X-Git-Url: http://these/git/?a=blobdiff_plain;f=crates%2Fapub%2Fsrc%2Flib.rs;h=d4e34f9e740fd2bb3b444b759ec7e985c9841c93;hb=70fae9d68d65b1e4d153e30d3c065cc315b75eaf;hp=cc9d5f4875ee97beb11d9768c7dda00976f4b6eb;hpb=9e0fa99c695df5d1c5e615d6f5de2b9d4bc91205;p=lemmy.git diff --git a/crates/apub/src/lib.rs b/crates/apub/src/lib.rs index cc9d5f48..d4e34f9e 100644 --- a/crates/apub/src/lib.rs +++ b/crates/apub/src/lib.rs @@ -1,26 +1,65 @@ +use crate::fetcher::post_or_comment::PostOrComment; +use activitypub_federation::config::{Data, UrlVerifier}; +use async_trait::async_trait; +use lemmy_api_common::context::LemmyContext; +use lemmy_db_schema::{ + source::{activity::ReceivedActivity, instance::Instance, local_site::LocalSite}, + utils::{ActualDbPool, DbPool}, +}; +use lemmy_utils::error::{LemmyError, LemmyErrorType, LemmyResult}; +use moka::future::Cache; +use once_cell::sync::Lazy; +use std::{sync::Arc, time::Duration}; +use url::Url; + pub mod activities; -mod context; +pub(crate) mod activity_lists; +pub mod api; +pub(crate) mod collections; pub mod fetcher; pub mod http; -pub mod migrations; +pub(crate) mod mentions; pub mod objects; - -use crate::fetcher::post_or_comment::PostOrComment; -use anyhow::{anyhow, Context}; -use lemmy_api_common::blocking; -use lemmy_apub_lib::{activity_queue::send_activity, traits::ActorType}; -use lemmy_db_schema::{ - newtypes::{CommunityId, DbUrl}, - source::{activity::Activity, person::Person}, - DbPool, -}; -use lemmy_db_views_actor::community_person_ban_view::CommunityPersonBanView; -use lemmy_utils::{location_info, settings::structs::Settings, LemmyError}; -use lemmy_websocket::LemmyContext; -use log::info; -use serde::Serialize; -use std::net::IpAddr; -use url::{ParseError, Url}; +pub mod protocol; + +pub const FEDERATION_HTTP_FETCH_LIMIT: u32 = 50; +/// All incoming and outgoing federation actions read the blocklist/allowlist and slur filters +/// multiple times. This causes a huge number of database reads if we hit the db directly. So we +/// cache these values for a short time, which will already make a huge difference and ensures that +/// changes take effect quickly. +const BLOCKLIST_CACHE_DURATION: Duration = Duration::from_secs(60); + +static CONTEXT: Lazy> = Lazy::new(|| { + serde_json::from_str(include_str!("../assets/lemmy/context.json")).expect("parse context") +}); + +#[derive(Clone)] +pub struct VerifyUrlData(pub ActualDbPool); + +#[async_trait] +impl UrlVerifier for VerifyUrlData { + async fn verify(&self, url: &Url) -> Result<(), &'static str> { + let local_site_data = local_site_data_cached(&mut (&self.0).into()) + .await + .expect("read local site data"); + check_apub_id_valid(url, &local_site_data).map_err(|err| match err { + LemmyError { + error_type: LemmyErrorType::FederationDisabled, + .. + } => "Federation disabled", + LemmyError { + error_type: LemmyErrorType::DomainBlocked(_), + .. + } => "Domain is blocked", + LemmyError { + error_type: LemmyErrorType::DomainNotInAllowList(_), + .. + } => "Domain is not in allowlist", + _ => "Failed validating apub id", + })?; + Ok(()) + } +} /// Checks if the ID is allowed for sending or receiving. /// @@ -29,238 +68,141 @@ use url::{ParseError, Url}; /// - the correct scheme (either http or https) /// - URL being in the allowlist (if it is active) /// - URL not being in the blocklist (if it is active) -/// -pub(crate) fn check_is_apub_id_valid( - apub_id: &Url, - use_strict_allowlist: bool, - settings: &Settings, -) -> Result<(), LemmyError> { - let domain = apub_id.domain().context(location_info!())?.to_string(); - let local_instance = settings.get_hostname_without_port()?; - - if !settings.federation.enabled { - return if domain == local_instance { - Ok(()) - } else { - Err( - anyhow!( - "Trying to connect with {}, but federation is disabled", - domain - ) - .into(), - ) - }; - } - - let host = apub_id.host_str().context(location_info!())?; - let host_as_ip = host.parse::(); - if host == "localhost" || host_as_ip.is_ok() { - return Err(anyhow!("invalid hostname {}: {}", host, apub_id).into()); - } - - if apub_id.scheme() != settings.get_protocol_string() { - return Err(anyhow!("invalid apub id scheme {}: {}", apub_id.scheme(), apub_id).into()); +#[tracing::instrument(skip(local_site_data))] +fn check_apub_id_valid(apub_id: &Url, local_site_data: &LocalSiteData) -> Result<(), LemmyError> { + let domain = apub_id.domain().expect("apud id has domain").to_string(); + + if !local_site_data + .local_site + .as_ref() + .map(|l| l.federation_enabled) + .unwrap_or(true) + { + Err(LemmyErrorType::FederationDisabled)?; } - // TODO: might be good to put the part above in one method, and below in another - // (which only gets called in apub::objects) - // -> no that doesnt make sense, we still need the code below for blocklist and strict allowlist - if let Some(blocked) = settings.to_owned().federation.blocked_instances { - if blocked.contains(&domain) { - return Err(anyhow!("{} is in federation blocklist", domain).into()); - } + if local_site_data + .blocked_instances + .iter() + .any(|i| domain.eq(&i.domain)) + { + Err(LemmyErrorType::DomainBlocked(domain.clone()))?; } - if let Some(mut allowed) = settings.to_owned().federation.allowed_instances { - // Only check allowlist if this is a community, or strict allowlist is enabled. - let strict_allowlist = settings.to_owned().federation.strict_allowlist; - if use_strict_allowlist || strict_allowlist { - // need to allow this explicitly because apub receive might contain objects from our local - // instance. - allowed.push(local_instance); - - if !allowed.contains(&domain) { - return Err(anyhow!("{} not in federation allowlist", domain).into()); - } - } + // Only check this if there are instances in the allowlist + if !local_site_data.allowed_instances.is_empty() + && !local_site_data + .allowed_instances + .iter() + .any(|i| domain.eq(&i.domain)) + { + Err(LemmyErrorType::DomainNotInAllowList(domain))?; } Ok(()) } -#[async_trait::async_trait(?Send)] -pub trait CommunityType { - fn followers_url(&self) -> Url; - async fn get_follower_inboxes( - &self, - pool: &DbPool, - settings: &Settings, - ) -> Result, LemmyError>; +#[derive(Clone)] +pub(crate) struct LocalSiteData { + local_site: Option, + allowed_instances: Vec, + blocked_instances: Vec, } -pub enum EndpointType { - Community, - Person, - Post, - Comment, - PrivateMessage, -} - -/// Generates an apub endpoint for a given domain, IE xyz.tld -fn generate_apub_endpoint_for_domain( - endpoint_type: EndpointType, - name: &str, - domain: &str, -) -> Result { - let point = match endpoint_type { - EndpointType::Community => "c", - EndpointType::Person => "u", - EndpointType::Post => "post", - EndpointType::Comment => "comment", - EndpointType::PrivateMessage => "private_message", - }; - - Ok(Url::parse(&format!("{}/{}/{}", domain, point, name))?.into()) -} - -/// Generates the ActivityPub ID for a given object type and ID. -pub fn generate_apub_endpoint( - endpoint_type: EndpointType, - name: &str, - protocol_and_hostname: &str, -) -> Result { - generate_apub_endpoint_for_domain(endpoint_type, name, protocol_and_hostname) -} - -pub fn generate_followers_url(actor_id: &DbUrl) -> Result { - Ok(Url::parse(&format!("{}/followers", actor_id))?.into()) -} - -pub fn generate_inbox_url(actor_id: &DbUrl) -> Result { - Ok(Url::parse(&format!("{}/inbox", actor_id))?.into()) -} - -pub fn generate_shared_inbox_url(actor_id: &DbUrl) -> Result { - let actor_id: Url = actor_id.clone().into(); - let url = format!( - "{}://{}{}/inbox", - &actor_id.scheme(), - &actor_id.host_str().context(location_info!())?, - if let Some(port) = actor_id.port() { - format!(":{}", port) - } else { - "".to_string() - }, - ); - Ok(Url::parse(&url)?.into()) -} - -pub fn generate_outbox_url(actor_id: &DbUrl) -> Result { - Ok(Url::parse(&format!("{}/outbox", actor_id))?.into()) -} - -fn generate_moderators_url(community_id: &DbUrl) -> Result { - Ok(Url::parse(&format!("{}/moderators", community_id))?.into()) -} - -/// Takes in a shortname of the type dessalines@xyz.tld or dessalines (assumed to be local), and outputs the actor id. -/// Used in the API for communities and users. -pub fn build_actor_id_from_shortname( - endpoint_type: EndpointType, - short_name: &str, - settings: &Settings, -) -> Result { - let split = short_name.split('@').collect::>(); - - let name = split[0]; - - // If there's no @, its local - let domain = if split.len() == 1 { - settings.get_protocol_and_hostname() - } else { - format!("{}://{}", settings.get_protocol_string(), split[1]) - }; - - generate_apub_endpoint_for_domain(endpoint_type, name, &domain) -} - -/// Store a sent or received activity in the database, for logging purposes. These records are not -/// persistent. -async fn insert_activity( - ap_id: &Url, - activity: T, - local: bool, - sensitive: bool, - pool: &DbPool, -) -> Result<(), LemmyError> -where - T: Serialize + std::fmt::Debug + Send + 'static, -{ - let ap_id = ap_id.to_owned().into(); - blocking(pool, move |conn| { - Activity::insert(conn, ap_id, &activity, local, sensitive) - }) - .await??; - Ok(()) +pub(crate) async fn local_site_data_cached( + pool: &mut DbPool<'_>, +) -> LemmyResult> { + static CACHE: Lazy>> = Lazy::new(|| { + Cache::builder() + .max_capacity(1) + .time_to_live(BLOCKLIST_CACHE_DURATION) + .build() + }); + Ok( + CACHE + .try_get_with((), async { + let (local_site, allowed_instances, blocked_instances) = + lemmy_db_schema::try_join_with_pool!(pool => ( + // LocalSite may be missing + |pool| async { + Ok(LocalSite::read(pool).await.ok()) + }, + Instance::allowlist, + Instance::blocklist + ))?; + + Ok::<_, diesel::result::Error>(Arc::new(LocalSiteData { + local_site, + allowed_instances, + blocked_instances, + })) + }) + .await?, + ) } -async fn check_community_or_site_ban( - person: &Person, - community_id: CommunityId, - pool: &DbPool, +pub(crate) async fn check_apub_id_valid_with_strictness( + apub_id: &Url, + is_strict: bool, + context: &LemmyContext, ) -> Result<(), LemmyError> { - if person.banned { - return Err(anyhow!("Person is banned from site").into()); - } - let person_id = person.id; - let is_banned = - move |conn: &'_ _| CommunityPersonBanView::get(conn, person_id, community_id).is_ok(); - if blocking(pool, is_banned).await? { - return Err(anyhow!("Person is banned from community").into()); + let domain = apub_id.domain().expect("apud id has domain").to_string(); + let local_instance = context + .settings() + .get_hostname_without_port() + .expect("local hostname is valid"); + if domain == local_instance { + return Ok(()); } + let local_site_data = local_site_data_cached(&mut context.pool()).await?; + check_apub_id_valid(apub_id, &local_site_data)?; + + // Only check allowlist if this is a community, and there are instances in the allowlist + if is_strict && !local_site_data.allowed_instances.is_empty() { + // need to allow this explicitly because apub receive might contain objects from our local + // instance. + let mut allowed_and_local = local_site_data + .allowed_instances + .iter() + .map(|i| i.domain.clone()) + .collect::>(); + let local_instance = context + .settings() + .get_hostname_without_port() + .expect("local hostname is valid"); + allowed_and_local.push(local_instance); + + let domain = apub_id.domain().expect("apud id has domain").to_string(); + if !allowed_and_local.contains(&domain) { + return Err(LemmyErrorType::FederationDisabledByStrictAllowList)?; + } + } Ok(()) } -pub(crate) async fn send_lemmy_activity( - context: &LemmyContext, - activity: &T, - activity_id: &Url, - actor: &dyn ActorType, - inboxes: Vec, - sensitive: bool, +/// Store received activities in the database. +/// +/// This ensures that the same activity doesnt get received and processed more than once, which +/// would be a waste of resources. +#[tracing::instrument(skip(data))] +async fn insert_received_activity( + ap_id: &Url, + data: &Data, ) -> Result<(), LemmyError> { - if !context.settings().federation.enabled || inboxes.is_empty() { - return Ok(()); - } - - info!("Sending activity {}", activity_id.to_string()); - - // Don't send anything to ourselves - // TODO: this should be a debug assert - let hostname = context.settings().get_hostname_without_port()?; - let inboxes: Vec<&Url> = inboxes - .iter() - .filter(|i| i.domain().expect("valid inbox url") != hostname) - .collect(); - - let serialised_activity = serde_json::to_string(&activity)?; + ReceivedActivity::create(&mut data.pool(), &ap_id.clone().into()).await?; + Ok(()) +} - insert_activity( - activity_id, - serialised_activity.clone(), - true, - sensitive, - context.pool(), - ) - .await?; +#[async_trait::async_trait] +pub trait SendActivity: Sync { + type Response: Sync + Send + Clone; - send_activity( - serialised_activity, - actor, - inboxes, - context.client(), - context.activity_queue(), - ) - .await + async fn send_activity( + _request: &Self, + _response: &Self::Response, + _context: &Data, + ) -> Result<(), LemmyError> { + Ok(()) + } }