logo

pleroma

My custom branche(s) on git.pleroma.social/pleroma/pleroma git clone https://hacktivis.me/git/pleroma.git
commit: 50e47a215f9c473a308ba7e9ddea5e33099c5a9d
parent f1b07a2b2b6439579f0a35694f693712fb5ec5f4
Author: Ivan Tashkinov <ivantashkinov@gmail.com>
Date:   Sat, 28 Nov 2020 21:51:27 +0300

Merge remote-tracking branch 'remotes/origin/develop' into auth-improvements

Diffstat:

M.gitlab-ci.yml4++--
Mconfig/config.exs10----------
Mconfig/test.exs5-----
Mlib/mix/pleroma.ex4++--
Mlib/pleroma/web/plugs/digest_plug.ex18++++++++++++++++--
Atest/pleroma/web/plugs/digest_plug_test.exs48++++++++++++++++++++++++++++++++++++++++++++++++
6 files changed, 68 insertions(+), 21 deletions(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml @@ -228,7 +228,7 @@ arm: artifacts: *release-artifacts only: *release-only tags: - - arm32 + - arm32-specified image: arm32v7/elixir:1.10.3 cache: *release-cache variables: *release-variables @@ -240,7 +240,7 @@ arm-musl: artifacts: *release-artifacts only: *release-only tags: - - arm32 + - arm32-specified image: arm32v7/elixir:1.10.3-alpine cache: *release-cache variables: *release-variables diff --git a/config/config.exs b/config/config.exs @@ -147,16 +147,6 @@ config :pleroma, Pleroma.Web.Endpoint, "SameSite=Lax" ] -config :pleroma, :fed_sockets, - enabled: false, - connection_duration: :timer.hours(8), - rejection_duration: :timer.minutes(15), - fed_socket_fetches: [ - default: 12_000, - interval: 3_000, - lazy: false - ] - # Configures Elixir's Logger config :logger, :console, level: :debug, diff --git a/config/test.exs b/config/test.exs @@ -19,11 +19,6 @@ config :logger, :console, level: :warn, format: "\n[$level] $message\n" -config :pleroma, :fed_sockets, - enabled: false, - connection_duration: 5, - rejection_duration: 5 - config :pleroma, :auth, oauth_consumer_strategies: [] config :pleroma, Pleroma.Upload, diff --git a/lib/mix/pleroma.ex b/lib/mix/pleroma.ex @@ -22,8 +22,8 @@ defmodule Mix.Pleroma do Pleroma.Application.limiters_setup() Application.put_env(:phoenix, :serve_endpoints, false, persistent: true) - if Pleroma.Config.get(:env) != :test do - Application.put_env(:logger, :console, level: :debug) + unless System.get_env("DEBUG") do + Logger.remove_backend(:console) end adapter = Application.get_env(:tesla, :adapter) diff --git a/lib/pleroma/web/plugs/digest_plug.ex b/lib/pleroma/web/plugs/digest_plug.ex @@ -7,8 +7,22 @@ defmodule Pleroma.Web.Plugs.DigestPlug do require Logger def read_body(conn, opts) do + digest_algorithm = + with [digest_header] <- Conn.get_req_header(conn, "digest") do + digest_header + |> String.split("=", parts: 2) + |> List.first() + else + _ -> "SHA-256" + end + + unless String.downcase(digest_algorithm) == "sha-256" do + raise ArgumentError, + message: "invalid value for digest algorithm, got: #{digest_algorithm}" + end + {:ok, body, conn} = Conn.read_body(conn, opts) - digest = "SHA-256=" <> (:crypto.hash(:sha256, body) |> Base.encode64()) - {:ok, body, Conn.assign(conn, :digest, digest)} + encoded_digest = :crypto.hash(:sha256, body) |> Base.encode64() + {:ok, body, Conn.assign(conn, :digest, "#{digest_algorithm}=#{encoded_digest}")} end end diff --git a/test/pleroma/web/plugs/digest_plug_test.exs b/test/pleroma/web/plugs/digest_plug_test.exs @@ -0,0 +1,48 @@ +defmodule Pleroma.Web.Plugs.DigestPlugTest do + use ExUnit.Case, async: true + use Plug.Test + + test "digest algorithm is taken from digest header" do + body = "{\"hello\": \"world\"}" + digest = "X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE=" + + {:ok, ^body, conn} = + :get + |> conn("/", body) + |> put_req_header("content-type", "application/json") + |> put_req_header("digest", "sha-256=" <> digest) + |> Pleroma.Web.Plugs.DigestPlug.read_body([]) + + assert conn.assigns[:digest] == "sha-256=" <> digest + + {:ok, ^body, conn} = + :get + |> conn("/", body) + |> put_req_header("content-type", "application/json") + |> put_req_header("digest", "SHA-256=" <> digest) + |> Pleroma.Web.Plugs.DigestPlug.read_body([]) + + assert conn.assigns[:digest] == "SHA-256=" <> digest + end + + test "error if digest algorithm is invalid" do + body = "{\"hello\": \"world\"}" + digest = "X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE=" + + assert_raise ArgumentError, "invalid value for digest algorithm, got: MD5", fn -> + :get + |> conn("/", body) + |> put_req_header("content-type", "application/json") + |> put_req_header("digest", "MD5=" <> digest) + |> Pleroma.Web.Plugs.DigestPlug.read_body([]) + end + + assert_raise ArgumentError, "invalid value for digest algorithm, got: md5", fn -> + :get + |> conn("/", body) + |> put_req_header("content-type", "application/json") + |> put_req_header("digest", "md5=" <> digest) + |> Pleroma.Web.Plugs.DigestPlug.read_body([]) + end + end +end