backups/grapevine
1
0
Fork 0
mirror of https://gitlab.computer.surgery/matrix/grapevine.git synced 2025-12-17 07:41:23 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
2590 commits 35 branches 1 tag 23 MiB
Commit graph

45 commits

Author SHA1 Message Date
Lambda
5a5bea3217 cargo update ruma httparse 
This adds authenticated media APIs.
 2024-09-01 09:42:45 +00:00
Charles Hall
f5e10f5a8f
fix api/ruma_wrapper/axum events 2024-07-16 11:12:07 -07:00
Matthias Ahouansou
9087da91db
fix(keys): only use keys valid at the time of PDU or transaction, and actually refresh keys 
Previously, we only fetched keys once, only requesting them again if we have any missing, allowing for ancient keys to be used to sign PDUs and transactions
Now we refresh keys that either have or are about to expire, preventing attacks that make use of leaked private keys of a homeserver
We also ensure that when validating PDUs or transactions, that they are valid at the origin_server_ts or time of us receiving the transaction respectfully
As to not break event authorization for old rooms, we need to keep old keys around
We move verify_keys which we no longer see in direct requests to the origin to old_verify_keys
We keep old_verify_keys indefinitely as mentioned above, as to not break event authorization (at least until a future MSC addresses this)

Original patch by Matthias. Benjamin just rebased it onto grapevine and
fixed clippy/rustc warnings.

Co-authored-by: Benjamin Lee <benjamin@computer.surgery>
 2024-06-12 11:10:50 -07:00
Lambda
c6f75a1b93
Add tracing span for Ar::from_request() 
The fact that this is called for every request is somewhat obscured, it
should be obvious in tracing at least.
 2024-06-04 13:32:32 -07:00
Lambda
148df18989
Stop debug-logging every incoming request 2024-06-04 13:32:31 -07:00
Lambda
5c39c7c5ff Use destination field in X-Matrix Authorization header 
Both validating and sending it is a MUST since Matrix v1.3.
 2024-06-03 20:50:49 +00:00
Lambda
62dd097f49 Use Ruma XMatrix type instead of rolling our own 
Both the hand-rolled parser and serialization were wrong in countless
ways. The current Ruma parser is much better, and the Ruma serialization
will be fixed by https://github.com/ruma/ruma/pull/1830.
 2024-06-03 20:50:49 +00:00
Lambda
bf1d54defc axum: factor out non-generic parts of request conversion 
This saves ~10% in binary size!
 2024-05-31 10:42:47 +00:00
Charles Hall
8f0fdfb2f2
upgrade all cargo dependencies 
Unfortunately we need to pull tracing-opentelemetry from git because
there hasn't been a release including the dependency bump on the other
opentelemetry crates.
 2024-05-26 19:47:00 -07:00
Charles Hall
793d809ac6
enable unused_qualifications lint 2024-05-26 19:47:00 -07:00
Charles Hall
f8961d5578
rename Ruma to Ar 
This follows the pattern of the previous commit.
 2024-05-19 19:04:20 -07:00
Charles Hall
7ea98dac72
rename RumaResponse to Ra 
It's very commonly used so having a short name is worthwhile, I think.
 2024-05-19 19:03:45 -07:00
Charles Hall
0afc1d2f50
change rustfmt configuration 
This change is fully automated, except the `rustfmt.toml` changes and
a few clippy directives to allow specific functions with too many lines
because they are longer now.
 2024-05-16 19:11:40 -07:00
Charles Hall
1911ad34d9
stop putting comments and code on the same line 2024-05-16 15:22:35 -07:00
Charles Hall
baab928281
enable too_many_lines lint 
And just disable it everywhere it fires, I know.
 2024-05-14 20:01:24 -07:00
Charles Hall
5c9967f89c
enable inconsistent_struct_constructor lint 2024-05-14 19:59:43 -07:00
Charles Hall
ebae8ceeb0
enable implicit_clone lint 2024-05-14 19:59:43 -07:00
Charles Hall
71c48f66c4
enable as_conversions lint 
There were some very, uh, creative (and inconsistent) ways to convert
between numeric types in here...
 2024-05-12 18:51:26 -07:00
Charles Hall
360e020b64
rename conduit to grapevine 2024-04-30 21:54:56 -07:00
Matthias Ahouansou
3086271139
feat(appservice): ensure users/aliases outside of namespaces are not accessed 2024-04-24 19:51:28 +01:00
Matthias Ahouansou
6c9c1b5afe
fix(appservices): don't perform identity assertion when auth is optional 2024-04-22 10:33:12 +01:00
Timo Kösters
1474b94db6 Merge branch 'disable-federation-router' into 'next' 
refactor: disable federation at the router level

See merge request famedly/conduit!629
 2024-04-20 20:28:52 +00:00
Matthias Ahouansou
54e0e2a14c
fix(appservices): don't use identity assertion on account management endpoints 2024-04-15 19:16:18 +01:00
Matthias Ahouansou
475a68cbb9
refactor: disable federation at the router level 2024-04-13 10:39:32 +01:00
Matthias Ahouansou
0d62c9de7c
fix: ignore access tokens where they are not needed 2024-04-02 17:19:59 +01:00
Matthias Ahouansou
5c634ceb6b
fix: reject requests with authentication when not used 2024-03-30 16:50:21 +00:00
Timo Kösters
9176474513 Merge branch 'ruma-registration-type' into 'next' 
fix: don't panic if registration url is empty

See merge request famedly/conduit!583
 2024-03-23 15:33:01 +00:00
Matthias Ahouansou
b20483aa13
refactor(appservices): avoid cloning frequently 2024-03-22 20:53:27 +00:00
Timo Kösters
0bb28f60cf
refactor: minor appservice code cleanup 2024-03-22 08:59:36 +01:00
Matthias Ahouansou
5f0bea6961
refactor: check if federation is disabled inside the authcheck where possible 2024-03-18 09:24:37 +00:00
Matthias Ahouansou
fa930182ae
fix(appservices): don't panic on empty registration url 
perf(appservices): cache regex for namespaces
 2024-03-10 13:27:48 +00:00
girlbossceo
1f867a2c86 Only print raw malformed JSON body in debug level 
Signed-off-by: girlbossceo <june@girlboss.ceo>
 2023-07-29 14:29:26 +00:00
Jonas Platte
0ded637b4a
Upgrade axum to 0.6 2023-06-29 11:20:52 +02:00
Kévin Commaille
f53ecaa97d
Bump Ruma 2023-03-18 15:03:56 +01:00
Jonathan de Jong
b158896396 Merge remote-tracking branch 'origin/next' into complement-improvements 2023-01-26 18:19:39 +01:00
Nyaaori
c86313d4fa
chore: code cleanup 
https://rust-lang.github.io/rust-clippy/master/index.html#op_ref

https://rust-lang.github.io/rust-clippy/master/index.html#str_to_string

https://rust-lang.github.io/rust-clippy/master/index.html#needless_lifetimes
 2022-12-21 10:42:12 +01:00
Jonathan de Jong
215d909e59 More debug info when try_from_http_request fails 2022-10-17 18:41:59 +02:00
Timo Kösters
ac52b234fa
fix: all the e2ee problems 2022-10-13 10:15:35 +02:00
Timo Kösters
076e9810ba
cargo fix 2022-10-10 14:02:04 +02:00
Timo Kösters
6b131202b9
Bump ruma 2022-10-10 14:02:04 +02:00
Timo Kösters
f47a5cd5d5
cargo fix 2022-10-10 14:02:01 +02:00
Timo Kösters
a4637e2ba1
cargo fmt 2022-10-10 14:02:01 +02:00
Timo Kösters
face766e0f
messing with trait objects 2022-10-10 14:02:00 +02:00
Timo Kösters
057f8364cc
fix: some compile time errors 
Only 174 errors left!
 2022-10-10 13:25:01 +02:00
Timo Kösters
025b64befc
refactor: renames and split room.rs 2022-08-15 16:30:34 +02:00
Renamed from src/ruma_wrapper/axum.rs (Browse further)