mirror
/
conduit
mirror of https://gitlab.com/famedly/conduit.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Merge branch 'bump-ruma' into 'next' 

chore: bump all dependencies

See merge request famedly/conduit!627
merge-requests/674/merge
Timo Kösters 2 years ago
parent
a36ccff06a ba2a5a6115
commit
dd19877528
23 changed files with 951 additions and 680 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 1267
      Cargo.lock
  2. 70
      Cargo.toml
  3. 2
      src/api/client_server/account.rs
  4. 2
      src/api/client_server/context.rs
  5. 6
      src/api/client_server/membership.rs
  6. 2
      src/api/client_server/message.rs
  7. 6
      src/api/client_server/room.rs
  8. 2
      src/api/client_server/search.rs
  9. 8
      src/api/client_server/session.rs
  10. 10
      src/api/client_server/state.rs
  11. 42
      src/api/client_server/sync.rs
  12. 2
      src/api/client_server/typing.rs
  13. 109
      src/api/ruma_wrapper/axum.rs
  14. 14
      src/api/server_server.rs
  15. 2
      src/database/key_value/uiaa.rs
  16. 25
      src/main.rs
  17. 27
      src/service/globals/mod.rs
  18. 5
      src/service/rooms/auth_chain/mod.rs
  19. 6
      src/service/rooms/event_handler/mod.rs
  20. 2
      src/service/rooms/spaces/mod.rs
  21. 16
      src/service/rooms/timeline/mod.rs
  22. 4
      src/service/uiaa/mod.rs
  23. 2
      src/utils/error.rs

1267
Cargo.lock generated
View File

File diff suppressed because it is too large Load Diff

70
Cargo.toml
Unescape View File

@ -28,43 +28,24 @@ workspace = true
[dependencies]
# Web framework
axum = { version = "0.6.18", default-features = false, features = [
axum = { version = "0.7", default-features = false, features = [
"form",
"headers",
"http1",
"http2",
"json",
"matched-path",
], optional = true }
axum-server = { version = "0.5.1", features = ["tls-rustls"] }
axum-extra = { version = "0.9", features = ["typed-header"] }
axum-server = { version = "0.6", features = ["tls-rustls"] }
tower = { version = "0.4.13", features = ["util"] }
tower-http = { version = "0.4.1", features = [
tower-http = { version = "0.5", features = [
"add-extension",
"cors",
"sensitive-headers",
"trace",
"util",
] }
# Used for matrix spec type definitions and helpers
#ruma = { version = "0.4.0", features = ["compat", "rand", "appservice-api-c", "client-api", "federation-api", "push-gateway-api-c", "state-res", "unstable-pre-spec", "unstable-exhaustive-types"] }
ruma = { git = "https://github.com/ruma/ruma", rev = "c5f8137ba9741b2317313256b57e6e14b61fb419", features = [
"appservice-api-c",
"client-api",
"compat",
"federation-api",
"push-gateway-api-c",
"rand",
"ring-compat",
"server-util",
"state-res",
"unstable-exhaustive-types",
"unstable-msc2448",
"unstable-msc3575",
"unstable-unspecified",
] }
#ruma = { git = "https://github.com/timokoesters/ruma", rev = "4ec9c69bb7e09391add2382b3ebac97b6e8f4c64", features = ["compat", "rand", "appservice-api-c", "client-api", "federation-api", "push-gateway-api-c", "state-res", "unstable-msc2448", "unstable-msc3575", "unstable-exhaustive-types", "ring-compat", "unstable-unspecified" ] }
#ruma = { path = "../ruma/crates/ruma", features = ["compat", "rand", "appservice-api-c", "client-api", "federation-api", "push-gateway-api-c", "state-res", "unstable-msc2448", "unstable-msc3575", "unstable-exhaustive-types", "ring-compat", "unstable-unspecified" ] }
tower-service = "0.3"
# Async runtime and utilities
tokio = { version = "1.28.1", features = ["fs", "macros", "signal", "sync"] }
@ -75,7 +56,7 @@ persy = { version = "1.4.4", optional = true, features = ["background_ops"] }
# Used for the http request / response body type for Ruma endpoints used with reqwest
bytes = "1.4.0"
http = "0.2.9"
http = "1"
# Used to find data directory for default db path
directories = "5"
# Used for ruma wrapper
@ -89,8 +70,14 @@ rand = "0.8.5"
# Used to hash passwords
rust-argon2 = "2"
# Used to send requests
hyper = "0.14.26"
reqwest = { version = "0.11.18", default-features = false, features = [
hyper = "1.1"
hyper-util = { version = "0.1", features = [
"client",
"client-legacy",
"http1",
"http2",
] }
reqwest = { version = "0.12", default-features = false, features = [
"rustls-tls-native-roots",
"socks",
] }
@ -113,11 +100,13 @@ regex = "1.8.1"
# jwt jsonwebtokens
jsonwebtoken = "9.2.0"
# Performance measurements
opentelemetry = { version = "0.18.0", features = ["rt-tokio"] }
opentelemetry-jaeger = { version = "0.17.0", features = ["rt-tokio"] }
tracing = { version = "0.1.37", features = [] }
opentelemetry = "0.22"
opentelemetry-jaeger-propagator = "0.1"
opentelemetry-otlp = "0.15"
opentelemetry_sdk = { version = "0.22", features = ["rt-tokio"] }
tracing = "0.1.37"
tracing-flame = "0.2.0"
tracing-opentelemetry = "0.18.0"
tracing-opentelemetry = "0.23"
tracing-subscriber = { version = "0.3.17", features = ["env-filter"] }
lru-cache = "0.1.2"
@ -158,6 +147,25 @@ tikv-jemallocator = { version = "0.5.0", features = [
sd-notify = { version = "0.4.1", optional = true }
# Used for matrix spec type definitions and helpers
[dependencies.ruma]
features = [
"appservice-api-c",
"client-api",
"compat",
"federation-api",
"push-gateway-api-c",
"rand",
"ring-compat",
"server-util",
"state-res",
"unstable-exhaustive-types",
"unstable-msc2448",
"unstable-msc3575",
"unstable-unspecified",
]
git = "https://github.com/ruma/ruma"
[dependencies.rocksdb]
features = ["lz4", "multi-threaded-cf", "zstd"]
optional = true

2
src/api/client_server/account.rs
Unescape View File

@ -77,7 +77,7 @@ pub async fn get_register_available_route(
pub async fn register_route(body: Ruma<register::v3::Request>) -> Result<register::v3::Response> {
if !services().globals.allow_registration().await && body.appservice_info.is_none() {
return Err(Error::BadRequest(
ErrorKind::Forbidden,
ErrorKind::forbidden(),
"Registration has been disabled.",
));
}

2
src/api/client_server/context.rs
Unescape View File

@ -54,7 +54,7 @@ pub async fn get_context_route(
.user_can_see_event(sender_user, &room_id, &body.event_id)?
{
return Err(Error::BadRequest(
ErrorKind::Forbidden,
ErrorKind::forbidden(),
"You don't have permission to view this event.",
));
}

6
src/api/client_server/membership.rs
Unescape View File

@ -451,7 +451,7 @@ pub async fn get_member_events_route(
.user_can_see_state_events(sender_user, &body.room_id)?
{
return Err(Error::BadRequest(
ErrorKind::Forbidden,
ErrorKind::forbidden(),
"You don't have permission to view this room.",
));
}
@ -486,7 +486,7 @@ pub async fn joined_members_route(
.user_can_see_state_events(sender_user, &body.room_id)?
{
return Err(Error::BadRequest(
ErrorKind::Forbidden,
ErrorKind::forbidden(),
"You don't have permission to view this room.",
));
}
@ -1314,7 +1314,7 @@ pub(crate) async fn invite_helper<'a>(
.is_joined(sender_user, room_id)?
{
return Err(Error::BadRequest(
ErrorKind::Forbidden,
ErrorKind::forbidden(),
"You don't have permission to view this room.",
));
}

2
src/api/client_server/message.rs
Unescape View File

@ -43,7 +43,7 @@ pub async fn send_message_event_route(
&& !services().globals.allow_encryption()
{
return Err(Error::BadRequest(
ErrorKind::Forbidden,
ErrorKind::forbidden(),
"Encryption has been disabled",
));
}

6
src/api/client_server/room.rs
Unescape View File

@ -72,7 +72,7 @@ pub async fn create_room_route(
&& !services().users.is_admin(sender_user)?
{
return Err(Error::BadRequest(
ErrorKind::Forbidden,
ErrorKind::forbidden(),
"Room creation has been disabled.",
));
}
@ -522,7 +522,7 @@ pub async fn get_room_event_route(
&body.event_id,
)? {
return Err(Error::BadRequest(
ErrorKind::Forbidden,
ErrorKind::forbidden(),
"You don't have permission to view this event.",
));
}
@ -551,7 +551,7 @@ pub async fn get_room_aliases_route(
.is_joined(sender_user, &body.room_id)?
{
return Err(Error::BadRequest(
ErrorKind::Forbidden,
ErrorKind::forbidden(),
"You don't have permission to view this room.",
));
}

2
src/api/client_server/search.rs
Unescape View File

@ -43,7 +43,7 @@ pub async fn search_events_route(
.is_joined(sender_user, &room_id)?
{
return Err(Error::BadRequest(
ErrorKind::Forbidden,
ErrorKind::forbidden(),
"You don't have permission to view this room.",
));
}

8
src/api/client_server/session.rs
Unescape View File

@ -63,7 +63,7 @@ pub async fn login_route(body: Ruma<login::v3::Request>) -> Result<login::v3::Re
UserId::parse(user)
} else {
warn!("Bad login type: {:?}", &body.login_info);
return Err(Error::BadRequest(ErrorKind::Forbidden, "Bad login type."));
return Err(Error::BadRequest(ErrorKind::forbidden(), "Bad login type."));
}
.map_err(|_| Error::BadRequest(ErrorKind::InvalidUsername, "Username is invalid."))?;
@ -78,7 +78,7 @@ pub async fn login_route(body: Ruma<login::v3::Request>) -> Result<login::v3::Re
.users
.password_hash(&user_id)?
.ok_or(Error::BadRequest(
ErrorKind::Forbidden,
ErrorKind::forbidden(),
"Wrong username or password.",
))?;
@ -93,7 +93,7 @@ pub async fn login_route(body: Ruma<login::v3::Request>) -> Result<login::v3::Re
if !hash_matches {
return Err(Error::BadRequest(
ErrorKind::Forbidden,
ErrorKind::forbidden(),
"Wrong username or password.",
));
}
@ -143,7 +143,7 @@ pub async fn login_route(body: Ruma<login::v3::Request>) -> Result<login::v3::Re
UserId::parse(user)
} else {
warn!("Bad login type: {:?}", &body.login_info);
return Err(Error::BadRequest(ErrorKind::Forbidden, "Bad login type."));
return Err(Error::BadRequest(ErrorKind::forbidden(), "Bad login type."));
}
.map_err(|_| Error::BadRequest(ErrorKind::InvalidUsername, "Username is invalid."))?;

10
src/api/client_server/state.rs
Unescape View File

@ -54,7 +54,7 @@ pub async fn send_state_event_for_empty_key_route(
// Forbid m.room.encryption if encryption is disabled
if body.event_type == StateEventType::RoomEncryption && !services().globals.allow_encryption() {
return Err(Error::BadRequest(
ErrorKind::Forbidden,
ErrorKind::forbidden(),
"Encryption has been disabled",
));
}
@ -88,7 +88,7 @@ pub async fn get_state_events_route(
.user_can_see_state_events(sender_user, &body.room_id)?
{
return Err(Error::BadRequest(
ErrorKind::Forbidden,
ErrorKind::forbidden(),
"You don't have permission to view the room state.",
));
}
@ -121,7 +121,7 @@ pub async fn get_state_events_for_key_route(
.user_can_see_state_events(sender_user, &body.room_id)?
{
return Err(Error::BadRequest(
ErrorKind::Forbidden,
ErrorKind::forbidden(),
"You don't have permission to view the room state.",
));
}
@ -160,7 +160,7 @@ pub async fn get_state_events_for_empty_key_route(
.user_can_see_state_events(sender_user, &body.room_id)?
{
return Err(Error::BadRequest(
ErrorKind::Forbidden,
ErrorKind::forbidden(),
"You don't have permission to view the room state.",
));
}
@ -214,7 +214,7 @@ async fn send_state_event_for_key_helper(
.is_none()
{
return Err(Error::BadRequest(
ErrorKind::Forbidden,
ErrorKind::forbidden(),
"You are only allowed to send canonical_alias \
events when it's aliases already exists",
));

42
src/api/client_server/sync.rs
Unescape View File

@ -12,7 +12,7 @@ use ruma::{
Ephemeral, Filter, GlobalAccountData, InviteState, InvitedRoom, JoinedRoom,
LeftRoom, Presence, RoomAccountData, RoomSummary, Rooms, State, Timeline, ToDevice,
},
v4::SlidingOp,
v4::{SlidingOp, SlidingSyncRoomHero},
DeviceLists, UnreadNotificationsCount,
},
uiaa::UiaaResponse,
@ -716,7 +716,7 @@ async fn load_joined_room(
.state_cache
.is_invited(&user_id, room_id)?)
{
Ok::<_, Error>(Some(state_key.clone()))
Ok::<_, Error>(Some(user_id))
} else {
Ok(None)
}
@ -1572,7 +1572,7 @@ pub async fn sync_events_v4_route(
sender_user.clone(),
sender_device.clone(),
conn_id.clone(),
body.room_subscriptions,
body.room_subscriptions.clone(),
);
}
@ -1638,33 +1638,37 @@ pub async fn sync_events_v4_route(
.get_member(room_id, &member)
.ok()
.flatten()
.map(|memberevent| {
(
memberevent
.displayname
.unwrap_or_else(|| member.to_string()),
memberevent.avatar_url,
)
.map(|memberevent| SlidingSyncRoomHero {
user_id: member,
name: memberevent.displayname,
avatar: memberevent.avatar_url,
})
})
.take(5)
.collect::<Vec<_>>();
let name = match &heroes[..] {
[] => None,
[only] => Some(only.0.clone()),
[only] => Some(
only.name
.clone()
.unwrap_or_else(|| only.user_id.to_string()),
),
[firsts @ .., last] => Some(
firsts
.iter()
.map(|h| h.0.clone())
.map(|h| h.name.clone().unwrap_or_else(|| h.user_id.to_string()))
.collect::<Vec<_>>()
.join(", ")
+ " and "
+ &last.0,
+ &last
.name
.clone()
.unwrap_or_else(|| last.user_id.to_string()),
),
};
let avatar = if let [only] = &heroes[..] {
only.1.clone()
only.avatar.clone()
} else {
None
};
@ -1725,6 +1729,16 @@ pub async fn sync_events_v4_route(
),
num_live: None, // Count events in timeline greater than global sync counter
timestamp: None,
heroes: if body
.room_subscriptions
.get(room_id)
.map(|sub| sub.include_heroes.unwrap_or_default())
.unwrap_or_default()
{
Some(heroes)
} else {
None
},
},
);
}

2
src/api/client_server/typing.rs
Unescape View File

@ -17,7 +17,7 @@ pub async fn create_typing_event_route(
.is_joined(sender_user, &body.room_id)?
{
return Err(Error::BadRequest(
ErrorKind::Forbidden,
ErrorKind::forbidden(),
"You are not in this room.",
));
}

109
src/api/ruma_wrapper/axum.rs
Unescape View File

@ -2,13 +2,14 @@ use std::{collections::BTreeMap, iter::FromIterator, str};
use axum::{
async_trait,
body::{Full, HttpBody},
extract::{rejection::TypedHeaderRejectionReason, FromRequest, Path, TypedHeader},
headers::{authorization::Bearer, Authorization},
body::Body,
extract::{FromRequest, Path},
response::{IntoResponse, Response},
BoxError, RequestExt, RequestPartsExt,
RequestExt, RequestPartsExt,
};
use bytes::{Buf, BufMut, Bytes, BytesMut};
use axum_extra::headers::authorization::Bearer;
use axum_extra::{headers::Authorization, typed_header::TypedHeaderRejectionReason, TypedHeader};
use bytes::{BufMut, BytesMut};
use http::{Request, StatusCode};
use ruma::{
api::{client::error::ErrorKind, AuthScheme, IncomingRequest, OutgoingResponse},
@ -29,37 +30,33 @@ enum Token {
}
#[async_trait]
impl<T, S, B> FromRequest<S, B> for Ruma<T>
impl<T, S> FromRequest<S> for Ruma<T>
where
T: IncomingRequest,
B: HttpBody + Send + 'static,
B::Data: Send,
B::Error: Into<BoxError>,
{
type Rejection = Error;
async fn from_request(req: Request<B>, _state: &S) -> Result<Self, Self::Rejection> {
async fn from_request(req: Request<Body>, _state: &S) -> Result<Self, Self::Rejection> {
#[derive(Deserialize)]
struct QueryParams {
access_token: Option<String>,
user_id: Option<String>,
}
let (mut parts, mut body) = match req.with_limited_body() {
Ok(limited_req) => {
let (parts, body) = limited_req.into_parts();
let body = to_bytes(body)
.await
.map_err(|_| Error::BadRequest(ErrorKind::MissingToken, "Missing token."))?;
(parts, body)
}
Err(original_req) => {
let (parts, body) = original_req.into_parts();
let body = to_bytes(body)
.await
.map_err(|_| Error::BadRequest(ErrorKind::MissingToken, "Missing token."))?;
(parts, body)
}
let (mut parts, mut body) = {
let limited_req = req.with_limited_body();
let (parts, body) = limited_req.into_parts();
let body = axum::body::to_bytes(
body,
services()
.globals
.max_request_size()
.try_into()
.unwrap_or(usize::MAX),
)
.await
.map_err(|_| Error::BadRequest(ErrorKind::MissingToken, "Missing token."))?;
(parts, body)
};
let metadata = T::METADATA;
@ -135,7 +132,7 @@ where
if !services().users.exists(&user_id)? {
return Err(Error::BadRequest(
ErrorKind::Forbidden,
ErrorKind::forbidden(),
"User does not exist.",
));
}
@ -175,7 +172,7 @@ where
_ => "Unknown header-related error",
};
Error::BadRequest(ErrorKind::Forbidden, msg)
Error::BadRequest(ErrorKind::forbidden(), msg)
})?;
if let Some(dest) = x_matrix.destination {
@ -242,7 +239,7 @@ where
Err(e) => {
warn!("Failed to fetch signing keys: {}", e);
return Err(Error::BadRequest(
ErrorKind::Forbidden,
ErrorKind::forbidden(),
"Failed to fetch signing keys.",
));
}
@ -268,7 +265,7 @@ where
}
return Err(Error::BadRequest(
ErrorKind::Forbidden,
ErrorKind::forbidden(),
"Failed to verify X-Matrix signatures.",
));
}
@ -351,60 +348,8 @@ where
impl<T: OutgoingResponse> IntoResponse for RumaResponse<T> {
fn into_response(self) -> Response {
match self.0.try_into_http_response::<BytesMut>() {
Ok(res) => res.map(BytesMut::freeze).map(Full::new).into_response(),
Ok(res) => res.map(BytesMut::freeze).map(Body::from).into_response(),
Err(_) => StatusCode::INTERNAL_SERVER_ERROR.into_response(),
}
}
}
// copied from hyper under the following license:
// Copyright (c) 2014-2021 Sean McArthur
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to deal
// in the Software without restriction, including without limitation the rights
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
// copies of the Software, and to permit persons to whom the Software is
// furnished to do so, subject to the following conditions:
// The above copyright notice and this permission notice shall be included in
// all copies or substantial portions of the Software.
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
// THE SOFTWARE.
pub(crate) async fn to_bytes<T>(body: T) -> Result<Bytes, T::Error>
where
T: HttpBody,
{
futures_util::pin_mut!(body);
// If there's only 1 chunk, we can just return Buf::to_bytes()
let mut first = if let Some(buf) = body.data().await {
buf?
} else {
return Ok(Bytes::new());
};
let second = if let Some(buf) = body.data().await {
buf?
} else {
return Ok(first.copy_to_bytes(first.remaining()));
};
// With more than 1 buf, we gotta flatten into a Vec first.
let cap = first.remaining() + second.remaining() + body.size_hint().lower() as usize;
let mut vec = Vec::with_capacity(cap);
vec.put(first);
vec.put(second);
while let Some(buf) = body.data().await {
vec.put(buf?);
}
Ok(vec.into())
}

14
src/api/server_server.rs
Unescape View File

@ -978,7 +978,7 @@ pub async fn get_event_route(
.server_in_room(sender_servername, room_id)?
{
return Err(Error::BadRequest(
ErrorKind::Forbidden,
ErrorKind::forbidden(),
"Server is not in room",
));
}
@ -989,7 +989,7 @@ pub async fn get_event_route(
&body.event_id,
)? {
return Err(Error::BadRequest(
ErrorKind::Forbidden,
ErrorKind::forbidden(),
"Server is not allowed to see event.",
));
}
@ -1021,7 +1021,7 @@ pub async fn get_backfill_route(
.server_in_room(sender_servername, &body.room_id)?
{
return Err(Error::BadRequest(
ErrorKind::Forbidden,
ErrorKind::forbidden(),
"Server is not in room.",
));
}
@ -1091,7 +1091,7 @@ pub async fn get_missing_events_route(
.server_in_room(sender_servername, &body.room_id)?
{
return Err(Error::BadRequest(
ErrorKind::Forbidden,
ErrorKind::forbidden(),
"Server is not in room",
));
}
@ -1176,7 +1176,7 @@ pub async fn get_event_authorization_route(
.server_in_room(sender_servername, &body.room_id)?
{
return Err(Error::BadRequest(
ErrorKind::Forbidden,
ErrorKind::forbidden(),
"Server is not in room.",
));
}
@ -1234,7 +1234,7 @@ pub async fn get_room_state_route(
.server_in_room(sender_servername, &body.room_id)?
{
return Err(Error::BadRequest(
ErrorKind::Forbidden,
ErrorKind::forbidden(),
"Server is not in room.",
));
}
@ -1310,7 +1310,7 @@ pub async fn get_room_state_ids_route(
.server_in_room(sender_servername, &body.room_id)?
{
return Err(Error::BadRequest(
ErrorKind::Forbidden,
ErrorKind::forbidden(),
"Server is not in room.",
));
}

2
src/database/key_value/uiaa.rs
Unescape View File

@ -80,7 +80,7 @@ impl service::uiaa::Data for KeyValueDatabase {
.userdevicesessionid_uiaainfo
.get(&userdevicesessionid)?
.ok_or(Error::BadRequest(
ErrorKind::Forbidden,
ErrorKind::forbidden(),
"UIAA session does not exist.",
))?,
)

25
src/main.rs
Unescape View File

@ -1,6 +1,7 @@
use std::{future::Future, io, net::SocketAddr, sync::atomic, time::Duration};
use axum::{
body::Body,
extract::{DefaultBodyLimit, FromRequestParts, MatchedPath},
middleware::map_response,
response::{IntoResponse, Response},
@ -69,11 +70,13 @@ async fn main() {
config.warn_deprecated();
if config.allow_jaeger {
opentelemetry::global::set_text_map_propagator(opentelemetry_jaeger::Propagator::new());
let tracer = opentelemetry_jaeger::new_agent_pipeline()
.with_auto_split_batch(true)
.with_service_name("conduit")
.install_batch(opentelemetry::runtime::Tokio)
opentelemetry::global::set_text_map_propagator(
opentelemetry_jaeger_propagator::Propagator::new(),
);
let tracer = opentelemetry_otlp::new_pipeline()
.tracing()
.with_exporter(opentelemetry_otlp::new_exporter().tonic())
.install_batch(opentelemetry_sdk::runtime::Tokio)
.unwrap();
let telemetry = tracing_opentelemetry::layer().with_tracer(tracer);
@ -225,9 +228,9 @@ async fn run_server() -> io::Result<()> {
Ok(())
}
async fn spawn_task<B: Send + 'static>(
req: http::Request<B>,
next: axum::middleware::Next<B>,
async fn spawn_task(
req: http::Request<Body>,
next: axum::middleware::Next,
) -> std::result::Result<Response, StatusCode> {
if services().globals.shutdown.load(atomic::Ordering::Relaxed) {
return Err(StatusCode::SERVICE_UNAVAILABLE);
@ -237,9 +240,9 @@ async fn spawn_task<B: Send + 'static>(
.map_err(|_| StatusCode::INTERNAL_SERVER_ERROR)
}
async fn unrecognized_method<B: Send>(
req: http::Request<B>,
next: axum::middleware::Next<B>,
async fn unrecognized_method(
req: http::Request<Body>,
next: axum::middleware::Next,
) -> std::result::Result<Response, StatusCode> {
let method = req.method().clone();
let uri = req.uri().clone();

27
src/service/globals/mod.rs
Unescape View File

@ -10,11 +10,8 @@ use crate::api::server_server::FedDest;
use crate::{services, Config, Error, Result};
use futures_util::FutureExt;
use hickory_resolver::TokioAsyncResolver;
use hyper::{
client::connect::dns::{GaiResolver, Name},
service::Service as HyperService,
};
use reqwest::dns::{Addrs, Resolve, Resolving};
use hyper_util::client::legacy::connect::dns::{GaiResolver, Name as HyperName};
use reqwest::dns::{Addrs, Name, Resolve, Resolving};
use ruma::{
api::{
client::sync::sync_events,
@ -22,6 +19,7 @@ use ruma::{
},
DeviceId, RoomVersionId, ServerName, UserId,
};
use std::str::FromStr;
use std::{
collections::{BTreeMap, HashMap},
error::Error as StdError,
@ -37,6 +35,7 @@ use std::{
time::{Duration, Instant},
};
use tokio::sync::{broadcast, watch::Receiver, Mutex, RwLock, Semaphore};
use tower_service::Service as TowerService;
use tracing::{error, info};
use base64::{engine::general_purpose, Engine as _};
@ -139,11 +138,19 @@ impl Resolve for Resolver {
})
.unwrap_or_else(|| {
let this = &mut self.inner.clone();
Box::pin(HyperService::<Name>::call(this, name).map(|result| {
result
.map(|addrs| -> Addrs { Box::new(addrs) })
.map_err(|err| -> Box<dyn StdError + Send + Sync> { Box::new(err) })
}))
Box::pin(
TowerService::<HyperName>::call(
this,
// Beautiful hack, please remove this in the future.
HyperName::from_str(name.as_str())
.expect("reqwest Name is just wrapper for hyper-util Name"),
)
.map(|result| {
result
.map(|addrs| -> Addrs { Box::new(addrs) })
.map_err(|err| -> Box<dyn StdError + Send + Sync> { Box::new(err) })
}),
)
})
}
}

5
src/service/rooms/auth_chain/mod.rs
Unescape View File

@ -133,7 +133,10 @@ impl Service {
match services().rooms.timeline.get_pdu(&event_id) {
Ok(Some(pdu)) => {
if pdu.room_id != room_id {
return Err(Error::BadRequest(ErrorKind::Forbidden, "Evil event in db"));
return Err(Error::BadRequest(
ErrorKind::forbidden(),
"Evil event in db",
));
}
for auth_event in &pdu.auth_events {
let sauthevent = services()

6
src/service/rooms/event_handler/mod.rs
Unescape View File

@ -90,7 +90,7 @@ impl Service {
if services().rooms.metadata.is_disabled(room_id)? {
return Err(Error::BadRequest(
ErrorKind::Forbidden,
ErrorKind::forbidden(),
"Federation of this room is currently disabled on this server.",
));
}
@ -162,7 +162,7 @@ impl Service {
// Check for disabled again because it might have changed
if services().rooms.metadata.is_disabled(room_id)? {
return Err(Error::BadRequest(
ErrorKind::Forbidden,
ErrorKind::forbidden(),
"Federation of this room is currently disabled on this server.",
));
}
@ -1668,7 +1668,7 @@ impl Service {
server_name, room_id
);
Err(Error::BadRequest(
ErrorKind::Forbidden,
ErrorKind::forbidden(),
"Server was denied by room ACL",
))
}

2
src/service/rooms/spaces/mod.rs
Unescape View File

@ -408,7 +408,7 @@ impl Service {
debug!("User is not allowed to see room {room_id}");
// This error will be caught later
return Err(Error::BadRequest(
ErrorKind::Forbidden,
ErrorKind::forbidden(),
"User is not allowed to see the room",
));
}

16
src/service/rooms/timeline/mod.rs
Unescape View File

@ -762,7 +762,7 @@ impl Service {
if !auth_check {
return Err(Error::BadRequest(
ErrorKind::Forbidden,
ErrorKind::forbidden(),
"Event is not authorized.",
));
}
@ -842,7 +842,7 @@ impl Service {
TimelineEventType::RoomEncryption => {
warn!("Encryption is not allowed in the admins room");
return Err(Error::BadRequest(
ErrorKind::Forbidden,
ErrorKind::forbidden(),
"Encryption is not allowed in the admins room.",
));
}
@ -865,7 +865,7 @@ impl Service {
if target == server_user {
warn!("Conduit user cannot leave from admins room");
return Err(Error::BadRequest(
ErrorKind::Forbidden,
ErrorKind::forbidden(),
"Conduit user cannot leave from admins room.",
));
}
@ -881,7 +881,7 @@ impl Service {
if count < 2 {
warn!("Last admin cannot leave from admins room");
return Err(Error::BadRequest(
ErrorKind::Forbidden,
ErrorKind::forbidden(),
"Last admin cannot leave from admins room.",
));
}
@ -891,7 +891,7 @@ impl Service {
if target == server_user {
warn!("Conduit user cannot be banned in admins room");
return Err(Error::BadRequest(
ErrorKind::Forbidden,
ErrorKind::forbidden(),
"Conduit user cannot be banned in admins room.",
));
}
@ -907,7 +907,7 @@ impl Service {
if count < 2 {
warn!("Last admin cannot be banned in admins room");
return Err(Error::BadRequest(
ErrorKind::Forbidden,
ErrorKind::forbidden(),
"Last admin cannot be banned in admins room.",
));
}
@ -939,7 +939,7 @@ impl Service {
false,
)? {
return Err(Error::BadRequest(
ErrorKind::Forbidden,
ErrorKind::forbidden(),
"User cannot redact this event.",
));
}
@ -960,7 +960,7 @@ impl Service {
false,
)? {
return Err(Error::BadRequest(
ErrorKind::Forbidden,
ErrorKind::forbidden(),
"User cannot redact this event.",
));
}

4
src/service/uiaa/mod.rs
Unescape View File

@ -86,7 +86,7 @@ impl Service {
if !hash_matches {
uiaainfo.auth_error = Some(ruma::api::client::error::StandardErrorBody {
kind: ErrorKind::Forbidden,
kind: ErrorKind::forbidden(),
message: "Invalid username or password.".to_owned(),
});
return Ok((false, uiaainfo));
@ -101,7 +101,7 @@ impl Service {
uiaainfo.completed.push(AuthType::RegistrationToken);
} else {
uiaainfo.auth_error = Some(ruma::api::client::error::StandardErrorBody {
kind: ErrorKind::Forbidden,
kind: ErrorKind::forbidden(),
message: "Invalid registration token.".to_owned(),
});
return Ok((false, uiaainfo));

2
src/utils/error.rs
Unescape View File

@ -128,7 +128,7 @@ impl Error {
kind.clone(),
match kind {
WrongRoomKeysVersion { .. }
| Forbidden
| Forbidden { .. }
| GuestAccessForbidden
| ThreepidAuthFailed
| ThreepidDenied => StatusCode::FORBIDDEN,

Write Preview
Loading…
Cancel
Save