backups/grapevine
1
0
Fork 0
mirror of https://gitlab.computer.surgery/matrix/grapevine.git synced 2025-12-17 07:41:23 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Include old verify keys in _matrix/key/v2/server response

Browse source
This commit is contained in:
Lambda 2024-09-13 16:50:11 +00:00
parent 296824fef4
commit 3bb4a25c1d
1 changed files with 24 additions and 20 deletions
Download patch file Download diff file Expand all files Collapse all files

44
src/api/server_server.rs
View file

@ -4,7 +4,7 @@ use std::{
mem, mem,
net::{IpAddr, SocketAddr}, net::{IpAddr, SocketAddr},
sync::Arc, sync::Arc,
time::{Duration, Instant, SystemTime}, time::Instant,
}; };
use axum::{response::IntoResponse, Json}; use axum::{response::IntoResponse, Json};
@ -22,7 +22,6 @@ use ruma::{
directory::{get_public_rooms, get_public_rooms_filtered}, directory::{get_public_rooms, get_public_rooms_filtered},
discovery::{ discovery::{
get_server_keys, get_server_version, ServerSigningKeys, get_server_keys, get_server_version, ServerSigningKeys,
VerifyKey,
}, },
event::{ event::{
get_event, get_missing_events, get_room_state, get_event, get_missing_events, get_room_state,
@ -70,7 +69,10 @@ use super::appservice_server;
use crate::{ use crate::{
api::client_server::{self, claim_keys_helper, get_keys_helper}, api::client_server::{self, claim_keys_helper, get_keys_helper},
observability::{FoundIn, Lookup, METRICS}, observability::{FoundIn, Lookup, METRICS},
service::pdu::{gen_event_id_canonical_json, PduBuilder}, service::{
globals::SigningKeys,
pdu::{gen_event_id_canonical_json, PduBuilder},
},
services, services,
utils::{self, dbg_truncate_str, MxcData}, utils::{self, dbg_truncate_str, MxcData},
Ar, Error, PduEvent, Ra, Result, Ar, Error, PduEvent, Ra, Result,
@ -577,29 +579,31 @@ pub(crate) async fn get_server_version_route(
// Response type for this endpoint is Json because we need to calculate a // Response type for this endpoint is Json because we need to calculate a
// signature for the response // signature for the response
pub(crate) async fn get_server_keys_route() -> Result<impl IntoResponse> { pub(crate) async fn get_server_keys_route() -> Result<impl IntoResponse> {
let mut verify_keys: BTreeMap<OwnedServerSigningKeyId, VerifyKey> = fn convert_key_ids<K>(
BTreeMap::new(); keys: BTreeMap<String, K>,
verify_keys.insert( ) -> BTreeMap<OwnedServerSigningKeyId, K> {
format!("ed25519:{}", services().globals.keypair().version()) keys.into_iter()
.try_into() .map(|(id, key)| {
.expect("found invalid server signing keys in DB"), let id = id
VerifyKey { .try_into()
key: Base64::new( .expect("found invalid server signing keys in DB");
services().globals.keypair().public_key().to_vec(), (id, key)
), })
}, .collect()
); }
let keys = SigningKeys::load_own_keys();
let verify_keys = convert_key_ids(keys.verify_keys);
let old_verify_keys = convert_key_ids(keys.old_verify_keys);
let mut response = serde_json::from_slice( let mut response = serde_json::from_slice(
get_server_keys::v2::Response { get_server_keys::v2::Response {
server_key: Raw::new(&ServerSigningKeys { server_key: Raw::new(&ServerSigningKeys {
server_name: services().globals.server_name().to_owned(), server_name: services().globals.server_name().to_owned(),
verify_keys, verify_keys,
old_verify_keys: BTreeMap::new(), old_verify_keys,
signatures: BTreeMap::new(), signatures: BTreeMap::new(),
valid_until_ts: MilliSecondsSinceUnixEpoch::from_system_time( valid_until_ts: keys.valid_until_ts,
SystemTime::now() + Duration::from_secs(86400 * 7),
)
.expect("time is valid"),
}) })
.expect("static conversion, no errors"), .expect("static conversion, no errors"),
} }