feat: encryption_disabled config option
Can be used with ROCKET_ENCRYPTION_DISABLED=truenext
parent
5a8705bd25
commit
dc5fb7e33a
|
@ -1,6 +1,7 @@
|
||||||
[global]
|
[global]
|
||||||
server_name = "your.server.name"
|
server_name = "your.server.name"
|
||||||
#registration_disabled = true
|
#registration_disabled = true
|
||||||
|
#encryption_disabled = true
|
||||||
|
|
||||||
# Default path is in this user's data
|
# Default path is in this user's data
|
||||||
#database_path = "/home/timo/MyConduitServer"
|
#database_path = "/home/timo/MyConduitServer"
|
||||||
|
@ -8,6 +9,7 @@ server_name = "your.server.name"
|
||||||
port = 14004
|
port = 14004
|
||||||
address = "0.0.0.0"
|
address = "0.0.0.0"
|
||||||
|
|
||||||
|
# Not necessary when using a reverse proxy
|
||||||
#[global.tls]
|
#[global.tls]
|
||||||
#certs = "/etc/letsencrypt/live/your.server.name/fullchain.pem"
|
#certs = "/etc/letsencrypt/live/your.server.name/fullchain.pem"
|
||||||
#key = "/etc/letsencrypt/live/your.server.name/privkey.pem"
|
#key = "/etc/letsencrypt/live/your.server.name/privkey.pem"
|
||||||
|
|
|
@ -1341,6 +1341,11 @@ pub fn create_room_route(
|
||||||
content,
|
content,
|
||||||
} in &body.initial_state
|
} in &body.initial_state
|
||||||
{
|
{
|
||||||
|
// Silently skip encryption events if they are not allowed
|
||||||
|
if event_type == &EventType::RoomEncryption && db.globals.encryption_disabled() {
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
|
||||||
db.rooms.append_pdu(
|
db.rooms.append_pdu(
|
||||||
room_id.clone(),
|
room_id.clone(),
|
||||||
user_id.clone(),
|
user_id.clone(),
|
||||||
|
|
|
@ -10,6 +10,7 @@ pub struct Globals {
|
||||||
reqwest_client: reqwest::Client,
|
reqwest_client: reqwest::Client,
|
||||||
server_name: Box<ServerName>,
|
server_name: Box<ServerName>,
|
||||||
registration_disabled: bool,
|
registration_disabled: bool,
|
||||||
|
encryption_disabled: bool,
|
||||||
}
|
}
|
||||||
|
|
||||||
impl Globals {
|
impl Globals {
|
||||||
|
@ -33,6 +34,7 @@ impl Globals {
|
||||||
.try_into()
|
.try_into()
|
||||||
.map_err(|_| Error::BadConfig("Invalid server name found."))?,
|
.map_err(|_| Error::BadConfig("Invalid server name found."))?,
|
||||||
registration_disabled: config.get_bool("registration_disabled").unwrap_or(false),
|
registration_disabled: config.get_bool("registration_disabled").unwrap_or(false),
|
||||||
|
encryption_disabled: config.get_bool("encryption_disabled").unwrap_or(false),
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -70,4 +72,8 @@ impl Globals {
|
||||||
pub fn registration_disabled(&self) -> bool {
|
pub fn registration_disabled(&self) -> bool {
|
||||||
self.registration_disabled
|
self.registration_disabled
|
||||||
}
|
}
|
||||||
|
|
||||||
|
pub fn encryption_disabled(&self) -> bool {
|
||||||
|
self.encryption_disabled
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -319,7 +319,12 @@ impl Rooms {
|
||||||
Some,
|
Some,
|
||||||
);
|
);
|
||||||
|
|
||||||
|
// Is the event allowed?
|
||||||
if !match event_type {
|
if !match event_type {
|
||||||
|
EventType::RoomEncryption => {
|
||||||
|
// Don't allow encryption events when it's disabled
|
||||||
|
!globals.encryption_disabled()
|
||||||
|
}
|
||||||
EventType::RoomMember => {
|
EventType::RoomMember => {
|
||||||
let target_user_id = UserId::try_from(&**state_key).map_err(|_| {
|
let target_user_id = UserId::try_from(&**state_key).map_err(|_| {
|
||||||
Error::BadRequest(
|
Error::BadRequest(
|
||||||
|
|
Loading…
Reference in New Issue