mirror of
https://github.com/LemmyNet/lemmy.git
synced 2024-12-23 03:11:32 +00:00
Fixed comparison Add check to make sure that inbox doesnt receive local activities (ref #1283) Co-authored-by: Felix Ableitner <me@nutomic.com> Reviewed-on: https://yerbamate.ml/LemmyNet/lemmy/pulls/147
This commit is contained in:
parent
9435994405
commit
2b5c69d678
4 changed files with 26 additions and 1 deletions
|
@ -1,6 +1,7 @@
|
|||
use crate::{
|
||||
activities::receive::verify_activity_domains_valid,
|
||||
inbox::{
|
||||
assert_activity_not_local,
|
||||
get_activity_id,
|
||||
get_activity_to_and_cc,
|
||||
inbox_verify_http_signature,
|
||||
|
@ -85,6 +86,7 @@ pub async fn community_inbox(
|
|||
return Err(anyhow!("Activity delivered to wrong community").into());
|
||||
}
|
||||
|
||||
assert_activity_not_local(&activity)?;
|
||||
insert_activity(&activity_id, activity.clone(), false, true, context.pool()).await?;
|
||||
|
||||
info!(
|
||||
|
|
|
@ -14,7 +14,7 @@ use actix_web::HttpRequest;
|
|||
use anyhow::{anyhow, Context};
|
||||
use lemmy_db::{activity::Activity, community::Community, user::User_, DbPool};
|
||||
use lemmy_structs::blocking;
|
||||
use lemmy_utils::{location_info, LemmyError};
|
||||
use lemmy_utils::{location_info, settings::Settings, LemmyError};
|
||||
use lemmy_websocket::LemmyContext;
|
||||
use serde::{export::fmt::Debug, Serialize};
|
||||
use url::Url;
|
||||
|
@ -151,3 +151,22 @@ pub(crate) async fn is_addressed_to_community_followers(
|
|||
}
|
||||
Ok(None)
|
||||
}
|
||||
|
||||
pub(in crate::inbox) fn assert_activity_not_local<T, Kind>(activity: &T) -> Result<(), LemmyError>
|
||||
where
|
||||
T: BaseExt<Kind> + Debug,
|
||||
{
|
||||
let id = activity.id_unchecked().context(location_info!())?;
|
||||
let activity_domain = id.domain().context(location_info!())?;
|
||||
|
||||
if activity_domain == Settings::get().hostname {
|
||||
return Err(
|
||||
anyhow!(
|
||||
"Error: received activity which was sent by local instance: {:?}",
|
||||
activity
|
||||
)
|
||||
.into(),
|
||||
);
|
||||
}
|
||||
Ok(())
|
||||
}
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
use crate::{
|
||||
inbox::{
|
||||
assert_activity_not_local,
|
||||
community_inbox::{community_receive_message, CommunityAcceptedActivities},
|
||||
get_activity_id,
|
||||
get_activity_to_and_cc,
|
||||
|
@ -58,6 +59,7 @@ pub async fn shared_inbox(
|
|||
return Ok(HttpResponse::Ok().finish());
|
||||
}
|
||||
|
||||
assert_activity_not_local(&activity)?;
|
||||
// Log the activity, so we avoid receiving and parsing it twice. Note that this could still happen
|
||||
// if we receive the same activity twice in very quick succession.
|
||||
insert_activity(&activity_id, activity.clone(), false, true, context.pool()).await?;
|
||||
|
|
|
@ -19,6 +19,7 @@ use crate::{
|
|||
check_is_apub_id_valid,
|
||||
fetcher::get_or_fetch_and_upsert_community,
|
||||
inbox::{
|
||||
assert_activity_not_local,
|
||||
get_activity_id,
|
||||
get_activity_to_and_cc,
|
||||
inbox_verify_http_signature,
|
||||
|
@ -106,6 +107,7 @@ pub async fn user_inbox(
|
|||
return Err(anyhow!("Activity delivered to wrong user").into());
|
||||
}
|
||||
|
||||
assert_activity_not_local(&activity)?;
|
||||
insert_activity(&activity_id, activity.clone(), false, true, context.pool()).await?;
|
||||
|
||||
debug!(
|
||||
|
|
Loading…
Reference in a new issue