Add check to make sure that inbox doesnt receive local activities (ref #1283) #147
|
|
@ -1,6 +1,7 @@
|
|||
use crate::{
|
||||
activities::receive::verify_activity_domains_valid,
|
||||
inbox::{
|
||||
assert_activity_not_local,
|
||||
get_activity_id,
|
||||
get_activity_to_and_cc,
|
||||
inbox_verify_http_signature,
|
||||
|
|
@ -85,6 +86,7 @@ pub async fn community_inbox(
|
|||
return Err(anyhow!("Activity delivered to wrong community").into());
|
||||
}
|
||||
|
||||
assert_activity_not_local(&activity)?;
|
||||
insert_activity(&activity_id, activity.clone(), false, true, context.pool()).await?;
|
||||
|
||||
info!(
|
||||
|
|
|
|||
|
|
@ -14,7 +14,7 @@ use actix_web::HttpRequest;
|
|||
use anyhow::{anyhow, Context};
|
||||
use lemmy_db::{activity::Activity, community::Community, user::User_, DbPool};
|
||||
use lemmy_structs::blocking;
|
||||
use lemmy_utils::{location_info, LemmyError};
|
||||
use lemmy_utils::{location_info, settings::Settings, LemmyError};
|
||||
use lemmy_websocket::LemmyContext;
|
||||
use serde::{export::fmt::Debug, Serialize};
|
||||
use url::Url;
|
||||
|
|
@ -151,3 +151,22 @@ pub(crate) async fn is_addressed_to_community_followers(
|
|||
}
|
||||
Ok(None)
|
||||
}
|
||||
|
||||
pub(in crate::inbox) fn assert_activity_not_local<T, Kind>(activity: &T) -> Result<(), LemmyError>
|
||||
where
|
||||
T: BaseExt<Kind> + Debug,
|
||||
{
|
||||
let id = activity.id_unchecked().context(location_info!())?;
|
||||
let activity_domain = id.domain().context(location_info!())?;
|
||||
|
||||
if activity_domain == Settings::get().hostname {
|
||||
return Err(
|
||||
|
|
||||
anyhow!(
|
||||
"Error: received activity which was sent by local instance: {:?}",
|
||||
activity
|
||||
)
|
||||
.into(),
|
||||
);
|
||||
}
|
||||
Ok(())
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,5 +1,6 @@
|
|||
use crate::{
|
||||
inbox::{
|
||||
assert_activity_not_local,
|
||||
community_inbox::{community_receive_message, CommunityAcceptedActivities},
|
||||
get_activity_id,
|
||||
get_activity_to_and_cc,
|
||||
|
|
@ -58,6 +59,7 @@ pub async fn shared_inbox(
|
|||
return Ok(HttpResponse::Ok().finish());
|
||||
}
|
||||
|
||||
assert_activity_not_local(&activity)?;
|
||||
// Log the activity, so we avoid receiving and parsing it twice. Note that this could still happen
|
||||
// if we receive the same activity twice in very quick succession.
|
||||
insert_activity(&activity_id, activity.clone(), false, true, context.pool()).await?;
|
||||
|
|
|
|||
|
|
@ -19,6 +19,7 @@ use crate::{
|
|||
check_is_apub_id_valid,
|
||||
fetcher::get_or_fetch_and_upsert_community,
|
||||
inbox::{
|
||||
assert_activity_not_local,
|
||||
get_activity_id,
|
||||
get_activity_to_and_cc,
|
||||
inbox_verify_http_signature,
|
||||
|
|
@ -106,6 +107,7 @@ pub async fn user_inbox(
|
|||
return Err(anyhow!("Activity delivered to wrong user").into());
|
||||
}
|
||||
|
||||
assert_activity_not_local(&activity)?;
|
||||
insert_activity(&activity_id, activity.clone(), false, true, context.pool()).await?;
|
||||
|
||||
debug!(
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Shouldn't it throw the error if it IS a local activity, IE activity_domain == my.hostname
Damn you're right. I dont know how the tests passed with this.
Fixed, also pushed to github. Please squash when merging.
Cool, once tests pass I'll squash and merge.
When I tested the original commit locally, I still had
assert!()instead ofreturn Err(), so I must have rewritten it wrong (and didnt run tests again).