X-Git-Url: http://these/git/?a=blobdiff_plain;f=crates%2Fapub%2Fsrc%2Flib.rs;h=9a45284f22fbf609dfbbdf0196847e685b8cdbf0;hb=e9e76549a88cfbdab36f00d302cceabcaaa24f4c;hp=62f84de61ddfe29c9a9462ba8e0762c3286b9be4;hpb=60f72b2785ef2985a4549a14fd63c85184101507;p=lemmy.git diff --git a/crates/apub/src/lib.rs b/crates/apub/src/lib.rs index 62f84de6..9a45284f 100644 --- a/crates/apub/src/lib.rs +++ b/crates/apub/src/lib.rs @@ -1,25 +1,51 @@ +use crate::fetcher::post_or_comment::PostOrComment; +use activitypub_federation::config::{Data, UrlVerifier}; +use async_trait::async_trait; +use lemmy_api_common::context::LemmyContext; +use lemmy_db_schema::{ + source::{activity::ReceivedActivity, instance::Instance, local_site::LocalSite}, + utils::{ActualDbPool, DbPool}, +}; +use lemmy_utils::error::{LemmyError, LemmyErrorType, LemmyResult}; +use moka::future::Cache; +use once_cell::sync::Lazy; +use std::{sync::Arc, time::Duration}; +use url::Url; + pub mod activities; pub(crate) mod activity_lists; +pub mod api; pub(crate) mod collections; -mod context; pub mod fetcher; pub mod http; -pub mod migrations; +pub(crate) mod mentions; pub mod objects; pub mod protocol; -#[macro_use] -extern crate lazy_static; - -use crate::fetcher::post_or_comment::PostOrComment; -use anyhow::{anyhow, Context}; -use lemmy_api_common::blocking; -use lemmy_apub_lib::webfinger::{webfinger_resolve_actor, WebfingerType}; -use lemmy_db_schema::{newtypes::DbUrl, source::activity::Activity, DbPool}; -use lemmy_utils::{location_info, settings::structs::Settings, LemmyError}; -use lemmy_websocket::LemmyContext; -use std::net::IpAddr; -use url::{ParseError, Url}; +pub const FEDERATION_HTTP_FETCH_LIMIT: u32 = 50; +/// All incoming and outgoing federation actions read the blocklist/allowlist and slur filters +/// multiple times. This causes a huge number of database reads if we hit the db directly. So we +/// cache these values for a short time, which will already make a huge difference and ensures that +/// changes take effect quickly. +const BLOCKLIST_CACHE_DURATION: Duration = Duration::from_secs(60); + +static CONTEXT: Lazy> = Lazy::new(|| { + serde_json::from_str(include_str!("../assets/lemmy/context.json")).expect("parse context") +}); + +#[derive(Clone)] +pub struct VerifyUrlData(pub ActualDbPool); + +#[async_trait] +impl UrlVerifier for VerifyUrlData { + async fn verify(&self, url: &Url) -> Result<(), &'static str> { + let local_site_data = local_site_data_cached(&mut (&self.0).into()) + .await + .expect("read local site data"); + check_apub_id_valid(url, &local_site_data)?; + Ok(()) + } +} /// Checks if the ID is allowed for sending or receiving. /// @@ -28,165 +54,146 @@ use url::{ParseError, Url}; /// - the correct scheme (either http or https) /// - URL being in the allowlist (if it is active) /// - URL not being in the blocklist (if it is active) -/// -/// `use_strict_allowlist` should be true only when parsing a remote community, or when parsing a -/// post/comment in a local community. -pub(crate) fn check_is_apub_id_valid( - apub_id: &Url, - use_strict_allowlist: bool, - settings: &Settings, -) -> Result<(), LemmyError> { - let domain = apub_id.domain().context(location_info!())?.to_string(); - let local_instance = settings.get_hostname_without_port()?; - - if !settings.federation.enabled { - return if domain == local_instance { - Ok(()) - } else { - Err( - anyhow!( - "Trying to connect with {}, but federation is disabled", - domain - ) - .into(), - ) - }; +#[tracing::instrument(skip(local_site_data))] +fn check_apub_id_valid(apub_id: &Url, local_site_data: &LocalSiteData) -> Result<(), &'static str> { + let domain = apub_id.domain().expect("apud id has domain").to_string(); + + if !local_site_data + .local_site + .as_ref() + .map(|l| l.federation_enabled) + .unwrap_or(true) + { + return Err("Federation disabled"); } - let host = apub_id.host_str().context(location_info!())?; - let host_as_ip = host.parse::(); - if host == "localhost" || host_as_ip.is_ok() { - return Err(anyhow!("invalid hostname {}: {}", host, apub_id).into()); + if local_site_data + .blocked_instances + .iter() + .any(|i| domain.eq(&i.domain)) + { + return Err("Domain is blocked"); } - if apub_id.scheme() != settings.get_protocol_string() { - return Err(anyhow!("invalid apub id scheme {}: {}", apub_id.scheme(), apub_id).into()); - } - - // TODO: might be good to put the part above in one method, and below in another - // (which only gets called in apub::objects) - // -> no that doesnt make sense, we still need the code below for blocklist and strict allowlist - if let Some(blocked) = settings.to_owned().federation.blocked_instances { - if blocked.contains(&domain) { - return Err(anyhow!("{} is in federation blocklist", domain).into()); - } - } - - if let Some(mut allowed) = settings.to_owned().federation.allowed_instances { - // Only check allowlist if this is a community, or strict allowlist is enabled. - let strict_allowlist = settings.to_owned().federation.strict_allowlist; - if use_strict_allowlist || strict_allowlist { - // need to allow this explicitly because apub receive might contain objects from our local - // instance. - allowed.push(local_instance); - - if !allowed.contains(&domain) { - return Err(anyhow!("{} not in federation allowlist", domain).into()); - } - } + // Only check this if there are instances in the allowlist + if !local_site_data.allowed_instances.is_empty() + && !local_site_data + .allowed_instances + .iter() + .any(|i| domain.eq(&i.domain)) + { + return Err("Domain is not in allowlist"); } Ok(()) } -pub enum EndpointType { - Community, - Person, - Post, - Comment, - PrivateMessage, -} - -/// Generates an apub endpoint for a given domain, IE xyz.tld -pub fn generate_local_apub_endpoint( - endpoint_type: EndpointType, - name: &str, - domain: &str, -) -> Result { - let point = match endpoint_type { - EndpointType::Community => "c", - EndpointType::Person => "u", - EndpointType::Post => "post", - EndpointType::Comment => "comment", - EndpointType::PrivateMessage => "private_message", - }; - - Ok(Url::parse(&format!("{}/{}/{}", domain, point, name))?.into()) -} - -pub fn generate_followers_url(actor_id: &DbUrl) -> Result { - Ok(Url::parse(&format!("{}/followers", actor_id))?.into()) -} - -pub fn generate_inbox_url(actor_id: &DbUrl) -> Result { - Ok(Url::parse(&format!("{}/inbox", actor_id))?.into()) -} - -pub fn generate_shared_inbox_url(actor_id: &DbUrl) -> Result { - let actor_id: Url = actor_id.clone().into(); - let url = format!( - "{}://{}{}/inbox", - &actor_id.scheme(), - &actor_id.host_str().context(location_info!())?, - if let Some(port) = actor_id.port() { - format!(":{}", port) - } else { - "".to_string() - }, - ); - Ok(Url::parse(&url)?.into()) +#[derive(Clone)] +pub(crate) struct LocalSiteData { + local_site: Option, + allowed_instances: Vec, + blocked_instances: Vec, } -pub fn generate_outbox_url(actor_id: &DbUrl) -> Result { - Ok(Url::parse(&format!("{}/outbox", actor_id))?.into()) +pub(crate) async fn local_site_data_cached( + pool: &mut DbPool<'_>, +) -> LemmyResult> { + static CACHE: Lazy>> = Lazy::new(|| { + Cache::builder() + .max_capacity(1) + .time_to_live(BLOCKLIST_CACHE_DURATION) + .build() + }); + Ok( + CACHE + .try_get_with((), async { + let (local_site, allowed_instances, blocked_instances) = + lemmy_db_schema::try_join_with_pool!(pool => ( + // LocalSite may be missing + |pool| async { + Ok(LocalSite::read(pool).await.ok()) + }, + Instance::allowlist, + Instance::blocklist + ))?; + + Ok::<_, diesel::result::Error>(Arc::new(LocalSiteData { + local_site, + allowed_instances, + blocked_instances, + })) + }) + .await?, + ) } -fn generate_moderators_url(community_id: &DbUrl) -> Result { - Ok(Url::parse(&format!("{}/moderators", community_id))?.into()) -} - -/// Takes in a shortname of the type dessalines@xyz.tld or dessalines (assumed to be local), and outputs the actor id. -/// Used in the API for communities and users. -pub async fn get_actor_id_from_name( - webfinger_type: WebfingerType, - short_name: &str, +pub(crate) async fn check_apub_id_valid_with_strictness( + apub_id: &Url, + is_strict: bool, context: &LemmyContext, -) -> Result { - let split = short_name.split('@').collect::>(); - - let name = split[0]; - - // If there's no @, its local - if split.len() == 1 { - let domain = context.settings().get_protocol_and_hostname(); - let endpoint_type = match webfinger_type { - WebfingerType::Person => EndpointType::Person, - WebfingerType::Group => EndpointType::Community, - }; - Ok(generate_local_apub_endpoint(endpoint_type, name, &domain)?) - } else { - let protocol = context.settings().get_protocol_string(); - Ok( - webfinger_resolve_actor(name, split[1], webfinger_type, context.client(), protocol) - .await? - .into(), - ) +) -> Result<(), LemmyError> { + let domain = apub_id.domain().expect("apud id has domain").to_string(); + let local_instance = context + .settings() + .get_hostname_without_port() + .expect("local hostname is valid"); + if domain == local_instance { + return Ok(()); } + + let local_site_data = local_site_data_cached(&mut context.pool()).await?; + check_apub_id_valid(apub_id, &local_site_data).map_err(|err| match err { + "Federation disabled" => LemmyErrorType::FederationDisabled, + "Domain is blocked" => LemmyErrorType::DomainBlocked, + "Domain is not in allowlist" => LemmyErrorType::DomainNotInAllowList, + _ => panic!("Could not handle apub error!"), + })?; + + // Only check allowlist if this is a community, and there are instances in the allowlist + if is_strict && !local_site_data.allowed_instances.is_empty() { + // need to allow this explicitly because apub receive might contain objects from our local + // instance. + let mut allowed_and_local = local_site_data + .allowed_instances + .iter() + .map(|i| i.domain.clone()) + .collect::>(); + let local_instance = context + .settings() + .get_hostname_without_port() + .expect("local hostname is valid"); + allowed_and_local.push(local_instance); + + let domain = apub_id.domain().expect("apud id has domain").to_string(); + if !allowed_and_local.contains(&domain) { + return Err(LemmyErrorType::FederationDisabledByStrictAllowList)?; + } + } + Ok(()) } -/// Store a sent or received activity in the database, for logging purposes. These records are not -/// persistent. -async fn insert_activity( +/// Store received activities in the database. +/// +/// This ensures that the same activity doesnt get received and processed more than once, which +/// would be a waste of resources. +#[tracing::instrument(skip(data))] +async fn insert_received_activity( ap_id: &Url, - activity: serde_json::Value, - local: bool, - sensitive: bool, - pool: &DbPool, + data: &Data, ) -> Result<(), LemmyError> { - let ap_id = ap_id.to_owned().into(); - blocking(pool, move |conn| { - Activity::insert(conn, ap_id, activity, local, sensitive) - }) - .await??; + ReceivedActivity::create(&mut data.pool(), &ap_id.clone().into()).await?; Ok(()) } + +#[async_trait::async_trait] +pub trait SendActivity: Sync { + type Response: Sync + Send + Clone; + + async fn send_activity( + _request: &Self, + _response: &Self::Response, + _context: &Data, + ) -> Result<(), LemmyError> { + Ok(()) + } +}