fr33domlover
58a56b6743
Make noteId optional, to support taking a Note in postOutboxR
2019-03-23 02:05:30 +00:00
fr33domlover
88d4c976ee
Add route getMessageR, returns an Activity Note for any locally created Message
2019-03-22 20:46:42 +00:00
fr33domlover
6c186355f3
Change some top-level routes' breadcrumbs to be under HomeR
2019-03-22 05:17:58 +00:00
fr33domlover
c27636a438
Add route /publish for sending activities, getOutboxR now free to return outbox
2019-03-22 05:17:54 +00:00
fr33domlover
d40e1b8891
In outbox post form, provide parent and context, and default to ticket comment
2019-03-21 23:56:47 +00:00
fr33domlover
ad3a20d783
Receive remote comments on local ticket discussion
2019-03-21 22:57:15 +00:00
fr33domlover
72f96a0dff
When verifying HTTPsig, return iid&rsid and remove duplicate shared usage check
...
* Adapt DB related code to return the InstanceId and RemoteSharerId
* Previously, when fetching a known shared key, we were running a DB
check/update for the shared usage record. I noticed - and hopefully I
correctly noticed - that this check already runs when we discover the keyId
points to a shared key we already know. So, after successful sig
verification, there's no need to run the check again. So I removed it.
2019-03-21 21:38:59 +00:00
fr33domlover
061c84349d
Recognize the 3 variants of the Public collection URI when parsing audience
2019-03-21 19:13:36 +00:00
fr33domlover
77324442fc
Fetch local messages by LocalMessageId, not by MessageId
2019-03-21 19:06:52 +00:00
fr33domlover
9b916c9b75
Add ID URI field to RemoteMessage
2019-03-20 13:12:22 +00:00
fr33domlover
68b0ae7829
When receiving HTTP signed request, check the keyId host for weird cases
...
- Exclude hosts without periods, so things like localhost and IPv6 are rejected
- Exclude hosts without letters, so things like IPv4 are rejected
- Exclude the instance's own host, just in case somehow some fake activity
slips in and gets approved, maybe even accidentally when delivered by another
server
2019-03-20 12:27:40 +00:00
fr33domlover
747bbd5f0c
Publish actor documents for projects, and add some new properties to Actor
2019-03-20 12:01:10 +00:00
fr33domlover
ade1157a04
Add a custom ActivityPub actor type: Project
2019-03-20 10:36:00 +00:00
fr33domlover
3f2a178830
New module Yesod.FedURI: Render routes into FedURI and LocalURI
2019-03-20 10:08:36 +00:00
fr33domlover
6f3df6d569
Allow actors not to list any public keys at all
2019-03-20 09:31:08 +00:00
fr33domlover
716487f2b8
In ticket comment tree, support mixing local and remote (federated) comments
2019-03-20 08:07:37 +00:00
fr33domlover
e0de4cdcc7
Remove Discussion's nextMessage field, it's not being used anymore
2019-03-18 20:18:25 +00:00
fr33domlover
4b351ef62e
Automatically set approot to https://HOST and require Host header to match
2019-03-16 17:15:31 +00:00
fr33domlover
a9eaf35d5e
When verifying HTTP sig, require ActivityPub-Actor to be signed only if present
2019-03-16 15:48:25 +00:00
fr33domlover
475e398d6d
Switch ticket comment IDs to use Hashids-of-MessageId instead of custom number
2019-03-15 16:36:02 +00:00
fr33domlover
9e881554ea
Make frg:isShared key property optional, it was accidentally required
2019-03-15 16:33:10 +00:00
fr33domlover
0e0afa78f9
Parse/encoding audience targetting activity fields
2019-03-14 02:30:36 +00:00
fr33domlover
24c091a248
Add activity types Follow, Accept, Reject
2019-03-13 23:37:58 +00:00
fr33domlover
a8bb43255f
Explain keyfile loading in INSTALL.md
2019-03-11 02:22:34 +00:00
fr33domlover
f6cbc1eb8a
Use file based switches to relax keyfile loading rules
2019-03-11 02:01:41 +00:00
fr33domlover
2a39378468
HTTP Signature verification: RSA-SHA256 and PEM/ASN1 support
...
Before, things worked like this:
* Only signatures of Ed25519 keys could be verified
* Key encoding placed the plain binary Ed25519 key in the PEM, instead of the
key's ASN1 encoding
With this patch it now works like this:
* Ed25519 signatures are supported as before
* RSA keys are now supported too, assuming RSA-SHA256 signatures
* Both Ed25519 and RSA keys are encoded and decoded using actual PEM with ASN1
2019-03-10 23:15:42 +00:00
fr33domlover
ef57f29a54
Adapt Activity/Create/Note to new ActivityPub typeclass and add safety checks
2019-03-10 06:42:03 +00:00
fr33domlover
61d1aa6720
Define HMAC based access token and switch CapSignKey from Ed25519 to HMAC
2019-03-09 21:21:36 +00:00
fr33domlover
fdbe46741b
When POSTing an activity, protect remote actor DB insertion with withHostLock
2019-03-09 17:12:43 +00:00
fr33domlover
e341f62587
Fix typo in comment
2019-03-09 15:44:31 +00:00
fr33domlover
468202cf45
Fix instance mutex deadlock, accidentally initialized the MVar empty
2019-03-09 15:43:30 +00:00
fr33domlover
37216d9045
Move remote actor DB code from Foundation to separate module
2019-03-09 15:40:02 +00:00
fr33domlover
b0e33af4d8
Fix typo in actor key route
2019-03-06 01:49:55 +00:00
fr33domlover
043022d117
When verifying HTTP sig, make Ed25519 verification failure message clearer
2019-03-06 01:31:30 +00:00
fr33domlover
c26289cf42
Don't check CSRF token in InboxR, POSTs there freely come from other servers
2019-03-05 09:00:22 +00:00
fr33domlover
6e721797e9
Catch sig generation error when sending signed HTTP POST
2019-03-05 08:26:41 +00:00
fr33domlover
97594dc945
Fix default actor URI in OutboxR form, from /p to /s
2019-03-04 20:12:19 +00:00
fr33domlover
378ca1b3d4
Fix bug in FedURI parsing
2019-03-04 20:11:58 +00:00
fr33domlover
bb662e798f
Display clearer error message when GETing recipient actor fails
2019-03-04 15:47:22 +00:00
fr33domlover
78b5bad2c4
Support bypassing email verification of new users
2019-03-04 14:51:51 +00:00
fr33domlover
c41f1183e0
Display instance host at the top of all pages
2019-03-04 09:06:23 +00:00
fr33domlover
ad034dbacc
Make the registration switch work again
2019-03-04 08:14:36 +00:00
fr33domlover
9c3cb27619
Add persistent-graph to update-deps.sh
2019-03-02 19:30:38 +00:00
fr33domlover
6bbba4ce5c
Use MVars to protect concurrenct access to instance/actor/key DB records
2019-03-02 19:13:51 +00:00
fr33domlover
f09bdd4141
Add key storage mode that replaces old keys instead of rejecting new ones
2019-02-26 14:00:22 +00:00
fr33domlover
2e705b6868
Make key storage limits configurable instead of hardcoding to 2
2019-02-24 01:35:07 +00:00
fr33domlover
17524b6ee1
Remove hardcoded-to-2 limit on length of an actor's list of public keys
2019-02-24 01:21:42 +00:00
fr33domlover
0912b8e291
Use the DB for checking key usage by actors
...
* When we refetch a personal key, we never need to separately fetch the actor
* When we refetch a shared key, check usage in DB and insert usage to DB
2019-02-23 17:17:52 +00:00
fr33domlover
b53a7b4f48
Refactor actor key fetching code a bit
2019-02-22 08:30:43 +00:00
fr33domlover
1affe269bb
Refactor HTTP sig verification DB update code
2019-02-22 07:20:19 +00:00