2021-05-20 21:46:52 +00:00
|
|
|
use crate::{
|
2021-05-28 11:44:40 +00:00
|
|
|
client_server::{self, claim_keys_helper, get_keys_helper},
|
2021-08-24 17:10:31 +00:00
|
|
|
database::{rooms::CompressedStateEvent, DatabaseGuard},
|
2021-05-20 21:46:52 +00:00
|
|
|
utils, ConduitResult, Database, Error, PduEvent, Result, Ruma,
|
|
|
|
};
|
2020-10-05 20:19:22 +00:00
|
|
|
use get_profile_information::v1::ProfileField;
|
2021-08-26 21:11:13 +00:00
|
|
|
use http::header::{HeaderValue, AUTHORIZATION};
|
2021-03-04 10:29:13 +00:00
|
|
|
use regex::Regex;
|
2021-09-01 13:21:02 +00:00
|
|
|
use rocket::{
|
|
|
|
futures::{prelude::*, stream::FuturesUnordered},
|
|
|
|
response::content::Json,
|
|
|
|
};
|
2020-09-12 20:41:33 +00:00
|
|
|
use ruma::{
|
|
|
|
api::{
|
2021-06-17 18:12:36 +00:00
|
|
|
client::error::{Error as RumaError, ErrorKind},
|
2020-09-12 20:41:33 +00:00
|
|
|
federation::{
|
2021-06-14 09:36:18 +00:00
|
|
|
authorization::get_event_authorization,
|
2021-04-21 08:51:34 +00:00
|
|
|
device::get_devices::{self, v1::UserDevice},
|
2020-09-25 10:26:29 +00:00
|
|
|
directory::{get_public_rooms, get_public_rooms_filtered},
|
2020-09-12 20:41:33 +00:00
|
|
|
discovery::{
|
2021-08-25 14:02:01 +00:00
|
|
|
get_remote_server_keys, get_remote_server_keys_batch,
|
|
|
|
get_remote_server_keys_batch::v2::QueryCriteria, get_server_keys,
|
|
|
|
get_server_version, ServerSigningKeys, VerifyKey,
|
2020-09-12 20:41:33 +00:00
|
|
|
},
|
2021-06-14 08:52:27 +00:00
|
|
|
event::{get_event, get_missing_events, get_room_state, get_room_state_ids},
|
2021-05-28 11:44:40 +00:00
|
|
|
keys::{claim_keys, get_keys},
|
2021-04-16 16:18:29 +00:00
|
|
|
membership::{
|
|
|
|
create_invite,
|
|
|
|
create_join_event::{self, RoomState},
|
|
|
|
create_join_event_template,
|
|
|
|
},
|
|
|
|
query::{get_profile_information, get_room_information},
|
2021-05-28 11:44:40 +00:00
|
|
|
transactions::{
|
2021-08-24 17:10:31 +00:00
|
|
|
edu::{DeviceListUpdateContent, DirectDeviceContent, Edu},
|
2021-05-28 11:44:40 +00:00
|
|
|
send_transaction_message,
|
|
|
|
},
|
2020-08-06 12:29:59 +00:00
|
|
|
},
|
2021-05-23 14:45:32 +00:00
|
|
|
EndpointError, IncomingResponse, OutgoingRequest, OutgoingResponse, SendAccessToken,
|
2020-08-14 09:29:32 +00:00
|
|
|
},
|
2020-09-14 09:42:16 +00:00
|
|
|
directory::{IncomingFilter, IncomingRoomNetwork},
|
2021-04-11 19:01:27 +00:00
|
|
|
events::{
|
2021-08-25 14:02:01 +00:00
|
|
|
pdu::Pdu,
|
2021-05-12 18:04:28 +00:00
|
|
|
receipt::{ReceiptEvent, ReceiptEventContent},
|
2021-04-16 16:18:29 +00:00
|
|
|
room::{
|
|
|
|
create::CreateEventContent,
|
|
|
|
member::{MemberEventContent, MembershipState},
|
|
|
|
},
|
2021-05-20 21:46:52 +00:00
|
|
|
AnyEphemeralRoomEvent, EventType,
|
2021-04-11 19:01:27 +00:00
|
|
|
},
|
2021-05-20 21:46:52 +00:00
|
|
|
receipt::ReceiptType,
|
2021-04-26 16:20:20 +00:00
|
|
|
serde::Raw,
|
2021-04-16 16:18:29 +00:00
|
|
|
signatures::{CanonicalJsonObject, CanonicalJsonValue},
|
2021-07-13 08:22:04 +00:00
|
|
|
state_res::{self, RoomVersion, StateMap},
|
2021-06-17 18:12:36 +00:00
|
|
|
to_device::DeviceIdOrAllDevices,
|
2021-05-20 21:46:52 +00:00
|
|
|
uint, EventId, MilliSecondsSinceUnixEpoch, RoomId, RoomVersionId, ServerName,
|
2021-08-29 18:00:02 +00:00
|
|
|
ServerSigningKeyId,
|
2020-05-26 08:27:51 +00:00
|
|
|
};
|
2020-04-22 18:55:11 +00:00
|
|
|
use std::{
|
2021-08-26 12:18:19 +00:00
|
|
|
collections::{btree_map, hash_map, BTreeMap, BTreeSet, HashMap, HashSet},
|
2021-04-16 16:18:29 +00:00
|
|
|
convert::{TryFrom, TryInto},
|
2020-08-14 09:31:31 +00:00
|
|
|
fmt::Debug,
|
2021-01-15 02:32:22 +00:00
|
|
|
future::Future,
|
2021-04-29 18:58:05 +00:00
|
|
|
mem,
|
2020-12-08 11:34:46 +00:00
|
|
|
net::{IpAddr, SocketAddr},
|
2021-01-15 02:32:22 +00:00
|
|
|
pin::Pin,
|
|
|
|
result::Result as StdResult,
|
2021-09-01 13:21:02 +00:00
|
|
|
sync::{Arc, RwLock, RwLockWriteGuard},
|
2021-05-20 21:46:52 +00:00
|
|
|
time::{Duration, Instant, SystemTime},
|
2020-04-22 18:55:11 +00:00
|
|
|
};
|
2021-07-29 06:36:01 +00:00
|
|
|
use tokio::sync::{MutexGuard, Semaphore};
|
|
|
|
use tracing::{debug, error, info, trace, warn};
|
2020-04-19 12:14:47 +00:00
|
|
|
|
2021-03-18 17:33:43 +00:00
|
|
|
#[cfg(feature = "conduit_bin")]
|
|
|
|
use rocket::{get, post, put};
|
|
|
|
|
2021-04-21 03:35:44 +00:00
|
|
|
/// Wraps either an literal IP address plus port, or a hostname plus complement
|
|
|
|
/// (colon-plus-port if it was specified).
|
|
|
|
///
|
|
|
|
/// Note: A `FedDest::Named` might contain an IP address in string form if there
|
|
|
|
/// was no port specified to construct a SocketAddr with.
|
|
|
|
///
|
|
|
|
/// # Examples:
|
|
|
|
/// ```rust,ignore
|
|
|
|
/// FedDest::Literal("198.51.100.3:8448".parse()?);
|
|
|
|
/// FedDest::Literal("[2001:db8::4:5]:443".parse()?);
|
|
|
|
/// FedDest::Named("matrix.example.org".to_owned(), "".to_owned());
|
|
|
|
/// FedDest::Named("matrix.example.org".to_owned(), ":8448".to_owned());
|
|
|
|
/// FedDest::Named("198.51.100.5".to_owned(), "".to_owned());
|
|
|
|
/// ```
|
2021-04-16 03:27:26 +00:00
|
|
|
#[derive(Clone, Debug, PartialEq)]
|
2021-08-26 21:11:13 +00:00
|
|
|
pub enum FedDest {
|
2021-04-16 03:27:26 +00:00
|
|
|
Literal(SocketAddr),
|
|
|
|
Named(String, String),
|
|
|
|
}
|
|
|
|
|
2021-04-16 15:18:22 +00:00
|
|
|
impl FedDest {
|
2021-04-21 03:35:44 +00:00
|
|
|
fn into_https_string(self) -> String {
|
2021-04-16 03:27:26 +00:00
|
|
|
match self {
|
|
|
|
Self::Literal(addr) => format!("https://{}", addr),
|
|
|
|
Self::Named(host, port) => format!("https://{}{}", host, port),
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2021-04-21 03:35:44 +00:00
|
|
|
fn into_uri_string(self) -> String {
|
2021-04-16 03:27:26 +00:00
|
|
|
match self {
|
|
|
|
Self::Literal(addr) => addr.to_string(),
|
|
|
|
Self::Named(host, ref port) => host + port,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2021-04-21 03:35:44 +00:00
|
|
|
fn hostname(&self) -> String {
|
2021-04-16 03:27:26 +00:00
|
|
|
match &self {
|
|
|
|
Self::Literal(addr) => addr.ip().to_string(),
|
2021-04-16 15:18:22 +00:00
|
|
|
Self::Named(host, _) => host.clone(),
|
2021-04-16 03:27:26 +00:00
|
|
|
}
|
|
|
|
}
|
2021-08-26 21:11:13 +00:00
|
|
|
|
|
|
|
fn port(&self) -> Option<u16> {
|
|
|
|
match &self {
|
|
|
|
Self::Literal(addr) => Some(addr.port()),
|
|
|
|
Self::Named(_, port) => port[1..].parse().ok(),
|
|
|
|
}
|
|
|
|
}
|
2021-04-16 03:27:26 +00:00
|
|
|
}
|
|
|
|
|
2021-08-19 09:01:18 +00:00
|
|
|
#[tracing::instrument(skip(globals, request))]
|
2021-08-31 17:14:37 +00:00
|
|
|
pub(crate) async fn send_request<T: OutgoingRequest>(
|
2020-09-14 18:23:19 +00:00
|
|
|
globals: &crate::database::globals::Globals,
|
2021-01-14 19:39:56 +00:00
|
|
|
destination: &ServerName,
|
2020-04-19 12:14:47 +00:00
|
|
|
request: T,
|
2020-08-14 09:31:31 +00:00
|
|
|
) -> Result<T::IncomingResponse>
|
|
|
|
where
|
|
|
|
T: Debug,
|
|
|
|
{
|
2021-01-01 12:47:53 +00:00
|
|
|
if !globals.allow_federation() {
|
2020-11-14 22:13:06 +00:00
|
|
|
return Err(Error::bad_config("Federation is disabled."));
|
2020-10-06 19:04:51 +00:00
|
|
|
}
|
|
|
|
|
2021-08-26 21:11:13 +00:00
|
|
|
let mut write_destination_to_cache = false;
|
|
|
|
|
|
|
|
let cached_result = globals
|
2020-12-06 10:05:51 +00:00
|
|
|
.actual_destination_cache
|
|
|
|
.read()
|
|
|
|
.unwrap()
|
2021-01-14 19:39:56 +00:00
|
|
|
.get(destination)
|
2020-12-06 10:05:51 +00:00
|
|
|
.cloned();
|
2020-09-23 10:03:08 +00:00
|
|
|
|
2021-08-26 21:11:13 +00:00
|
|
|
let (actual_destination, host) = if let Some(result) = cached_result {
|
2020-12-06 10:05:51 +00:00
|
|
|
result
|
|
|
|
} else {
|
2021-08-26 21:11:13 +00:00
|
|
|
write_destination_to_cache = true;
|
|
|
|
|
2020-12-06 10:05:51 +00:00
|
|
|
let result = find_actual_destination(globals, &destination).await;
|
2021-08-26 21:11:13 +00:00
|
|
|
|
2021-08-31 19:20:03 +00:00
|
|
|
(result.0, result.1.into_uri_string())
|
2020-12-06 10:05:51 +00:00
|
|
|
};
|
2020-08-14 09:31:31 +00:00
|
|
|
|
2021-08-26 21:11:13 +00:00
|
|
|
let actual_destination_str = actual_destination.clone().into_https_string();
|
|
|
|
|
2020-08-14 09:31:31 +00:00
|
|
|
let mut http_request = request
|
2021-08-26 21:11:13 +00:00
|
|
|
.try_into_http_request::<Vec<u8>>(&actual_destination_str, SendAccessToken::IfRequired(""))
|
2020-09-15 06:55:02 +00:00
|
|
|
.map_err(|e| {
|
2021-08-26 21:11:13 +00:00
|
|
|
warn!(
|
|
|
|
"Failed to find destination {}: {}",
|
|
|
|
actual_destination_str, e
|
|
|
|
);
|
2020-09-15 06:55:02 +00:00
|
|
|
Error::BadServerResponse("Invalid destination")
|
|
|
|
})?;
|
2020-04-22 09:53:06 +00:00
|
|
|
|
2020-04-22 19:14:40 +00:00
|
|
|
let mut request_map = serde_json::Map::new();
|
2020-04-19 12:14:47 +00:00
|
|
|
|
2020-04-22 19:14:40 +00:00
|
|
|
if !http_request.body().is_empty() {
|
2020-04-25 09:47:32 +00:00
|
|
|
request_map.insert(
|
|
|
|
"content".to_owned(),
|
2020-09-15 06:55:02 +00:00
|
|
|
serde_json::from_slice(http_request.body())
|
|
|
|
.expect("body is valid json, we just created it"),
|
2020-04-25 09:47:32 +00:00
|
|
|
);
|
2020-04-22 19:14:40 +00:00
|
|
|
};
|
2020-04-19 12:14:47 +00:00
|
|
|
|
2020-04-22 09:53:06 +00:00
|
|
|
request_map.insert("method".to_owned(), T::METADATA.method.to_string().into());
|
2020-08-14 09:31:31 +00:00
|
|
|
request_map.insert(
|
|
|
|
"uri".to_owned(),
|
|
|
|
http_request
|
|
|
|
.uri()
|
|
|
|
.path_and_query()
|
|
|
|
.expect("all requests have a path")
|
|
|
|
.to_string()
|
|
|
|
.into(),
|
|
|
|
);
|
2020-09-15 06:16:20 +00:00
|
|
|
request_map.insert("origin".to_owned(), globals.server_name().as_str().into());
|
2020-09-14 09:00:31 +00:00
|
|
|
request_map.insert("destination".to_owned(), destination.as_str().into());
|
2020-04-22 19:14:40 +00:00
|
|
|
|
2020-10-27 23:10:09 +00:00
|
|
|
let mut request_json =
|
|
|
|
serde_json::from_value(request_map.into()).expect("valid JSON is valid BTreeMap");
|
|
|
|
|
2020-06-05 16:19:26 +00:00
|
|
|
ruma::signatures::sign_json(
|
2020-09-14 18:23:19 +00:00
|
|
|
globals.server_name().as_str(),
|
|
|
|
globals.keypair(),
|
2020-12-31 20:07:05 +00:00
|
|
|
&mut request_json,
|
2020-05-09 19:47:09 +00:00
|
|
|
)
|
2020-09-15 06:55:02 +00:00
|
|
|
.expect("our request json is what ruma expects");
|
2020-04-19 12:14:47 +00:00
|
|
|
|
2020-10-27 23:10:09 +00:00
|
|
|
let request_json: serde_json::Map<String, serde_json::Value> =
|
|
|
|
serde_json::from_slice(&serde_json::to_vec(&request_json).unwrap()).unwrap();
|
|
|
|
|
2020-04-22 09:53:06 +00:00
|
|
|
let signatures = request_json["signatures"]
|
|
|
|
.as_object()
|
|
|
|
.unwrap()
|
|
|
|
.values()
|
2020-08-14 09:31:31 +00:00
|
|
|
.map(|v| {
|
|
|
|
v.as_object()
|
|
|
|
.unwrap()
|
|
|
|
.iter()
|
|
|
|
.map(|(k, v)| (k, v.as_str().unwrap()))
|
|
|
|
});
|
|
|
|
|
|
|
|
for signature_server in signatures {
|
|
|
|
for s in signature_server {
|
|
|
|
http_request.headers_mut().insert(
|
|
|
|
AUTHORIZATION,
|
|
|
|
HeaderValue::from_str(&format!(
|
|
|
|
"X-Matrix origin={},key=\"{}\",sig=\"{}\"",
|
2020-09-14 18:23:19 +00:00
|
|
|
globals.server_name(),
|
2020-08-14 09:31:31 +00:00
|
|
|
s.0,
|
|
|
|
s.1
|
|
|
|
))
|
|
|
|
.unwrap(),
|
|
|
|
);
|
|
|
|
}
|
2020-04-22 09:53:06 +00:00
|
|
|
}
|
|
|
|
|
2021-08-04 20:55:03 +00:00
|
|
|
let reqwest_request = reqwest::Request::try_from(http_request)
|
2020-08-14 09:31:31 +00:00
|
|
|
.expect("all http requests are valid reqwest requests");
|
|
|
|
|
2020-09-23 13:23:29 +00:00
|
|
|
let url = reqwest_request.url().clone();
|
2021-08-26 21:11:13 +00:00
|
|
|
|
|
|
|
let mut client = globals.reqwest_client()?;
|
|
|
|
if let Some((override_name, port)) = globals
|
|
|
|
.tls_name_override
|
|
|
|
.read()
|
|
|
|
.unwrap()
|
|
|
|
.get(&actual_destination.hostname())
|
|
|
|
{
|
|
|
|
client = client.resolve(
|
|
|
|
&actual_destination.hostname(),
|
|
|
|
SocketAddr::new(override_name[0], *port),
|
|
|
|
);
|
|
|
|
// port will be ignored
|
|
|
|
}
|
|
|
|
|
|
|
|
let response = client.build()?.execute(reqwest_request).await;
|
2020-04-22 09:53:06 +00:00
|
|
|
|
2021-04-29 18:58:05 +00:00
|
|
|
match response {
|
|
|
|
Ok(mut response) => {
|
|
|
|
// reqwest::Response -> http::Response conversion
|
|
|
|
let status = response.status();
|
|
|
|
let mut http_response_builder = http::Response::builder()
|
|
|
|
.status(status)
|
|
|
|
.version(response.version());
|
|
|
|
mem::swap(
|
|
|
|
response.headers_mut(),
|
|
|
|
http_response_builder
|
|
|
|
.headers_mut()
|
|
|
|
.expect("http::response::Builder is usable"),
|
|
|
|
);
|
2020-12-05 20:03:43 +00:00
|
|
|
|
2021-04-29 18:58:05 +00:00
|
|
|
let body = response.bytes().await.unwrap_or_else(|e| {
|
2021-04-13 13:00:45 +00:00
|
|
|
warn!("server error {}", e);
|
|
|
|
Vec::new().into()
|
|
|
|
}); // TODO: handle timeout
|
2020-12-05 20:03:43 +00:00
|
|
|
|
|
|
|
if status != 200 {
|
2021-08-21 12:22:21 +00:00
|
|
|
warn!(
|
2021-03-26 10:10:45 +00:00
|
|
|
"{} {}: {}",
|
|
|
|
url,
|
|
|
|
status,
|
2021-03-26 12:41:05 +00:00
|
|
|
String::from_utf8_lossy(&body)
|
|
|
|
.lines()
|
|
|
|
.collect::<Vec<_>>()
|
|
|
|
.join(" ")
|
2021-03-26 10:10:45 +00:00
|
|
|
);
|
2020-12-05 20:03:43 +00:00
|
|
|
}
|
2020-09-12 19:30:07 +00:00
|
|
|
|
2021-05-23 14:45:32 +00:00
|
|
|
let http_response = http_response_builder
|
|
|
|
.body(body)
|
|
|
|
.expect("reqwest body is valid http body");
|
|
|
|
|
|
|
|
if status == 200 {
|
|
|
|
let response = T::IncomingResponse::try_from_http_response(http_response);
|
2021-08-26 21:11:13 +00:00
|
|
|
if response.is_ok() && write_destination_to_cache {
|
|
|
|
globals.actual_destination_cache.write().unwrap().insert(
|
|
|
|
Box::<ServerName>::from(destination),
|
|
|
|
(actual_destination, host),
|
|
|
|
);
|
|
|
|
}
|
|
|
|
|
2021-08-04 20:55:03 +00:00
|
|
|
response.map_err(|e| {
|
2021-08-17 14:06:09 +00:00
|
|
|
warn!(
|
|
|
|
"Invalid 200 response from {} on: {} {}",
|
|
|
|
&destination, url, e
|
|
|
|
);
|
2021-08-04 20:55:03 +00:00
|
|
|
Error::BadServerResponse("Server returned bad 200 response.")
|
|
|
|
})
|
2021-05-23 14:45:32 +00:00
|
|
|
} else {
|
|
|
|
Err(Error::FederationError(
|
|
|
|
destination.to_owned(),
|
2021-08-09 17:15:14 +00:00
|
|
|
RumaError::try_from_http_response(http_response).map_err(|e| {
|
2021-08-17 14:06:09 +00:00
|
|
|
warn!(
|
|
|
|
"Invalid {} response from {} on: {} {}",
|
|
|
|
status, &destination, url, e
|
|
|
|
);
|
2021-05-23 14:45:32 +00:00
|
|
|
Error::BadServerResponse("Server returned bad error response.")
|
|
|
|
})?,
|
|
|
|
))
|
|
|
|
}
|
2020-04-22 09:53:06 +00:00
|
|
|
}
|
2020-08-14 09:31:31 +00:00
|
|
|
Err(e) => Err(e.into()),
|
2020-04-22 09:53:06 +00:00
|
|
|
}
|
2020-04-19 12:14:47 +00:00
|
|
|
}
|
2020-04-22 18:55:11 +00:00
|
|
|
|
2021-02-28 11:41:03 +00:00
|
|
|
#[tracing::instrument]
|
2021-04-16 15:18:22 +00:00
|
|
|
fn get_ip_with_port(destination_str: &str) -> Option<FedDest> {
|
2021-04-16 03:27:26 +00:00
|
|
|
if let Ok(destination) = destination_str.parse::<SocketAddr>() {
|
2021-04-16 15:18:22 +00:00
|
|
|
Some(FedDest::Literal(destination))
|
2020-12-08 11:34:46 +00:00
|
|
|
} else if let Ok(ip_addr) = destination_str.parse::<IpAddr>() {
|
2021-04-16 15:18:22 +00:00
|
|
|
Some(FedDest::Literal(SocketAddr::new(ip_addr, 8448)))
|
2020-12-08 11:34:46 +00:00
|
|
|
} else {
|
|
|
|
None
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2021-02-28 11:41:03 +00:00
|
|
|
#[tracing::instrument]
|
2021-04-16 15:18:22 +00:00
|
|
|
fn add_port_to_hostname(destination_str: &str) -> FedDest {
|
2021-04-16 03:27:26 +00:00
|
|
|
let (host, port) = match destination_str.find(':') {
|
|
|
|
None => (destination_str, ":8448"),
|
|
|
|
Some(pos) => destination_str.split_at(pos),
|
|
|
|
};
|
2021-04-16 15:18:22 +00:00
|
|
|
FedDest::Named(host.to_string(), port.to_string())
|
2020-12-08 11:34:46 +00:00
|
|
|
}
|
|
|
|
|
2020-12-06 10:05:51 +00:00
|
|
|
/// Returns: actual_destination, host header
|
2020-12-08 11:34:46 +00:00
|
|
|
/// Implemented according to the specification at https://matrix.org/docs/spec/server_server/r0.1.4#resolving-server-names
|
|
|
|
/// Numbers in comments below refer to bullet points in linked section of specification
|
2021-02-28 11:41:03 +00:00
|
|
|
#[tracing::instrument(skip(globals))]
|
2020-12-06 10:05:51 +00:00
|
|
|
async fn find_actual_destination(
|
|
|
|
globals: &crate::database::globals::Globals,
|
2021-03-04 12:35:12 +00:00
|
|
|
destination: &'_ ServerName,
|
2021-04-16 15:18:22 +00:00
|
|
|
) -> (FedDest, FedDest) {
|
2020-12-08 11:34:46 +00:00
|
|
|
let destination_str = destination.as_str().to_owned();
|
2021-04-16 03:27:26 +00:00
|
|
|
let mut hostname = destination_str.clone();
|
|
|
|
let actual_destination = match get_ip_with_port(&destination_str) {
|
2021-04-16 15:18:22 +00:00
|
|
|
Some(host_port) => {
|
|
|
|
// 1: IP literal with provided or default port
|
|
|
|
host_port
|
|
|
|
}
|
|
|
|
None => {
|
|
|
|
if let Some(pos) = destination_str.find(':') {
|
|
|
|
// 2: Hostname with included port
|
|
|
|
let (host, port) = destination_str.split_at(pos);
|
|
|
|
FedDest::Named(host.to_string(), port.to_string())
|
|
|
|
} else {
|
|
|
|
match request_well_known(globals, &destination.as_str()).await {
|
|
|
|
// 3: A .well-known file is available
|
|
|
|
Some(delegated_hostname) => {
|
2021-08-26 21:11:13 +00:00
|
|
|
hostname = add_port_to_hostname(&delegated_hostname).into_uri_string();
|
2021-04-16 15:18:22 +00:00
|
|
|
match get_ip_with_port(&delegated_hostname) {
|
|
|
|
Some(host_and_port) => host_and_port, // 3.1: IP literal in .well-known file
|
|
|
|
None => {
|
2021-08-26 17:00:08 +00:00
|
|
|
if let Some(pos) = delegated_hostname.find(':') {
|
2021-04-16 15:18:22 +00:00
|
|
|
// 3.2: Hostname with port in .well-known file
|
2021-08-26 17:00:08 +00:00
|
|
|
let (host, port) = delegated_hostname.split_at(pos);
|
2021-04-16 15:18:22 +00:00
|
|
|
FedDest::Named(host.to_string(), port.to_string())
|
|
|
|
} else {
|
2021-08-26 21:11:13 +00:00
|
|
|
// Delegated hostname has no port in this branch
|
|
|
|
if let Some(hostname_override) =
|
|
|
|
query_srv_record(globals, &delegated_hostname).await
|
|
|
|
{
|
2021-04-16 15:18:22 +00:00
|
|
|
// 3.3: SRV lookup successful
|
2021-08-26 21:11:13 +00:00
|
|
|
let force_port = hostname_override.port();
|
|
|
|
|
|
|
|
if let Ok(override_ip) = globals
|
|
|
|
.dns_resolver()
|
|
|
|
.lookup_ip(hostname_override.hostname())
|
|
|
|
.await
|
|
|
|
{
|
|
|
|
globals.tls_name_override.write().unwrap().insert(
|
|
|
|
delegated_hostname.clone(),
|
|
|
|
(
|
|
|
|
override_ip.iter().collect(),
|
|
|
|
force_port.unwrap_or(8448),
|
|
|
|
),
|
|
|
|
);
|
|
|
|
} else {
|
|
|
|
warn!("Using SRV record, but could not resolve to IP");
|
|
|
|
}
|
|
|
|
|
|
|
|
if let Some(port) = force_port {
|
|
|
|
FedDest::Named(
|
|
|
|
delegated_hostname,
|
|
|
|
format!(":{}", port.to_string()),
|
|
|
|
)
|
|
|
|
} else {
|
|
|
|
add_port_to_hostname(&delegated_hostname)
|
|
|
|
}
|
|
|
|
} else {
|
2021-04-16 15:18:22 +00:00
|
|
|
// 3.4: No SRV records, just use the hostname from .well-known
|
2021-08-26 21:11:13 +00:00
|
|
|
add_port_to_hostname(&delegated_hostname)
|
2020-12-08 11:34:46 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
2021-04-16 15:18:22 +00:00
|
|
|
}
|
|
|
|
// 4: No .well-known or an error occured
|
|
|
|
None => {
|
|
|
|
match query_srv_record(globals, &destination_str).await {
|
|
|
|
// 4: SRV record found
|
2021-08-26 21:11:13 +00:00
|
|
|
Some(hostname_override) => {
|
|
|
|
let force_port = hostname_override.port();
|
|
|
|
|
|
|
|
if let Ok(override_ip) = globals
|
|
|
|
.dns_resolver()
|
|
|
|
.lookup_ip(hostname_override.hostname())
|
|
|
|
.await
|
|
|
|
{
|
|
|
|
globals.tls_name_override.write().unwrap().insert(
|
|
|
|
hostname.clone(),
|
|
|
|
(override_ip.iter().collect(), force_port.unwrap_or(8448)),
|
|
|
|
);
|
|
|
|
} else {
|
|
|
|
warn!("Using SRV record, but could not resolve to IP");
|
|
|
|
}
|
|
|
|
|
|
|
|
if let Some(port) = force_port {
|
|
|
|
FedDest::Named(
|
|
|
|
hostname.clone(),
|
|
|
|
format!(":{}", port.to_string()),
|
|
|
|
)
|
|
|
|
} else {
|
|
|
|
add_port_to_hostname(&hostname)
|
|
|
|
}
|
|
|
|
}
|
2021-04-16 15:18:22 +00:00
|
|
|
// 5: No SRV record found
|
|
|
|
None => add_port_to_hostname(&destination_str),
|
2020-12-08 11:34:46 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
2020-12-06 10:05:51 +00:00
|
|
|
}
|
2021-04-16 03:27:26 +00:00
|
|
|
}
|
2021-04-16 15:18:22 +00:00
|
|
|
};
|
2020-12-06 10:05:51 +00:00
|
|
|
|
2021-04-21 03:35:44 +00:00
|
|
|
// Can't use get_ip_with_port here because we don't want to add a port
|
|
|
|
// to an IP address if it wasn't specified
|
2021-04-16 15:18:22 +00:00
|
|
|
let hostname = if let Ok(addr) = hostname.parse::<SocketAddr>() {
|
|
|
|
FedDest::Literal(addr)
|
|
|
|
} else if let Ok(addr) = hostname.parse::<IpAddr>() {
|
2021-08-26 21:11:13 +00:00
|
|
|
FedDest::Named(addr.to_string(), ":8448".to_string())
|
2021-04-16 15:18:22 +00:00
|
|
|
} else if let Some(pos) = hostname.find(':') {
|
|
|
|
let (host, port) = hostname.split_at(pos);
|
|
|
|
FedDest::Named(host.to_string(), port.to_string())
|
|
|
|
} else {
|
2021-08-26 21:11:13 +00:00
|
|
|
FedDest::Named(hostname, ":8448".to_string())
|
2021-04-16 15:18:22 +00:00
|
|
|
};
|
2021-04-16 03:27:26 +00:00
|
|
|
(actual_destination, hostname)
|
2020-12-06 10:05:51 +00:00
|
|
|
}
|
|
|
|
|
2021-02-28 11:41:03 +00:00
|
|
|
#[tracing::instrument(skip(globals))]
|
2021-01-14 19:39:56 +00:00
|
|
|
async fn query_srv_record(
|
2020-12-08 11:34:46 +00:00
|
|
|
globals: &crate::database::globals::Globals,
|
2021-03-04 12:35:12 +00:00
|
|
|
hostname: &'_ str,
|
2021-04-16 15:18:22 +00:00
|
|
|
) -> Option<FedDest> {
|
2020-12-08 11:34:46 +00:00
|
|
|
if let Ok(Some(host_port)) = globals
|
|
|
|
.dns_resolver()
|
|
|
|
.srv_lookup(format!("_matrix._tcp.{}", hostname))
|
|
|
|
.await
|
|
|
|
.map(|srv| {
|
|
|
|
srv.iter().next().map(|result| {
|
2021-04-16 15:18:22 +00:00
|
|
|
FedDest::Named(
|
|
|
|
result
|
|
|
|
.target()
|
|
|
|
.to_string()
|
|
|
|
.trim_end_matches('.')
|
|
|
|
.to_string(),
|
|
|
|
format!(":{}", result.port()),
|
2020-12-08 11:34:46 +00:00
|
|
|
)
|
|
|
|
})
|
|
|
|
})
|
|
|
|
{
|
|
|
|
Some(host_port)
|
|
|
|
} else {
|
|
|
|
None
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2021-02-28 11:41:03 +00:00
|
|
|
#[tracing::instrument(skip(globals))]
|
2021-08-31 17:14:37 +00:00
|
|
|
async fn request_well_known(
|
2020-12-08 11:34:46 +00:00
|
|
|
globals: &crate::database::globals::Globals,
|
|
|
|
destination: &str,
|
|
|
|
) -> Option<String> {
|
|
|
|
let body: serde_json::Value = serde_json::from_str(
|
|
|
|
&globals
|
|
|
|
.reqwest_client()
|
2021-08-26 21:11:13 +00:00
|
|
|
.ok()?
|
|
|
|
.build()
|
|
|
|
.ok()?
|
2020-12-08 11:34:46 +00:00
|
|
|
.get(&format!(
|
|
|
|
"https://{}/.well-known/matrix/server",
|
|
|
|
destination
|
|
|
|
))
|
|
|
|
.send()
|
|
|
|
.await
|
|
|
|
.ok()?
|
|
|
|
.text()
|
|
|
|
.await
|
|
|
|
.ok()?,
|
|
|
|
)
|
|
|
|
.ok()?;
|
|
|
|
Some(body.get("m.server")?.as_str()?.to_owned())
|
|
|
|
}
|
|
|
|
|
2021-08-31 17:14:37 +00:00
|
|
|
/// # `GET /_matrix/federation/v1/version`
|
|
|
|
///
|
|
|
|
/// Get version information on this server.
|
2020-08-14 09:31:31 +00:00
|
|
|
#[cfg_attr(feature = "conduit_bin", get("/_matrix/federation/v1/version"))]
|
2021-02-28 11:41:03 +00:00
|
|
|
#[tracing::instrument(skip(db))]
|
2020-12-05 20:03:43 +00:00
|
|
|
pub fn get_server_version_route(
|
2021-07-14 07:07:08 +00:00
|
|
|
db: DatabaseGuard,
|
2021-04-11 19:01:27 +00:00
|
|
|
) -> ConduitResult<get_server_version::v1::Response> {
|
2021-01-01 12:47:53 +00:00
|
|
|
if !db.globals.allow_federation() {
|
2020-11-14 22:13:06 +00:00
|
|
|
return Err(Error::bad_config("Federation is disabled."));
|
2020-10-06 19:04:51 +00:00
|
|
|
}
|
|
|
|
|
2021-04-11 19:01:27 +00:00
|
|
|
Ok(get_server_version::v1::Response {
|
|
|
|
server: Some(get_server_version::v1::Server {
|
2020-04-22 18:55:11 +00:00
|
|
|
name: Some("Conduit".to_owned()),
|
|
|
|
version: Some(env!("CARGO_PKG_VERSION").to_owned()),
|
2020-04-28 18:03:14 +00:00
|
|
|
}),
|
2020-08-14 09:31:31 +00:00
|
|
|
}
|
|
|
|
.into())
|
2020-04-22 18:55:11 +00:00
|
|
|
}
|
|
|
|
|
2021-08-31 17:14:37 +00:00
|
|
|
/// # `GET /_matrix/key/v2/server`
|
|
|
|
///
|
|
|
|
/// Gets the public signing keys of this server.
|
|
|
|
///
|
|
|
|
/// - Matrix does not support invalidating public keys, so the key returned by this will be valid
|
|
|
|
/// forever.
|
2021-04-13 13:00:45 +00:00
|
|
|
// Response type for this endpoint is Json because we need to calculate a signature for the response
|
2020-08-14 09:31:31 +00:00
|
|
|
#[cfg_attr(feature = "conduit_bin", get("/_matrix/key/v2/server"))]
|
2021-02-28 11:41:03 +00:00
|
|
|
#[tracing::instrument(skip(db))]
|
2021-07-14 07:07:08 +00:00
|
|
|
pub fn get_server_keys_route(db: DatabaseGuard) -> Json<String> {
|
2021-01-01 12:47:53 +00:00
|
|
|
if !db.globals.allow_federation() {
|
2020-10-06 19:04:51 +00:00
|
|
|
// TODO: Use proper types
|
|
|
|
return Json("Federation is disabled.".to_owned());
|
|
|
|
}
|
|
|
|
|
2020-04-22 18:55:11 +00:00
|
|
|
let mut verify_keys = BTreeMap::new();
|
|
|
|
verify_keys.insert(
|
2020-12-04 23:16:17 +00:00
|
|
|
ServerSigningKeyId::try_from(
|
|
|
|
format!("ed25519:{}", db.globals.keypair().version()).as_str(),
|
|
|
|
)
|
|
|
|
.expect("found invalid server signing keys in DB"),
|
2020-08-14 09:31:31 +00:00
|
|
|
VerifyKey {
|
2020-05-03 15:25:31 +00:00
|
|
|
key: base64::encode_config(db.globals.keypair().public_key(), base64::STANDARD_NO_PAD),
|
2020-04-22 18:55:11 +00:00
|
|
|
},
|
|
|
|
);
|
|
|
|
let mut response = serde_json::from_slice(
|
2021-04-13 13:00:45 +00:00
|
|
|
get_server_keys::v2::Response {
|
2020-12-04 23:16:17 +00:00
|
|
|
server_key: ServerSigningKeys {
|
2020-08-14 09:31:31 +00:00
|
|
|
server_name: db.globals.server_name().to_owned(),
|
|
|
|
verify_keys,
|
|
|
|
old_verify_keys: BTreeMap::new(),
|
|
|
|
signatures: BTreeMap::new(),
|
2021-05-20 21:46:52 +00:00
|
|
|
valid_until_ts: MilliSecondsSinceUnixEpoch::from_system_time(
|
2021-08-25 14:06:35 +00:00
|
|
|
SystemTime::now() + Duration::from_secs(86400 * 7),
|
2021-05-20 21:46:52 +00:00
|
|
|
)
|
|
|
|
.expect("time is valid"),
|
2020-08-14 09:31:31 +00:00
|
|
|
},
|
2021-04-13 13:00:45 +00:00
|
|
|
}
|
2021-04-23 16:45:06 +00:00
|
|
|
.try_into_http_response::<Vec<u8>>()
|
2020-04-22 18:55:11 +00:00
|
|
|
.unwrap()
|
|
|
|
.body(),
|
|
|
|
)
|
|
|
|
.unwrap();
|
2020-11-15 21:48:43 +00:00
|
|
|
|
2020-06-05 16:19:26 +00:00
|
|
|
ruma::signatures::sign_json(
|
2020-08-14 09:31:31 +00:00
|
|
|
db.globals.server_name().as_str(),
|
2020-05-17 17:56:40 +00:00
|
|
|
db.globals.keypair(),
|
|
|
|
&mut response,
|
|
|
|
)
|
|
|
|
.unwrap();
|
2020-11-15 21:48:43 +00:00
|
|
|
|
2021-08-19 09:01:18 +00:00
|
|
|
Json(serde_json::to_string(&response).expect("JSON is canonical"))
|
2020-04-22 18:55:11 +00:00
|
|
|
}
|
|
|
|
|
2021-08-31 17:14:37 +00:00
|
|
|
/// # `GET /_matrix/key/v2/server/{keyId}`
|
|
|
|
///
|
|
|
|
/// Gets the public signing keys of this server.
|
|
|
|
///
|
|
|
|
/// - Matrix does not support invalidating public keys, so the key returned by this will be valid
|
|
|
|
/// forever.
|
2020-08-14 09:31:31 +00:00
|
|
|
#[cfg_attr(feature = "conduit_bin", get("/_matrix/key/v2/server/<_>"))]
|
2021-02-28 11:41:03 +00:00
|
|
|
#[tracing::instrument(skip(db))]
|
2021-07-14 07:07:08 +00:00
|
|
|
pub fn get_server_keys_deprecated_route(db: DatabaseGuard) -> Json<String> {
|
2020-12-05 20:03:43 +00:00
|
|
|
get_server_keys_route(db)
|
2020-04-22 18:55:11 +00:00
|
|
|
}
|
2020-08-14 09:29:32 +00:00
|
|
|
|
2021-08-31 17:14:37 +00:00
|
|
|
/// # `POST /_matrix/federation/v1/publicRooms`
|
|
|
|
///
|
|
|
|
/// Lists the public rooms on this server.
|
2020-08-14 09:29:32 +00:00
|
|
|
#[cfg_attr(
|
|
|
|
feature = "conduit_bin",
|
|
|
|
post("/_matrix/federation/v1/publicRooms", data = "<body>")
|
|
|
|
)]
|
2021-02-28 11:41:03 +00:00
|
|
|
#[tracing::instrument(skip(db, body))]
|
2020-09-14 09:42:16 +00:00
|
|
|
pub async fn get_public_rooms_filtered_route(
|
2021-07-14 07:07:08 +00:00
|
|
|
db: DatabaseGuard,
|
2020-09-14 09:42:16 +00:00
|
|
|
body: Ruma<get_public_rooms_filtered::v1::Request<'_>>,
|
|
|
|
) -> ConduitResult<get_public_rooms_filtered::v1::Response> {
|
2021-01-01 12:47:53 +00:00
|
|
|
if !db.globals.allow_federation() {
|
2020-11-14 22:13:06 +00:00
|
|
|
return Err(Error::bad_config("Federation is disabled."));
|
2020-10-06 19:04:51 +00:00
|
|
|
}
|
|
|
|
|
2020-09-14 09:42:16 +00:00
|
|
|
let response = client_server::get_public_rooms_filtered_helper(
|
|
|
|
&db,
|
|
|
|
None,
|
|
|
|
body.limit,
|
|
|
|
body.since.as_deref(),
|
|
|
|
&body.filter,
|
|
|
|
&body.room_network,
|
|
|
|
)
|
|
|
|
.await?
|
|
|
|
.0;
|
|
|
|
|
|
|
|
Ok(get_public_rooms_filtered::v1::Response {
|
|
|
|
chunk: response
|
|
|
|
.chunk
|
|
|
|
.into_iter()
|
|
|
|
.map(|c| {
|
|
|
|
// Convert ruma::api::federation::directory::get_public_rooms::v1::PublicRoomsChunk
|
|
|
|
// to ruma::api::client::r0::directory::PublicRoomsChunk
|
2021-06-17 18:44:29 +00:00
|
|
|
serde_json::from_str(
|
|
|
|
&serde_json::to_string(&c).expect("PublicRoomsChunk::to_string always works"),
|
2020-09-14 09:42:16 +00:00
|
|
|
)
|
2021-06-17 18:44:29 +00:00
|
|
|
.expect("federation and client-server PublicRoomsChunk are the same type")
|
2020-09-14 09:42:16 +00:00
|
|
|
})
|
|
|
|
.collect(),
|
|
|
|
prev_batch: response.prev_batch,
|
|
|
|
next_batch: response.next_batch,
|
|
|
|
total_room_count_estimate: response.total_room_count_estimate,
|
|
|
|
}
|
|
|
|
.into())
|
|
|
|
}
|
|
|
|
|
2021-08-31 17:14:37 +00:00
|
|
|
/// # `GET /_matrix/federation/v1/publicRooms`
|
|
|
|
///
|
|
|
|
/// Lists the public rooms on this server.
|
2020-09-14 09:42:16 +00:00
|
|
|
#[cfg_attr(
|
|
|
|
feature = "conduit_bin",
|
|
|
|
get("/_matrix/federation/v1/publicRooms", data = "<body>")
|
|
|
|
)]
|
2021-02-28 11:41:03 +00:00
|
|
|
#[tracing::instrument(skip(db, body))]
|
2020-08-14 09:29:32 +00:00
|
|
|
pub async fn get_public_rooms_route(
|
2021-07-14 07:07:08 +00:00
|
|
|
db: DatabaseGuard,
|
2020-09-08 15:32:03 +00:00
|
|
|
body: Ruma<get_public_rooms::v1::Request<'_>>,
|
2020-08-14 09:29:32 +00:00
|
|
|
) -> ConduitResult<get_public_rooms::v1::Response> {
|
2021-01-01 12:47:53 +00:00
|
|
|
if !db.globals.allow_federation() {
|
2020-11-14 22:13:06 +00:00
|
|
|
return Err(Error::bad_config("Federation is disabled."));
|
2020-10-06 19:04:51 +00:00
|
|
|
}
|
|
|
|
|
2020-09-14 09:42:16 +00:00
|
|
|
let response = client_server::get_public_rooms_filtered_helper(
|
2020-08-23 12:32:43 +00:00
|
|
|
&db,
|
|
|
|
None,
|
2020-09-14 09:42:16 +00:00
|
|
|
body.limit,
|
|
|
|
body.since.as_deref(),
|
|
|
|
&IncomingFilter::default(),
|
|
|
|
&IncomingRoomNetwork::Matrix,
|
2020-08-14 09:29:32 +00:00
|
|
|
)
|
|
|
|
.await?
|
|
|
|
.0;
|
|
|
|
|
|
|
|
Ok(get_public_rooms::v1::Response {
|
2020-09-14 09:42:16 +00:00
|
|
|
chunk: response
|
|
|
|
.chunk
|
2020-08-14 09:29:32 +00:00
|
|
|
.into_iter()
|
|
|
|
.map(|c| {
|
|
|
|
// Convert ruma::api::federation::directory::get_public_rooms::v1::PublicRoomsChunk
|
|
|
|
// to ruma::api::client::r0::directory::PublicRoomsChunk
|
2021-06-17 18:44:29 +00:00
|
|
|
serde_json::from_str(
|
|
|
|
&serde_json::to_string(&c).expect("PublicRoomsChunk::to_string always works"),
|
2020-08-14 09:29:32 +00:00
|
|
|
)
|
2021-06-17 18:44:29 +00:00
|
|
|
.expect("federation and client-server PublicRoomsChunk are the same type")
|
2020-08-14 09:29:32 +00:00
|
|
|
})
|
|
|
|
.collect(),
|
2020-09-14 09:42:16 +00:00
|
|
|
prev_batch: response.prev_batch,
|
|
|
|
next_batch: response.next_batch,
|
|
|
|
total_room_count_estimate: response.total_room_count_estimate,
|
2020-08-14 09:29:32 +00:00
|
|
|
}
|
|
|
|
.into())
|
|
|
|
}
|
|
|
|
|
2021-08-31 17:14:37 +00:00
|
|
|
/// # `PUT /_matrix/federation/v1/send/{txnId}`
|
|
|
|
///
|
|
|
|
/// Push EDUs and PDUs to this server.
|
2020-08-14 09:29:32 +00:00
|
|
|
#[cfg_attr(
|
|
|
|
feature = "conduit_bin",
|
|
|
|
put("/_matrix/federation/v1/send/<_>", data = "<body>")
|
|
|
|
)]
|
2021-02-28 11:41:03 +00:00
|
|
|
#[tracing::instrument(skip(db, body))]
|
2021-06-08 16:10:00 +00:00
|
|
|
pub async fn send_transaction_message_route(
|
2021-07-14 07:07:08 +00:00
|
|
|
db: DatabaseGuard,
|
2020-09-08 15:32:03 +00:00
|
|
|
body: Ruma<send_transaction_message::v1::Request<'_>>,
|
2020-08-14 09:29:32 +00:00
|
|
|
) -> ConduitResult<send_transaction_message::v1::Response> {
|
2021-01-01 12:47:53 +00:00
|
|
|
if !db.globals.allow_federation() {
|
2020-11-14 22:13:06 +00:00
|
|
|
return Err(Error::bad_config("Federation is disabled."));
|
2020-10-06 19:04:51 +00:00
|
|
|
}
|
|
|
|
|
2021-02-01 22:02:56 +00:00
|
|
|
let mut resolved_map = BTreeMap::new();
|
|
|
|
|
2021-04-13 19:34:31 +00:00
|
|
|
let pub_key_map = RwLock::new(BTreeMap::new());
|
2021-03-26 10:10:45 +00:00
|
|
|
|
|
|
|
// This is all the auth_events that have been recursively fetched so they don't have to be
|
|
|
|
// deserialized over and over again.
|
|
|
|
// TODO: make this persist across requests but not in a DB Tree (in globals?)
|
|
|
|
// TODO: This could potentially also be some sort of trie (suffix tree) like structure so
|
|
|
|
// that once an auth event is known it would know (using indexes maybe) all of the auth
|
|
|
|
// events that it references.
|
2021-06-30 00:18:52 +00:00
|
|
|
// let mut auth_cache = EventMap::new();
|
2021-03-26 10:10:45 +00:00
|
|
|
|
2021-04-05 19:46:10 +00:00
|
|
|
for pdu in &body.pdus {
|
2021-03-25 22:55:40 +00:00
|
|
|
// We do not add the event_id field to the pdu here because of signature and hashes checks
|
|
|
|
let (event_id, value) = match crate::pdu::gen_event_id_canonical_json(pdu) {
|
|
|
|
Ok(t) => t,
|
|
|
|
Err(_) => {
|
|
|
|
// Event could not be converted to canonical json
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
};
|
|
|
|
|
2021-07-01 17:55:26 +00:00
|
|
|
// 0. Check the server is in the room
|
|
|
|
let room_id = match value
|
|
|
|
.get("room_id")
|
|
|
|
.and_then(|id| RoomId::try_from(id.as_str()?).ok())
|
|
|
|
{
|
|
|
|
Some(id) => id,
|
|
|
|
None => {
|
|
|
|
// Event is invalid
|
|
|
|
resolved_map.insert(event_id, Err("Event needs a valid RoomId.".to_string()));
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
};
|
|
|
|
|
|
|
|
let mutex = Arc::clone(
|
|
|
|
db.globals
|
2021-07-13 13:44:25 +00:00
|
|
|
.roomid_mutex_federation
|
2021-07-01 17:55:26 +00:00
|
|
|
.write()
|
|
|
|
.unwrap()
|
|
|
|
.entry(room_id.clone())
|
|
|
|
.or_default(),
|
|
|
|
);
|
|
|
|
let mutex_lock = mutex.lock().await;
|
2021-05-20 21:46:52 +00:00
|
|
|
let start_time = Instant::now();
|
2021-05-27 16:59:40 +00:00
|
|
|
resolved_map.insert(
|
|
|
|
event_id.clone(),
|
2021-07-01 17:55:26 +00:00
|
|
|
handle_incoming_pdu(
|
|
|
|
&body.origin,
|
|
|
|
&event_id,
|
|
|
|
&room_id,
|
|
|
|
value,
|
|
|
|
true,
|
|
|
|
&db,
|
|
|
|
&pub_key_map,
|
|
|
|
)
|
|
|
|
.await
|
|
|
|
.map(|_| ()),
|
2021-05-27 16:59:40 +00:00
|
|
|
);
|
2021-07-01 17:55:26 +00:00
|
|
|
drop(mutex_lock);
|
2021-05-20 21:46:52 +00:00
|
|
|
|
|
|
|
let elapsed = start_time.elapsed();
|
2021-08-06 18:00:08 +00:00
|
|
|
warn!(
|
2021-08-12 15:55:16 +00:00
|
|
|
"Handling transaction of event {} took {}m{}s",
|
2021-08-06 18:00:08 +00:00
|
|
|
event_id,
|
|
|
|
elapsed.as_secs() / 60,
|
|
|
|
elapsed.as_secs() % 60
|
|
|
|
);
|
2021-03-25 22:55:40 +00:00
|
|
|
}
|
|
|
|
|
2021-03-26 10:10:45 +00:00
|
|
|
for pdu in &resolved_map {
|
|
|
|
if let Err(e) = pdu.1 {
|
|
|
|
if e != "Room is unknown to this server." {
|
|
|
|
warn!("Incoming PDU failed {:?}", pdu);
|
|
|
|
}
|
|
|
|
}
|
2021-03-25 22:55:40 +00:00
|
|
|
}
|
|
|
|
|
2021-05-12 18:04:28 +00:00
|
|
|
for edu in body
|
|
|
|
.edus
|
|
|
|
.iter()
|
2021-06-11 19:47:53 +00:00
|
|
|
.filter_map(|edu| serde_json::from_str::<Edu>(edu.json().get()).ok())
|
2021-05-12 18:04:28 +00:00
|
|
|
{
|
|
|
|
match edu {
|
|
|
|
Edu::Presence(_) => {}
|
|
|
|
Edu::Receipt(receipt) => {
|
|
|
|
for (room_id, room_updates) in receipt.receipts {
|
|
|
|
for (user_id, user_updates) in room_updates.read {
|
|
|
|
if let Some((event_id, _)) = user_updates
|
|
|
|
.event_ids
|
|
|
|
.iter()
|
|
|
|
.filter_map(|id| {
|
|
|
|
db.rooms.get_pdu_count(&id).ok().flatten().map(|r| (id, r))
|
|
|
|
})
|
|
|
|
.max_by_key(|(_, count)| *count)
|
|
|
|
{
|
|
|
|
let mut user_receipts = BTreeMap::new();
|
|
|
|
user_receipts.insert(user_id.clone(), user_updates.data);
|
|
|
|
|
2021-05-20 21:46:52 +00:00
|
|
|
let mut receipts = BTreeMap::new();
|
|
|
|
receipts.insert(ReceiptType::Read, user_receipts);
|
|
|
|
|
2021-05-12 18:04:28 +00:00
|
|
|
let mut receipt_content = BTreeMap::new();
|
2021-05-20 21:46:52 +00:00
|
|
|
receipt_content.insert(event_id.to_owned(), receipts);
|
2021-05-12 18:04:28 +00:00
|
|
|
|
2021-05-20 21:46:52 +00:00
|
|
|
let event = AnyEphemeralRoomEvent::Receipt(ReceiptEvent {
|
|
|
|
content: ReceiptEventContent(receipt_content),
|
|
|
|
room_id: room_id.clone(),
|
|
|
|
});
|
2021-05-12 18:04:28 +00:00
|
|
|
db.rooms.edus.readreceipt_update(
|
|
|
|
&user_id,
|
|
|
|
&room_id,
|
|
|
|
event,
|
|
|
|
&db.globals,
|
|
|
|
)?;
|
|
|
|
} else {
|
2021-08-11 19:17:01 +00:00
|
|
|
// TODO fetch missing events
|
|
|
|
debug!("No known event ids in read receipt: {:?}", user_updates);
|
2021-05-12 18:04:28 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
Edu::Typing(typing) => {
|
|
|
|
if typing.typing {
|
|
|
|
db.rooms.edus.typing_add(
|
|
|
|
&typing.user_id,
|
|
|
|
&typing.room_id,
|
|
|
|
3000 + utils::millis_since_unix_epoch(),
|
|
|
|
&db.globals,
|
|
|
|
)?;
|
|
|
|
} else {
|
|
|
|
db.rooms
|
|
|
|
.edus
|
|
|
|
.typing_remove(&typing.user_id, &typing.room_id, &db.globals)?;
|
|
|
|
}
|
|
|
|
}
|
2021-08-24 17:10:31 +00:00
|
|
|
Edu::DeviceListUpdate(DeviceListUpdateContent { user_id, .. }) => {
|
|
|
|
db.users
|
|
|
|
.mark_device_key_update(&user_id, &db.rooms, &db.globals)?;
|
2021-05-28 11:44:40 +00:00
|
|
|
}
|
|
|
|
Edu::DirectToDevice(DirectDeviceContent {
|
|
|
|
sender,
|
|
|
|
ev_type,
|
|
|
|
message_id,
|
|
|
|
messages,
|
|
|
|
}) => {
|
|
|
|
// Check if this is a new transaction id
|
|
|
|
if db
|
|
|
|
.transaction_ids
|
|
|
|
.existing_txnid(&sender, None, &message_id)?
|
|
|
|
.is_some()
|
|
|
|
{
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
for (target_user_id, map) in &messages {
|
|
|
|
for (target_device_id_maybe, event) in map {
|
|
|
|
match target_device_id_maybe {
|
2021-06-17 18:12:36 +00:00
|
|
|
DeviceIdOrAllDevices::DeviceId(target_device_id) => {
|
2021-05-28 11:44:40 +00:00
|
|
|
db.users.add_to_device_event(
|
|
|
|
&sender,
|
|
|
|
&target_user_id,
|
|
|
|
&target_device_id,
|
2021-06-17 18:12:36 +00:00
|
|
|
&ev_type.to_string(),
|
|
|
|
event.deserialize_as().map_err(|_| {
|
2021-05-28 11:44:40 +00:00
|
|
|
Error::BadRequest(
|
|
|
|
ErrorKind::InvalidParam,
|
|
|
|
"Event is invalid",
|
|
|
|
)
|
|
|
|
})?,
|
|
|
|
&db.globals,
|
|
|
|
)?
|
|
|
|
}
|
|
|
|
|
2021-06-17 18:12:36 +00:00
|
|
|
DeviceIdOrAllDevices::AllDevices => {
|
2021-05-28 11:44:40 +00:00
|
|
|
for target_device_id in db.users.all_device_ids(&target_user_id) {
|
|
|
|
db.users.add_to_device_event(
|
|
|
|
&sender,
|
|
|
|
&target_user_id,
|
|
|
|
&target_device_id?,
|
2021-06-17 18:12:36 +00:00
|
|
|
&ev_type.to_string(),
|
|
|
|
event.deserialize_as().map_err(|_| {
|
2021-05-28 11:44:40 +00:00
|
|
|
Error::BadRequest(
|
|
|
|
ErrorKind::InvalidParam,
|
|
|
|
"Event is invalid",
|
|
|
|
)
|
|
|
|
})?,
|
|
|
|
&db.globals,
|
|
|
|
)?;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// Save transaction id with empty data
|
|
|
|
db.transaction_ids
|
|
|
|
.add_txnid(&sender, None, &message_id, &[])?;
|
|
|
|
}
|
2021-05-12 18:04:28 +00:00
|
|
|
Edu::_Custom(_) => {}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2021-08-02 08:13:34 +00:00
|
|
|
db.flush()?;
|
2021-07-14 07:07:08 +00:00
|
|
|
|
2021-03-25 22:55:40 +00:00
|
|
|
Ok(send_transaction_message::v1::Response { pdus: resolved_map }.into())
|
|
|
|
}
|
|
|
|
|
2021-04-16 16:18:29 +00:00
|
|
|
/// An async function that can recursively call itself.
|
2021-08-09 17:15:14 +00:00
|
|
|
type AsyncRecursiveType<'a, T> = Pin<Box<dyn Future<Output = T> + 'a + Send>>;
|
2021-03-25 22:55:40 +00:00
|
|
|
|
|
|
|
/// When receiving an event one needs to:
|
2021-07-01 17:55:26 +00:00
|
|
|
/// 0. Check the server is in the room
|
|
|
|
/// 1. Skip the PDU if we already know about it
|
2021-03-25 22:55:40 +00:00
|
|
|
/// 2. Check signatures, otherwise drop
|
|
|
|
/// 3. Check content hash, redact if doesn't match
|
|
|
|
/// 4. Fetch any missing auth events doing all checks listed here starting at 1. These are not
|
|
|
|
/// timeline events
|
|
|
|
/// 5. Reject "due to auth events" if can't get all the auth events or some of the auth events are
|
|
|
|
/// also rejected "due to auth events"
|
|
|
|
/// 6. Reject "due to auth events" if the event doesn't pass auth based on the auth events
|
|
|
|
/// 7. Persist this event as an outlier
|
|
|
|
/// 8. If not timeline event: stop
|
|
|
|
/// 9. Fetch any missing prev events doing all checks listed here starting at 1. These are timeline
|
|
|
|
/// events
|
|
|
|
/// 10. Fetch missing state and auth chain events by calling /state_ids at backwards extremities
|
|
|
|
/// doing all the checks in this list starting at 1. These are not timeline events
|
|
|
|
/// 11. Check the auth of the event passes based on the state of the event
|
|
|
|
/// 12. Ensure that the state is derived from the previous current state (i.e. we calculated by
|
|
|
|
/// doing state res where one of the inputs was a previously trusted set of state, don't just
|
|
|
|
/// trust a set of state we got from a remote)
|
|
|
|
/// 13. Check if the event passes auth based on the "current state" of the room, if not "soft fail"
|
|
|
|
/// it
|
|
|
|
/// 14. Use state resolution to find new room state
|
2021-08-09 17:15:14 +00:00
|
|
|
// We use some AsyncRecursiveType hacks here so we can call this async funtion recursively
|
2021-07-29 06:36:01 +00:00
|
|
|
#[tracing::instrument(skip(value, is_timeline_event, db, pub_key_map))]
|
2021-08-31 17:14:37 +00:00
|
|
|
pub(crate) async fn handle_incoming_pdu<'a>(
|
2021-03-25 22:55:40 +00:00
|
|
|
origin: &'a ServerName,
|
|
|
|
event_id: &'a EventId,
|
2021-07-01 17:55:26 +00:00
|
|
|
room_id: &'a RoomId,
|
2021-03-25 22:55:40 +00:00
|
|
|
value: BTreeMap<String, CanonicalJsonValue>,
|
|
|
|
is_timeline_event: bool,
|
|
|
|
db: &'a Database,
|
2021-04-13 19:34:31 +00:00
|
|
|
pub_key_map: &'a RwLock<BTreeMap<String, BTreeMap<String, String>>>,
|
2021-08-14 19:30:14 +00:00
|
|
|
) -> StdResult<Option<Vec<u8>>, String> {
|
|
|
|
match db.rooms.exists(&room_id) {
|
|
|
|
Ok(true) => {}
|
|
|
|
_ => {
|
|
|
|
return Err("Room is unknown to this server.".to_string());
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// 1. Skip the PDU if we already have it as a timeline event
|
|
|
|
if let Ok(Some(pdu_id)) = db.rooms.get_pdu_id(&event_id) {
|
|
|
|
return Ok(Some(pdu_id.to_vec()));
|
|
|
|
}
|
|
|
|
|
|
|
|
let create_event = db
|
|
|
|
.rooms
|
|
|
|
.room_state_get(&room_id, &EventType::RoomCreate, "")
|
|
|
|
.map_err(|_| "Failed to ask database for event.".to_owned())?
|
|
|
|
.ok_or_else(|| "Failed to find create event in db.".to_owned())?;
|
|
|
|
|
2021-08-14 19:56:15 +00:00
|
|
|
let (incoming_pdu, val) = handle_outlier_pdu(
|
|
|
|
origin,
|
|
|
|
&create_event,
|
|
|
|
event_id,
|
|
|
|
room_id,
|
|
|
|
value,
|
|
|
|
db,
|
|
|
|
pub_key_map,
|
|
|
|
)
|
|
|
|
.await?;
|
2021-08-14 19:30:14 +00:00
|
|
|
|
|
|
|
// 8. if not timeline event: stop
|
2021-08-14 19:56:15 +00:00
|
|
|
if !is_timeline_event {
|
2021-08-14 19:30:14 +00:00
|
|
|
return Ok(None);
|
|
|
|
}
|
|
|
|
|
2021-08-30 14:02:55 +00:00
|
|
|
if incoming_pdu.origin_server_ts
|
|
|
|
< db.rooms
|
|
|
|
.first_pdu_in_room(&room_id)
|
|
|
|
.map_err(|_| "Error loading first room event.".to_owned())?
|
|
|
|
.expect("Room exists")
|
|
|
|
.origin_server_ts
|
|
|
|
{
|
|
|
|
return Ok(None);
|
|
|
|
}
|
|
|
|
|
2021-08-14 19:30:14 +00:00
|
|
|
// 9. Fetch any missing prev events doing all checks listed here starting at 1. These are timeline events
|
2021-08-17 14:06:09 +00:00
|
|
|
let mut graph = HashMap::new();
|
|
|
|
let mut eventid_info = HashMap::new();
|
2021-08-26 21:58:32 +00:00
|
|
|
let mut todo_outlier_stack = incoming_pdu
|
|
|
|
.prev_events
|
|
|
|
.iter()
|
|
|
|
.cloned()
|
|
|
|
.map(Arc::new)
|
|
|
|
.collect::<Vec<_>>();
|
2021-08-21 12:22:21 +00:00
|
|
|
|
|
|
|
let mut amount = 0;
|
|
|
|
|
2021-08-14 19:30:14 +00:00
|
|
|
while let Some(prev_event_id) = todo_outlier_stack.pop() {
|
2021-08-14 20:50:45 +00:00
|
|
|
if let Some((pdu, json_opt)) = fetch_and_handle_outliers(
|
2021-08-14 19:30:14 +00:00
|
|
|
db,
|
|
|
|
origin,
|
2021-08-14 20:50:45 +00:00
|
|
|
&[prev_event_id.clone()],
|
2021-08-14 19:30:14 +00:00
|
|
|
&create_event,
|
|
|
|
&room_id,
|
|
|
|
pub_key_map,
|
|
|
|
)
|
2021-08-14 19:56:15 +00:00
|
|
|
.await
|
|
|
|
.pop()
|
|
|
|
{
|
2021-08-21 12:22:21 +00:00
|
|
|
if amount > 100 {
|
|
|
|
// Max limit reached
|
|
|
|
warn!("Max prev event limit reached!");
|
2021-09-01 20:18:06 +00:00
|
|
|
graph.insert((*prev_event_id).clone(), HashSet::new());
|
2021-08-21 12:24:10 +00:00
|
|
|
continue;
|
2021-08-21 12:22:21 +00:00
|
|
|
}
|
|
|
|
|
2021-08-14 21:29:25 +00:00
|
|
|
if let Some(json) =
|
|
|
|
json_opt.or_else(|| db.rooms.get_outlier_pdu_json(&prev_event_id).ok().flatten())
|
|
|
|
{
|
2021-08-16 21:24:52 +00:00
|
|
|
if pdu.origin_server_ts
|
2021-08-14 20:50:45 +00:00
|
|
|
> db.rooms
|
|
|
|
.first_pdu_in_room(&room_id)
|
|
|
|
.map_err(|_| "Error loading first room event.".to_owned())?
|
|
|
|
.expect("Room exists")
|
|
|
|
.origin_server_ts
|
|
|
|
{
|
2021-08-21 12:22:21 +00:00
|
|
|
amount += 1;
|
2021-08-17 14:06:09 +00:00
|
|
|
for prev_prev in &pdu.prev_events {
|
|
|
|
if !graph.contains_key(prev_prev) {
|
2021-08-26 21:58:32 +00:00
|
|
|
todo_outlier_stack.push(dbg!(Arc::new(prev_prev.clone())));
|
2021-08-17 14:06:09 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
graph.insert(
|
2021-09-01 20:18:06 +00:00
|
|
|
(*prev_event_id).clone(),
|
|
|
|
pdu.prev_events.iter().cloned().collect(),
|
2021-08-17 14:06:09 +00:00
|
|
|
);
|
|
|
|
eventid_info.insert(prev_event_id.clone(), (pdu, json));
|
|
|
|
} else {
|
2021-08-19 09:01:18 +00:00
|
|
|
// Time based check failed
|
2021-09-01 20:18:06 +00:00
|
|
|
graph.insert((*prev_event_id).clone(), HashSet::new());
|
2021-08-17 14:06:09 +00:00
|
|
|
eventid_info.insert(prev_event_id.clone(), (pdu, json));
|
2021-08-14 20:50:45 +00:00
|
|
|
}
|
2021-08-17 14:06:09 +00:00
|
|
|
} else {
|
2021-08-19 09:01:18 +00:00
|
|
|
// Get json failed
|
2021-09-01 20:18:06 +00:00
|
|
|
graph.insert((*prev_event_id).clone(), HashSet::new());
|
2021-08-14 19:56:15 +00:00
|
|
|
}
|
2021-08-19 09:01:18 +00:00
|
|
|
} else {
|
|
|
|
// Fetch and handle failed
|
2021-09-01 20:18:06 +00:00
|
|
|
graph.insert((*prev_event_id).clone(), HashSet::new());
|
2021-08-14 19:30:14 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2021-08-17 14:06:09 +00:00
|
|
|
let sorted =
|
|
|
|
state_res::StateResolution::lexicographical_topological_sort(dbg!(&graph), |event_id| {
|
|
|
|
// This return value is the key used for sorting events,
|
|
|
|
// events are then sorted by power level, time,
|
|
|
|
// and lexically by event_id.
|
|
|
|
println!("{}", event_id);
|
|
|
|
Ok((
|
|
|
|
0,
|
|
|
|
MilliSecondsSinceUnixEpoch(
|
|
|
|
eventid_info
|
|
|
|
.get(event_id)
|
2021-08-26 21:58:32 +00:00
|
|
|
.map_or_else(|| uint!(0), |info| info.0.origin_server_ts),
|
2021-08-17 14:06:09 +00:00
|
|
|
),
|
2021-09-01 20:18:06 +00:00
|
|
|
ruma::event_id!("$notimportant"),
|
2021-08-17 14:06:09 +00:00
|
|
|
))
|
|
|
|
})
|
|
|
|
.map_err(|_| "Error sorting prev events".to_owned())?;
|
|
|
|
|
2021-08-31 20:04:47 +00:00
|
|
|
let mut errors = 0;
|
2021-08-17 14:06:09 +00:00
|
|
|
for prev_id in dbg!(sorted) {
|
2021-08-31 20:04:47 +00:00
|
|
|
if errors >= 5 {
|
|
|
|
break;
|
|
|
|
}
|
2021-08-17 14:06:09 +00:00
|
|
|
if let Some((pdu, json)) = eventid_info.remove(&prev_id) {
|
2021-08-19 09:01:18 +00:00
|
|
|
let start_time = Instant::now();
|
|
|
|
let event_id = pdu.event_id.clone();
|
|
|
|
if let Err(e) = upgrade_outlier_to_timeline_pdu(
|
2021-08-17 14:06:09 +00:00
|
|
|
pdu,
|
|
|
|
json,
|
|
|
|
&create_event,
|
|
|
|
origin,
|
|
|
|
db,
|
|
|
|
room_id,
|
|
|
|
pub_key_map,
|
|
|
|
)
|
2021-08-19 09:01:18 +00:00
|
|
|
.await
|
|
|
|
{
|
2021-08-31 20:04:47 +00:00
|
|
|
errors += 1;
|
2021-08-19 09:01:18 +00:00
|
|
|
warn!("Prev event {} failed: {}", event_id, e);
|
|
|
|
}
|
|
|
|
let elapsed = start_time.elapsed();
|
|
|
|
warn!(
|
|
|
|
"Handling prev event {} took {}m{}s",
|
|
|
|
event_id,
|
|
|
|
elapsed.as_secs() / 60,
|
|
|
|
elapsed.as_secs() % 60
|
|
|
|
);
|
2021-08-17 14:06:09 +00:00
|
|
|
}
|
2021-08-14 19:30:14 +00:00
|
|
|
}
|
|
|
|
|
2021-08-14 19:56:15 +00:00
|
|
|
upgrade_outlier_to_timeline_pdu(
|
|
|
|
incoming_pdu,
|
|
|
|
val,
|
|
|
|
&create_event,
|
|
|
|
origin,
|
|
|
|
db,
|
|
|
|
room_id,
|
|
|
|
pub_key_map,
|
|
|
|
)
|
|
|
|
.await
|
2021-08-14 19:30:14 +00:00
|
|
|
}
|
|
|
|
|
2021-08-19 09:01:18 +00:00
|
|
|
#[tracing::instrument(skip(origin, create_event, event_id, room_id, value, db, pub_key_map))]
|
2021-08-14 19:30:14 +00:00
|
|
|
fn handle_outlier_pdu<'a>(
|
|
|
|
origin: &'a ServerName,
|
|
|
|
create_event: &'a PduEvent,
|
|
|
|
event_id: &'a EventId,
|
|
|
|
room_id: &'a RoomId,
|
|
|
|
value: BTreeMap<String, CanonicalJsonValue>,
|
|
|
|
db: &'a Database,
|
|
|
|
pub_key_map: &'a RwLock<BTreeMap<String, BTreeMap<String, String>>>,
|
2021-08-14 19:56:15 +00:00
|
|
|
) -> AsyncRecursiveType<'a, StdResult<(Arc<PduEvent>, BTreeMap<String, CanonicalJsonValue>), String>>
|
|
|
|
{
|
2021-03-25 22:55:40 +00:00
|
|
|
Box::pin(async move {
|
|
|
|
// TODO: For RoomVersion6 we must check that Raw<..> is canonical do we anywhere?: https://matrix.org/docs/spec/rooms/v6#canonical-json
|
2021-07-01 17:55:26 +00:00
|
|
|
|
2021-03-25 22:55:40 +00:00
|
|
|
// We go through all the signatures we see on the value and fetch the corresponding signing
|
|
|
|
// keys
|
2021-04-13 19:34:31 +00:00
|
|
|
fetch_required_signing_keys(&value, &pub_key_map, db)
|
|
|
|
.await
|
|
|
|
.map_err(|e| e.to_string())?;
|
2021-03-25 22:55:40 +00:00
|
|
|
|
|
|
|
// 2. Check signatures, otherwise drop
|
|
|
|
// 3. check content hash, redact if doesn't match
|
2021-03-26 10:10:45 +00:00
|
|
|
|
2021-08-14 19:56:15 +00:00
|
|
|
let create_event_content =
|
|
|
|
serde_json::from_value::<Raw<CreateEventContent>>(create_event.content.clone())
|
|
|
|
.expect("Raw::from_value always works.")
|
|
|
|
.deserialize()
|
2021-08-22 11:00:36 +00:00
|
|
|
.map_err(|e| {
|
|
|
|
warn!("Invalid create event: {}", e);
|
|
|
|
"Invalid create event in db.".to_owned()
|
|
|
|
})?;
|
2021-03-26 10:10:45 +00:00
|
|
|
|
2021-05-07 23:54:24 +00:00
|
|
|
let room_version_id = &create_event_content.room_version;
|
|
|
|
let room_version = RoomVersion::new(room_version_id).expect("room version is supported");
|
2021-03-26 10:10:45 +00:00
|
|
|
|
2021-04-13 19:34:31 +00:00
|
|
|
let mut val = match ruma::signatures::verify_event(
|
|
|
|
&*pub_key_map.read().map_err(|_| "RwLock is poisoned.")?,
|
|
|
|
&value,
|
2021-05-07 23:54:24 +00:00
|
|
|
room_version_id,
|
2021-04-13 19:34:31 +00:00
|
|
|
) {
|
2021-03-26 10:10:45 +00:00
|
|
|
Err(e) => {
|
|
|
|
// Drop
|
2021-05-20 21:46:52 +00:00
|
|
|
warn!("Dropping bad event {}: {}", event_id, e);
|
2021-03-26 10:10:45 +00:00
|
|
|
return Err("Signature verification failed".to_string());
|
|
|
|
}
|
|
|
|
Ok(ruma::signatures::Verified::Signatures) => {
|
|
|
|
// Redact
|
2021-04-16 16:18:29 +00:00
|
|
|
warn!("Calculated hash does not match: {}", event_id);
|
2021-05-07 23:54:24 +00:00
|
|
|
match ruma::signatures::redact(&value, room_version_id) {
|
2021-03-26 10:10:45 +00:00
|
|
|
Ok(obj) => obj,
|
|
|
|
Err(_) => return Err("Redaction failed".to_string()),
|
2021-03-25 22:55:40 +00:00
|
|
|
}
|
2021-03-26 10:10:45 +00:00
|
|
|
}
|
|
|
|
Ok(ruma::signatures::Verified::All) => value,
|
|
|
|
};
|
2021-03-25 22:55:40 +00:00
|
|
|
|
|
|
|
// Now that we have checked the signature and hashes we can add the eventID and convert
|
|
|
|
// to our PduEvent type
|
|
|
|
val.insert(
|
|
|
|
"event_id".to_owned(),
|
2021-04-26 16:20:20 +00:00
|
|
|
CanonicalJsonValue::String(event_id.as_str().to_owned()),
|
2021-03-25 22:55:40 +00:00
|
|
|
);
|
|
|
|
let incoming_pdu = serde_json::from_value::<PduEvent>(
|
2021-04-16 16:18:29 +00:00
|
|
|
serde_json::to_value(&val).expect("CanonicalJsonObj is a valid JsonValue"),
|
2021-03-25 22:55:40 +00:00
|
|
|
)
|
|
|
|
.map_err(|_| "Event is not a valid PDU.".to_string())?;
|
|
|
|
|
|
|
|
// 4. fetch any missing auth events doing all checks listed here starting at 1. These are not timeline events
|
|
|
|
// 5. Reject "due to auth events" if can't get all the auth events or some of the auth events are also rejected "due to auth events"
|
2021-05-20 21:46:52 +00:00
|
|
|
// EDIT: Step 5 is not applied anymore because it failed too often
|
2021-08-24 17:10:31 +00:00
|
|
|
warn!("Fetching auth events for {}", incoming_pdu.event_id);
|
2021-08-14 19:30:14 +00:00
|
|
|
fetch_and_handle_outliers(
|
2021-08-09 17:15:14 +00:00
|
|
|
db,
|
|
|
|
origin,
|
2021-08-26 21:58:32 +00:00
|
|
|
&incoming_pdu
|
|
|
|
.auth_events
|
|
|
|
.iter()
|
|
|
|
.cloned()
|
|
|
|
.map(Arc::new)
|
|
|
|
.collect::<Vec<_>>(),
|
2021-08-14 19:30:14 +00:00
|
|
|
&create_event,
|
2021-08-09 17:15:14 +00:00
|
|
|
&room_id,
|
|
|
|
pub_key_map,
|
|
|
|
)
|
|
|
|
.await;
|
2021-02-01 22:02:56 +00:00
|
|
|
|
2021-03-25 22:55:40 +00:00
|
|
|
// 6. Reject "due to auth events" if the event doesn't pass auth based on the auth events
|
2021-04-13 13:00:45 +00:00
|
|
|
debug!(
|
|
|
|
"Auth check for {} based on auth events",
|
|
|
|
incoming_pdu.event_id
|
|
|
|
);
|
2021-03-25 22:55:40 +00:00
|
|
|
|
|
|
|
// Build map of auth events
|
2021-07-18 18:43:39 +00:00
|
|
|
let mut auth_events = HashMap::new();
|
2021-04-05 19:46:10 +00:00
|
|
|
for id in &incoming_pdu.auth_events {
|
2021-08-28 17:35:15 +00:00
|
|
|
let auth_event = match db.rooms.get_pdu(id).map_err(|e| e.to_string())? {
|
|
|
|
Some(e) => e,
|
|
|
|
None => {
|
|
|
|
warn!("Could not find auth event {}", id);
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
};
|
2021-03-25 22:55:40 +00:00
|
|
|
|
|
|
|
match auth_events.entry((
|
|
|
|
auth_event.kind.clone(),
|
|
|
|
auth_event
|
|
|
|
.state_key
|
|
|
|
.clone()
|
|
|
|
.expect("all auth events have state keys"),
|
|
|
|
)) {
|
2021-08-24 17:10:31 +00:00
|
|
|
hash_map::Entry::Vacant(v) => {
|
2021-03-25 22:55:40 +00:00
|
|
|
v.insert(auth_event.clone());
|
|
|
|
}
|
2021-08-24 17:10:31 +00:00
|
|
|
hash_map::Entry::Occupied(_) => {
|
2021-03-25 22:55:40 +00:00
|
|
|
return Err(
|
|
|
|
"Auth event's type and state_key combination exists multiple times."
|
|
|
|
.to_owned(),
|
|
|
|
)
|
|
|
|
}
|
2021-02-01 22:02:56 +00:00
|
|
|
}
|
2021-03-25 22:55:40 +00:00
|
|
|
}
|
2021-02-01 22:02:56 +00:00
|
|
|
|
2021-03-25 22:55:40 +00:00
|
|
|
// The original create event must be in the auth events
|
|
|
|
if auth_events
|
|
|
|
.get(&(EventType::RoomCreate, "".to_owned()))
|
|
|
|
.map(|a| a.as_ref())
|
|
|
|
!= Some(&create_event)
|
|
|
|
{
|
|
|
|
return Err("Incoming event refers to wrong create event.".to_owned());
|
|
|
|
}
|
2021-01-19 00:08:59 +00:00
|
|
|
|
2021-03-25 22:55:40 +00:00
|
|
|
// If the previous event was the create event special rules apply
|
|
|
|
let previous_create = if incoming_pdu.auth_events.len() == 1
|
|
|
|
&& incoming_pdu.prev_events == incoming_pdu.auth_events
|
|
|
|
{
|
2021-06-30 00:18:52 +00:00
|
|
|
db.rooms
|
|
|
|
.get_pdu(&incoming_pdu.auth_events[0])
|
|
|
|
.map_err(|e| e.to_string())?
|
2021-06-30 07:52:01 +00:00
|
|
|
.filter(|maybe_create| **maybe_create == *create_event)
|
2021-03-25 22:55:40 +00:00
|
|
|
} else {
|
|
|
|
None
|
|
|
|
};
|
|
|
|
|
|
|
|
let incoming_pdu = Arc::new(incoming_pdu.clone());
|
2021-01-15 02:32:22 +00:00
|
|
|
|
2021-03-25 22:55:40 +00:00
|
|
|
if !state_res::event_auth::auth_check(
|
2021-03-26 10:10:45 +00:00
|
|
|
&room_version,
|
2021-03-25 22:55:40 +00:00
|
|
|
&incoming_pdu,
|
2021-08-26 21:58:32 +00:00
|
|
|
previous_create,
|
2021-03-25 22:55:40 +00:00
|
|
|
None, // TODO: third party invite
|
2021-08-24 17:10:31 +00:00
|
|
|
|k, s| auth_events.get(&(k.clone(), s.to_owned())).map(Arc::clone),
|
2021-01-15 02:32:22 +00:00
|
|
|
)
|
2021-03-25 22:55:40 +00:00
|
|
|
.map_err(|_e| "Auth check failed".to_string())?
|
2021-01-15 02:32:22 +00:00
|
|
|
{
|
2021-03-25 22:55:40 +00:00
|
|
|
return Err("Event has failed auth check with auth events.".to_string());
|
|
|
|
}
|
2020-12-22 17:45:35 +00:00
|
|
|
|
2021-03-25 22:55:40 +00:00
|
|
|
debug!("Validation successful.");
|
|
|
|
|
|
|
|
// 7. Persist the event as an outlier.
|
|
|
|
db.rooms
|
2021-04-16 16:18:29 +00:00
|
|
|
.add_pdu_outlier(&incoming_pdu.event_id, &val)
|
2021-03-25 22:55:40 +00:00
|
|
|
.map_err(|_| "Failed to add pdu as outlier.".to_owned())?;
|
|
|
|
debug!("Added pdu as outlier.");
|
|
|
|
|
2021-08-14 19:56:15 +00:00
|
|
|
Ok((incoming_pdu, val))
|
2021-08-14 19:30:14 +00:00
|
|
|
})
|
|
|
|
}
|
2021-08-09 17:15:14 +00:00
|
|
|
|
2021-08-19 09:01:18 +00:00
|
|
|
#[tracing::instrument(skip(incoming_pdu, val, create_event, origin, db, room_id, pub_key_map))]
|
2021-08-14 19:30:14 +00:00
|
|
|
async fn upgrade_outlier_to_timeline_pdu(
|
|
|
|
incoming_pdu: Arc<PduEvent>,
|
|
|
|
val: BTreeMap<String, CanonicalJsonValue>,
|
|
|
|
create_event: &PduEvent,
|
|
|
|
origin: &ServerName,
|
|
|
|
db: &Database,
|
|
|
|
room_id: &RoomId,
|
|
|
|
pub_key_map: &RwLock<BTreeMap<String, BTreeMap<String, String>>>,
|
|
|
|
) -> StdResult<Option<Vec<u8>>, String> {
|
2021-08-14 21:29:25 +00:00
|
|
|
if let Ok(Some(pduid)) = db.rooms.get_pdu_id(&incoming_pdu.event_id) {
|
|
|
|
return Ok(Some(pduid));
|
|
|
|
}
|
2021-08-28 09:39:33 +00:00
|
|
|
|
|
|
|
if db
|
|
|
|
.rooms
|
|
|
|
.is_event_soft_failed(&incoming_pdu.event_id)
|
|
|
|
.map_err(|_| "Failed to ask db for soft fail".to_owned())?
|
|
|
|
{
|
|
|
|
return Err("Event has been soft failed".into());
|
|
|
|
}
|
|
|
|
|
2021-08-30 14:02:55 +00:00
|
|
|
let create_event_content =
|
|
|
|
serde_json::from_value::<Raw<CreateEventContent>>(create_event.content.clone())
|
|
|
|
.expect("Raw::from_value always works.")
|
|
|
|
.deserialize()
|
|
|
|
.map_err(|e| {
|
|
|
|
warn!("Invalid create event: {}", e);
|
|
|
|
"Invalid create event in db.".to_owned()
|
|
|
|
})?;
|
|
|
|
|
|
|
|
let room_version_id = &create_event_content.room_version;
|
|
|
|
let room_version = RoomVersion::new(room_version_id).expect("room version is supported");
|
|
|
|
|
2021-08-14 19:56:15 +00:00
|
|
|
// 10. Fetch missing state and auth chain events by calling /state_ids at backwards extremities
|
|
|
|
// doing all the checks in this list starting at 1. These are not timeline events.
|
2021-03-25 22:55:40 +00:00
|
|
|
|
2021-08-14 19:56:15 +00:00
|
|
|
// TODO: if we know the prev_events of the incoming event we can avoid the request and build
|
|
|
|
// the state from a known point and resolve if > 1 prev_event
|
2021-04-16 16:18:29 +00:00
|
|
|
|
2021-08-14 19:56:15 +00:00
|
|
|
debug!("Requesting state at event.");
|
|
|
|
let mut state_at_incoming_event = None;
|
2021-08-11 17:15:38 +00:00
|
|
|
|
2021-08-14 19:56:15 +00:00
|
|
|
if incoming_pdu.prev_events.len() == 1 {
|
|
|
|
let prev_event = &incoming_pdu.prev_events[0];
|
|
|
|
let prev_event_sstatehash = db
|
|
|
|
.rooms
|
|
|
|
.pdu_shortstatehash(prev_event)
|
|
|
|
.map_err(|_| "Failed talking to db".to_owned())?;
|
|
|
|
|
|
|
|
let state =
|
|
|
|
prev_event_sstatehash.map(|shortstatehash| db.rooms.state_full_ids(shortstatehash));
|
|
|
|
|
2021-08-24 17:10:31 +00:00
|
|
|
if let Some(Ok(mut state)) = state {
|
2021-08-14 19:56:15 +00:00
|
|
|
warn!("Using cached state");
|
|
|
|
let prev_pdu =
|
|
|
|
db.rooms.get_pdu(prev_event).ok().flatten().ok_or_else(|| {
|
2021-07-20 20:06:42 +00:00
|
|
|
"Could not find prev event, but we know the state.".to_owned()
|
|
|
|
})?;
|
|
|
|
|
2021-08-14 19:56:15 +00:00
|
|
|
if let Some(state_key) = &prev_pdu.state_key {
|
2021-08-24 17:10:31 +00:00
|
|
|
let shortstatekey = db
|
|
|
|
.rooms
|
|
|
|
.get_or_create_shortstatekey(&prev_pdu.kind, state_key, &db.globals)
|
|
|
|
.map_err(|_| "Failed to create shortstatekey.".to_owned())?;
|
|
|
|
|
2021-08-26 21:58:32 +00:00
|
|
|
state.insert(shortstatekey, Arc::new(prev_event.clone()));
|
2021-08-24 17:10:31 +00:00
|
|
|
// Now it's the state after the pdu
|
2021-04-16 16:18:29 +00:00
|
|
|
}
|
2021-08-14 19:56:15 +00:00
|
|
|
|
|
|
|
state_at_incoming_event = Some(state);
|
2021-04-16 16:18:29 +00:00
|
|
|
}
|
2021-08-30 14:02:55 +00:00
|
|
|
} else {
|
|
|
|
warn!("Calculating state at event using state res");
|
|
|
|
let mut extremity_sstatehashes = HashMap::new();
|
|
|
|
|
|
|
|
let mut okay = true;
|
|
|
|
for prev_eventid in &incoming_pdu.prev_events {
|
|
|
|
let prev_event = if let Ok(Some(pdu)) = db.rooms.get_pdu(prev_eventid) {
|
|
|
|
pdu
|
|
|
|
} else {
|
|
|
|
okay = false;
|
|
|
|
break;
|
|
|
|
};
|
|
|
|
|
|
|
|
let sstatehash = if let Ok(Some(s)) = db.rooms.pdu_shortstatehash(prev_eventid) {
|
|
|
|
s
|
|
|
|
} else {
|
|
|
|
okay = false;
|
|
|
|
break;
|
|
|
|
};
|
|
|
|
|
|
|
|
extremity_sstatehashes.insert(sstatehash, prev_event);
|
|
|
|
}
|
|
|
|
|
|
|
|
if okay {
|
2021-09-01 19:46:05 +00:00
|
|
|
let fork_states: Vec<_> = extremity_sstatehashes
|
|
|
|
.into_iter()
|
|
|
|
.map(|(sstatehash, prev_event)| {
|
|
|
|
let mut leaf_state = db
|
2021-08-30 14:02:55 +00:00
|
|
|
.rooms
|
2021-09-01 19:46:05 +00:00
|
|
|
.state_full_ids(sstatehash)
|
|
|
|
.map_err(|_| "Failed to ask db for room state.".to_owned())?;
|
|
|
|
|
|
|
|
if let Some(state_key) = &prev_event.state_key {
|
|
|
|
let shortstatekey = db
|
|
|
|
.rooms
|
|
|
|
.get_or_create_shortstatekey(&prev_event.kind, state_key, &db.globals)
|
|
|
|
.map_err(|_| "Failed to create shortstatekey.".to_owned())?;
|
|
|
|
leaf_state.insert(shortstatekey, Arc::new(prev_event.event_id.clone()));
|
|
|
|
// Now it's the state after the pdu
|
|
|
|
}
|
2021-08-30 14:02:55 +00:00
|
|
|
|
2021-09-01 19:46:05 +00:00
|
|
|
leaf_state
|
|
|
|
.into_iter()
|
2021-08-30 14:02:55 +00:00
|
|
|
.map(|(k, id)| (db.rooms.get_statekey_from_short(k).map(|k| (k, id))))
|
|
|
|
.collect::<Result<StateMap<_>>>()
|
2021-09-01 19:46:05 +00:00
|
|
|
.map_err(|_| "Failed to get_statekey_from_short.".to_owned())
|
2021-08-30 14:02:55 +00:00
|
|
|
})
|
2021-09-01 19:46:05 +00:00
|
|
|
.collect::<StdResult<_, _>>()?;
|
2021-08-30 14:02:55 +00:00
|
|
|
|
|
|
|
let mut auth_chain_sets = Vec::new();
|
2021-09-01 19:46:05 +00:00
|
|
|
for state in &fork_states {
|
2021-08-30 14:02:55 +00:00
|
|
|
auth_chain_sets.push(
|
2021-08-31 17:14:37 +00:00
|
|
|
get_auth_chain(
|
|
|
|
&room_id,
|
|
|
|
state.iter().map(|(_, id)| id.clone()).collect(),
|
|
|
|
db,
|
|
|
|
)
|
|
|
|
.map_err(|_| "Failed to load auth chain.".to_owned())?
|
2021-09-01 20:18:06 +00:00
|
|
|
.map(|event_id| (*event_id).clone())
|
2021-08-31 17:14:37 +00:00
|
|
|
.collect(),
|
2021-08-30 14:02:55 +00:00
|
|
|
);
|
|
|
|
}
|
|
|
|
|
2021-09-01 20:18:06 +00:00
|
|
|
let fork_states = &fork_states
|
|
|
|
.into_iter()
|
2021-09-01 20:49:16 +00:00
|
|
|
.map(|map| map.into_iter().map(|(k, id)| (k, (*id).clone())).collect())
|
2021-09-01 20:18:06 +00:00
|
|
|
.collect::<Vec<_>>();
|
|
|
|
|
2021-08-30 14:02:55 +00:00
|
|
|
state_at_incoming_event = match state_res::StateResolution::resolve(
|
|
|
|
&room_id,
|
|
|
|
room_version_id,
|
|
|
|
&fork_states,
|
|
|
|
auth_chain_sets,
|
|
|
|
|id| {
|
|
|
|
let res = db.rooms.get_pdu(id);
|
|
|
|
if let Err(e) = &res {
|
|
|
|
error!("LOOK AT ME Failed to fetch event: {}", e);
|
|
|
|
}
|
|
|
|
res.ok().flatten()
|
|
|
|
},
|
|
|
|
) {
|
|
|
|
Ok(new_state) => Some(
|
|
|
|
new_state
|
|
|
|
.into_iter()
|
|
|
|
.map(|((event_type, state_key), event_id)| {
|
|
|
|
let shortstatekey = db
|
|
|
|
.rooms
|
|
|
|
.get_or_create_shortstatekey(&event_type, &state_key, &db.globals)
|
|
|
|
.map_err(|_| "Failed to get_or_create_shortstatekey".to_owned())?;
|
2021-09-01 20:18:06 +00:00
|
|
|
Ok((shortstatekey, Arc::new(event_id)))
|
2021-08-30 14:02:55 +00:00
|
|
|
})
|
|
|
|
.collect::<StdResult<_, String>>()?,
|
|
|
|
),
|
|
|
|
Err(e) => {
|
|
|
|
warn!("State resolution on prev events failed, either an event could not be found or deserialization: {}", e);
|
|
|
|
None
|
|
|
|
}
|
|
|
|
};
|
|
|
|
}
|
2021-08-14 19:56:15 +00:00
|
|
|
}
|
2021-04-16 16:18:29 +00:00
|
|
|
|
2021-08-14 19:56:15 +00:00
|
|
|
if state_at_incoming_event.is_none() {
|
|
|
|
warn!("Calling /state_ids");
|
|
|
|
// Call /state_ids to find out what the state at this pdu is. We trust the server's
|
|
|
|
// response to some extend, but we still do a lot of checks on the events
|
|
|
|
match db
|
|
|
|
.sending
|
|
|
|
.send_federation_request(
|
|
|
|
&db.globals,
|
|
|
|
origin,
|
|
|
|
get_room_state_ids::v1::Request {
|
|
|
|
room_id: &room_id,
|
|
|
|
event_id: &incoming_pdu.event_id,
|
|
|
|
},
|
|
|
|
)
|
|
|
|
.await
|
|
|
|
{
|
|
|
|
Ok(res) => {
|
2021-08-24 17:10:31 +00:00
|
|
|
warn!("Fetching state events at event.");
|
2021-08-14 19:56:15 +00:00
|
|
|
let state_vec = fetch_and_handle_outliers(
|
|
|
|
&db,
|
2021-03-25 22:55:40 +00:00
|
|
|
origin,
|
2021-08-26 21:58:32 +00:00
|
|
|
&res.pdu_ids
|
|
|
|
.iter()
|
|
|
|
.cloned()
|
|
|
|
.map(Arc::new)
|
|
|
|
.collect::<Vec<_>>(),
|
2021-08-14 19:56:15 +00:00
|
|
|
&create_event,
|
|
|
|
&room_id,
|
|
|
|
pub_key_map,
|
2021-01-06 13:52:30 +00:00
|
|
|
)
|
2021-08-14 19:56:15 +00:00
|
|
|
.await;
|
|
|
|
|
2021-08-24 17:10:31 +00:00
|
|
|
let mut state = BTreeMap::new();
|
2021-08-14 19:56:15 +00:00
|
|
|
for (pdu, _) in state_vec {
|
2021-08-24 17:10:31 +00:00
|
|
|
let state_key = pdu
|
|
|
|
.state_key
|
|
|
|
.clone()
|
|
|
|
.ok_or_else(|| "Found non-state pdu in state events.".to_owned())?;
|
|
|
|
|
|
|
|
let shortstatekey = db
|
|
|
|
.rooms
|
|
|
|
.get_or_create_shortstatekey(&pdu.kind, &state_key, &db.globals)
|
|
|
|
.map_err(|_| "Failed to create shortstatekey.".to_owned())?;
|
|
|
|
|
|
|
|
match state.entry(shortstatekey) {
|
|
|
|
btree_map::Entry::Vacant(v) => {
|
2021-08-26 21:58:32 +00:00
|
|
|
v.insert(Arc::new(pdu.event_id.clone()));
|
2021-02-04 01:00:01 +00:00
|
|
|
}
|
2021-08-24 17:10:31 +00:00
|
|
|
btree_map::Entry::Occupied(_) => return Err(
|
2021-08-14 19:56:15 +00:00
|
|
|
"State event's type and state_key combination exists multiple times."
|
|
|
|
.to_owned(),
|
|
|
|
),
|
2021-02-04 01:00:01 +00:00
|
|
|
}
|
2021-08-14 19:56:15 +00:00
|
|
|
}
|
2021-02-04 01:00:01 +00:00
|
|
|
|
2021-08-14 19:56:15 +00:00
|
|
|
// The original create event must still be in the state
|
2021-08-24 17:10:31 +00:00
|
|
|
let create_shortstatekey = db
|
|
|
|
.rooms
|
|
|
|
.get_shortstatekey(&EventType::RoomCreate, "")
|
|
|
|
.map_err(|_| "Failed to talk to db.")?
|
|
|
|
.expect("Room exists");
|
|
|
|
|
2021-08-26 21:58:32 +00:00
|
|
|
if state.get(&create_shortstatekey).map(|id| id.as_ref())
|
|
|
|
!= Some(&create_event.event_id)
|
|
|
|
{
|
2021-08-14 19:56:15 +00:00
|
|
|
return Err("Incoming event refers to wrong create event.".to_owned());
|
|
|
|
}
|
2021-02-04 01:00:01 +00:00
|
|
|
|
2021-08-14 19:56:15 +00:00
|
|
|
state_at_incoming_event = Some(state);
|
|
|
|
}
|
2021-08-24 17:10:31 +00:00
|
|
|
Err(e) => {
|
|
|
|
warn!("Fetching state for event failed: {}", e);
|
2021-08-14 19:56:15 +00:00
|
|
|
return Err("Fetching state for event failed".into());
|
|
|
|
}
|
|
|
|
};
|
|
|
|
}
|
2021-04-16 16:18:29 +00:00
|
|
|
|
2021-08-14 19:56:15 +00:00
|
|
|
let state_at_incoming_event =
|
|
|
|
state_at_incoming_event.expect("we always set this to some above");
|
2020-12-22 17:45:35 +00:00
|
|
|
|
2021-08-14 19:56:15 +00:00
|
|
|
// 11. Check the auth of the event passes based on the state of the event
|
|
|
|
// If the previous event was the create event special rules apply
|
|
|
|
let previous_create = if incoming_pdu.auth_events.len() == 1
|
|
|
|
&& incoming_pdu.prev_events == incoming_pdu.auth_events
|
|
|
|
{
|
|
|
|
db.rooms
|
|
|
|
.get_pdu(&incoming_pdu.auth_events[0])
|
|
|
|
.map_err(|e| e.to_string())?
|
|
|
|
.filter(|maybe_create| **maybe_create == *create_event)
|
|
|
|
} else {
|
|
|
|
None
|
|
|
|
};
|
2021-08-14 19:30:14 +00:00
|
|
|
|
2021-08-31 19:20:03 +00:00
|
|
|
let check_result = state_res::event_auth::auth_check(
|
2021-08-14 19:56:15 +00:00
|
|
|
&room_version,
|
|
|
|
&incoming_pdu,
|
|
|
|
previous_create.clone(),
|
|
|
|
None, // TODO: third party invite
|
2021-08-24 17:10:31 +00:00
|
|
|
|k, s| {
|
|
|
|
db.rooms
|
|
|
|
.get_shortstatekey(&k, &s)
|
|
|
|
.ok()
|
|
|
|
.flatten()
|
|
|
|
.and_then(|shortstatekey| state_at_incoming_event.get(&shortstatekey))
|
|
|
|
.and_then(|event_id| db.rooms.get_pdu(&event_id).ok().flatten())
|
|
|
|
},
|
2021-08-14 19:56:15 +00:00
|
|
|
)
|
2021-08-31 19:20:03 +00:00
|
|
|
.map_err(|_e| "Auth check failed.".to_owned())?;
|
|
|
|
|
|
|
|
if !check_result {
|
2021-08-14 19:56:15 +00:00
|
|
|
return Err("Event has failed auth check with state at the event.".into());
|
|
|
|
}
|
|
|
|
debug!("Auth check succeeded.");
|
2021-01-16 21:37:20 +00:00
|
|
|
|
2021-08-14 19:56:15 +00:00
|
|
|
// We start looking at current room state now, so lets lock the room
|
2021-07-29 06:36:01 +00:00
|
|
|
|
2021-08-14 19:56:15 +00:00
|
|
|
let mutex_state = Arc::clone(
|
|
|
|
db.globals
|
|
|
|
.roomid_mutex_state
|
|
|
|
.write()
|
|
|
|
.unwrap()
|
|
|
|
.entry(room_id.clone())
|
|
|
|
.or_default(),
|
|
|
|
);
|
|
|
|
let state_lock = mutex_state.lock().await;
|
2021-07-29 06:36:01 +00:00
|
|
|
|
2021-08-14 19:56:15 +00:00
|
|
|
// Now we calculate the set of extremities this room has after the incoming event has been
|
|
|
|
// applied. We start with the previous extremities (aka leaves)
|
|
|
|
let mut extremities = db
|
|
|
|
.rooms
|
|
|
|
.get_pdu_leaves(&room_id)
|
|
|
|
.map_err(|_| "Failed to load room leaves".to_owned())?;
|
2021-03-25 22:55:40 +00:00
|
|
|
|
2021-08-14 19:56:15 +00:00
|
|
|
// Remove any forward extremities that are referenced by this incoming event's prev_events
|
|
|
|
for prev_event in &incoming_pdu.prev_events {
|
|
|
|
if extremities.contains(prev_event) {
|
|
|
|
extremities.remove(prev_event);
|
2021-03-25 22:55:40 +00:00
|
|
|
}
|
2021-08-14 19:56:15 +00:00
|
|
|
}
|
2021-01-30 02:45:33 +00:00
|
|
|
|
2021-08-14 19:56:15 +00:00
|
|
|
// Only keep those extremities were not referenced yet
|
|
|
|
extremities.retain(|id| !matches!(db.rooms.is_event_referenced(&room_id, id), Ok(true)));
|
2021-07-20 10:41:35 +00:00
|
|
|
|
2021-08-24 17:10:31 +00:00
|
|
|
let current_sstatehash = db
|
2021-08-14 19:56:15 +00:00
|
|
|
.rooms
|
|
|
|
.current_shortstatehash(&room_id)
|
|
|
|
.map_err(|_| "Failed to load current state hash.".to_owned())?
|
|
|
|
.expect("every room has state");
|
2021-07-18 18:43:39 +00:00
|
|
|
|
2021-08-24 17:10:31 +00:00
|
|
|
let current_state_ids = db
|
2021-08-14 19:56:15 +00:00
|
|
|
.rooms
|
2021-08-24 17:10:31 +00:00
|
|
|
.state_full_ids(current_sstatehash)
|
2021-08-14 19:56:15 +00:00
|
|
|
.map_err(|_| "Failed to load room state.")?;
|
2021-05-04 17:03:18 +00:00
|
|
|
|
2021-08-25 15:36:10 +00:00
|
|
|
let auth_events = db
|
|
|
|
.rooms
|
|
|
|
.get_auth_events(
|
|
|
|
&room_id,
|
|
|
|
&incoming_pdu.kind,
|
|
|
|
&incoming_pdu.sender,
|
|
|
|
incoming_pdu.state_key.as_deref(),
|
|
|
|
&incoming_pdu.content,
|
|
|
|
)
|
|
|
|
.map_err(|_| "Failed to get_auth_events.".to_owned())?;
|
|
|
|
|
2021-08-30 08:46:36 +00:00
|
|
|
let state_ids_compressed = state_at_incoming_event
|
|
|
|
.iter()
|
|
|
|
.map(|(shortstatekey, id)| {
|
|
|
|
db.rooms
|
|
|
|
.compress_state_event(*shortstatekey, &id, &db.globals)
|
|
|
|
.map_err(|_| "Failed to compress_state_event".to_owned())
|
|
|
|
})
|
|
|
|
.collect::<StdResult<_, String>>()?;
|
|
|
|
|
|
|
|
// 13. Check if the event passes auth based on the "current state" of the room, if not "soft fail" it
|
|
|
|
debug!("starting soft fail auth check");
|
|
|
|
|
|
|
|
let soft_fail = !state_res::event_auth::auth_check(
|
|
|
|
&room_version,
|
|
|
|
&incoming_pdu,
|
|
|
|
previous_create,
|
|
|
|
None,
|
|
|
|
|k, s| auth_events.get(&(k.clone(), s.to_owned())).map(Arc::clone),
|
|
|
|
)
|
|
|
|
.map_err(|_e| "Auth check failed.".to_owned())?;
|
|
|
|
|
|
|
|
if soft_fail {
|
|
|
|
append_incoming_pdu(
|
|
|
|
&db,
|
|
|
|
&incoming_pdu,
|
|
|
|
val,
|
|
|
|
extremities,
|
|
|
|
state_ids_compressed,
|
|
|
|
soft_fail,
|
2021-08-30 08:56:41 +00:00
|
|
|
&state_lock,
|
2021-08-30 08:46:36 +00:00
|
|
|
)
|
|
|
|
.map_err(|_| "Failed to add pdu to db.".to_owned())?;
|
|
|
|
|
|
|
|
// Soft fail, we keep the event as an outlier but don't add it to the timeline
|
|
|
|
warn!("Event was soft failed: {:?}", incoming_pdu);
|
|
|
|
db.rooms
|
|
|
|
.mark_event_soft_failed(&incoming_pdu.event_id)
|
|
|
|
.map_err(|_| "Failed to set soft failed flag".to_owned())?;
|
|
|
|
return Err("Event has been soft failed".into());
|
|
|
|
}
|
|
|
|
|
2021-08-19 09:01:18 +00:00
|
|
|
if incoming_pdu.state_key.is_some() {
|
2021-08-24 17:10:31 +00:00
|
|
|
let mut extremity_sstatehashes = HashMap::new();
|
2021-07-18 18:43:39 +00:00
|
|
|
|
2021-08-24 17:10:31 +00:00
|
|
|
for id in dbg!(&extremities) {
|
2021-08-19 09:01:18 +00:00
|
|
|
match db
|
|
|
|
.rooms
|
|
|
|
.get_pdu(&id)
|
|
|
|
.map_err(|_| "Failed to ask db for pdu.".to_owned())?
|
|
|
|
{
|
|
|
|
Some(leaf_pdu) => {
|
2021-08-24 17:10:31 +00:00
|
|
|
extremity_sstatehashes.insert(
|
2021-08-19 09:01:18 +00:00
|
|
|
db.rooms
|
|
|
|
.pdu_shortstatehash(&leaf_pdu.event_id)
|
|
|
|
.map_err(|_| "Failed to ask db for pdu state hash.".to_owned())?
|
|
|
|
.ok_or_else(|| {
|
|
|
|
error!(
|
|
|
|
"Found extremity pdu with no statehash in db: {:?}",
|
|
|
|
leaf_pdu
|
|
|
|
);
|
|
|
|
"Found pdu with no statehash in db.".to_owned()
|
|
|
|
})?,
|
2021-08-24 17:10:31 +00:00
|
|
|
leaf_pdu,
|
|
|
|
);
|
2021-08-19 09:01:18 +00:00
|
|
|
}
|
|
|
|
_ => {
|
|
|
|
error!("Missing state snapshot for {:?}", id);
|
|
|
|
return Err("Missing state snapshot.".to_owned());
|
|
|
|
}
|
2021-07-18 18:43:39 +00:00
|
|
|
}
|
|
|
|
}
|
2020-12-22 17:45:35 +00:00
|
|
|
|
2021-08-24 17:10:31 +00:00
|
|
|
let mut fork_states = Vec::new();
|
|
|
|
|
2021-08-19 09:01:18 +00:00
|
|
|
// 12. Ensure that the state is derived from the previous current state (i.e. we calculated
|
|
|
|
// by doing state res where one of the inputs was a previously trusted set of state,
|
|
|
|
// don't just trust a set of state we got from a remote).
|
2021-08-14 19:56:15 +00:00
|
|
|
|
2021-08-19 09:01:18 +00:00
|
|
|
// We do this by adding the current state to the list of fork states
|
2021-08-24 17:10:31 +00:00
|
|
|
extremity_sstatehashes.remove(¤t_sstatehash);
|
|
|
|
fork_states.push(current_state_ids);
|
|
|
|
dbg!(&extremity_sstatehashes);
|
2021-08-14 19:56:15 +00:00
|
|
|
|
2021-08-24 17:10:31 +00:00
|
|
|
for (sstatehash, leaf_pdu) in extremity_sstatehashes {
|
2021-08-19 09:01:18 +00:00
|
|
|
let mut leaf_state = db
|
|
|
|
.rooms
|
2021-08-24 17:10:31 +00:00
|
|
|
.state_full_ids(sstatehash)
|
2021-08-19 09:01:18 +00:00
|
|
|
.map_err(|_| "Failed to ask db for room state.".to_owned())?;
|
|
|
|
|
2021-08-24 17:10:31 +00:00
|
|
|
if let Some(state_key) = &leaf_pdu.state_key {
|
|
|
|
let shortstatekey = db
|
|
|
|
.rooms
|
|
|
|
.get_or_create_shortstatekey(&leaf_pdu.kind, state_key, &db.globals)
|
|
|
|
.map_err(|_| "Failed to create shortstatekey.".to_owned())?;
|
2021-08-26 21:58:32 +00:00
|
|
|
leaf_state.insert(shortstatekey, Arc::new(leaf_pdu.event_id.clone()));
|
2021-08-24 17:10:31 +00:00
|
|
|
// Now it's the state after the pdu
|
2021-08-19 09:01:18 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
fork_states.push(leaf_state);
|
|
|
|
}
|
|
|
|
|
|
|
|
// We also add state after incoming event to the fork states
|
|
|
|
let mut state_after = state_at_incoming_event.clone();
|
|
|
|
if let Some(state_key) = &incoming_pdu.state_key {
|
2021-08-24 17:10:31 +00:00
|
|
|
let shortstatekey = db
|
|
|
|
.rooms
|
|
|
|
.get_or_create_shortstatekey(&incoming_pdu.kind, state_key, &db.globals)
|
|
|
|
.map_err(|_| "Failed to create shortstatekey.".to_owned())?;
|
|
|
|
|
2021-08-26 21:58:32 +00:00
|
|
|
state_after.insert(shortstatekey, Arc::new(incoming_pdu.event_id.clone()));
|
2021-03-25 22:55:40 +00:00
|
|
|
}
|
2021-08-26 21:58:32 +00:00
|
|
|
fork_states.push(state_after);
|
2021-08-19 09:01:18 +00:00
|
|
|
|
|
|
|
let mut update_state = false;
|
|
|
|
// 14. Use state resolution to find new room state
|
|
|
|
let new_room_state = if fork_states.is_empty() {
|
|
|
|
return Err("State is empty.".to_owned());
|
|
|
|
} else if fork_states.iter().skip(1).all(|f| &fork_states[0] == f) {
|
|
|
|
// There was only one state, so it has to be the room's current state (because that is
|
|
|
|
// always included)
|
|
|
|
fork_states[0]
|
|
|
|
.iter()
|
2021-08-24 17:10:31 +00:00
|
|
|
.map(|(k, id)| {
|
|
|
|
db.rooms
|
|
|
|
.compress_state_event(*k, &id, &db.globals)
|
|
|
|
.map_err(|_| "Failed to compress_state_event.".to_owned())
|
|
|
|
})
|
|
|
|
.collect::<StdResult<_, String>>()?
|
2021-08-19 09:01:18 +00:00
|
|
|
} else {
|
|
|
|
// We do need to force an update to this room's state
|
|
|
|
update_state = true;
|
2021-07-18 18:43:39 +00:00
|
|
|
|
2021-08-19 09:01:18 +00:00
|
|
|
let mut auth_chain_sets = Vec::new();
|
2021-09-01 20:18:06 +00:00
|
|
|
for state in &fork_states {
|
2021-08-19 09:01:18 +00:00
|
|
|
auth_chain_sets.push(
|
2021-08-31 17:14:37 +00:00
|
|
|
get_auth_chain(
|
|
|
|
&room_id,
|
|
|
|
state.iter().map(|(_, id)| id.clone()).collect(),
|
|
|
|
db,
|
|
|
|
)
|
|
|
|
.map_err(|_| "Failed to load auth chain.".to_owned())?
|
2021-09-01 20:18:06 +00:00
|
|
|
.map(|event_id| (*event_id).clone())
|
2021-08-31 17:14:37 +00:00
|
|
|
.collect(),
|
2021-08-19 09:01:18 +00:00
|
|
|
);
|
2021-08-14 19:56:15 +00:00
|
|
|
}
|
2021-08-19 09:01:18 +00:00
|
|
|
|
2021-09-01 20:18:06 +00:00
|
|
|
let fork_states = &fork_states
|
|
|
|
.into_iter()
|
|
|
|
.map(|map| {
|
|
|
|
map.into_iter()
|
|
|
|
.map(|(k, id)| {
|
|
|
|
db.rooms
|
|
|
|
.get_statekey_from_short(k)
|
|
|
|
.map(|k| (k, (*id).clone()))
|
|
|
|
})
|
|
|
|
.collect::<Result<StateMap<_>>>()
|
|
|
|
})
|
|
|
|
.collect::<Result<Vec<_>>>()
|
|
|
|
.map_err(|_| "Failed to get_statekey_from_short.".to_owned())?;
|
|
|
|
|
2021-08-19 09:01:18 +00:00
|
|
|
let state = match state_res::StateResolution::resolve(
|
|
|
|
&room_id,
|
|
|
|
room_version_id,
|
|
|
|
fork_states,
|
|
|
|
auth_chain_sets,
|
|
|
|
|id| {
|
|
|
|
let res = db.rooms.get_pdu(id);
|
|
|
|
if let Err(e) = &res {
|
|
|
|
error!("LOOK AT ME Failed to fetch event: {}", e);
|
|
|
|
}
|
|
|
|
res.ok().flatten()
|
|
|
|
},
|
|
|
|
) {
|
|
|
|
Ok(new_state) => new_state,
|
|
|
|
Err(_) => {
|
|
|
|
return Err("State resolution failed, either an event could not be found or deserialization".into());
|
|
|
|
}
|
|
|
|
};
|
|
|
|
|
|
|
|
state
|
2021-08-24 17:10:31 +00:00
|
|
|
.into_iter()
|
|
|
|
.map(|((event_type, state_key), event_id)| {
|
|
|
|
let shortstatekey = db
|
|
|
|
.rooms
|
|
|
|
.get_or_create_shortstatekey(&event_type, &state_key, &db.globals)
|
|
|
|
.map_err(|_| "Failed to get_or_create_shortstatekey".to_owned())?;
|
|
|
|
db.rooms
|
|
|
|
.compress_state_event(shortstatekey, &event_id, &db.globals)
|
|
|
|
.map_err(|_| "Failed to compress state event".to_owned())
|
|
|
|
})
|
|
|
|
.collect::<StdResult<_, String>>()?
|
2020-12-22 17:45:35 +00:00
|
|
|
};
|
|
|
|
|
2021-08-19 09:01:18 +00:00
|
|
|
// Set the new room state to the resolved state
|
|
|
|
if update_state {
|
|
|
|
db.rooms
|
|
|
|
.force_state(&room_id, new_room_state, &db)
|
|
|
|
.map_err(|_| "Failed to set new room state.".to_owned())?;
|
|
|
|
}
|
|
|
|
debug!("Updated resolved state");
|
|
|
|
}
|
|
|
|
|
|
|
|
extremities.insert(incoming_pdu.event_id.clone());
|
2021-02-04 01:00:01 +00:00
|
|
|
|
2021-08-24 17:10:31 +00:00
|
|
|
// Now that the event has passed all auth it is added into the timeline.
|
|
|
|
// We use the `state_at_event` instead of `state_after` so we accurately
|
|
|
|
// represent the state for this event.
|
|
|
|
|
|
|
|
let pdu_id = append_incoming_pdu(
|
|
|
|
&db,
|
|
|
|
&incoming_pdu,
|
|
|
|
val,
|
|
|
|
extremities,
|
|
|
|
state_ids_compressed,
|
|
|
|
soft_fail,
|
|
|
|
&state_lock,
|
|
|
|
)
|
|
|
|
.map_err(|_| "Failed to add pdu to db.".to_owned())?;
|
|
|
|
|
|
|
|
debug!("Appended incoming pdu.");
|
2021-01-19 00:08:59 +00:00
|
|
|
|
2021-08-14 19:56:15 +00:00
|
|
|
// Event has passed all auth/stateres checks
|
|
|
|
drop(state_lock);
|
|
|
|
Ok(pdu_id)
|
2021-01-14 19:39:56 +00:00
|
|
|
}
|
|
|
|
|
2021-01-30 02:45:33 +00:00
|
|
|
/// Find the event and auth it. Once the event is validated (steps 1 - 8)
|
|
|
|
/// it is appended to the outliers Tree.
|
2021-01-15 02:32:22 +00:00
|
|
|
///
|
2021-08-14 19:30:14 +00:00
|
|
|
/// Returns pdu and if we fetched it over federation the raw json.
|
|
|
|
///
|
2021-06-30 11:40:06 +00:00
|
|
|
/// a. Look in the main timeline (pduid_pdu tree)
|
|
|
|
/// b. Look at outlier pdu tree
|
|
|
|
/// c. Ask origin server over federation
|
|
|
|
/// d. TODO: Ask other servers over federation?
|
2021-08-19 09:01:18 +00:00
|
|
|
#[tracing::instrument(skip(db, origin, events, create_event, room_id, pub_key_map))]
|
2021-08-14 19:30:14 +00:00
|
|
|
pub(crate) fn fetch_and_handle_outliers<'a>(
|
2021-04-16 16:18:29 +00:00
|
|
|
db: &'a Database,
|
|
|
|
origin: &'a ServerName,
|
2021-08-26 21:58:32 +00:00
|
|
|
events: &'a [Arc<EventId>],
|
2021-08-14 19:30:14 +00:00
|
|
|
create_event: &'a PduEvent,
|
2021-07-01 17:55:26 +00:00
|
|
|
room_id: &'a RoomId,
|
2021-04-16 16:18:29 +00:00
|
|
|
pub_key_map: &'a RwLock<BTreeMap<String, BTreeMap<String, String>>>,
|
2021-08-14 19:30:14 +00:00
|
|
|
) -> AsyncRecursiveType<'a, Vec<(Arc<PduEvent>, Option<BTreeMap<String, CanonicalJsonValue>>)>> {
|
2021-04-16 16:18:29 +00:00
|
|
|
Box::pin(async move {
|
2021-05-20 21:46:52 +00:00
|
|
|
let back_off = |id| match db.globals.bad_event_ratelimiter.write().unwrap().entry(id) {
|
2021-08-24 17:10:31 +00:00
|
|
|
hash_map::Entry::Vacant(e) => {
|
2021-05-20 21:46:52 +00:00
|
|
|
e.insert((Instant::now(), 1));
|
|
|
|
}
|
2021-08-24 17:10:31 +00:00
|
|
|
hash_map::Entry::Occupied(mut e) => *e.get_mut() = (Instant::now(), e.get().1 + 1),
|
2021-05-20 21:46:52 +00:00
|
|
|
};
|
|
|
|
|
2021-04-16 16:18:29 +00:00
|
|
|
let mut pdus = vec![];
|
|
|
|
for id in events {
|
2021-05-20 21:46:52 +00:00
|
|
|
if let Some((time, tries)) = db.globals.bad_event_ratelimiter.read().unwrap().get(&id) {
|
|
|
|
// Exponential backoff
|
2021-08-19 09:01:18 +00:00
|
|
|
let mut min_elapsed_duration = Duration::from_secs(5 * 60) * (*tries) * (*tries);
|
2021-05-20 21:46:52 +00:00
|
|
|
if min_elapsed_duration > Duration::from_secs(60 * 60 * 24) {
|
|
|
|
min_elapsed_duration = Duration::from_secs(60 * 60 * 24);
|
|
|
|
}
|
|
|
|
|
|
|
|
if time.elapsed() < min_elapsed_duration {
|
2021-08-19 09:01:18 +00:00
|
|
|
info!("Backing off from {}", id);
|
2021-05-20 21:46:52 +00:00
|
|
|
continue;
|
|
|
|
}
|
|
|
|
}
|
2021-06-30 00:18:52 +00:00
|
|
|
|
|
|
|
// a. Look in the main timeline (pduid_pdu tree)
|
|
|
|
// b. Look at outlier pdu tree
|
2021-08-14 19:30:14 +00:00
|
|
|
// (get_pdu_json checks both)
|
|
|
|
let local_pdu = db.rooms.get_pdu(&id);
|
2021-08-09 17:15:14 +00:00
|
|
|
let pdu = match local_pdu {
|
2021-08-06 18:00:08 +00:00
|
|
|
Ok(Some(pdu)) => {
|
2021-06-30 00:18:52 +00:00
|
|
|
trace!("Found {} in db", id);
|
2021-08-14 19:30:14 +00:00
|
|
|
(pdu, None)
|
2021-04-19 09:53:46 +00:00
|
|
|
}
|
2021-08-06 18:00:08 +00:00
|
|
|
Ok(None) => {
|
2021-06-30 00:18:52 +00:00
|
|
|
// c. Ask origin server over federation
|
2021-08-24 17:10:31 +00:00
|
|
|
warn!("Fetching {} over federation.", id);
|
2021-06-30 00:18:52 +00:00
|
|
|
match db
|
|
|
|
.sending
|
|
|
|
.send_federation_request(
|
|
|
|
&db.globals,
|
2021-04-19 09:53:46 +00:00
|
|
|
origin,
|
2021-06-30 00:18:52 +00:00
|
|
|
get_event::v1::Request { event_id: &id },
|
2021-04-19 09:53:46 +00:00
|
|
|
)
|
2021-06-30 00:18:52 +00:00
|
|
|
.await
|
|
|
|
{
|
|
|
|
Ok(res) => {
|
2021-08-24 17:10:31 +00:00
|
|
|
warn!("Got {} over federation", id);
|
2021-08-28 17:35:15 +00:00
|
|
|
let (calculated_event_id, value) =
|
2021-08-06 18:00:08 +00:00
|
|
|
match crate::pdu::gen_event_id_canonical_json(&res.pdu) {
|
|
|
|
Ok(t) => t,
|
2021-08-19 09:01:18 +00:00
|
|
|
Err(_) => {
|
2021-08-26 21:58:32 +00:00
|
|
|
back_off((**id).clone());
|
2021-08-19 09:01:18 +00:00
|
|
|
continue;
|
|
|
|
}
|
2021-08-06 18:00:08 +00:00
|
|
|
};
|
|
|
|
|
2021-08-28 17:35:15 +00:00
|
|
|
if calculated_event_id != **id {
|
|
|
|
warn!("Server didn't return event id we requested: requested: {}, we got {}. Event: {:?}",
|
|
|
|
id, calculated_event_id, &res.pdu);
|
|
|
|
}
|
|
|
|
|
2021-06-30 00:18:52 +00:00
|
|
|
// This will also fetch the auth chain
|
2021-08-14 19:30:14 +00:00
|
|
|
match handle_outlier_pdu(
|
2021-04-16 16:18:29 +00:00
|
|
|
origin,
|
2021-08-14 19:30:14 +00:00
|
|
|
create_event,
|
2021-08-28 17:35:15 +00:00
|
|
|
&id,
|
2021-07-01 17:55:26 +00:00
|
|
|
&room_id,
|
2021-06-30 00:18:52 +00:00
|
|
|
value.clone(),
|
|
|
|
db,
|
|
|
|
pub_key_map,
|
2021-03-26 10:10:45 +00:00
|
|
|
)
|
2021-04-19 09:53:46 +00:00
|
|
|
.await
|
2021-06-30 00:18:52 +00:00
|
|
|
{
|
2021-08-14 19:56:15 +00:00
|
|
|
Ok((pdu, json)) => (pdu, Some(json)),
|
2021-06-30 00:18:52 +00:00
|
|
|
Err(e) => {
|
|
|
|
warn!("Authentication of event {} failed: {:?}", id, e);
|
2021-08-26 21:58:32 +00:00
|
|
|
back_off((**id).clone());
|
2021-06-30 00:18:52 +00:00
|
|
|
continue;
|
2021-04-16 16:18:29 +00:00
|
|
|
}
|
|
|
|
}
|
2021-04-14 07:39:06 +00:00
|
|
|
}
|
2021-06-30 00:18:52 +00:00
|
|
|
Err(_) => {
|
|
|
|
warn!("Failed to fetch event: {}", id);
|
2021-08-26 21:58:32 +00:00
|
|
|
back_off((**id).clone());
|
2021-06-30 00:18:52 +00:00
|
|
|
continue;
|
|
|
|
}
|
2021-04-19 09:53:46 +00:00
|
|
|
}
|
2021-06-30 00:18:52 +00:00
|
|
|
}
|
2021-08-06 18:00:08 +00:00
|
|
|
Err(e) => {
|
2021-08-19 09:01:18 +00:00
|
|
|
warn!("Error loading {}: {}", id, e);
|
2021-08-06 18:00:08 +00:00
|
|
|
continue;
|
|
|
|
}
|
2021-04-19 09:53:46 +00:00
|
|
|
};
|
2021-04-16 16:18:29 +00:00
|
|
|
pdus.push(pdu);
|
|
|
|
}
|
2021-08-09 17:15:14 +00:00
|
|
|
pdus
|
2021-04-16 16:18:29 +00:00
|
|
|
})
|
2021-01-12 13:26:52 +00:00
|
|
|
}
|
|
|
|
|
2021-01-15 02:32:22 +00:00
|
|
|
/// Search the DB for the signing keys of the given server, if we don't have them
|
|
|
|
/// fetch them from the server and save to our DB.
|
2021-08-19 09:01:18 +00:00
|
|
|
#[tracing::instrument(skip(db, origin, signature_ids))]
|
2021-01-30 02:45:33 +00:00
|
|
|
pub(crate) async fn fetch_signing_keys(
|
2021-01-03 22:26:17 +00:00
|
|
|
db: &Database,
|
2021-01-14 19:39:56 +00:00
|
|
|
origin: &ServerName,
|
2021-05-20 21:46:52 +00:00
|
|
|
signature_ids: Vec<String>,
|
2021-03-13 15:30:12 +00:00
|
|
|
) -> Result<BTreeMap<String, String>> {
|
2021-03-23 11:59:27 +00:00
|
|
|
let contains_all_ids =
|
2021-05-20 21:46:52 +00:00
|
|
|
|keys: &BTreeMap<String, String>| signature_ids.iter().all(|id| keys.contains_key(id));
|
|
|
|
|
|
|
|
let permit = db
|
|
|
|
.globals
|
|
|
|
.servername_ratelimiter
|
|
|
|
.read()
|
|
|
|
.unwrap()
|
|
|
|
.get(origin)
|
|
|
|
.map(|s| Arc::clone(s).acquire_owned());
|
|
|
|
|
|
|
|
let permit = match permit {
|
|
|
|
Some(p) => p,
|
|
|
|
None => {
|
|
|
|
let mut write = db.globals.servername_ratelimiter.write().unwrap();
|
|
|
|
let s = Arc::clone(
|
|
|
|
write
|
|
|
|
.entry(origin.to_owned())
|
|
|
|
.or_insert_with(|| Arc::new(Semaphore::new(1))),
|
|
|
|
);
|
|
|
|
|
|
|
|
s.acquire_owned()
|
|
|
|
}
|
|
|
|
}
|
|
|
|
.await;
|
|
|
|
|
|
|
|
let back_off = |id| match db
|
|
|
|
.globals
|
|
|
|
.bad_signature_ratelimiter
|
|
|
|
.write()
|
|
|
|
.unwrap()
|
|
|
|
.entry(id)
|
|
|
|
{
|
2021-08-24 17:10:31 +00:00
|
|
|
hash_map::Entry::Vacant(e) => {
|
2021-05-20 21:46:52 +00:00
|
|
|
e.insert((Instant::now(), 1));
|
|
|
|
}
|
2021-08-24 17:10:31 +00:00
|
|
|
hash_map::Entry::Occupied(mut e) => *e.get_mut() = (Instant::now(), e.get().1 + 1),
|
2021-05-20 21:46:52 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
if let Some((time, tries)) = db
|
|
|
|
.globals
|
|
|
|
.bad_signature_ratelimiter
|
|
|
|
.read()
|
|
|
|
.unwrap()
|
|
|
|
.get(&signature_ids)
|
|
|
|
{
|
|
|
|
// Exponential backoff
|
|
|
|
let mut min_elapsed_duration = Duration::from_secs(30) * (*tries) * (*tries);
|
|
|
|
if min_elapsed_duration > Duration::from_secs(60 * 60 * 24) {
|
|
|
|
min_elapsed_duration = Duration::from_secs(60 * 60 * 24);
|
|
|
|
}
|
|
|
|
|
|
|
|
if time.elapsed() < min_elapsed_duration {
|
|
|
|
debug!("Backing off from {:?}", signature_ids);
|
|
|
|
return Err(Error::BadServerResponse("bad signature, still backing off"));
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2021-05-21 16:12:02 +00:00
|
|
|
trace!("Loading signing keys for {}", origin);
|
2021-03-13 15:30:12 +00:00
|
|
|
|
2021-03-22 13:04:11 +00:00
|
|
|
let mut result = db
|
|
|
|
.globals
|
|
|
|
.signing_keys_for(origin)?
|
|
|
|
.into_iter()
|
|
|
|
.map(|(k, v)| (k.to_string(), v.key))
|
|
|
|
.collect::<BTreeMap<_, _>>();
|
|
|
|
|
|
|
|
if contains_all_ids(&result) {
|
|
|
|
return Ok(result);
|
|
|
|
}
|
|
|
|
|
2021-05-20 21:46:52 +00:00
|
|
|
debug!("Fetching signing keys for {} over federation", origin);
|
|
|
|
|
2021-03-22 13:04:11 +00:00
|
|
|
if let Ok(get_keys_response) = db
|
|
|
|
.sending
|
|
|
|
.send_federation_request(&db.globals, origin, get_server_keys::v2::Request::new())
|
|
|
|
.await
|
|
|
|
{
|
|
|
|
db.globals
|
2021-06-08 16:10:00 +00:00
|
|
|
.add_signing_key(origin, get_keys_response.server_key.clone())?;
|
2021-03-22 13:04:11 +00:00
|
|
|
|
|
|
|
result.extend(
|
|
|
|
get_keys_response
|
|
|
|
.server_key
|
|
|
|
.verify_keys
|
|
|
|
.into_iter()
|
|
|
|
.map(|(k, v)| (k.to_string(), v.key)),
|
|
|
|
);
|
|
|
|
result.extend(
|
|
|
|
get_keys_response
|
|
|
|
.server_key
|
|
|
|
.old_verify_keys
|
|
|
|
.into_iter()
|
|
|
|
.map(|(k, v)| (k.to_string(), v.key)),
|
|
|
|
);
|
|
|
|
|
|
|
|
if contains_all_ids(&result) {
|
|
|
|
return Ok(result);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
for server in db.globals.trusted_servers() {
|
|
|
|
debug!("Asking {} for {}'s signing key", server, origin);
|
|
|
|
if let Ok(keys) = db
|
|
|
|
.sending
|
|
|
|
.send_federation_request(
|
|
|
|
&db.globals,
|
|
|
|
&server,
|
|
|
|
get_remote_server_keys::v2::Request::new(
|
|
|
|
origin,
|
2021-05-20 21:46:52 +00:00
|
|
|
MilliSecondsSinceUnixEpoch::from_system_time(
|
|
|
|
SystemTime::now()
|
|
|
|
.checked_add(Duration::from_secs(3600))
|
|
|
|
.expect("SystemTime to large"),
|
|
|
|
)
|
|
|
|
.expect("time is valid"),
|
2021-03-22 13:04:11 +00:00
|
|
|
),
|
|
|
|
)
|
|
|
|
.await
|
|
|
|
{
|
2021-05-20 21:46:52 +00:00
|
|
|
trace!("Got signing keys: {:?}", keys);
|
2021-04-05 19:46:10 +00:00
|
|
|
for k in keys.server_keys {
|
2021-06-08 16:10:00 +00:00
|
|
|
db.globals.add_signing_key(origin, k.clone())?;
|
2021-03-22 13:04:11 +00:00
|
|
|
result.extend(
|
|
|
|
k.verify_keys
|
|
|
|
.into_iter()
|
|
|
|
.map(|(k, v)| (k.to_string(), v.key)),
|
|
|
|
);
|
|
|
|
result.extend(
|
|
|
|
k.old_verify_keys
|
|
|
|
.into_iter()
|
|
|
|
.map(|(k, v)| (k.to_string(), v.key)),
|
|
|
|
);
|
|
|
|
}
|
|
|
|
|
|
|
|
if contains_all_ids(&result) {
|
|
|
|
return Ok(result);
|
2021-03-01 13:23:28 +00:00
|
|
|
}
|
2021-01-03 22:26:17 +00:00
|
|
|
}
|
|
|
|
}
|
2021-03-22 13:04:11 +00:00
|
|
|
|
2021-05-20 21:46:52 +00:00
|
|
|
drop(permit);
|
|
|
|
|
|
|
|
back_off(signature_ids);
|
|
|
|
|
2021-04-13 19:34:31 +00:00
|
|
|
warn!("Failed to find public key for server: {}", origin);
|
2021-03-22 13:04:11 +00:00
|
|
|
Err(Error::BadServerResponse(
|
|
|
|
"Failed to find public key for server",
|
|
|
|
))
|
2021-01-03 22:26:17 +00:00
|
|
|
}
|
2021-01-15 20:46:47 +00:00
|
|
|
|
2021-01-30 02:45:33 +00:00
|
|
|
/// Append the incoming event setting the state snapshot to the state from the
|
|
|
|
/// server that sent the event.
|
2021-08-24 17:10:31 +00:00
|
|
|
#[tracing::instrument(skip(db, pdu, pdu_json, new_room_leaves, state_ids_compressed, _mutex_lock))]
|
2021-08-02 08:13:34 +00:00
|
|
|
fn append_incoming_pdu(
|
2021-01-30 02:45:33 +00:00
|
|
|
db: &Database,
|
|
|
|
pdu: &PduEvent,
|
2021-04-16 16:18:29 +00:00
|
|
|
pdu_json: CanonicalJsonObject,
|
2021-03-25 22:55:40 +00:00
|
|
|
new_room_leaves: HashSet<EventId>,
|
2021-08-24 17:10:31 +00:00
|
|
|
state_ids_compressed: HashSet<CompressedStateEvent>,
|
|
|
|
soft_fail: bool,
|
2021-07-29 06:36:01 +00:00
|
|
|
_mutex_lock: &MutexGuard<'_, ()>, // Take mutex guard to make sure users get the room mutex
|
2021-08-24 17:10:31 +00:00
|
|
|
) -> Result<Option<Vec<u8>>> {
|
2021-01-15 02:32:22 +00:00
|
|
|
// We append to state before appending the pdu, so we don't have a moment in time with the
|
|
|
|
// pdu without it's state. This is okay because append_pdu can't fail.
|
2021-08-24 17:10:31 +00:00
|
|
|
db.rooms.set_event_state(
|
|
|
|
&pdu.event_id,
|
|
|
|
&pdu.room_id,
|
|
|
|
state_ids_compressed,
|
|
|
|
&db.globals,
|
|
|
|
)?;
|
|
|
|
|
|
|
|
if soft_fail {
|
|
|
|
db.rooms
|
|
|
|
.mark_as_referenced(&pdu.room_id, &pdu.prev_events)?;
|
|
|
|
db.rooms.replace_pdu_leaves(
|
|
|
|
&pdu.room_id,
|
|
|
|
&new_room_leaves.into_iter().collect::<Vec<_>>(),
|
|
|
|
)?;
|
|
|
|
return Ok(None);
|
|
|
|
}
|
2020-12-22 17:45:35 +00:00
|
|
|
|
2021-07-01 09:06:05 +00:00
|
|
|
let pdu_id = db.rooms.append_pdu(
|
2021-01-19 00:08:59 +00:00
|
|
|
pdu,
|
2021-04-16 16:18:29 +00:00
|
|
|
pdu_json,
|
2021-03-25 22:55:40 +00:00
|
|
|
&new_room_leaves.into_iter().collect::<Vec<_>>(),
|
2021-01-15 16:05:57 +00:00
|
|
|
&db,
|
2020-12-22 17:45:35 +00:00
|
|
|
)?;
|
|
|
|
|
2021-08-02 08:13:34 +00:00
|
|
|
for appservice in db.appservice.all()? {
|
2021-08-29 18:00:02 +00:00
|
|
|
if db.rooms.appservice_in_room(&pdu.room_id, &appservice, db)? {
|
|
|
|
db.sending.send_pdu_appservice(&appservice.0, &pdu_id)?;
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
2021-03-04 13:39:16 +00:00
|
|
|
if let Some(namespaces) = appservice.1.get("namespaces") {
|
|
|
|
let users = namespaces
|
|
|
|
.get("users")
|
|
|
|
.and_then(|users| users.as_sequence())
|
|
|
|
.map_or_else(Vec::new, |users| {
|
|
|
|
users
|
|
|
|
.iter()
|
2021-06-17 18:37:07 +00:00
|
|
|
.filter_map(|users| Regex::new(users.get("regex")?.as_str()?).ok())
|
2021-03-04 13:39:16 +00:00
|
|
|
.collect::<Vec<_>>()
|
|
|
|
});
|
|
|
|
let aliases = namespaces
|
|
|
|
.get("aliases")
|
2021-08-29 18:00:02 +00:00
|
|
|
.and_then(|aliases| aliases.as_sequence())
|
|
|
|
.map_or_else(Vec::new, |aliases| {
|
|
|
|
aliases
|
|
|
|
.iter()
|
|
|
|
.filter_map(|aliases| Regex::new(aliases.get("regex")?.as_str()?).ok())
|
|
|
|
.collect::<Vec<_>>()
|
|
|
|
});
|
2021-03-04 13:39:16 +00:00
|
|
|
let rooms = namespaces
|
|
|
|
.get("rooms")
|
|
|
|
.and_then(|rooms| rooms.as_sequence());
|
|
|
|
|
2021-08-29 18:00:02 +00:00
|
|
|
let matching_users = |users: &Regex| {
|
2021-03-04 13:39:16 +00:00
|
|
|
users.is_match(pdu.sender.as_str())
|
|
|
|
|| pdu.kind == EventType::RoomMember
|
|
|
|
&& pdu
|
|
|
|
.state_key
|
|
|
|
.as_ref()
|
|
|
|
.map_or(false, |state_key| users.is_match(&state_key))
|
2021-08-29 18:00:02 +00:00
|
|
|
};
|
|
|
|
let matching_aliases = |aliases: &Regex| {
|
|
|
|
db.rooms
|
|
|
|
.room_aliases(&pdu.room_id)
|
2021-03-04 13:39:16 +00:00
|
|
|
.filter_map(|r| r.ok())
|
|
|
|
.any(|room_alias| aliases.is_match(room_alias.as_str()))
|
2021-08-29 18:00:02 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
if aliases.iter().any(matching_aliases)
|
|
|
|
|| rooms.map_or(false, |rooms| rooms.contains(&pdu.room_id.as_str().into()))
|
|
|
|
|| users.iter().any(matching_users)
|
2021-03-04 13:39:16 +00:00
|
|
|
{
|
|
|
|
db.sending.send_pdu_appservice(&appservice.0, &pdu_id)?;
|
|
|
|
}
|
|
|
|
}
|
2020-12-22 17:45:35 +00:00
|
|
|
}
|
|
|
|
|
2021-08-24 17:10:31 +00:00
|
|
|
Ok(Some(pdu_id))
|
2020-12-22 17:45:35 +00:00
|
|
|
}
|
|
|
|
|
2021-08-19 09:01:18 +00:00
|
|
|
#[tracing::instrument(skip(starting_events, db))]
|
2021-08-31 17:14:37 +00:00
|
|
|
pub(crate) fn get_auth_chain<'a>(
|
|
|
|
room_id: &RoomId,
|
2021-08-26 21:58:32 +00:00
|
|
|
starting_events: Vec<Arc<EventId>>,
|
2021-08-31 17:14:37 +00:00
|
|
|
db: &'a Database,
|
|
|
|
) -> Result<impl Iterator<Item = Arc<EventId>> + 'a> {
|
2021-08-26 12:18:19 +00:00
|
|
|
const NUM_BUCKETS: usize = 50;
|
2021-08-24 19:10:01 +00:00
|
|
|
|
2021-08-26 12:18:19 +00:00
|
|
|
let mut buckets = vec![BTreeSet::new(); NUM_BUCKETS];
|
2021-08-24 19:10:01 +00:00
|
|
|
|
|
|
|
for id in starting_events {
|
2021-08-26 16:59:38 +00:00
|
|
|
let short = db.rooms.get_or_create_shorteventid(&id, &db.globals)?;
|
|
|
|
let bucket_id = (short % NUM_BUCKETS as u64) as usize;
|
|
|
|
buckets[bucket_id].insert((short, id.clone()));
|
2021-08-24 19:10:01 +00:00
|
|
|
}
|
2021-08-11 17:15:38 +00:00
|
|
|
|
2021-08-26 12:18:19 +00:00
|
|
|
let mut full_auth_chain = HashSet::new();
|
2021-08-04 16:30:56 +00:00
|
|
|
|
2021-08-26 12:18:19 +00:00
|
|
|
let mut hits = 0;
|
|
|
|
let mut misses = 0;
|
2021-08-24 19:10:01 +00:00
|
|
|
for chunk in buckets {
|
2021-08-26 12:18:19 +00:00
|
|
|
if chunk.is_empty() {
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
let chunk_key = chunk
|
|
|
|
.iter()
|
|
|
|
.map(|(short, _)| short)
|
|
|
|
.copied()
|
|
|
|
.collect::<Vec<u64>>();
|
|
|
|
if let Some(cached) = db.rooms.get_auth_chain_from_cache(&chunk_key)? {
|
|
|
|
hits += 1;
|
2021-08-04 16:30:56 +00:00
|
|
|
full_auth_chain.extend(cached.iter().cloned());
|
2021-08-24 19:10:01 +00:00
|
|
|
continue;
|
|
|
|
}
|
2021-08-26 12:18:19 +00:00
|
|
|
misses += 1;
|
2021-08-24 19:10:01 +00:00
|
|
|
|
|
|
|
let mut chunk_cache = HashSet::new();
|
2021-08-26 12:18:19 +00:00
|
|
|
let mut hits2 = 0;
|
|
|
|
let mut misses2 = 0;
|
2021-08-24 19:10:01 +00:00
|
|
|
for (sevent_id, event_id) in chunk {
|
2021-08-26 12:18:19 +00:00
|
|
|
if let Some(cached) = db.rooms.get_auth_chain_from_cache(&[sevent_id])? {
|
|
|
|
hits2 += 1;
|
2021-08-24 19:10:01 +00:00
|
|
|
chunk_cache.extend(cached.iter().cloned());
|
|
|
|
} else {
|
2021-08-26 12:18:19 +00:00
|
|
|
misses2 += 1;
|
2021-08-31 17:14:37 +00:00
|
|
|
let auth_chain = Arc::new(get_auth_chain_inner(&room_id, &event_id, db)?);
|
2021-08-26 12:18:19 +00:00
|
|
|
db.rooms
|
|
|
|
.cache_auth_chain(vec![sevent_id], Arc::clone(&auth_chain))?;
|
|
|
|
println!(
|
|
|
|
"cache missed event {} with auth chain len {}",
|
|
|
|
event_id,
|
|
|
|
auth_chain.len()
|
|
|
|
);
|
|
|
|
chunk_cache.extend(auth_chain.iter());
|
2021-08-24 19:10:01 +00:00
|
|
|
};
|
|
|
|
}
|
2021-08-26 12:18:19 +00:00
|
|
|
println!(
|
|
|
|
"chunk missed with len {}, event hits2: {}, misses2: {}",
|
|
|
|
chunk_cache.len(),
|
|
|
|
hits2,
|
|
|
|
misses2
|
|
|
|
);
|
|
|
|
let chunk_cache = Arc::new(chunk_cache);
|
|
|
|
db.rooms
|
|
|
|
.cache_auth_chain(chunk_key, Arc::clone(&chunk_cache))?;
|
|
|
|
full_auth_chain.extend(chunk_cache.iter());
|
2021-07-18 18:43:39 +00:00
|
|
|
}
|
|
|
|
|
2021-08-26 12:18:19 +00:00
|
|
|
println!(
|
|
|
|
"total: {}, chunk hits: {}, misses: {}",
|
|
|
|
full_auth_chain.len(),
|
|
|
|
hits,
|
|
|
|
misses
|
|
|
|
);
|
2021-08-11 19:14:22 +00:00
|
|
|
|
|
|
|
Ok(full_auth_chain
|
2021-08-11 17:15:38 +00:00
|
|
|
.into_iter()
|
2021-08-11 19:14:22 +00:00
|
|
|
.filter_map(move |sid| db.rooms.get_eventid_from_short(sid).ok()))
|
2021-07-20 10:41:35 +00:00
|
|
|
}
|
|
|
|
|
2021-08-19 09:01:18 +00:00
|
|
|
#[tracing::instrument(skip(event_id, db))]
|
2021-08-31 17:14:37 +00:00
|
|
|
fn get_auth_chain_inner(
|
|
|
|
room_id: &RoomId,
|
|
|
|
event_id: &EventId,
|
|
|
|
db: &Database,
|
|
|
|
) -> Result<HashSet<u64>> {
|
2021-08-17 14:06:09 +00:00
|
|
|
let mut todo = vec![event_id.clone()];
|
|
|
|
let mut found = HashSet::new();
|
|
|
|
|
|
|
|
while let Some(event_id) = todo.pop() {
|
|
|
|
match db.rooms.get_pdu(&event_id) {
|
|
|
|
Ok(Some(pdu)) => {
|
2021-08-31 17:14:37 +00:00
|
|
|
if &pdu.room_id != room_id {
|
|
|
|
return Err(Error::BadRequest(ErrorKind::Forbidden, "Evil event in db"));
|
|
|
|
}
|
2021-08-17 14:06:09 +00:00
|
|
|
for auth_event in &pdu.auth_events {
|
|
|
|
let sauthevent = db
|
|
|
|
.rooms
|
|
|
|
.get_or_create_shorteventid(auth_event, &db.globals)?;
|
|
|
|
|
|
|
|
if !found.contains(&sauthevent) {
|
|
|
|
found.insert(sauthevent);
|
|
|
|
todo.push(auth_event.clone());
|
|
|
|
}
|
2021-08-06 18:00:08 +00:00
|
|
|
}
|
2021-08-03 17:18:41 +00:00
|
|
|
}
|
2021-08-17 14:06:09 +00:00
|
|
|
Ok(None) => {
|
|
|
|
warn!("Could not find pdu mentioned in auth events: {}", event_id);
|
|
|
|
}
|
|
|
|
Err(e) => {
|
|
|
|
warn!("Could not load event in auth chain: {} {}", event_id, e);
|
|
|
|
}
|
2021-08-06 18:00:08 +00:00
|
|
|
}
|
2021-07-18 18:43:39 +00:00
|
|
|
}
|
|
|
|
|
2021-08-17 14:06:09 +00:00
|
|
|
Ok(found)
|
2021-07-18 18:43:39 +00:00
|
|
|
}
|
|
|
|
|
2021-08-31 17:14:37 +00:00
|
|
|
/// # `GET /_matrix/federation/v1/event/{eventId}`
|
|
|
|
///
|
|
|
|
/// Retrieves a single event from the server.
|
|
|
|
///
|
|
|
|
/// - Only works if a user of this server is currently invited or joined the room
|
2021-04-07 13:56:57 +00:00
|
|
|
#[cfg_attr(
|
|
|
|
feature = "conduit_bin",
|
|
|
|
get("/_matrix/federation/v1/event/<_>", data = "<body>")
|
|
|
|
)]
|
|
|
|
#[tracing::instrument(skip(db, body))]
|
2021-06-08 16:10:00 +00:00
|
|
|
pub fn get_event_route(
|
2021-07-14 07:07:08 +00:00
|
|
|
db: DatabaseGuard,
|
2021-04-07 13:56:57 +00:00
|
|
|
body: Ruma<get_event::v1::Request<'_>>,
|
|
|
|
) -> ConduitResult<get_event::v1::Response> {
|
|
|
|
if !db.globals.allow_federation() {
|
|
|
|
return Err(Error::bad_config("Federation is disabled."));
|
|
|
|
}
|
|
|
|
|
2021-08-31 17:14:37 +00:00
|
|
|
let sender_servername = body
|
|
|
|
.sender_servername
|
|
|
|
.as_ref()
|
|
|
|
.expect("server is authenticated");
|
|
|
|
|
|
|
|
let event = db
|
|
|
|
.rooms
|
|
|
|
.get_pdu_json(&body.event_id)?
|
|
|
|
.ok_or(Error::BadRequest(ErrorKind::NotFound, "Event not found."))?;
|
|
|
|
|
|
|
|
let room_id_str = event
|
|
|
|
.get("room_id")
|
|
|
|
.and_then(|val| val.as_str())
|
|
|
|
.ok_or_else(|| Error::bad_database("Invalid event in database"))?;
|
|
|
|
|
|
|
|
let room_id = RoomId::try_from(room_id_str)
|
|
|
|
.map_err(|_| Error::bad_database("Invalid room id field in event in database"))?;
|
|
|
|
|
|
|
|
if !db.rooms.server_in_room(sender_servername, &room_id)? {
|
|
|
|
return Err(Error::BadRequest(ErrorKind::NotFound, "Event not found."));
|
|
|
|
}
|
|
|
|
|
2021-04-07 13:56:57 +00:00
|
|
|
Ok(get_event::v1::Response {
|
|
|
|
origin: db.globals.server_name().to_owned(),
|
2021-05-20 21:46:52 +00:00
|
|
|
origin_server_ts: MilliSecondsSinceUnixEpoch::now(),
|
2021-08-31 17:14:37 +00:00
|
|
|
pdu: PduEvent::convert_to_outgoing_federation_event(event),
|
2021-04-07 13:56:57 +00:00
|
|
|
}
|
|
|
|
.into())
|
|
|
|
}
|
|
|
|
|
2021-08-31 17:14:37 +00:00
|
|
|
/// # `POST /_matrix/federation/v1/get_missing_events/{roomId}`
|
|
|
|
///
|
|
|
|
/// Retrieves events that the sender is missing.
|
2020-09-25 10:26:29 +00:00
|
|
|
#[cfg_attr(
|
|
|
|
feature = "conduit_bin",
|
|
|
|
post("/_matrix/federation/v1/get_missing_events/<_>", data = "<body>")
|
|
|
|
)]
|
2021-02-28 11:41:03 +00:00
|
|
|
#[tracing::instrument(skip(db, body))]
|
2021-06-08 16:10:00 +00:00
|
|
|
pub fn get_missing_events_route(
|
2021-07-14 07:07:08 +00:00
|
|
|
db: DatabaseGuard,
|
2020-09-25 10:26:29 +00:00
|
|
|
body: Ruma<get_missing_events::v1::Request<'_>>,
|
|
|
|
) -> ConduitResult<get_missing_events::v1::Response> {
|
2021-01-01 12:47:53 +00:00
|
|
|
if !db.globals.allow_federation() {
|
2020-11-14 22:13:06 +00:00
|
|
|
return Err(Error::bad_config("Federation is disabled."));
|
2020-10-06 19:04:51 +00:00
|
|
|
}
|
|
|
|
|
2021-08-31 17:14:37 +00:00
|
|
|
let sender_servername = body
|
|
|
|
.sender_servername
|
|
|
|
.as_ref()
|
|
|
|
.expect("server is authenticated");
|
|
|
|
|
|
|
|
if !db.rooms.server_in_room(sender_servername, &body.room_id)? {
|
|
|
|
return Err(Error::BadRequest(
|
|
|
|
ErrorKind::Forbidden,
|
|
|
|
"Server is not in room",
|
|
|
|
));
|
|
|
|
}
|
|
|
|
|
2020-09-25 10:26:29 +00:00
|
|
|
let mut queued_events = body.latest_events.clone();
|
|
|
|
let mut events = Vec::new();
|
|
|
|
|
|
|
|
let mut i = 0;
|
|
|
|
while i < queued_events.len() && events.len() < u64::from(body.limit) as usize {
|
|
|
|
if let Some(pdu) = db.rooms.get_pdu_json(&queued_events[i])? {
|
2021-08-31 17:14:37 +00:00
|
|
|
let room_id_str = pdu
|
|
|
|
.get("room_id")
|
|
|
|
.and_then(|val| val.as_str())
|
|
|
|
.ok_or_else(|| Error::bad_database("Invalid event in database"))?;
|
|
|
|
|
|
|
|
let event_room_id = RoomId::try_from(room_id_str)
|
|
|
|
.map_err(|_| Error::bad_database("Invalid room id field in event in database"))?;
|
|
|
|
|
|
|
|
if event_room_id != body.room_id {
|
|
|
|
warn!(
|
|
|
|
"Evil event detected: Event {} found while searching in room {}",
|
|
|
|
queued_events[i], body.room_id
|
|
|
|
);
|
|
|
|
return Err(Error::BadRequest(
|
|
|
|
ErrorKind::InvalidParam,
|
|
|
|
"Evil event detected",
|
|
|
|
));
|
|
|
|
}
|
2021-04-14 08:43:31 +00:00
|
|
|
|
2021-08-31 17:14:37 +00:00
|
|
|
if body.earliest_events.contains(&queued_events[i]) {
|
2020-09-25 10:26:29 +00:00
|
|
|
i += 1;
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
queued_events.extend_from_slice(
|
|
|
|
&serde_json::from_value::<Vec<EventId>>(
|
2021-04-11 19:01:27 +00:00
|
|
|
serde_json::to_value(pdu.get("prev_events").cloned().ok_or_else(|| {
|
|
|
|
Error::bad_database("Event in db has no prev_events field.")
|
|
|
|
})?)
|
|
|
|
.expect("canonical json is valid json value"),
|
2020-09-25 10:26:29 +00:00
|
|
|
)
|
|
|
|
.map_err(|_| Error::bad_database("Invalid prev_events content in pdu in db."))?,
|
|
|
|
);
|
2021-04-11 19:01:27 +00:00
|
|
|
events.push(PduEvent::convert_to_outgoing_federation_event(pdu));
|
2020-09-25 10:26:29 +00:00
|
|
|
}
|
|
|
|
i += 1;
|
|
|
|
}
|
|
|
|
|
|
|
|
Ok(get_missing_events::v1::Response { events }.into())
|
|
|
|
}
|
2020-10-05 20:19:22 +00:00
|
|
|
|
2021-08-31 17:14:37 +00:00
|
|
|
/// # `GET /_matrix/federation/v1/event_auth/{roomId}/{eventId}`
|
|
|
|
///
|
|
|
|
/// Retrieves the auth chain for a given event.
|
|
|
|
///
|
|
|
|
/// - This does not include the event itself
|
2021-06-14 09:36:18 +00:00
|
|
|
#[cfg_attr(
|
|
|
|
feature = "conduit_bin",
|
|
|
|
get("/_matrix/federation/v1/event_auth/<_>/<_>", data = "<body>")
|
|
|
|
)]
|
|
|
|
#[tracing::instrument(skip(db, body))]
|
|
|
|
pub fn get_event_authorization_route(
|
2021-07-14 07:07:08 +00:00
|
|
|
db: DatabaseGuard,
|
2021-06-14 09:36:18 +00:00
|
|
|
body: Ruma<get_event_authorization::v1::Request<'_>>,
|
|
|
|
) -> ConduitResult<get_event_authorization::v1::Response> {
|
|
|
|
if !db.globals.allow_federation() {
|
|
|
|
return Err(Error::bad_config("Federation is disabled."));
|
|
|
|
}
|
|
|
|
|
2021-08-31 17:14:37 +00:00
|
|
|
let sender_servername = body
|
|
|
|
.sender_servername
|
|
|
|
.as_ref()
|
|
|
|
.expect("server is authenticated");
|
|
|
|
|
|
|
|
let event = db
|
|
|
|
.rooms
|
|
|
|
.get_pdu_json(&body.event_id)?
|
|
|
|
.ok_or(Error::BadRequest(ErrorKind::NotFound, "Event not found."))?;
|
|
|
|
|
|
|
|
let room_id_str = event
|
|
|
|
.get("room_id")
|
|
|
|
.and_then(|val| val.as_str())
|
|
|
|
.ok_or_else(|| Error::bad_database("Invalid event in database"))?;
|
|
|
|
|
|
|
|
let room_id = RoomId::try_from(room_id_str)
|
|
|
|
.map_err(|_| Error::bad_database("Invalid room id field in event in database"))?;
|
|
|
|
|
|
|
|
if !db.rooms.server_in_room(sender_servername, &room_id)? {
|
|
|
|
return Err(Error::BadRequest(ErrorKind::NotFound, "Event not found."));
|
|
|
|
}
|
|
|
|
|
|
|
|
let auth_chain_ids = get_auth_chain(&room_id, vec![Arc::new(body.event_id.clone())], &db)?;
|
2021-06-14 09:36:18 +00:00
|
|
|
|
2021-07-18 18:43:39 +00:00
|
|
|
Ok(get_event_authorization::v1::Response {
|
|
|
|
auth_chain: auth_chain_ids
|
2021-08-26 21:58:32 +00:00
|
|
|
.filter_map(|id| db.rooms.get_pdu_json(&id).ok()?)
|
|
|
|
.map(PduEvent::convert_to_outgoing_federation_event)
|
2021-07-18 18:43:39 +00:00
|
|
|
.collect(),
|
2021-06-14 09:36:18 +00:00
|
|
|
}
|
2021-07-18 18:43:39 +00:00
|
|
|
.into())
|
2021-06-14 09:36:18 +00:00
|
|
|
}
|
|
|
|
|
2021-08-31 17:14:37 +00:00
|
|
|
/// # `GET /_matrix/federation/v1/state/{roomId}`
|
|
|
|
///
|
|
|
|
/// Retrieves the current state of the room.
|
2021-06-14 08:52:27 +00:00
|
|
|
#[cfg_attr(
|
|
|
|
feature = "conduit_bin",
|
|
|
|
get("/_matrix/federation/v1/state/<_>", data = "<body>")
|
|
|
|
)]
|
|
|
|
#[tracing::instrument(skip(db, body))]
|
|
|
|
pub fn get_room_state_route(
|
2021-07-14 07:07:08 +00:00
|
|
|
db: DatabaseGuard,
|
2021-06-14 08:52:27 +00:00
|
|
|
body: Ruma<get_room_state::v1::Request<'_>>,
|
|
|
|
) -> ConduitResult<get_room_state::v1::Response> {
|
|
|
|
if !db.globals.allow_federation() {
|
|
|
|
return Err(Error::bad_config("Federation is disabled."));
|
|
|
|
}
|
|
|
|
|
2021-08-31 17:14:37 +00:00
|
|
|
let sender_servername = body
|
|
|
|
.sender_servername
|
|
|
|
.as_ref()
|
|
|
|
.expect("server is authenticated");
|
|
|
|
|
|
|
|
if !db.rooms.server_in_room(sender_servername, &body.room_id)? {
|
|
|
|
return Err(Error::BadRequest(
|
|
|
|
ErrorKind::Forbidden,
|
|
|
|
"Server is not in room.",
|
|
|
|
));
|
|
|
|
}
|
|
|
|
|
2021-06-14 08:52:27 +00:00
|
|
|
let shortstatehash = db
|
|
|
|
.rooms
|
|
|
|
.pdu_shortstatehash(&body.event_id)?
|
|
|
|
.ok_or(Error::BadRequest(
|
|
|
|
ErrorKind::NotFound,
|
|
|
|
"Pdu state not found.",
|
|
|
|
))?;
|
|
|
|
|
|
|
|
let pdus = db
|
|
|
|
.rooms
|
|
|
|
.state_full_ids(shortstatehash)?
|
|
|
|
.into_iter()
|
2021-08-24 17:10:31 +00:00
|
|
|
.map(|(_, id)| {
|
2021-06-14 08:52:27 +00:00
|
|
|
PduEvent::convert_to_outgoing_federation_event(
|
|
|
|
db.rooms.get_pdu_json(&id).unwrap().unwrap(),
|
|
|
|
)
|
|
|
|
})
|
|
|
|
.collect();
|
|
|
|
|
2021-08-31 17:14:37 +00:00
|
|
|
let auth_chain_ids = get_auth_chain(&body.room_id, vec![Arc::new(body.event_id.clone())], &db)?;
|
2021-06-14 08:52:27 +00:00
|
|
|
|
2021-07-18 18:43:39 +00:00
|
|
|
Ok(get_room_state::v1::Response {
|
|
|
|
auth_chain: auth_chain_ids
|
|
|
|
.map(|id| {
|
|
|
|
Ok::<_, Error>(PduEvent::convert_to_outgoing_federation_event(
|
|
|
|
db.rooms.get_pdu_json(&id)?.unwrap(),
|
|
|
|
))
|
|
|
|
})
|
|
|
|
.filter_map(|r| r.ok())
|
|
|
|
.collect(),
|
|
|
|
pdus,
|
2021-06-14 08:52:27 +00:00
|
|
|
}
|
2021-07-18 18:43:39 +00:00
|
|
|
.into())
|
2021-06-14 08:52:27 +00:00
|
|
|
}
|
|
|
|
|
2021-08-31 17:14:37 +00:00
|
|
|
/// # `GET /_matrix/federation/v1/state_ids/{roomId}`
|
|
|
|
///
|
|
|
|
/// Retrieves the current state of the room.
|
2021-03-17 23:09:57 +00:00
|
|
|
#[cfg_attr(
|
|
|
|
feature = "conduit_bin",
|
|
|
|
get("/_matrix/federation/v1/state_ids/<_>", data = "<body>")
|
|
|
|
)]
|
|
|
|
#[tracing::instrument(skip(db, body))]
|
2021-06-08 16:10:00 +00:00
|
|
|
pub fn get_room_state_ids_route(
|
2021-07-14 07:07:08 +00:00
|
|
|
db: DatabaseGuard,
|
2021-03-17 23:09:57 +00:00
|
|
|
body: Ruma<get_room_state_ids::v1::Request<'_>>,
|
|
|
|
) -> ConduitResult<get_room_state_ids::v1::Response> {
|
|
|
|
if !db.globals.allow_federation() {
|
|
|
|
return Err(Error::bad_config("Federation is disabled."));
|
|
|
|
}
|
|
|
|
|
2021-08-31 17:14:37 +00:00
|
|
|
let sender_servername = body
|
|
|
|
.sender_servername
|
|
|
|
.as_ref()
|
|
|
|
.expect("server is authenticated");
|
|
|
|
|
|
|
|
if !db.rooms.server_in_room(sender_servername, &body.room_id)? {
|
|
|
|
return Err(Error::BadRequest(
|
|
|
|
ErrorKind::Forbidden,
|
|
|
|
"Server is not in room.",
|
|
|
|
));
|
|
|
|
}
|
|
|
|
|
2021-03-17 23:09:57 +00:00
|
|
|
let shortstatehash = db
|
|
|
|
.rooms
|
|
|
|
.pdu_shortstatehash(&body.event_id)?
|
|
|
|
.ok_or(Error::BadRequest(
|
|
|
|
ErrorKind::NotFound,
|
|
|
|
"Pdu state not found.",
|
|
|
|
))?;
|
|
|
|
|
2021-07-01 17:55:26 +00:00
|
|
|
let pdu_ids = db
|
|
|
|
.rooms
|
|
|
|
.state_full_ids(shortstatehash)?
|
|
|
|
.into_iter()
|
2021-08-26 21:58:32 +00:00
|
|
|
.map(|(_, id)| (*id).clone())
|
2021-07-01 17:55:26 +00:00
|
|
|
.collect();
|
2021-03-17 23:09:57 +00:00
|
|
|
|
2021-08-31 17:14:37 +00:00
|
|
|
let auth_chain_ids = get_auth_chain(&body.room_id, vec![Arc::new(body.event_id.clone())], &db)?;
|
2021-03-17 23:09:57 +00:00
|
|
|
|
|
|
|
Ok(get_room_state_ids::v1::Response {
|
2021-08-26 21:58:32 +00:00
|
|
|
auth_chain_ids: auth_chain_ids.map(|id| (*id).clone()).collect(),
|
2021-03-17 23:09:57 +00:00
|
|
|
pdu_ids,
|
|
|
|
}
|
|
|
|
.into())
|
|
|
|
}
|
|
|
|
|
2021-08-31 17:14:37 +00:00
|
|
|
/// # `GET /_matrix/federation/v1/make_join/{roomId}/{userId}`
|
|
|
|
///
|
|
|
|
/// Creates a join template.
|
2021-04-16 16:18:29 +00:00
|
|
|
#[cfg_attr(
|
|
|
|
feature = "conduit_bin",
|
|
|
|
get("/_matrix/federation/v1/make_join/<_>/<_>", data = "<body>")
|
|
|
|
)]
|
|
|
|
#[tracing::instrument(skip(db, body))]
|
2021-06-08 16:10:00 +00:00
|
|
|
pub fn create_join_event_template_route(
|
2021-07-14 07:07:08 +00:00
|
|
|
db: DatabaseGuard,
|
2021-04-16 16:18:29 +00:00
|
|
|
body: Ruma<create_join_event_template::v1::Request<'_>>,
|
|
|
|
) -> ConduitResult<create_join_event_template::v1::Response> {
|
|
|
|
if !db.globals.allow_federation() {
|
|
|
|
return Err(Error::bad_config("Federation is disabled."));
|
|
|
|
}
|
|
|
|
|
|
|
|
if !db.rooms.exists(&body.room_id)? {
|
|
|
|
return Err(Error::BadRequest(
|
|
|
|
ErrorKind::NotFound,
|
|
|
|
"Server is not in room.",
|
|
|
|
));
|
|
|
|
}
|
|
|
|
|
|
|
|
let prev_events = db
|
|
|
|
.rooms
|
|
|
|
.get_pdu_leaves(&body.room_id)?
|
|
|
|
.into_iter()
|
|
|
|
.take(20)
|
|
|
|
.collect::<Vec<_>>();
|
|
|
|
|
|
|
|
let create_event = db
|
|
|
|
.rooms
|
|
|
|
.room_state_get(&body.room_id, &EventType::RoomCreate, "")?;
|
|
|
|
|
|
|
|
let create_event_content = create_event
|
|
|
|
.as_ref()
|
|
|
|
.map(|create_event| {
|
2021-06-17 18:34:14 +00:00
|
|
|
serde_json::from_value::<Raw<CreateEventContent>>(create_event.content.clone())
|
|
|
|
.expect("Raw::from_value always works.")
|
|
|
|
.deserialize()
|
2021-08-22 11:00:36 +00:00
|
|
|
.map_err(|e| {
|
|
|
|
warn!("Invalid create event: {}", e);
|
|
|
|
Error::bad_database("Invalid create event in db.")
|
|
|
|
})
|
2021-04-16 16:18:29 +00:00
|
|
|
})
|
|
|
|
.transpose()?;
|
|
|
|
|
|
|
|
let create_prev_event = if prev_events.len() == 1
|
|
|
|
&& Some(&prev_events[0]) == create_event.as_ref().map(|c| &c.event_id)
|
|
|
|
{
|
2021-06-30 07:52:01 +00:00
|
|
|
create_event
|
2021-04-16 16:18:29 +00:00
|
|
|
} else {
|
|
|
|
None
|
|
|
|
};
|
|
|
|
|
|
|
|
// If there was no create event yet, assume we are creating a version 6 room right now
|
2021-07-21 09:29:13 +00:00
|
|
|
let room_version_id = create_event_content.map_or(RoomVersionId::Version6, |create_event| {
|
|
|
|
create_event.room_version
|
|
|
|
});
|
|
|
|
let room_version = RoomVersion::new(&room_version_id).expect("room version is supported");
|
|
|
|
|
|
|
|
if !body.ver.contains(&room_version_id) {
|
|
|
|
return Err(Error::BadRequest(
|
|
|
|
ErrorKind::IncompatibleRoomVersion {
|
|
|
|
room_version: room_version_id,
|
|
|
|
},
|
|
|
|
"Room version not supported.",
|
|
|
|
));
|
|
|
|
}
|
2021-04-16 16:18:29 +00:00
|
|
|
|
|
|
|
let content = serde_json::to_value(MemberEventContent {
|
|
|
|
avatar_url: None,
|
2021-07-15 21:17:58 +00:00
|
|
|
blurhash: None,
|
2021-04-16 16:18:29 +00:00
|
|
|
displayname: None,
|
|
|
|
is_direct: None,
|
|
|
|
membership: MembershipState::Join,
|
|
|
|
third_party_invite: None,
|
2021-08-19 09:01:18 +00:00
|
|
|
reason: None,
|
2021-04-16 16:18:29 +00:00
|
|
|
})
|
|
|
|
.expect("member event is valid value");
|
|
|
|
|
|
|
|
let state_key = body.user_id.to_string();
|
|
|
|
let kind = EventType::RoomMember;
|
|
|
|
|
|
|
|
let auth_events = db.rooms.get_auth_events(
|
|
|
|
&body.room_id,
|
|
|
|
&kind,
|
|
|
|
&body.user_id,
|
|
|
|
Some(&state_key),
|
|
|
|
&content,
|
|
|
|
)?;
|
|
|
|
|
|
|
|
// Our depth is the maximum depth of prev_events + 1
|
|
|
|
let depth = prev_events
|
|
|
|
.iter()
|
|
|
|
.filter_map(|event_id| Some(db.rooms.get_pdu(event_id).ok()??.depth))
|
|
|
|
.max()
|
|
|
|
.unwrap_or_else(|| uint!(0))
|
|
|
|
+ uint!(1);
|
|
|
|
|
|
|
|
let mut unsigned = BTreeMap::new();
|
|
|
|
|
|
|
|
if let Some(prev_pdu) = db.rooms.room_state_get(&body.room_id, &kind, &state_key)? {
|
2021-06-30 07:52:01 +00:00
|
|
|
unsigned.insert("prev_content".to_owned(), prev_pdu.content.clone());
|
2021-04-16 16:18:29 +00:00
|
|
|
unsigned.insert(
|
|
|
|
"prev_sender".to_owned(),
|
2021-06-30 07:52:01 +00:00
|
|
|
serde_json::to_value(&prev_pdu.sender).expect("UserId::to_value always works"),
|
2021-04-16 16:18:29 +00:00
|
|
|
);
|
|
|
|
}
|
|
|
|
|
|
|
|
let pdu = PduEvent {
|
|
|
|
event_id: ruma::event_id!("$thiswillbefilledinlater"),
|
|
|
|
room_id: body.room_id.clone(),
|
|
|
|
sender: body.user_id.clone(),
|
|
|
|
origin_server_ts: utils::millis_since_unix_epoch()
|
|
|
|
.try_into()
|
|
|
|
.expect("time is valid"),
|
|
|
|
kind,
|
|
|
|
content,
|
|
|
|
state_key: Some(state_key),
|
|
|
|
prev_events,
|
|
|
|
depth,
|
|
|
|
auth_events: auth_events
|
|
|
|
.iter()
|
|
|
|
.map(|(_, pdu)| pdu.event_id.clone())
|
|
|
|
.collect(),
|
|
|
|
redacts: None,
|
|
|
|
unsigned,
|
|
|
|
hashes: ruma::events::pdu::EventHash {
|
|
|
|
sha256: "aaa".to_owned(),
|
|
|
|
},
|
|
|
|
signatures: BTreeMap::new(),
|
|
|
|
};
|
|
|
|
|
|
|
|
let auth_check = state_res::auth_check(
|
|
|
|
&room_version,
|
|
|
|
&Arc::new(pdu.clone()),
|
|
|
|
create_prev_event,
|
|
|
|
None, // TODO: third_party_invite
|
2021-08-24 17:10:31 +00:00
|
|
|
|k, s| auth_events.get(&(k.clone(), s.to_owned())).map(Arc::clone),
|
2021-04-16 16:18:29 +00:00
|
|
|
)
|
|
|
|
.map_err(|e| {
|
|
|
|
error!("{:?}", e);
|
|
|
|
Error::bad_database("Auth check failed.")
|
|
|
|
})?;
|
|
|
|
|
|
|
|
if !auth_check {
|
|
|
|
return Err(Error::BadRequest(
|
2021-05-21 16:12:02 +00:00
|
|
|
ErrorKind::Forbidden,
|
2021-04-16 16:18:29 +00:00
|
|
|
"Event is not authorized.",
|
|
|
|
));
|
|
|
|
}
|
|
|
|
|
|
|
|
// Hash and sign
|
|
|
|
let mut pdu_json =
|
|
|
|
utils::to_canonical_object(&pdu).expect("event is valid, we just created it");
|
|
|
|
|
|
|
|
pdu_json.remove("event_id");
|
|
|
|
|
|
|
|
// Add origin because synapse likes that (and it's required in the spec)
|
|
|
|
pdu_json.insert(
|
|
|
|
"origin".to_owned(),
|
2021-04-26 16:20:20 +00:00
|
|
|
CanonicalJsonValue::String(db.globals.server_name().as_str().to_owned()),
|
2021-04-16 16:18:29 +00:00
|
|
|
);
|
|
|
|
|
|
|
|
Ok(create_join_event_template::v1::Response {
|
2021-07-21 09:29:13 +00:00
|
|
|
room_version: Some(room_version_id),
|
2021-04-16 16:18:29 +00:00
|
|
|
event: serde_json::from_value::<Raw<_>>(
|
|
|
|
serde_json::to_value(pdu_json).expect("CanonicalJson is valid serde_json::Value"),
|
|
|
|
)
|
|
|
|
.expect("Raw::from_value always works"),
|
|
|
|
}
|
|
|
|
.into())
|
|
|
|
}
|
|
|
|
|
2021-07-25 17:28:54 +00:00
|
|
|
async fn create_join_event(
|
|
|
|
db: &DatabaseGuard,
|
|
|
|
room_id: &RoomId,
|
|
|
|
pdu: &Raw<ruma::events::pdu::Pdu>,
|
|
|
|
) -> Result<RoomState> {
|
2021-04-16 16:18:29 +00:00
|
|
|
if !db.globals.allow_federation() {
|
|
|
|
return Err(Error::bad_config("Federation is disabled."));
|
|
|
|
}
|
|
|
|
|
|
|
|
// We need to return the state prior to joining, let's keep a reference to that here
|
2021-07-25 17:28:54 +00:00
|
|
|
let shortstatehash = db
|
|
|
|
.rooms
|
|
|
|
.current_shortstatehash(&room_id)?
|
|
|
|
.ok_or(Error::BadRequest(
|
|
|
|
ErrorKind::NotFound,
|
|
|
|
"Pdu state not found.",
|
|
|
|
))?;
|
2021-04-16 16:18:29 +00:00
|
|
|
|
|
|
|
let pub_key_map = RwLock::new(BTreeMap::new());
|
2021-06-30 00:18:52 +00:00
|
|
|
// let mut auth_cache = EventMap::new();
|
2021-04-16 16:18:29 +00:00
|
|
|
|
|
|
|
// We do not add the event_id field to the pdu here because of signature and hashes checks
|
2021-07-25 17:28:54 +00:00
|
|
|
let (event_id, value) = match crate::pdu::gen_event_id_canonical_json(&pdu) {
|
2021-04-16 16:18:29 +00:00
|
|
|
Ok(t) => t,
|
|
|
|
Err(_) => {
|
|
|
|
// Event could not be converted to canonical json
|
|
|
|
return Err(Error::BadRequest(
|
|
|
|
ErrorKind::InvalidParam,
|
|
|
|
"Could not convert event to canonical json.",
|
|
|
|
));
|
|
|
|
}
|
|
|
|
};
|
|
|
|
|
|
|
|
let origin = serde_json::from_value::<Box<ServerName>>(
|
|
|
|
serde_json::to_value(value.get("origin").ok_or(Error::BadRequest(
|
|
|
|
ErrorKind::InvalidParam,
|
|
|
|
"Event needs an origin field.",
|
|
|
|
))?)
|
|
|
|
.expect("CanonicalJson is valid json value"),
|
|
|
|
)
|
|
|
|
.map_err(|_| Error::BadRequest(ErrorKind::InvalidParam, "Origin field is invalid."))?;
|
|
|
|
|
2021-07-01 17:55:26 +00:00
|
|
|
let mutex = Arc::clone(
|
|
|
|
db.globals
|
2021-07-13 13:44:25 +00:00
|
|
|
.roomid_mutex_federation
|
2021-07-01 17:55:26 +00:00
|
|
|
.write()
|
|
|
|
.unwrap()
|
2021-07-25 17:28:54 +00:00
|
|
|
.entry(room_id.clone())
|
2021-07-01 17:55:26 +00:00
|
|
|
.or_default(),
|
|
|
|
);
|
|
|
|
let mutex_lock = mutex.lock().await;
|
2021-07-25 17:28:54 +00:00
|
|
|
let pdu_id = handle_incoming_pdu(&origin, &event_id, &room_id, value, true, &db, &pub_key_map)
|
|
|
|
.await
|
|
|
|
.map_err(|e| {
|
|
|
|
warn!("Error while handling incoming send join PDU: {}", e);
|
|
|
|
Error::BadRequest(
|
|
|
|
ErrorKind::InvalidParam,
|
|
|
|
"Error while handling incoming PDU.",
|
|
|
|
)
|
|
|
|
})?
|
|
|
|
.ok_or(Error::BadRequest(
|
2021-04-16 16:18:29 +00:00
|
|
|
ErrorKind::InvalidParam,
|
2021-07-25 17:28:54 +00:00
|
|
|
"Could not accept incoming PDU as timeline event.",
|
|
|
|
))?;
|
2021-07-01 17:55:26 +00:00
|
|
|
drop(mutex_lock);
|
2021-04-16 16:18:29 +00:00
|
|
|
|
|
|
|
let state_ids = db.rooms.state_full_ids(shortstatehash)?;
|
2021-08-31 17:14:37 +00:00
|
|
|
let auth_chain_ids = get_auth_chain(
|
|
|
|
&room_id,
|
|
|
|
state_ids.iter().map(|(_, id)| id.clone()).collect(),
|
|
|
|
&db,
|
|
|
|
)?;
|
2021-04-16 16:18:29 +00:00
|
|
|
|
|
|
|
for server in db
|
|
|
|
.rooms
|
2021-07-25 17:28:54 +00:00
|
|
|
.room_servers(&room_id)
|
2021-04-16 16:18:29 +00:00
|
|
|
.filter_map(|r| r.ok())
|
|
|
|
.filter(|server| &**server != db.globals.server_name())
|
|
|
|
{
|
|
|
|
db.sending.send_pdu(&server, &pdu_id)?;
|
|
|
|
}
|
|
|
|
|
2021-08-02 08:13:34 +00:00
|
|
|
db.flush()?;
|
2021-07-14 07:07:08 +00:00
|
|
|
|
2021-07-25 17:28:54 +00:00
|
|
|
Ok(RoomState {
|
|
|
|
auth_chain: auth_chain_ids
|
|
|
|
.filter_map(|id| db.rooms.get_pdu_json(&id).ok().flatten())
|
|
|
|
.map(PduEvent::convert_to_outgoing_federation_event)
|
|
|
|
.collect(),
|
|
|
|
state: state_ids
|
|
|
|
.iter()
|
2021-08-24 17:10:31 +00:00
|
|
|
.filter_map(|(_, id)| db.rooms.get_pdu_json(&id).ok().flatten())
|
2021-07-25 17:28:54 +00:00
|
|
|
.map(PduEvent::convert_to_outgoing_federation_event)
|
|
|
|
.collect(),
|
|
|
|
})
|
|
|
|
}
|
|
|
|
|
2021-08-31 17:14:37 +00:00
|
|
|
/// # `PUT /_matrix/federation/v1/send_join/{roomId}/{eventId}`
|
|
|
|
///
|
|
|
|
/// Submits a signed join event.
|
2021-07-25 17:28:54 +00:00
|
|
|
#[cfg_attr(
|
|
|
|
feature = "conduit_bin",
|
|
|
|
put("/_matrix/federation/v1/send_join/<_>/<_>", data = "<body>")
|
|
|
|
)]
|
|
|
|
#[tracing::instrument(skip(db, body))]
|
|
|
|
pub async fn create_join_event_v1_route(
|
|
|
|
db: DatabaseGuard,
|
|
|
|
body: Ruma<create_join_event::v1::Request<'_>>,
|
|
|
|
) -> ConduitResult<create_join_event::v1::Response> {
|
|
|
|
let room_state = create_join_event(&db, &body.room_id, &body.pdu).await?;
|
|
|
|
|
2021-08-24 17:10:31 +00:00
|
|
|
Ok(create_join_event::v1::Response { room_state }.into())
|
2021-07-25 17:28:54 +00:00
|
|
|
}
|
|
|
|
|
2021-08-31 17:14:37 +00:00
|
|
|
/// # `PUT /_matrix/federation/v2/send_join/{roomId}/{eventId}`
|
|
|
|
///
|
|
|
|
/// Submits a signed join event.
|
2021-07-25 17:28:54 +00:00
|
|
|
#[cfg_attr(
|
|
|
|
feature = "conduit_bin",
|
|
|
|
put("/_matrix/federation/v2/send_join/<_>/<_>", data = "<body>")
|
|
|
|
)]
|
|
|
|
#[tracing::instrument(skip(db, body))]
|
|
|
|
pub async fn create_join_event_v2_route(
|
|
|
|
db: DatabaseGuard,
|
|
|
|
body: Ruma<create_join_event::v2::Request<'_>>,
|
|
|
|
) -> ConduitResult<create_join_event::v2::Response> {
|
|
|
|
let room_state = create_join_event(&db, &body.room_id, &body.pdu).await?;
|
|
|
|
|
2021-08-24 17:10:31 +00:00
|
|
|
Ok(create_join_event::v2::Response { room_state }.into())
|
2021-04-16 16:18:29 +00:00
|
|
|
}
|
|
|
|
|
2021-08-31 17:14:37 +00:00
|
|
|
/// # `PUT /_matrix/federation/v2/invite/{roomId}/{eventId}`
|
|
|
|
///
|
|
|
|
/// Invites a remote user to a room.
|
2021-04-11 19:01:27 +00:00
|
|
|
#[cfg_attr(
|
|
|
|
feature = "conduit_bin",
|
|
|
|
put("/_matrix/federation/v2/invite/<_>/<_>", data = "<body>")
|
|
|
|
)]
|
|
|
|
#[tracing::instrument(skip(db, body))]
|
2021-06-08 16:10:00 +00:00
|
|
|
pub async fn create_invite_route(
|
2021-07-14 07:07:08 +00:00
|
|
|
db: DatabaseGuard,
|
2021-04-11 19:01:27 +00:00
|
|
|
body: Ruma<create_invite::v2::Request>,
|
|
|
|
) -> ConduitResult<create_invite::v2::Response> {
|
2021-04-16 16:18:29 +00:00
|
|
|
if !db.globals.allow_federation() {
|
|
|
|
return Err(Error::bad_config("Federation is disabled."));
|
|
|
|
}
|
|
|
|
|
2021-07-21 09:29:13 +00:00
|
|
|
if body.room_version != RoomVersionId::Version5 && body.room_version != RoomVersionId::Version6
|
|
|
|
{
|
2021-04-11 19:01:27 +00:00
|
|
|
return Err(Error::BadRequest(
|
|
|
|
ErrorKind::IncompatibleRoomVersion {
|
|
|
|
room_version: body.room_version.clone(),
|
|
|
|
},
|
|
|
|
"Server does not support this room version.",
|
|
|
|
));
|
|
|
|
}
|
|
|
|
|
|
|
|
let mut signed_event = utils::to_canonical_object(&body.event)
|
|
|
|
.map_err(|_| Error::BadRequest(ErrorKind::InvalidParam, "Invite event is invalid."))?;
|
|
|
|
|
|
|
|
ruma::signatures::hash_and_sign_event(
|
|
|
|
db.globals.server_name().as_str(),
|
|
|
|
db.globals.keypair(),
|
|
|
|
&mut signed_event,
|
|
|
|
&body.room_version,
|
|
|
|
)
|
|
|
|
.map_err(|_| Error::BadRequest(ErrorKind::InvalidParam, "Failed to sign event."))?;
|
|
|
|
|
2021-04-13 19:34:31 +00:00
|
|
|
// Generate event id
|
|
|
|
let event_id = EventId::try_from(&*format!(
|
|
|
|
"${}",
|
|
|
|
ruma::signatures::reference_hash(&signed_event, &body.room_version)
|
|
|
|
.expect("ruma can calculate reference hashes")
|
|
|
|
))
|
|
|
|
.expect("ruma's reference hashes are valid event ids");
|
|
|
|
|
|
|
|
// Add event_id back
|
|
|
|
signed_event.insert(
|
|
|
|
"event_id".to_owned(),
|
2021-04-26 16:20:20 +00:00
|
|
|
CanonicalJsonValue::String(event_id.into()),
|
2021-04-13 19:34:31 +00:00
|
|
|
);
|
|
|
|
|
2021-04-11 19:01:27 +00:00
|
|
|
let sender = serde_json::from_value(
|
2021-04-26 16:20:20 +00:00
|
|
|
signed_event
|
|
|
|
.get("sender")
|
|
|
|
.ok_or(Error::BadRequest(
|
|
|
|
ErrorKind::InvalidParam,
|
|
|
|
"Event had no sender field.",
|
|
|
|
))?
|
|
|
|
.clone()
|
|
|
|
.into(),
|
2021-04-11 19:01:27 +00:00
|
|
|
)
|
|
|
|
.map_err(|_| Error::BadRequest(ErrorKind::InvalidParam, "sender is not a user id."))?;
|
2021-04-26 16:20:20 +00:00
|
|
|
|
2021-04-11 19:01:27 +00:00
|
|
|
let invited_user = serde_json::from_value(
|
2021-04-26 16:20:20 +00:00
|
|
|
signed_event
|
|
|
|
.get("state_key")
|
|
|
|
.ok_or(Error::BadRequest(
|
|
|
|
ErrorKind::InvalidParam,
|
|
|
|
"Event had no state_key field.",
|
|
|
|
))?
|
|
|
|
.clone()
|
|
|
|
.into(),
|
2021-04-11 19:01:27 +00:00
|
|
|
)
|
|
|
|
.map_err(|_| Error::BadRequest(ErrorKind::InvalidParam, "state_key is not a user id."))?;
|
|
|
|
|
|
|
|
let mut invite_state = body.invite_room_state.clone();
|
|
|
|
|
|
|
|
let mut event = serde_json::from_str::<serde_json::Map<String, serde_json::Value>>(
|
|
|
|
&body.event.json().to_string(),
|
|
|
|
)
|
|
|
|
.map_err(|_| Error::BadRequest(ErrorKind::InvalidParam, "Invalid invite event bytes."))?;
|
|
|
|
|
|
|
|
event.insert("event_id".to_owned(), "$dummy".into());
|
|
|
|
|
2021-04-13 19:34:31 +00:00
|
|
|
let pdu = serde_json::from_value::<PduEvent>(event.into()).map_err(|e| {
|
|
|
|
warn!("Invalid invite event: {}", e);
|
|
|
|
Error::BadRequest(ErrorKind::InvalidParam, "Invalid invite event.")
|
|
|
|
})?;
|
|
|
|
|
|
|
|
invite_state.push(pdu.to_stripped_state_event());
|
|
|
|
|
|
|
|
// If the room already exists, the remote server will notify us about the join via /send
|
|
|
|
if !db.rooms.exists(&pdu.room_id)? {
|
|
|
|
db.rooms.update_membership(
|
|
|
|
&body.room_id,
|
|
|
|
&invited_user,
|
|
|
|
MembershipState::Invite,
|
|
|
|
&sender,
|
|
|
|
Some(invite_state),
|
2021-04-14 08:43:31 +00:00
|
|
|
&db,
|
2021-08-16 22:22:52 +00:00
|
|
|
true,
|
2021-04-13 19:34:31 +00:00
|
|
|
)?;
|
|
|
|
}
|
2021-04-11 19:01:27 +00:00
|
|
|
|
2021-08-02 08:13:34 +00:00
|
|
|
db.flush()?;
|
2021-07-14 07:07:08 +00:00
|
|
|
|
2021-04-11 19:01:27 +00:00
|
|
|
Ok(create_invite::v2::Response {
|
|
|
|
event: PduEvent::convert_to_outgoing_federation_event(signed_event),
|
|
|
|
}
|
|
|
|
.into())
|
|
|
|
}
|
|
|
|
|
2021-08-31 17:14:37 +00:00
|
|
|
/// # `GET /_matrix/federation/v1/user/devices/{userId}`
|
|
|
|
///
|
|
|
|
/// Gets information on all devices of the user.
|
2021-04-21 08:51:34 +00:00
|
|
|
#[cfg_attr(
|
|
|
|
feature = "conduit_bin",
|
|
|
|
get("/_matrix/federation/v1/user/devices/<_>", data = "<body>")
|
|
|
|
)]
|
|
|
|
#[tracing::instrument(skip(db, body))]
|
2021-06-08 16:10:00 +00:00
|
|
|
pub fn get_devices_route(
|
2021-07-14 07:07:08 +00:00
|
|
|
db: DatabaseGuard,
|
2021-04-21 08:51:34 +00:00
|
|
|
body: Ruma<get_devices::v1::Request<'_>>,
|
|
|
|
) -> ConduitResult<get_devices::v1::Response> {
|
|
|
|
if !db.globals.allow_federation() {
|
|
|
|
return Err(Error::bad_config("Federation is disabled."));
|
|
|
|
}
|
|
|
|
|
|
|
|
Ok(get_devices::v1::Response {
|
|
|
|
user_id: body.user_id.clone(),
|
|
|
|
stream_id: db
|
|
|
|
.users
|
|
|
|
.get_devicelist_version(&body.user_id)?
|
|
|
|
.unwrap_or(0)
|
|
|
|
.try_into()
|
|
|
|
.expect("version will not grow that large"),
|
|
|
|
devices: db
|
|
|
|
.users
|
|
|
|
.all_devices_metadata(&body.user_id)
|
|
|
|
.filter_map(|r| r.ok())
|
|
|
|
.filter_map(|metadata| {
|
|
|
|
Some(UserDevice {
|
|
|
|
keys: db
|
|
|
|
.users
|
|
|
|
.get_device_keys(&body.user_id, &metadata.device_id)
|
|
|
|
.ok()??,
|
|
|
|
device_id: metadata.device_id,
|
|
|
|
device_display_name: metadata.display_name,
|
|
|
|
})
|
|
|
|
})
|
|
|
|
.collect(),
|
|
|
|
}
|
|
|
|
.into())
|
|
|
|
}
|
|
|
|
|
2021-08-31 17:14:37 +00:00
|
|
|
/// # `GET /_matrix/federation/v1/query/directory`
|
|
|
|
///
|
|
|
|
/// Resolve a room alias to a room id.
|
2021-04-16 16:18:29 +00:00
|
|
|
#[cfg_attr(
|
|
|
|
feature = "conduit_bin",
|
|
|
|
get("/_matrix/federation/v1/query/directory", data = "<body>")
|
|
|
|
)]
|
|
|
|
#[tracing::instrument(skip(db, body))]
|
2021-06-08 16:10:00 +00:00
|
|
|
pub fn get_room_information_route(
|
2021-07-14 07:07:08 +00:00
|
|
|
db: DatabaseGuard,
|
2021-04-16 16:18:29 +00:00
|
|
|
body: Ruma<get_room_information::v1::Request<'_>>,
|
|
|
|
) -> ConduitResult<get_room_information::v1::Response> {
|
|
|
|
if !db.globals.allow_federation() {
|
|
|
|
return Err(Error::bad_config("Federation is disabled."));
|
|
|
|
}
|
|
|
|
|
|
|
|
let room_id = db
|
|
|
|
.rooms
|
|
|
|
.id_from_alias(&body.room_alias)?
|
2021-04-21 12:06:39 +00:00
|
|
|
.ok_or(Error::BadRequest(
|
|
|
|
ErrorKind::NotFound,
|
|
|
|
"Room alias not found.",
|
|
|
|
))?;
|
2021-04-16 16:18:29 +00:00
|
|
|
|
|
|
|
Ok(get_room_information::v1::Response {
|
|
|
|
room_id,
|
|
|
|
servers: vec![db.globals.server_name().to_owned()],
|
|
|
|
}
|
|
|
|
.into())
|
|
|
|
}
|
|
|
|
|
2021-08-31 17:14:37 +00:00
|
|
|
/// # `GET /_matrix/federation/v1/query/profile`
|
|
|
|
///
|
|
|
|
/// Gets information on a profile.
|
2020-10-05 20:19:22 +00:00
|
|
|
#[cfg_attr(
|
|
|
|
feature = "conduit_bin",
|
|
|
|
get("/_matrix/federation/v1/query/profile", data = "<body>")
|
|
|
|
)]
|
2021-02-28 11:41:03 +00:00
|
|
|
#[tracing::instrument(skip(db, body))]
|
2021-06-08 16:10:00 +00:00
|
|
|
pub fn get_profile_information_route(
|
2021-07-14 07:07:08 +00:00
|
|
|
db: DatabaseGuard,
|
2020-10-05 20:19:22 +00:00
|
|
|
body: Ruma<get_profile_information::v1::Request<'_>>,
|
|
|
|
) -> ConduitResult<get_profile_information::v1::Response> {
|
2021-01-01 12:47:53 +00:00
|
|
|
if !db.globals.allow_federation() {
|
2020-11-14 22:13:06 +00:00
|
|
|
return Err(Error::bad_config("Federation is disabled."));
|
2020-10-06 19:04:51 +00:00
|
|
|
}
|
|
|
|
|
2020-10-05 20:19:22 +00:00
|
|
|
let mut displayname = None;
|
|
|
|
let mut avatar_url = None;
|
2021-07-15 21:17:58 +00:00
|
|
|
let mut blurhash = None;
|
2020-10-05 20:19:22 +00:00
|
|
|
|
2020-12-04 23:16:17 +00:00
|
|
|
match &body.field {
|
2020-10-05 20:19:22 +00:00
|
|
|
Some(ProfileField::DisplayName) => displayname = db.users.displayname(&body.user_id)?,
|
2021-07-15 21:17:58 +00:00
|
|
|
Some(ProfileField::AvatarUrl) => {
|
|
|
|
avatar_url = db.users.avatar_url(&body.user_id)?;
|
|
|
|
blurhash = db.users.blurhash(&body.user_id)?
|
|
|
|
}
|
2021-07-15 17:54:04 +00:00
|
|
|
// TODO: what to do with custom
|
|
|
|
Some(_) => {}
|
2020-10-05 20:19:22 +00:00
|
|
|
None => {
|
|
|
|
displayname = db.users.displayname(&body.user_id)?;
|
|
|
|
avatar_url = db.users.avatar_url(&body.user_id)?;
|
2021-07-15 21:17:58 +00:00
|
|
|
blurhash = db.users.blurhash(&body.user_id)?;
|
2020-10-05 20:19:22 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
Ok(get_profile_information::v1::Response {
|
2021-07-15 21:17:58 +00:00
|
|
|
blurhash,
|
2020-10-05 20:19:22 +00:00
|
|
|
displayname,
|
|
|
|
avatar_url,
|
|
|
|
}
|
|
|
|
.into())
|
|
|
|
}
|
|
|
|
|
2021-08-31 17:14:37 +00:00
|
|
|
/// # `POST /_matrix/federation/v1/user/keys/query`
|
|
|
|
///
|
|
|
|
/// Gets devices and identity keys for the given users.
|
2021-05-20 21:46:52 +00:00
|
|
|
#[cfg_attr(
|
|
|
|
feature = "conduit_bin",
|
|
|
|
post("/_matrix/federation/v1/user/keys/query", data = "<body>")
|
|
|
|
)]
|
|
|
|
#[tracing::instrument(skip(db, body))]
|
2021-07-14 07:07:08 +00:00
|
|
|
pub async fn get_keys_route(
|
|
|
|
db: DatabaseGuard,
|
2021-05-20 21:46:52 +00:00
|
|
|
body: Ruma<get_keys::v1::Request>,
|
|
|
|
) -> ConduitResult<get_keys::v1::Response> {
|
|
|
|
if !db.globals.allow_federation() {
|
|
|
|
return Err(Error::bad_config("Federation is disabled."));
|
|
|
|
}
|
|
|
|
|
|
|
|
let result = get_keys_helper(
|
|
|
|
None,
|
|
|
|
&body.device_keys,
|
|
|
|
|u| Some(u.server_name()) == body.sender_servername.as_deref(),
|
|
|
|
&db,
|
2021-07-20 17:40:25 +00:00
|
|
|
)
|
|
|
|
.await?;
|
2021-05-20 21:46:52 +00:00
|
|
|
|
2021-08-02 08:13:34 +00:00
|
|
|
db.flush()?;
|
2021-07-14 07:07:08 +00:00
|
|
|
|
2021-05-20 21:46:52 +00:00
|
|
|
Ok(get_keys::v1::Response {
|
|
|
|
device_keys: result.device_keys,
|
|
|
|
master_keys: result.master_keys,
|
|
|
|
self_signing_keys: result.self_signing_keys,
|
|
|
|
}
|
|
|
|
.into())
|
|
|
|
}
|
|
|
|
|
2021-08-31 17:14:37 +00:00
|
|
|
/// # `POST /_matrix/federation/v1/user/keys/claim`
|
|
|
|
///
|
|
|
|
/// Claims one-time keys.
|
2021-05-28 11:44:40 +00:00
|
|
|
#[cfg_attr(
|
|
|
|
feature = "conduit_bin",
|
|
|
|
post("/_matrix/federation/v1/user/keys/claim", data = "<body>")
|
|
|
|
)]
|
|
|
|
#[tracing::instrument(skip(db, body))]
|
2021-06-08 16:10:00 +00:00
|
|
|
pub async fn claim_keys_route(
|
2021-07-14 07:07:08 +00:00
|
|
|
db: DatabaseGuard,
|
2021-05-28 11:44:40 +00:00
|
|
|
body: Ruma<claim_keys::v1::Request>,
|
|
|
|
) -> ConduitResult<claim_keys::v1::Response> {
|
|
|
|
if !db.globals.allow_federation() {
|
|
|
|
return Err(Error::bad_config("Federation is disabled."));
|
|
|
|
}
|
|
|
|
|
2021-07-20 17:40:25 +00:00
|
|
|
let result = claim_keys_helper(&body.one_time_keys, &db).await?;
|
2021-05-28 11:44:40 +00:00
|
|
|
|
2021-08-02 08:13:34 +00:00
|
|
|
db.flush()?;
|
2021-05-28 11:44:40 +00:00
|
|
|
|
|
|
|
Ok(claim_keys::v1::Response {
|
|
|
|
one_time_keys: result.one_time_keys,
|
|
|
|
}
|
|
|
|
.into())
|
|
|
|
}
|
|
|
|
|
2021-08-19 09:01:18 +00:00
|
|
|
#[tracing::instrument(skip(event, pub_key_map, db))]
|
2021-08-31 17:14:37 +00:00
|
|
|
pub(crate) async fn fetch_required_signing_keys(
|
2021-04-13 16:17:51 +00:00
|
|
|
event: &BTreeMap<String, CanonicalJsonValue>,
|
2021-04-13 19:34:31 +00:00
|
|
|
pub_key_map: &RwLock<BTreeMap<String, BTreeMap<String, String>>>,
|
2021-04-13 16:17:51 +00:00
|
|
|
db: &Database,
|
|
|
|
) -> Result<()> {
|
2021-04-26 16:20:20 +00:00
|
|
|
let signatures = event
|
|
|
|
.get("signatures")
|
|
|
|
.ok_or(Error::BadServerResponse(
|
|
|
|
"No signatures in server response pdu.",
|
|
|
|
))?
|
|
|
|
.as_object()
|
|
|
|
.ok_or(Error::BadServerResponse(
|
|
|
|
"Invalid signatures object in server response pdu.",
|
|
|
|
))?;
|
|
|
|
|
2021-04-13 16:17:51 +00:00
|
|
|
// We go through all the signatures we see on the value and fetch the corresponding signing
|
|
|
|
// keys
|
2021-04-26 16:20:20 +00:00
|
|
|
for (signature_server, signature) in signatures {
|
|
|
|
let signature_object = signature.as_object().ok_or(Error::BadServerResponse(
|
|
|
|
"Invalid signatures content object in server response pdu.",
|
|
|
|
))?;
|
2020-10-06 19:04:51 +00:00
|
|
|
|
2021-05-20 21:46:52 +00:00
|
|
|
let signature_ids = signature_object.keys().cloned().collect::<Vec<_>>();
|
2020-10-05 20:19:22 +00:00
|
|
|
|
2021-04-26 16:20:20 +00:00
|
|
|
let fetch_res = fetch_signing_keys(
|
2021-04-13 16:17:51 +00:00
|
|
|
db,
|
|
|
|
&Box::<ServerName>::try_from(&**signature_server).map_err(|_| {
|
|
|
|
Error::BadServerResponse("Invalid servername in signatures of server response pdu.")
|
|
|
|
})?,
|
|
|
|
signature_ids,
|
|
|
|
)
|
2021-04-26 16:20:20 +00:00
|
|
|
.await;
|
|
|
|
|
|
|
|
let keys = match fetch_res {
|
2021-04-13 16:17:51 +00:00
|
|
|
Ok(keys) => keys,
|
2021-04-14 07:39:06 +00:00
|
|
|
Err(_) => {
|
|
|
|
warn!("Signature verification failed: Could not fetch signing key.",);
|
|
|
|
continue;
|
2021-04-13 16:17:51 +00:00
|
|
|
}
|
|
|
|
};
|
2020-10-05 20:19:22 +00:00
|
|
|
|
2021-04-13 19:34:31 +00:00
|
|
|
pub_key_map
|
|
|
|
.write()
|
|
|
|
.map_err(|_| Error::bad_database("RwLock is poisoned."))?
|
|
|
|
.insert(signature_server.clone(), keys);
|
2020-10-05 20:19:22 +00:00
|
|
|
}
|
2021-04-13 16:17:51 +00:00
|
|
|
|
|
|
|
Ok(())
|
2020-10-05 20:19:22 +00:00
|
|
|
}
|
2020-12-08 11:34:46 +00:00
|
|
|
|
2021-08-29 11:25:20 +00:00
|
|
|
// Gets a list of servers for which we don't have the signing key yet. We go over
|
|
|
|
// the PDUs and either cache the key or add it to the list that needs to be retrieved.
|
2021-09-01 13:21:02 +00:00
|
|
|
fn get_server_keys_from_cache(
|
|
|
|
pdu: &Raw<Pdu>,
|
2021-08-25 14:02:01 +00:00
|
|
|
servers: &mut BTreeMap<Box<ServerName>, BTreeMap<ServerSigningKeyId, QueryCriteria>>,
|
|
|
|
room_version: &RoomVersionId,
|
2021-09-01 13:21:02 +00:00
|
|
|
pub_key_map: &mut RwLockWriteGuard<'_, BTreeMap<String, BTreeMap<String, String>>>,
|
2021-08-25 14:02:01 +00:00
|
|
|
db: &Database,
|
|
|
|
) -> Result<()> {
|
2021-09-01 13:21:02 +00:00
|
|
|
let value = serde_json::from_str::<CanonicalJsonObject>(pdu.json().get()).map_err(|e| {
|
|
|
|
error!("Invalid PDU in server response: {:?}: {:?}", pdu, e);
|
|
|
|
Error::BadServerResponse("Invalid PDU in server response")
|
|
|
|
})?;
|
2021-08-25 14:02:01 +00:00
|
|
|
|
2021-09-01 13:21:02 +00:00
|
|
|
let event_id = EventId::try_from(&*format!(
|
|
|
|
"${}",
|
|
|
|
ruma::signatures::reference_hash(&value, &room_version)
|
|
|
|
.expect("ruma can calculate reference hashes")
|
|
|
|
))
|
|
|
|
.expect("ruma's reference hashes are valid event ids");
|
|
|
|
|
|
|
|
if let Some((time, tries)) = db
|
|
|
|
.globals
|
|
|
|
.bad_event_ratelimiter
|
|
|
|
.read()
|
|
|
|
.unwrap()
|
|
|
|
.get(&event_id)
|
|
|
|
{
|
|
|
|
// Exponential backoff
|
|
|
|
let mut min_elapsed_duration = Duration::from_secs(30) * (*tries) * (*tries);
|
|
|
|
if min_elapsed_duration > Duration::from_secs(60 * 60 * 24) {
|
|
|
|
min_elapsed_duration = Duration::from_secs(60 * 60 * 24);
|
2021-08-25 14:02:01 +00:00
|
|
|
}
|
|
|
|
|
2021-09-01 13:21:02 +00:00
|
|
|
if time.elapsed() < min_elapsed_duration {
|
|
|
|
debug!("Backing off from {}", event_id);
|
|
|
|
return Err(Error::BadServerResponse("bad event, still backing off"));
|
|
|
|
}
|
|
|
|
}
|
2021-08-25 14:02:01 +00:00
|
|
|
|
2021-09-01 13:21:02 +00:00
|
|
|
let signatures = value
|
|
|
|
.get("signatures")
|
|
|
|
.ok_or(Error::BadServerResponse(
|
|
|
|
"No signatures in server response pdu.",
|
|
|
|
))?
|
|
|
|
.as_object()
|
|
|
|
.ok_or(Error::BadServerResponse(
|
|
|
|
"Invalid signatures object in server response pdu.",
|
|
|
|
))?;
|
2021-08-25 14:02:01 +00:00
|
|
|
|
2021-09-01 13:21:02 +00:00
|
|
|
for (signature_server, signature) in signatures {
|
|
|
|
let signature_object = signature.as_object().ok_or(Error::BadServerResponse(
|
|
|
|
"Invalid signatures content object in server response pdu.",
|
|
|
|
))?;
|
2021-08-25 14:02:01 +00:00
|
|
|
|
2021-09-01 13:21:02 +00:00
|
|
|
let signature_ids = signature_object.keys().cloned().collect::<Vec<_>>();
|
2021-08-25 14:02:01 +00:00
|
|
|
|
2021-09-01 13:21:02 +00:00
|
|
|
let contains_all_ids =
|
|
|
|
|keys: &BTreeMap<String, String>| signature_ids.iter().all(|id| keys.contains_key(id));
|
2021-08-25 14:02:01 +00:00
|
|
|
|
2021-09-01 13:21:02 +00:00
|
|
|
let origin = &Box::<ServerName>::try_from(&**signature_server).map_err(|_| {
|
|
|
|
Error::BadServerResponse("Invalid servername in signatures of server response pdu.")
|
|
|
|
})?;
|
2021-08-29 11:25:20 +00:00
|
|
|
|
2021-09-01 13:21:02 +00:00
|
|
|
if servers.contains_key(origin) || pub_key_map.contains_key(origin.as_str()) {
|
|
|
|
continue;
|
|
|
|
}
|
2021-08-25 14:02:01 +00:00
|
|
|
|
2021-09-01 13:21:02 +00:00
|
|
|
trace!("Loading signing keys for {}", origin);
|
2021-08-25 14:02:01 +00:00
|
|
|
|
2021-09-01 13:21:02 +00:00
|
|
|
let result = db
|
|
|
|
.globals
|
|
|
|
.signing_keys_for(origin)?
|
|
|
|
.into_iter()
|
|
|
|
.map(|(k, v)| (k.to_string(), v.key))
|
|
|
|
.collect::<BTreeMap<_, _>>();
|
2021-08-25 14:02:01 +00:00
|
|
|
|
2021-09-01 13:21:02 +00:00
|
|
|
if !contains_all_ids(&result) {
|
|
|
|
trace!("Signing key not loaded for {}", origin);
|
|
|
|
servers.insert(
|
|
|
|
origin.clone(),
|
|
|
|
BTreeMap::<ServerSigningKeyId, QueryCriteria>::new(),
|
|
|
|
);
|
2021-08-25 14:02:01 +00:00
|
|
|
}
|
2021-09-01 13:21:02 +00:00
|
|
|
|
|
|
|
pub_key_map.insert(origin.to_string(), result);
|
2021-08-25 14:02:01 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
Ok(())
|
|
|
|
}
|
|
|
|
|
2021-09-01 13:21:02 +00:00
|
|
|
pub(crate) async fn fetch_join_signing_keys(
|
2021-08-25 14:02:01 +00:00
|
|
|
event: &create_join_event::v2::Response,
|
|
|
|
room_version: &RoomVersionId,
|
|
|
|
pub_key_map: &RwLock<BTreeMap<String, BTreeMap<String, String>>>,
|
|
|
|
db: &Database,
|
|
|
|
) -> Result<()> {
|
|
|
|
let mut servers =
|
|
|
|
BTreeMap::<Box<ServerName>, BTreeMap<ServerSigningKeyId, QueryCriteria>>::new();
|
|
|
|
|
2021-09-01 13:21:02 +00:00
|
|
|
{
|
|
|
|
let mut pkm = pub_key_map
|
|
|
|
.write()
|
|
|
|
.map_err(|_| Error::bad_database("RwLock is poisoned."))?;
|
2021-08-25 14:02:01 +00:00
|
|
|
|
2021-09-01 13:21:02 +00:00
|
|
|
// Try to fetch keys, failure is okay
|
|
|
|
// Servers we couldn't find in the cache will be added to `servers`
|
|
|
|
for pdu in &event.room_state.state {
|
|
|
|
let _ = get_server_keys_from_cache(pdu, &mut servers, &room_version, &mut pkm, &db);
|
|
|
|
}
|
|
|
|
for pdu in &event.room_state.auth_chain {
|
|
|
|
let _ = get_server_keys_from_cache(pdu, &mut servers, &room_version, &mut pkm, &db);
|
|
|
|
}
|
|
|
|
|
|
|
|
drop(pkm);
|
2021-08-25 14:02:01 +00:00
|
|
|
}
|
|
|
|
|
2021-09-01 13:21:02 +00:00
|
|
|
if servers.is_empty() {
|
|
|
|
// We had all keys locally
|
|
|
|
return Ok(());
|
2021-08-25 14:02:01 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
for server in db.globals.trusted_servers() {
|
|
|
|
trace!("Asking batch signing keys from trusted server {}", server);
|
|
|
|
if let Ok(keys) = db
|
|
|
|
.sending
|
|
|
|
.send_federation_request(
|
|
|
|
&db.globals,
|
|
|
|
server,
|
|
|
|
get_remote_server_keys_batch::v2::Request {
|
|
|
|
server_keys: servers.clone(),
|
|
|
|
minimum_valid_until_ts: MilliSecondsSinceUnixEpoch::from_system_time(
|
|
|
|
SystemTime::now() + Duration::from_secs(60),
|
|
|
|
)
|
|
|
|
.expect("time is valid"),
|
|
|
|
},
|
|
|
|
)
|
|
|
|
.await
|
|
|
|
{
|
|
|
|
trace!("Got signing keys: {:?}", keys);
|
2021-08-29 11:25:20 +00:00
|
|
|
let mut pkm = pub_key_map
|
|
|
|
.write()
|
|
|
|
.map_err(|_| Error::bad_database("RwLock is poisoned."))?;
|
2021-08-25 14:02:01 +00:00
|
|
|
for k in keys.server_keys {
|
2021-09-01 13:21:02 +00:00
|
|
|
// TODO: Check signature from trusted server?
|
2021-08-25 14:02:01 +00:00
|
|
|
servers.remove(&k.server_name);
|
|
|
|
|
2021-08-29 12:39:38 +00:00
|
|
|
let result = db
|
|
|
|
.globals
|
|
|
|
.add_signing_key(&k.server_name, k.clone())?
|
2021-08-25 14:02:01 +00:00
|
|
|
.into_iter()
|
|
|
|
.map(|(k, v)| (k.to_string(), v.key))
|
|
|
|
.collect::<BTreeMap<_, _>>();
|
|
|
|
|
2021-08-29 11:25:20 +00:00
|
|
|
pkm.insert(k.server_name.to_string(), result);
|
2021-08-25 14:02:01 +00:00
|
|
|
}
|
|
|
|
}
|
2021-09-01 13:21:02 +00:00
|
|
|
|
2021-08-25 14:02:01 +00:00
|
|
|
if servers.is_empty() {
|
|
|
|
return Ok(());
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2021-09-01 13:21:02 +00:00
|
|
|
let mut futures = servers
|
|
|
|
.into_iter()
|
|
|
|
.map(|(server, _)| async move {
|
|
|
|
(
|
|
|
|
db.sending
|
|
|
|
.send_federation_request(
|
|
|
|
&db.globals,
|
|
|
|
&server,
|
|
|
|
get_server_keys::v2::Request::new(),
|
|
|
|
)
|
|
|
|
.await,
|
|
|
|
server,
|
|
|
|
)
|
|
|
|
})
|
|
|
|
.collect::<FuturesUnordered<_>>();
|
|
|
|
|
|
|
|
while let Some(result) = futures.next().await {
|
|
|
|
if let (Ok(get_keys_response), origin) = result {
|
2021-08-29 12:39:38 +00:00
|
|
|
let result = db
|
|
|
|
.globals
|
2021-09-01 13:21:02 +00:00
|
|
|
.add_signing_key(&origin, get_keys_response.server_key.clone())?
|
2021-08-25 14:02:01 +00:00
|
|
|
.into_iter()
|
|
|
|
.map(|(k, v)| (k.to_string(), v.key))
|
|
|
|
.collect::<BTreeMap<_, _>>();
|
|
|
|
|
|
|
|
pub_key_map
|
|
|
|
.write()
|
|
|
|
.map_err(|_| Error::bad_database("RwLock is poisoned."))?
|
2021-09-01 13:21:02 +00:00
|
|
|
.insert(origin.to_string(), result);
|
2021-08-25 14:02:01 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
Ok(())
|
|
|
|
}
|
|
|
|
|
2020-12-08 11:34:46 +00:00
|
|
|
#[cfg(test)]
|
|
|
|
mod tests {
|
2021-04-24 10:27:46 +00:00
|
|
|
use super::{add_port_to_hostname, get_ip_with_port, FedDest};
|
2020-12-08 11:34:46 +00:00
|
|
|
|
|
|
|
#[test]
|
|
|
|
fn ips_get_default_ports() {
|
|
|
|
assert_eq!(
|
2021-04-21 03:35:44 +00:00
|
|
|
get_ip_with_port("1.1.1.1"),
|
|
|
|
Some(FedDest::Literal("1.1.1.1:8448".parse().unwrap()))
|
2020-12-08 11:34:46 +00:00
|
|
|
);
|
|
|
|
assert_eq!(
|
2021-04-21 03:35:44 +00:00
|
|
|
get_ip_with_port("dead:beef::"),
|
|
|
|
Some(FedDest::Literal("[dead:beef::]:8448".parse().unwrap()))
|
2020-12-08 11:34:46 +00:00
|
|
|
);
|
|
|
|
}
|
|
|
|
|
|
|
|
#[test]
|
|
|
|
fn ips_keep_custom_ports() {
|
|
|
|
assert_eq!(
|
2021-04-21 03:35:44 +00:00
|
|
|
get_ip_with_port("1.1.1.1:1234"),
|
|
|
|
Some(FedDest::Literal("1.1.1.1:1234".parse().unwrap()))
|
2020-12-08 11:34:46 +00:00
|
|
|
);
|
|
|
|
assert_eq!(
|
2021-04-21 03:35:44 +00:00
|
|
|
get_ip_with_port("[dead::beef]:8933"),
|
|
|
|
Some(FedDest::Literal("[dead::beef]:8933".parse().unwrap()))
|
2020-12-08 11:34:46 +00:00
|
|
|
);
|
|
|
|
}
|
|
|
|
|
|
|
|
#[test]
|
|
|
|
fn hostnames_get_default_ports() {
|
|
|
|
assert_eq!(
|
2021-04-21 03:35:44 +00:00
|
|
|
add_port_to_hostname("example.com"),
|
|
|
|
FedDest::Named(String::from("example.com"), String::from(":8448"))
|
2020-12-08 11:34:46 +00:00
|
|
|
)
|
|
|
|
}
|
|
|
|
|
|
|
|
#[test]
|
|
|
|
fn hostnames_keep_custom_ports() {
|
|
|
|
assert_eq!(
|
2021-04-21 03:35:44 +00:00
|
|
|
add_port_to_hostname("example.com:1337"),
|
|
|
|
FedDest::Named(String::from("example.com"), String::from(":1337"))
|
2020-12-08 11:34:46 +00:00
|
|
|
)
|
|
|
|
}
|
|
|
|
}
|