feat: federation disabled by default

It can be enable in the Rocket.toml config or using ROCKET_FEDERATION_ENABLED=true
This commit is contained in:
Timo Kösters 2020-10-06 21:04:51 +02:00
parent c15ae3c126
commit 6afc4c9b3e
No known key found for this signature in database
GPG Key ID: 24DA7517711A2BA4
5 changed files with 50 additions and 1 deletions

View File

@ -27,7 +27,10 @@ Environment="ROCKET_SERVER_NAME=YOURSERVERNAME.HERE" # EDIT THIS
Environment="ROCKET_PORT=14004" # Reverse proxy port
#Environment="ROCKET_MAX_REQUEST_SIZE=20000000" # in bytes
#Environment="ROCKET_REGISTRATION_DISABLED=true"
#Environment="ROCKET_ENCRYPTION_DISABLED=true"
#Environment="ROCKET_FEDERATION_ENABLED=true"
#Environment="ROCKET_LOG=normal" # Detailed logging
Environment="ROCKET_ENV=production"

View File

@ -16,6 +16,8 @@ port = 14004
# Note: existing rooms will continue to work
#encryption_disabled = true
#federation_enabled = true
# Default path is in this user's data
#database_path = "/home/timo/MyConduitServer"

View File

@ -31,6 +31,7 @@ services:
# ROCKET_PORT: 8000
# ROCKET_REGISTRATION_DISABLED: 'true'
# ROCKET_ENCRYPTION_DISABLED: 'true'
# ROCKET_FEDERATION_ENABLED: 'true'
# ROCKET_DATABASE_PATH: /srv/conduit/.local/share/conduit
# ROCKET_WORKERS: 10
# ROCKET_MAX_REQUEST_SIZE: 20_000_000 # in bytes, ~20 MB

View File

@ -14,6 +14,7 @@ pub struct Globals {
max_request_size: u32,
registration_disabled: bool,
encryption_disabled: bool,
federation_enabled: bool,
}
impl Globals {
@ -69,6 +70,7 @@ impl Globals {
.map_err(|_| Error::BadConfig("Invalid max_request_size."))?,
registration_disabled: config.get_bool("registration_disabled").unwrap_or(false),
encryption_disabled: config.get_bool("encryption_disabled").unwrap_or(false),
federation_enabled: config.get_bool("federation_enabled").unwrap_or(false),
})
}
@ -114,4 +116,8 @@ impl Globals {
pub fn encryption_disabled(&self) -> bool {
self.encryption_disabled
}
pub fn federation_enabled(&self) -> bool {
self.federation_enabled
}
}

View File

@ -57,6 +57,10 @@ pub async fn send_request<T: OutgoingRequest>(
where
T: Debug,
{
if !globals.federation_enabled() {
return Err(Error::BadConfig("Federation is disabled."));
}
let resolver = AsyncResolver::tokio_from_system_conf()
.await
.map_err(|_| Error::BadConfig("Failed to set up trust dns resolver with system config."))?;
@ -204,7 +208,11 @@ where
}
#[cfg_attr(feature = "conduit_bin", get("/_matrix/federation/v1/version"))]
pub fn get_server_version() -> ConduitResult<get_server_version::Response> {
pub fn get_server_version(db: State<'_, Database>) -> ConduitResult<get_server_version::Response> {
if !db.globals.federation_enabled() {
return Err(Error::BadConfig("Federation is disabled."));
}
Ok(get_server_version::Response {
server: Some(get_server_version::Server {
name: Some("Conduit".to_owned()),
@ -216,6 +224,11 @@ pub fn get_server_version() -> ConduitResult<get_server_version::Response> {
#[cfg_attr(feature = "conduit_bin", get("/_matrix/key/v2/server"))]
pub fn get_server_keys(db: State<'_, Database>) -> Json<String> {
if !db.globals.federation_enabled() {
// TODO: Use proper types
return Json("Federation is disabled.".to_owned());
}
let mut verify_keys = BTreeMap::new();
verify_keys.insert(
format!("ed25519:{}", db.globals.keypair().version()),
@ -259,6 +272,10 @@ pub async fn get_public_rooms_filtered_route(
db: State<'_, Database>,
body: Ruma<get_public_rooms_filtered::v1::Request<'_>>,
) -> ConduitResult<get_public_rooms_filtered::v1::Response> {
if !db.globals.federation_enabled() {
return Err(Error::BadConfig("Federation is disabled."));
}
let response = client_server::get_public_rooms_filtered_helper(
&db,
None,
@ -302,6 +319,10 @@ pub async fn get_public_rooms_route(
db: State<'_, Database>,
body: Ruma<get_public_rooms::v1::Request<'_>>,
) -> ConduitResult<get_public_rooms::v1::Response> {
if !db.globals.federation_enabled() {
return Err(Error::BadConfig("Federation is disabled."));
}
let response = client_server::get_public_rooms_filtered_helper(
&db,
None,
@ -345,6 +366,10 @@ pub fn send_transaction_message_route<'a>(
db: State<'a, Database>,
body: Ruma<send_transaction_message::v1::Request<'_>>,
) -> ConduitResult<send_transaction_message::v1::Response> {
if !db.globals.federation_enabled() {
return Err(Error::BadConfig("Federation is disabled."));
}
//dbg!(&*body);
for pdu in &body.pdus {
let mut value = serde_json::from_str(pdu.json().get())
@ -384,6 +409,10 @@ pub fn get_missing_events_route<'a>(
db: State<'a, Database>,
body: Ruma<get_missing_events::v1::Request<'_>>,
) -> ConduitResult<get_missing_events::v1::Response> {
if !db.globals.federation_enabled() {
return Err(Error::BadConfig("Federation is disabled."));
}
let mut queued_events = body.latest_events.clone();
let mut events = Vec::new();
@ -427,6 +456,10 @@ pub fn get_profile_information_route<'a>(
db: State<'a, Database>,
body: Ruma<get_profile_information::v1::Request<'_>>,
) -> ConduitResult<get_profile_information::v1::Response> {
if !db.globals.federation_enabled() {
return Err(Error::BadConfig("Federation is disabled."));
}
let mut displayname = None;
let mut avatar_url = None;
@ -455,6 +488,10 @@ pub fn get_user_devices_route<'a>(
db: State<'a, Database>,
body: Ruma<membership::v1::Request<'_>>,
) -> ConduitResult<get_profile_information::v1::Response> {
if !db.globals.federation_enabled() {
return Err(Error::BadConfig("Federation is disabled."));
}
let mut displayname = None;
let mut avatar_url = None;