continuwuity

mirror of https://forgejo.ellis.link/continuwuation/continuwuity.git synced 2025-07-10 05:46:42 +02:00

Author	SHA1	Message	Date
strawberry	b2fbbb9f3f	move these config checks to main.rs Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-02-11 12:23:15 -05:00
strawberry	cb1046a0a8	default to Undefined if room avatar URL was not found despite checking if its Some Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-02-11 12:16:51 -05:00
strawberry	e7b7a2ea1c	config option to check root domain with URL previews Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-02-11 11:42:55 -05:00
strawberry	f33e1ee86e	add expect message when failing to send oneshot channel shutdown transaction Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-02-11 11:42:17 -05:00
strawberry	af075f5ef7	remove hardcoded 300kb limit on spider size with config option of 1MB default modern websites are sadly massive, 300kb is pretty low. 1MB should be enough. Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-02-10 13:29:12 -05:00
strawberry	c9d94d714e	dont drop true error with url str parse, fix url contains logic order, clarify config comment Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-02-10 12:28:49 -05:00
strawberry	d8380714a3	doc+check if user does not have local presence enabled if using outgoing presence Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-02-10 11:43:58 -05:00
strawberry	3a74e991f1	(please) dont drop true error in presence timer creation failures Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-02-10 11:43:38 -05:00
strawberry	86d63d47f4	dont follow more than 2 redirects for URL previews for security reasons Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-02-10 11:26:05 -05:00
strawberry	1e8aab7e5a	fix media tests for URL previews Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-02-10 11:02:40 -05:00
Reiner Herrmann	35d08c3c67	feat: URL preview support from upstream MR https://gitlab.com/famedly/conduit/-/merge_requests/347 with the following changes (so far): - remove hardcoded list of allowed hosts (strongly disagree with this, even if it is desired, it should not be harcoded) - add more allow config options for granularity via URL contains, host contains, and domain is (explicit match) for security - warn if a user is allowing all URLs to be previewed for security reasons - replace an expect with proper error handling - bump webpage to 2.0 - improved code style a tad Co-authored-by: rooot <hey@rooot.gay> Signed-off-by: rooot <hey@rooot.gay> Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-02-09 23:16:06 -05:00
strawberry	1497035125	eat less /ban endpoint fields, fix ban reason not consistently applied Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-02-09 20:53:04 -05:00
strawberry	70dfb630da	ask systemd for more time when shutting down if needed, raise axum shutdown timeout to 3 mins Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-02-09 20:18:02 -05:00
strawberry	fb1b9b4d6f	bump default max_concurrent_requests to 500, update config comment also raise 1024 bytes to 4096 bytes in minimum max_request_size check Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-02-09 19:10:08 -05:00
strawberry	033dae03d7	slight wording addition Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-02-08 20:07:37 -05:00
strawberry	1905908186	filter out "config" as it's an expected config option this seems to exist when using `CONDUIT_CONFIG` environment variable, this is expected. Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-02-08 19:44:36 -05:00
strawberry	19b0c813f5	warn if a catchall config option (unknown config option) exists a longer way of saying: warn if a config key is unknown Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-02-08 19:19:28 -05:00
strawberry	3817e74a04	check if custom room ID is apart of forbidden room alias Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-02-08 19:13:01 -05:00
Matthias Ahouansou	1174ae4276	feat: forbid certain usernames & room aliases squashed from https://gitlab.com/famedly/conduit/-/merge_requests/582 Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-02-08 19:11:48 -05:00
Matthias Ahouansou	57a379f3a1	revamp appservice registration to ruma's Registration type squashed from https://gitlab.com/famedly/conduit/-/merge_requests/583 Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-02-07 17:49:02 -05:00
strawberry	125c8f26d4	update valid_until_ts comment Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-02-07 11:25:26 -05:00
Charles Hall	621c85fd3b	run `cargo update` `IndexMap::remove` was deprecated in favor of explicitly named methods. I assume that we actually needed to be using `shift_remove`, otherwise we probably wouldn't be bothering with `indexmap` here in the first place. I wonder if this fixes any bugs lol from: https://gitlab.com/famedly/conduit/-/merge_requests/580 Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-31 16:20:26 -05:00
strawberry	24605e151d	make allow_federation default to true Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-27 16:47:33 -05:00
strawberry	4ac568769b	improvement: registration token now only works when registration is enabled Co-authored-by: Timo Kösters <timo@koesters.xyz> Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-25 19:28:33 -05:00
strawberry	0e8267656f	fix room ID messages, remove comments Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-25 19:28:33 -05:00
strawberry	08a183e8c7	assume well-known is None if text length exceeds 10000 chars Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-25 19:28:33 -05:00
Charles Hall	ec7aeb1096	move resolver logic into the resolver Honestly not sure why it wasn't done like this before. This code is much less awkward to follow and more compartmentalized. These changes were mainly motivated by a clippy lint triggering on the original code, which then made me wonder if I could get rid of some of the `Box`ing. Turns out I could, and this is the result of that. Co-authored-by: strawberry <strawberry@puppygock.gay> Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-25 19:28:33 -05:00
strawberry	1536f08d81	use both is_ip_literal and IPAddress is_valid checks Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-25 19:28:33 -05:00
strawberry	9858b33b37	just remove double quotes if found instead Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-25 19:28:33 -05:00
strawberry	e0419d9c5d	custom room ID checks, dont use format! macro due to quotes being added Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-25 19:28:33 -05:00
strawberry	7eff572e77	check if room ID already exists instead of erroring on auth check Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-25 19:28:33 -05:00
strawberry	8754f0e2a5	additional character check on room alias Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-25 19:28:33 -05:00
strawberry	89d9cdeb3a	IP range denylist logging, and fix logic error Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-25 19:28:33 -05:00
strawberry	382347353e	add custom room ID support using `room_id` field Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-25 19:28:33 -05:00
strawberry	2980af6490	move room creation config check higher up dont bother wasting resources if we know we arent even allowed to make the room to begin with Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-25 19:28:33 -05:00
strawberry	ead9a58dce	dont crash failing to deserialise room creation content Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-25 19:28:33 -05:00
strawberry	3453dcc344	add error checking to room aliases length, colon, and spaces. also dont crash. Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-25 19:28:33 -05:00
strawberry	b51d148899	remove random space Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-25 19:28:33 -05:00
strawberry	6c1358d0c8	send home_server on login response again a 6+ year old deprecated field that isnt even spelled right, and no clients use it must still be sent according to spec Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-25 19:28:33 -05:00
strawberry	fa0c083555	don't send requests to specified list of IP CIDRs this can most definitely be improved but this is a decent attempt. the only annoying this is i couldn't just use a Vec<IPAddress> which would have significantly simplified all of this, but serde can't deserialise it on the config side i guess. i may find a better way to do this in the future, but this should cover most areas anyways. Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-25 19:28:33 -05:00
strawberry	71d247232d	oops forgot that endpoint too Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-25 19:28:33 -05:00
strawberry	6c75087863	eat less of client parameters for media requests still cantt respect allow_redirect yet Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-25 19:28:33 -05:00
strawberry	ab6cb4ad2d	switch back to expect for sender_user as far as i can tell, it will return a normal error in the auth token handling code so this is fine. we also shouldnt assume all errors from this are access_token related. Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-25 19:28:33 -05:00
strawberry	02bc818633	match explicit URI to see if we should authenticate the user first attempt at forcing an endpoint to be authenticated Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-25 19:28:33 -05:00
strawberry	9d0c85ab17	use ruma JsOption, bump figment Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-25 19:28:33 -05:00
strawberry	4e8823dedb	add warning about outgoing presence PDU/EDU relationship Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-25 19:28:33 -05:00
strawberry	11bc725268	return joined member count of room for pushrules instead of hardcoded 10 im not sure what the TODO is trying to say here, but since it's many years old and conduwuit is fast, i dont see an issue with this. Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-25 19:28:33 -05:00
strawberry	b50c47e1c2	silence loud tower_http errors (move to info) these are benign errors that are from things like conduwuit fetching remote media from dead servers Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-25 19:28:33 -05:00
strawberry	34bac4d1d9	support sending well_known client response in /login using `well_known_client` Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-25 19:28:33 -05:00
strawberry	cf62cb0d0a	send avatar_url on invite member events like synapse Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-25 19:28:33 -05:00

1 2 3 4 5 ...

1433 commits