mirror of
https://github.com/superseriousbusiness/gotosocial.git
synced 2025-10-29 02:12:25 -05:00
882d97f7b3
# Description > If this is a code change, please include a summary of what you've coded, and link to the issue(s) it closes/implements. > > If this is a documentation change, please briefly describe what you've changed and why. Previously we were passing a *followers* URI into the federatingDB `Followers` function, which expects an *account* URI. This led to a nil body when doing internal dereferences (ie., while sending out messages). I think I probably wrote this bug when I refactored stuff a while ago. This PR fixes that up by making the dereferenceLocal function more consistent, and falling back to an http dereference if nothing found. Clarifies behavior of the federatingdb.Get function as well, by commenting the shit out of it. Also adds tests, precious tests. Closes https://codeberg.org/superseriousbusiness/gotosocial/issues/4066 ## Checklist Please put an x inside each checkbox to indicate that you've read and followed it: `[ ]` -> `[x]` If this is a documentation change, only the first checkbox must be filled (you can delete the others if you want). - [x] I/we have read the [GoToSocial contribution guidelines](https://codeberg.org/superseriousbusiness/gotosocial/src/branch/main/CONTRIBUTING.md). - [x] I/we have discussed the proposed changes already, either in an issue on the repository, or in the Matrix chat. - [x] I/we have not leveraged AI to create the proposed changes. - [x] I/we have performed a self-review of added code. - [x] I/we have written code that is legible and maintainable by others. - [x] I/we have commented the added code, particularly in hard-to-understand areas. - [x] I/we have made any necessary changes to documentation. - [x] I/we have added tests that cover new code. - [x] I/we have run tests and they pass locally with the changes. - [x] I/we have run `go fmt ./...` and `golangci-lint run`. Reviewed-on: https://codeberg.org/superseriousbusiness/gotosocial/pulls/4097 Co-authored-by: tobi <tobi.smethurst@protonmail.com> Co-committed-by: tobi <tobi.smethurst@protonmail.com>
206 lines
6 KiB
Go
206 lines
6 KiB
Go
// GoToSocial
|
|
// Copyright (C) GoToSocial Authors admin@gotosocial.org
|
|
// SPDX-License-Identifier: AGPL-3.0-or-later
|
|
//
|
|
// This program is free software: you can redistribute it and/or modify
|
|
// it under the terms of the GNU Affero General Public License as published by
|
|
// the Free Software Foundation, either version 3 of the License, or
|
|
// (at your option) any later version.
|
|
//
|
|
// This program is distributed in the hope that it will be useful,
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
// GNU Affero General Public License for more details.
|
|
//
|
|
// You should have received a copy of the GNU Affero General Public License
|
|
// along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
package transport
|
|
|
|
import (
|
|
"bytes"
|
|
"context"
|
|
"crypto/rsa"
|
|
"crypto/x509"
|
|
"encoding/json"
|
|
"fmt"
|
|
"io"
|
|
"net/http"
|
|
"net/url"
|
|
"strconv"
|
|
|
|
"code.superseriousbusiness.org/activity/pub"
|
|
"code.superseriousbusiness.org/activity/streams/vocab"
|
|
"code.superseriousbusiness.org/gotosocial/internal/ap"
|
|
apiutil "code.superseriousbusiness.org/gotosocial/internal/api/util"
|
|
"code.superseriousbusiness.org/gotosocial/internal/config"
|
|
"code.superseriousbusiness.org/gotosocial/internal/federation/federatingdb"
|
|
"code.superseriousbusiness.org/gotosocial/internal/state"
|
|
"code.superseriousbusiness.org/gotosocial/internal/util"
|
|
"codeberg.org/gruf/go-byteutil"
|
|
"codeberg.org/gruf/go-cache/v3"
|
|
)
|
|
|
|
// Controller generates transports for use in making federation requests to other servers.
|
|
type Controller interface {
|
|
// NewTransport returns an http signature transport with the given public key ID (URL location of pubkey), and the given private key.
|
|
NewTransport(pubKeyID string, privkey *rsa.PrivateKey) (Transport, error)
|
|
|
|
// NewTransportForUsername searches for account with username, and returns result of .NewTransport().
|
|
NewTransportForUsername(ctx context.Context, username string) (Transport, error)
|
|
}
|
|
|
|
type controller struct {
|
|
state *state.State
|
|
fedDB federatingdb.DB
|
|
clock pub.Clock
|
|
client pub.HttpClient
|
|
trspCache cache.TTLCache[string, *transport]
|
|
userAgent string
|
|
}
|
|
|
|
// NewController returns an implementation of the Controller interface for creating new transports
|
|
func NewController(state *state.State, federatingDB federatingdb.DB, clock pub.Clock, client pub.HttpClient) Controller {
|
|
var (
|
|
host = config.GetHost()
|
|
proto = config.GetProtocol()
|
|
version = config.GetSoftwareVersion()
|
|
)
|
|
|
|
c := &controller{
|
|
state: state,
|
|
fedDB: federatingDB,
|
|
clock: clock,
|
|
client: client,
|
|
trspCache: cache.NewTTL[string, *transport](0, 100, 0),
|
|
userAgent: fmt.Sprintf("gotosocial/%s (+%s://%s)", version, proto, host),
|
|
}
|
|
|
|
return c
|
|
}
|
|
|
|
func (c *controller) NewTransport(pubKeyID string, privkey *rsa.PrivateKey) (Transport, error) {
|
|
// Generate public key string for cache key
|
|
//
|
|
// NOTE: it is safe to use the public key as the cache
|
|
// key here as we are generating it ourselves from the
|
|
// private key. If we were simply using a public key
|
|
// provided as argument that would absolutely NOT be safe.
|
|
pubStr := privkeyToPublicStr(privkey)
|
|
|
|
// First check for cached transport
|
|
transp, ok := c.trspCache.Get(pubStr)
|
|
if ok {
|
|
return transp, nil
|
|
}
|
|
|
|
// Create the transport
|
|
transp = &transport{
|
|
controller: c,
|
|
pubKeyID: pubKeyID,
|
|
privkey: privkey,
|
|
}
|
|
|
|
// Cache this transport under pubkey
|
|
if !c.trspCache.Add(pubStr, transp) {
|
|
var cached *transport
|
|
|
|
cached, ok = c.trspCache.Get(pubStr)
|
|
if !ok {
|
|
// Some ridiculous race cond.
|
|
c.trspCache.Set(pubStr, transp)
|
|
} else {
|
|
// Use already cached
|
|
transp = cached
|
|
}
|
|
}
|
|
|
|
return transp, nil
|
|
}
|
|
|
|
func (c *controller) NewTransportForUsername(ctx context.Context, username string) (Transport, error) {
|
|
// We need an account to use to create a transport for dereferecing something.
|
|
// If a username has been given, we can fetch the account with that username and use it.
|
|
// Otherwise, we can take the instance account and use those credentials to make the request.
|
|
var u string
|
|
if username == "" {
|
|
u = config.GetHost()
|
|
} else {
|
|
u = username
|
|
}
|
|
|
|
ourAccount, err := c.state.DB.GetAccountByUsernameDomain(ctx, u, "")
|
|
if err != nil {
|
|
return nil, fmt.Errorf("error getting account %s from db: %s", username, err)
|
|
}
|
|
|
|
transport, err := c.NewTransport(ourAccount.PublicKeyURI, ourAccount.PrivateKey)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("error creating transport for user %s: %s", username, err)
|
|
}
|
|
|
|
return transport, nil
|
|
}
|
|
|
|
// dereferenceLocal is a shortcut to try dereferencing
|
|
// something on this instance without making any http calls.
|
|
//
|
|
// Will return an error if nothing could be found, indicating that
|
|
// the calling transport should continue with an http call anyway.
|
|
//
|
|
// It should only be invoked when the iri.Host == this host.
|
|
func (c *controller) dereferenceLocal(
|
|
ctx context.Context,
|
|
uri *url.URL,
|
|
) (*http.Response, error) {
|
|
var (
|
|
t vocab.Type
|
|
err error
|
|
)
|
|
|
|
t, err = c.fedDB.Get(ctx, uri)
|
|
if err != nil {
|
|
// Don't check especially for
|
|
// db.ErrNoEntries, as we *want*
|
|
// to pass this back to the caller
|
|
// if we didn't get anything.
|
|
return nil, err
|
|
}
|
|
|
|
if util.IsNil(t) {
|
|
// This should never happen.
|
|
panic("nil vocab.Type after successful c.fedDB.Get call")
|
|
}
|
|
|
|
i, err := ap.Serialize(t)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
b, err := json.Marshal(i)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
contentLength := len(b)
|
|
|
|
// Return a response with AS data as body.
|
|
rsp := &http.Response{
|
|
Request: &http.Request{URL: uri},
|
|
Status: http.StatusText(http.StatusOK),
|
|
StatusCode: http.StatusOK,
|
|
Body: io.NopCloser(bytes.NewReader(b)),
|
|
ContentLength: int64(contentLength),
|
|
Header: map[string][]string{
|
|
"Content-Type": {apiutil.AppActivityLDJSON},
|
|
"Content-Length": {strconv.Itoa(contentLength)},
|
|
},
|
|
}
|
|
|
|
return rsp, nil
|
|
}
|
|
|
|
// privkeyToPublicStr will create a string representation of RSA public key from private.
|
|
func privkeyToPublicStr(privkey *rsa.PrivateKey) string {
|
|
b := x509.MarshalPKCS1PublicKey(&privkey.PublicKey)
|
|
return byteutil.B2S(b)
|
|
}
|