diff --git a/Cargo.toml b/Cargo.toml index d99e646..e78eac3 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -75,8 +75,8 @@ axum-macros = "0.3.7" tokio = { version = "1.21.2", features = ["full"] } [profile.dev] -strip = "symbols" -debug = 0 +#strip = "symbols" +#debug = 0 [[example]] name = "local_federation" diff --git a/examples/local_federation/instance.rs b/examples/local_federation/instance.rs index 51311e3..5a9794c 100644 --- a/examples/local_federation/instance.rs +++ b/examples/local_federation/instance.rs @@ -49,9 +49,9 @@ struct MyUrlVerifier(); #[async_trait] impl UrlVerifier for MyUrlVerifier { - async fn verify(&self, url: &Url) -> Result<(), &'static str> { + async fn verify(&self, url: &Url) -> Result<(), anyhow::Error> { if url.domain() == Some("malicious.com") { - Err("malicious domain") + Err(anyhow!("malicious domain")) } else { Ok(()) } diff --git a/src/config.rs b/src/config.rs index bd817fa..29ac968 100644 --- a/src/config.rs +++ b/src/config.rs @@ -21,7 +21,7 @@ use crate::{ protocol::verification::verify_domains_match, traits::{ActivityHandler, Actor}, }; -use anyhow::Context; +use anyhow::{anyhow, Context}; use async_trait::async_trait; use derive_builder::Builder; use dyn_clone::{clone_trait_object, DynClone}; @@ -115,7 +115,7 @@ impl FederationConfig { self.verify_url_valid(activity.id()).await?; if self.is_local_url(activity.id()) { return Err(Error::UrlVerificationError( - "Activity was sent from local instance", + anyhow!("Activity was sent from local instance"), )); } @@ -140,11 +140,11 @@ impl FederationConfig { "http" => { if !self.allow_http_urls { return Err(Error::UrlVerificationError( - "Http urls are only allowed in debug mode", + anyhow!("Http urls are only allowed in debug mode"), )); } } - _ => return Err(Error::UrlVerificationError("Invalid url scheme")), + _ => return Err(Error::UrlVerificationError(anyhow!("Invalid url scheme"))), }; // Urls which use our local domain are not a security risk, no further verification needed @@ -153,12 +153,12 @@ impl FederationConfig { } if url.domain().is_none() { - return Err(Error::UrlVerificationError("Url must have a domain")); + return Err(Error::UrlVerificationError(anyhow!("Url must have a domain"))); } if url.domain() == Some("localhost") && !self.debug { return Err(Error::UrlVerificationError( - "Localhost is only allowed in debug mode", + anyhow!("Localhost is only allowed in debug mode"), )); } @@ -258,6 +258,7 @@ impl Deref for FederationConfig { /// # use async_trait::async_trait; /// # use url::Url; /// # use activitypub_federation::config::UrlVerifier; +/// # use anyhow::anyhow; /// # #[derive(Clone)] /// # struct DatabaseConnection(); /// # async fn get_blocklist(_: &DatabaseConnection) -> Vec { @@ -270,11 +271,11 @@ impl Deref for FederationConfig { /// /// #[async_trait] /// impl UrlVerifier for Verifier { -/// async fn verify(&self, url: &Url) -> Result<(), &'static str> { +/// async fn verify(&self, url: &Url) -> Result<(), anyhow::Error> { /// let blocklist = get_blocklist(&self.db_connection).await; /// let domain = url.domain().unwrap().to_string(); /// if blocklist.contains(&domain) { -/// Err("Domain is blocked") +/// Err(anyhow!("Domain is blocked")) /// } else { /// Ok(()) /// } @@ -284,7 +285,7 @@ impl Deref for FederationConfig { #[async_trait] pub trait UrlVerifier: DynClone + Send { /// Should return Ok iff the given url is valid for processing. - async fn verify(&self, url: &Url) -> Result<(), &'static str>; + async fn verify(&self, url: &Url) -> Result<(), anyhow::Error>; } /// Default URL verifier which does nothing. @@ -293,7 +294,7 @@ struct DefaultUrlVerifier(); #[async_trait] impl UrlVerifier for DefaultUrlVerifier { - async fn verify(&self, _url: &Url) -> Result<(), &'static str> { + async fn verify(&self, _url: &Url) -> Result<(), anyhow::Error> { Ok(()) } } diff --git a/src/error.rs b/src/error.rs index 22b0401..91de96a 100644 --- a/src/error.rs +++ b/src/error.rs @@ -16,8 +16,8 @@ pub enum Error { #[error("Object to be fetched was deleted")] ObjectDeleted, /// url verification error - #[error("{0}")] - UrlVerificationError(&'static str), + #[error("URL failed verification: {0}")] + UrlVerificationError(anyhow::Error), /// Incoming activity has invalid digest for body #[error("Incoming activity has invalid digest for body")] ActivityBodyDigestInvalid, diff --git a/src/protocol/verification.rs b/src/protocol/verification.rs index 18595b9..ed4be30 100644 --- a/src/protocol/verification.rs +++ b/src/protocol/verification.rs @@ -1,6 +1,7 @@ //! Verify that received data is valid -use crate::error::Error; +use anyhow::anyhow; +use crate::error::{Error}; use url::Url; /// Check that both urls have the same domain. If not, return UrlVerificationError. @@ -15,7 +16,7 @@ use url::Url; /// ``` pub fn verify_domains_match(a: &Url, b: &Url) -> Result<(), Error> { if a.domain() != b.domain() { - return Err(Error::UrlVerificationError("Domains do not match")); + return Err(Error::UrlVerificationError(anyhow!("Domains do not match"))); } Ok(()) } @@ -32,7 +33,7 @@ pub fn verify_domains_match(a: &Url, b: &Url) -> Result<(), Error> { /// ``` pub fn verify_urls_match(a: &Url, b: &Url) -> Result<(), Error> { if a != b { - return Err(Error::UrlVerificationError("Urls do not match")); + return Err(Error::UrlVerificationError(anyhow!("Urls do not match"))); } Ok(()) }