feat: encryption_disabled config option

Can be used with ROCKET_ENCRYPTION_DISABLED=true
This commit is contained in:
timokoesters 2020-07-26 20:41:10 +02:00
parent 5a8705bd25
commit dc5fb7e33a
No known key found for this signature in database
GPG Key ID: 24DA7517711A2BA4
4 changed files with 18 additions and 0 deletions

View File

@ -1,6 +1,7 @@
[global]
server_name = "your.server.name"
#registration_disabled = true
#encryption_disabled = true
# Default path is in this user's data
#database_path = "/home/timo/MyConduitServer"
@ -8,6 +9,7 @@ server_name = "your.server.name"
port = 14004
address = "0.0.0.0"
# Not necessary when using a reverse proxy
#[global.tls]
#certs = "/etc/letsencrypt/live/your.server.name/fullchain.pem"
#key = "/etc/letsencrypt/live/your.server.name/privkey.pem"

View File

@ -1341,6 +1341,11 @@ pub fn create_room_route(
content,
} in &body.initial_state
{
// Silently skip encryption events if they are not allowed
if event_type == &EventType::RoomEncryption && db.globals.encryption_disabled() {
continue
}
db.rooms.append_pdu(
room_id.clone(),
user_id.clone(),

View File

@ -10,6 +10,7 @@ pub struct Globals {
reqwest_client: reqwest::Client,
server_name: Box<ServerName>,
registration_disabled: bool,
encryption_disabled: bool,
}
impl Globals {
@ -33,6 +34,7 @@ impl Globals {
.try_into()
.map_err(|_| Error::BadConfig("Invalid server name found."))?,
registration_disabled: config.get_bool("registration_disabled").unwrap_or(false),
encryption_disabled: config.get_bool("encryption_disabled").unwrap_or(false),
})
}
@ -70,4 +72,8 @@ impl Globals {
pub fn registration_disabled(&self) -> bool {
self.registration_disabled
}
pub fn encryption_disabled(&self) -> bool {
self.encryption_disabled
}
}

View File

@ -319,7 +319,12 @@ impl Rooms {
Some,
);
// Is the event allowed?
if !match event_type {
EventType::RoomEncryption => {
// Don't allow encryption events when it's disabled
!globals.encryption_disabled()
}
EventType::RoomMember => {
let target_user_id = UserId::try_from(&**state_key).map_err(|_| {
Error::BadRequest(