summaryrefslogtreecommitdiff
path: root/internal/federation
diff options
context:
space:
mode:
Diffstat (limited to 'internal/federation')
-rw-r--r--internal/federation/authenticate.go31
-rw-r--r--internal/federation/federatingprotocol.go7
-rw-r--r--internal/federation/federatingprotocol_test.go88
-rw-r--r--internal/federation/federator_test.go2
-rw-r--r--internal/federation/gone.go34
5 files changed, 160 insertions, 2 deletions
diff --git a/internal/federation/authenticate.go b/internal/federation/authenticate.go
index ab93fbeaf..3144d9d05 100644
--- a/internal/federation/authenticate.go
+++ b/internal/federation/authenticate.go
@@ -37,6 +37,7 @@ import (
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
"github.com/superseriousbusiness/gotosocial/internal/log"
+ "github.com/superseriousbusiness/gotosocial/internal/transport"
)
/*
@@ -201,8 +202,21 @@ func (f *federator) AuthenticateFederatedRequest(ctx context.Context, requestedU
// REMOTE ACCOUNT REQUEST WITHOUT KEY CACHED LOCALLY
// the request is remote and we don't have the public key yet,
// so we need to authenticate the request properly by dereferencing the remote key
+ gone, err := f.CheckGone(ctx, requestingPublicKeyID)
+ if err != nil {
+ errWithCode := gtserror.NewErrorInternalError(fmt.Errorf("error checking for tombstone for %s: %s", requestingPublicKeyID, err))
+ log.Debug(errWithCode)
+ return nil, errWithCode
+ }
+
+ if gone {
+ errWithCode := gtserror.NewErrorGone(fmt.Errorf("account with public key %s is gone", requestingPublicKeyID))
+ log.Debug(errWithCode)
+ return nil, errWithCode
+ }
+
log.Tracef("proceeding with dereference for uncached public key %s", requestingPublicKeyID)
- transport, err := f.transportController.NewTransportForUsername(ctx, requestedUsername)
+ trans, err := f.transportController.NewTransportForUsername(ctx, requestedUsername)
if err != nil {
errWithCode := gtserror.NewErrorInternalError(fmt.Errorf("error creating transport for %s: %s", requestedUsername, err))
log.Debug(errWithCode)
@@ -210,8 +224,21 @@ func (f *federator) AuthenticateFederatedRequest(ctx context.Context, requestedU
}
// The actual http call to the remote server is made right here in the Dereference function.
- b, err := transport.Dereference(ctx, requestingPublicKeyID)
+ b, err := trans.Dereference(ctx, requestingPublicKeyID)
if err != nil {
+ if errors.Is(err, transport.ErrGone) {
+ // if we get a 410 error it means the account that owns this public key has been deleted;
+ // we should add a tombstone to our database so that we can avoid trying to deref it in future
+ if err := f.HandleGone(ctx, requestingPublicKeyID); err != nil {
+ errWithCode := gtserror.NewErrorInternalError(fmt.Errorf("error marking account with public key %s as gone: %s", requestingPublicKeyID, err))
+ log.Debug(errWithCode)
+ return nil, errWithCode
+ }
+ errWithCode := gtserror.NewErrorGone(fmt.Errorf("account with public key %s is gone", requestingPublicKeyID))
+ log.Debug(errWithCode)
+ return nil, errWithCode
+ }
+
errWithCode := gtserror.NewErrorUnauthorized(fmt.Errorf("error dereferencing public key %s: %s", requestingPublicKeyID, err))
log.Debug(errWithCode)
return nil, errWithCode
diff --git a/internal/federation/federatingprotocol.go b/internal/federation/federatingprotocol.go
index 24dd471c2..ef64f4050 100644
--- a/internal/federation/federatingprotocol.go
+++ b/internal/federation/federatingprotocol.go
@@ -169,6 +169,13 @@ func (f *federator) AuthenticatePostInbox(ctx context.Context, w http.ResponseWr
// if 400, 401, or 403, obey the interface by writing the header and bailing
w.WriteHeader(errWithCode.Code())
return ctx, false, nil
+ case http.StatusGone:
+ // if the requesting account has gone (http 410) then likely
+ // inbox post was a delete, we can just write 202 and leave,
+ // since we didn't know about the account anyway, so we can't
+ // do any further processing
+ w.WriteHeader(http.StatusAccepted)
+ return ctx, false, nil
default:
// if not, there's been a proper error
return ctx, false, err
diff --git a/internal/federation/federatingprotocol_test.go b/internal/federation/federatingprotocol_test.go
index 36832e009..1eb5f133c 100644
--- a/internal/federation/federatingprotocol_test.go
+++ b/internal/federation/federatingprotocol_test.go
@@ -182,6 +182,94 @@ func (suite *FederatingProtocolTestSuite) TestAuthenticatePostInbox() {
suite.Equal(sendingAccount.Username, requestingAccount.Username)
}
+func (suite *FederatingProtocolTestSuite) TestAuthenticatePostGone() {
+ // the activity we're gonna use
+ activity := suite.testActivities["delete_https://somewhere.mysterious/users/rest_in_piss#main-key"]
+ inboxAccount := suite.testAccounts["local_account_1"]
+
+ fedWorker := concurrency.NewWorkerPool[messages.FromFederator](-1, -1)
+
+ httpClient := testrig.NewMockHTTPClient(nil, "../../testrig/media")
+ tc := testrig.NewTestTransportController(httpClient, suite.db, fedWorker)
+
+ // now setup module being tested, with the mock transport controller
+ federator := federation.NewFederator(suite.db, testrig.NewTestFederatingDB(suite.db, fedWorker), tc, suite.tc, testrig.NewTestMediaManager(suite.db, suite.storage))
+
+ request := httptest.NewRequest(http.MethodPost, "http://localhost:8080/users/the_mighty_zork/inbox", nil)
+ // we need these headers for the request to be validated
+ request.Header.Set("Signature", activity.SignatureHeader)
+ request.Header.Set("Date", activity.DateHeader)
+ request.Header.Set("Digest", activity.DigestHeader)
+
+ verifier, err := httpsig.NewVerifier(request)
+ suite.NoError(err)
+
+ ctx := context.Background()
+ // by the time AuthenticatePostInbox is called, PostInboxRequestBodyHook should have already been called,
+ // which should have set the account and username onto the request. We can replicate that behavior here:
+ ctxWithAccount := context.WithValue(ctx, ap.ContextReceivingAccount, inboxAccount)
+ ctxWithVerifier := context.WithValue(ctxWithAccount, ap.ContextRequestingPublicKeyVerifier, verifier)
+ ctxWithSignature := context.WithValue(ctxWithVerifier, ap.ContextRequestingPublicKeySignature, activity.SignatureHeader)
+
+ // we can pass this recorder as a writer and read it back after
+ recorder := httptest.NewRecorder()
+
+ // trigger the function being tested, and return the new context it creates
+ _, authed, err := federator.AuthenticatePostInbox(ctxWithSignature, recorder, request)
+ suite.NoError(err)
+ suite.False(authed)
+ suite.Equal(http.StatusAccepted, recorder.Code)
+}
+
+func (suite *FederatingProtocolTestSuite) TestAuthenticatePostGoneNoTombstoneYet() {
+ // delete the relevant tombstone
+ if err := suite.db.DeleteTombstone(context.Background(), suite.testTombstones["https://somewhere.mysterious/users/rest_in_piss#main-key"].ID); err != nil {
+ suite.FailNow(err.Error())
+ }
+
+ // the activity we're gonna use
+ activity := suite.testActivities["delete_https://somewhere.mysterious/users/rest_in_piss#main-key"]
+ inboxAccount := suite.testAccounts["local_account_1"]
+
+ fedWorker := concurrency.NewWorkerPool[messages.FromFederator](-1, -1)
+
+ httpClient := testrig.NewMockHTTPClient(nil, "../../testrig/media")
+ tc := testrig.NewTestTransportController(httpClient, suite.db, fedWorker)
+
+ // now setup module being tested, with the mock transport controller
+ federator := federation.NewFederator(suite.db, testrig.NewTestFederatingDB(suite.db, fedWorker), tc, suite.tc, testrig.NewTestMediaManager(suite.db, suite.storage))
+
+ request := httptest.NewRequest(http.MethodPost, "http://localhost:8080/users/the_mighty_zork/inbox", nil)
+ // we need these headers for the request to be validated
+ request.Header.Set("Signature", activity.SignatureHeader)
+ request.Header.Set("Date", activity.DateHeader)
+ request.Header.Set("Digest", activity.DigestHeader)
+
+ verifier, err := httpsig.NewVerifier(request)
+ suite.NoError(err)
+
+ ctx := context.Background()
+ // by the time AuthenticatePostInbox is called, PostInboxRequestBodyHook should have already been called,
+ // which should have set the account and username onto the request. We can replicate that behavior here:
+ ctxWithAccount := context.WithValue(ctx, ap.ContextReceivingAccount, inboxAccount)
+ ctxWithVerifier := context.WithValue(ctxWithAccount, ap.ContextRequestingPublicKeyVerifier, verifier)
+ ctxWithSignature := context.WithValue(ctxWithVerifier, ap.ContextRequestingPublicKeySignature, activity.SignatureHeader)
+
+ // we can pass this recorder as a writer and read it back after
+ recorder := httptest.NewRecorder()
+
+ // trigger the function being tested, and return the new context it creates
+ _, authed, err := federator.AuthenticatePostInbox(ctxWithSignature, recorder, request)
+ suite.NoError(err)
+ suite.False(authed)
+ suite.Equal(http.StatusAccepted, recorder.Code)
+
+ // there should be a tombstone in the db now for this account
+ exists, err := suite.db.TombstoneExistsWithURI(ctx, "https://somewhere.mysterious/users/rest_in_piss#main-key")
+ suite.NoError(err)
+ suite.True(exists)
+}
+
func (suite *FederatingProtocolTestSuite) TestBlocked1() {
fedWorker := concurrency.NewWorkerPool[messages.FromFederator](-1, -1)
httpClient := testrig.NewMockHTTPClient(nil, "../../testrig/media")
diff --git a/internal/federation/federator_test.go b/internal/federation/federator_test.go
index c93957098..be22901a7 100644
--- a/internal/federation/federator_test.go
+++ b/internal/federation/federator_test.go
@@ -36,6 +36,7 @@ type FederatorStandardTestSuite struct {
testAccounts map[string]*gtsmodel.Account
testStatuses map[string]*gtsmodel.Status
testActivities map[string]testrig.ActivityWithSignature
+ testTombstones map[string]*gtsmodel.Tombstone
}
// SetupSuite sets some variables on the suite that we can use as consts (more or less) throughout
@@ -45,6 +46,7 @@ func (suite *FederatorStandardTestSuite) SetupSuite() {
suite.tc = testrig.NewTestTypeConverter(suite.db)
suite.testAccounts = testrig.NewTestAccounts()
suite.testStatuses = testrig.NewTestStatuses()
+ suite.testTombstones = testrig.NewTestTombstones()
}
func (suite *FederatorStandardTestSuite) SetupTest() {
diff --git a/internal/federation/gone.go b/internal/federation/gone.go
new file mode 100644
index 000000000..3d9fe3b84
--- /dev/null
+++ b/internal/federation/gone.go
@@ -0,0 +1,34 @@
+package federation
+
+import (
+ "context"
+ "fmt"
+ "net/url"
+
+ "github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
+ "github.com/superseriousbusiness/gotosocial/internal/id"
+ "github.com/superseriousbusiness/gotosocial/internal/log"
+)
+
+// CheckGone checks if a tombstone exists in the database for AP Actor or Object with the given uri.
+func (f *federator) CheckGone(ctx context.Context, uri *url.URL) (bool, error) {
+ return f.db.TombstoneExistsWithURI(ctx, uri.String())
+}
+
+// HandleGone puts a tombstone in the database, which marks an AP Actor or Object with the given uri as gone.
+func (f *federator) HandleGone(ctx context.Context, uri *url.URL) error {
+ tombstoneID, err := id.NewULID()
+ if err != nil {
+ err = fmt.Errorf("HandleGone: error generating id for new tombstone %s: %s", uri, err)
+ log.Error(err)
+ return err
+ }
+
+ tombstone := &gtsmodel.Tombstone{
+ ID: tombstoneID,
+ Domain: uri.Host,
+ URI: uri.String(),
+ }
+
+ return f.db.PutTombstone(ctx, tombstone)
+}
generated by cgit v1.2.3 (git 2.46.0) at 2025-07-13 11:12:18 +0000