crappyrules
/
conduit
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

improvement: warning on misconfigured reverse proxy

merge-requests/65/head
Timo Kösters 5 years ago
parent
026af6b1a6
commit
226045ea4b
No known key found for this signature in database
GPG Key ID: 24DA7517711A2BA4
3 changed files with 10 additions and 6 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 5
      src/database/globals.rs
  2. 9
      src/ruma_wrapper.rs
  3. 2
      src/server_server.rs

5
src/database/globals.rs
Unescape View File

@ -52,7 +52,10 @@ impl ServerCertVerifier for MatrixServerVerifier { @@ -52,7 +52,10 @@ impl ServerCertVerifier for MatrixServerVerifier {
if result.is_ok() {
return result;
}
info!("Server {:?} is non-compliant, retrying TLS verification with original name", dns_name);
info!(
"Server {:?} is non-compliant, retrying TLS verification with original name",
dns_name
);
}
self.inner
.verify_server_cert(roots, presented_certs, dns_name, ocsp_response)

9
src/ruma_wrapper.rs
Unescape View File

@ -203,9 +203,6 @@ where @@ -203,9 +203,6 @@ where
"uri".to_owned(),
CanonicalJsonValue::String(request.uri().to_string()),
);
println!("{}: {:?}", origin, request.uri().to_string());
request_map.insert(
"origin".to_owned(),
CanonicalJsonValue::String(origin.as_str().to_owned()),
@ -252,7 +249,11 @@ where @@ -252,7 +249,11 @@ where
match ruma::signatures::verify_json(&pub_key_map, &request_map) {
Ok(()) => (None, None, false),
Err(e) => {
warn!("Failed to verify json request from {}: {}", origin, e,);
warn!("Failed to verify json request from {}: {}", origin, e);
if request.uri().to_string().contains('@') {
warn!("Request uri contained '@' character. Make sure your reverse proxy gives Conduit the raw uri (apache: use nocanon)");
}
// Forbidden
return Failure((Status::raw(580), ()));

2
src/server_server.rs
Unescape View File

@ -2201,7 +2201,7 @@ pub async fn fetch_required_signing_keys( @@ -2201,7 +2201,7 @@ pub async fn fetch_required_signing_keys(
#[cfg(test)]
mod tests {
use super::{FedDest, add_port_to_hostname, get_ip_with_port};
use super::{add_port_to_hostname, get_ip_with_port, FedDest};
#[test]
fn ips_get_default_ports() {

Write Preview
Loading…
Cancel
Save