Mirrors/continuwuity
1
0
Fork 0
mirror of https://forgejo.ellis.link/continuwuation/continuwuity.git synced 2026-05-26 20:49:55 +00:00
Code Issues Packages Projects Releases Wiki Activity
6,878 Commits 157 Branches 36 Tags
d32b39181a90bfa3920bc040d456753cb7912d60
Commit Graph

257 Commits

Author SHA1 Message Date
timedout d32b39181a fix: Don't return early if the policy server does something stupid 
Spec compliance is for nerds I guess
 2026-05-25 18:17:41 +01:00
timedout 72b99a1f84 style: Reformat 2026-05-25 18:17:40 +01:00
timedout ae37f218a2 perf: Avoid cloning incoming PDUs to check them 
Also allows us to store signatures on PDUs received over federation that we got a fresh signature for
 2026-05-25 18:17:29 +01:00
timedout 40cecca103 feat: Add extract_signature helper 2026-05-25 18:17:13 +01:00
timedout 2a80a82f74 style: Document functions 2026-05-25 18:17:13 +01:00
timedout fbf4eac2dc fix: Ensure event_id is removed before policy-checking event 2026-05-25 18:17:13 +01:00
timedout 4784010702 fix: Ensure policy server signed with the correct key 2026-05-25 18:17:13 +01:00
timedout 1c88854a54 feat: Enable shutdown interrupt in ratelimit handler 2026-05-25 18:17:12 +01:00
timedout e0fe71c708 feat: Follow spec more closely, code clean up, use ruma request type 2026-05-25 18:17:12 +01:00
timedout 0f0dcb4f58 fix: Return Forbidden instead of internal error when PS doesn't sign 2026-05-25 18:17:12 +01:00
timedout 367c42ad28 fix: Treat malformed policy config events as missing 2026-05-25 18:17:12 +01:00
timedout c8e0f7ebd3 style: Reformat 2026-05-25 18:17:10 +01:00
timedout fdc9aec534 fix: Verify policy server signatures on all events, not just timeline ones 
style: Clarifications

style: Clippy
 2026-05-25 18:16:55 +01:00
timedout 47051af392 feat: Update policy server implementation to be closer to latest spec 
Untested

chore: Add news fragment

feat: Support stable policy servers

feat: Don't attempt erroneous loopback federation for policy server checks

refactor: Update PS upgrade to use new ruma

fix: Only check loopback via after attempting incoming verification
 2026-05-25 18:14:54 +01:00
timedout c1a6e649da feat: Combine local & remote force join 2026-05-25 18:01:08 +01:00
timedout 1d172be503 style: Authentication -> authorization 2026-05-25 17:55:44 +01:00
timedout 4d27a935d6 perf: Move rejected events check 2026-05-25 17:27:56 +01:00
timedout 512a96f832 style: Warn -> debug_warn 2026-05-25 17:18:25 +01:00
timedout 3764faeefc style: Reformat 2026-05-25 17:18:25 +01:00
timedout 5d4b7bfea3 fix: Store PDUs as outliers even when rejected 
This prevents future network lookups if we've already rejected an event and see a reference to it again
 2026-05-25 17:18:24 +01:00
timedout a97f91e079 fix: Don't hard fail on events which depend on soft-failed events 2026-05-25 17:18:24 +01:00
timedout f0401b4fc7 fix: Mark events as rejected in more places, correct soft-fail extremity behaviour 2026-05-25 17:18:24 +01:00
timedout 1f6cab9e2e feat: Implement event rejection 
Co-Authored-By: star <star@nexy7574.co.uk>
 2026-05-25 17:18:23 +01:00
Ginger e34fd76dc0 fix: Re-add support for MSC4293 2026-04-28 09:16:57 -04:00
Ginger e70004c98f chore: Clippy fixes 2026-04-28 09:16:56 -04:00
Ginger bf9c9716eb refactor: Add function to state_accessor to get create event 2026-04-28 09:16:51 -04:00
Ginger 24f7e1d658 chore: Clippy fixes 2026-04-28 09:16:51 -04:00
Ginger d62eeda130 refactor: Replace more uses of RoomVersionId with RoomVersionRules 2026-04-28 09:16:51 -04:00
Jade Ellis a4e64383b7 refactor: Ruma upstraming, bake a little more 2026-04-28 09:16:51 -04:00
Ginger 204bc1367e refactor: Ruma upstreaming, half-baked edition 
Co-authored-by: Jade Ellis <jade@ellis.link>
 2026-04-28 09:16:51 -04:00
timedout 5f4cd47d88 fix: Add workaround for handling malformed PDUs 
Signed-off-by: timedout <git@nexy7574.co.uk>
Reviewed-On: https://forgejo.ellis.link/continuwuation/continuwuity-sec/pulls/7
Reviewed-By: Jade Ellis <jade@ellis.link>
 2026-04-23 20:48:11 +01:00
31a05b9c 8dd4b71e0e fix: make dropped PDU warning less useless 2026-03-04 14:58:01 +00:00
timedout b507898c62 fix: Bump ruwuma again 2026-03-03 18:10:28 +00:00
Ginger dc6bd4e541 fix: Silence unnecessary policy server errors in debug builds 2026-02-15 18:05:42 +00:00
Jade Ellis 117c581948 fix: Correct incorrectly inverted boolean expression 2026-02-15 16:11:19 +00:00
timedout cb846a3ad1 style: Invert pending_invite_state check 2026-02-15 16:11:19 +00:00
timedout 81b984b2cc style: Compress should_rescind_invite 2026-02-15 16:11:19 +00:00
timedout e2961390ee feat: Support rescinding invites over federation 2026-02-15 16:11:19 +00:00
timedout 082ed5b70c feat: Use info level logs for residency check failures 2026-02-03 20:09:41 +00:00
timedout a047199fb4 perf: Don't handle PDUs for rooms we aren't in 2026-02-03 20:09:41 +00:00
timedout 52a51f1de0 fix: Remove useless timestamp check in outlier upgrade process 2026-01-09 02:50:04 +00:00
Jade Ellis aed15f246a refactor: Clean up logging issues 
Primary issues: Double escapes (debug fmt), spans without levels
 2026-01-05 18:28:57 +00:00
timedout 86450da705 style: Run clippy 2025-12-18 19:48:26 +00:00
timedout 8538b21860 feat: Check for incoming signatures 2025-12-18 19:03:32 +00:00
timedout 63e4aacd2b style: Reword TODO comment 2025-12-18 18:24:00 +00:00
timedout 72f0eb9493 feat: Fetch policy server signatures 2025-12-18 18:23:54 +00:00
timedout 1631c0afa4 fix: Perform additional validation on events 2025-12-13 21:36:20 +00:00
timedout d189004d65 feat: Add more granular controls for policy server calling (#1127) 
Adds two new toggles to the configuration, the first of which allows disabling the policy server checks entirely, and the second of which allows disabling checking events created locally. They're both enabled by default for maximum PS efficacy but allowing them to be disabled allows people who frequently cannot contact policy servers, for example those in censored countries, to be able to still use rooms with pace, allows single-user/trusted-only homeservers to disable the preliminary check on their own events, and also gives an escape hatch in case an issue like #1060 happens again, especially with MSCs not in FCP being moving targets.

In future, I think we should gate all MSC implementations behind config flags, even if they default to on.

Reviewed-on: https://forgejo.ellis.link/continuwuation/continuwuity/pulls/1127
Reviewed-by: Jade Ellis <jade@ellis.link>
Co-authored-by: timedout <git@nexy7574.co.uk>
Co-committed-by: timedout <git@nexy7574.co.uk>
 2025-10-16 22:45:23 +00:00
timedout 26b700bf51 fix: Policy server calls use the correct JSON object (#1126) 
Fixes #1060

Reviewed-on: https://forgejo.ellis.link/continuwuation/continuwuity/pulls/1126
Reviewed-by: Jacob Taylor <aranjedeath@noreply.forgejo.ellis.link>
Co-authored-by: timedout <git@nexy7574.co.uk>
Co-committed-by: timedout <git@nexy7574.co.uk>
 2025-10-16 21:06:54 +00:00
nexy7574 c66f6f8900 fix(stateres): Correctly fetch missing auth events for incoming PDUs 2025-09-25 02:54:00 +01:00