2021-01-05 14:21:41 +00:00
|
|
|
use crate::{client_server, utils, ConduitResult, Database, Error, PduEvent, Result, Ruma};
|
2020-10-05 20:19:22 +00:00
|
|
|
use get_profile_information::v1::ProfileField;
|
2020-09-23 10:03:08 +00:00
|
|
|
use http::header::{HeaderValue, AUTHORIZATION, HOST};
|
2021-03-16 17:00:26 +00:00
|
|
|
use log::{debug, error, info, warn};
|
2021-03-04 10:29:13 +00:00
|
|
|
use regex::Regex;
|
2021-03-18 17:33:43 +00:00
|
|
|
use rocket::{response::content::Json, State};
|
2020-09-12 20:41:33 +00:00
|
|
|
use ruma::{
|
|
|
|
api::{
|
2021-03-17 23:09:57 +00:00
|
|
|
client::error::ErrorKind,
|
2020-09-12 20:41:33 +00:00
|
|
|
federation::{
|
2020-09-25 10:26:29 +00:00
|
|
|
directory::{get_public_rooms, get_public_rooms_filtered},
|
2020-09-12 20:41:33 +00:00
|
|
|
discovery::{
|
2021-03-01 13:23:28 +00:00
|
|
|
get_remote_server_keys, get_server_keys,
|
|
|
|
get_server_version::v1 as get_server_version, ServerSigningKeys, VerifyKey,
|
2020-09-12 20:41:33 +00:00
|
|
|
},
|
2021-01-05 14:21:41 +00:00
|
|
|
event::{get_event, get_missing_events, get_room_state_ids},
|
2020-10-05 20:19:22 +00:00
|
|
|
query::get_profile_information,
|
2020-09-12 20:41:33 +00:00
|
|
|
transactions::send_transaction_message,
|
2020-08-06 12:29:59 +00:00
|
|
|
},
|
2020-09-12 20:41:33 +00:00
|
|
|
OutgoingRequest,
|
2020-08-14 09:29:32 +00:00
|
|
|
},
|
2020-09-14 09:42:16 +00:00
|
|
|
directory::{IncomingFilter, IncomingRoomNetwork},
|
2021-03-04 10:29:13 +00:00
|
|
|
events::EventType,
|
2021-01-12 13:26:52 +00:00
|
|
|
serde::to_canonical_value,
|
2021-03-25 22:55:40 +00:00
|
|
|
signatures::CanonicalJsonValue,
|
2021-03-24 10:52:10 +00:00
|
|
|
EventId, RoomId, RoomVersionId, ServerName, ServerSigningKeyId, UserId,
|
2020-05-26 08:27:51 +00:00
|
|
|
};
|
2021-01-14 19:39:56 +00:00
|
|
|
use state_res::{Event, EventMap, StateMap};
|
2020-04-22 18:55:11 +00:00
|
|
|
use std::{
|
2021-03-25 22:55:40 +00:00
|
|
|
collections::{btree_map::Entry, BTreeMap, BTreeSet, HashSet},
|
2021-03-18 17:33:43 +00:00
|
|
|
convert::TryFrom,
|
2020-08-14 09:31:31 +00:00
|
|
|
fmt::Debug,
|
2021-01-15 02:32:22 +00:00
|
|
|
future::Future,
|
2020-12-08 11:34:46 +00:00
|
|
|
net::{IpAddr, SocketAddr},
|
2021-01-15 02:32:22 +00:00
|
|
|
pin::Pin,
|
|
|
|
result::Result as StdResult,
|
2020-12-31 13:40:49 +00:00
|
|
|
sync::Arc,
|
2020-04-22 18:55:11 +00:00
|
|
|
time::{Duration, SystemTime},
|
|
|
|
};
|
2020-04-19 12:14:47 +00:00
|
|
|
|
2021-03-18 17:33:43 +00:00
|
|
|
#[cfg(feature = "conduit_bin")]
|
|
|
|
use rocket::{get, post, put};
|
|
|
|
|
2021-02-28 11:41:03 +00:00
|
|
|
#[tracing::instrument(skip(globals))]
|
2020-08-14 09:31:31 +00:00
|
|
|
pub async fn send_request<T: OutgoingRequest>(
|
2020-09-14 18:23:19 +00:00
|
|
|
globals: &crate::database::globals::Globals,
|
2021-01-14 19:39:56 +00:00
|
|
|
destination: &ServerName,
|
2020-04-19 12:14:47 +00:00
|
|
|
request: T,
|
2020-08-14 09:31:31 +00:00
|
|
|
) -> Result<T::IncomingResponse>
|
|
|
|
where
|
|
|
|
T: Debug,
|
|
|
|
{
|
2021-01-01 12:47:53 +00:00
|
|
|
if !globals.allow_federation() {
|
2020-11-14 22:13:06 +00:00
|
|
|
return Err(Error::bad_config("Federation is disabled."));
|
2020-10-06 19:04:51 +00:00
|
|
|
}
|
|
|
|
|
2020-12-06 10:05:51 +00:00
|
|
|
let maybe_result = globals
|
|
|
|
.actual_destination_cache
|
|
|
|
.read()
|
|
|
|
.unwrap()
|
2021-01-14 19:39:56 +00:00
|
|
|
.get(destination)
|
2020-12-06 10:05:51 +00:00
|
|
|
.cloned();
|
2020-09-23 10:03:08 +00:00
|
|
|
|
2020-12-06 10:05:51 +00:00
|
|
|
let (actual_destination, host) = if let Some(result) = maybe_result {
|
|
|
|
result
|
|
|
|
} else {
|
|
|
|
let result = find_actual_destination(globals, &destination).await;
|
|
|
|
globals
|
|
|
|
.actual_destination_cache
|
|
|
|
.write()
|
|
|
|
.unwrap()
|
2021-01-14 19:39:56 +00:00
|
|
|
.insert(Box::<ServerName>::from(destination), result.clone());
|
2020-12-06 10:05:51 +00:00
|
|
|
result
|
|
|
|
};
|
2020-08-14 09:31:31 +00:00
|
|
|
|
|
|
|
let mut http_request = request
|
|
|
|
.try_into_http_request(&actual_destination, Some(""))
|
2020-09-15 06:55:02 +00:00
|
|
|
.map_err(|e| {
|
2020-11-15 21:48:43 +00:00
|
|
|
warn!("Failed to find destination {}: {}", actual_destination, e);
|
2020-09-15 06:55:02 +00:00
|
|
|
Error::BadServerResponse("Invalid destination")
|
|
|
|
})?;
|
2020-04-22 09:53:06 +00:00
|
|
|
|
2020-04-22 19:14:40 +00:00
|
|
|
let mut request_map = serde_json::Map::new();
|
2020-04-19 12:14:47 +00:00
|
|
|
|
2020-04-22 19:14:40 +00:00
|
|
|
if !http_request.body().is_empty() {
|
2020-04-25 09:47:32 +00:00
|
|
|
request_map.insert(
|
|
|
|
"content".to_owned(),
|
2020-09-15 06:55:02 +00:00
|
|
|
serde_json::from_slice(http_request.body())
|
|
|
|
.expect("body is valid json, we just created it"),
|
2020-04-25 09:47:32 +00:00
|
|
|
);
|
2020-04-22 19:14:40 +00:00
|
|
|
};
|
2020-04-19 12:14:47 +00:00
|
|
|
|
2020-04-22 09:53:06 +00:00
|
|
|
request_map.insert("method".to_owned(), T::METADATA.method.to_string().into());
|
2020-08-14 09:31:31 +00:00
|
|
|
request_map.insert(
|
|
|
|
"uri".to_owned(),
|
|
|
|
http_request
|
|
|
|
.uri()
|
|
|
|
.path_and_query()
|
|
|
|
.expect("all requests have a path")
|
|
|
|
.to_string()
|
|
|
|
.into(),
|
|
|
|
);
|
2020-09-15 06:16:20 +00:00
|
|
|
request_map.insert("origin".to_owned(), globals.server_name().as_str().into());
|
2020-09-14 09:00:31 +00:00
|
|
|
request_map.insert("destination".to_owned(), destination.as_str().into());
|
2020-04-22 19:14:40 +00:00
|
|
|
|
2020-10-27 23:10:09 +00:00
|
|
|
let mut request_json =
|
|
|
|
serde_json::from_value(request_map.into()).expect("valid JSON is valid BTreeMap");
|
|
|
|
|
2020-06-05 16:19:26 +00:00
|
|
|
ruma::signatures::sign_json(
|
2020-09-14 18:23:19 +00:00
|
|
|
globals.server_name().as_str(),
|
|
|
|
globals.keypair(),
|
2020-12-31 20:07:05 +00:00
|
|
|
&mut request_json,
|
2020-05-09 19:47:09 +00:00
|
|
|
)
|
2020-09-15 06:55:02 +00:00
|
|
|
.expect("our request json is what ruma expects");
|
2020-04-19 12:14:47 +00:00
|
|
|
|
2020-10-27 23:10:09 +00:00
|
|
|
let request_json: serde_json::Map<String, serde_json::Value> =
|
|
|
|
serde_json::from_slice(&serde_json::to_vec(&request_json).unwrap()).unwrap();
|
|
|
|
|
2020-04-22 09:53:06 +00:00
|
|
|
let signatures = request_json["signatures"]
|
|
|
|
.as_object()
|
|
|
|
.unwrap()
|
|
|
|
.values()
|
2020-08-14 09:31:31 +00:00
|
|
|
.map(|v| {
|
|
|
|
v.as_object()
|
|
|
|
.unwrap()
|
|
|
|
.iter()
|
|
|
|
.map(|(k, v)| (k, v.as_str().unwrap()))
|
|
|
|
});
|
|
|
|
|
|
|
|
for signature_server in signatures {
|
|
|
|
for s in signature_server {
|
|
|
|
http_request.headers_mut().insert(
|
|
|
|
AUTHORIZATION,
|
|
|
|
HeaderValue::from_str(&format!(
|
|
|
|
"X-Matrix origin={},key=\"{}\",sig=\"{}\"",
|
2020-09-14 18:23:19 +00:00
|
|
|
globals.server_name(),
|
2020-08-14 09:31:31 +00:00
|
|
|
s.0,
|
|
|
|
s.1
|
|
|
|
))
|
|
|
|
.unwrap(),
|
|
|
|
);
|
|
|
|
}
|
2020-04-22 09:53:06 +00:00
|
|
|
}
|
|
|
|
|
2021-03-14 01:31:41 +00:00
|
|
|
http_request
|
|
|
|
.headers_mut()
|
|
|
|
.insert(HOST, HeaderValue::from_str(&host).unwrap());
|
2020-09-23 10:03:08 +00:00
|
|
|
|
|
|
|
let mut reqwest_request = reqwest::Request::try_from(http_request)
|
2020-08-14 09:31:31 +00:00
|
|
|
.expect("all http requests are valid reqwest requests");
|
|
|
|
|
2020-09-23 10:03:08 +00:00
|
|
|
*reqwest_request.timeout_mut() = Some(Duration::from_secs(30));
|
|
|
|
|
2020-09-23 13:23:29 +00:00
|
|
|
let url = reqwest_request.url().clone();
|
2020-09-14 18:23:19 +00:00
|
|
|
let reqwest_response = globals.reqwest_client().execute(reqwest_request).await;
|
2020-04-22 09:53:06 +00:00
|
|
|
|
|
|
|
// Because reqwest::Response -> http::Response is complicated:
|
|
|
|
match reqwest_response {
|
|
|
|
Ok(mut reqwest_response) => {
|
|
|
|
let status = reqwest_response.status();
|
|
|
|
let mut http_response = http::Response::builder().status(status);
|
|
|
|
let headers = http_response.headers_mut().unwrap();
|
|
|
|
|
|
|
|
for (k, v) in reqwest_response.headers_mut().drain() {
|
|
|
|
if let Some(key) = k {
|
|
|
|
headers.insert(key, v);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2020-12-05 20:03:43 +00:00
|
|
|
let status = reqwest_response.status();
|
|
|
|
|
2020-04-22 09:53:06 +00:00
|
|
|
let body = reqwest_response
|
|
|
|
.bytes()
|
|
|
|
.await
|
2020-10-21 14:08:54 +00:00
|
|
|
.unwrap_or_else(|e| {
|
2020-12-31 20:07:05 +00:00
|
|
|
warn!("server error {}", e);
|
2020-10-21 14:08:54 +00:00
|
|
|
Vec::new().into()
|
|
|
|
}) // TODO: handle timeout
|
2020-04-22 09:53:06 +00:00
|
|
|
.into_iter()
|
2020-12-05 20:03:43 +00:00
|
|
|
.collect::<Vec<_>>();
|
|
|
|
|
|
|
|
if status != 200 {
|
2021-03-25 22:55:40 +00:00
|
|
|
info!("{} {}:\n{}", url, status, String::from_utf8_lossy(&body),);
|
2020-12-05 20:03:43 +00:00
|
|
|
}
|
2020-09-12 19:30:07 +00:00
|
|
|
|
2020-09-15 06:55:02 +00:00
|
|
|
let response = T::IncomingResponse::try_from(
|
|
|
|
http_response
|
|
|
|
.body(body)
|
|
|
|
.expect("reqwest body is valid http body"),
|
|
|
|
);
|
2021-03-25 22:55:40 +00:00
|
|
|
response.map_err(|_| Error::BadServerResponse("Server returned bad response."))
|
2020-04-22 09:53:06 +00:00
|
|
|
}
|
2020-08-14 09:31:31 +00:00
|
|
|
Err(e) => Err(e.into()),
|
2020-04-22 09:53:06 +00:00
|
|
|
}
|
2020-04-19 12:14:47 +00:00
|
|
|
}
|
2020-04-22 18:55:11 +00:00
|
|
|
|
2021-02-28 11:41:03 +00:00
|
|
|
#[tracing::instrument]
|
2020-12-08 11:34:46 +00:00
|
|
|
fn get_ip_with_port(destination_str: String) -> Option<String> {
|
|
|
|
if destination_str.parse::<SocketAddr>().is_ok() {
|
|
|
|
Some(destination_str)
|
|
|
|
} else if let Ok(ip_addr) = destination_str.parse::<IpAddr>() {
|
|
|
|
Some(SocketAddr::new(ip_addr, 8448).to_string())
|
|
|
|
} else {
|
|
|
|
None
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2021-02-28 11:41:03 +00:00
|
|
|
#[tracing::instrument]
|
2020-12-08 11:34:46 +00:00
|
|
|
fn add_port_to_hostname(destination_str: String) -> String {
|
|
|
|
match destination_str.find(':') {
|
|
|
|
None => destination_str.to_owned() + ":8448",
|
|
|
|
Some(_) => destination_str.to_string(),
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2020-12-06 10:05:51 +00:00
|
|
|
/// Returns: actual_destination, host header
|
2020-12-08 11:34:46 +00:00
|
|
|
/// Implemented according to the specification at https://matrix.org/docs/spec/server_server/r0.1.4#resolving-server-names
|
|
|
|
/// Numbers in comments below refer to bullet points in linked section of specification
|
2021-02-28 11:41:03 +00:00
|
|
|
#[tracing::instrument(skip(globals))]
|
2020-12-06 10:05:51 +00:00
|
|
|
async fn find_actual_destination(
|
|
|
|
globals: &crate::database::globals::Globals,
|
2021-03-04 12:35:12 +00:00
|
|
|
destination: &'_ ServerName,
|
2021-03-14 01:31:41 +00:00
|
|
|
) -> (String, String) {
|
2020-12-08 11:34:46 +00:00
|
|
|
let destination_str = destination.as_str().to_owned();
|
2021-03-14 01:31:41 +00:00
|
|
|
let mut host = destination_str.clone();
|
2020-12-06 10:05:51 +00:00
|
|
|
let actual_destination = "https://".to_owned()
|
2020-12-08 11:34:46 +00:00
|
|
|
+ &match get_ip_with_port(destination_str.clone()) {
|
|
|
|
Some(host_port) => {
|
|
|
|
// 1: IP literal with provided or default port
|
|
|
|
host_port
|
2020-12-06 10:05:51 +00:00
|
|
|
}
|
2020-12-08 11:34:46 +00:00
|
|
|
None => {
|
|
|
|
if destination_str.find(':').is_some() {
|
|
|
|
// 2: Hostname with included port
|
|
|
|
destination_str
|
|
|
|
} else {
|
|
|
|
match request_well_known(globals, &destination.as_str()).await {
|
|
|
|
// 3: A .well-known file is available
|
|
|
|
Some(delegated_hostname) => {
|
2021-03-14 01:31:41 +00:00
|
|
|
host = delegated_hostname.clone();
|
2020-12-08 11:34:46 +00:00
|
|
|
match get_ip_with_port(delegated_hostname.clone()) {
|
|
|
|
Some(host_and_port) => host_and_port, // 3.1: IP literal in .well-known file
|
|
|
|
None => {
|
|
|
|
if destination_str.find(':').is_some() {
|
|
|
|
// 3.2: Hostname with port in .well-known file
|
|
|
|
destination_str
|
|
|
|
} else {
|
|
|
|
match query_srv_record(globals, &delegated_hostname).await {
|
|
|
|
// 3.3: SRV lookup successful
|
|
|
|
Some(hostname) => hostname,
|
|
|
|
// 3.4: No SRV records, just use the hostname from .well-known
|
|
|
|
None => add_port_to_hostname(delegated_hostname),
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
// 4: No .well-known or an error occured
|
|
|
|
None => {
|
|
|
|
match query_srv_record(globals, &destination_str).await {
|
|
|
|
// 4: SRV record found
|
2021-03-14 01:31:41 +00:00
|
|
|
Some(hostname) => hostname,
|
2020-12-08 11:34:46 +00:00
|
|
|
// 5: No SRV record found
|
|
|
|
None => add_port_to_hostname(destination_str.to_string()),
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
2020-12-06 10:05:51 +00:00
|
|
|
}
|
|
|
|
};
|
|
|
|
|
|
|
|
(actual_destination, host)
|
|
|
|
}
|
|
|
|
|
2021-02-28 11:41:03 +00:00
|
|
|
#[tracing::instrument(skip(globals))]
|
2021-01-14 19:39:56 +00:00
|
|
|
async fn query_srv_record(
|
2020-12-08 11:34:46 +00:00
|
|
|
globals: &crate::database::globals::Globals,
|
2021-03-04 12:35:12 +00:00
|
|
|
hostname: &'_ str,
|
2020-12-08 11:34:46 +00:00
|
|
|
) -> Option<String> {
|
|
|
|
if let Ok(Some(host_port)) = globals
|
|
|
|
.dns_resolver()
|
|
|
|
.srv_lookup(format!("_matrix._tcp.{}", hostname))
|
|
|
|
.await
|
|
|
|
.map(|srv| {
|
|
|
|
srv.iter().next().map(|result| {
|
|
|
|
format!(
|
|
|
|
"{}:{}",
|
|
|
|
result.target().to_string().trim_end_matches('.'),
|
|
|
|
result.port().to_string()
|
|
|
|
)
|
|
|
|
})
|
|
|
|
})
|
|
|
|
{
|
|
|
|
Some(host_port)
|
|
|
|
} else {
|
|
|
|
None
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2021-02-28 11:41:03 +00:00
|
|
|
#[tracing::instrument(skip(globals))]
|
2020-12-08 11:34:46 +00:00
|
|
|
pub async fn request_well_known(
|
|
|
|
globals: &crate::database::globals::Globals,
|
|
|
|
destination: &str,
|
|
|
|
) -> Option<String> {
|
|
|
|
let body: serde_json::Value = serde_json::from_str(
|
|
|
|
&globals
|
|
|
|
.reqwest_client()
|
|
|
|
.get(&format!(
|
|
|
|
"https://{}/.well-known/matrix/server",
|
|
|
|
destination
|
|
|
|
))
|
|
|
|
.send()
|
|
|
|
.await
|
|
|
|
.ok()?
|
|
|
|
.text()
|
|
|
|
.await
|
|
|
|
.ok()?,
|
|
|
|
)
|
|
|
|
.ok()?;
|
|
|
|
Some(body.get("m.server")?.as_str()?.to_owned())
|
|
|
|
}
|
|
|
|
|
2020-08-14 09:31:31 +00:00
|
|
|
#[cfg_attr(feature = "conduit_bin", get("/_matrix/federation/v1/version"))]
|
2021-02-28 11:41:03 +00:00
|
|
|
#[tracing::instrument(skip(db))]
|
2020-12-05 20:03:43 +00:00
|
|
|
pub fn get_server_version_route(
|
|
|
|
db: State<'_, Database>,
|
|
|
|
) -> ConduitResult<get_server_version::Response> {
|
2021-01-01 12:47:53 +00:00
|
|
|
if !db.globals.allow_federation() {
|
2020-11-14 22:13:06 +00:00
|
|
|
return Err(Error::bad_config("Federation is disabled."));
|
2020-10-06 19:04:51 +00:00
|
|
|
}
|
|
|
|
|
2020-08-14 09:31:31 +00:00
|
|
|
Ok(get_server_version::Response {
|
2020-04-28 18:03:14 +00:00
|
|
|
server: Some(get_server_version::Server {
|
2020-04-22 18:55:11 +00:00
|
|
|
name: Some("Conduit".to_owned()),
|
|
|
|
version: Some(env!("CARGO_PKG_VERSION").to_owned()),
|
2020-04-28 18:03:14 +00:00
|
|
|
}),
|
2020-08-14 09:31:31 +00:00
|
|
|
}
|
|
|
|
.into())
|
2020-04-22 18:55:11 +00:00
|
|
|
}
|
|
|
|
|
2020-08-14 09:31:31 +00:00
|
|
|
#[cfg_attr(feature = "conduit_bin", get("/_matrix/key/v2/server"))]
|
2021-02-28 11:41:03 +00:00
|
|
|
#[tracing::instrument(skip(db))]
|
2020-12-05 20:03:43 +00:00
|
|
|
pub fn get_server_keys_route(db: State<'_, Database>) -> Json<String> {
|
2021-01-01 12:47:53 +00:00
|
|
|
if !db.globals.allow_federation() {
|
2020-10-06 19:04:51 +00:00
|
|
|
// TODO: Use proper types
|
|
|
|
return Json("Federation is disabled.".to_owned());
|
|
|
|
}
|
|
|
|
|
2020-04-22 18:55:11 +00:00
|
|
|
let mut verify_keys = BTreeMap::new();
|
|
|
|
verify_keys.insert(
|
2020-12-04 23:16:17 +00:00
|
|
|
ServerSigningKeyId::try_from(
|
|
|
|
format!("ed25519:{}", db.globals.keypair().version()).as_str(),
|
|
|
|
)
|
|
|
|
.expect("found invalid server signing keys in DB"),
|
2020-08-14 09:31:31 +00:00
|
|
|
VerifyKey {
|
2020-05-03 15:25:31 +00:00
|
|
|
key: base64::encode_config(db.globals.keypair().public_key(), base64::STANDARD_NO_PAD),
|
2020-04-22 18:55:11 +00:00
|
|
|
},
|
|
|
|
);
|
|
|
|
let mut response = serde_json::from_slice(
|
2020-08-14 09:31:31 +00:00
|
|
|
http::Response::try_from(get_server_keys::v2::Response {
|
2020-12-04 23:16:17 +00:00
|
|
|
server_key: ServerSigningKeys {
|
2020-08-14 09:31:31 +00:00
|
|
|
server_name: db.globals.server_name().to_owned(),
|
|
|
|
verify_keys,
|
|
|
|
old_verify_keys: BTreeMap::new(),
|
|
|
|
signatures: BTreeMap::new(),
|
|
|
|
valid_until_ts: SystemTime::now() + Duration::from_secs(60 * 2),
|
|
|
|
},
|
2020-04-22 18:55:11 +00:00
|
|
|
})
|
|
|
|
.unwrap()
|
|
|
|
.body(),
|
|
|
|
)
|
|
|
|
.unwrap();
|
2020-11-15 21:48:43 +00:00
|
|
|
|
2020-06-05 16:19:26 +00:00
|
|
|
ruma::signatures::sign_json(
|
2020-08-14 09:31:31 +00:00
|
|
|
db.globals.server_name().as_str(),
|
2020-05-17 17:56:40 +00:00
|
|
|
db.globals.keypair(),
|
|
|
|
&mut response,
|
|
|
|
)
|
|
|
|
.unwrap();
|
2020-11-15 21:48:43 +00:00
|
|
|
|
2020-10-27 23:10:09 +00:00
|
|
|
Json(ruma::serde::to_canonical_json_string(&response).expect("JSON is canonical"))
|
2020-04-22 18:55:11 +00:00
|
|
|
}
|
|
|
|
|
2020-08-14 09:31:31 +00:00
|
|
|
#[cfg_attr(feature = "conduit_bin", get("/_matrix/key/v2/server/<_>"))]
|
2021-02-28 11:41:03 +00:00
|
|
|
#[tracing::instrument(skip(db))]
|
2020-12-05 20:03:43 +00:00
|
|
|
pub fn get_server_keys_deprecated_route(db: State<'_, Database>) -> Json<String> {
|
|
|
|
get_server_keys_route(db)
|
2020-04-22 18:55:11 +00:00
|
|
|
}
|
2020-08-14 09:29:32 +00:00
|
|
|
|
|
|
|
#[cfg_attr(
|
|
|
|
feature = "conduit_bin",
|
|
|
|
post("/_matrix/federation/v1/publicRooms", data = "<body>")
|
|
|
|
)]
|
2021-02-28 11:41:03 +00:00
|
|
|
#[tracing::instrument(skip(db, body))]
|
2020-09-14 09:42:16 +00:00
|
|
|
pub async fn get_public_rooms_filtered_route(
|
|
|
|
db: State<'_, Database>,
|
|
|
|
body: Ruma<get_public_rooms_filtered::v1::Request<'_>>,
|
|
|
|
) -> ConduitResult<get_public_rooms_filtered::v1::Response> {
|
2021-01-01 12:47:53 +00:00
|
|
|
if !db.globals.allow_federation() {
|
2020-11-14 22:13:06 +00:00
|
|
|
return Err(Error::bad_config("Federation is disabled."));
|
2020-10-06 19:04:51 +00:00
|
|
|
}
|
|
|
|
|
2020-09-14 09:42:16 +00:00
|
|
|
let response = client_server::get_public_rooms_filtered_helper(
|
|
|
|
&db,
|
|
|
|
None,
|
|
|
|
body.limit,
|
|
|
|
body.since.as_deref(),
|
|
|
|
&body.filter,
|
|
|
|
&body.room_network,
|
|
|
|
)
|
|
|
|
.await?
|
|
|
|
.0;
|
|
|
|
|
|
|
|
Ok(get_public_rooms_filtered::v1::Response {
|
|
|
|
chunk: response
|
|
|
|
.chunk
|
|
|
|
.into_iter()
|
|
|
|
.map(|c| {
|
|
|
|
// Convert ruma::api::federation::directory::get_public_rooms::v1::PublicRoomsChunk
|
|
|
|
// to ruma::api::client::r0::directory::PublicRoomsChunk
|
|
|
|
Ok::<_, Error>(
|
|
|
|
serde_json::from_str(
|
|
|
|
&serde_json::to_string(&c)
|
|
|
|
.expect("PublicRoomsChunk::to_string always works"),
|
|
|
|
)
|
|
|
|
.expect("federation and client-server PublicRoomsChunk are the same type"),
|
|
|
|
)
|
|
|
|
})
|
|
|
|
.filter_map(|r| r.ok())
|
|
|
|
.collect(),
|
|
|
|
prev_batch: response.prev_batch,
|
|
|
|
next_batch: response.next_batch,
|
|
|
|
total_room_count_estimate: response.total_room_count_estimate,
|
|
|
|
}
|
|
|
|
.into())
|
|
|
|
}
|
|
|
|
|
|
|
|
#[cfg_attr(
|
|
|
|
feature = "conduit_bin",
|
|
|
|
get("/_matrix/federation/v1/publicRooms", data = "<body>")
|
|
|
|
)]
|
2021-02-28 11:41:03 +00:00
|
|
|
#[tracing::instrument(skip(db, body))]
|
2020-08-14 09:29:32 +00:00
|
|
|
pub async fn get_public_rooms_route(
|
|
|
|
db: State<'_, Database>,
|
2020-09-08 15:32:03 +00:00
|
|
|
body: Ruma<get_public_rooms::v1::Request<'_>>,
|
2020-08-14 09:29:32 +00:00
|
|
|
) -> ConduitResult<get_public_rooms::v1::Response> {
|
2021-01-01 12:47:53 +00:00
|
|
|
if !db.globals.allow_federation() {
|
2020-11-14 22:13:06 +00:00
|
|
|
return Err(Error::bad_config("Federation is disabled."));
|
2020-10-06 19:04:51 +00:00
|
|
|
}
|
|
|
|
|
2020-09-14 09:42:16 +00:00
|
|
|
let response = client_server::get_public_rooms_filtered_helper(
|
2020-08-23 12:32:43 +00:00
|
|
|
&db,
|
|
|
|
None,
|
2020-09-14 09:42:16 +00:00
|
|
|
body.limit,
|
|
|
|
body.since.as_deref(),
|
|
|
|
&IncomingFilter::default(),
|
|
|
|
&IncomingRoomNetwork::Matrix,
|
2020-08-14 09:29:32 +00:00
|
|
|
)
|
|
|
|
.await?
|
|
|
|
.0;
|
|
|
|
|
|
|
|
Ok(get_public_rooms::v1::Response {
|
2020-09-14 09:42:16 +00:00
|
|
|
chunk: response
|
|
|
|
.chunk
|
2020-08-14 09:29:32 +00:00
|
|
|
.into_iter()
|
|
|
|
.map(|c| {
|
|
|
|
// Convert ruma::api::federation::directory::get_public_rooms::v1::PublicRoomsChunk
|
|
|
|
// to ruma::api::client::r0::directory::PublicRoomsChunk
|
|
|
|
Ok::<_, Error>(
|
|
|
|
serde_json::from_str(
|
|
|
|
&serde_json::to_string(&c)
|
|
|
|
.expect("PublicRoomsChunk::to_string always works"),
|
|
|
|
)
|
|
|
|
.expect("federation and client-server PublicRoomsChunk are the same type"),
|
|
|
|
)
|
|
|
|
})
|
|
|
|
.filter_map(|r| r.ok())
|
|
|
|
.collect(),
|
2020-09-14 09:42:16 +00:00
|
|
|
prev_batch: response.prev_batch,
|
|
|
|
next_batch: response.next_batch,
|
|
|
|
total_room_count_estimate: response.total_room_count_estimate,
|
2020-08-14 09:29:32 +00:00
|
|
|
}
|
|
|
|
.into())
|
|
|
|
}
|
|
|
|
|
|
|
|
#[cfg_attr(
|
|
|
|
feature = "conduit_bin",
|
|
|
|
put("/_matrix/federation/v1/send/<_>", data = "<body>")
|
|
|
|
)]
|
2021-02-28 11:41:03 +00:00
|
|
|
#[tracing::instrument(skip(db, body))]
|
2020-10-27 23:10:09 +00:00
|
|
|
pub async fn send_transaction_message_route<'a>(
|
2020-09-12 20:41:33 +00:00
|
|
|
db: State<'a, Database>,
|
2020-09-08 15:32:03 +00:00
|
|
|
body: Ruma<send_transaction_message::v1::Request<'_>>,
|
2020-08-14 09:29:32 +00:00
|
|
|
) -> ConduitResult<send_transaction_message::v1::Response> {
|
2021-01-01 12:47:53 +00:00
|
|
|
if !db.globals.allow_federation() {
|
2020-11-14 22:13:06 +00:00
|
|
|
return Err(Error::bad_config("Federation is disabled."));
|
2020-10-06 19:04:51 +00:00
|
|
|
}
|
|
|
|
|
2020-11-08 19:46:26 +00:00
|
|
|
for edu in &body.edus {
|
|
|
|
match serde_json::from_str::<send_transaction_message::v1::Edu>(edu.json().get()) {
|
|
|
|
Ok(edu) => match edu.edu_type.as_str() {
|
|
|
|
"m.typing" => {
|
|
|
|
if let Some(typing) = edu.content.get("typing") {
|
|
|
|
if typing.as_bool().unwrap_or_default() {
|
|
|
|
db.rooms.edus.typing_add(
|
|
|
|
&UserId::try_from(edu.content["user_id"].as_str().unwrap())
|
|
|
|
.unwrap(),
|
|
|
|
&RoomId::try_from(edu.content["room_id"].as_str().unwrap())
|
|
|
|
.unwrap(),
|
|
|
|
3000 + utils::millis_since_unix_epoch(),
|
|
|
|
&db.globals,
|
|
|
|
)?;
|
|
|
|
} else {
|
|
|
|
db.rooms.edus.typing_remove(
|
|
|
|
&UserId::try_from(edu.content["user_id"].as_str().unwrap())
|
|
|
|
.unwrap(),
|
|
|
|
&RoomId::try_from(edu.content["room_id"].as_str().unwrap())
|
|
|
|
.unwrap(),
|
|
|
|
&db.globals,
|
|
|
|
)?;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
"m.presence" => {}
|
|
|
|
"m.receipt" => {}
|
2021-01-12 13:26:52 +00:00
|
|
|
"m.device_list_update" => {}
|
2020-11-08 19:46:26 +00:00
|
|
|
_ => {}
|
|
|
|
},
|
2020-12-04 22:16:29 +00:00
|
|
|
Err(_err) => {
|
2020-11-08 18:49:02 +00:00
|
|
|
continue;
|
|
|
|
}
|
2020-11-08 19:46:26 +00:00
|
|
|
}
|
|
|
|
}
|
2020-11-08 18:54:59 +00:00
|
|
|
|
2021-02-01 22:02:56 +00:00
|
|
|
let mut resolved_map = BTreeMap::new();
|
|
|
|
|
2021-03-25 22:55:40 +00:00
|
|
|
for pdu in body.pdus.iter() {
|
|
|
|
// We do not add the event_id field to the pdu here because of signature and hashes checks
|
|
|
|
let (event_id, value) = match crate::pdu::gen_event_id_canonical_json(pdu) {
|
|
|
|
Ok(t) => t,
|
|
|
|
Err(_) => {
|
|
|
|
// Event could not be converted to canonical json
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
};
|
|
|
|
|
|
|
|
if let Err(e) = handle_incoming_pdu(&body.origin, &event_id, value, true, &db).await {
|
|
|
|
resolved_map.insert(event_id, Err(e));
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if !resolved_map.is_empty() {
|
|
|
|
warn!("These PDU's failed {:?}", resolved_map);
|
|
|
|
}
|
|
|
|
|
|
|
|
Ok(send_transaction_message::v1::Response { pdus: resolved_map }.into())
|
|
|
|
}
|
|
|
|
|
|
|
|
/// An async function that can recursively calls itself.
|
|
|
|
type AsyncRecursiveResult<'a, T> = Pin<Box<dyn Future<Output = StdResult<T, String>> + 'a + Send>>;
|
|
|
|
|
|
|
|
/// When receiving an event one needs to:
|
|
|
|
/// 0. Skip the PDU if we already know about it
|
|
|
|
/// 1. Check the server is in the room
|
|
|
|
/// 2. Check signatures, otherwise drop
|
|
|
|
/// 3. Check content hash, redact if doesn't match
|
|
|
|
/// 4. Fetch any missing auth events doing all checks listed here starting at 1. These are not
|
|
|
|
/// timeline events
|
|
|
|
/// 5. Reject "due to auth events" if can't get all the auth events or some of the auth events are
|
|
|
|
/// also rejected "due to auth events"
|
|
|
|
/// 6. Reject "due to auth events" if the event doesn't pass auth based on the auth events
|
|
|
|
/// 7. Persist this event as an outlier
|
|
|
|
/// 8. If not timeline event: stop
|
|
|
|
/// 9. Fetch any missing prev events doing all checks listed here starting at 1. These are timeline
|
|
|
|
/// events
|
|
|
|
/// 10. Fetch missing state and auth chain events by calling /state_ids at backwards extremities
|
|
|
|
/// doing all the checks in this list starting at 1. These are not timeline events
|
|
|
|
/// 11. Check the auth of the event passes based on the state of the event
|
|
|
|
/// 12. Ensure that the state is derived from the previous current state (i.e. we calculated by
|
|
|
|
/// doing state res where one of the inputs was a previously trusted set of state, don't just
|
|
|
|
/// trust a set of state we got from a remote)
|
|
|
|
/// 13. Check if the event passes auth based on the "current state" of the room, if not "soft fail"
|
|
|
|
/// it
|
|
|
|
/// 14. Use state resolution to find new room state
|
|
|
|
// We use some AsyncRecursiveResult hacks here so we can call this async funtion recursively
|
|
|
|
fn handle_incoming_pdu<'a>(
|
|
|
|
origin: &'a ServerName,
|
|
|
|
event_id: &'a EventId,
|
|
|
|
value: BTreeMap<String, CanonicalJsonValue>,
|
|
|
|
is_timeline_event: bool,
|
|
|
|
db: &'a Database,
|
|
|
|
) -> AsyncRecursiveResult<'a, Arc<PduEvent>> {
|
|
|
|
Box::pin(async move {
|
|
|
|
// TODO: For RoomVersion6 we must check that Raw<..> is canonical do we anywhere?: https://matrix.org/docs/spec/rooms/v6#canonical-json
|
|
|
|
|
|
|
|
// 0. Skip the PDU if we already know about it
|
|
|
|
if let Ok(Some(pdu)) = db.rooms.get_pdu(&event_id) {
|
|
|
|
return Ok(Arc::new(pdu));
|
|
|
|
}
|
|
|
|
|
|
|
|
// 1. Check the server is in the room
|
|
|
|
let room_id = match value
|
|
|
|
.get("room_id")
|
|
|
|
.map(|id| match id {
|
|
|
|
CanonicalJsonValue::String(id) => RoomId::try_from(id.as_str()).ok(),
|
|
|
|
_ => None,
|
|
|
|
})
|
|
|
|
.flatten()
|
|
|
|
{
|
|
|
|
Some(id) => id,
|
|
|
|
None => {
|
|
|
|
// Event is invalid
|
|
|
|
return Err("Event needs a valid RoomId".to_string());
|
|
|
|
}
|
|
|
|
};
|
|
|
|
|
|
|
|
match db.rooms.exists(&room_id) {
|
|
|
|
Ok(true) => {}
|
|
|
|
_ => {
|
|
|
|
return Err("Room is unknown to this server".to_string());
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
let mut pub_key_map = BTreeMap::new();
|
|
|
|
|
|
|
|
// This is all the auth_events that have been recursively fetched so they don't have to be
|
|
|
|
// deserialized over and over again.
|
|
|
|
// TODO: make this persist across requests but not in a DB Tree (in globals?)
|
|
|
|
// TODO: This could potentially also be some sort of trie (suffix tree) like structure so
|
|
|
|
// that once an auth event is known it would know (using indexes maybe) all of the auth
|
|
|
|
// events that it references.
|
|
|
|
let mut auth_cache = EventMap::new();
|
|
|
|
|
|
|
|
// We go through all the signatures we see on the value and fetch the corresponding signing
|
|
|
|
// keys
|
|
|
|
for (signature_server, signature) in match value
|
|
|
|
.get("signatures")
|
|
|
|
.ok_or_else(|| "No signatures in server response pdu.".to_string())?
|
|
|
|
{
|
|
|
|
CanonicalJsonValue::Object(map) => map,
|
|
|
|
_ => return Err("Invalid signatures object in server response pdu.".to_string()),
|
|
|
|
} {
|
|
|
|
let signature_object = match signature {
|
|
|
|
CanonicalJsonValue::Object(map) => map,
|
|
|
|
_ => {
|
|
|
|
return Err(
|
|
|
|
"Invalid signatures content object in server response pdu.".to_string()
|
|
|
|
)
|
2021-03-23 18:46:54 +00:00
|
|
|
}
|
|
|
|
};
|
2021-02-01 22:02:56 +00:00
|
|
|
|
2021-03-25 22:55:40 +00:00
|
|
|
let signature_ids = signature_object.keys().collect::<Vec<_>>();
|
|
|
|
|
|
|
|
debug!("Fetching signing keys for {}", signature_server);
|
|
|
|
let keys = match fetch_signing_keys(
|
|
|
|
&db,
|
|
|
|
&Box::<ServerName>::try_from(&**signature_server).map_err(|_| {
|
|
|
|
"Invalid servername in signatures of server response pdu.".to_string()
|
|
|
|
})?,
|
|
|
|
signature_ids,
|
|
|
|
)
|
|
|
|
.await
|
2021-02-01 22:02:56 +00:00
|
|
|
{
|
2021-03-25 22:55:40 +00:00
|
|
|
Ok(keys) => keys,
|
|
|
|
Err(_) => {
|
|
|
|
return Err(
|
|
|
|
"Signature verification failed: Could not fetch signing key.".to_string(),
|
|
|
|
);
|
2021-02-01 22:02:56 +00:00
|
|
|
}
|
|
|
|
};
|
|
|
|
|
2021-03-25 22:55:40 +00:00
|
|
|
pub_key_map.insert(signature_server.clone(), keys);
|
|
|
|
}
|
|
|
|
|
|
|
|
// 2. Check signatures, otherwise drop
|
|
|
|
// 3. check content hash, redact if doesn't match
|
|
|
|
let mut val =
|
|
|
|
match ruma::signatures::verify_event(&pub_key_map, &value, &RoomVersionId::Version5) {
|
|
|
|
Err(e) => {
|
|
|
|
// Drop
|
|
|
|
error!("{:?}: {}", value, e);
|
|
|
|
return Err("Signature verification failed".to_string());
|
2021-02-01 22:02:56 +00:00
|
|
|
}
|
2021-03-25 22:55:40 +00:00
|
|
|
Ok(ruma::signatures::Verified::Signatures) => {
|
|
|
|
// Redact
|
|
|
|
match ruma::signatures::redact(&value, &RoomVersionId::Version6) {
|
|
|
|
Ok(obj) => obj,
|
|
|
|
Err(_) => return Err("Redaction failed".to_string()),
|
|
|
|
}
|
|
|
|
}
|
|
|
|
Ok(ruma::signatures::Verified::All) => value,
|
|
|
|
};
|
|
|
|
|
|
|
|
// Now that we have checked the signature and hashes we can add the eventID and convert
|
|
|
|
// to our PduEvent type
|
|
|
|
val.insert(
|
|
|
|
"event_id".to_owned(),
|
|
|
|
to_canonical_value(&event_id).expect("EventId is a valid CanonicalJsonValue"),
|
|
|
|
);
|
|
|
|
let incoming_pdu = serde_json::from_value::<PduEvent>(
|
|
|
|
serde_json::to_value(val).expect("CanonicalJsonObj is a valid JsonValue"),
|
|
|
|
)
|
|
|
|
.map_err(|_| "Event is not a valid PDU.".to_string())?;
|
|
|
|
|
|
|
|
// 4. fetch any missing auth events doing all checks listed here starting at 1. These are not timeline events
|
|
|
|
// 5. Reject "due to auth events" if can't get all the auth events or some of the auth events are also rejected "due to auth events"
|
|
|
|
debug!("Fetching auth events.");
|
|
|
|
fetch_and_handle_events(db, origin, &incoming_pdu.auth_events, &mut auth_cache)
|
|
|
|
.await
|
|
|
|
.map_err(|e| e.to_string())?;
|
2021-02-01 22:02:56 +00:00
|
|
|
|
2021-03-25 22:55:40 +00:00
|
|
|
// 6. Reject "due to auth events" if the event doesn't pass auth based on the auth events
|
|
|
|
debug!("Checking auth.");
|
|
|
|
|
|
|
|
// Build map of auth events
|
|
|
|
let mut auth_events = BTreeMap::new();
|
|
|
|
for id in incoming_pdu.auth_events.iter() {
|
|
|
|
let auth_event = auth_cache.get(id).ok_or_else(|| {
|
|
|
|
"Auth event not found, event failed recursive auth checks.".to_string()
|
|
|
|
})?;
|
|
|
|
|
|
|
|
match auth_events.entry((
|
|
|
|
auth_event.kind.clone(),
|
|
|
|
auth_event
|
|
|
|
.state_key
|
|
|
|
.clone()
|
|
|
|
.expect("all auth events have state keys"),
|
|
|
|
)) {
|
|
|
|
Entry::Vacant(v) => {
|
|
|
|
v.insert(auth_event.clone());
|
|
|
|
}
|
|
|
|
Entry::Occupied(_) => {
|
|
|
|
return Err(
|
|
|
|
"Auth event's type and state_key combination exists multiple times."
|
|
|
|
.to_owned(),
|
|
|
|
)
|
|
|
|
}
|
2021-02-01 22:02:56 +00:00
|
|
|
}
|
2021-03-25 22:55:40 +00:00
|
|
|
}
|
2021-02-01 22:02:56 +00:00
|
|
|
|
2021-03-25 22:55:40 +00:00
|
|
|
let create_event = db
|
|
|
|
.rooms
|
|
|
|
.room_state_get(&incoming_pdu.room_id, &EventType::RoomCreate, "")
|
|
|
|
.map_err(|_| "Failed to ask database for event.")?
|
|
|
|
.ok_or_else(|| "Failed to find create event in db.")?;
|
|
|
|
|
|
|
|
// The original create event must be in the auth events
|
|
|
|
if auth_events
|
|
|
|
.get(&(EventType::RoomCreate, "".to_owned()))
|
|
|
|
.map(|a| a.as_ref())
|
|
|
|
!= Some(&create_event)
|
|
|
|
{
|
|
|
|
return Err("Incoming event refers to wrong create event.".to_owned());
|
|
|
|
}
|
2021-01-19 00:08:59 +00:00
|
|
|
|
2021-03-25 22:55:40 +00:00
|
|
|
// If the previous event was the create event special rules apply
|
|
|
|
let previous_create = if incoming_pdu.auth_events.len() == 1
|
|
|
|
&& incoming_pdu.prev_events == incoming_pdu.auth_events
|
|
|
|
{
|
|
|
|
auth_cache
|
|
|
|
.get(&incoming_pdu.auth_events[0])
|
|
|
|
.cloned()
|
|
|
|
.filter(|maybe_create| **maybe_create == create_event)
|
|
|
|
} else {
|
|
|
|
None
|
|
|
|
};
|
|
|
|
|
|
|
|
let incoming_pdu = Arc::new(incoming_pdu.clone());
|
2021-01-15 02:32:22 +00:00
|
|
|
|
2021-03-25 22:55:40 +00:00
|
|
|
if !state_res::event_auth::auth_check(
|
|
|
|
&RoomVersionId::Version6,
|
|
|
|
&incoming_pdu,
|
|
|
|
previous_create.clone(),
|
|
|
|
&auth_events,
|
|
|
|
None, // TODO: third party invite
|
2021-01-15 02:32:22 +00:00
|
|
|
)
|
2021-03-25 22:55:40 +00:00
|
|
|
.map_err(|_e| "Auth check failed".to_string())?
|
2021-01-15 02:32:22 +00:00
|
|
|
{
|
2021-03-25 22:55:40 +00:00
|
|
|
return Err("Event has failed auth check with auth events.".to_string());
|
|
|
|
}
|
2020-12-22 17:45:35 +00:00
|
|
|
|
2021-03-25 22:55:40 +00:00
|
|
|
debug!("Validation successful.");
|
|
|
|
|
|
|
|
// 7. Persist the event as an outlier.
|
|
|
|
db.rooms
|
|
|
|
.add_pdu_outlier(&incoming_pdu)
|
|
|
|
.map_err(|_| "Failed to add pdu as outlier.".to_owned())?;
|
|
|
|
debug!("Added pdu as outlier.");
|
|
|
|
|
|
|
|
// 8. if not timeline event: stop
|
|
|
|
if !is_timeline_event {
|
|
|
|
return Ok(incoming_pdu);
|
|
|
|
}
|
|
|
|
|
|
|
|
// TODO: 9. fetch any missing prev events doing all checks listed here starting at 1. These are timeline events
|
|
|
|
|
|
|
|
// 10. Fetch missing state and auth chain events by calling /state_ids at backwards extremities
|
|
|
|
// doing all the checks in this list starting at 1. These are not timeline events.
|
2021-01-03 22:26:17 +00:00
|
|
|
|
2021-02-04 01:00:01 +00:00
|
|
|
// TODO: if we know the prev_events of the incoming event we can avoid the request and build
|
|
|
|
// the state from a known point and resolve if > 1 prev_event
|
2021-03-25 22:55:40 +00:00
|
|
|
|
2021-03-16 17:00:26 +00:00
|
|
|
debug!("Requesting state at event.");
|
2021-03-25 22:55:40 +00:00
|
|
|
let (state_at_incoming_event, incoming_auth_events): (StateMap<Arc<PduEvent>>, Vec<Arc<PduEvent>>) =
|
|
|
|
// Call /state_ids to find out what the state at this pdu is. We trust the server's
|
|
|
|
// response to some extend, but we still do a lot of checks on the events
|
2021-02-04 01:00:01 +00:00
|
|
|
match db
|
|
|
|
.sending
|
|
|
|
.send_federation_request(
|
|
|
|
&db.globals,
|
2021-03-25 22:55:40 +00:00
|
|
|
origin,
|
2021-02-04 01:00:01 +00:00
|
|
|
get_room_state_ids::v1::Request {
|
2021-03-25 22:55:40 +00:00
|
|
|
room_id: &incoming_pdu.room_id,
|
|
|
|
event_id: &incoming_pdu.event_id,
|
2021-02-04 01:00:01 +00:00
|
|
|
},
|
2021-01-06 13:52:30 +00:00
|
|
|
)
|
2021-02-04 01:00:01 +00:00
|
|
|
.await
|
|
|
|
{
|
|
|
|
Ok(res) => {
|
2021-03-16 17:00:26 +00:00
|
|
|
debug!("Fetching state events at event.");
|
2021-03-25 22:55:40 +00:00
|
|
|
let state_vec = match fetch_and_handle_events(
|
2021-01-15 02:32:22 +00:00
|
|
|
&db,
|
2021-03-25 22:55:40 +00:00
|
|
|
origin,
|
2021-02-04 01:00:01 +00:00
|
|
|
&res.pdu_ids,
|
2021-01-15 02:32:22 +00:00
|
|
|
&mut auth_cache,
|
|
|
|
)
|
2021-03-13 15:30:12 +00:00
|
|
|
.await
|
|
|
|
{
|
|
|
|
Ok(state) => state,
|
2021-03-25 22:55:40 +00:00
|
|
|
Err(_) => return Err("Failed to fetch state events.".to_owned()),
|
2021-03-13 15:30:12 +00:00
|
|
|
};
|
|
|
|
|
2021-03-25 22:55:40 +00:00
|
|
|
let mut state = BTreeMap::new();
|
|
|
|
for pdu in state_vec.into_iter() {
|
|
|
|
match state.entry((pdu.kind.clone(), pdu.state_key.clone().ok_or_else(|| "Found non-state pdu in state events.".to_owned())?)) {
|
|
|
|
Entry::Vacant(v) => {
|
|
|
|
v.insert(pdu);
|
|
|
|
}
|
|
|
|
Entry::Occupied(_) => {
|
|
|
|
return Err(
|
|
|
|
"State event's type and state_key combination exists multiple times.".to_owned(),
|
|
|
|
)
|
|
|
|
}
|
2021-02-04 01:00:01 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2021-03-25 22:55:40 +00:00
|
|
|
// The original create event must still be in the state
|
|
|
|
if state.get(&(EventType::RoomCreate, "".to_owned())).map(|a| a.as_ref()) != Some(&create_event) {
|
|
|
|
return Err("Incoming event refers to wrong create event.".to_owned());
|
|
|
|
}
|
2021-02-04 01:00:01 +00:00
|
|
|
|
2021-03-25 22:55:40 +00:00
|
|
|
debug!("Fetching auth chain events at event.");
|
|
|
|
let incoming_auth_events = match fetch_and_handle_events(
|
2021-03-13 15:30:12 +00:00
|
|
|
&db,
|
2021-03-25 22:55:40 +00:00
|
|
|
origin,
|
2021-03-13 15:30:12 +00:00
|
|
|
&res.auth_chain_ids,
|
|
|
|
&mut auth_cache,
|
2021-02-04 01:00:01 +00:00
|
|
|
)
|
2021-03-13 15:30:12 +00:00
|
|
|
.await
|
|
|
|
{
|
|
|
|
Ok(state) => state,
|
2021-03-25 22:55:40 +00:00
|
|
|
Err(_) => return Err("Failed to fetch auth chain.".to_owned()),
|
2021-03-13 15:30:12 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
(state, incoming_auth_events)
|
2021-02-04 01:00:01 +00:00
|
|
|
}
|
|
|
|
Err(_) => {
|
2021-03-25 22:55:40 +00:00
|
|
|
return Err("Fetching state for event failed".into());
|
2021-02-04 01:00:01 +00:00
|
|
|
}
|
|
|
|
};
|
2020-12-22 17:45:35 +00:00
|
|
|
|
2021-03-25 22:55:40 +00:00
|
|
|
// 11. Check the auth of the event passes based on the state of the event
|
2020-12-22 17:45:35 +00:00
|
|
|
if !state_res::event_auth::auth_check(
|
|
|
|
&RoomVersionId::Version6,
|
2021-03-25 22:55:40 +00:00
|
|
|
&incoming_pdu,
|
2021-03-13 15:30:12 +00:00
|
|
|
previous_create.clone(),
|
2021-03-25 22:55:40 +00:00
|
|
|
&state_at_incoming_event,
|
2021-01-05 14:21:41 +00:00
|
|
|
None, // TODO: third party invite
|
2020-12-22 17:45:35 +00:00
|
|
|
)
|
2021-03-25 22:55:40 +00:00
|
|
|
.map_err(|_e| "Auth check failed.".to_owned())?
|
2020-12-22 17:45:35 +00:00
|
|
|
{
|
2021-03-25 22:55:40 +00:00
|
|
|
return Err("Event has failed auth check with state at the event.".into());
|
2020-12-08 09:33:44 +00:00
|
|
|
}
|
2021-03-16 17:00:26 +00:00
|
|
|
debug!("Auth check succeeded.");
|
2021-01-16 21:37:20 +00:00
|
|
|
|
2021-03-25 22:55:40 +00:00
|
|
|
// 13. Check if the event passes auth based on the "current state" of the room, if not "soft fail" it
|
2021-01-16 21:37:20 +00:00
|
|
|
let current_state = db
|
|
|
|
.rooms
|
2021-03-25 22:55:40 +00:00
|
|
|
.room_state_full(incoming_pdu.room_id())
|
|
|
|
.map_err(|_| "Failed to load room state.".to_owned())?
|
2021-01-16 21:37:20 +00:00
|
|
|
.into_iter()
|
2021-03-25 22:55:40 +00:00
|
|
|
.map(|(k, v)| (k, Arc::new(v)))
|
2021-01-16 21:37:20 +00:00
|
|
|
.collect();
|
|
|
|
|
|
|
|
if !state_res::event_auth::auth_check(
|
2021-03-25 22:55:40 +00:00
|
|
|
&RoomVersionId::Version6, // TODO: Use correct room version
|
|
|
|
&incoming_pdu,
|
2021-03-13 15:30:12 +00:00
|
|
|
previous_create,
|
2021-01-16 21:37:20 +00:00
|
|
|
¤t_state,
|
|
|
|
None,
|
|
|
|
)
|
2021-03-25 22:55:40 +00:00
|
|
|
.map_err(|_e| "Auth check failed.".to_owned())?
|
2021-01-16 21:37:20 +00:00
|
|
|
{
|
2021-03-25 22:55:40 +00:00
|
|
|
// Soft fail, we leave the event as an outlier but don't add it to the timeline
|
|
|
|
return Err("Event has been soft failed".into());
|
2021-01-16 21:37:20 +00:00
|
|
|
};
|
2021-03-16 17:00:26 +00:00
|
|
|
debug!("Auth check with current state succeeded.");
|
2020-11-08 19:44:02 +00:00
|
|
|
|
2021-03-25 22:55:40 +00:00
|
|
|
// Now we calculate the set of extremities this room has after the incoming event has been
|
|
|
|
// applied. We start with the previous extremities (aka leaves)
|
|
|
|
let mut extremities = db
|
|
|
|
.rooms
|
|
|
|
.get_pdu_leaves(&incoming_pdu.room_id)
|
|
|
|
.map_err(|_| "Failed to load room leaves".to_owned())?;
|
|
|
|
|
|
|
|
// Remove any forward extremities that are referenced by this incoming event's prev_events
|
|
|
|
for prev_event in &incoming_pdu.prev_events {
|
|
|
|
if extremities.contains(prev_event) {
|
|
|
|
extremities.remove(prev_event);
|
2021-01-30 02:45:33 +00:00
|
|
|
}
|
2021-03-25 22:55:40 +00:00
|
|
|
}
|
2021-01-30 02:45:33 +00:00
|
|
|
|
2021-03-25 22:55:40 +00:00
|
|
|
let mut fork_states = BTreeSet::new();
|
|
|
|
for id in &extremities {
|
|
|
|
match db.rooms.get_pdu(&id).map_err(|_| "Failed to ask db for pdu.".to_owned())? {
|
|
|
|
Some(leaf_pdu) => {
|
|
|
|
let pdu_shortstatehash = db
|
|
|
|
.rooms
|
|
|
|
.pdu_shortstatehash(&leaf_pdu.event_id)
|
|
|
|
.map_err(|_| "Failed to ask db for pdu state hash.".to_owned())?
|
|
|
|
.ok_or_else(|| {
|
|
|
|
error!(
|
|
|
|
"Found extremity pdu with no statehash in db: {:?}",
|
|
|
|
leaf_pdu
|
|
|
|
);
|
|
|
|
"Found pdu with no statehash in db.".to_owned()
|
|
|
|
})?;
|
|
|
|
|
|
|
|
let mut leaf_state = db
|
|
|
|
.rooms
|
|
|
|
.state_full(pdu_shortstatehash)
|
|
|
|
.map_err(|_| "Failed to ask db for room state.".to_owned())?
|
|
|
|
.into_iter()
|
|
|
|
.map(|(k, v)| (k, Arc::new(v)))
|
|
|
|
.collect::<StateMap<_>>();
|
|
|
|
|
|
|
|
if let Some(state_key) = &leaf_pdu.state_key {
|
|
|
|
// Now it's the state after
|
|
|
|
let key = (leaf_pdu.kind.clone(), state_key.clone());
|
|
|
|
leaf_state.insert(key, Arc::new(leaf_pdu));
|
|
|
|
}
|
|
|
|
|
|
|
|
fork_states.insert(leaf_state);
|
2021-03-24 10:52:10 +00:00
|
|
|
}
|
2021-03-25 22:55:40 +00:00
|
|
|
_ => {
|
|
|
|
error!("Missing state snapshot for {:?}", id);
|
|
|
|
return Err("Missing state snapshot.".to_owned());
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// 12. Ensure that the state is derived from the previous current state (i.e. we calculated
|
|
|
|
// by doing state res where one of the inputs was a previously trusted set of state,
|
|
|
|
// don't just trust a set of state we got from a remote).
|
|
|
|
|
|
|
|
// We do this by adding the current state to the list of fork states
|
|
|
|
fork_states.insert(current_state);
|
2020-12-22 17:45:35 +00:00
|
|
|
|
2021-03-25 22:55:40 +00:00
|
|
|
// We also add state after incoming event to the fork states
|
|
|
|
let mut state_after = state_at_incoming_event.clone();
|
|
|
|
if let Some(state_key) = &incoming_pdu.state_key {
|
|
|
|
state_after.insert(
|
|
|
|
(incoming_pdu.kind.clone(), state_key.clone()),
|
|
|
|
incoming_pdu.clone(),
|
|
|
|
);
|
|
|
|
}
|
2021-02-04 01:00:01 +00:00
|
|
|
fork_states.insert(state_after.clone());
|
2021-01-19 00:08:59 +00:00
|
|
|
|
|
|
|
let fork_states = fork_states.into_iter().collect::<Vec<_>>();
|
|
|
|
|
2021-01-25 01:18:40 +00:00
|
|
|
let mut update_state = false;
|
2021-03-25 22:55:40 +00:00
|
|
|
// 14. Use state resolution to find new room state
|
|
|
|
let new_room_state = if fork_states.is_empty() {
|
|
|
|
return Err("State is empty.".to_owned());
|
2020-12-22 17:45:35 +00:00
|
|
|
} else if fork_states.len() == 1 {
|
2021-03-25 22:55:40 +00:00
|
|
|
// There was only one state, so it has to be the room's current state (because that is
|
|
|
|
// always included)
|
|
|
|
info!("Skipping stateres because there is no new state.");
|
|
|
|
fork_states[0]
|
|
|
|
.iter()
|
|
|
|
.map(|(k, pdu)| (k.clone(), pdu.event_id.clone()))
|
|
|
|
.collect()
|
2020-12-22 17:45:35 +00:00
|
|
|
} else {
|
2021-03-25 22:55:40 +00:00
|
|
|
// We do need to force an update to this room's state
|
2021-01-25 01:18:40 +00:00
|
|
|
update_state = true;
|
|
|
|
|
2021-01-15 02:32:22 +00:00
|
|
|
let mut auth_events = vec![];
|
|
|
|
for map in &fork_states {
|
|
|
|
let mut state_auth = vec![];
|
2021-01-15 20:46:47 +00:00
|
|
|
for auth_id in map.values().flat_map(|pdu| &pdu.auth_events) {
|
2021-03-25 22:55:40 +00:00
|
|
|
match fetch_and_handle_events(&db, origin, &[auth_id.clone()], &mut auth_cache)
|
|
|
|
.await
|
2021-03-16 17:00:26 +00:00
|
|
|
{
|
|
|
|
// This should always contain exactly one element when Ok
|
|
|
|
Ok(events) => state_auth.push(events[0].clone()),
|
|
|
|
Err(e) => {
|
|
|
|
debug!("Event was not present: {}", e);
|
2021-02-04 01:00:01 +00:00
|
|
|
}
|
2021-03-16 17:00:26 +00:00
|
|
|
}
|
2021-01-15 02:32:22 +00:00
|
|
|
}
|
|
|
|
auth_events.push(state_auth);
|
|
|
|
}
|
2021-01-06 13:52:30 +00:00
|
|
|
|
2021-01-06 20:05:09 +00:00
|
|
|
// Add everything we will need to event_map
|
2021-01-25 01:18:40 +00:00
|
|
|
auth_cache.extend(
|
2021-01-06 20:05:09 +00:00
|
|
|
auth_events
|
|
|
|
.iter()
|
|
|
|
.map(|pdus| pdus.iter().map(|pdu| (pdu.event_id().clone(), pdu.clone())))
|
|
|
|
.flatten(),
|
|
|
|
);
|
2021-01-25 01:18:40 +00:00
|
|
|
auth_cache.extend(
|
2021-01-03 22:26:17 +00:00
|
|
|
incoming_auth_events
|
|
|
|
.into_iter()
|
2021-01-06 13:52:30 +00:00
|
|
|
.map(|pdu| (pdu.event_id().clone(), pdu)),
|
2021-01-03 22:26:17 +00:00
|
|
|
);
|
2021-01-25 01:18:40 +00:00
|
|
|
auth_cache.extend(
|
2021-02-04 01:00:01 +00:00
|
|
|
state_after
|
2021-01-03 22:26:17 +00:00
|
|
|
.into_iter()
|
|
|
|
.map(|(_, pdu)| (pdu.event_id().clone(), pdu)),
|
|
|
|
);
|
|
|
|
|
2021-03-25 22:55:40 +00:00
|
|
|
match state_res::StateResolution::resolve(
|
|
|
|
&incoming_pdu.room_id,
|
2020-12-22 17:45:35 +00:00
|
|
|
&RoomVersionId::Version6,
|
|
|
|
&fork_states
|
|
|
|
.into_iter()
|
|
|
|
.map(|map| {
|
|
|
|
map.into_iter()
|
2020-12-31 13:40:49 +00:00
|
|
|
.map(|(k, v)| (k, v.event_id.clone()))
|
2020-12-22 17:45:35 +00:00
|
|
|
.collect::<StateMap<_>>()
|
|
|
|
})
|
|
|
|
.collect::<Vec<_>>(),
|
2021-01-06 20:05:09 +00:00
|
|
|
auth_events
|
|
|
|
.into_iter()
|
|
|
|
.map(|pdus| pdus.into_iter().map(|pdu| pdu.event_id().clone()).collect())
|
|
|
|
.collect(),
|
2021-01-25 01:18:40 +00:00
|
|
|
&mut auth_cache,
|
2020-12-22 17:45:35 +00:00
|
|
|
) {
|
2021-03-25 22:55:40 +00:00
|
|
|
Ok(new_state) => new_state,
|
2021-01-15 20:46:47 +00:00
|
|
|
Err(_) => {
|
2021-03-25 22:55:40 +00:00
|
|
|
return Err("State resolution failed, either an event could not be found or deserialization".into());
|
2021-01-15 20:46:47 +00:00
|
|
|
}
|
2020-12-22 17:45:35 +00:00
|
|
|
}
|
|
|
|
};
|
|
|
|
|
2021-02-04 01:00:01 +00:00
|
|
|
// Now that the event has passed all auth it is added into the timeline.
|
|
|
|
// We use the `state_at_event` instead of `state_after` so we accurately
|
|
|
|
// represent the state for this event.
|
2021-03-25 22:55:40 +00:00
|
|
|
append_incoming_pdu(&db, &incoming_pdu, extremities, &state_at_incoming_event)
|
|
|
|
.map_err(|_| "Failed to add pdu to db.".to_owned())?;
|
|
|
|
debug!("Appended incoming pdu.");
|
2021-02-04 01:00:01 +00:00
|
|
|
|
|
|
|
// Set the new room state to the resolved state
|
2021-03-25 22:55:40 +00:00
|
|
|
if update_state {
|
|
|
|
db.rooms
|
|
|
|
.force_state(&room_id, new_room_state, &db.globals)
|
|
|
|
.map_err(|_| "Failed to set new room state.".to_owned())?;
|
|
|
|
}
|
2021-03-16 17:00:26 +00:00
|
|
|
debug!("Updated resolved state");
|
2021-01-19 00:08:59 +00:00
|
|
|
|
2021-01-28 20:33:41 +00:00
|
|
|
// Event has passed all auth/stateres checks
|
2021-03-25 22:55:40 +00:00
|
|
|
Ok(incoming_pdu)
|
2021-01-15 02:32:22 +00:00
|
|
|
})
|
2021-01-14 19:39:56 +00:00
|
|
|
}
|
|
|
|
|
2021-01-30 02:45:33 +00:00
|
|
|
/// Find the event and auth it. Once the event is validated (steps 1 - 8)
|
|
|
|
/// it is appended to the outliers Tree.
|
2021-01-15 02:32:22 +00:00
|
|
|
///
|
2021-03-25 22:55:40 +00:00
|
|
|
/// a. Look in the auth_cache
|
|
|
|
/// b. Look in the main timeline (pduid_pdu tree)
|
|
|
|
/// c. Look at outlier pdu tree
|
|
|
|
/// d. Ask origin server over federation
|
|
|
|
/// e. TODO: Ask other servers over federation?
|
2021-02-04 01:00:01 +00:00
|
|
|
///
|
|
|
|
/// If the event is unknown to the `auth_cache` it is added. This guarantees that any
|
|
|
|
/// event we need to know of will be present.
|
2021-03-23 11:59:27 +00:00
|
|
|
//#[tracing::instrument(skip(db, key_map, auth_cache))]
|
2021-03-25 22:55:40 +00:00
|
|
|
pub(crate) async fn fetch_and_handle_events(
|
2021-01-15 02:32:22 +00:00
|
|
|
db: &Database,
|
|
|
|
origin: &ServerName,
|
|
|
|
events: &[EventId],
|
|
|
|
auth_cache: &mut EventMap<Arc<PduEvent>>,
|
|
|
|
) -> Result<Vec<Arc<PduEvent>>> {
|
|
|
|
let mut pdus = vec![];
|
|
|
|
for id in events {
|
2021-03-25 22:55:40 +00:00
|
|
|
// a. Look at auth cache
|
2021-02-04 03:48:43 +00:00
|
|
|
let pdu = match auth_cache.get(id) {
|
2021-03-13 15:30:12 +00:00
|
|
|
Some(pdu) => {
|
2021-03-16 17:00:26 +00:00
|
|
|
debug!("Event found in cache");
|
2021-03-13 15:30:12 +00:00
|
|
|
pdu.clone()
|
|
|
|
}
|
2021-03-25 22:55:40 +00:00
|
|
|
// b. Look in the main timeline (pduid_pdu tree)
|
|
|
|
// c. Look at outlier pdu tree
|
|
|
|
// (get_pdu checks both)
|
2021-02-04 03:48:43 +00:00
|
|
|
None => match db.rooms.get_pdu(&id)? {
|
2021-03-13 15:30:12 +00:00
|
|
|
Some(pdu) => {
|
2021-03-16 17:00:26 +00:00
|
|
|
debug!("Event found in outliers");
|
2021-03-13 15:30:12 +00:00
|
|
|
Arc::new(pdu)
|
|
|
|
}
|
|
|
|
None => {
|
2021-03-25 22:55:40 +00:00
|
|
|
// d. Ask origin server over federation
|
2021-03-22 13:04:11 +00:00
|
|
|
debug!("Fetching event over federation: {:?}", id);
|
2021-03-13 15:30:12 +00:00
|
|
|
match db
|
|
|
|
.sending
|
|
|
|
.send_federation_request(
|
|
|
|
&db.globals,
|
|
|
|
origin,
|
|
|
|
get_event::v1::Request { event_id: &id },
|
|
|
|
)
|
|
|
|
.await
|
|
|
|
{
|
|
|
|
Ok(res) => {
|
2021-03-16 17:00:26 +00:00
|
|
|
debug!("Got event over federation: {:?}", res);
|
2021-03-13 15:30:12 +00:00
|
|
|
let (event_id, value) =
|
2021-03-23 18:46:54 +00:00
|
|
|
crate::pdu::gen_event_id_canonical_json(&res.pdu)?;
|
2021-03-25 22:55:40 +00:00
|
|
|
let pdu = handle_incoming_pdu(origin, &event_id, value, false, db)
|
|
|
|
.await
|
|
|
|
.map_err(|e| {
|
|
|
|
error!("Error: {:?}", e);
|
|
|
|
Error::Conflict("Authentication of event failed")
|
|
|
|
})?;
|
|
|
|
|
2021-03-13 15:30:12 +00:00
|
|
|
pdu
|
|
|
|
}
|
|
|
|
Err(_) => return Err(Error::BadServerResponse("Failed to fetch event")),
|
2021-02-04 03:48:43 +00:00
|
|
|
}
|
2021-03-13 15:30:12 +00:00
|
|
|
}
|
2021-01-15 02:32:22 +00:00
|
|
|
},
|
|
|
|
};
|
2021-02-04 01:00:01 +00:00
|
|
|
auth_cache.entry(id.clone()).or_insert_with(|| pdu.clone());
|
2021-01-15 02:32:22 +00:00
|
|
|
pdus.push(pdu);
|
|
|
|
}
|
|
|
|
Ok(pdus)
|
2021-01-12 13:26:52 +00:00
|
|
|
}
|
|
|
|
|
2021-01-15 02:32:22 +00:00
|
|
|
/// Search the DB for the signing keys of the given server, if we don't have them
|
|
|
|
/// fetch them from the server and save to our DB.
|
2021-03-13 15:30:12 +00:00
|
|
|
#[tracing::instrument(skip(db))]
|
2021-01-30 02:45:33 +00:00
|
|
|
pub(crate) async fn fetch_signing_keys(
|
2021-01-03 22:26:17 +00:00
|
|
|
db: &Database,
|
2021-01-14 19:39:56 +00:00
|
|
|
origin: &ServerName,
|
2021-03-22 13:04:11 +00:00
|
|
|
signature_ids: Vec<&String>,
|
2021-03-13 15:30:12 +00:00
|
|
|
) -> Result<BTreeMap<String, String>> {
|
2021-03-23 11:59:27 +00:00
|
|
|
let contains_all_ids =
|
|
|
|
|keys: &BTreeMap<String, String>| signature_ids.iter().all(|&id| keys.contains_key(id));
|
2021-03-13 15:30:12 +00:00
|
|
|
|
2021-03-22 13:04:11 +00:00
|
|
|
let mut result = db
|
|
|
|
.globals
|
|
|
|
.signing_keys_for(origin)?
|
|
|
|
.into_iter()
|
|
|
|
.map(|(k, v)| (k.to_string(), v.key))
|
|
|
|
.collect::<BTreeMap<_, _>>();
|
|
|
|
|
|
|
|
if contains_all_ids(&result) {
|
|
|
|
return Ok(result);
|
|
|
|
}
|
|
|
|
|
|
|
|
if let Ok(get_keys_response) = db
|
|
|
|
.sending
|
|
|
|
.send_federation_request(&db.globals, origin, get_server_keys::v2::Request::new())
|
|
|
|
.await
|
|
|
|
{
|
|
|
|
db.globals
|
|
|
|
.add_signing_key(origin, &get_keys_response.server_key)?;
|
|
|
|
|
|
|
|
result.extend(
|
|
|
|
get_keys_response
|
|
|
|
.server_key
|
|
|
|
.verify_keys
|
|
|
|
.into_iter()
|
|
|
|
.map(|(k, v)| (k.to_string(), v.key)),
|
|
|
|
);
|
|
|
|
result.extend(
|
|
|
|
get_keys_response
|
|
|
|
.server_key
|
|
|
|
.old_verify_keys
|
|
|
|
.into_iter()
|
|
|
|
.map(|(k, v)| (k.to_string(), v.key)),
|
|
|
|
);
|
|
|
|
|
|
|
|
if contains_all_ids(&result) {
|
|
|
|
return Ok(result);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
for server in db.globals.trusted_servers() {
|
|
|
|
debug!("Asking {} for {}'s signing key", server, origin);
|
|
|
|
if let Ok(keys) = db
|
|
|
|
.sending
|
|
|
|
.send_federation_request(
|
|
|
|
&db.globals,
|
|
|
|
&server,
|
|
|
|
get_remote_server_keys::v2::Request::new(
|
|
|
|
origin,
|
|
|
|
SystemTime::now()
|
|
|
|
.checked_add(Duration::from_secs(3600))
|
|
|
|
.expect("SystemTime to large"),
|
|
|
|
),
|
|
|
|
)
|
|
|
|
.await
|
|
|
|
{
|
|
|
|
debug!("Got signing keys: {:?}", keys);
|
|
|
|
for k in keys.server_keys.into_iter() {
|
|
|
|
db.globals.add_signing_key(origin, &k)?;
|
|
|
|
result.extend(
|
|
|
|
k.verify_keys
|
|
|
|
.into_iter()
|
|
|
|
.map(|(k, v)| (k.to_string(), v.key)),
|
|
|
|
);
|
|
|
|
result.extend(
|
|
|
|
k.old_verify_keys
|
|
|
|
.into_iter()
|
|
|
|
.map(|(k, v)| (k.to_string(), v.key)),
|
|
|
|
);
|
|
|
|
}
|
|
|
|
|
|
|
|
if contains_all_ids(&result) {
|
|
|
|
return Ok(result);
|
2021-03-01 13:23:28 +00:00
|
|
|
}
|
2021-01-03 22:26:17 +00:00
|
|
|
}
|
|
|
|
}
|
2021-03-22 13:04:11 +00:00
|
|
|
|
|
|
|
Err(Error::BadServerResponse(
|
|
|
|
"Failed to find public key for server",
|
|
|
|
))
|
2021-01-03 22:26:17 +00:00
|
|
|
}
|
2021-01-15 20:46:47 +00:00
|
|
|
|
2021-01-30 02:45:33 +00:00
|
|
|
/// Append the incoming event setting the state snapshot to the state from the
|
|
|
|
/// server that sent the event.
|
2021-03-13 15:30:12 +00:00
|
|
|
#[tracing::instrument(skip(db))]
|
2021-01-30 02:45:33 +00:00
|
|
|
pub(crate) fn append_incoming_pdu(
|
|
|
|
db: &Database,
|
|
|
|
pdu: &PduEvent,
|
2021-03-25 22:55:40 +00:00
|
|
|
new_room_leaves: HashSet<EventId>,
|
2021-01-30 02:45:33 +00:00
|
|
|
state: &StateMap<Arc<PduEvent>>,
|
|
|
|
) -> Result<()> {
|
2021-01-29 16:20:33 +00:00
|
|
|
let count = db.globals.next_count()?;
|
|
|
|
let mut pdu_id = pdu.room_id.as_bytes().to_vec();
|
|
|
|
pdu_id.push(0xff);
|
|
|
|
pdu_id.extend_from_slice(&count.to_be_bytes());
|
|
|
|
|
2021-01-15 02:32:22 +00:00
|
|
|
// We append to state before appending the pdu, so we don't have a moment in time with the
|
|
|
|
// pdu without it's state. This is okay because append_pdu can't fail.
|
2021-03-25 22:55:40 +00:00
|
|
|
db.rooms
|
|
|
|
.set_event_state(&pdu.event_id, state, &db.globals)?;
|
2020-12-22 17:45:35 +00:00
|
|
|
|
|
|
|
db.rooms.append_pdu(
|
2021-01-19 00:08:59 +00:00
|
|
|
pdu,
|
2021-01-15 02:32:22 +00:00
|
|
|
utils::to_canonical_object(pdu).expect("Pdu is valid canonical object"),
|
2020-12-22 17:45:35 +00:00
|
|
|
count,
|
|
|
|
pdu_id.clone().into(),
|
2021-03-25 22:55:40 +00:00
|
|
|
&new_room_leaves.into_iter().collect::<Vec<_>>(),
|
2021-01-15 16:05:57 +00:00
|
|
|
&db,
|
2020-12-22 17:45:35 +00:00
|
|
|
)?;
|
|
|
|
|
|
|
|
for appservice in db.appservice.iter_all().filter_map(|r| r.ok()) {
|
2021-03-04 13:39:16 +00:00
|
|
|
if let Some(namespaces) = appservice.1.get("namespaces") {
|
|
|
|
let users = namespaces
|
|
|
|
.get("users")
|
|
|
|
.and_then(|users| users.as_sequence())
|
|
|
|
.map_or_else(Vec::new, |users| {
|
|
|
|
users
|
|
|
|
.iter()
|
|
|
|
.map(|users| {
|
|
|
|
users
|
|
|
|
.get("regex")
|
|
|
|
.and_then(|regex| regex.as_str())
|
|
|
|
.and_then(|regex| Regex::new(regex).ok())
|
|
|
|
})
|
|
|
|
.filter_map(|o| o)
|
|
|
|
.collect::<Vec<_>>()
|
|
|
|
});
|
|
|
|
let aliases = namespaces
|
|
|
|
.get("aliases")
|
|
|
|
.and_then(|users| users.get("regex"))
|
|
|
|
.and_then(|regex| regex.as_str())
|
|
|
|
.and_then(|regex| Regex::new(regex).ok());
|
|
|
|
let rooms = namespaces
|
|
|
|
.get("rooms")
|
|
|
|
.and_then(|rooms| rooms.as_sequence());
|
|
|
|
|
|
|
|
let room_aliases = db.rooms.room_aliases(&pdu.room_id);
|
|
|
|
|
|
|
|
let bridge_user_id = appservice
|
|
|
|
.1
|
|
|
|
.get("sender_localpart")
|
|
|
|
.and_then(|string| string.as_str())
|
|
|
|
.and_then(|string| {
|
|
|
|
UserId::parse_with_server_name(string, db.globals.server_name()).ok()
|
|
|
|
});
|
|
|
|
|
|
|
|
#[allow(clippy::blocks_in_if_conditions)]
|
|
|
|
if bridge_user_id.map_or(false, |bridge_user_id| {
|
|
|
|
db.rooms
|
|
|
|
.is_joined(&bridge_user_id, &pdu.room_id)
|
|
|
|
.unwrap_or(false)
|
|
|
|
}) || users.iter().any(|users| {
|
|
|
|
users.is_match(pdu.sender.as_str())
|
|
|
|
|| pdu.kind == EventType::RoomMember
|
|
|
|
&& pdu
|
|
|
|
.state_key
|
|
|
|
.as_ref()
|
|
|
|
.map_or(false, |state_key| users.is_match(&state_key))
|
|
|
|
}) || aliases.map_or(false, |aliases| {
|
|
|
|
room_aliases
|
|
|
|
.filter_map(|r| r.ok())
|
|
|
|
.any(|room_alias| aliases.is_match(room_alias.as_str()))
|
|
|
|
}) || rooms.map_or(false, |rooms| rooms.contains(&pdu.room_id.as_str().into()))
|
|
|
|
|| db
|
|
|
|
.rooms
|
|
|
|
.room_members(&pdu.room_id)
|
|
|
|
.filter_map(|r| r.ok())
|
|
|
|
.any(|member| users.iter().any(|regex| regex.is_match(member.as_str())))
|
|
|
|
{
|
|
|
|
db.sending.send_pdu_appservice(&appservice.0, &pdu_id)?;
|
|
|
|
}
|
|
|
|
}
|
2020-12-22 17:45:35 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
Ok(())
|
|
|
|
}
|
|
|
|
|
2020-09-25 10:26:29 +00:00
|
|
|
#[cfg_attr(
|
|
|
|
feature = "conduit_bin",
|
|
|
|
post("/_matrix/federation/v1/get_missing_events/<_>", data = "<body>")
|
|
|
|
)]
|
2021-02-28 11:41:03 +00:00
|
|
|
#[tracing::instrument(skip(db, body))]
|
2020-09-25 10:26:29 +00:00
|
|
|
pub fn get_missing_events_route<'a>(
|
|
|
|
db: State<'a, Database>,
|
|
|
|
body: Ruma<get_missing_events::v1::Request<'_>>,
|
|
|
|
) -> ConduitResult<get_missing_events::v1::Response> {
|
2021-01-01 12:47:53 +00:00
|
|
|
if !db.globals.allow_federation() {
|
2020-11-14 22:13:06 +00:00
|
|
|
return Err(Error::bad_config("Federation is disabled."));
|
2020-10-06 19:04:51 +00:00
|
|
|
}
|
|
|
|
|
2020-09-25 10:26:29 +00:00
|
|
|
let mut queued_events = body.latest_events.clone();
|
|
|
|
let mut events = Vec::new();
|
|
|
|
|
|
|
|
let mut i = 0;
|
|
|
|
while i < queued_events.len() && events.len() < u64::from(body.limit) as usize {
|
|
|
|
if let Some(pdu) = db.rooms.get_pdu_json(&queued_events[i])? {
|
|
|
|
if body.earliest_events.contains(
|
|
|
|
&serde_json::from_value(
|
|
|
|
pdu.get("event_id")
|
|
|
|
.cloned()
|
|
|
|
.ok_or_else(|| Error::bad_database("Event in db has no event_id field."))?,
|
|
|
|
)
|
|
|
|
.map_err(|_| Error::bad_database("Invalid event_id field in pdu in db."))?,
|
|
|
|
) {
|
|
|
|
i += 1;
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
queued_events.extend_from_slice(
|
|
|
|
&serde_json::from_value::<Vec<EventId>>(
|
|
|
|
pdu.get("prev_events").cloned().ok_or_else(|| {
|
|
|
|
Error::bad_database("Invalid prev_events field of pdu in db.")
|
|
|
|
})?,
|
|
|
|
)
|
|
|
|
.map_err(|_| Error::bad_database("Invalid prev_events content in pdu in db."))?,
|
|
|
|
);
|
2021-03-16 17:00:26 +00:00
|
|
|
events.push(PduEvent::convert_to_outgoing_federation_event(
|
|
|
|
serde_json::from_value(pdu)
|
|
|
|
.map_err(|_| Error::bad_database("Invalid pdu in database."))?,
|
|
|
|
));
|
2020-09-25 10:26:29 +00:00
|
|
|
}
|
|
|
|
i += 1;
|
|
|
|
}
|
|
|
|
|
|
|
|
Ok(get_missing_events::v1::Response { events }.into())
|
|
|
|
}
|
2020-10-05 20:19:22 +00:00
|
|
|
|
2021-03-17 23:09:57 +00:00
|
|
|
#[cfg_attr(
|
|
|
|
feature = "conduit_bin",
|
|
|
|
get("/_matrix/federation/v1/state_ids/<_>", data = "<body>")
|
|
|
|
)]
|
|
|
|
#[tracing::instrument(skip(db, body))]
|
|
|
|
pub fn get_room_state_ids_route<'a>(
|
|
|
|
db: State<'a, Database>,
|
|
|
|
body: Ruma<get_room_state_ids::v1::Request<'_>>,
|
|
|
|
) -> ConduitResult<get_room_state_ids::v1::Response> {
|
|
|
|
if !db.globals.allow_federation() {
|
|
|
|
return Err(Error::bad_config("Federation is disabled."));
|
|
|
|
}
|
|
|
|
|
|
|
|
let shortstatehash = db
|
|
|
|
.rooms
|
|
|
|
.pdu_shortstatehash(&body.event_id)?
|
|
|
|
.ok_or(Error::BadRequest(
|
|
|
|
ErrorKind::NotFound,
|
|
|
|
"Pdu state not found.",
|
|
|
|
))?;
|
|
|
|
|
|
|
|
let pdu_ids = db.rooms.state_full_ids(shortstatehash)?;
|
|
|
|
|
|
|
|
let mut auth_chain_ids = BTreeSet::<EventId>::new();
|
|
|
|
let mut todo = BTreeSet::new();
|
|
|
|
todo.insert(body.event_id.clone());
|
|
|
|
|
2021-03-24 10:52:10 +00:00
|
|
|
while let Some(event_id) = todo.iter().next().cloned() {
|
|
|
|
if let Some(pdu) = db.rooms.get_pdu(&event_id)? {
|
|
|
|
todo.extend(
|
|
|
|
pdu.auth_events
|
|
|
|
.clone()
|
|
|
|
.into_iter()
|
|
|
|
.collect::<BTreeSet<_>>()
|
|
|
|
.difference(&auth_chain_ids)
|
|
|
|
.cloned(),
|
|
|
|
);
|
|
|
|
auth_chain_ids.extend(pdu.auth_events.into_iter());
|
2021-03-17 23:09:57 +00:00
|
|
|
} else {
|
2021-03-24 10:52:10 +00:00
|
|
|
warn!("Could not find pdu mentioned in auth events.");
|
2021-03-17 23:09:57 +00:00
|
|
|
}
|
2021-03-24 10:52:10 +00:00
|
|
|
|
|
|
|
todo.remove(&event_id);
|
2021-03-17 23:09:57 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
Ok(get_room_state_ids::v1::Response {
|
|
|
|
auth_chain_ids: auth_chain_ids.into_iter().collect(),
|
|
|
|
pdu_ids,
|
|
|
|
}
|
|
|
|
.into())
|
|
|
|
}
|
|
|
|
|
2020-10-05 20:19:22 +00:00
|
|
|
#[cfg_attr(
|
|
|
|
feature = "conduit_bin",
|
|
|
|
get("/_matrix/federation/v1/query/profile", data = "<body>")
|
|
|
|
)]
|
2021-02-28 11:41:03 +00:00
|
|
|
#[tracing::instrument(skip(db, body))]
|
2020-10-05 20:19:22 +00:00
|
|
|
pub fn get_profile_information_route<'a>(
|
|
|
|
db: State<'a, Database>,
|
|
|
|
body: Ruma<get_profile_information::v1::Request<'_>>,
|
|
|
|
) -> ConduitResult<get_profile_information::v1::Response> {
|
2021-01-01 12:47:53 +00:00
|
|
|
if !db.globals.allow_federation() {
|
2020-11-14 22:13:06 +00:00
|
|
|
return Err(Error::bad_config("Federation is disabled."));
|
2020-10-06 19:04:51 +00:00
|
|
|
}
|
|
|
|
|
2020-10-05 20:19:22 +00:00
|
|
|
let mut displayname = None;
|
|
|
|
let mut avatar_url = None;
|
|
|
|
|
2020-12-04 23:16:17 +00:00
|
|
|
match &body.field {
|
|
|
|
// TODO: what to do with custom
|
|
|
|
Some(ProfileField::_Custom(_s)) => {}
|
2020-10-05 20:19:22 +00:00
|
|
|
Some(ProfileField::DisplayName) => displayname = db.users.displayname(&body.user_id)?,
|
|
|
|
Some(ProfileField::AvatarUrl) => avatar_url = db.users.avatar_url(&body.user_id)?,
|
|
|
|
None => {
|
|
|
|
displayname = db.users.displayname(&body.user_id)?;
|
|
|
|
avatar_url = db.users.avatar_url(&body.user_id)?;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
Ok(get_profile_information::v1::Response {
|
|
|
|
displayname,
|
|
|
|
avatar_url,
|
|
|
|
}
|
|
|
|
.into())
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
#[cfg_attr(
|
|
|
|
feature = "conduit_bin",
|
|
|
|
get("/_matrix/federation/v2/invite/<_>/<_>", data = "<body>")
|
|
|
|
)]
|
|
|
|
pub fn get_user_devices_route<'a>(
|
|
|
|
db: State<'a, Database>,
|
|
|
|
body: Ruma<membership::v1::Request<'_>>,
|
|
|
|
) -> ConduitResult<get_profile_information::v1::Response> {
|
2021-01-01 12:47:53 +00:00
|
|
|
if !db.globals.allow_federation() {
|
2020-11-14 22:13:06 +00:00
|
|
|
return Err(Error::bad_config("Federation is disabled."));
|
2020-10-06 19:04:51 +00:00
|
|
|
}
|
|
|
|
|
2020-10-05 20:19:22 +00:00
|
|
|
let mut displayname = None;
|
|
|
|
let mut avatar_url = None;
|
|
|
|
|
|
|
|
match body.field {
|
|
|
|
Some(ProfileField::DisplayName) => displayname = db.users.displayname(&body.user_id)?,
|
|
|
|
Some(ProfileField::AvatarUrl) => avatar_url = db.users.avatar_url(&body.user_id)?,
|
|
|
|
None => {
|
|
|
|
displayname = db.users.displayname(&body.user_id)?;
|
|
|
|
avatar_url = db.users.avatar_url(&body.user_id)?;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
Ok(get_profile_information::v1::Response {
|
|
|
|
displayname,
|
|
|
|
avatar_url,
|
|
|
|
}
|
|
|
|
.into())
|
|
|
|
}
|
|
|
|
*/
|
2020-12-08 11:34:46 +00:00
|
|
|
|
|
|
|
#[cfg(test)]
|
|
|
|
mod tests {
|
|
|
|
use super::{add_port_to_hostname, get_ip_with_port};
|
|
|
|
|
|
|
|
#[test]
|
|
|
|
fn ips_get_default_ports() {
|
|
|
|
assert_eq!(
|
|
|
|
get_ip_with_port(String::from("1.1.1.1")),
|
|
|
|
Some(String::from("1.1.1.1:8448"))
|
|
|
|
);
|
|
|
|
assert_eq!(
|
|
|
|
get_ip_with_port(String::from("dead:beef::")),
|
|
|
|
Some(String::from("[dead:beef::]:8448"))
|
|
|
|
);
|
|
|
|
}
|
|
|
|
|
|
|
|
#[test]
|
|
|
|
fn ips_keep_custom_ports() {
|
|
|
|
assert_eq!(
|
|
|
|
get_ip_with_port(String::from("1.1.1.1:1234")),
|
|
|
|
Some(String::from("1.1.1.1:1234"))
|
|
|
|
);
|
|
|
|
assert_eq!(
|
|
|
|
get_ip_with_port(String::from("[dead::beef]:8933")),
|
|
|
|
Some(String::from("[dead::beef]:8933"))
|
|
|
|
);
|
|
|
|
}
|
|
|
|
|
|
|
|
#[test]
|
|
|
|
fn hostnames_get_default_ports() {
|
|
|
|
assert_eq!(
|
|
|
|
add_port_to_hostname(String::from("example.com")),
|
|
|
|
"example.com:8448"
|
|
|
|
)
|
|
|
|
}
|
|
|
|
|
|
|
|
#[test]
|
|
|
|
fn hostnames_keep_custom_ports() {
|
|
|
|
assert_eq!(
|
|
|
|
add_port_to_hostname(String::from("example.com:1337")),
|
|
|
|
"example.com:1337"
|
|
|
|
)
|
|
|
|
}
|
|
|
|
}
|