Commit graph

8961 commits

Author SHA1 Message Date
Floatingghost 11c5838947 standardise local key id generation 2024-10-30 12:44:01 +00:00
Floatingghost d330c57cda make sure we correctly match key objects 2024-10-26 08:42:07 +01:00
Floatingghost 9d2c558f64 remove unused import 2024-10-26 07:42:43 +01:00
Floatingghost ac25b051ae remove previous "allow user routes" functionality 2024-10-26 07:28:43 +01:00
Floatingghost 58d5d9d7bf fix tests, contain object 2024-10-26 06:58:47 +01:00
Floatingghost b6e8fde4dd Merge branch 'develop' into keys-extraction 2024-10-26 06:11:29 +01:00
Floatingghost bee10eab5e correct minor zip behaviour 2024-10-26 06:11:12 +01:00
Floatingghost 13215f5f06 remove public key field 2024-10-26 05:28:55 +01:00
Floatingghost 430b376ded mix format 2024-10-26 05:05:48 +01:00
Floatingghost ccf1007883 Fix about a million tests 2024-10-26 05:05:48 +01:00
Floatingghost 6da783b84d Fix http signature plug tests 2024-10-26 05:05:48 +01:00
Floatingghost 8f322456a0 Allow unsigned fetches of a user's public key 2024-10-26 05:05:48 +01:00
Floatingghost 9c876cea21 Fix some tests 2024-10-26 05:05:48 +01:00
Floatingghost 9728e2f8f7 adjust logic to use relation :signing_key 2024-10-26 05:05:47 +01:00
Floatingghost b0f7da9ce0 remove now-unused Keys module 2024-10-26 05:05:28 +01:00
Floatingghost fc99c694e6 Add signing key modules 2024-10-26 05:05:28 +01:00
Floatingghost cbd236aeb5 mix format 2024-10-26 05:04:20 +01:00
TudbuT 8b5aca9619
fix fs error while unpacking frontends 2024-10-18 14:50:28 +02:00
floatingghost f101886709 Merge pull request 'Federate emoji as anonymous objects' (#815) from Oneric/akkoma:emoji-id into develop
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/815
2024-10-16 14:58:46 +00:00
Oneric d5b0720596 Allow cross-domain redirects on AP requests
Since we now remember the final location redirects lead to
and use it for all further checks since
3e134b07fa, these redirects
can no longer be exploited to serve counterfeit objects.

This fixes:
 - display URLs from independent webapp clients
   redirecting to the canonical domain
 - Peertube display URLs for remote content
   (acting like the above)
2024-10-14 01:42:51 +02:00
Oneric 940792f8ba Refetch on AP ID mismatch
As hinted at in the commit message when strict checking
was added in 8684964c5d,
refetching is more robust than display URL comparison
but in exchange is harder to implement correctly.

A similar refetch approach is also employed by
e.g. Mastodon, IceShrimp and FireFish.

To make sure no checks can be bypassed by forcing
a refetch, id checking is placed at the very end.

This will fix:
 - Peertube display URL arrays our transmogrifier fails to normalise
 - non-canonical display URLs from alternative frontends
   (theoretical; we didnt’t get any actual reports about this)

It will also be helpful in the planned key handling overhaul.

The modified user collision test was introduced in
https://git.pleroma.social/pleroma/pleroma/-/merge_requests/461
and unfortunately the issues this fixes aren’t public.
Afaict it was just meant to guard against someone serving
faked data belonging to an unrelated domain. Since we now
refetch and the id actually is mocked, lookup now succeeds
but will use the real data from the authorative server
making it unproblematic. Instead modify the fake data further
and make sure we don’t end up using the spoofed version.
2024-10-14 01:42:43 +02:00
floatingghost 3bb31117e6 Merge pull request 'Handle domain mutes on the backend' (#804) from domain-mute-backend-processing into develop
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/804
2024-08-20 10:32:47 +00:00
Floatingghost 2c5c531c35 readd comment about domain mutes 2024-08-20 11:05:36 +01:00
Oneric 4ff5293093 Federate emoji as anonymous objects
Usually an id should point to another AP object
and the image file isn’t an AP object. We currently
do not provide standalone AP objects for emoji and
don't keep track of remote emoji at all.
Thus just federate them as anonymous objects,
i.e. objects only existing within a parent context
and using an explicit null id.

IceShrimp.NET previously adopted anonymous objects
for remote emoji without any apparent issues. See:
333611f65e

Fixes: https://akkoma.dev/AkkomaGang/akkoma/issues/694
2024-06-23 20:46:59 +02:00
floatingghost f66135ed08 Merge pull request 'Avoid accumulation of stale data in websockets' (#806) from Oneric/akkoma:websocket_fullsweep into develop
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/806
Reviewed-by: floatingghost <hannah@coffee-and-dreams.uk>
2024-06-23 02:19:36 +00:00
Oneric 13e2a811ec Avoid accumulation of stale data in websockets
We’ve received reports of some specific instances slowly accumulating
more and more binary data over time up to OOMs and globally setting
ERL_FULLSWEEP_AFTER=0 has proven to be an effective countermeasure.
However, this incurs increased cpu perf costs everywhere and is
thus not suitable to apply out of the box.

Apparently long-lived Phoenix websocket processes are known to
often cause exactly this by getting into a state unfavourable
for the garbage collector.
Therefore it seems likely affected instances are using timeline
streaming and do so in just the right way to trigger this. We
can tune the garbage collector just for websocket processes
and use a more lenient value of 20 to keep the added perf cost
in check.

Testing on one affected instance appears to confirm this theory

Ref.:
  https://www.erlang.org/doc/man/erlang#ghlink-process_flag-2-idp226
  https://blog.guzman.codes/using-phoenix-channels-high-memory-usage-save-money-with-erlfullsweepafter
  https://git.pleroma.social/pleroma/pleroma/-/merge_requests/4060

Tested-by: bjo
2024-06-22 22:22:33 +02:00
Oneric c3069b9478 cosmetic: fix elixir 1.17 compiler warnings in main application 2024-06-19 01:49:59 +02:00
floatingghost 5992e8bb16 Merge pull request 'Update http-signatures dep, allow created header' (#800) from created-pseudoheader into develop
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/800
2024-06-17 21:52:59 +00:00
Floatingghost 57273754b7 we may as well handle (expires) as well 2024-06-17 22:30:14 +01:00
Oneric bf8f493ffd Remove proxy_remote vestiges
Ever since 364b6969eb
this setting wasn't used by the backend and a noop.
The stated usecase is better served by setting the base_url
to a local subdomain and using proxying in nginx/Caddy/...
2024-06-16 01:21:52 +02:00
Floatingghost 3b197503d2 me me stupid person 2024-06-15 15:30:02 +01:00
Floatingghost c0b2bba55e revert subdomain change until i can look at why i did that 2024-06-15 15:14:42 +01:00
Floatingghost 4b765b1886 mix format 2024-06-15 15:06:28 +01:00
Floatingghost cba2c5725f Filter emoji reaction accounts by domain blocks 2024-06-15 15:05:52 +01:00
Floatingghost 2b96c3b224 Update http-signatures dep, allow created header 2024-06-12 18:40:44 +01:00
floatingghost b03edb4ff4 Merge pull request 'Fix StealEmoji’s max size check' (#793) from Oneric/akkoma:emojistealer_contentlength into develop
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/793
2024-06-12 17:09:05 +00:00
Floatingghost 4d6fb43cbd No need to spawn() any more 2024-06-12 02:09:24 +01:00
Floatingghost ad52135bf5 Convert rich media backfill to oban task 2024-06-11 18:06:51 +01:00
Floatingghost 9c5feb81aa fix tests 2024-06-09 21:26:29 +01:00
Floatingghost a360836ce3 fix oembed test 2024-06-09 21:17:12 +01:00
Floatingghost 840c70c4fa remove prints 2024-06-09 18:52:09 +01:00
Floatingghost c65379afea attempt to fix some tests 2024-06-09 18:45:38 +01:00
Floatingghost 16bed0562d Fix tests 2024-06-09 18:28:00 +01:00
Mark Felder a801dd7b07 Fix module struct matching 2024-06-09 17:38:28 +01:00
Mark Felder 1e86da43f5 Credo 2024-06-09 17:38:24 +01:00
Mark Felder 411831458c Credo 2024-06-09 17:38:18 +01:00
Mark Felder 56463b2121 Fix compile warning
warning: "else" clauses will never match because all patterns in "with" will always match
  lib/pleroma/web/rich_media/parser/ttl/opengraph.ex:10
2024-06-09 17:38:12 +01:00
Mark Felder 2f5eb79473 Mastodon API: Remove deprecated GET /api/v1/statuses/:id/card endpoint
Removed back in 2019

https://github.com/mastodon/mastodon/pull/11213
2024-06-09 17:38:06 +01:00
Mark Felder 4746f98851 Fix broken Rich Media parsing when the image URL is a relative path 2024-06-09 17:36:28 +01:00
Mark Felder 765c7e98d2 Respect the TTL returned in OpenGraph tags 2024-06-09 17:36:15 +01:00