diff --git a/packages/backend/src/misc/convert-host.ts b/packages/backend/src/misc/convert-host.ts index 705edaedd..1e7e8b3eb 100644 --- a/packages/backend/src/misc/convert-host.ts +++ b/packages/backend/src/misc/convert-host.ts @@ -11,7 +11,7 @@ export function isSelfHost(host: string | null): boolean { return toPuny(config.host) === toPuny(host); } -export function extractDbHost(uri: string): string { +export function extractPunyHost(uri: string): string { const url = new URL(uri); return toPuny(url.hostname); } diff --git a/packages/backend/src/queue/processors/inbox.ts b/packages/backend/src/queue/processors/inbox.ts index be239daa9..d9e1fdee5 100644 --- a/packages/backend/src/queue/processors/inbox.ts +++ b/packages/backend/src/queue/processors/inbox.ts @@ -5,7 +5,7 @@ import Logger from '@/services/logger.js'; import { registerOrFetchInstanceDoc } from '@/services/register-or-fetch-instance-doc.js'; import { Instances } from '@/models/index.js'; import { apRequestChart, federationChart, instanceChart } from '@/services/chart/index.js'; -import { extractDbHost } from '@/misc/convert-host.js'; +import { extractPunyHost } from '@/misc/convert-host.js'; import { getApId } from '@/remote/activitypub/type.js'; import { fetchInstanceMetadata } from '@/services/fetch-instance-metadata.js'; import { Resolver } from '@/remote/activitypub/resolver.js'; @@ -64,7 +64,7 @@ export default async (job: Bull.Job): Promise => { } // Stop if the host is blocked. - const ldHost = extractDbHost(authUser.user.uri); + const ldHost = extractPunyHost(authUser.user.uri); if (await shouldBlockInstance(ldHost)) { return `Blocked request: ${ldHost}`; } @@ -79,14 +79,14 @@ export default async (job: Bull.Job): Promise => { authUser = authUser as AuthUser; // Verify that the actor's host is not blocked - const signerHost = extractDbHost(authUser.user.uri!); + const signerHost = extractPunyHost(authUser.user.uri!); if (await shouldBlockInstance(signerHost)) { return `Blocked request: ${signerHost}`; } if (typeof activity.id === 'string') { // Verify that activity and actor are from the same host. - const activityIdHost = extractDbHost(activity.id); + const activityIdHost = extractPunyHost(activity.id); if (signerHost !== activityIdHost) { return `skip: signerHost(${signerHost}) !== activity.id host(${activityIdHost}`; } diff --git a/packages/backend/src/remote/activitypub/kernel/announce/note.ts b/packages/backend/src/remote/activitypub/kernel/announce/note.ts index e0861024a..d38db1e4b 100644 --- a/packages/backend/src/remote/activitypub/kernel/announce/note.ts +++ b/packages/backend/src/remote/activitypub/kernel/announce/note.ts @@ -1,6 +1,6 @@ import post from '@/services/note/create.js'; import { IRemoteUser } from '@/models/entities/user.js'; -import { extractDbHost } from '@/misc/convert-host.js'; +import { extractPunyHost } from '@/misc/convert-host.js'; import { getApLock } from '@/misc/app-lock.js'; import { StatusError } from '@/misc/fetch.js'; import { Notes } from '@/models/index.js'; @@ -15,7 +15,7 @@ export default async function(resolver: Resolver, actor: IRemoteUser, activity: const uri = getApId(activity); // Cancel if the announced from host is blocked. - if (await shouldBlockInstance(extractDbHost(uri))) return; + if (await shouldBlockInstance(extractPunyHost(uri))) return; const unlock = await getApLock(uri); diff --git a/packages/backend/src/remote/activitypub/kernel/create/note.ts b/packages/backend/src/remote/activitypub/kernel/create/note.ts index 6fc7b6c2d..4394c647e 100644 --- a/packages/backend/src/remote/activitypub/kernel/create/note.ts +++ b/packages/backend/src/remote/activitypub/kernel/create/note.ts @@ -1,6 +1,6 @@ import { IRemoteUser } from '@/models/entities/user.js'; import { getApLock } from '@/misc/app-lock.js'; -import { extractDbHost } from '@/misc/convert-host.js'; +import { extractPunyHost } from '@/misc/convert-host.js'; import { StatusError } from '@/misc/fetch.js'; import { Resolver } from '@/remote/activitypub/resolver.js'; import { createNote, fetchNote } from '@/remote/activitypub/models/note.js'; @@ -18,7 +18,7 @@ export default async function(resolver: Resolver, actor: IRemoteUser, note: IObj } if (typeof note.id === 'string') { - if (extractDbHost(actor.uri) !== extractDbHost(note.id)) { + if (extractPunyHost(actor.uri) !== extractPunyHost(note.id)) { return 'skip: host in actor.uri !== note.id'; } } diff --git a/packages/backend/src/remote/activitypub/kernel/index.ts b/packages/backend/src/remote/activitypub/kernel/index.ts index 2a0918a4d..1bbb1401c 100644 --- a/packages/backend/src/remote/activitypub/kernel/index.ts +++ b/packages/backend/src/remote/activitypub/kernel/index.ts @@ -1,7 +1,7 @@ import { IRemoteUser } from '@/models/entities/user.js'; import { toArray } from '@/prelude/array.js'; import { Resolver } from '@/remote/activitypub/resolver.js'; -import { extractDbHost } from '@/misc/convert-host.js'; +import { extractPunyHost } from '@/misc/convert-host.js'; import { shouldBlockInstance } from '@/misc/should-block-instance.js'; import { apLogger } from '../logger.js'; import { IObject, isCreate, isDelete, isUpdate, isRead, isFollow, isAccept, isReject, isAdd, isRemove, isAnnounce, isLike, isUndo, isBlock, isCollectionOrOrderedCollection, isCollection, isFlag, isMove, getApId } from '../type.js'; @@ -42,7 +42,7 @@ async function performOneActivity(actor: IRemoteUser, activity: IObject, resolve if (actor.isSuspended) return; if (typeof activity.id !== 'undefined') { - const host = extractDbHost(getApId(activity)); + const host = extractPunyHost(getApId(activity)); if (await shouldBlockInstance(host)) return; } diff --git a/packages/backend/src/remote/activitypub/kernel/read.ts b/packages/backend/src/remote/activitypub/kernel/read.ts index cb147f2af..cd888d437 100644 --- a/packages/backend/src/remote/activitypub/kernel/read.ts +++ b/packages/backend/src/remote/activitypub/kernel/read.ts @@ -1,5 +1,5 @@ import { IRemoteUser } from '@/models/entities/user.js'; -import { isSelfHost, extractDbHost } from '@/misc/convert-host.js'; +import { isSelfHost, extractPunyHost } from '@/misc/convert-host.js'; import { MessagingMessages } from '@/models/index.js'; import { readUserMessagingMessage } from '@/server/api/common/read-messaging-message.js'; import { IRead, getApId } from '../type.js'; @@ -7,7 +7,7 @@ import { IRead, getApId } from '../type.js'; export const performReadActivity = async (actor: IRemoteUser, activity: IRead): Promise => { const id = await getApId(activity.object); - if (!isSelfHost(extractDbHost(id))) { + if (!isSelfHost(extractPunyHost(id))) { return `skip: Read to foreign host (${id})`; } diff --git a/packages/backend/src/remote/activitypub/models/note.ts b/packages/backend/src/remote/activitypub/models/note.ts index 687582d20..e80f83728 100644 --- a/packages/backend/src/remote/activitypub/models/note.ts +++ b/packages/backend/src/remote/activitypub/models/note.ts @@ -7,7 +7,7 @@ import { unique, toArray, toSingle } from '@/prelude/array.js'; import { vote } from '@/services/note/polls/vote.js'; import { DriveFile } from '@/models/entities/drive-file.js'; import { deliverQuestionUpdate } from '@/services/note/polls/update.js'; -import { extractDbHost } from '@/misc/convert-host.js'; +import { extractPunyHost } from '@/misc/convert-host.js'; import { Polls, MessagingMessages } from '@/models/index.js'; import { Note } from '@/models/entities/note.js'; import { Emoji } from '@/models/entities/emoji.js'; @@ -45,9 +45,9 @@ export function validateNote(object: IObject): Error | null { } // Check that the server is authorized to act on behalf of this author. - const expectHost = extractDbHost(id); + const expectHost = extractPunyHost(id); const attributedToHost = object.attributedTo - ? extractDbHost(getOneApId(object.attributedTo)) + ? extractPunyHost(getOneApId(object.attributedTo)) : null; if (attributedToHost !== expectHost) { return new Error(`invalid Note: attributedTo has different host. expected: ${expectHost}, actual: ${attributedToHost}`); @@ -93,7 +93,7 @@ async function processContent(actor: IRemoteUser, note: IPost, quoteUri: string text = fromHtml(note.content, quoteUri); } - const emojis = await extractEmojis(note.tag || [], extractDbHost(getApId(note))).catch(e => { + const emojis = await extractEmojis(note.tag || [], extractPunyHost(getApId(note))).catch(e => { apLogger.info(`extractEmojis: ${e}`); return [] as Emoji[]; }); @@ -299,7 +299,7 @@ export async function resolveNote(value: string | IObject, resolver: Resolver): if (uri == null) throw new Error('missing uri'); // Interrupt if blocked. - if (await shouldBlockInstance(extractDbHost(uri))) throw new StatusError('host blocked', 451, `host ${extractDbHost(uri)} is blocked`); + if (await shouldBlockInstance(extractPunyHost(uri))) throw new StatusError('host blocked', 451, `host ${extractPunyHost(uri)} is blocked`); const unlock = await getApLock(uri); diff --git a/packages/backend/src/remote/activitypub/models/person.ts b/packages/backend/src/remote/activitypub/models/person.ts index ed6e9fa03..3fe042a82 100644 --- a/packages/backend/src/remote/activitypub/models/person.ts +++ b/packages/backend/src/remote/activitypub/models/person.ts @@ -13,7 +13,7 @@ import { genId } from '@/misc/gen-id.js'; import { instanceChart, usersChart } from '@/services/chart/index.js'; import { UserPublickey } from '@/models/entities/user-publickey.js'; import { isDuplicateKeyValueError } from '@/misc/is-duplicate-key-value-error.js'; -import { extractDbHost } from '@/misc/convert-host.js'; +import { extractPunyHost } from '@/misc/convert-host.js'; import { UserProfile } from '@/models/entities/user-profile.js'; import { toArray } from '@/prelude/array.js'; import { fetchInstanceMetadata } from '@/services/fetch-instance-metadata.js'; @@ -57,7 +57,7 @@ async function validateActor(x: IObject, resolver: Resolver): Promise { // This check is security critical. // Without this check, an entry could be inserted into UserPublickey for a local user. - if (extractDbHost(uri) === extractDbHost(config.url)) { + if (extractPunyHost(uri) === extractPunyHost(config.url)) { throw new StatusError('cannot resolve local user', 400, 'cannot resolve local user'); } @@ -108,7 +108,7 @@ async function validateActor(x: IObject, resolver: Resolver): Promise { // This is a security critical check to not insert or change an entry of // UserPublickey to point to a local key id. - if (extractDbHost(uri) !== extractDbHost(x.publicKey.id)) { + if (extractPunyHost(uri) !== extractPunyHost(x.publicKey.id)) { throw new Error('invalid Actor: publicKey.id has different host'); } } @@ -157,7 +157,7 @@ export async function createPerson(value: string | IObject, resolver: Resolver): apLogger.info(`Creating the Person: ${person.id}`); - const host = extractDbHost(object.id); + const host = extractPunyHost(object.id); const { fields } = analyzeAttachments(person.attachment || []); diff --git a/packages/backend/src/remote/activitypub/resolver.ts b/packages/backend/src/remote/activitypub/resolver.ts index 44e05b9e3..51fe89b35 100644 --- a/packages/backend/src/remote/activitypub/resolver.ts +++ b/packages/backend/src/remote/activitypub/resolver.ts @@ -1,6 +1,6 @@ import { ILocalUser } from '@/models/entities/user.js'; import { getInstanceActor } from '@/services/instance-actor.js'; -import { extractDbHost, isSelfHost } from '@/misc/convert-host.js'; +import { extractPunyHost, isSelfHost } from '@/misc/convert-host.js'; import { Notes, NoteReactions, Polls, Users } from '@/models/index.js'; import renderNote from '@/remote/activitypub/renderer/note.js'; import { renderLike } from '@/remote/activitypub/renderer/like.js'; @@ -50,7 +50,7 @@ export class Resolver { if (typeof value !== 'string') { if (typeof value.id !== 'undefined') { - const host = extractDbHost(getApId(value)); + const host = extractPunyHost(getApId(value)); if (await shouldBlockInstance(host)) { throw new Error('instance is blocked'); } @@ -73,7 +73,7 @@ export class Resolver { } this.history.add(value); - const host = extractDbHost(value); + const host = extractPunyHost(value); if (isSelfHost(host)) { return await this.resolveLocal(value); } diff --git a/packages/backend/src/remote/http-signature.ts b/packages/backend/src/remote/http-signature.ts index 69e3cc798..a5925292b 100644 --- a/packages/backend/src/remote/http-signature.ts +++ b/packages/backend/src/remote/http-signature.ts @@ -1,5 +1,5 @@ import { URL } from 'node:url'; -import { extractDbHost } from "@/misc/convert-host.js"; +import { extractPunyHost } from "@/misc/convert-host.js"; import { shouldBlockInstance } from "@/misc/should-block-instance.js"; import httpSignature from "@peertube/http-signature"; import { Resolver } from "./activitypub/resolver.js"; @@ -49,7 +49,7 @@ export async function verifyHttpSignature(signature: httpSignature.IParsedSignat const keyIdLower = signature.keyId.toLowerCase(); if (keyIdLower.startsWith('acct:')) return { status: 'invalid', authUser: null }; - const host = extractDbHost(keyIdLower); + const host = extractPunyHost(keyIdLower); // Reject if the host is blocked. if (await shouldBlockInstance(host)) return { status: 'rejected', authUser: null }; diff --git a/packages/backend/src/server/api/endpoints/ap/show.ts b/packages/backend/src/server/api/endpoints/ap/show.ts index 31b0f1266..dfa2721cb 100644 --- a/packages/backend/src/server/api/endpoints/ap/show.ts +++ b/packages/backend/src/server/api/endpoints/ap/show.ts @@ -2,7 +2,7 @@ import { createPerson } from '@/remote/activitypub/models/person.js'; import { createNote } from '@/remote/activitypub/models/note.js'; import { DbResolver } from '@/remote/activitypub/db-resolver.js'; import { Resolver } from '@/remote/activitypub/resolver.js'; -import { extractDbHost } from '@/misc/convert-host.js'; +import { extractPunyHost } from '@/misc/convert-host.js'; import { Users, Notes } from '@/models/index.js'; import { Note } from '@/models/entities/note.js'; import { ILocalUser, User } from '@/models/entities/user.js'; @@ -87,7 +87,7 @@ export default define(meta, paramDef, async (ps, me) => { */ async function fetchAny(uri: string, me: ILocalUser | null | undefined): Promise | null> { // Stop if the host is blocked. - const host = extractDbHost(uri); + const host = extractPunyHost(uri); if (await shouldBlockInstance(host)) { return null; }