HTTP signatures respect allowlist federation

2023-04-04 17:41:13 +02:00 · 2023-04-04 17:41:13 +02:00 · d2b0d86471
commit d2b0d86471
parent f12d3cce39
2 changed files with 57 additions and 3 deletions
--- a/lib/pleroma/web/activity_pub/publisher.ex
+++ b/lib/pleroma/web/activity_pub/publisher.ex
@ -108,15 +108,28 @@ defp blocked_instances do
      Config.get([:mrf_simple, :reject], [])
  end

+  defp allowed_instances do
+    Config.get([:mrf_simple, :accept])
+  end
+
  def should_federate?(url) do
    %{host: host} = URI.parse(url)

-    quarantined_instances =
-      blocked_instances()
+    with allowed <- allowed_instances(),
+         false <- Enum.empty?(allowed) do
+      allowed
      |> Pleroma.Web.ActivityPub.MRF.instance_list_from_tuples()
      |> Pleroma.Web.ActivityPub.MRF.subdomains_regex()
+      |> Pleroma.Web.ActivityPub.MRF.subdomain_match?(host)
+    else
+      _ ->
+        quarantined_instances =
+          blocked_instances()
+          |> Pleroma.Web.ActivityPub.MRF.instance_list_from_tuples()
+          |> Pleroma.Web.ActivityPub.MRF.subdomains_regex()

-    !Pleroma.Web.ActivityPub.MRF.subdomain_match?(quarantined_instances, host)
+        not Pleroma.Web.ActivityPub.MRF.subdomain_match?(quarantined_instances, host)
+    end
  end

  @spec recipients(User.t(), Activity.t()) :: list(User.t()) | []
--- a/test/pleroma/web/plugs/mapped_signature_to_identity_plug_test.exs
+++ b/test/pleroma/web/plugs/mapped_signature_to_identity_plug_test.exs
@ -69,6 +69,47 @@ test "it considers a mapped identity to be invalid when the associated instance
    assert %{valid_signature: false} == conn.assigns
  end

+  test "allowlist federation: it considers a mapped identity to be valid when the associated instance is allowed" do
+    clear_config([:activitypub, :authorized_fetch_mode], true)
+
+    clear_config([:mrf_simple, :accept], [
+      {"mastodon.example.org", "anime is allowed"}
+    ])
+
+    on_exit(fn ->
+      Pleroma.Config.put([:activitypub, :authorized_fetch_mode], false)
+      Pleroma.Config.put([:mrf_simple, :accept], [])
+    end)
+
+    conn =
+      build_conn(:post, "/doesntmattter", %{"actor" => "http://mastodon.example.org/users/admin"})
+      |> set_signature("http://mastodon.example.org/users/admin")
+      |> MappedSignatureToIdentityPlug.call(%{})
+
+    assert conn.assigns[:valid_signature]
+    refute is_nil(conn.assigns.user)
+  end
+
+  test "allowlist federation: it considers a mapped identity to be invalid when the associated instance is not allowed" do
+    clear_config([:activitypub, :authorized_fetch_mode], true)
+
+    clear_config([:mrf_simple, :accept], [
+      {"misskey.example.org", "anime is allowed"}
+    ])
+
+    on_exit(fn ->
+      Pleroma.Config.put([:activitypub, :authorized_fetch_mode], false)
+      Pleroma.Config.put([:mrf_simple, :accept], [])
+    end)
+
+    conn =
+      build_conn(:post, "/doesntmattter", %{"actor" => "http://mastodon.example.org/users/admin"})
+      |> set_signature("http://mastodon.example.org/users/admin")
+      |> MappedSignatureToIdentityPlug.call(%{})
+
+    assert %{valid_signature: false} == conn.assigns
+  end
+
  @tag skip: "known breakage; the testsuite presently depends on it"
  test "it considers a mapped identity to be invalid when the identity cannot be found" do
    conn =