feat: encryption_disabled config option

Can be used with ROCKET_ENCRYPTION_DISABLED=true
2020-07-26 20:41:10 +02:00 · 2020-07-26 20:41:10 +02:00 · dc5fb7e33a
parent 5a8705bd25
commit dc5fb7e33a
4 changed files with 18 additions and 0 deletions
--- a/Rocket-example.toml
+++ b/Rocket-example.toml
@ -1,6 +1,7 @@
 [global]
 server_name = "your.server.name"
 #registration_disabled = true
+#encryption_disabled = true

 # Default path is in this user's data
 #database_path = "/home/timo/MyConduitServer"
@ -8,6 +9,7 @@ server_name = "your.server.name"
 port = 14004
 address = "0.0.0.0"

+# Not necessary when using a reverse proxy
 #[global.tls]
 #certs = "/etc/letsencrypt/live/your.server.name/fullchain.pem"
 #key = "/etc/letsencrypt/live/your.server.name/privkey.pem"
--- a/src/client_server.rs
+++ b/src/client_server.rs
@ -1341,6 +1341,11 @@ pub fn create_room_route(
        content,
    } in &body.initial_state
    {
+        // Silently skip encryption events if they are not allowed
+        if event_type == &EventType::RoomEncryption && db.globals.encryption_disabled() {
+            continue
+        }
+
        db.rooms.append_pdu(
            room_id.clone(),
            user_id.clone(),
--- a/src/database/globals.rs
+++ b/src/database/globals.rs
@ -10,6 +10,7 @@ pub struct Globals {
    reqwest_client: reqwest::Client,
    server_name: Box<ServerName>,
    registration_disabled: bool,
+    encryption_disabled: bool,
 }

 impl Globals {
@ -33,6 +34,7 @@ impl Globals {
                .try_into()
                .map_err(|_| Error::BadConfig("Invalid server name found."))?,
            registration_disabled: config.get_bool("registration_disabled").unwrap_or(false),
+            encryption_disabled: config.get_bool("encryption_disabled").unwrap_or(false),
        })
    }

@ -70,4 +72,8 @@ impl Globals {
    pub fn registration_disabled(&self) -> bool {
        self.registration_disabled
    }
+
+    pub fn encryption_disabled(&self) -> bool {
+        self.encryption_disabled
+    }
 }
--- a/src/database/rooms.rs
+++ b/src/database/rooms.rs
@ -319,7 +319,12 @@ impl Rooms {
                Some,
            );

+            // Is the event allowed?
            if !match event_type {
+                EventType::RoomEncryption => {
+                    // Don't allow encryption events when it's disabled
+                    !globals.encryption_disabled()
+                }
                EventType::RoomMember => {
                    let target_user_id = UserId::try_from(&**state_key).map_err(|_| {
                        Error::BadRequest(