1
0
Fork 0
forked from fedi/mastodon
mastodon/app/services
ThibG f29918e707 [WiP] Whenever a remote keypair changes, unfollow them and re-subscribe to … (#4907)
* Whenever a remote keypair changes, unfollow them and re-subscribe to them

In Mastodon (it could be different for other OStatus or AP-enabled software),
a keypair change is indicative of whole user (or instance) data loss. In this
situation, the “new” user might be different, and almost certainly has an empty
followers list. In this case, Mastodon instances will disagree on follower
lists, leading to unreliable delivery and “shadow followers”, that is users
believed by a remote instance to be followers, without the affected user
knowing.

Drawbacks of this change are:
1. If an user legitimately changes public key for some reason without losing
   data (not possible in Mastodon at the moment), they will have their remote
   followers unsubscribed/re-subscribed needlessly.
2. Depending of the number of remote followers, this may generate quite some
   traffic.
3. If the user change is an attempt at usurpation, the remote followers will
   unknowingly follow the usurper. Note that this is *not* a change of
   behavior, Mastodon already behaves like that, although delivery might be
   unreliable, and the usurper would not have known the former user's
   followers.

* Rename ResubscribeWorker to RefollowWorker

* Process followers in batches
2017-09-12 23:10:40 +02:00
..
activitypub [WiP] Whenever a remote keypair changes, unfollow them and re-subscribe to … (#4907) 2017-09-12 23:10:40 +02:00
concerns Correct OStatus inflection (Ostatus -> OStatus) (#4255) 2017-07-19 01:37:26 +02:00
pubsubhubbub Fix #2672 - Connect signed PuSH subscription requests to instance domain (#4205) 2017-07-14 23:01:20 +02:00
account_search_service.rb Fix an error when a user tries to search nonexistent remote user (regression from #4275) (#4400) 2017-07-27 15:11:59 +02:00
after_block_service.rb Optimize MuteService and AfterBlockService (#2836) 2017-05-06 16:31:07 +02:00
authorize_follow_service.rb Add handling of Linked Data Signatures in payloads (#4687) 2017-08-26 13:47:38 +02:00
base_service.rb Remove unused AtomBuilderHelper (#1364) 2017-04-11 19:31:22 +02:00
batched_remove_status_service.rb Serialize ActivityPub alternate link into OStatus deletes, handle it (#4730) 2017-08-29 16:11:05 +02:00
block_domain_from_account_service.rb Add buttons to block and unblock domain (#3127) 2017-05-19 21:05:32 +02:00
block_domain_service.rb Do not try to re-subscribe to unsubscribed accounts (#4653) 2017-08-21 17:32:41 +02:00
block_service.rb Add handling of Linked Data Signatures in payloads (#4687) 2017-08-26 13:47:38 +02:00
bootstrap_timeline_service.rb Default follows for new users (#4871) 2017-09-10 09:58:38 +02:00
fan_out_on_write_service.rb Refactor JSON templates to be generated with ActiveModelSerializers instead of Rabl (#4090) 2017-07-07 04:02:06 +02:00
favourite_service.rb Add handling of Linked Data Signatures in payloads (#4687) 2017-08-26 13:47:38 +02:00
fetch_atom_service.rb Fix accessing to XML attribute in FetchAtomService (#4668) 2017-08-23 12:25:57 +02:00
fetch_link_card_service.rb Make PreviewCard records reuseable between statuses (#4642) 2017-09-01 16:20:16 +02:00
fetch_remote_account_service.rb Add support for searching AP users (#4599) 2017-08-14 14:08:34 +02:00
fetch_remote_resource_service.rb Add support for searching AP users (#4599) 2017-08-14 14:08:34 +02:00
fetch_remote_status_service.rb Add support for searching AP users (#4599) 2017-08-14 14:08:34 +02:00
follow_service.rb Default follows for new users (#4871) 2017-09-10 09:58:38 +02:00
mute_service.rb Optimize MuteService and AfterBlockService (#2836) 2017-05-06 16:31:07 +02:00
notify_service.rb Fix #4172 - Mutes now block notifications (#4300) 2017-07-22 16:36:36 +02:00
post_status_service.rb Fix #4850 - When visibility missing from API call to toot, fallback to user preference (#4861) 2017-09-09 02:02:29 +02:00
precompute_feed_service.rb Fix PrecomputeFeedService for filtered statuses (#4148) 2017-07-11 01:00:01 +02:00
process_feed_service.rb Fix logging in ProcessFeedService (#4270) 2017-07-19 16:02:03 +02:00
process_hashtags_service.rb Unify the method of extracting tags (#3138) 2017-05-19 20:19:14 +02:00
process_interaction_service.rb Make "unfollow" undo pending outgoing follow request too (#4781) 2017-09-02 20:44:41 +02:00
process_mentions_service.rb Fix mentions in direct statuses not being delivered via AP (#4806) 2017-09-05 20:55:25 +02:00
reblog_service.rb Avoid sending some ActivityPub payloads if the receiver will get them through distribution (#4739) 2017-09-01 21:26:01 +02:00
reject_follow_service.rb Add handling of Linked Data Signatures in payloads (#4687) 2017-08-26 13:47:38 +02:00
remove_status_service.rb Serialize ActivityPub alternate link into OStatus deletes, handle it (#4730) 2017-08-29 16:11:05 +02:00
resolve_remote_account_service.rb [WiP] Whenever a remote keypair changes, unfollow them and re-subscribe to … (#4907) 2017-09-12 23:10:40 +02:00
search_service.rb Add specs (and refactor) of FetchRemoteResourceService and SearchService (#2812) 2017-05-05 17:26:04 +02:00
send_interaction_service.rb Fix webfinger retries (#4275) 2017-07-20 01:59:07 +02:00
subscribe_service.rb Guarantee Subscription service first account has proper URL details (#4732) 2017-08-31 15:44:00 +02:00
suspend_account_service.rb Fix account delete form not accepting password, update suspended (#3745) 2017-06-14 20:30:12 +02:00
unblock_domain_service.rb Allow domain blocks that only reject media without silencing or suspending (#4325) 2017-07-24 14:26:55 +02:00
unblock_service.rb Add handling of Linked Data Signatures in payloads (#4687) 2017-08-26 13:47:38 +02:00
unfavourite_service.rb Add handling of Linked Data Signatures in payloads (#4687) 2017-08-26 13:47:38 +02:00
unfollow_service.rb Make "unfollow" undo pending outgoing follow request too (#4781) 2017-09-02 20:44:41 +02:00
unmute_service.rb Fix #231 - Muting 2017-03-02 18:49:32 +01:00
unsubscribe_service.rb Fix errors preventing UnsubscribeService from working (#4866) 2017-09-09 17:36:27 +02:00
update_account_service.rb authorize-follow-requests-after-unlocking (#4658) 2017-08-26 12:40:03 +02:00
update_remote_profile_service.rb Account deletion (#3728) 2017-06-14 18:01:27 +02:00
verify_salmon_service.rb Fix #2706 - Always respond with 200 to PuSH payloads (#2733) 2017-05-03 17:02:18 +02:00