From dc5fb7e33a2bb820071df2e7f443d205690ff427 Mon Sep 17 00:00:00 2001
From: timokoesters <timo@koesters.xyz>
Date: Sun, 26 Jul 2020 20:41:10 +0200
Subject: [PATCH] feat: encryption_disabled config option

Can be used with ROCKET_ENCRYPTION_DISABLED=true
---
 Rocket-example.toml     | 2 ++
 src/client_server.rs    | 5 +++++
 src/database/globals.rs | 6 ++++++
 src/database/rooms.rs   | 5 +++++
 4 files changed, 18 insertions(+)

diff --git a/Rocket-example.toml b/Rocket-example.toml
index 30a3c3a..677b8e1 100644
--- a/Rocket-example.toml
+++ b/Rocket-example.toml
@@ -1,6 +1,7 @@
 [global]
 server_name = "your.server.name"
 #registration_disabled = true
+#encryption_disabled = true
 
 # Default path is in this user's data
 #database_path = "/home/timo/MyConduitServer"
@@ -8,6 +9,7 @@ server_name = "your.server.name"
 port = 14004
 address = "0.0.0.0"
 
+# Not necessary when using a reverse proxy
 #[global.tls]
 #certs = "/etc/letsencrypt/live/your.server.name/fullchain.pem"
 #key = "/etc/letsencrypt/live/your.server.name/privkey.pem"
diff --git a/src/client_server.rs b/src/client_server.rs
index c8f264c..e6a2c23 100644
--- a/src/client_server.rs
+++ b/src/client_server.rs
@@ -1341,6 +1341,11 @@ pub fn create_room_route(
         content,
     } in &body.initial_state
     {
+        // Silently skip encryption events if they are not allowed
+        if event_type == &EventType::RoomEncryption && db.globals.encryption_disabled() {
+            continue
+        }
+
         db.rooms.append_pdu(
             room_id.clone(),
             user_id.clone(),
diff --git a/src/database/globals.rs b/src/database/globals.rs
index 4578605..3a257a5 100644
--- a/src/database/globals.rs
+++ b/src/database/globals.rs
@@ -10,6 +10,7 @@ pub struct Globals {
     reqwest_client: reqwest::Client,
     server_name: Box<ServerName>,
     registration_disabled: bool,
+    encryption_disabled: bool,
 }
 
 impl Globals {
@@ -33,6 +34,7 @@ impl Globals {
                 .try_into()
                 .map_err(|_| Error::BadConfig("Invalid server name found."))?,
             registration_disabled: config.get_bool("registration_disabled").unwrap_or(false),
+            encryption_disabled: config.get_bool("encryption_disabled").unwrap_or(false),
         })
     }
 
@@ -70,4 +72,8 @@ impl Globals {
     pub fn registration_disabled(&self) -> bool {
         self.registration_disabled
     }
+
+    pub fn encryption_disabled(&self) -> bool {
+        self.encryption_disabled
+    }
 }
diff --git a/src/database/rooms.rs b/src/database/rooms.rs
index 3ef4f3f..298212d 100644
--- a/src/database/rooms.rs
+++ b/src/database/rooms.rs
@@ -319,7 +319,12 @@ impl Rooms {
                 Some,
             );
 
+            // Is the event allowed?
             if !match event_type {
+                EventType::RoomEncryption => {
+                    // Don't allow encryption events when it's disabled
+                    !globals.encryption_disabled()
+                }
                 EventType::RoomMember => {
                     let target_user_id = UserId::try_from(&**state_key).map_err(|_| {
                         Error::BadRequest(