vib/FoundKey
1
0
Fork 0
forked from FoundKeyGang/FoundKey
Code Issues Pull requests Packages Projects Releases Wiki Activity

rename extractDbHost to extractPunyHost

Browse source
This commit is contained in:
Johann150 2023-06-27 22:02:32 +02:00
parent 597de07465
commit 2ea6daaf7a
Signed by untrusted user: Johann150
GPG key ID: 9EE6577A2A06F8F1
11 changed files with 29 additions and 29 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
packages/backend/src/misc/convert-host.ts
View file

@ -11,7 +11,7 @@ export function isSelfHost(host: string | null): boolean {
return toPuny(config.host) === toPuny(host);
}
export function extractDbHost(uri: string): string {
export function extractPunyHost(uri: string): string {
const url = new URL(uri);
return toPuny(url.hostname);
}

8
packages/backend/src/queue/processors/inbox.ts
View file

@ -5,7 +5,7 @@ import Logger from '@/services/logger.js';
import { registerOrFetchInstanceDoc } from '@/services/register-or-fetch-instance-doc.js';
import { Instances } from '@/models/index.js';
import { apRequestChart, federationChart, instanceChart } from '@/services/chart/index.js';
import { extractDbHost } from '@/misc/convert-host.js';
import { extractPunyHost } from '@/misc/convert-host.js';
import { getApId } from '@/remote/activitypub/type.js';
import { fetchInstanceMetadata } from '@/services/fetch-instance-metadata.js';
import { Resolver } from '@/remote/activitypub/resolver.js';
@ -64,7 +64,7 @@ export default async (job: Bull.Job<InboxJobData>): Promise<string> => {
}
// Stop if the host is blocked.
const ldHost = extractDbHost(authUser.user.uri);
const ldHost = extractPunyHost(authUser.user.uri);
if (await shouldBlockInstance(ldHost)) {
return `Blocked request: ${ldHost}`;
}
@ -79,14 +79,14 @@ export default async (job: Bull.Job<InboxJobData>): Promise<string> => {
authUser = authUser as AuthUser;
// Verify that the actor's host is not blocked
const signerHost = extractDbHost(authUser.user.uri!);
const signerHost = extractPunyHost(authUser.user.uri!);
if (await shouldBlockInstance(signerHost)) {
return `Blocked request: ${signerHost}`;
}
if (typeof activity.id === 'string') {
// Verify that activity and actor are from the same host.
const activityIdHost = extractDbHost(activity.id);
const activityIdHost = extractPunyHost(activity.id);
if (signerHost !== activityIdHost) {
return `skip: signerHost(${signerHost}) !== activity.id host(${activityIdHost}`;
}

4
packages/backend/src/remote/activitypub/kernel/announce/note.ts
View file

@ -1,6 +1,6 @@
import post from '@/services/note/create.js';
import { IRemoteUser } from '@/models/entities/user.js';
import { extractDbHost } from '@/misc/convert-host.js';
import { extractPunyHost } from '@/misc/convert-host.js';
import { getApLock } from '@/misc/app-lock.js';
import { StatusError } from '@/misc/fetch.js';
import { Notes } from '@/models/index.js';
@ -15,7 +15,7 @@ export default async function(resolver: Resolver, actor: IRemoteUser, activity:
const uri = getApId(activity);
// Cancel if the announced from host is blocked.
if (await shouldBlockInstance(extractDbHost(uri))) return;
if (await shouldBlockInstance(extractPunyHost(uri))) return;
const unlock = await getApLock(uri);

4
packages/backend/src/remote/activitypub/kernel/create/note.ts
View file

@ -1,6 +1,6 @@
import { IRemoteUser } from '@/models/entities/user.js';
import { getApLock } from '@/misc/app-lock.js';
import { extractDbHost } from '@/misc/convert-host.js';
import { extractPunyHost } from '@/misc/convert-host.js';
import { StatusError } from '@/misc/fetch.js';
import { Resolver } from '@/remote/activitypub/resolver.js';
import { createNote, fetchNote } from '@/remote/activitypub/models/note.js';
@ -18,7 +18,7 @@ export default async function(resolver: Resolver, actor: IRemoteUser, note: IObj
}
if (typeof note.id === 'string') {
if (extractDbHost(actor.uri) !== extractDbHost(note.id)) {
if (extractPunyHost(actor.uri) !== extractPunyHost(note.id)) {
return 'skip: host in actor.uri !== note.id';
}
}

4
packages/backend/src/remote/activitypub/kernel/index.ts
View file

@ -1,7 +1,7 @@
import { IRemoteUser } from '@/models/entities/user.js';
import { toArray } from '@/prelude/array.js';
import { Resolver } from '@/remote/activitypub/resolver.js';
import { extractDbHost } from '@/misc/convert-host.js';
import { extractPunyHost } from '@/misc/convert-host.js';
import { shouldBlockInstance } from '@/misc/should-block-instance.js';
import { apLogger } from '../logger.js';
import { IObject, isCreate, isDelete, isUpdate, isRead, isFollow, isAccept, isReject, isAdd, isRemove, isAnnounce, isLike, isUndo, isBlock, isCollectionOrOrderedCollection, isCollection, isFlag, isMove, getApId } from '../type.js';
@ -42,7 +42,7 @@ async function performOneActivity(actor: IRemoteUser, activity: IObject, resolve
if (actor.isSuspended) return;
if (typeof activity.id !== 'undefined') {
const host = extractDbHost(getApId(activity));
const host = extractPunyHost(getApId(activity));
if (await shouldBlockInstance(host)) return;
}

4
packages/backend/src/remote/activitypub/kernel/read.ts
View file

@ -1,5 +1,5 @@
import { IRemoteUser } from '@/models/entities/user.js';
import { isSelfHost, extractDbHost } from '@/misc/convert-host.js';
import { isSelfHost, extractPunyHost } from '@/misc/convert-host.js';
import { MessagingMessages } from '@/models/index.js';
import { readUserMessagingMessage } from '@/server/api/common/read-messaging-message.js';
import { IRead, getApId } from '../type.js';
@ -7,7 +7,7 @@ import { IRead, getApId } from '../type.js';
export const performReadActivity = async (actor: IRemoteUser, activity: IRead): Promise<string> => {
const id = await getApId(activity.object);
if (!isSelfHost(extractDbHost(id))) {
if (!isSelfHost(extractPunyHost(id))) {
return `skip: Read to foreign host (${id})`;
}

10
packages/backend/src/remote/activitypub/models/note.ts
View file

@ -7,7 +7,7 @@ import { unique, toArray, toSingle } from '@/prelude/array.js';
import { vote } from '@/services/note/polls/vote.js';
import { DriveFile } from '@/models/entities/drive-file.js';
import { deliverQuestionUpdate } from '@/services/note/polls/update.js';
import { extractDbHost } from '@/misc/convert-host.js';
import { extractPunyHost } from '@/misc/convert-host.js';
import { Polls, MessagingMessages } from '@/models/index.js';
import { Note } from '@/models/entities/note.js';
import { Emoji } from '@/models/entities/emoji.js';
@ -45,9 +45,9 @@ export function validateNote(object: IObject): Error | null {
}
// Check that the server is authorized to act on behalf of this author.
const expectHost = extractDbHost(id);
const expectHost = extractPunyHost(id);
const attributedToHost = object.attributedTo
? extractDbHost(getOneApId(object.attributedTo))
? extractPunyHost(getOneApId(object.attributedTo))
: null;
if (attributedToHost !== expectHost) {
return new Error(`invalid Note: attributedTo has different host. expected: ${expectHost}, actual: ${attributedToHost}`);
@ -93,7 +93,7 @@ async function processContent(actor: IRemoteUser, note: IPost, quoteUri: string
text = fromHtml(note.content, quoteUri);
}
const emojis = await extractEmojis(note.tag || [], extractDbHost(getApId(note))).catch(e => {
const emojis = await extractEmojis(note.tag || [], extractPunyHost(getApId(note))).catch(e => {
apLogger.info(`extractEmojis: ${e}`);
return [] as Emoji[];
});
@ -299,7 +299,7 @@ export async function resolveNote(value: string | IObject, resolver: Resolver):
if (uri == null) throw new Error('missing uri');
// Interrupt if blocked.
if (await shouldBlockInstance(extractDbHost(uri))) throw new StatusError('host blocked', 451, `host ${extractDbHost(uri)} is blocked`);
if (await shouldBlockInstance(extractPunyHost(uri))) throw new StatusError('host blocked', 451, `host ${extractPunyHost(uri)} is blocked`);
const unlock = await getApLock(uri);

8
packages/backend/src/remote/activitypub/models/person.ts
View file

@ -13,7 +13,7 @@ import { genId } from '@/misc/gen-id.js';
import { instanceChart, usersChart } from '@/services/chart/index.js';
import { UserPublickey } from '@/models/entities/user-publickey.js';
import { isDuplicateKeyValueError } from '@/misc/is-duplicate-key-value-error.js';
import { extractDbHost } from '@/misc/convert-host.js';
import { extractPunyHost } from '@/misc/convert-host.js';
import { UserProfile } from '@/models/entities/user-profile.js';
import { toArray } from '@/prelude/array.js';
import { fetchInstanceMetadata } from '@/services/fetch-instance-metadata.js';
@ -57,7 +57,7 @@ async function validateActor(x: IObject, resolver: Resolver): Promise<IActor> {
// This check is security critical.
// Without this check, an entry could be inserted into UserPublickey for a local user.
if (extractDbHost(uri) === extractDbHost(config.url)) {
if (extractPunyHost(uri) === extractPunyHost(config.url)) {
throw new StatusError('cannot resolve local user', 400, 'cannot resolve local user');
}
@ -108,7 +108,7 @@ async function validateActor(x: IObject, resolver: Resolver): Promise<IActor> {
// This is a security critical check to not insert or change an entry of
// UserPublickey to point to a local key id.
if (extractDbHost(uri) !== extractDbHost(x.publicKey.id)) {
if (extractPunyHost(uri) !== extractPunyHost(x.publicKey.id)) {
throw new Error('invalid Actor: publicKey.id has different host');
}
}
@ -157,7 +157,7 @@ export async function createPerson(value: string | IObject, resolver: Resolver):
apLogger.info(`Creating the Person: ${person.id}`);
const host = extractDbHost(object.id);
const host = extractPunyHost(object.id);
const { fields } = analyzeAttachments(person.attachment || []);

6
packages/backend/src/remote/activitypub/resolver.ts
View file

@ -1,6 +1,6 @@
import { ILocalUser } from '@/models/entities/user.js';
import { getInstanceActor } from '@/services/instance-actor.js';
import { extractDbHost, isSelfHost } from '@/misc/convert-host.js';
import { extractPunyHost, isSelfHost } from '@/misc/convert-host.js';
import { Notes, NoteReactions, Polls, Users } from '@/models/index.js';
import renderNote from '@/remote/activitypub/renderer/note.js';
import { renderLike } from '@/remote/activitypub/renderer/like.js';
@ -50,7 +50,7 @@ export class Resolver {
if (typeof value !== 'string') {
if (typeof value.id !== 'undefined') {
const host = extractDbHost(getApId(value));
const host = extractPunyHost(getApId(value));
if (await shouldBlockInstance(host)) {
throw new Error('instance is blocked');
}
@ -73,7 +73,7 @@ export class Resolver {
}
this.history.add(value);
const host = extractDbHost(value);
const host = extractPunyHost(value);
if (isSelfHost(host)) {
return await this.resolveLocal(value);
}

4
packages/backend/src/remote/http-signature.ts
View file

@ -1,5 +1,5 @@
import { URL } from 'node:url';
import { extractDbHost } from "@/misc/convert-host.js";
import { extractPunyHost } from "@/misc/convert-host.js";
import { shouldBlockInstance } from "@/misc/should-block-instance.js";
import httpSignature from "@peertube/http-signature";
import { Resolver } from "./activitypub/resolver.js";
@ -49,7 +49,7 @@ export async function verifyHttpSignature(signature: httpSignature.IParsedSignat
const keyIdLower = signature.keyId.toLowerCase();
if (keyIdLower.startsWith('acct:')) return { status: 'invalid', authUser: null };
const host = extractDbHost(keyIdLower);
const host = extractPunyHost(keyIdLower);
// Reject if the host is blocked.
if (await shouldBlockInstance(host)) return { status: 'rejected', authUser: null };

4
packages/backend/src/server/api/endpoints/ap/show.ts
View file

@ -2,7 +2,7 @@ import { createPerson } from '@/remote/activitypub/models/person.js';
import { createNote } from '@/remote/activitypub/models/note.js';
import { DbResolver } from '@/remote/activitypub/db-resolver.js';
import { Resolver } from '@/remote/activitypub/resolver.js';
import { extractDbHost } from '@/misc/convert-host.js';
import { extractPunyHost } from '@/misc/convert-host.js';
import { Users, Notes } from '@/models/index.js';
import { Note } from '@/models/entities/note.js';
import { ILocalUser, User } from '@/models/entities/user.js';
@ -87,7 +87,7 @@ export default define(meta, paramDef, async (ps, me) => {
*/
async function fetchAny(uri: string, me: ILocalUser | null | undefined): Promise<SchemaType<typeof meta['res']> | null> {
// Stop if the host is blocked.
const host = extractDbHost(uri);
const host = extractPunyHost(uri);
if (await shouldBlockInstance(host)) {
return null;
}