melody/continuwuity
1
0
Fork 0
mirror of https://forgejo.ellis.link/continuwuation/continuwuity.git synced 2025-06-26 21:06:35 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Compare commits

base: melody:be52d495c9af1f6474e2f537036776dcc80538dd
Branches Tags
melody:main
melody:jade/docs-updates-202506
melody:jade/ci-improvements
melody:jade/contributing-docs
melody:jade/additional-checks
melody:illegal-car-mods
melody:jade/update-dockerfile
melody:nex/serving-policy
melody:jade/ai-slop-db-docs
melody:nex/fix-create-auth
melody:nex/force-time-travel
melody:nex/fix-join-sync-state
melody:jade/version-stats
melody:jade/read-receipts
melody:dahsa_uwu/axum-0.8
melody:jade/rust-toolchain-no-targets
melody:jade/logging-features
melody:jade/syncv5-typing
melody:jade/msc2815
melody:jade/relations
melody:jade/purge-sync-tokens
melody:nex/fix-eager-empty-sync
melody:morguldir/see-eye
melody:jade/css-small-screen
melody:nex/wip-751
melody:tuwunel-rebase
melody:test
melody:oddlid/rename-admin-room-bot
melody:strawberry/nix-ci-stuff
melody:strawberry/valgrind
melody:strawberry/morgs-snake-sync-jason-main
melody:newer-media-endpoints
melody:folly-coroutines-async-io
melody:federation-retry-timer-port
melody:bad-attempt-at-extracting-homeserver-signing-key
melody:room-deletion-attempt-do-not-use
melody:v0.5.0-rc.6
melody:v0.5.0-rc.5
melody:v0.5.0-rc4
melody:v0.5.0-rc3
melody:v0.5.0-rc2
melody:v0.5.0-rc
melody:v0.4.7-rc
melody:v0.4.6
melody:v0.4.6-rc
melody:v0.4.5
melody:v0.4.5-rc
melody:v0.4.4
melody:v0.4.3
melody:v0.4.2
melody:v0.4.1
melody:v0.3.4
melody:v0.3.3
melody:v0.3.2
melody:v0.3.1
melody:v0.3.0
...
compare: melody:aa29b81ef6ae404c71cf7f99ec8665e44d94d9b6
Branches Tags
melody:main
melody:jade/docs-updates-202506
melody:jade/ci-improvements
melody:jade/contributing-docs
melody:jade/additional-checks
melody:illegal-car-mods
melody:jade/update-dockerfile
melody:nex/serving-policy
melody:jade/ai-slop-db-docs
melody:nex/fix-create-auth
melody:nex/force-time-travel
melody:nex/fix-join-sync-state
melody:jade/version-stats
melody:jade/read-receipts
melody:dahsa_uwu/axum-0.8
melody:jade/rust-toolchain-no-targets
melody:jade/logging-features
melody:jade/syncv5-typing
melody:jade/msc2815
melody:jade/relations
melody:jade/purge-sync-tokens
melody:nex/fix-eager-empty-sync
melody:morguldir/see-eye
melody:jade/css-small-screen
melody:nex/wip-751
melody:tuwunel-rebase
melody:test
melody:oddlid/rename-admin-room-bot
melody:strawberry/nix-ci-stuff
melody:strawberry/valgrind
melody:strawberry/morgs-snake-sync-jason-main
melody:newer-media-endpoints
melody:folly-coroutines-async-io
melody:federation-retry-timer-port
melody:bad-attempt-at-extracting-homeserver-signing-key
melody:room-deletion-attempt-do-not-use
melody:v0.5.0-rc.6
melody:v0.5.0-rc.5
melody:v0.5.0-rc4
melody:v0.5.0-rc3
melody:v0.5.0-rc2
melody:v0.5.0-rc
melody:v0.4.7-rc
melody:v0.4.6
melody:v0.4.6-rc
melody:v0.4.5
melody:v0.4.5-rc
melody:v0.4.4
melody:v0.4.3
melody:v0.4.2
melody:v0.4.1
melody:v0.3.4
melody:v0.3.3
melody:v0.3.2
melody:v0.3.1
melody:v0.3.0

7 commits
be52d495c9 ... aa29b81ef6

Author SHA1 Message Date
Jade Ellis
aa29b81ef6
fix: Don't store events that have already been redacted
Some checks failed
Release Docker Image / define-variables (push) Failing after 1s
Details
Release Docker Image / build-image (linux/amd64, linux-amd64) (push) Has been skipped
Details
Release Docker Image / build-image (linux/arm64, linux-arm64) (push) Has been skipped
Details
Release Docker Image / merge (push) Has been skipped
Details
Rust Checks / Format (push) Failing after 1s
Details
Rust Checks / Clippy (push) Failing after 13s
Details
Rust Checks / Cargo Test (push) Failing after 10s
Details 
This prevents clobbering
 2025-06-14 19:40:43 +01:00
Jade Ellis
46b1eeb2c8
feat: Allow retrieving redacted message content (msc2815) 
Still to do:
- Handling the difference between content that we have deleted and
content we never received
- Deleting the original content on command or expiry

Another question is if we have to store the full original content?
Can we get by with just storing the 'content' field?
 2025-06-14 19:40:43 +01:00
Jade Ellis
88ecf61d49
feat: Store the original content of redacted PDUs 2025-06-14 19:40:42 +01:00
Jade Ellis
5d44653e3a
fix: Incorrect command descriptions
Some checks failed
Documentation / Build and Deploy Documentation (push) Failing after 2s
Details
Release Docker Image / define-variables (push) Failing after 1s
Details
Release Docker Image / build-image (linux/amd64, linux-amd64) (push) Has been skipped
Details
Release Docker Image / build-image (linux/arm64, linux-arm64) (push) Has been skipped
Details
Release Docker Image / merge (push) Has been skipped
Details
Rust Checks / Format (push) Failing after 1s
Details
Rust Checks / Clippy (push) Failing after 32s
Details
Rust Checks / Cargo Test (push) Failing after 10s
Details
2025-06-14 16:51:24 +01:00
Jade Ellis
44e60d0ea6
docs: Tiny phrasing changes to the security policy
Some checks failed
Documentation / Build and Deploy Documentation (push) Failing after 3s
Details
Rust Checks / Format (push) Failing after 15s
Details
Rust Checks / Clippy (push) Failing after 12s
Details
Rust Checks / Cargo Test (push) Failing after 8s
Details
2025-06-14 16:34:58 +01:00
Jade Ellis
d7514178ab
ci: Fix extra bracket in commit shorthash
Some checks failed
Release Docker Image / define-variables (push) Failing after 1s
Details
Release Docker Image / build-image (linux/amd64, linux-amd64) (push) Has been skipped
Details
Release Docker Image / build-image (linux/arm64, linux-arm64) (push) Has been skipped
Details
Release Docker Image / merge (push) Has been skipped
Details
Documentation / Build and Deploy Documentation (push) Failing after 3s
Details
Rust Checks / Format (push) Failing after 1s
Details
Rust Checks / Clippy (push) Failing after 12s
Details
Rust Checks / Cargo Test (push) Failing after 8s
Details
2025-06-13 14:30:26 +01:00
Jade Ellis
1d45e0b68c
feat: Add warning when admin users will be exposed as support contacts
Some checks failed
Documentation / Build and Deploy Documentation (push) Failing after 8s
Details
Release Docker Image / define-variables (push) Failing after 1s
Details
Release Docker Image / build-image (linux/amd64, linux-amd64) (push) Has been skipped
Details
Release Docker Image / build-image (linux/arm64, linux-arm64) (push) Has been skipped
Details
Release Docker Image / merge (push) Has been skipped
Details
Rust Checks / Format (push) Failing after 20s
Details
Rust Checks / Clippy (push) Failing after 21s
Details
Rust Checks / Cargo Test (push) Failing after 10s
Details
2025-06-13 13:39:50 +01:00
9 changed files with 130 additions and 10 deletions
Show stats Expand all files Collapse all files

2
.forgejo/workflows/release-image.yml
View file

@ -180,7 +180,7 @@ jobs:
file: "docker/Dockerfile"
build-args: |
GIT_COMMIT_HASH=${{ github.sha }})
GIT_COMMIT_HASH_SHORT=${{ env.COMMIT_SHORT_SHA }})
GIT_COMMIT_HASH_SHORT=${{ env.COMMIT_SHORT_SHA }}
GIT_REMOTE_URL=${{github.event.repository.html_url }}
GIT_REMOTE_COMMIT_URL=${{github.event.head_commit.url }}
platforms: ${{ matrix.platform }}

6
SECURITY.md
View file

@ -20,10 +20,10 @@ We may backport fixes to the previous release at our discretion, but we don't gu
We appreciate the efforts of security researchers and the community in identifying and reporting vulnerabilities. To ensure that potential vulnerabilities are addressed properly, please follow these guidelines:
1. Contact members of the team over E2EE private message.
1. **Contact members of the team directly** over E2EE private message.
- [@jade:ellis.link](https://matrix.to/#/@jade:ellis.link)
- [@nex:nexy7574.co.uk](https://matrix.to/#/@nex:nexy7574.co.uk) <!-- ? -->
2. **Email the security team** directly at [security@continuwuity.org](mailto:security@continuwuity.org). This is not E2EE, so don't include sensitive details.
2. **Email the security team** at [security@continuwuity.org](mailto:security@continuwuity.org). This is not E2EE, so don't include sensitive details.
3. **Do not disclose the vulnerability publicly** until it has been addressed
4. **Provide detailed information** about the vulnerability, including:
- A clear description of the issue
@ -48,7 +48,7 @@ When you report a security vulnerability:
When security vulnerabilities are identified:
1. We will develop and test fixes in a private branch
1. We will develop and test fixes in a private fork
2. Security updates will be released as soon as possible
3. Release notes will include information about the vulnerabilities, avoiding details that could facilitate exploitation where possible
4. Critical security updates may be backported to the previous stable release

4
src/admin/debug/mod.rs
View file

@ -125,13 +125,13 @@ pub(super) enum DebugCommand {
reset: bool,
},
/// - Verify json signatures
/// - Sign JSON blob
///
/// This command needs a JSON blob provided in a Markdown code block below
/// the command.
SignJson,
/// - Verify json signatures
/// - Verify JSON signatures
///
/// This command needs a JSON blob provided in a Markdown code block below
/// the command.

51
src/api/client/room/event.rs
View file

@ -1,7 +1,7 @@
use axum::extract::State;
use conduwuit::{Err, Event, Result, err};
use conduwuit::{Err, Event, PduEvent, Result, err};
use futures::{FutureExt, TryFutureExt, future::try_join};
use ruma::api::client::room::get_room_event;
use ruma::api::client::{error::ErrorKind, room::get_room_event};
use crate::{Ruma, client::is_ignored_pdu};
@ -14,6 +14,7 @@ pub(crate) async fn get_room_event_route(
) -> Result<get_room_event::v3::Response> {
let event_id = &body.event_id;
let room_id = &body.room_id;
let sender_user = body.sender_user();
let event = services
.rooms
@ -33,6 +34,52 @@ pub(crate) async fn get_room_event_route(
return Err!(Request(Forbidden("You don't have permission to view this event.")));
}
let include_unredacted_content = body
.include_unredacted_content // User's file has this field name
.unwrap_or(false);
if include_unredacted_content && event.is_redacted() {
let is_server_admin = services
.users
.is_admin(sender_user)
.map(|is_admin| Ok(is_admin));
let can_redact_privilege = services
.rooms
.state_accessor
.user_can_redact(event_id, sender_user, room_id, false) // federation=false for local check
;
let (is_server_admin, can_redact_privilege) =
try_join(is_server_admin, can_redact_privilege).await?;
if !is_server_admin && !can_redact_privilege {
return Err!(Request(Forbidden(
"You don't have permission to view redacted content.",
)));
}
let pdu_id = match services.rooms.timeline.get_pdu_id(event_id).await {
| Ok(id) => id,
| Err(e) => {
return Err(e);
},
};
let original_content = services
.rooms
.timeline
.get_original_pdu_content(&pdu_id)
.await?;
if let Some(original_content) = original_content {
// If the original content is available, we can return it.
// event.content = to_raw_value(&original_content)?;
event = PduEvent::from_id_val(event_id, original_content)?;
} else {
return Err(conduwuit::Error::BadRequest(
ErrorKind::UnredactedContentDeleted { content_keep_ms: None },
"The original unredacted content is not in the database.",
));
}
}
debug_assert!(
event.event_id() == event_id && event.room_id() == room_id,
"Fetched PDU must match requested"

1
src/api/client/unversioned.rs
View file

@ -40,6 +40,7 @@ pub(crate) async fn get_supported_versions_route(
"v1.11".to_owned(),
],
unstable_features: BTreeMap::from_iter([
("fi.mau.msc2815".to_owned(), true),
("org.matrix.e2e_cross_signing".to_owned(), true),
("org.matrix.msc2285.stable".to_owned(), true), /* private read receipts (https://github.com/matrix-org/matrix-spec-proposals/pull/2285) */
("uk.half-shot.msc2666.query_mutual_rooms".to_owned(), true), /* query mutual rooms (https://github.com/matrix-org/matrix-spec-proposals/pull/2666) */

9
src/core/config/check.rs
View file

@ -219,6 +219,15 @@ pub fn check(config: &Config) -> Result {
));
}
// Check if support contact information is configured
if config.well_known.support_email.is_none() && config.well_known.support_mxid.is_none() {
warn!(
"No support contact information (support_email or support_mxid) is configured in \
the well_known section. Users in the admin room will be automatically listed as \
support contacts in the /.well-known/matrix/support endpoint."
);
}
if config
.url_preview_domain_contains_allowlist
.contains(&"*".to_owned())

9
src/database/maps.rs
View file

@ -121,6 +121,15 @@ pub(super) static MAPS: &[Descriptor] = &[
index_size: 512,
..descriptor::SEQUENTIAL
},
Descriptor {
name: "pduid_originalcontent",
cache_disp: CacheDisp::SharedWith("pduid_pdu"),
key_size_hint: Some(16),
val_size_hint: Some(1520),
block_size: 2048,
index_size: 512,
..descriptor::RANDOM
},
Descriptor {
name: "publicroomids",
..descriptor::RANDOM_SMALL

21
src/service/rooms/timeline/data.rs
View file

@ -19,6 +19,8 @@ pub(super) struct Data {
pduid_pdu: Arc<Map>,
userroomid_highlightcount: Arc<Map>,
userroomid_notificationcount: Arc<Map>,
/// Stores the original content of redacted PDUs.
pduid_originalcontent: Arc<Map>,
pub(super) db: Arc<Database>,
services: Services,
}
@ -38,6 +40,7 @@ impl Data {
pduid_pdu: db["pduid_pdu"].clone(),
userroomid_highlightcount: db["userroomid_highlightcount"].clone(),
userroomid_notificationcount: db["userroomid_notificationcount"].clone(),
pduid_originalcontent: db["pduid_originalcontent"].clone(), // Initialize new table
db: args.db.clone(),
services: Services {
short: args.depend::<rooms::short::Service>("rooms::short"),
@ -177,6 +180,24 @@ impl Data {
self.pduid_pdu.get(pdu_id).await.deserialized()
}
/// Stores the original content of a PDU that is about to be redacted.
pub(super) async fn store_redacted_pdu_content(
&self,
pdu_id: &RawPduId,
pdu_json: &CanonicalJsonObject,
) -> Result<()> {
self.pduid_originalcontent.raw_put(pdu_id, Json(pdu_json));
Ok(())
}
/// Returns the original content of a redacted PDU.
pub(super) async fn get_original_pdu_content(
&self,
pdu_id: &RawPduId,
) -> Result<Option<CanonicalJsonObject>> {
self.pduid_originalcontent.get(pdu_id).await.deserialized()
}
pub(super) async fn append_pdu(
&self,
pdu_id: &RawPduId,

37
src/service/rooms/timeline/mod.rs
View file

@ -260,6 +260,25 @@ impl Service {
self.db.replace_pdu(pdu_id, pdu_json, pdu).await
}
/// Stores the content of a to-be redacted pdu.
#[tracing::instrument(skip(self), level = "debug")]
pub async fn store_redacted_pdu_content(
&self,
pdu_id: &RawPduId,
pdu_json: &CanonicalJsonObject,
) -> Result<()> {
self.db.store_redacted_pdu_content(pdu_id, pdu_json).await
}
/// Returns the original content of a redacted PDU.
#[tracing::instrument(skip(self), level = "debug")]
pub async fn get_original_pdu_content(
&self,
pdu_id: &RawPduId,
) -> Result<Option<CanonicalJsonObject>> {
self.db.get_original_pdu_content(pdu_id).await
}
/// Creates a new persisted data unit and adds it to a room.
///
/// By this point the incoming event should be fully authenticated, no auth
@ -472,7 +491,7 @@ impl Service {
.user_can_redact(redact_id, &pdu.sender, &pdu.room_id, false)
.await?
{
self.redact_pdu(redact_id, pdu, shortroomid).await?;
self.redact_pdu(redact_id, pdu, shortroomid, true).await?;
}
}
},
@ -485,7 +504,7 @@ impl Service {
.user_can_redact(redact_id, &pdu.sender, &pdu.room_id, false)
.await?
{
self.redact_pdu(redact_id, pdu, shortroomid).await?;
self.redact_pdu(redact_id, pdu, shortroomid, true).await?;
}
}
},
@ -1033,6 +1052,7 @@ impl Service {
event_id: &EventId,
reason: &PduEvent,
shortroomid: ShortRoomId,
keep_original_content: bool,
) -> Result {
// TODO: Don't reserialize, keep original json
let Ok(pdu_id) = self.get_pdu_id(event_id).await else {
@ -1054,6 +1074,19 @@ impl Service {
let room_version_id = self.services.state.get_room_version(&pdu.room_id).await?;
if keep_original_content && !pdu.is_redacted() {
let original_pdu_json = utils::to_canonical_object(&pdu).map_err(|e| {
err!(Database(error!(
?event_id,
?e,
"Failed to convert PDU to canonical JSON for original content storage"
)))
})?;
self.db
.store_redacted_pdu_content(&pdu_id, &original_pdu_json)
.await?;
}
pdu.redact(&room_version_id, reason)?;
let obj = utils::to_canonical_object(&pdu).map_err(|e| {