From 927ab1f04012d4535d829d77cb0e8af66e287d71 Mon Sep 17 00:00:00 2001 From: Felix Ableitner Date: Fri, 25 Sep 2020 17:33:00 +0200 Subject: [PATCH] Remove hardcoded usage of https (fixes #1126) --- Cargo.lock | 1 + config/defaults.hjson | 4 +-- docker/federation/docker-compose.yml | 10 +++---- lemmy_api/src/user.rs | 8 +++--- lemmy_apub/src/activities.rs | 7 +++-- lemmy_apub/src/community.rs | 4 +-- lemmy_apub/src/fetcher.rs | 9 +++++-- lemmy_apub/src/lib.rs | 5 ++-- lemmy_db/Cargo.toml | 1 + lemmy_db/src/user.rs | 8 +++++- lemmy_structs/src/lib.rs | 2 +- lemmy_utils/src/apub.rs | 13 ++-------- lemmy_utils/src/request.rs | 7 +++-- lemmy_utils/src/settings.rs | 17 +++++++++++- src/code_migrations.rs | 7 +++-- src/routes/feeds.rs | 39 +++++++++++++++++++--------- src/routes/nodeinfo.rs | 7 +++-- 17 files changed, 89 insertions(+), 60 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 7c709ffa6..65f718b3e 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1896,6 +1896,7 @@ dependencies = [ "chrono", "diesel", "lazy_static", + "lemmy_utils", "log", "regex", "serde 1.0.116", diff --git a/config/defaults.hjson b/config/defaults.hjson index 1da2a16cf..62fa98a6d 100644 --- a/config/defaults.hjson +++ b/config/defaults.hjson @@ -31,6 +31,8 @@ bind: "0.0.0.0" # port where lemmy should listen for incoming requests port: 8536 + # whether tls is required for activitypub. only disable this for debugging, never for producion. + tls_enabled: true # json web token for authorization between server and client jwt_secret: "changeme" # address where pictrs is available @@ -58,8 +60,6 @@ federation: { # whether to enable activitypub federation. this feature is in alpha, do not enable in production. enabled: false - # whether tls is required for activitypub. only disable this for debugging, never for producion. - tls_enabled: true # comma separated list of instances with which federation is allowed allowed_instances: "" # comma separated list of instances which are blocked from federating diff --git a/docker/federation/docker-compose.yml b/docker/federation/docker-compose.yml index b4181e5d2..8f01eadf7 100644 --- a/docker/federation/docker-compose.yml +++ b/docker/federation/docker-compose.yml @@ -43,7 +43,7 @@ services: - LEMMY_DATABASE_URL=postgres://lemmy:password@postgres_alpha:5432/lemmy - LEMMY_JWT_SECRET=changeme - LEMMY_FEDERATION__ENABLED=true - - LEMMY_FEDERATION__TLS_ENABLED=false + - LEMMY_TLS_ENABLED=false - LEMMY_FEDERATION__ALLOWED_INSTANCES=lemmy-beta,lemmy-gamma,lemmy-delta,lemmy-epsilon - LEMMY_PORT=8541 - LEMMY_SETUP__ADMIN_USERNAME=lemmy_alpha @@ -82,7 +82,7 @@ services: - LEMMY_DATABASE_URL=postgres://lemmy:password@postgres_beta:5432/lemmy - LEMMY_JWT_SECRET=changeme - LEMMY_FEDERATION__ENABLED=true - - LEMMY_FEDERATION__TLS_ENABLED=false + - LEMMY_TLS_ENABLED=false - LEMMY_FEDERATION__ALLOWED_INSTANCES=lemmy-alpha,lemmy-gamma,lemmy-delta,lemmy-epsilon - LEMMY_PORT=8551 - LEMMY_SETUP__ADMIN_USERNAME=lemmy_beta @@ -121,7 +121,7 @@ services: - LEMMY_DATABASE_URL=postgres://lemmy:password@postgres_gamma:5432/lemmy - LEMMY_JWT_SECRET=changeme - LEMMY_FEDERATION__ENABLED=true - - LEMMY_FEDERATION__TLS_ENABLED=false + - LEMMY_TLS_ENABLED=false - LEMMY_FEDERATION__ALLOWED_INSTANCES=lemmy-alpha,lemmy-beta,lemmy-delta,lemmy-epsilon - LEMMY_PORT=8561 - LEMMY_SETUP__ADMIN_USERNAME=lemmy_gamma @@ -161,7 +161,7 @@ services: - LEMMY_DATABASE_URL=postgres://lemmy:password@postgres_delta:5432/lemmy - LEMMY_JWT_SECRET=changeme - LEMMY_FEDERATION__ENABLED=true - - LEMMY_FEDERATION__TLS_ENABLED=false + - LEMMY_TLS_ENABLED=false - LEMMY_FEDERATION__ALLOWED_INSTANCES=lemmy-beta - LEMMY_PORT=8571 - LEMMY_SETUP__ADMIN_USERNAME=lemmy_delta @@ -201,7 +201,7 @@ services: - LEMMY_DATABASE_URL=postgres://lemmy:password@postgres_epsilon:5432/lemmy - LEMMY_JWT_SECRET=changeme - LEMMY_FEDERATION__ENABLED=true - - LEMMY_FEDERATION__TLS_ENABLED=false + - LEMMY_TLS_ENABLED=false - LEMMY_FEDERATION__BLOCKED_INSTANCES=lemmy-alpha - LEMMY_PORT=8581 - LEMMY_SETUP__ADMIN_USERNAME=lemmy_epsilon diff --git a/lemmy_api/src/user.rs b/lemmy_api/src/user.rs index e2b73c53e..4e6269268 100644 --- a/lemmy_api/src/user.rs +++ b/lemmy_api/src/user.rs @@ -913,7 +913,7 @@ impl Perform for PasswordReset { // TODO no i18n support here. let user_email = &user.email.expect("email"); let subject = &format!("Password reset for {}", user.name); - let hostname = &format!("https://{}", Settings::get().hostname); //TODO add https for now. + let hostname = &Settings::get().get_protocol_and_hostname(); let html = &format!("

Password Reset Request for {}


Click here to reset your password", user.name, hostname, &token); match send_email(subject, user_email, &user.name, html) { Ok(_o) => _o, @@ -977,8 +977,6 @@ impl Perform for CreatePrivateMessage { let data: &CreatePrivateMessage = &self; let user = get_user_from_jwt(&data.auth, context.pool()).await?; - let hostname = &format!("https://{}", Settings::get().hostname); - let content_slurs_removed = remove_slurs(&data.content.to_owned()); let private_message_form = PrivateMessageForm { @@ -1034,7 +1032,9 @@ impl Perform for CreatePrivateMessage { ); let html = &format!( "

Private Message


{} - {}

inbox", - user.name, &content_slurs_removed, hostname + user.name, + &content_slurs_removed, + Settings::get().get_protocol_and_hostname() ); match send_email(subject, &email, &recipient_user.name, html) { Ok(_o) => _o, diff --git a/lemmy_apub/src/activities.rs b/lemmy_apub/src/activities.rs index 3b1b12ab3..18781ef42 100644 --- a/lemmy_apub/src/activities.rs +++ b/lemmy_apub/src/activities.rs @@ -4,7 +4,7 @@ use activitystreams::{ object::AsObject, }; use lemmy_db::{community::Community, user::User_}; -use lemmy_utils::{apub::get_apub_protocol_string, settings::Settings, LemmyError}; +use lemmy_utils::{settings::Settings, LemmyError}; use lemmy_websocket::LemmyContext; use serde::{export::fmt::Debug, Serialize}; use url::{ParseError, Url}; @@ -40,9 +40,8 @@ where T: ToString, { let id = format!( - "{}://{}/activities/{}/{}", - get_apub_protocol_string(), - Settings::get().hostname, + "{}/activities/{}/{}", + Settings::get().get_protocol_and_hostname(), kind.to_string().to_lowercase(), Uuid::new_v4() ); diff --git a/lemmy_apub/src/community.rs b/lemmy_apub/src/community.rs index 8a41e8866..715b765b3 100644 --- a/lemmy_apub/src/community.rs +++ b/lemmy_apub/src/community.rs @@ -44,8 +44,8 @@ use lemmy_db::{ }; use lemmy_structs::blocking; use lemmy_utils::{ - apub::get_apub_protocol_string, location_info, + settings::Settings, utils::{check_slurs, check_slurs_opt, convert_datetime}, LemmyError, }; @@ -299,7 +299,7 @@ impl ActorType for Community { }; Ok(Url::parse(&format!( "{}://{}{}/inbox", - get_apub_protocol_string(), + Settings::get().get_protocol_string(), domain, port, ))?) diff --git a/lemmy_apub/src/fetcher.rs b/lemmy_apub/src/fetcher.rs index 4ce4082cd..3f2109ecb 100644 --- a/lemmy_apub/src/fetcher.rs +++ b/lemmy_apub/src/fetcher.rs @@ -27,9 +27,9 @@ use lemmy_db::{ }; use lemmy_structs::{blocking, site::SearchResponse}; use lemmy_utils::{ - apub::get_apub_protocol_string, location_info, request::{retry, RecvError}, + settings::Settings, LemmyError, }; use lemmy_websocket::LemmyContext; @@ -117,7 +117,12 @@ pub async fn search_by_apub_id( return Err(anyhow!("Invalid search query: {}", query).into()); }; - let url = format!("{}://{}{}", get_apub_protocol_string(), instance, name); + let url = format!( + "{}://{}{}", + Settings::get().get_protocol_string(), + instance, + name + ); Url::parse(&url)? } else { Url::parse(&query)? diff --git a/lemmy_apub/src/lib.rs b/lemmy_apub/src/lib.rs index 22eb9fbe0..3f37c5d3c 100644 --- a/lemmy_apub/src/lib.rs +++ b/lemmy_apub/src/lib.rs @@ -32,7 +32,6 @@ use chrono::NaiveDateTime; use lemmy_db::{activity::do_insert_activity, user::User_, DbPool}; use lemmy_structs::{blocking, WebFingerResponse}; use lemmy_utils::{ - apub::get_apub_protocol_string, location_info, request::{retry, RecvError}, settings::Settings, @@ -97,7 +96,7 @@ fn check_is_apub_id_valid(apub_id: &Url) -> Result<(), LemmyError> { }; } - if apub_id.scheme() != get_apub_protocol_string() { + if apub_id.scheme() != Settings::get().get_protocol_string() { return Err(anyhow!("invalid apub id scheme: {:?}", apub_id.scheme()).into()); } @@ -319,7 +318,7 @@ pub async fn fetch_webfinger_url( ) -> Result { let fetch_url = format!( "{}://{}/.well-known/webfinger?resource=acct:{}@{}", - get_apub_protocol_string(), + Settings::get().get_protocol_string(), mention.domain, mention.name, mention.domain diff --git a/lemmy_db/Cargo.toml b/lemmy_db/Cargo.toml index 814c169fa..904b16937 100644 --- a/lemmy_db/Cargo.toml +++ b/lemmy_db/Cargo.toml @@ -8,6 +8,7 @@ name = "lemmy_db" path = "src/lib.rs" [dependencies] +lemmy_utils = { path = "../lemmy_utils" } diesel = { version = "1.4", features = ["postgres","chrono","r2d2","64-column-tables","serde_json"] } chrono = { version = "0.4", features = ["serde"] } serde = { version = "1.0", features = ["derive"] } diff --git a/lemmy_db/src/user.rs b/lemmy_db/src/user.rs index f2c20e947..15fb592c7 100644 --- a/lemmy_db/src/user.rs +++ b/lemmy_db/src/user.rs @@ -6,6 +6,7 @@ use crate::{ }; use bcrypt::{hash, DEFAULT_COST}; use diesel::{dsl::*, result::Error, *}; +use lemmy_utils::settings::Settings; use serde::Serialize; #[derive(Clone, Queryable, Identifiable, PartialEq, Debug, Serialize)] @@ -151,7 +152,12 @@ impl User_ { } pub fn get_profile_url(&self, hostname: &str) -> String { - format!("https://{}/u/{}", hostname, self.name) + format!( + "{}://{}/u/{}", + Settings::get().get_protocol_string(), + hostname, + self.name + ) } pub fn upsert(conn: &PgConnection, user_form: &UserForm) -> Result { diff --git a/lemmy_structs/src/lib.rs b/lemmy_structs/src/lib.rs index 3efe0bead..9b67866a9 100644 --- a/lemmy_structs/src/lib.rs +++ b/lemmy_structs/src/lib.rs @@ -77,7 +77,7 @@ fn do_send_local_notifs( do_send_email: bool, ) -> Vec { let mut recipient_ids = Vec::new(); - let hostname = &format!("https://{}", Settings::get().hostname); + let hostname = &Settings::get().get_protocol_and_hostname(); // Send the local mentions for mention in mentions diff --git a/lemmy_utils/src/apub.rs b/lemmy_utils/src/apub.rs index 08e7a4491..4f6ec22f0 100644 --- a/lemmy_utils/src/apub.rs +++ b/lemmy_utils/src/apub.rs @@ -35,14 +35,6 @@ pub enum EndpointType { PrivateMessage, } -pub fn get_apub_protocol_string() -> &'static str { - if Settings::get().federation.tls_enabled { - "https" - } else { - "http" - } -} - /// Generates the ActivityPub ID for a given object type and ID. pub fn make_apub_endpoint(endpoint_type: EndpointType, name: &str) -> Url { let point = match endpoint_type { @@ -54,9 +46,8 @@ pub fn make_apub_endpoint(endpoint_type: EndpointType, name: &str) -> Url { }; Url::parse(&format!( - "{}://{}/{}/{}", - get_apub_protocol_string(), - Settings::get().hostname, + "{}/{}/{}", + Settings::get().get_protocol_and_hostname(), point, name )) diff --git a/lemmy_utils/src/request.rs b/lemmy_utils/src/request.rs index 4aa70c6fd..cbd778c6e 100644 --- a/lemmy_utils/src/request.rs +++ b/lemmy_utils/src/request.rs @@ -1,4 +1,4 @@ -use crate::{apub::get_apub_protocol_string, settings::Settings, LemmyError}; +use crate::{settings::Settings, LemmyError}; use anyhow::anyhow; use log::error; use percent_encoding::{utf8_percent_encode, NON_ALPHANUMERIC}; @@ -149,9 +149,8 @@ pub async fn fetch_iframely_and_pictrs_data( // The full urls are necessary for federation let pictrs_thumbnail = if let Some(pictrs_hash) = pictrs_hash { Some(format!( - "{}://{}/pictrs/image/{}", - get_apub_protocol_string(), - Settings::get().hostname, + "{}/pictrs/image/{}", + Settings::get().get_protocol_and_hostname(), pictrs_hash )) } else { diff --git a/lemmy_utils/src/settings.rs b/lemmy_utils/src/settings.rs index 82bdceb21..d3775c4b4 100644 --- a/lemmy_utils/src/settings.rs +++ b/lemmy_utils/src/settings.rs @@ -12,6 +12,7 @@ pub struct Settings { pub hostname: String, pub bind: IpAddr, pub port: u16, + pub tls_enabled: bool, pub jwt_secret: String, pub pictrs_url: String, pub rate_limit: RateLimitConfig, @@ -68,7 +69,6 @@ pub struct DatabaseConfig { #[derive(Debug, Deserialize, Clone)] pub struct FederationConfig { pub enabled: bool, - pub tls_enabled: bool, pub allowed_instances: String, pub blocked_instances: String, } @@ -157,6 +157,21 @@ impl Settings { blocked_instances } + /// Returns either "http" or "https", depending on tls_enabled setting + pub fn get_protocol_string(&self) -> &'static str { + if self.tls_enabled { + "https" + } else { + "http" + } + } + + /// Returns something like `http://localhost` or `https://dev.lemmy.ml`, + /// with the correct protocol and hostname. + pub fn get_protocol_and_hostname(&self) -> String { + format!("{}://{}", self.get_protocol_string(), self.hostname) + } + pub fn save_config_file(data: &str) -> Result { fs::write(CONFIG_FILE, data)?; diff --git a/src/code_migrations.rs b/src/code_migrations.rs index 6a69035da..6743fb298 100644 --- a/src/code_migrations.rs +++ b/src/code_migrations.rs @@ -13,7 +13,7 @@ use lemmy_db::{ Crud, }; use lemmy_utils::{ - apub::{generate_actor_keypair, get_apub_protocol_string, make_apub_endpoint, EndpointType}, + apub::{generate_actor_keypair, make_apub_endpoint, EndpointType}, settings::Settings, LemmyError, }; @@ -206,9 +206,8 @@ fn post_thumbnail_url_updates_2020_07_27(conn: &PgConnection) -> Result<(), Lemm info!("Running post_thumbnail_url_updates_2020_07_27"); let domain_prefix = format!( - "{}://{}/pictrs/image/", - get_apub_protocol_string(), - Settings::get().hostname + "{}/pictrs/image/", + Settings::get().get_protocol_and_hostname(), ); let incorrect_thumbnails = post.filter(thumbnail_url.not_like("http%")); diff --git a/src/routes/feeds.rs b/src/routes/feeds.rs index 2c36ac233..f9111169a 100644 --- a/src/routes/feeds.rs +++ b/src/routes/feeds.rs @@ -71,7 +71,7 @@ fn get_feed_all_data(conn: &PgConnection, sort_type: &SortType) -> Result Result Result { let mut i = ItemBuilder::default(); i.title(format!("Reply from {}", creator_name)); - let author_url = format!("https://{}/u/{}", Settings::get().hostname, creator_name); + let author_url = format!( + "{}/u/{}", + Settings::get().get_protocol_and_hostname(), + creator_name + ); i.author(format!( "/u/{} (link)", creator_name, author_url @@ -306,7 +313,11 @@ fn create_post_items(posts: Vec) -> Result, LemmyError> { i.title(p.name); - let author_url = format!("https://{}/u/{}", Settings::get().hostname, p.creator_name); + let author_url = format!( + "{}/u/{}", + Settings::get().get_protocol_and_hostname(), + p.creator_name + ); i.author(format!( "/u/{} (link)", p.creator_name, author_url @@ -315,7 +326,11 @@ fn create_post_items(posts: Vec) -> Result, LemmyError> { let dt = DateTime::::from_utc(p.published, Utc); i.pub_date(dt.to_rfc2822()); - let post_url = format!("https://{}/post/{}", Settings::get().hostname, p.id); + let post_url = format!( + "{}/post/{}", + Settings::get().get_protocol_and_hostname(), + p.id + ); i.comments(post_url.to_owned()); let guid = GuidBuilder::default() .permalink(true) @@ -325,8 +340,8 @@ fn create_post_items(posts: Vec) -> Result, LemmyError> { i.guid(guid); let community_url = format!( - "https://{}/c/{}", - Settings::get().hostname, + "{}/c/{}", + Settings::get().get_protocol_and_hostname(), p.community_name ); diff --git a/src/routes/nodeinfo.rs b/src/routes/nodeinfo.rs index 984151c42..c41be0e94 100644 --- a/src/routes/nodeinfo.rs +++ b/src/routes/nodeinfo.rs @@ -3,7 +3,7 @@ use anyhow::anyhow; use lemmy_api::version; use lemmy_db::site_view::SiteView; use lemmy_structs::blocking; -use lemmy_utils::{apub::get_apub_protocol_string, settings::Settings, LemmyError}; +use lemmy_utils::{settings::Settings, LemmyError}; use lemmy_websocket::LemmyContext; use serde::{Deserialize, Serialize}; use url::Url; @@ -19,9 +19,8 @@ async fn node_info_well_known() -> Result, LemmyError> { links: NodeInfoWellKnownLinks { rel: Url::parse("http://nodeinfo.diaspora.software/ns/schema/2.0")?, href: Url::parse(&format!( - "{}://{}/nodeinfo/2.0.json", - get_apub_protocol_string(), - Settings::get().hostname + "{}/nodeinfo/2.0.json", + Settings::get().get_protocol_and_hostname() ))?, }, };