From 55e97864bd86eaec56b43eff238a40f684dcc109 Mon Sep 17 00:00:00 2001 From: MeiMei <30769358+mei23@users.noreply.github.com> Date: Thu, 18 Apr 2019 00:53:00 +0900 Subject: [PATCH] =?UTF-8?q?Fix:=20v11=E3=81=A7=E6=9C=AA=E8=AA=8D=E7=9F=A5?= =?UTF-8?q?=E3=83=A6=E3=83=BC=E3=82=B6=E3=83=BC=E3=81=8B=E3=82=89Activity?= =?UTF-8?q?=E3=81=8C=E9=A3=9B=E3=82=93=E3=81=A7=E3=81=8D=E3=81=9F=E5=A0=B4?= =?UTF-8?q?=E5=90=88=E3=81=AB=E5=87=A6=E7=90=86=E3=81=A7=E3=81=8D=E3=81=AA?= =?UTF-8?q?=E3=81=84=20(#4733)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Fix: inboxに未知のユーザーが来ると処理できない * こうかな --- src/queue/processors/inbox.ts | 64 ++++++++++------------------------- 1 file changed, 18 insertions(+), 46 deletions(-) diff --git a/src/queue/processors/inbox.ts b/src/queue/processors/inbox.ts index 05fed0566..9b28f93a3 100644 --- a/src/queue/processors/inbox.ts +++ b/src/queue/processors/inbox.ts @@ -35,37 +35,8 @@ export default async (job: Bull.Job): Promise => { let key: UserPublickey; if (keyIdLower.startsWith('acct:')) { - const acct = parseAcct(keyIdLower.slice('acct:'.length)); - const host = toPunyNullable(acct.host); - const username = toPuny(acct.username); - - if (host === null) { - logger.warn(`request was made by local user: @${username}`); - return; - } - - // アクティビティ内のホストの検証 - try { - ValidateActivity(activity, host); - } catch (e) { - logger.warn(e.message); - return; - } - - // ブロックしてたら中断 - // TODO: いちいちデータベースにアクセスするのはコスト高そうなのでどっかにキャッシュしておく - const meta = await fetchMeta(); - if (meta.blockedHosts.includes(host)) { - logger.info(`Blocked request: ${host}`); - return; - } - - user = await Users.findOne({ - usernameLower: username.toLowerCase(), - host: host - }) as IRemoteUser; - - key = await UserPublickeys.findOne(user.id).then(ensure); + logger.warn(`Old keyId is no longer supported. ${keyIdLower}`); + return; } else { // アクティビティ内のホストの検証 const host = toPuny(new URL(signature.keyId).hostname); @@ -84,19 +55,29 @@ export default async (job: Bull.Job): Promise => { return; } - key = await UserPublickeys.findOne({ + const _key = await UserPublickeys.findOne({ keyId: signature.keyId - }).then(ensure); + }); - user = await Users.findOne(key.userId) as IRemoteUser; + if (_key) { + // 登録済みユーザー + user = await Users.findOne(_key.userId) as IRemoteUser; + key = _key; + } else { + // 未登録ユーザーの場合はリモート解決 + user = await resolvePerson(activity.actor) as IRemoteUser; + if (user == null) { + throw new Error('failed to resolve user'); + } + + key = await UserPublickeys.findOne(user.id).then(ensure); + } } // Update Person activityの場合は、ここで署名検証/更新処理まで実施して終了 if (activity.type === 'Update') { if (activity.object && validActor.includes(activity.object.type)) { - if (user == null) { - logger.warn('Update activity received, but user not registed.'); - } else if (!httpSignature.verifySignature(signature, key.keyPem)) { + if (!httpSignature.verifySignature(signature, key.keyPem)) { logger.warn('Update activity received, but signature verification failed.'); } else { updatePerson(activity.actor, null, activity.object); @@ -105,15 +86,6 @@ export default async (job: Bull.Job): Promise => { } } - // アクティビティを送信してきたユーザーがまだMisskeyサーバーに登録されていなかったら登録する - if (user == null) { - user = await resolvePerson(activity.actor) as IRemoteUser; - } - - if (user == null) { - throw new Error('failed to resolve user'); - } - if (!httpSignature.verifySignature(signature, key.keyPem)) { logger.error('signature verification failed'); return;