From d2b0d864718c676af9909ee45fac60d5f232bf6a Mon Sep 17 00:00:00 2001 From: Atsuko Karagi Date: Tue, 4 Apr 2023 17:41:13 +0200 Subject: [PATCH] HTTP signatures respect allowlist federation --- lib/pleroma/web/activity_pub/publisher.ex | 19 +++++++-- ...mapped_signature_to_identity_plug_test.exs | 41 +++++++++++++++++++ 2 files changed, 57 insertions(+), 3 deletions(-) diff --git a/lib/pleroma/web/activity_pub/publisher.ex b/lib/pleroma/web/activity_pub/publisher.ex index b187d3a48..3071c1b77 100644 --- a/lib/pleroma/web/activity_pub/publisher.ex +++ b/lib/pleroma/web/activity_pub/publisher.ex @@ -108,15 +108,28 @@ defp blocked_instances do Config.get([:mrf_simple, :reject], []) end + defp allowed_instances do + Config.get([:mrf_simple, :accept]) + end + def should_federate?(url) do %{host: host} = URI.parse(url) - quarantined_instances = - blocked_instances() + with allowed <- allowed_instances(), + false <- Enum.empty?(allowed) do + allowed |> Pleroma.Web.ActivityPub.MRF.instance_list_from_tuples() |> Pleroma.Web.ActivityPub.MRF.subdomains_regex() + |> Pleroma.Web.ActivityPub.MRF.subdomain_match?(host) + else + _ -> + quarantined_instances = + blocked_instances() + |> Pleroma.Web.ActivityPub.MRF.instance_list_from_tuples() + |> Pleroma.Web.ActivityPub.MRF.subdomains_regex() - !Pleroma.Web.ActivityPub.MRF.subdomain_match?(quarantined_instances, host) + not Pleroma.Web.ActivityPub.MRF.subdomain_match?(quarantined_instances, host) + end end @spec recipients(User.t(), Activity.t()) :: list(User.t()) | [] diff --git a/test/pleroma/web/plugs/mapped_signature_to_identity_plug_test.exs b/test/pleroma/web/plugs/mapped_signature_to_identity_plug_test.exs index 21c574ba3..c42b82810 100644 --- a/test/pleroma/web/plugs/mapped_signature_to_identity_plug_test.exs +++ b/test/pleroma/web/plugs/mapped_signature_to_identity_plug_test.exs @@ -69,6 +69,47 @@ test "it considers a mapped identity to be invalid when the associated instance assert %{valid_signature: false} == conn.assigns end + test "allowlist federation: it considers a mapped identity to be valid when the associated instance is allowed" do + clear_config([:activitypub, :authorized_fetch_mode], true) + + clear_config([:mrf_simple, :accept], [ + {"mastodon.example.org", "anime is allowed"} + ]) + + on_exit(fn -> + Pleroma.Config.put([:activitypub, :authorized_fetch_mode], false) + Pleroma.Config.put([:mrf_simple, :accept], []) + end) + + conn = + build_conn(:post, "/doesntmattter", %{"actor" => "http://mastodon.example.org/users/admin"}) + |> set_signature("http://mastodon.example.org/users/admin") + |> MappedSignatureToIdentityPlug.call(%{}) + + assert conn.assigns[:valid_signature] + refute is_nil(conn.assigns.user) + end + + test "allowlist federation: it considers a mapped identity to be invalid when the associated instance is not allowed" do + clear_config([:activitypub, :authorized_fetch_mode], true) + + clear_config([:mrf_simple, :accept], [ + {"misskey.example.org", "anime is allowed"} + ]) + + on_exit(fn -> + Pleroma.Config.put([:activitypub, :authorized_fetch_mode], false) + Pleroma.Config.put([:mrf_simple, :accept], []) + end) + + conn = + build_conn(:post, "/doesntmattter", %{"actor" => "http://mastodon.example.org/users/admin"}) + |> set_signature("http://mastodon.example.org/users/admin") + |> MappedSignatureToIdentityPlug.call(%{}) + + assert %{valid_signature: false} == conn.assigns + end + @tag skip: "known breakage; the testsuite presently depends on it" test "it considers a mapped identity to be invalid when the identity cannot be found" do conn =