X-Git-Url: http://these/git/?a=blobdiff_plain;f=crates%2Fapub%2Fsrc%2Flib.rs;h=9a45284f22fbf609dfbbdf0196847e685b8cdbf0;hb=e9e76549a88cfbdab36f00d302cceabcaaa24f4c;hp=e7065752a03149548e0c08b362682367ed5c5bc9;hpb=527eefbe92a4796b957fb232831f7e7c80511ed9;p=lemmy.git diff --git a/crates/apub/src/lib.rs b/crates/apub/src/lib.rs index e7065752..9a45284f 100644 --- a/crates/apub/src/lib.rs +++ b/crates/apub/src/lib.rs @@ -1,30 +1,51 @@ -#[macro_use] -extern crate lazy_static; +use crate::fetcher::post_or_comment::PostOrComment; +use activitypub_federation::config::{Data, UrlVerifier}; +use async_trait::async_trait; +use lemmy_api_common::context::LemmyContext; +use lemmy_db_schema::{ + source::{activity::ReceivedActivity, instance::Instance, local_site::LocalSite}, + utils::{ActualDbPool, DbPool}, +}; +use lemmy_utils::error::{LemmyError, LemmyErrorType, LemmyResult}; +use moka::future::Cache; +use once_cell::sync::Lazy; +use std::{sync::Arc, time::Duration}; +use url::Url; pub mod activities; -pub mod activity_queue; -pub mod extensions; +pub(crate) mod activity_lists; +pub mod api; +pub(crate) mod collections; pub mod fetcher; pub mod http; -pub mod migrations; +pub(crate) mod mentions; pub mod objects; - -use crate::{extensions::signatures::PublicKey, fetcher::post_or_comment::PostOrComment}; -use anyhow::{anyhow, Context}; -use lemmy_api_common::blocking; -use lemmy_db_queries::{source::activity::Activity_, DbPool}; -use lemmy_db_schema::{ - source::{activity::Activity, person::Person}, - CommunityId, - DbUrl, -}; -use lemmy_db_views_actor::community_person_ban_view::CommunityPersonBanView; -use lemmy_utils::{location_info, settings::structs::Settings, LemmyError}; -use serde::Serialize; -use std::net::IpAddr; -use url::{ParseError, Url}; - -static APUB_JSON_CONTENT_TYPE: &str = "application/activity+json"; +pub mod protocol; + +pub const FEDERATION_HTTP_FETCH_LIMIT: u32 = 50; +/// All incoming and outgoing federation actions read the blocklist/allowlist and slur filters +/// multiple times. This causes a huge number of database reads if we hit the db directly. So we +/// cache these values for a short time, which will already make a huge difference and ensures that +/// changes take effect quickly. +const BLOCKLIST_CACHE_DURATION: Duration = Duration::from_secs(60); + +static CONTEXT: Lazy> = Lazy::new(|| { + serde_json::from_str(include_str!("../assets/lemmy/context.json")).expect("parse context") +}); + +#[derive(Clone)] +pub struct VerifyUrlData(pub ActualDbPool); + +#[async_trait] +impl UrlVerifier for VerifyUrlData { + async fn verify(&self, url: &Url) -> Result<(), &'static str> { + let local_site_data = local_site_data_cached(&mut (&self.0).into()) + .await + .expect("read local site data"); + check_apub_id_valid(url, &local_site_data)?; + Ok(()) + } +} /// Checks if the ID is allowed for sending or receiving. /// @@ -33,222 +54,146 @@ static APUB_JSON_CONTENT_TYPE: &str = "application/activity+json"; /// - the correct scheme (either http or https) /// - URL being in the allowlist (if it is active) /// - URL not being in the blocklist (if it is active) -/// -pub(crate) fn check_is_apub_id_valid( - apub_id: &Url, - use_strict_allowlist: bool, -) -> Result<(), LemmyError> { - let settings = Settings::get(); - let domain = apub_id.domain().context(location_info!())?.to_string(); - let local_instance = settings.get_hostname_without_port()?; - - if !settings.federation.enabled { - return if domain == local_instance { - Ok(()) - } else { - Err( - anyhow!( - "Trying to connect with {}, but federation is disabled", - domain - ) - .into(), - ) - }; +#[tracing::instrument(skip(local_site_data))] +fn check_apub_id_valid(apub_id: &Url, local_site_data: &LocalSiteData) -> Result<(), &'static str> { + let domain = apub_id.domain().expect("apud id has domain").to_string(); + + if !local_site_data + .local_site + .as_ref() + .map(|l| l.federation_enabled) + .unwrap_or(true) + { + return Err("Federation disabled"); } - let host = apub_id.host_str().context(location_info!())?; - let host_as_ip = host.parse::(); - if host == "localhost" || host_as_ip.is_ok() { - return Err(anyhow!("invalid hostname {}: {}", host, apub_id).into()); + if local_site_data + .blocked_instances + .iter() + .any(|i| domain.eq(&i.domain)) + { + return Err("Domain is blocked"); } - if apub_id.scheme() != Settings::get().get_protocol_string() { - return Err(anyhow!("invalid apub id scheme {}: {}", apub_id.scheme(), apub_id).into()); - } - - // TODO: might be good to put the part above in one method, and below in another - // (which only gets called in apub::objects) - // -> no that doesnt make sense, we still need the code below for blocklist and strict allowlist - if let Some(blocked) = Settings::get().federation.blocked_instances { - if blocked.contains(&domain) { - return Err(anyhow!("{} is in federation blocklist", domain).into()); - } - } - - if let Some(mut allowed) = Settings::get().federation.allowed_instances { - // Only check allowlist if this is a community, or strict allowlist is enabled. - let strict_allowlist = Settings::get().federation.strict_allowlist; - if use_strict_allowlist || strict_allowlist { - // need to allow this explicitly because apub receive might contain objects from our local - // instance. - allowed.push(local_instance); - - if !allowed.contains(&domain) { - return Err(anyhow!("{} not in federation allowlist", domain).into()); - } - } + // Only check this if there are instances in the allowlist + if !local_site_data.allowed_instances.is_empty() + && !local_site_data + .allowed_instances + .iter() + .any(|i| domain.eq(&i.domain)) + { + return Err("Domain is not in allowlist"); } Ok(()) } -/// Common methods provided by ActivityPub actors (community and person). Not all methods are -/// implemented by all actors. -trait ActorType { - fn is_local(&self) -> bool; - fn actor_id(&self) -> Url; - fn name(&self) -> String; - - // TODO: every actor should have a public key, so this shouldnt be an option (needs to be fixed in db) - fn public_key(&self) -> Option; - fn private_key(&self) -> Option; - - fn get_shared_inbox_or_inbox_url(&self) -> Url; - - /// Outbox URL is not generally used by Lemmy, so it can be generated on the fly (but only for - /// local actors). - fn get_outbox_url(&self) -> Result { - /* TODO - if !self.is_local() { - return Err(anyhow!("get_outbox_url() called for remote actor").into()); - } - */ - Ok(Url::parse(&format!("{}/outbox", &self.actor_id()))?) - } - - fn get_public_key(&self) -> Result { - Ok(PublicKey { - id: format!("{}#main-key", self.actor_id()), - owner: self.actor_id(), - public_key_pem: self.public_key().context(location_info!())?, - }) - } -} - -#[async_trait::async_trait(?Send)] -pub trait CommunityType { - fn followers_url(&self) -> Url; - async fn get_follower_inboxes(&self, pool: &DbPool) -> Result, LemmyError>; -} - -pub enum EndpointType { - Community, - Person, - Post, - Comment, - PrivateMessage, +#[derive(Clone)] +pub(crate) struct LocalSiteData { + local_site: Option, + allowed_instances: Vec, + blocked_instances: Vec, } -/// Generates an apub endpoint for a given domain, IE xyz.tld -fn generate_apub_endpoint_for_domain( - endpoint_type: EndpointType, - name: &str, - domain: &str, -) -> Result { - let point = match endpoint_type { - EndpointType::Community => "c", - EndpointType::Person => "u", - EndpointType::Post => "post", - EndpointType::Comment => "comment", - EndpointType::PrivateMessage => "private_message", - }; - - Ok(Url::parse(&format!("{}/{}/{}", domain, point, name))?.into()) -} - -/// Generates the ActivityPub ID for a given object type and ID. -pub fn generate_apub_endpoint( - endpoint_type: EndpointType, - name: &str, -) -> Result { - generate_apub_endpoint_for_domain( - endpoint_type, - name, - &Settings::get().get_protocol_and_hostname(), +pub(crate) async fn local_site_data_cached( + pool: &mut DbPool<'_>, +) -> LemmyResult> { + static CACHE: Lazy>> = Lazy::new(|| { + Cache::builder() + .max_capacity(1) + .time_to_live(BLOCKLIST_CACHE_DURATION) + .build() + }); + Ok( + CACHE + .try_get_with((), async { + let (local_site, allowed_instances, blocked_instances) = + lemmy_db_schema::try_join_with_pool!(pool => ( + // LocalSite may be missing + |pool| async { + Ok(LocalSite::read(pool).await.ok()) + }, + Instance::allowlist, + Instance::blocklist + ))?; + + Ok::<_, diesel::result::Error>(Arc::new(LocalSiteData { + local_site, + allowed_instances, + blocked_instances, + })) + }) + .await?, ) } -pub fn generate_followers_url(actor_id: &DbUrl) -> Result { - Ok(Url::parse(&format!("{}/followers", actor_id))?.into()) -} - -pub fn generate_inbox_url(actor_id: &DbUrl) -> Result { - Ok(Url::parse(&format!("{}/inbox", actor_id))?.into()) -} - -pub fn generate_shared_inbox_url(actor_id: &DbUrl) -> Result { - let actor_id: Url = actor_id.clone().into(); - let url = format!( - "{}://{}{}/inbox", - &actor_id.scheme(), - &actor_id.host_str().context(location_info!())?, - if let Some(port) = actor_id.port() { - format!(":{}", port) - } else { - "".to_string() - }, - ); - Ok(Url::parse(&url)?.into()) -} - -fn generate_moderators_url(community_id: &DbUrl) -> Result { - Ok(Url::parse(&format!("{}/moderators", community_id))?.into()) -} - -/// Takes in a shortname of the type dessalines@xyz.tld or dessalines (assumed to be local), and outputs the actor id. -/// Used in the API for communities and users. -pub fn build_actor_id_from_shortname( - endpoint_type: EndpointType, - short_name: &str, -) -> Result { - let split = short_name.split('@').collect::>(); - - let name = split[0]; - - // If there's no @, its local - let domain = if split.len() == 1 { - Settings::get().get_protocol_and_hostname() - } else { - format!("{}://{}", Settings::get().get_protocol_string(), split[1]) - }; +pub(crate) async fn check_apub_id_valid_with_strictness( + apub_id: &Url, + is_strict: bool, + context: &LemmyContext, +) -> Result<(), LemmyError> { + let domain = apub_id.domain().expect("apud id has domain").to_string(); + let local_instance = context + .settings() + .get_hostname_without_port() + .expect("local hostname is valid"); + if domain == local_instance { + return Ok(()); + } - generate_apub_endpoint_for_domain(endpoint_type, name, &domain) + let local_site_data = local_site_data_cached(&mut context.pool()).await?; + check_apub_id_valid(apub_id, &local_site_data).map_err(|err| match err { + "Federation disabled" => LemmyErrorType::FederationDisabled, + "Domain is blocked" => LemmyErrorType::DomainBlocked, + "Domain is not in allowlist" => LemmyErrorType::DomainNotInAllowList, + _ => panic!("Could not handle apub error!"), + })?; + + // Only check allowlist if this is a community, and there are instances in the allowlist + if is_strict && !local_site_data.allowed_instances.is_empty() { + // need to allow this explicitly because apub receive might contain objects from our local + // instance. + let mut allowed_and_local = local_site_data + .allowed_instances + .iter() + .map(|i| i.domain.clone()) + .collect::>(); + let local_instance = context + .settings() + .get_hostname_without_port() + .expect("local hostname is valid"); + allowed_and_local.push(local_instance); + + let domain = apub_id.domain().expect("apud id has domain").to_string(); + if !allowed_and_local.contains(&domain) { + return Err(LemmyErrorType::FederationDisabledByStrictAllowList)?; + } + } + Ok(()) } -/// Store a sent or received activity in the database, for logging purposes. These records are not -/// persistent. -async fn insert_activity( +/// Store received activities in the database. +/// +/// This ensures that the same activity doesnt get received and processed more than once, which +/// would be a waste of resources. +#[tracing::instrument(skip(data))] +async fn insert_received_activity( ap_id: &Url, - activity: T, - local: bool, - sensitive: bool, - pool: &DbPool, -) -> Result<(), LemmyError> -where - T: Serialize + std::fmt::Debug + Send + 'static, -{ - let ap_id = ap_id.to_owned().into(); - blocking(pool, move |conn| { - Activity::insert(conn, ap_id, &activity, local, sensitive) - }) - .await??; + data: &Data, +) -> Result<(), LemmyError> { + ReceivedActivity::create(&mut data.pool(), &ap_id.clone().into()).await?; Ok(()) } -async fn check_community_or_site_ban( - person: &Person, - community_id: CommunityId, - pool: &DbPool, -) -> Result<(), LemmyError> { - if person.banned { - return Err(anyhow!("Person is banned from site").into()); - } - let person_id = person.id; - let is_banned = - move |conn: &'_ _| CommunityPersonBanView::get(conn, person_id, community_id).is_ok(); - if blocking(pool, is_banned).await? { - return Err(anyhow!("Person is banned from community").into()); - } +#[async_trait::async_trait] +pub trait SendActivity: Sync { + type Response: Sync + Send + Clone; - Ok(()) + async fn send_activity( + _request: &Self, + _response: &Self::Response, + _context: &Data, + ) -> Result<(), LemmyError> { + Ok(()) + } }