shruub
/
conduit
mirror of https://gitlab.com/famedly/conduit
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

chore: update dependencies

Browse Source
merge-requests/65/head
Timo Kösters 3 years ago
parent bb234ca002
commit 23f81bfaf7
No known key found for this signature in database
GPG Key ID: 24DA7517711A2BA4
4 changed files with 226 additions and 2999 deletions
Show Stats Download Patch File Download Diff File

2752
Cargo.lock generated
View File

File diff suppressed because it is too large Load Diff

2
Cargo.toml
Unescape Escape View File

@ -14,7 +14,7 @@ edition = "2018"
[dependencies] [dependencies]
# Used to handle requests # Used to handle requests
# TODO: This can become optional as soon as proper configs are supported # TODO: This can become optional as soon as proper configs are supported
rocket = { git = "https://github.com/SergioBenitez/Rocket.git", rev = "93e62c86eddf7cc9a7fc40b044182f83f0d7d92a", features = ["tls"] } # Used to handle requests rocket = { git = "https://github.com/SergioBenitez/Rocket.git", rev = "e1307ddf48dac14e6a37e526098732327bcb86f0", features = ["tls"] } # Used to handle requests
#rocket = { git = "https://github.com/timokoesters/Rocket.git", branch = "empty_parameters", default-features = false, features = ["tls"] } #rocket = { git = "https://github.com/timokoesters/Rocket.git", branch = "empty_parameters", default-features = false, features = ["tls"] }
# Used for matrix spec type definitions and helpers # Used for matrix spec type definitions and helpers

49
src/main.rs
Unescape Escape View File

@ -21,7 +21,6 @@ pub use ruma_wrapper::{ConduitResult, Ruma, RumaResponse};
use rocket::{ use rocket::{
catch, catchers, catch, catchers,
fairing::AdHoc,
figment::{ figment::{
providers::{Env, Format, Toml}, providers::{Env, Format, Toml},
Figment, Figment,
@ -31,9 +30,9 @@ use rocket::{
use tracing::span; use tracing::span;
use tracing_subscriber::{prelude::*, Registry}; use tracing_subscriber::{prelude::*, Registry};
fn setup_rocket() -> (rocket::Rocket, Config) { async fn setup_rocket() -> (rocket::Rocket<rocket::Build>, Config) {
// Force log level off, so we can use our own logger // Force log level off, so we can use our own logger
std::env::set_var("CONDUIT_LOG_LEVEL", "off"); //std::env::set_var("CONDUIT_LOG_LEVEL", "off");
let config = let config =
Figment::from(rocket::Config::release_default()) Figment::from(rocket::Config::release_default())
@ -48,9 +47,15 @@ fn setup_rocket() -> (rocket::Rocket, Config) {
let parsed_config = config let parsed_config = config
.extract::<Config>() .extract::<Config>()
.expect("It looks like your config is invalid. Please take a look at the error"); .expect("It looks like your config is invalid. Please take a look at the error");
let parsed_config2 = parsed_config.clone();
let data = Database::load_or_create(parsed_config.clone())
.await
.expect("config is valid");
data.sending.start_handler(&data);
let rocket = rocket::custom(config) let rocket = rocket::custom(config)
.manage(data)
.mount( .mount(
"/", "/",
routes![ routes![
@ -176,29 +181,23 @@ fn setup_rocket() -> (rocket::Rocket, Config) {
server_server::get_profile_information_route, server_server::get_profile_information_route,
], ],
) )
.register(catchers![ .register(
not_found_catcher, "/",
forbidden_catcher, catchers![
unknown_token_catcher, not_found_catcher,
missing_token_catcher, forbidden_catcher,
bad_json_catcher unknown_token_catcher,
]) missing_token_catcher,
.attach(AdHoc::on_attach("Config", |rocket| async { bad_json_catcher
let data = Database::load_or_create(parsed_config2) ],
.await );
.expect("config is valid");
data.sending.start_handler(&data);
Ok(rocket.manage(data))
}));
(rocket, parsed_config) (rocket, parsed_config)
} }
#[rocket::main] #[rocket::main]
async fn main() { async fn main() {
let (rocket, config) = setup_rocket(); let (rocket, config) = setup_rocket().await;
if config.allow_jaeger { if config.allow_jaeger {
let (tracer, _uninstall) = opentelemetry_jaeger::new_pipeline() let (tracer, _uninstall) = opentelemetry_jaeger::new_pipeline()
@ -213,11 +212,11 @@ async fn main() {
rocket.launch().await.unwrap(); rocket.launch().await.unwrap();
} else { } else {
std::env::set_var("CONDUIT_LOG", config.log); //std::env::set_var("CONDUIT_LOG", config.log);
pretty_env_logger::init_custom_env("CONDUIT_LOG"); //pretty_env_logger::init_custom_env("CONDUIT_LOG");
let root = span!(tracing::Level::INFO, "app_start", work_units = 2); //let root = span!(tracing::Level::INFO, "app_start", work_units = 2);
let _enter = root.enter(); //let _enter = root.enter();
rocket.launch().await.unwrap(); rocket.launch().await.unwrap();
} }

422
src/ruma_wrapper.rs
Unescape Escape View File

@ -11,10 +11,7 @@ use {
crate::{server_server, utils}, crate::{server_server, utils},
log::{debug, warn}, log::{debug, warn},
rocket::{ rocket::{
data::{ data::{self, ByteUnit, Data, FromData},
ByteUnit, Data, FromDataFuture, FromTransformedData, Transform, TransformFuture,
Transformed,
},
http::Status, http::Status,
outcome::Outcome::*, outcome::Outcome::*,
response::{self, Responder}, response::{self, Responder},
@ -42,106 +39,92 @@ pub struct Ruma<T: Outgoing> {
} }
#[cfg(feature = "conduit_bin")] #[cfg(feature = "conduit_bin")]
impl<'a, T: Outgoing> FromTransformedData<'a> for Ruma<T> #[rocket::async_trait]
impl<'a, T: Outgoing> FromData<'a> for Ruma<T>
where where
T::Incoming: IncomingRequest, T::Incoming: IncomingRequest,
{ {
type Error = (); type Error = ();
type Owned = Data;
type Borrowed = Self::Owned;
fn transform<'r>(
_req: &'r Request<'_>,
data: Data,
) -> TransformFuture<'r, Self::Owned, Self::Error> {
Box::pin(async move { Transform::Owned(Success(data)) })
}
fn from_data( async fn from_data(request: &'a Request<'_>, data: Data) -> data::Outcome<Self, Self::Error> {
request: &'a Request<'_>,
outcome: Transformed<'a, Self>,
) -> FromDataFuture<'a, Self, Self::Error> {
let metadata = T::Incoming::METADATA; let metadata = T::Incoming::METADATA;
let db = request
Box::pin(async move { .guard::<State<'_, crate::Database>>()
let data = rocket::try_outcome!(outcome.owned()); .await
let db = request .expect("database was loaded");
.guard::<State<'_, crate::Database>>()
.await // Get token from header or query value
.expect("database was loaded"); let token = request
.headers()
// Get token from header or query value .get_one("Authorization")
let token = request .map(|s| s[7..].to_owned()) // Split off "Bearer "
.headers() .or_else(|| request.query_value("access_token").and_then(|r| r.ok()));
.get_one("Authorization")
.map(|s| s[7..].to_owned()) // Split off "Bearer " let limit = db.globals.max_request_size();
.or_else(|| request.get_query_value("access_token").and_then(|r| r.ok())); let mut handle = data.open(ByteUnit::Byte(limit.into()));
let mut body = Vec::new();
let limit = db.globals.max_request_size(); handle.read_to_end(&mut body).await.unwrap();
let mut handle = data.open(ByteUnit::Byte(limit.into()));
let mut body = Vec::new(); let (sender_user, sender_device, from_appservice) = if let Some((_id, registration)) = db
handle.read_to_end(&mut body).await.unwrap(); .appservice
.iter_all()
let (sender_user, sender_device, from_appservice) = if let Some((_id, registration)) = .filter_map(|r| r.ok())
db.appservice .find(|(_id, registration)| {
.iter_all() registration
.filter_map(|r| r.ok()) .get("as_token")
.find(|(_id, registration)| { .and_then(|as_token| as_token.as_str())
registration .map_or(false, |as_token| token.as_deref() == Some(as_token))
.get("as_token") }) {
.and_then(|as_token| as_token.as_str()) match metadata.authentication {
.map_or(false, |as_token| token.as_deref() == Some(as_token)) AuthScheme::AccessToken | AuthScheme::QueryOnlyAccessToken => {
}) { let user_id = request.query_value::<String>("user_id").map_or_else(
match metadata.authentication { || {
AuthScheme::AccessToken | AuthScheme::QueryOnlyAccessToken => { UserId::parse_with_server_name(
let user_id = request.get_query_value::<String>("user_id").map_or_else( registration
|| { .get("sender_localpart")
UserId::parse_with_server_name(
registration
.get("sender_localpart")
.unwrap()
.as_str()
.unwrap(),
db.globals.server_name(),
)
.unwrap()
},
|string| {
UserId::try_from(string.expect("parsing to string always works"))
.unwrap() .unwrap()
}, .as_str()
); .unwrap(),
db.globals.server_name(),
if !db.users.exists(&user_id).unwrap() { )
// Forbidden .unwrap()
return Failure((Status::raw(580), ())); },
} |string| {
UserId::try_from(string.expect("parsing to string always works"))
.unwrap()
},
);
// TODO: Check if appservice is allowed to be that user if !db.users.exists(&user_id).unwrap() {
(Some(user_id), None, true) // Forbidden
return Failure((Status::raw(580), ()));
} }
AuthScheme::ServerSignatures => (None, None, true),
AuthScheme::None => (None, None, true), // TODO: Check if appservice is allowed to be that user
(Some(user_id), None, true)
} }
} else { AuthScheme::ServerSignatures => (None, None, true),
match metadata.authentication { AuthScheme::None => (None, None, true),
AuthScheme::AccessToken | AuthScheme::QueryOnlyAccessToken => { }
if let Some(token) = token { } else {
match db.users.find_from_token(&token).unwrap() { match metadata.authentication {
// Unknown Token AuthScheme::AccessToken | AuthScheme::QueryOnlyAccessToken => {
None => return Failure((Status::raw(581), ())), if let Some(token) = token {
Some((user_id, device_id)) => { match db.users.find_from_token(&token).unwrap() {
(Some(user_id), Some(device_id.into()), false) // Unknown Token
} None => return Failure((Status::raw(581), ())),
Some((user_id, device_id)) => {
(Some(user_id), Some(device_id.into()), false)
} }
} else {
// Missing Token
return Failure((Status::raw(582), ()));
} }
} else {
// Missing Token
return Failure((Status::raw(582), ()));
} }
AuthScheme::ServerSignatures => { }
// Get origin from header AuthScheme::ServerSignatures => {
let x_matrix = match request // Get origin from header
let x_matrix = match request
.headers() .headers()
.get_one("Authorization") .get_one("Authorization")
.map(|s| { .map(|s| {
@ -158,153 +141,150 @@ where
} }
}; };
let origin_str = match x_matrix.get(&Some("origin")) { let origin_str = match x_matrix.get(&Some("origin")) {
Some(Some(o)) => *o, Some(Some(o)) => *o,
_ => { _ => {
warn!("Invalid X-Matrix header origin field: {:?}", x_matrix); warn!("Invalid X-Matrix header origin field: {:?}", x_matrix);
// Forbidden
return Failure((Status::raw(580), ()));
}
};
let origin = match Box::<ServerName>::try_from(origin_str) { // Forbidden
Ok(s) => s, return Failure((Status::raw(580), ()));
_ => { }
warn!( };
"Invalid server name in X-Matrix header origin field: {:?}",
x_matrix
);
// Forbidden
return Failure((Status::raw(580), ()));
}
};
let key = match x_matrix.get(&Some("key")) {
Some(Some(k)) => *k,
_ => {
warn!("Invalid X-Matrix header key field: {:?}", x_matrix);
// Forbidden
return Failure((Status::raw(580), ()));
}
};
let sig = match x_matrix.get(&Some("sig")) { let origin = match Box::<ServerName>::try_from(origin_str) {
Some(Some(s)) => *s, Ok(s) => s,
_ => { _ => {
warn!("Invalid X-Matrix header sig field: {:?}", x_matrix); warn!(
"Invalid server name in X-Matrix header origin field: {:?}",
x_matrix
);
// Forbidden // Forbidden
return Failure((Status::raw(580), ())); return Failure((Status::raw(580), ()));
} }
}; };
let json_body = serde_json::from_slice::<CanonicalJsonValue>(&body); let key = match x_matrix.get(&Some("key")) {
Some(Some(k)) => *k,
_ => {
warn!("Invalid X-Matrix header key field: {:?}", x_matrix);
let mut request_map = BTreeMap::<String, CanonicalJsonValue>::new(); // Forbidden
return Failure((Status::raw(580), ()));
}
};
if let Ok(json_body) = json_body { let sig = match x_matrix.get(&Some("sig")) {
request_map.insert("content".to_owned(), json_body); Some(Some(s)) => *s,
}; _ => {
warn!("Invalid X-Matrix header sig field: {:?}", x_matrix);
request_map.insert( // Forbidden
"method".to_owned(), return Failure((Status::raw(580), ()));
CanonicalJsonValue::String(request.method().to_string()), }
); };
request_map.insert(
"uri".to_owned(), let json_body = serde_json::from_slice::<CanonicalJsonValue>(&body);
CanonicalJsonValue::String(request.uri().to_string()),
); let mut request_map = BTreeMap::<String, CanonicalJsonValue>::new();
request_map.insert(
"origin".to_owned(), if let Ok(json_body) = json_body {
CanonicalJsonValue::String(origin.as_str().to_owned()), request_map.insert("content".to_owned(), json_body);
); };
request_map.insert(
"destination".to_owned(), request_map.insert(
CanonicalJsonValue::String( "method".to_owned(),
db.globals.server_name().as_str().to_owned(), CanonicalJsonValue::String(request.method().to_string()),
), );
); request_map.insert(
"uri".to_owned(),
let mut origin_signatures = BTreeMap::new(); CanonicalJsonValue::String(request.uri().to_string()),
origin_signatures );
.insert(key.to_owned(), CanonicalJsonValue::String(sig.to_owned()));
println!("{}: {:?}", origin, request.uri().to_string());
let mut signatures = BTreeMap::new();
signatures.insert( request_map.insert(
origin.as_str().to_owned(), "origin".to_owned(),
CanonicalJsonValue::Object(origin_signatures), CanonicalJsonValue::String(origin.as_str().to_owned()),
); );
request_map.insert(
request_map.insert( "destination".to_owned(),
"signatures".to_owned(), CanonicalJsonValue::String(db.globals.server_name().as_str().to_owned()),
CanonicalJsonValue::Object(signatures), );
);
let mut origin_signatures = BTreeMap::new();
let keys = match server_server::fetch_signing_keys( origin_signatures
&db, .insert(key.to_owned(), CanonicalJsonValue::String(sig.to_owned()));
&origin,
vec![&key.to_owned()], let mut signatures = BTreeMap::new();
) signatures.insert(
.await origin.as_str().to_owned(),
{ CanonicalJsonValue::Object(origin_signatures),
Ok(b) => b, );
Err(e) => {
warn!("Failed to fetch signing keys: {}", e); request_map.insert(
"signatures".to_owned(),
CanonicalJsonValue::Object(signatures),
);
let keys = match server_server::fetch_signing_keys(
&db,
&origin,
vec![&key.to_owned()],
)
.await
{
Ok(b) => b,
Err(e) => {
warn!("Failed to fetch signing keys: {}", e);
// Forbidden // Forbidden
return Failure((Status::raw(580), ())); return Failure((Status::raw(580), ()));
} }
}; };
let mut pub_key_map = BTreeMap::new(); let mut pub_key_map = BTreeMap::new();
pub_key_map.insert(origin.as_str().to_owned(), keys); pub_key_map.insert(origin.as_str().to_owned(), keys);
match ruma::signatures::verify_json(&pub_key_map, &request_map) { match ruma::signatures::verify_json(&pub_key_map, &request_map) {
Ok(()) => (None, None, false), Ok(()) => (None, None, false),
Err(e) => { Err(e) => {
warn!( warn!("Failed to verify json request from {}: {}", origin, e,);
"Failed to verify json request: {}: {:?} {:?}",
e, pub_key_map, request_map
);
// Forbidden // Forbidden
return Failure((Status::raw(580), ())); return Failure((Status::raw(580), ()));
}
} }
} }
AuthScheme::None => (None, None, false),
} }
}; AuthScheme::None => (None, None, false),
let mut http_request = http::Request::builder()
.uri(request.uri().to_string())
.method(&*request.method().to_string());
for header in request.headers().iter() {
http_request = http_request.header(header.name.as_str(), &*header.value);
} }
};
let http_request = http_request.body(&*body).unwrap(); let mut http_request = http::Request::builder()
debug!("{:?}", http_request); .uri(request.uri().to_string())
match <T::Incoming as IncomingRequest>::try_from_http_request(http_request) { .method(&*request.method().to_string());
Ok(t) => Success(Ruma { for header in request.headers().iter() {
body: t, http_request = http_request.header(header.name.as_str(), &*header.value);
sender_user, }
sender_device,
// TODO: Can we avoid parsing it again? (We only need this for append_pdu) let http_request = http_request.body(&*body).unwrap();
json_body: utils::string_from_bytes(&body) debug!("{:?}", http_request);
.ok() match <T::Incoming as IncomingRequest>::try_from_http_request(http_request) {
.and_then(|s| serde_json::value::RawValue::from_string(s).ok()), Ok(t) => Success(Ruma {
from_appservice, body: t,
}), sender_user,
Err(e) => { sender_device,
warn!("{:?}", e); // TODO: Can we avoid parsing it again? (We only need this for append_pdu)
Failure((Status::raw(583), ())) json_body: utils::string_from_bytes(&body)
} .ok()
.and_then(|s| serde_json::value::RawValue::from_string(s).ok()),
from_appservice,
}),
Err(e) => {
warn!("{:?}", e);
Failure((Status::raw(583), ()))
} }
}) }
} }
} }

Write Preview
Loading…
Cancel
Save