Merge pull request 'Implement max_request_size config option' (#153) from media-size-config into master
Reviewed-on: https://git.koesters.xyz/timo/conduit/pulls/153 Reviewed-by: Timo Kösters <timo@koesters.xyz>next
commit
fdb7b8f0f1
|
@ -1,15 +1,29 @@
|
||||||
[global]
|
[global]
|
||||||
|
# The name of this server
|
||||||
|
# Note: If server name != hostname, you need a .well-known file for federation
|
||||||
|
# to work
|
||||||
server_name = "your.server.name"
|
server_name = "your.server.name"
|
||||||
|
|
||||||
|
port = 14004
|
||||||
|
|
||||||
|
# Max size for uploads
|
||||||
|
#max_request_size = 20_000_000 # in bytes, ~20 MB
|
||||||
|
|
||||||
|
# Disable registration. No new users will be able to register on this server
|
||||||
#registration_disabled = true
|
#registration_disabled = true
|
||||||
|
|
||||||
|
# Disable encryption, so no new encrypted rooms can be created
|
||||||
|
# Note: existing rooms will continue to work
|
||||||
#encryption_disabled = true
|
#encryption_disabled = true
|
||||||
|
|
||||||
# Default path is in this user's data
|
# Default path is in this user's data
|
||||||
#database_path = "/home/timo/MyConduitServer"
|
#database_path = "/home/timo/MyConduitServer"
|
||||||
|
|
||||||
port = 14004
|
# You should probably leave this at 0.0.0.0
|
||||||
address = "0.0.0.0"
|
address = "0.0.0.0"
|
||||||
|
|
||||||
# Not necessary when using a reverse proxy
|
# TLS support
|
||||||
|
# Note: Not necessary when using a reverse proxy:
|
||||||
#[global.tls]
|
#[global.tls]
|
||||||
#certs = "/etc/letsencrypt/live/your.server.name/fullchain.pem"
|
#certs = "/etc/letsencrypt/live/your.server.name/fullchain.pem"
|
||||||
#key = "/etc/letsencrypt/live/your.server.name/privkey.pem"
|
#key = "/etc/letsencrypt/live/your.server.name/privkey.pem"
|
||||||
|
|
|
@ -2977,9 +2977,11 @@ pub fn send_event_to_device_route(
|
||||||
}
|
}
|
||||||
|
|
||||||
#[get("/_matrix/media/r0/config")]
|
#[get("/_matrix/media/r0/config")]
|
||||||
pub fn get_media_config_route() -> ConduitResult<get_media_config::Response> {
|
pub fn get_media_config_route(
|
||||||
|
db: State<'_, Database>,
|
||||||
|
) -> ConduitResult<get_media_config::Response> {
|
||||||
Ok(get_media_config::Response {
|
Ok(get_media_config::Response {
|
||||||
upload_size: (20_u32 * 1024 * 1024).into(), // 20 MB
|
upload_size: db.globals.max_request_size().into(),
|
||||||
}
|
}
|
||||||
.into())
|
.into())
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
use std::convert::TryInto;
|
|
||||||
|
|
||||||
use crate::{utils, Error, Result};
|
use crate::{utils, Error, Result};
|
||||||
use ruma::ServerName;
|
use ruma::ServerName;
|
||||||
|
use std::convert::TryInto;
|
||||||
|
|
||||||
pub const COUNTER: &str = "c";
|
pub const COUNTER: &str = "c";
|
||||||
|
|
||||||
pub struct Globals {
|
pub struct Globals {
|
||||||
|
@ -9,6 +9,7 @@ pub struct Globals {
|
||||||
keypair: ruma::signatures::Ed25519KeyPair,
|
keypair: ruma::signatures::Ed25519KeyPair,
|
||||||
reqwest_client: reqwest::Client,
|
reqwest_client: reqwest::Client,
|
||||||
server_name: Box<ServerName>,
|
server_name: Box<ServerName>,
|
||||||
|
max_request_size: u32,
|
||||||
registration_disabled: bool,
|
registration_disabled: bool,
|
||||||
encryption_disabled: bool,
|
encryption_disabled: bool,
|
||||||
}
|
}
|
||||||
|
@ -32,7 +33,12 @@ impl Globals {
|
||||||
.unwrap_or("localhost")
|
.unwrap_or("localhost")
|
||||||
.to_string()
|
.to_string()
|
||||||
.try_into()
|
.try_into()
|
||||||
.map_err(|_| Error::BadConfig("Invalid server name found."))?,
|
.map_err(|_| Error::BadConfig("Invalid server_name."))?,
|
||||||
|
max_request_size: config
|
||||||
|
.get_int("max_request_size")
|
||||||
|
.unwrap_or(20 * 1024 * 1024) // Default to 20 MB
|
||||||
|
.try_into()
|
||||||
|
.map_err(|_| Error::BadConfig("Invalid max_request_size."))?,
|
||||||
registration_disabled: config.get_bool("registration_disabled").unwrap_or(false),
|
registration_disabled: config.get_bool("registration_disabled").unwrap_or(false),
|
||||||
encryption_disabled: config.get_bool("encryption_disabled").unwrap_or(false),
|
encryption_disabled: config.get_bool("encryption_disabled").unwrap_or(false),
|
||||||
})
|
})
|
||||||
|
@ -69,6 +75,10 @@ impl Globals {
|
||||||
self.server_name.as_ref()
|
self.server_name.as_ref()
|
||||||
}
|
}
|
||||||
|
|
||||||
|
pub fn max_request_size(&self) -> u32 {
|
||||||
|
self.max_request_size
|
||||||
|
}
|
||||||
|
|
||||||
pub fn registration_disabled(&self) -> bool {
|
pub fn registration_disabled(&self) -> bool {
|
||||||
self.registration_disabled
|
self.registration_disabled
|
||||||
}
|
}
|
||||||
|
|
|
@ -11,8 +11,6 @@ use ruma::{api::Endpoint, DeviceId, UserId};
|
||||||
use std::{convert::TryInto, io::Cursor, ops::Deref};
|
use std::{convert::TryInto, io::Cursor, ops::Deref};
|
||||||
use tokio::io::AsyncReadExt;
|
use tokio::io::AsyncReadExt;
|
||||||
|
|
||||||
const MESSAGE_LIMIT: u64 = 20 * 1024 * 1024; // 20 MB
|
|
||||||
|
|
||||||
/// This struct converts rocket requests into ruma structs by converting them into http requests
|
/// This struct converts rocket requests into ruma structs by converting them into http requests
|
||||||
/// first.
|
/// first.
|
||||||
pub struct Ruma<T> {
|
pub struct Ruma<T> {
|
||||||
|
@ -40,13 +38,12 @@ impl<'a, T: Endpoint> FromTransformedData<'a> for Ruma<T> {
|
||||||
) -> FromDataFuture<'a, Self, Self::Error> {
|
) -> FromDataFuture<'a, Self, Self::Error> {
|
||||||
Box::pin(async move {
|
Box::pin(async move {
|
||||||
let data = rocket::try_outcome!(outcome.owned());
|
let data = rocket::try_outcome!(outcome.owned());
|
||||||
|
let db = request
|
||||||
|
.guard::<State<'_, crate::Database>>()
|
||||||
|
.await
|
||||||
|
.expect("database was loaded");
|
||||||
|
|
||||||
let (user_id, device_id) = if T::METADATA.requires_authentication {
|
let (user_id, device_id) = if T::METADATA.requires_authentication {
|
||||||
let db = request
|
|
||||||
.guard::<State<'_, crate::Database>>()
|
|
||||||
.await
|
|
||||||
.expect("database was loaded");
|
|
||||||
|
|
||||||
// Get token from header or query value
|
// Get token from header or query value
|
||||||
let token = match request
|
let token = match request
|
||||||
.headers()
|
.headers()
|
||||||
|
@ -76,7 +73,8 @@ impl<'a, T: Endpoint> FromTransformedData<'a> for Ruma<T> {
|
||||||
http_request = http_request.header(header.name.as_str(), &*header.value);
|
http_request = http_request.header(header.name.as_str(), &*header.value);
|
||||||
}
|
}
|
||||||
|
|
||||||
let mut handle = data.open().take(MESSAGE_LIMIT);
|
let limit = db.globals.max_request_size();
|
||||||
|
let mut handle = data.open().take(limit.into());
|
||||||
let mut body = Vec::new();
|
let mut body = Vec::new();
|
||||||
handle.read_to_end(&mut body).await.unwrap();
|
handle.read_to_end(&mut body).await.unwrap();
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue