mirror of
https://git.asonix.dog/asonix/relay.git
synced 2024-12-29 22:00:31 +00:00
Apply patch from perallamint on github
Temporary fix: allow signing bypass for 410 gone actors DIRTY FIX: implement sigcheck_bypass for 410'ing actors
This commit is contained in:
parent
178d23bcbd
commit
886c7d0ac6
3 changed files with 33 additions and 7 deletions
|
@ -26,6 +26,10 @@ impl Error {
|
||||||
pub(crate) fn is_bad_request(&self) -> bool {
|
pub(crate) fn is_bad_request(&self) -> bool {
|
||||||
matches!(self.kind, ErrorKind::Status(_, StatusCode::BAD_REQUEST))
|
matches!(self.kind, ErrorKind::Status(_, StatusCode::BAD_REQUEST))
|
||||||
}
|
}
|
||||||
|
|
||||||
|
pub(crate) fn is_gone(&self) -> bool {
|
||||||
|
matches!(self.kind, ErrorKind::Status(_, StatusCode::GONE))
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
impl std::fmt::Debug for Error {
|
impl std::fmt::Debug for Error {
|
||||||
|
|
|
@ -65,11 +65,21 @@ impl MyVerify {
|
||||||
|
|
||||||
actor_id
|
actor_id
|
||||||
} else {
|
} else {
|
||||||
self.0
|
match self
|
||||||
|
.0
|
||||||
.fetch::<PublicKeyResponse>(public_key_id.as_str())
|
.fetch::<PublicKeyResponse>(public_key_id.as_str())
|
||||||
.await?
|
.await
|
||||||
.actor_id()
|
{
|
||||||
.ok_or(ErrorKind::MissingId)?
|
Ok(res) => res.actor_id().ok_or(ErrorKind::MissingId),
|
||||||
|
Err(e) => {
|
||||||
|
if e.is_gone() {
|
||||||
|
tracing::warn!("Actor gone: {}, trusting it for now.", public_key_id);
|
||||||
|
return Ok(true);
|
||||||
|
} else {
|
||||||
|
return Err(e);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}?
|
||||||
};
|
};
|
||||||
|
|
||||||
// Previously we verified the sig from an actor's local cache
|
// Previously we verified the sig from an actor's local cache
|
||||||
|
|
|
@ -27,14 +27,26 @@ pub(crate) async fn route(
|
||||||
verified: Option<(SignatureVerified, DigestVerified)>,
|
verified: Option<(SignatureVerified, DigestVerified)>,
|
||||||
) -> Result<HttpResponse, Error> {
|
) -> Result<HttpResponse, Error> {
|
||||||
let input = input.into_inner();
|
let input = input.into_inner();
|
||||||
|
println!("ActivityActor: {:?}", input);
|
||||||
|
|
||||||
let actor = actors
|
let actor = match actors
|
||||||
.get(
|
.get(
|
||||||
input.actor()?.as_single_id().ok_or(ErrorKind::MissingId)?,
|
input.actor()?.as_single_id().ok_or(ErrorKind::MissingId)?,
|
||||||
&client,
|
&client,
|
||||||
)
|
)
|
||||||
.await?
|
.await
|
||||||
.into_inner();
|
{
|
||||||
|
Ok(actor) => actor.into_inner(),
|
||||||
|
Err(e) => {
|
||||||
|
// Eat up the message if actor is 410 and message is delete
|
||||||
|
let kind = input.kind().ok_or(ErrorKind::MissingKind)?;
|
||||||
|
if e.is_gone() && *kind == ValidTypes::Delete {
|
||||||
|
return Ok(accepted(serde_json::json!({})));
|
||||||
|
} else {
|
||||||
|
return Err(e);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
let is_allowed = state.db.is_allowed(actor.id.clone()).await?;
|
let is_allowed = state.db.is_allowed(actor.id.clone()).await?;
|
||||||
let is_connected = state.db.is_connected(actor.id.clone()).await?;
|
let is_connected = state.db.is_connected(actor.id.clone()).await?;
|
||||||
|
|
Loading…
Reference in a new issue