crappyrules
/
conduit
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

merge into: crappyrules:next
Branches Tags
crappyrules:169-database-size-seems-very-large
crappyrules:DevinR528/conduit-sendtxn
crappyrules:add-vscode-extension-suggestions
crappyrules:admin-command-for-cache-memory-usage
crappyrules:caches
crappyrules:ci-use-sccache
crappyrules:correct-sendtxn
crappyrules:destination-cache
crappyrules:docs-overhaul
crappyrules:docs-the-second
crappyrules:lesscache
crappyrules:locks
crappyrules:master
crappyrules:measure-cache-memory-usage
crappyrules:member-reason
crappyrules:multiarch-docker-support
crappyrules:next
crappyrules:nyaaori/older-room-versions
crappyrules:perf
crappyrules:pushers-rebased
crappyrules:rocksdb
crappyrules:ruma
crappyrules:ruma-client
crappyrules:serve-element-web
crappyrules:serve-well-known
crappyrules:stablecrosssigning
crappyrules:state-res-closure-rebased
crappyrules:state-res-perf
crappyrules:timo
crappyrules:unbeatable-101-next-patch-64009
crappyrules:up-ruma
...
pull from: crappyrules:member-reason
Branches Tags
crappyrules:169-database-size-seems-very-large
crappyrules:DevinR528/conduit-sendtxn
crappyrules:add-vscode-extension-suggestions
crappyrules:admin-command-for-cache-memory-usage
crappyrules:caches
crappyrules:ci-use-sccache
crappyrules:correct-sendtxn
crappyrules:destination-cache
crappyrules:docs-overhaul
crappyrules:docs-the-second
crappyrules:lesscache
crappyrules:locks
crappyrules:master
crappyrules:measure-cache-memory-usage
crappyrules:member-reason
crappyrules:multiarch-docker-support
crappyrules:next
crappyrules:nyaaori/older-room-versions
crappyrules:perf
crappyrules:pushers-rebased
crappyrules:rocksdb
crappyrules:ruma
crappyrules:ruma-client
crappyrules:serve-element-web
crappyrules:serve-well-known
crappyrules:stablecrosssigning
crappyrules:state-res-closure-rebased
crappyrules:state-res-perf
crappyrules:timo
crappyrules:unbeatable-101-next-patch-64009
crappyrules:up-ruma

5 Commits
next ... member-rea

Author SHA1 Message Date
Timo Kösters aa0f826ddc
improvement: implement leave reason
4 years ago
Timo Kösters 6c8bc12419
fix: server resolution
4 years ago
Timo Kösters ef104e0821
fix: server resolution with well-known files
4 years ago
Timo Kösters bb9cb90e77
improvement: less IO for auth chains
4 years ago
Timo Kösters b5f27d9ec2
fix: improve key fetching
4 years ago
7 changed files with 174 additions and 136 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats
  1. 6
      src/appservice_server.rs
  2. 36
      src/client_server/keys.rs
  3. 34
      src/client_server/membership.rs
  4. 77
      src/database/globals.rs
  5. 6
      src/database/pusher.rs
  6. 2
      src/database/rooms.rs
  7. 127
      src/server_server.rs

6
src/appservice_server.rs
Unescape View File

@ -46,7 +46,11 @@ where
*reqwest_request.timeout_mut() = Some(Duration::from_secs(30)); *reqwest_request.timeout_mut() = Some(Duration::from_secs(30));
let url = reqwest_request.url().clone(); let url = reqwest_request.url().clone();
let mut response = globals.reqwest_client().execute(reqwest_request).await?; let mut response = globals
.reqwest_client()?
.build()?
.execute(reqwest_request)
.await?;
// reqwest::Response -> http::Response conversion // reqwest::Response -> http::Response conversion
let status = response.status(); let status = response.status();

36
src/client_server/keys.rs
Unescape View File

@ -1,5 +1,6 @@
use super::SESSION_ID_LENGTH; use super::SESSION_ID_LENGTH;
use crate::{database::DatabaseGuard, utils, ConduitResult, Database, Error, Result, Ruma}; use crate::{database::DatabaseGuard, utils, ConduitResult, Database, Error, Result, Ruma};
use rocket::futures::{prelude::*, stream::FuturesUnordered};
use ruma::{ use ruma::{
api::{ api::{
client::{ client::{
@ -18,7 +19,7 @@ use ruma::{
DeviceId, DeviceKeyAlgorithm, UserId, DeviceId, DeviceKeyAlgorithm, UserId,
}; };
use serde_json::json; use serde_json::json;
use std::collections::{BTreeMap, HashSet}; use std::collections::{BTreeMap, HashMap, HashSet};
#[cfg(feature = "conduit_bin")] #[cfg(feature = "conduit_bin")]
use rocket::{get, post}; use rocket::{get, post};
@ -294,7 +295,7 @@ pub async fn get_keys_helper<F: Fn(&UserId) -> bool>(
let mut user_signing_keys = BTreeMap::new(); let mut user_signing_keys = BTreeMap::new();
let mut device_keys = BTreeMap::new(); let mut device_keys = BTreeMap::new();
let mut get_over_federation = BTreeMap::new(); let mut get_over_federation = HashMap::new();
for (user_id, device_ids) in device_keys_input { for (user_id, device_ids) in device_keys_input {
if user_id.server_name() != db.globals.server_name() { if user_id.server_name() != db.globals.server_name() {
@ -364,13 +365,16 @@ pub async fn get_keys_helper<F: Fn(&UserId) -> bool>(
let mut failures = BTreeMap::new(); let mut failures = BTreeMap::new();
for (server, vec) in get_over_federation { let mut futures = get_over_federation
.into_iter()
.map(|(server, vec)| async move {
let mut device_keys_input_fed = BTreeMap::new(); let mut device_keys_input_fed = BTreeMap::new();
for (user_id, keys) in vec { for (user_id, keys) in vec {
device_keys_input_fed.insert(user_id.clone(), keys.clone()); device_keys_input_fed.insert(user_id.clone(), keys.clone());
} }
match db (
.sending server,
db.sending
.send_federation_request( .send_federation_request(
&db.globals, &db.globals,
server, server,
@ -378,8 +382,13 @@ pub async fn get_keys_helper<F: Fn(&UserId) -> bool>(
device_keys: device_keys_input_fed, device_keys: device_keys_input_fed,
}, },
) )
.await .await,
{ )
})
.collect::<FuturesUnordered<_>>();
while let Some((server, response)) = futures.next().await {
match response {
Ok(response) => { Ok(response) => {
master_keys.extend(response.master_keys); master_keys.extend(response.master_keys);
self_signing_keys.extend(response.self_signing_keys); self_signing_keys.extend(response.self_signing_keys);
@ -430,13 +439,15 @@ pub async fn claim_keys_helper(
one_time_keys.insert(user_id.clone(), container); one_time_keys.insert(user_id.clone(), container);
} }
let mut failures = BTreeMap::new();
for (server, vec) in get_over_federation { for (server, vec) in get_over_federation {
let mut one_time_keys_input_fed = BTreeMap::new(); let mut one_time_keys_input_fed = BTreeMap::new();
for (user_id, keys) in vec { for (user_id, keys) in vec {
one_time_keys_input_fed.insert(user_id.clone(), keys.clone()); one_time_keys_input_fed.insert(user_id.clone(), keys.clone());
} }
// Ignore failures // Ignore failures
let keys = db if let Ok(keys) = db
.sending .sending
.send_federation_request( .send_federation_request(
&db.globals, &db.globals,
@ -445,13 +456,16 @@ pub async fn claim_keys_helper(
one_time_keys: one_time_keys_input_fed, one_time_keys: one_time_keys_input_fed,
}, },
) )
.await?; .await
{
one_time_keys.extend(keys.one_time_keys); one_time_keys.extend(keys.one_time_keys);
} else {
failures.insert(server.to_string(), json!({}));
}
} }
Ok(claim_keys::Response { Ok(claim_keys::Response {
failures: BTreeMap::new(), failures,
one_time_keys, one_time_keys,
}) })
} }

34
src/client_server/membership.rs
Unescape View File

@ -69,6 +69,7 @@ pub async fn join_room_by_id_route(
&db, &db,
body.sender_user.as_ref(), body.sender_user.as_ref(),
&body.room_id, &body.room_id,
body.reason.clone(),
&servers, &servers,
body.third_party_signed.as_ref(), body.third_party_signed.as_ref(),
) )
@ -120,6 +121,7 @@ pub async fn join_room_by_id_or_alias_route(
&db, &db,
body.sender_user.as_ref(), body.sender_user.as_ref(),
&room_id, &room_id,
body.reason.clone(),
&servers, &servers,
body.third_party_signed.as_ref(), body.third_party_signed.as_ref(),
) )
@ -144,7 +146,9 @@ pub async fn leave_room_route(
) -> ConduitResult<leave_room::Response> { ) -> ConduitResult<leave_room::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated"); let sender_user = body.sender_user.as_ref().expect("user is authenticated");
db.rooms.leave_room(sender_user, &body.room_id, &db).await?; db.rooms
.leave_room(sender_user, &body.room_id, body.reason.clone(), &db)
.await?;
db.flush()?; db.flush()?;
@ -163,7 +167,15 @@ pub async fn invite_user_route(
let sender_user = body.sender_user.as_ref().expect("user is authenticated"); let sender_user = body.sender_user.as_ref().expect("user is authenticated");
if let invite_user::IncomingInvitationRecipient::UserId { user_id } = &body.recipient { if let invite_user::IncomingInvitationRecipient::UserId { user_id } = &body.recipient {
invite_helper(sender_user, user_id, &body.room_id, &db, false).await?; invite_helper(
sender_user,
user_id,
&body.room_id,
body.reason.clone(),
&db,
false,
)
.await?;
db.flush()?; db.flush()?;
Ok(invite_user::Response {}.into()) Ok(invite_user::Response {}.into())
} else { } else {
@ -201,7 +213,7 @@ pub async fn kick_user_route(
.map_err(|_| Error::bad_database("Invalid member event in database."))?; .map_err(|_| Error::bad_database("Invalid member event in database."))?;
event.membership = ruma::events::room::member::MembershipState::Leave; event.membership = ruma::events::room::member::MembershipState::Leave;
// TODO: reason event.reason = body.reason.clone();
let mutex_state = Arc::clone( let mutex_state = Arc::clone(
db.globals db.globals
@ -245,8 +257,6 @@ pub async fn ban_user_route(
) -> ConduitResult<ban_user::Response> { ) -> ConduitResult<ban_user::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated"); let sender_user = body.sender_user.as_ref().expect("user is authenticated");
// TODO: reason
let event = db let event = db
.rooms .rooms
.room_state_get( .room_state_get(
@ -262,7 +272,7 @@ pub async fn ban_user_route(
is_direct: None, is_direct: None,
third_party_invite: None, third_party_invite: None,
blurhash: db.users.blurhash(&body.user_id)?, blurhash: db.users.blurhash(&body.user_id)?,
reason: None, reason: body.reason.clone(),
}), }),
|event| { |event| {
let mut event = serde_json::from_value::<Raw<member::MemberEventContent>>( let mut event = serde_json::from_value::<Raw<member::MemberEventContent>>(
@ -272,6 +282,7 @@ pub async fn ban_user_route(
.deserialize() .deserialize()
.map_err(|_| Error::bad_database("Invalid member event in database."))?; .map_err(|_| Error::bad_database("Invalid member event in database."))?;
event.membership = ruma::events::room::member::MembershipState::Ban; event.membership = ruma::events::room::member::MembershipState::Ban;
event.reason = body.reason.clone();
Ok(event) Ok(event)
}, },
)?; )?;
@ -337,6 +348,7 @@ pub async fn unban_user_route(
.map_err(|_| Error::bad_database("Invalid member event in database."))?; .map_err(|_| Error::bad_database("Invalid member event in database."))?;
event.membership = ruma::events::room::member::MembershipState::Leave; event.membership = ruma::events::room::member::MembershipState::Leave;
event.reason = body.reason.clone();
let mutex_state = Arc::clone( let mutex_state = Arc::clone(
db.globals db.globals
@ -482,6 +494,7 @@ async fn join_room_by_id_helper(
db: &Database, db: &Database,
sender_user: Option<&UserId>, sender_user: Option<&UserId>,
room_id: &RoomId, room_id: &RoomId,
reason: Option<String>,
servers: &HashSet<Box<ServerName>>, servers: &HashSet<Box<ServerName>>,
_third_party_signed: Option<&IncomingThirdPartySigned>, _third_party_signed: Option<&IncomingThirdPartySigned>,
) -> ConduitResult<join_room_by_id::Response> { ) -> ConduitResult<join_room_by_id::Response> {
@ -564,7 +577,7 @@ async fn join_room_by_id_helper(
is_direct: None, is_direct: None,
third_party_invite: None, third_party_invite: None,
blurhash: db.users.blurhash(&sender_user)?, blurhash: db.users.blurhash(&sender_user)?,
reason: None, reason,
}) })
.expect("event is valid, we just created it"), .expect("event is valid, we just created it"),
); );
@ -714,7 +727,7 @@ async fn join_room_by_id_helper(
is_direct: None, is_direct: None,
third_party_invite: None, third_party_invite: None,
blurhash: db.users.blurhash(&sender_user)?, blurhash: db.users.blurhash(&sender_user)?,
reason: None, reason,
}; };
db.rooms.build_and_append_pdu( db.rooms.build_and_append_pdu(
@ -807,6 +820,7 @@ pub async fn invite_helper<'a>(
sender_user: &UserId, sender_user: &UserId,
user_id: &UserId, user_id: &UserId,
room_id: &RoomId, room_id: &RoomId,
reason: Option<String>,
db: &Database, db: &Database,
is_direct: bool, is_direct: bool,
) -> Result<()> { ) -> Result<()> {
@ -869,7 +883,7 @@ pub async fn invite_helper<'a>(
membership: MembershipState::Invite, membership: MembershipState::Invite,
third_party_invite: None, third_party_invite: None,
blurhash: None, blurhash: None,
reason: None, reason,
}) })
.expect("member event is valid value"); .expect("member event is valid value");
@ -1064,7 +1078,7 @@ pub async fn invite_helper<'a>(
is_direct: Some(is_direct), is_direct: Some(is_direct),
third_party_invite: None, third_party_invite: None,
blurhash: db.users.blurhash(&user_id)?, blurhash: db.users.blurhash(&user_id)?,
reason: None, reason,
}) })
.expect("event is valid, we just created it"), .expect("event is valid, we just created it"),
unsigned: None, unsigned: None,

77
src/database/globals.rs
Unescape View File

@ -1,4 +1,4 @@
use crate::{database::Config, utils, ConduitResult, Error, Result}; use crate::{database::Config, server_server::FedDest, utils, ConduitResult, Error, Result};
use ruma::{ use ruma::{
api::{ api::{
client::r0::sync::sync_events, client::r0::sync::sync_events,
@ -6,25 +6,25 @@ use ruma::{
}, },
DeviceId, EventId, MilliSecondsSinceUnixEpoch, RoomId, ServerName, ServerSigningKeyId, UserId, DeviceId, EventId, MilliSecondsSinceUnixEpoch, RoomId, ServerName, ServerSigningKeyId, UserId,
}; };
use rustls::{ServerCertVerifier, WebPKIVerifier};
use std::{ use std::{
collections::{BTreeMap, HashMap}, collections::{BTreeMap, HashMap},
fs, fs,
future::Future, future::Future,
net::IpAddr,
path::PathBuf, path::PathBuf,
sync::{Arc, Mutex, RwLock}, sync::{Arc, Mutex, RwLock},
time::{Duration, Instant}, time::{Duration, Instant},
}; };
use tokio::sync::{broadcast, watch::Receiver, Mutex as TokioMutex, Semaphore}; use tokio::sync::{broadcast, watch::Receiver, Mutex as TokioMutex, Semaphore};
use tracing::{error, info}; use tracing::error;
use trust_dns_resolver::TokioAsyncResolver; use trust_dns_resolver::TokioAsyncResolver;
use super::abstraction::Tree; use super::abstraction::Tree;
pub const COUNTER: &[u8] = b"c"; pub const COUNTER: &[u8] = b"c";
type WellKnownMap = HashMap<Box<ServerName>, (String, String)>; type WellKnownMap = HashMap<Box<ServerName>, (FedDest, String)>;
type TlsNameMap = HashMap<String, webpki::DNSName>; type TlsNameMap = HashMap<String, Vec<IpAddr>>;
type RateLimitState = (Instant, u32); // Time if last failed try, number of failed tries type RateLimitState = (Instant, u32); // Time if last failed try, number of failed tries
type SyncHandle = ( type SyncHandle = (
Option<String>, // since Option<String>, // since
@ -37,7 +37,6 @@ pub struct Globals {
pub(super) globals: Arc<dyn Tree>, pub(super) globals: Arc<dyn Tree>,
config: Config, config: Config,
keypair: Arc<ruma::signatures::Ed25519KeyPair>, keypair: Arc<ruma::signatures::Ed25519KeyPair>,
reqwest_client: reqwest::Client,
dns_resolver: TokioAsyncResolver, dns_resolver: TokioAsyncResolver,
jwt_decoding_key: Option<jsonwebtoken::DecodingKey<'static>>, jwt_decoding_key: Option<jsonwebtoken::DecodingKey<'static>>,
pub(super) server_signingkeys: Arc<dyn Tree>, pub(super) server_signingkeys: Arc<dyn Tree>,
@ -51,40 +50,6 @@ pub struct Globals {
pub rotate: RotationHandler, pub rotate: RotationHandler,
} }
struct MatrixServerVerifier {
inner: WebPKIVerifier,
tls_name_override: Arc<RwLock<TlsNameMap>>,
}
impl ServerCertVerifier for MatrixServerVerifier {
#[tracing::instrument(skip(self, roots, presented_certs, dns_name, ocsp_response))]
fn verify_server_cert(
&self,
roots: &rustls::RootCertStore,
presented_certs: &[rustls::Certificate],
dns_name: webpki::DNSNameRef<'_>,
ocsp_response: &[u8],
) -> std::result::Result<rustls::ServerCertVerified, rustls::TLSError> {
if let Some(override_name) = self.tls_name_override.read().unwrap().get(dns_name.into()) {
let result = self.inner.verify_server_cert(
roots,
presented_certs,
override_name.as_ref(),
ocsp_response,
);
if result.is_ok() {
return result;
}
info!(
"Server {:?} is non-compliant, retrying TLS verification with original name",
dns_name
);
}
self.inner
.verify_server_cert(roots, presented_certs, dns_name, ocsp_response)
}
}
/// Handles "rotation" of long-polling requests. "Rotation" in this context is similar to "rotation" of log files and the like. /// Handles "rotation" of long-polling requests. "Rotation" in this context is similar to "rotation" of log files and the like.
/// ///
/// This is utilized to have sync workers return early and release read locks on the database. /// This is utilized to have sync workers return early and release read locks on the database.
@ -162,24 +127,6 @@ impl Globals {
}; };
let tls_name_override = Arc::new(RwLock::new(TlsNameMap::new())); let tls_name_override = Arc::new(RwLock::new(TlsNameMap::new()));
let verifier = Arc::new(MatrixServerVerifier {
inner: WebPKIVerifier::new(),
tls_name_override: tls_name_override.clone(),
});
let mut tlsconfig = rustls::ClientConfig::new();
tlsconfig.dangerous().set_certificate_verifier(verifier);
tlsconfig.root_store =
rustls_native_certs::load_native_certs().expect("Error loading system certificates");
let mut reqwest_client_builder = reqwest::Client::builder()
.connect_timeout(Duration::from_secs(30))
.timeout(Duration::from_secs(60 * 3))
.pool_max_idle_per_host(1)
.use_preconfigured_tls(tlsconfig);
if let Some(proxy) = config.proxy.to_proxy()? {
reqwest_client_builder = reqwest_client_builder.proxy(proxy);
}
let reqwest_client = reqwest_client_builder.build().unwrap();
let jwt_decoding_key = config let jwt_decoding_key = config
.jwt_secret .jwt_secret
@ -190,7 +137,6 @@ impl Globals {
globals, globals,
config, config,
keypair: Arc::new(keypair), keypair: Arc::new(keypair),
reqwest_client,
dns_resolver: TokioAsyncResolver::tokio_from_system_conf().map_err(|_| { dns_resolver: TokioAsyncResolver::tokio_from_system_conf().map_err(|_| {
Error::bad_config("Failed to set up trust dns resolver with system config.") Error::bad_config("Failed to set up trust dns resolver with system config.")
})?, })?,
@ -219,8 +165,17 @@ impl Globals {
} }
/// Returns a reqwest client which can be used to send requests. /// Returns a reqwest client which can be used to send requests.
pub fn reqwest_client(&self) -> &reqwest::Client { pub fn reqwest_client(&self) -> Result<reqwest::ClientBuilder> {
&self.reqwest_client let mut reqwest_client_builder = reqwest::Client::builder()
.connect_timeout(Duration::from_secs(30))
.timeout(Duration::from_secs(60 * 3))
.pool_max_idle_per_host(1);
//.use_preconfigured_tls(tlsconfig);
if let Some(proxy) = self.config.proxy.to_proxy()? {
reqwest_client_builder = reqwest_client_builder.proxy(proxy);
}
Ok(reqwest_client_builder)
} }
#[tracing::instrument(skip(self))] #[tracing::instrument(skip(self))]

6
src/database/pusher.rs
Unescape View File

@ -113,7 +113,11 @@ where
//*reqwest_request.timeout_mut() = Some(Duration::from_secs(5)); //*reqwest_request.timeout_mut() = Some(Duration::from_secs(5));
let url = reqwest_request.url().clone(); let url = reqwest_request.url().clone();
let response = globals.reqwest_client().execute(reqwest_request).await; let response = globals
.reqwest_client()?
.build()?
.execute(reqwest_request)
.await;
match response { match response {
Ok(mut response) => { Ok(mut response) => {

2
src/database/rooms.rs
Unescape View File

@ -2482,6 +2482,7 @@ impl Rooms {
&self, &self,
user_id: &UserId, user_id: &UserId,
room_id: &RoomId, room_id: &RoomId,
reason: Option<String>,
db: &Database, db: &Database,
) -> Result<()> { ) -> Result<()> {
// Ask a remote server if we don't have this room // Ask a remote server if we don't have this room
@ -2530,6 +2531,7 @@ impl Rooms {
.map_err(|_| Error::bad_database("Invalid member event in database."))?; .map_err(|_| Error::bad_database("Invalid member event in database."))?;
event.membership = member::MembershipState::Leave; event.membership = member::MembershipState::Leave;
event.reason = reason;
self.build_and_append_pdu( self.build_and_append_pdu(
PduBuilder { PduBuilder {

127
src/server_server.rs
Unescape View File

@ -83,7 +83,7 @@ use rocket::{get, post, put};
/// FedDest::Named("198.51.100.5".to_owned(), "".to_owned()); /// FedDest::Named("198.51.100.5".to_owned(), "".to_owned());
/// ``` /// ```
#[derive(Clone, Debug, PartialEq)] #[derive(Clone, Debug, PartialEq)]
enum FedDest { pub enum FedDest {
Literal(SocketAddr), Literal(SocketAddr),
Named(String, String), Named(String, String),
} }
@ -109,6 +109,13 @@ impl FedDest {
Self::Named(host, _) => host.clone(), Self::Named(host, _) => host.clone(),
} }
} }
fn port(&self) -> Option<u16> {
match &self {
Self::Literal(addr) => Some(addr.port()),
Self::Named(_, port) => port[1..].parse().ok(),
}
}
} }
#[tracing::instrument(skip(globals, request))] #[tracing::instrument(skip(globals, request))]
@ -124,41 +131,34 @@ where
return Err(Error::bad_config("Federation is disabled.")); return Err(Error::bad_config("Federation is disabled."));
} }
let maybe_result = globals let mut write_destination_to_cache = false;
let cached_result = globals
.actual_destination_cache .actual_destination_cache
.read() .read()
.unwrap() .unwrap()
.get(destination) .get(destination)
.cloned(); .cloned();
let (actual_destination, host) = if let Some(result) = maybe_result { let (actual_destination, host) = if let Some(result) = cached_result {
result result
} else { } else {
write_destination_to_cache = true;
let result = find_actual_destination(globals, &destination).await; let result = find_actual_destination(globals, &destination).await;
let (actual_destination, host) = result.clone();
let result_string = (result.0.into_https_string(), result.1.into_uri_string()); (result.0, result.1.clone().into_uri_string())
globals
.actual_destination_cache
.write()
.unwrap()
.insert(Box::<ServerName>::from(destination), result_string.clone());
let dest_hostname = actual_destination.hostname();
let host_hostname = host.hostname();
if dest_hostname != host_hostname {
globals.tls_name_override.write().unwrap().insert(
dest_hostname,
webpki::DNSNameRef::try_from_ascii_str(&host_hostname)
.unwrap()
.to_owned(),
);
}
result_string
}; };
let actual_destination_str = actual_destination.clone().into_https_string();
let mut http_request = request let mut http_request = request
.try_into_http_request::<Vec<u8>>(&actual_destination, SendAccessToken::IfRequired("")) .try_into_http_request::<Vec<u8>>(&actual_destination_str, SendAccessToken::IfRequired(""))
.map_err(|e| { .map_err(|e| {
warn!("Failed to find destination {}: {}", actual_destination, e); warn!(
"Failed to find destination {}: {}",
actual_destination_str, e
);
Error::BadServerResponse("Invalid destination") Error::BadServerResponse("Invalid destination")
})?; })?;
@ -232,7 +232,22 @@ where
.expect("all http requests are valid reqwest requests"); .expect("all http requests are valid reqwest requests");
let url = reqwest_request.url().clone(); let url = reqwest_request.url().clone();
let response = globals.reqwest_client().execute(reqwest_request).await;
let mut client = globals.reqwest_client()?;
if let Some(override_name) = globals
.tls_name_override
.read()
.unwrap()
.get(&actual_destination.hostname())
{
client = client.resolve(
&actual_destination.hostname(),
SocketAddr::new(override_name[0], 0),
);
// port will be ignored
}
let response = client.build()?.execute(reqwest_request).await;
match response { match response {
Ok(mut response) => { Ok(mut response) => {
@ -271,6 +286,13 @@ where
if status == 200 { if status == 200 {
let response = T::IncomingResponse::try_from_http_response(http_response); let response = T::IncomingResponse::try_from_http_response(http_response);
if response.is_ok() && write_destination_to_cache {
globals.actual_destination_cache.write().unwrap().insert(
Box::<ServerName>::from(destination),
(actual_destination, host),
);
}
response.map_err(|e| { response.map_err(|e| {
warn!( warn!(
"Invalid 200 response from {} on: {} {}", "Invalid 200 response from {} on: {} {}",
@ -343,16 +365,46 @@ async fn find_actual_destination(
match get_ip_with_port(&delegated_hostname) { match get_ip_with_port(&delegated_hostname) {
Some(host_and_port) => host_and_port, // 3.1: IP literal in .well-known file Some(host_and_port) => host_and_port, // 3.1: IP literal in .well-known file
None => { None => {
if let Some(pos) = destination_str.find(':') { if let Some(pos) = delegated_hostname.find(':') {
// 3.2: Hostname with port in .well-known file // 3.2: Hostname with port in .well-known file
let (host, port) = destination_str.split_at(pos); let (host, port) = delegated_hostname.split_at(pos);
FedDest::Named(host.to_string(), port.to_string()) FedDest::Named(host.to_string(), port.to_string())
} else { } else {
match query_srv_record(globals, &delegated_hostname).await { if let Some(hostname_override) =
query_srv_record(globals, &delegated_hostname).await
{
// 3.3: SRV lookup successful // 3.3: SRV lookup successful
Some(hostname) => hostname, let host = match delegated_hostname.find(':') {
None => delegated_hostname.clone(),
Some(pos) => {
delegated_hostname.split_at(pos).0.to_owned()
}
};
if let Ok(override_ip) = globals
.dns_resolver()
.lookup_ip(hostname_override.hostname())
.await
{
globals
.tls_name_override
.write()
.unwrap()
.insert(host.clone(), override_ip.iter().collect());
} else {
warn!("Using SRV record, but could not resolve to IP");
}
let force_port = hostname_override.port();
if let Some(port) = force_port {
FedDest::Named(host, format!(":{}", port.to_string()))
} else {
add_port_to_hostname(&delegated_hostname)
}
} else {
// 3.4: No SRV records, just use the hostname from .well-known // 3.4: No SRV records, just use the hostname from .well-known
None => add_port_to_hostname(&delegated_hostname), add_port_to_hostname(&delegated_hostname)
} }
} }
} }
@ -423,6 +475,9 @@ pub async fn request_well_known(
let body: serde_json::Value = serde_json::from_str( let body: serde_json::Value = serde_json::from_str(
&globals &globals
.reqwest_client() .reqwest_client()
.ok()?
.build()
.ok()?
.get(&format!( .get(&format!(
"https://{}/.well-known/matrix/server", "https://{}/.well-known/matrix/server",
destination destination
@ -1980,15 +2035,9 @@ fn get_auth_chain(
let mut buckets = vec![BTreeSet::new(); NUM_BUCKETS]; let mut buckets = vec![BTreeSet::new(); NUM_BUCKETS];
for id in starting_events { for id in starting_events {
if let Some(pdu) = db.rooms.get_pdu(&id)? { let short = db.rooms.get_or_create_shorteventid(&id, &db.globals)?;
for auth_event in &pdu.auth_events {
let short = db
.rooms
.get_or_create_shorteventid(&auth_event, &db.globals)?;
let bucket_id = (short % NUM_BUCKETS as u64) as usize; let bucket_id = (short % NUM_BUCKETS as u64) as usize;
buckets[bucket_id].insert((short, auth_event.clone())); buckets[bucket_id].insert((short, id.clone()));
}
}
} }
let mut full_auth_chain = HashSet::new(); let mut full_auth_chain = HashSet::new();
@ -2000,10 +2049,6 @@ fn get_auth_chain(
continue; continue;
} }
// The code below will only get the auth chains, not the events in the chunk. So let's add
// them first
full_auth_chain.extend(chunk.iter().map(|(id, _)| id));
let chunk_key = chunk let chunk_key = chunk
.iter() .iter()
.map(|(short, _)| short) .map(|(short, _)| short)

Write Preview
Loading…
Cancel
Save