mirrors/pleroma
1
0
Fork 0
mirror of https://git.pleroma.social/pleroma/pleroma.git synced 2024-12-22 16:16:34 +00:00
Code Issues Projects Releases Wiki Activity
16830 commits 262 branches 60 tags 344 MiB
Commit graph

9979 commits

Author SHA1 Message Date
Mark Felder
21bf229731 Reduce LDAP timeouts 
10 seconds is way too long for any login attempt or search result. LDAP should always be fast.
 2024-09-17 13:43:22 -04:00
Mark Felder
363b462c54 Make the email attribute configurable 
While here, fix the System.get_env usage to use the normal fallback value method and improve the UID label description
 2024-09-17 13:40:15 -04:00
Mark Felder
a1972d57e3 Link the eldap connection process 
Ensure if LDAP GenServer crashes it gets cleaned up, and we should crash and restart if somehow the eldap connection process crashes unexpectedly as we can't seem to receive any DOWN messages from it, etc.
 2024-09-17 13:40:15 -04:00
Mark Felder
164ffbcab8 Fix return value when not doing STARTTLS 2024-09-17 13:40:15 -04:00
Mark Felder
d0ee899ab9 Only close connection if it is not nil 2024-09-17 13:40:15 -04:00
Mark Felder
123093a186 Ensure :ssl is started before we attempt to make the LDAP connection 2024-09-17 13:40:15 -04:00
Mark Felder
65a7b387c3 Require a reboot if LDAP configuration changes 2024-09-17 13:40:15 -04:00
Mark Felder
7c04098dde Catchall for when LDAP is not enabled 2024-09-17 13:40:15 -04:00
Mark Felder
ead287d623 Credo 2024-09-17 13:40:08 -04:00
Mark Felder
9264b21907 Pleroma.LDAP 
This adds a GenServer which will keep an LDAP connection open and auto reconnect on failure with a 5 second wait between retries. Another benefit is this prevents parsing the Root CAs for every login attempt as we only need to do it once per connection.
 2024-09-17 13:40:08 -04:00
Mark Felder
e24e107f3d Merge remote-tracking branch 'origin/develop' into retry-tests 2024-09-16 11:51:22 -04:00
feld
3a0d4e9837 Merge branch 'ldap-tls' into 'develop' 
LDAP: permit overriding the CA root, improve SSL/TLS

See merge request pleroma/pleroma!4265
 2024-09-16 15:50:58 +00:00
Mark Felder
e59706c201 Reapply "Custom mix task to retry failed tests once in CI pipeline" 
This reverts commit b281ad06de.
 2024-09-16 11:42:55 -04:00
marcin mikołajczak
e74e0089bf Repesct :restrict_unauthenticated for hashtag rss/atom feeds 
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
 2024-09-16 17:19:21 +02:00
Mark Felder
91d1d7260b Retain the try do so an LDAP failure can fall back to local database. 
This fixes tests but the automatic fallback may not be well documented behavior.
 2024-09-15 23:18:18 -04:00
Mark Felder
af3bf8a462 Support implicit TLS connections 
Update docs to clarify that the :ssl option is also for modern TLS, but the :tls option is only for STARTTLS

These options may benefit from being renamed but they match upstream terminology.
 2024-09-15 14:00:19 -04:00
marcin mikołajczak
8250a9764e Merge branch 'notifications-group-key' into 'develop' 
Add `group_key` to notifications

See merge request pleroma/pleroma!4262
 2024-09-15 10:07:52 +00:00
Mark Felder
5539fea3bb LDAP: permit overriding the CA root 2024-09-14 20:36:24 -04:00
marcin mikołajczak
1a120d0130 Federate avatar/header descriptions 
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
 2024-09-14 21:32:32 +02:00
marcin mikołajczak
c1a1150888 Merge branch 'profile-image-descriptions' into 'develop' 
Allow providing avatar/header descriptions

See merge request pleroma/pleroma!4227
 2024-09-14 17:46:33 +00:00
marcin mikołajczak
0111659a1f Merge branch 'list-id-visibility' into 'develop' 
Include list id in StatusView

See merge request pleroma/pleroma!4246
 2024-09-14 17:46:09 +00:00
marcin mikołajczak
17b69c43d5 Add group_key to notifications 
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
 2024-09-12 14:37:37 +02:00
Mark Felder
7def11d7c3 LDAP Auth: fix TLS certificate verification 
Currently we only support STARTTLS and it was not verifying certificate and hostname correctly. We must pass a custom fqdn_fun/1 function so it knows what value to compare against.
 2024-09-11 12:47:46 -04:00
Mint
9de522ce50 Authentication: convert argon2 passwords, add tests 2024-09-08 05:32:40 +03:00
marcin mikołajczak
c9b28eaf9a Argon2 password support 2024-09-08 05:23:46 +03:00
feld
bb0cb06d8a Merge branch 'well-known' into 'develop' 
NodeInfo: Accept application/activity+json requests

See merge request pleroma/pleroma!4242
 2024-09-06 16:30:07 +00:00
feld
80f3e507d4 Merge branch 'dialyzer' into 'develop' 
Dialyzer fixes

See merge request pleroma/pleroma!4254
 2024-09-06 16:12:28 +00:00
Mark Felder
06ce5e3b43 Dialyzer: pattern_match The pattern can never match the type {:diff, false}. 2024-09-06 11:27:07 -04:00
Mark Felder
1d0e3b1355 Dialyzer: The pattern variable _ can never match the type, because it is covered by previous clauses. 2024-09-06 11:24:37 -04:00
Mark Felder
06d6febff9 Dialyzer: The pattern variable _e@1 can never match the type, because it is covered by previous clauses. 2024-09-06 11:19:24 -04:00
Mark Felder
7eb579c191 Dialyzer: invalid contract 2024-09-06 11:18:12 -04:00
Mark Felder
bc16f09d7b Dialyzer: the pattern can never match the type 
The original error was for the chat controller:

lib/pleroma/web/pleroma_api/controllers/chat_controller.ex:104:pattern_match The pattern can never match the type {:error, :content_too_long | :forbidden | :no_content | :not_found} | {:user, nil}.

Improve typespecs for the Pipeline and apply them where it could be encountered
 2024-09-06 11:12:15 -04:00
Mark Felder
fc3ea94a1c Dialyzer: the pattern can never match the type 2024-09-06 09:58:03 -04:00
Mark Felder
a887188890 Oban: more unique job constraints 2024-09-06 09:42:53 -04:00
feld
2c916ccd89 Merge branch 'following-state-bug' into 'develop' 
Fix Following status bug

See merge request pleroma/pleroma!4251
 2024-09-06 13:27:06 +00:00
Mark Felder
1797f5958a App orphans should only be removed if they are older than 15 mins 2024-09-05 20:55:28 +00:00
Mark Felder
4d76692db3 Fix Following status bug 2024-09-05 16:14:13 -04:00
Mark Felder
53744bf146 Limit the number of orphaned to delete at 100 every 10 mins due to the cascading queries that have to check oauth_authorizations and oauth_tokens tables. 
This should keep ahead of most app registration spam and not overwhelm lower powered servers.
 2024-09-04 11:45:05 -04:00
Mark Felder
a1951f3af7 Add Cron worker to clean up orphaned apps hourly 2024-09-04 10:59:58 -04:00
Mark Felder
7bd0750787 Ensure apps are assigned to users 2024-09-04 10:40:37 -04:00
Mark Felder
427da7a99a Rate Limit the OAuth App spam 2024-09-04 09:22:58 -04:00
feld
92d5f0ac14 Revert "Merge branch 'oauth-app-spam' into 'develop'" 
This reverts merge request !4244
 2024-09-04 02:22:25 +00:00
marcin mikołajczak
6d5ae4d2e9 Include list id in StatusView 
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
 2024-09-03 15:17:45 +02:00
feld
9077d0925b Merge branch 'oauth-app-spam' into 'develop' 
Fix OAuth app spam

See merge request pleroma/pleroma!4244
 2024-09-01 18:24:06 +00:00
feld
61e4be396f Merge branch 'drop-unknown-deletes' into 'develop' 
Drop unwanted activities from unknown actors

See merge request pleroma/pleroma!4236
 2024-09-01 18:08:07 +00:00
Mark Felder
751d63d4bb Support OAuth App updating the website URL 2024-09-01 13:55:45 -04:00
Mark Felder
5a1144208d Prevent OAuth App flow from creating duplicate entries 2024-09-01 12:27:16 -04:00
Mark Felder
4ae17c6294 NodeInfo: Accept application/activity+json requests 2024-08-30 15:25:21 -04:00
Mark Felder
11ee94ae17 InboxGuardPlug: Add early rejection of unknown activity types 2024-08-30 10:05:09 -04:00
Mark Felder
e38f5f1a81 Add recognized activity types to a constant and use it in the test 2024-08-30 09:47:45 -04:00
feld
5205e846eb Update allowed activity types from strangers 
Move is emitted from the old account
EmojiReact is ~ Like
Announced TBD
 2024-08-30 09:30:33 -04:00
Mark Felder
990b2058df Remove unnecessary error match in ReceiverWorker 2024-08-29 16:05:40 -04:00
Mark Felder
e2cdae2c88 Change relay inbox response when not federating to a 403 for consistency 2024-08-29 16:05:40 -04:00
Mark Felder
16a9b34876 Convert to an Plug called InboxGuard 2024-08-29 16:05:36 -04:00
Mark Felder
06deacd58e Formatting 2024-08-29 11:59:42 -04:00
feld
27fcc42171 Use Pleroma.Object.Containment.get_actor/1 to reliably find the actor of an incoming activity or object 2024-08-29 11:59:42 -04:00
Mark Felder
1c394dd18c Move the check to the inbox 2024-08-29 11:59:42 -04:00
Mark Felder
4bc6f334f4 Revert unintentional change 2024-08-29 11:59:42 -04:00
Mark Felder
ceffb8a891 Drop incoming Delete activities from unknown actors 2024-08-29 11:59:42 -04:00
feld
62856ab18f Merge branch 'todo-fixes' into 'develop' 
Clean up Elixir 1.13 TODOs

See merge request pleroma/pleroma!4233
 2024-08-29 15:27:53 +00:00
Mark Felder
b5814dc9b3 Merge remote-tracking branch 'origin/develop' into todo-fixes 2024-08-29 11:01:02 -04:00
feld
8d07034608 Merge branch 'pleroma-http-stream' into 'develop' 
Pleroma.HTTP: support streaming response bodies

See merge request pleroma/pleroma!4239
 2024-08-29 14:54:01 +00:00
Mark Felder
c17a78c55a Rich Media: add stream byte counting as an extra protection against malicious URLs 2024-08-29 09:37:11 -04:00
Mark Felder
8ab4dd20df Update comments, remove solved TODO 2024-08-28 19:52:29 -04:00
Mark Felder
0bf82a1745 Add an AdapterHelper for Finch so we can support streaming request bodies 2024-08-28 19:50:51 -04:00
Mark Felder
1821ef4f15 Move user active check into Federator.perform/1 2024-08-28 18:35:09 -04:00
Mark Felder
8a3efa7152 More error annotations 2024-08-28 18:02:35 -04:00
Mark Felder
c5ca806aa0 Add back one of the duplicate checks to fix a test, document where it comes from 2024-08-28 17:57:34 -04:00
Mark Felder
380a6a6df3 :validate_object is not a real error returned from anywhere 2024-08-28 17:45:31 -04:00
Mark Felder
2346807ac9 Annotate error cases 2024-08-28 17:44:33 -04:00
Mark Felder
6ae629cfe0 Cancel ReceiverWorker jobs if the user account has been disabled / deactivated 2024-08-28 17:24:59 -04:00
Mark Felder
fc450fdefc ReceiverWorker: cancel job if user fetch is forbidden 
An instance block with authenticated fetch being required can cause this as we couldn't get the user to find their public key to verify the signature. Commonly observed if someone boosts/Announces a post from an instance that blocked you.
 2024-08-28 15:45:16 -04:00
Mark Felder
0804b73c0a This error is not returned by Tesla 
Upstream has a bug filed for this as they aren't handling this error internally, so it was raising
 2024-08-27 22:08:31 -04:00
Mark Felder
44901502ff Fix incorrect identifier for the with statement 2024-08-27 21:56:02 -04:00
Mark Felder
116fe77b77 Tesla.Middleware.Timeout breaks streaming bodies 
These are executed by Oban now and Oban can enforce the timeout if the regular HTTP timeout is not sufficient.
 2024-08-27 21:55:07 -04:00
Mark Felder
0a86d2b3ac Handle streaming response errors 2024-08-27 21:22:59 -04:00
Mark Felder
ec8db9d4ee RichMedia: skip the HTTP HEAD request for adapters that support streaming the response body 2024-08-27 21:09:15 -04:00
Mark Felder
bb279c2802 Pleroma.HTTP add AdapterHelper.can_stream? to assist with discovering if the current adapter supports returning a Stream body 2024-08-27 21:08:25 -04:00
Mark Felder
5f6506d864 Pleroma.HTTP: option stream: true will return a stream as the body for Gun adapter 2024-08-27 20:39:32 -04:00
Mark Felder
39108c5f12 Remove unnecessary re-fetch of the actor 2024-08-22 13:43:01 -04:00
Mark Felder
a9aa810d3d Change imports to generate an Oban job per each task 2024-08-22 13:24:07 -04:00
Mark Felder
649e51b581 Fix Oban jobs for imports 2024-08-22 11:35:55 -04:00
Mark Felder
e65555e8c5 Remove workaround for URI.merge bug on nil fields before Elixir 1.13 
https://github.com/elixir-lang/elixir/issues/10771
 2024-08-21 15:11:42 -04:00
Mark Felder
010edcbcb5 Use Map.filter now that minimum Elixir version is 1.13 2024-08-21 14:50:19 -04:00
feld
08a444f6c3 Merge branch 'reachability' into 'develop' 
Fix reachability based on results of publishing attempts

See merge request pleroma/pleroma!4231
 2024-08-19 16:49:08 +00:00
Mark Felder
1b8141b506 Address case where instance reachability status couldn't be updated 2024-08-19 11:12:28 -04:00
Mark Felder
089fa4d146 Improve Remote Object Fetcher error handling, Oban 2024-08-17 20:42:33 -04:00
marcin mikołajczak
3498662712 Move new fields to pleroma object 
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
 2024-08-17 19:59:39 +02:00
marcin mikołajczak
c802f3b7f6 Validate media description length 
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
 2024-08-17 19:58:32 +02:00
marcin mikołajczak
855c5a234f Update docs 
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
 2024-08-17 17:06:39 +02:00
marcin mikołajczak
681765669c Add test for avatar description 
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
 2024-08-17 17:02:44 +02:00
marcin mikołajczak
71ef9f9519 Allow providing avatar/header descriptions 
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
 2024-08-17 16:36:27 +02:00
feld
fcf9ad5573 Merge branch 'bugfix-truncate-remote-user-fields' into 'develop' 
User: truncate remote user fields instead of rejecting

See merge request pleroma/pleroma!4220
 2024-08-16 00:37:10 +00:00
marcin mikołajczak
8cd8cea3fb Fix 'Setting a marker should mark notifications as read' 
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
 2024-08-14 19:28:11 +02:00
Haelwenn (lanodan) Monnier
3b1e6ac8f0
User: truncate remote user fields instead of rejecting 2024-08-14 18:09:13 +02:00
feld
5174c29d4c Merge branch 'fix-random-test-errors' into 'develop' 
Fix random test failures, revert auto-retry failed tests

See merge request pleroma/pleroma!4221
 2024-08-13 20:16:09 +00:00
Mark Felder
b281ad06de Revert "Custom mix task to retry failed tests once in CI pipeline" 
This reverts commit ed2976b237.
 2024-08-13 15:49:04 -04:00
Mark Felder
2ba5ad8eb5 MRF cleanup 
MRFs written over time have been inconsistent with the terminology of what is being processed. MRFs work on Activities, but generally we always named the assignments "message" or "object" which is really confusing when trying to debug or write tests.
 2024-08-13 14:22:41 -04:00
Mark Felder
b0c64945c2 MRF.FODirectReply: use Visibility module to verify the scope 2024-08-12 20:18:02 -04:00
feld
4e7928c985 Merge branch 'followers-only-reply-direct-mrf' into 'develop' 
MRF.FODirectReply

See merge request pleroma/pleroma!4091
 2024-08-12 21:46:45 +00:00