git-mirrors/continuwuity
1
0
Fork 0
mirror of https://forgejo.ellis.link/continuwuation/continuwuity.git synced 2025-07-09 13:26:41 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat: added pdu blocking from servers which should not be able to send pdus

Browse source
This commit is contained in:
NinekoTheCat 2023-12-25 18:12:56 +01:00
parent 8468be7802
commit d1c0a76a12
No known key found for this signature in database
GPG key ID: 700DB3F678A4AB66
1 changed files with 22 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

24
src/api/server_server.rs
View file

@ -45,7 +45,7 @@ use ruma::{
to_device::DeviceIdOrAllDevices, to_device::DeviceIdOrAllDevices,
uint, user_id, CanonicalJsonObject, CanonicalJsonValue, EventId, MilliSecondsSinceUnixEpoch, uint, user_id, CanonicalJsonObject, CanonicalJsonValue, EventId, MilliSecondsSinceUnixEpoch,
OwnedEventId, OwnedRoomId, OwnedServerName, OwnedServerSigningKeyId, OwnedUserId, RoomId, OwnedEventId, OwnedRoomId, OwnedServerName, OwnedServerSigningKeyId, OwnedUserId, RoomId,
ServerName, ServerName, UserId,
}; };
use serde_json::value::{to_raw_value, RawValue as RawJsonValue}; use serde_json::value::{to_raw_value, RawValue as RawJsonValue};
use std::{ use std::{
@ -746,7 +746,22 @@ pub fn parse_incoming_pdu(
)); ));
} }
}; };
Ok((event_id, value, room_id))
let sender = value
.get("sender")
.and_then(|sender_id| UserId::parse(sender_id.as_str()?).ok())
.ok_or(Error::BadRequest(
ErrorKind::InvalidParam,
"Invalid sender id in pdu",
))?;
if !services()
.acl
.is_federation_with_allowed_server_name(sender.server_name())
{
Err(Error::ACLBlock(sender.server_name().to_owned()))
} else {
Ok((event_id, value, room_id))
}
} }
/// # `PUT /_matrix/federation/v1/send/{txnId}` /// # `PUT /_matrix/federation/v1/send/{txnId}`
@ -798,6 +813,11 @@ pub async fn send_transaction_message_route(
let r = parse_incoming_pdu(pdu); let r = parse_incoming_pdu(pdu);
let (event_id, value, room_id) = match r { let (event_id, value, room_id) = match r {
Ok(t) => t, Ok(t) => t,
Err(Error::ACLBlock(name)) => {
info!("blocked pdu from server {}", name);
debug!("blocked pdu content: {:#?}", &pdu);
continue;
}
Err(e) => { Err(e) => {
warn!("Could not parse PDU: {e}"); warn!("Could not parse PDU: {e}");
warn!("Full PDU: {:?}", &pdu); warn!("Full PDU: {:?}", &pdu);