oss/conduit
oss/conduit
1
0
Fork 0
mirror of https://gitlab.com/famedly/conduit.git synced 2025-09-05 18:41:00 +00:00
Code Wiki Activity

Merge branch 'release-0.10.7' into 'master'

Browse source 
Release 0.10.7

See merge request famedly/conduit!772
This commit is contained in:
Matthias Ahouansou 2025-08-01 21:55:21 +00:00
commit 578a9aec28
4 changed files with 38 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

2
Cargo.lock generated
View file

@ -492,7 +492,7 @@ checksum = "3d7b894f5411737b7867f4827955924d7c254fc9f4d91a6aad6b097804b1018b"
[[package]] [[package]]
name = "conduit" name = "conduit"
version = "0.10.6" version = "0.10.7"
dependencies = [ dependencies = [
"async-trait", "async-trait",
"axum", "axum",

2
Cargo.toml
View file

@ -16,7 +16,7 @@ license = "Apache-2.0"
name = "conduit" name = "conduit"
readme = "README.md" readme = "README.md"
repository = "https://gitlab.com/famedly/conduit" repository = "https://gitlab.com/famedly/conduit"
version = "0.10.6" version = "0.10.7"
# See also `rust-toolchain.toml` # See also `rust-toolchain.toml`
rust-version = "1.85.0" rust-version = "1.85.0"

6
src/database/key_value/globals.rs
View file

@ -255,12 +255,16 @@ lasttimelinecount_cache: {lasttimelinecount_cache}\n"
let ServerSigningKeys { let ServerSigningKeys {
verify_keys, verify_keys,
old_verify_keys, old_verify_keys,
valid_until_ts,
.. ..
} = new_keys; } = new_keys;
prev_keys.verify_keys.extend(verify_keys); prev_keys.verify_keys.extend(verify_keys);
prev_keys.old_verify_keys.extend(old_verify_keys); prev_keys.old_verify_keys.extend(old_verify_keys);
prev_keys.valid_until_ts = new_keys.valid_until_ts;
if valid_until_ts > prev_keys.valid_until_ts {
prev_keys.valid_until_ts = valid_until_ts;
}
self.server_signingkeys.insert( self.server_signingkeys.insert(
origin.as_bytes(), origin.as_bytes(),

38
src/service/rooms/event_handler/mod.rs
View file

@ -1511,6 +1511,27 @@ impl Service {
} }
} }
let origin_server_ts = value.get("origin_server_ts").ok_or_else(|| {
error!("Invalid PDU, no origin_server_ts field");
Error::BadRequest(
ErrorKind::MissingParam,
"Invalid PDU, no origin_server_ts field",
)
})?;
let origin_server_ts: MilliSecondsSinceUnixEpoch = {
let ts = origin_server_ts.as_integer().ok_or_else(|| {
Error::BadRequest(
ErrorKind::InvalidParam,
"origin_server_ts must be an integer",
)
})?;
MilliSecondsSinceUnixEpoch(i64::from(ts).try_into().map_err(|_| {
Error::BadRequest(ErrorKind::InvalidParam, "Time must be after the unix epoch")
})?)
};
let signatures = value let signatures = value
.get("signatures") .get("signatures")
.ok_or(Error::BadServerResponse( .ok_or(Error::BadServerResponse(
@ -1530,15 +1551,16 @@ impl Service {
let contains_all_ids = |keys: &SigningKeys| { let contains_all_ids = |keys: &SigningKeys| {
signature_ids.iter().all(|id| { signature_ids.iter().all(|id| {
keys.verify_keys (keys.valid_until_ts > origin_server_ts
.keys() && keys
.map(ToString::to_string) .verify_keys
.any(|key_id| id == &key_id)
|| keys
.old_verify_keys
.keys() .keys()
.map(ToString::to_string) .map(ToString::to_string)
.any(|key_id| id == &key_id) .any(|key_id| id == &key_id))
|| keys
.old_verify_keys
.iter()
.any(|(key_id, key)| key_id == id && key.expired_ts > origin_server_ts)
}) })
}; };
@ -1559,6 +1581,8 @@ impl Service {
} }
pub_key_map.insert(origin.to_string(), result); pub_key_map.insert(origin.to_string(), result);
} else {
servers.insert(origin.to_owned(), BTreeMap::new());
} }
} }