v1.9/rooms/v11/#moving-the-redacts-property-of-mroomredaction-events-to-a-content-property

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-02-28 13:56:19 -05:00
strawberry
f76937a085 fix incorrect repo link on welcome msg 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-02-26 00:40:15 -05:00
strawberry
24625e9659 resolve nightly rust warnings 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-02-26 00:40:15 -05:00
strawberry
598ac3e140 unmark v1 as experimental 
it was reported that even with this, conduit
still cannot join those rooms.

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-02-26 00:40:15 -05:00
strawberry
cdc644946d admin cmd to delete MXCs via event_id 
this can be used as a way to deal with the thumbnail
and the media file at the same time without knowing
the thumbnail MXC URL.

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-02-26 00:40:15 -05:00
strawberry
da3297fdcb add !admin as way to call conduit bot 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-02-26 00:40:15 -05:00
strawberry
9224e37472 helpful error msg upon failed db version assert 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-02-26 00:40:15 -05:00
strawberry
50fb202382 admin cmd to delete multiple MXC URLs in bulk 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-02-26 00:40:15 -05:00
strawberry
45ad7b40b3 add support for dual HTTP/HTTPS, rm caddy from complement 
complement sends C-S requests over HTTP, and federation
over HTTPS.

complement without caddy *almost* works. unfortunately
i am now dealing with invalid X-Matrix signatures
due to non-percent encoded URIs and it does not
seem trivial to percent-encode URIs that a
reverse proxy would normally do for you.

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-02-26 00:40:15 -05:00
strawberry
07772f2fed document conduit direct TLS support + logging 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-02-26 00:40:15 -05:00
strawberry
67b307c75b add support for listening on multiple ports 
retains existing config compatibility using either:
`port = 6167`
`port = [80, 443, 8448]`

Co-authored-by: Charles Hall <charles@computer.surgery>
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-02-26 00:40:15 -05:00
strawberry
342400fe2d fix tests 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-02-24 13:04:13 -05:00
strawberry
ca42ec338b replace accidental unwraps with if let's 
this provides not only some future compatibility with MSC4051,
but it just makes sense to not crash/error if we can't get a server_name
from the room ID and should just use the server_name from the sender
user's invite event. there is already code ahead that accounts for
an empty vector so this is safe.

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-02-24 13:04:13 -05:00
strawberry
4d624846ee admin command to delete media via MXC url 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-02-24 13:04:13 -05:00
strawberry
27c29e6063 db functions to delete media via MXC 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-02-24 13:04:13 -05:00
strawberry
1ecad225be feat: custom text for user displayname suffix upon registration 
replaces the lightning bolt emoji option with support for
your own text or emojis

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-02-24 13:04:13 -05:00
strawberry
03d796e95e support room aliases for room blocking, argument to disable federation 
and makes parsing the room more generic (room ID or room alias)

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-02-20 07:06:57 -05:00
strawberry
36bc21193c oops forgot import 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-02-20 07:06:57 -05:00
strawberry
3d26210eac more useful database logging (compaction, time taken to load) 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-02-20 07:06:57 -05:00
strawberry
bdda875416 bump conduwuit version to 0.1.3 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-02-20 07:06:57 -05:00
strawberry
9a6a77974b add support for bulk banning room IDs 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-02-20 07:06:57 -05:00
strawberry
e25d574208 move room moderation stuff to a subcommand 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-02-20 07:06:57 -05:00
strawberry
c9364dc077 dont evict admins from room, allow admins to join banned rooms 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-02-20 07:06:57 -05:00
strawberry
ed0c8e86f7 initial implementation of banning room IDs 
takes a full room ID, evicts all our users from that room,
adds room ID to banned room IDs metadata db table, and
forbids any new local users from attempting to join it.

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-02-20 07:06:57 -05:00
strawberry
a92f291bbf feat: query param to return full state event or event content 
query parameter `?format=event|content`

defaults to normal behaviour which is the event's content.

ruma impl: 788ea6b00f

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-02-20 07:06:57 -05:00
strawberry
b80be6c709 remove unused database function 
i have no idea what this is for

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-02-20 07:06:57 -05:00
strawberry
a2f7f6fda4 prefix every admin room help cmd with - 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-02-20 07:06:57 -05:00
strawberry
a0205cd41d implement deprecated user field for login requests 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-02-20 07:06:57 -05:00
strawberry
63bb00d902 error if using known placeholder server_name, log if using debug build 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-02-14 19:07:08 -05:00
strawberry
dac8b3db49 move these config checks to main.rs 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-02-11 21:56:55 -05:00
strawberry
0ea8657070 default to Undefined if room avatar URL was not found despite checking if its Some 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-02-11 21:56:55 -05:00
strawberry
244c1f7190 config option to check root domain with URL previews 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-02-11 21:56:55 -05:00
strawberry
54ade97f96 add expect message when failing to send oneshot channel shutdown transaction 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-02-11 21:56:55 -05:00
strawberry
48e4b71dd1 remove hardcoded 300kb limit on spider size with config option of 1MB default 
modern websites are sadly massive, 300kb is pretty low. 1MB should be enough.

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-02-11 21:56:55 -05:00
strawberry
2ea895199a dont drop true error with url str parse, fix url contains logic order, clarify config comment 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-02-11 21:56:55 -05:00
strawberry
7786553cda doc+check if user does not have local presence enabled if using outgoing presence 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-02-11 21:56:55 -05:00
strawberry
d069379d77 (please) dont drop true error in presence timer creation failures 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-02-11 21:56:55 -05:00
strawberry
8e6d52e7dd dont follow more than 2 redirects for URL previews for security reasons 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-02-11 21:56:55 -05:00
strawberry
fb2eba722d fix media tests for URL previews 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-02-11 21:56:55 -05:00
Reiner Herrmann
c0dd5b1cc2 feat: URL preview support 
from upstream MR https://gitlab.com/famedly/conduit/-/merge_requests/347
with the following changes (so far):
- remove hardcoded list of allowed hosts (strongly disagree with this,
even if it is desired, it should not be harcoded)
- add more allow config options for granularity via URL contains,
host contains, and domain is (explicit match) for security
- warn if a user is allowing all URLs to be previewed for security reasons
- replace an expect with proper error handling
- bump webpage to 2.0
- improved code style a tad

Co-authored-by: rooot <hey@rooot.gay>
Signed-off-by: rooot <hey@rooot.gay>
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-02-11 21:56:55 -05:00
strawberry
6f26be1c6e eat less /ban endpoint fields, fix ban reason not consistently applied 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-02-11 21:56:55 -05:00
strawberry
3ff5bc5298 ask systemd for more time when shutting down if needed, raise axum shutdown timeout to 3 mins 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-02-11 21:56:55 -05:00
strawberry
0b171a2b9c bump default max_concurrent_requests to 500, update config comment 
also raise 1024 bytes to 4096 bytes in minimum max_request_size check

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-02-11 21:56:55 -05:00
strawberry
b8ab4754a5 slight wording addition 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-02-11 21:56:55 -05:00
strawberry
7ddf08e8b7 filter out "config" as it's an expected config option 
this seems to exist when using `CONDUIT_CONFIG`
environment variable, this is expected.

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-02-11 21:56:55 -05:00
strawberry
6996d63a02 warn if a catchall config option (unknown config option) exists 
a longer way of saying: warn if a config key is unknown

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-02-11 21:56:55 -05:00
strawberry
d4d8c6eb21 check if custom room ID is apart of forbidden room alias 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-02-11 21:56:55 -05:00
Matthias Ahouansou
fc93b29abe feat: forbid certain usernames & room aliases 
squashed from https://gitlab.com/famedly/conduit/-/merge_requests/582

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-02-11 21:56:55 -05:00
Matthias Ahouansou
784d307425 revamp appservice registration to ruma's Registration type 
squashed from https://gitlab.com/famedly/conduit/-/merge_requests/583

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-02-11 21:56:55 -05:00
strawberry
1f7ac6d112 update valid_until_ts comment 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-02-11 21:56:55 -05:00
Charles Hall
621c85fd3b run cargo update 
`IndexMap::remove` was deprecated in favor of explicitly named methods.
I assume that we actually needed to be using `shift_remove`, otherwise
we probably wouldn't be bothering with `indexmap` here in the first
place. I wonder if this fixes any bugs lol

from: https://gitlab.com/famedly/conduit/-/merge_requests/580

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-31 16:20:26 -05:00
strawberry
24605e151d make allow_federation default to true 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-27 16:47:33 -05:00
strawberry
4ac568769b improvement: registration token now only works when registration is enabled 
Co-authored-by: Timo Kösters <timo@koesters.xyz>
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-25 19:28:33 -05:00
strawberry
0e8267656f fix room ID messages, remove comments 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-25 19:28:33 -05:00
strawberry
08a183e8c7 assume well-known is None if text length exceeds 10000 chars 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-25 19:28:33 -05:00
Charles Hall
ec7aeb1096 move resolver logic into the resolver 
Honestly not sure why it wasn't done like this before. This code is much
less awkward to follow and more compartmentalized.

These changes were mainly motivated by a clippy lint triggering on the
original code, which then made me wonder if I could get rid of some of
the `Box`ing. Turns out I could, and this is the result of that.

Co-authored-by: strawberry <strawberry@puppygock.gay>
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-25 19:28:33 -05:00
strawberry
1536f08d81 use both is_ip_literal and IPAddress is_valid checks 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-25 19:28:33 -05:00
strawberry
9858b33b37 just remove double quotes if found instead 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-25 19:28:33 -05:00
strawberry
e0419d9c5d custom room ID checks, dont use format! macro due to quotes being added 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-25 19:28:33 -05:00
strawberry
7eff572e77 check if room ID already exists instead of erroring on auth check 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-25 19:28:33 -05:00
strawberry
8754f0e2a5 additional character check on room alias 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-25 19:28:33 -05:00
strawberry
89d9cdeb3a IP range denylist logging, and fix logic error 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-25 19:28:33 -05:00
strawberry
382347353e add custom room ID support using room_id field 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-25 19:28:33 -05:00
strawberry
2980af6490 move room creation config check higher up 
dont bother wasting resources if we know we
arent even allowed to make the room to begin with

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-25 19:28:33 -05:00
strawberry
ead9a58dce dont crash failing to deserialise room creation content 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-25 19:28:33 -05:00
strawberry
3453dcc344 add error checking to room aliases 
length, colon, and spaces. also dont crash.

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-25 19:28:33 -05:00
strawberry
b51d148899 remove random space 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-25 19:28:33 -05:00
strawberry
6c1358d0c8 send home_server on login response again 
a 6+ year old deprecated field that isnt even spelled
right, and no clients use it must still be sent
according to spec

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-25 19:28:33 -05:00
strawberry
fa0c083555 don't send requests to specified list of IP CIDRs 
this can most definitely be improved but this is a decent attempt.
the only annoying this is i couldn't just use a Vec<IPAddress> which
would have significantly simplified all of this, but serde can't
deserialise it on the config side i guess.

i may find a better way to do this in the future, but this should cover
most areas anyways.

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-25 19:28:33 -05:00
strawberry
71d247232d oops forgot that endpoint too 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-25 19:28:33 -05:00
strawberry
6c75087863 eat less of client parameters for media requests 
still cantt respect allow_redirect yet

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-25 19:28:33 -05:00
strawberry
ab6cb4ad2d switch back to expect for sender_user 
as far as i can tell, it will return a normal
error in the auth token handling code so this is fine.
we also shouldnt assume all errors from this are
access_token related.

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-25 19:28:33 -05:00
strawberry
02bc818633 match explicit URI to see if we should authenticate the user 
first attempt at forcing an endpoint to be authenticated

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-25 19:28:33 -05:00
strawberry
9d0c85ab17 use ruma JsOption, bump figment 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-25 19:28:33 -05:00
strawberry
4e8823dedb add warning about outgoing presence PDU/EDU relationship 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-25 19:28:33 -05:00
strawberry
11bc725268 return joined member count of room for pushrules instead of hardcoded 10 
im not sure what the TODO is trying to say here,
but since it's many years old and conduwuit is
fast, i dont see an issue with this.

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-25 19:28:33 -05:00
strawberry
b50c47e1c2 silence loud tower_http errors (move to info) 
these are benign errors that are from things like
conduwuit fetching remote media from dead servers

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-25 19:28:33 -05:00
strawberry
34bac4d1d9 support sending well_known client response in /login using well_known_client 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-25 19:28:33 -05:00
strawberry
cf62cb0d0a send avatar_url on invite member events like synapse 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-25 19:28:33 -05:00
strawberry
f275a0dfbe fix obvious copy-paste error 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-25 19:28:33 -05:00
strawberry
fae00e5136 remove rocksdb_max_open_files option 
default for RocksDB is -1 and conduwuit already raises the
soft and hard nofile limits at startup.

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-25 19:28:33 -05:00
strawberry
6ffc54e241 support blocking servers from fetching remote media from 
akin to synapse's `prevent_media_downloads_from`

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-17 23:57:45 -05:00
strawberry
1a06c8c9d3 more error checking for deserialising events and canonical JSON 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-17 23:57:45 -05:00
strawberry
c83acabfb0 return proper error if we fail to convert to canonical JSON 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-17 23:57:45 -05:00
strawberry
3d6b499b88 log error and PDU for failed auth checks 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-17 23:57:45 -05:00
strawberry
3ffca25f6f update few endpoint docs versions 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-17 23:57:45 -05:00
strawberry
2bbc75d68e why did i have to run cargo fmt twice 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-17 14:26:26 -05:00
strawberry
40f5345586 fix formatting and links of user reports more 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-17 14:26:26 -05:00
strawberry
e944ed5eb4 fix /report endpoint a lot 
in short, the `/report` endpoint now checks if:
- the reporting room in the URI matches the PDU/event reported
- sender user is in the room reported
- raises report reasoning to 750 characters (spec doesn't say to limit
these, but thorough and informative reports for server admins are not
a bad thing)
- (hopefully) fixes some broken formatting
- add a random short delay before sending a successful response to the
client to make it more annoying to enumerate for events on our server
(security by obscurity but spec suggests it)

basically, secure reports better lol

see https://spec.matrix.org/v1.9/client-server-api/#post_matrixclientv3roomsroomidreporteventid

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-17 14:26:26 -05:00
strawberry
7eb57a9fd5 explicitly fallback to None for invalid/empty room topics 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-17 14:26:26 -05:00
strawberry
9a3866afff return M_INVALID_PARAM instead of M_BAD_JSON for bad room aliases 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-17 14:26:26 -05:00
strawberry
92641d0628 first of many small code documentation 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-17 14:26:26 -05:00
strawberry
ad1d272e2a fix blocks_in_conditions clippy lint 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-17 14:26:26 -05:00
strawberry
8d42351e34 add presence options to show-config admin cmd 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-17 14:26:26 -05:00
strawberry
a85ebdeaa0 require sender_user being in the reporting room for /report events 
Matrix 1.8 change:
https://spec.matrix.org/v1.9/client-server-api/#post_matrixclientv3roomsroomidreporteventid

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-17 14:26:26 -05:00
strawberry
bfc738d80e default to None for room topic event in spaces or /publicRooms 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-17 14:26:26 -05:00
strawberry
59c7f93656 fix more clippy lints (part 1) 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-17 14:26:26 -05:00
strawberry
2074e36aa4 add missing ban reason to ban events 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-14 20:55:56 -05:00
strawberry
2f16726bac raise generated passwords to 25 chars 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-14 20:55:56 -05:00
strawberry
2b031e40a2 partially revert keeping track of remote user profiles 
this seems to require some more work to properly ignore
dead server errors without breaking the entire room join

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-14 20:55:56 -05:00
strawberry
149d22eef7 make set avatar, displayname, and blurhash async and forgot another let _ 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-14 20:55:56 -05:00
strawberry
9ec1532580 ignore potential errors when updating user profiles 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-14 20:55:56 -05:00
strawberry
0297cfe307 remove cached destination for a destination if request fails 
this can help if users change their well-known or such and we don't want
to keep on hitting the old destination.

from 11357d1f1a

Co-authored-by: Jacob Taylor <jacob@explodie.org>
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-14 20:55:56 -05:00
strawberry
ad792f4565 oops dedup only works on consecutive elements 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-14 20:55:56 -05:00
strawberry
52884abff6 don't validate or add signature if room is not v8 or above or not using restricted joins 
should resolve https://github.com/matrix-org/matrix-spec/issues/1708 on
for conduwuit until spec clarifies.

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-14 20:55:56 -05:00
strawberry
5c4b8ad7a3 replace panics on unknown room versions with errors 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-14 20:55:56 -05:00
strawberry
c70ce49ec0 don't allow non-local users to have their creds modified in Deactivate admin cmds 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-14 20:55:56 -05:00
strawberry
edd74efbf2 dedup servers in get_alias_helper 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-14 20:55:56 -05:00
strawberry
da539efb98 only follow up to 6 redirects in default reqwest ClientBuilder 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-14 20:55:56 -05:00
strawberry
ae11e378d2 debug log well-known response body and text 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-14 20:55:56 -05:00
strawberry
14a0d12002 declare support for Matrix 1.5 in our federation requests 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-14 20:55:56 -05:00
strawberry
0b0b52c33b add all possible workspace clippy lints (with commenting out most for now) 
this will be a major pain to work through. for now, let's
just add them and overtime work through these.

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-14 20:55:56 -05:00
strawberry
49b6f338fd feat: suggest servers to join at /_matrix/client/v3/directory/room/{roomAlias} 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-14 20:55:56 -05:00
strawberry
ee2f1c3084 the great persy, sled, and heed purge (and bump MSRV to 1.74.1) 
these database backends are either unmaintained, broken in conduit, or
incredibly niche for something like conduwuit.

also i want to bump the MSRV.

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-14 20:55:56 -05:00
strawberry
b28a2fad97 feat: keep track of remote profiles for user directory and local requests 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-14 20:55:56 -05:00
strawberry
ef8dcdfe3c declare explicit support for room filtering (MSC3827) 
conduit has supported this for a while now and is a Matrix 1.4 feature

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-14 20:55:56 -05:00
strawberry
c75674faf5 bump default_presence_offline_timeout to 30 minutes (too low imo) 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-14 20:55:56 -05:00
strawberry
85b2c6681b allow HEAD HTTP requests in CORS 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-14 20:55:56 -05:00
strawberry
20aa2cfca6 update device lists for user upon logout 
Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-14 20:55:56 -05:00
strawberry
7021c52c9b send a User-Agent on all requests 
amazing that this wasn't done in the first place. a lack of a UA is
suspicious and some providers may block our requests just for the sake
of no UA.

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-07 22:26:27 -05:00
strawberry
8586b15e1a add support for serving client+server well-known and /client/server.json endpoints from conduwuit 
the last endpoint is a non-standard health check endpoint used by at
least Element Web as a weird way to determine if syncv3 is available

there can also be some valid use-cases for serving well-knowns from the
application itself

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-07 22:26:27 -05:00
strawberry
bb2f213ac3 more helpful panic msg on failing to increase soft/hard FD limits 
this can be caused by security policies, hardening, etc

Signed-off-by: strawberry <strawberry@puppygock.gay>
 2024-01-07 22:26:27 -05:00