From dc5fb7e33a2bb820071df2e7f443d205690ff427 Mon Sep 17 00:00:00 2001 From: timokoesters Date: Sun, 26 Jul 2020 20:41:10 +0200 Subject: [PATCH 1/2] feat: encryption_disabled config option Can be used with ROCKET_ENCRYPTION_DISABLED=true --- Rocket-example.toml | 2 ++ src/client_server.rs | 5 +++++ src/database/globals.rs | 6 ++++++ src/database/rooms.rs | 5 +++++ 4 files changed, 18 insertions(+) diff --git a/Rocket-example.toml b/Rocket-example.toml index 30a3c3a0..677b8e10 100644 --- a/Rocket-example.toml +++ b/Rocket-example.toml @@ -1,6 +1,7 @@ [global] server_name = "your.server.name" #registration_disabled = true +#encryption_disabled = true # Default path is in this user's data #database_path = "/home/timo/MyConduitServer" @@ -8,6 +9,7 @@ server_name = "your.server.name" port = 14004 address = "0.0.0.0" +# Not necessary when using a reverse proxy #[global.tls] #certs = "/etc/letsencrypt/live/your.server.name/fullchain.pem" #key = "/etc/letsencrypt/live/your.server.name/privkey.pem" diff --git a/src/client_server.rs b/src/client_server.rs index c8f264c7..e6a2c23e 100644 --- a/src/client_server.rs +++ b/src/client_server.rs @@ -1341,6 +1341,11 @@ pub fn create_room_route( content, } in &body.initial_state { + // Silently skip encryption events if they are not allowed + if event_type == &EventType::RoomEncryption && db.globals.encryption_disabled() { + continue + } + db.rooms.append_pdu( room_id.clone(), user_id.clone(), diff --git a/src/database/globals.rs b/src/database/globals.rs index 45786054..3a257a54 100644 --- a/src/database/globals.rs +++ b/src/database/globals.rs @@ -10,6 +10,7 @@ pub struct Globals { reqwest_client: reqwest::Client, server_name: Box, registration_disabled: bool, + encryption_disabled: bool, } impl Globals { @@ -33,6 +34,7 @@ impl Globals { .try_into() .map_err(|_| Error::BadConfig("Invalid server name found."))?, registration_disabled: config.get_bool("registration_disabled").unwrap_or(false), + encryption_disabled: config.get_bool("encryption_disabled").unwrap_or(false), }) } @@ -70,4 +72,8 @@ impl Globals { pub fn registration_disabled(&self) -> bool { self.registration_disabled } + + pub fn encryption_disabled(&self) -> bool { + self.encryption_disabled + } } diff --git a/src/database/rooms.rs b/src/database/rooms.rs index 3ef4f3f1..298212d4 100644 --- a/src/database/rooms.rs +++ b/src/database/rooms.rs @@ -319,7 +319,12 @@ impl Rooms { Some, ); + // Is the event allowed? if !match event_type { + EventType::RoomEncryption => { + // Don't allow encryption events when it's disabled + !globals.encryption_disabled() + } EventType::RoomMember => { let target_user_id = UserId::try_from(&**state_key).map_err(|_| { Error::BadRequest( From 808a7deae3939ead9c1556957d7ba8ae4d24285a Mon Sep 17 00:00:00 2001 From: timokoesters Date: Sun, 26 Jul 2020 22:45:10 +0200 Subject: [PATCH 2/2] cargo fmt --- src/client_server.rs | 2 +- src/push_rules.rs | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/client_server.rs b/src/client_server.rs index e6a2c23e..a3f47608 100644 --- a/src/client_server.rs +++ b/src/client_server.rs @@ -1343,7 +1343,7 @@ pub fn create_room_route( { // Silently skip encryption events if they are not allowed if event_type == &EventType::RoomEncryption && db.globals.encryption_disabled() { - continue + continue; } db.rooms.append_pdu( diff --git a/src/push_rules.rs b/src/push_rules.rs index a1f32f4d..43afbca0 100644 --- a/src/push_rules.rs +++ b/src/push_rules.rs @@ -1,10 +1,10 @@ use js_int::uint; use ruma::{ - UserId, push::{ Action, ConditionalPushRule, ConditionalPushRuleInit, PatternedPushRule, PatternedPushRuleInit, PushCondition, RoomMemberCountIs, Ruleset, Tweak, }, + UserId, }; pub fn default_pushrules(user_id: &UserId) -> Ruleset {