mirror of
https://github.com/superseriousbusiness/gotosocial.git
synced 2024-11-29 07:02:45 +00:00
a41e8a95bf
* [chore] Simplify the User-Agent string RFC 9110[1] includes a definition for the format of a user-agent header: User-Agent = product *( RWS ( product / comment ) ) product = token ["/" product-version] product-version = token comment = "(" *( ctext / quoted-pair / comment ) ")" ctext = HTAB / SP / %x21-27 / %x2A-5B / %x5D-7E / obs-text An example given in the RFC: User-Agent: CERN-LineMode/2.15 libwww/2.17b3 The idea is typically start with the most important product/version, add a (comment) if necessary and then include any auxilliary products. However, the RFC warns against including too many auxiliary products as those can be unnecessarily revealing. For automated systems (i.e not a browser), the common and recommended format is <product></version> (+uri-for-contact), followed with any additional <product>/<version> pairs that are relevant. This changes our UA to match that convention more closely. This makes it easier for administrators who do user-agent parsing for statistics or other purposes to correctly identify the version of GoToSocial. Currently tools tend to get confused by the lack of a /<version> on the start of our string. [1]: https://www.rfc-editor.org/rfc/rfc9110.html#name-user-agents * [chore] Don't use app name in UA From all the GtS UAs I've collected, nobody seems to set/change this, so we might as well use the static string. The main usefulness for this is when you have multilpe GtS instances connecting to the same DB, so they can identify as different instances by changing the application name (though it should already be obvious from having different usernames).
190 lines
5.8 KiB
Go
190 lines
5.8 KiB
Go
// GoToSocial
|
|
// Copyright (C) GoToSocial Authors admin@gotosocial.org
|
|
// SPDX-License-Identifier: AGPL-3.0-or-later
|
|
//
|
|
// This program is free software: you can redistribute it and/or modify
|
|
// it under the terms of the GNU Affero General Public License as published by
|
|
// the Free Software Foundation, either version 3 of the License, or
|
|
// (at your option) any later version.
|
|
//
|
|
// This program is distributed in the hope that it will be useful,
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
// GNU Affero General Public License for more details.
|
|
//
|
|
// You should have received a copy of the GNU Affero General Public License
|
|
// along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
package transport
|
|
|
|
import (
|
|
"context"
|
|
"crypto/rsa"
|
|
"crypto/x509"
|
|
"encoding/json"
|
|
"fmt"
|
|
"net/url"
|
|
"runtime"
|
|
|
|
"codeberg.org/gruf/go-byteutil"
|
|
"codeberg.org/gruf/go-cache/v3"
|
|
"github.com/superseriousbusiness/activity/pub"
|
|
"github.com/superseriousbusiness/gotosocial/internal/ap"
|
|
"github.com/superseriousbusiness/gotosocial/internal/config"
|
|
"github.com/superseriousbusiness/gotosocial/internal/federation/federatingdb"
|
|
"github.com/superseriousbusiness/gotosocial/internal/httpclient"
|
|
"github.com/superseriousbusiness/gotosocial/internal/state"
|
|
)
|
|
|
|
// Controller generates transports for use in making federation requests to other servers.
|
|
type Controller interface {
|
|
// NewTransport returns an http signature transport with the given public key ID (URL location of pubkey), and the given private key.
|
|
NewTransport(pubKeyID string, privkey *rsa.PrivateKey) (Transport, error)
|
|
|
|
// NewTransportForUsername searches for account with username, and returns result of .NewTransport().
|
|
NewTransportForUsername(ctx context.Context, username string) (Transport, error)
|
|
}
|
|
|
|
type controller struct {
|
|
state *state.State
|
|
fedDB federatingdb.DB
|
|
clock pub.Clock
|
|
client httpclient.SigningClient
|
|
trspCache cache.TTLCache[string, *transport]
|
|
userAgent string
|
|
senders int // no. concurrent batch delivery routines.
|
|
}
|
|
|
|
// NewController returns an implementation of the Controller interface for creating new transports
|
|
func NewController(state *state.State, federatingDB federatingdb.DB, clock pub.Clock, client httpclient.SigningClient) Controller {
|
|
var (
|
|
host = config.GetHost()
|
|
proto = config.GetProtocol()
|
|
version = config.GetSoftwareVersion()
|
|
senderMultiplier = config.GetAdvancedSenderMultiplier()
|
|
)
|
|
|
|
senders := senderMultiplier * runtime.GOMAXPROCS(0)
|
|
if senders < 1 {
|
|
// Clamp senders to 1.
|
|
senders = 1
|
|
}
|
|
|
|
c := &controller{
|
|
state: state,
|
|
fedDB: federatingDB,
|
|
clock: clock,
|
|
client: client,
|
|
trspCache: cache.NewTTL[string, *transport](0, 100, 0),
|
|
userAgent: fmt.Sprintf("gotosocial/%s (+%s://%s)", version, proto, host),
|
|
senders: senders,
|
|
}
|
|
|
|
return c
|
|
}
|
|
|
|
func (c *controller) NewTransport(pubKeyID string, privkey *rsa.PrivateKey) (Transport, error) {
|
|
// Generate public key string for cache key
|
|
//
|
|
// NOTE: it is safe to use the public key as the cache
|
|
// key here as we are generating it ourselves from the
|
|
// private key. If we were simply using a public key
|
|
// provided as argument that would absolutely NOT be safe.
|
|
pubStr := privkeyToPublicStr(privkey)
|
|
|
|
// First check for cached transport
|
|
transp, ok := c.trspCache.Get(pubStr)
|
|
if ok {
|
|
return transp, nil
|
|
}
|
|
|
|
// Create the transport
|
|
transp = &transport{
|
|
controller: c,
|
|
pubKeyID: pubKeyID,
|
|
privkey: privkey,
|
|
}
|
|
|
|
// Cache this transport under pubkey
|
|
if !c.trspCache.Add(pubStr, transp) {
|
|
var cached *transport
|
|
|
|
cached, ok = c.trspCache.Get(pubStr)
|
|
if !ok {
|
|
// Some ridiculous race cond.
|
|
c.trspCache.Set(pubStr, transp)
|
|
} else {
|
|
// Use already cached
|
|
transp = cached
|
|
}
|
|
}
|
|
|
|
return transp, nil
|
|
}
|
|
|
|
func (c *controller) NewTransportForUsername(ctx context.Context, username string) (Transport, error) {
|
|
// We need an account to use to create a transport for dereferecing something.
|
|
// If a username has been given, we can fetch the account with that username and use it.
|
|
// Otherwise, we can take the instance account and use those credentials to make the request.
|
|
var u string
|
|
if username == "" {
|
|
u = config.GetHost()
|
|
} else {
|
|
u = username
|
|
}
|
|
|
|
ourAccount, err := c.state.DB.GetAccountByUsernameDomain(ctx, u, "")
|
|
if err != nil {
|
|
return nil, fmt.Errorf("error getting account %s from db: %s", username, err)
|
|
}
|
|
|
|
transport, err := c.NewTransport(ourAccount.PublicKeyURI, ourAccount.PrivateKey)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("error creating transport for user %s: %s", username, err)
|
|
}
|
|
|
|
return transport, nil
|
|
}
|
|
|
|
// dereferenceLocalFollowers is a shortcut to dereference followers of an
|
|
// account on this instance, without making any external api/http calls.
|
|
//
|
|
// It is passed to new transports, and should only be invoked when the iri.Host == this host.
|
|
func (c *controller) dereferenceLocalFollowers(ctx context.Context, iri *url.URL) ([]byte, error) {
|
|
followers, err := c.fedDB.Followers(ctx, iri)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
i, err := ap.Serialize(followers)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return json.Marshal(i)
|
|
}
|
|
|
|
// dereferenceLocalUser is a shortcut to dereference followers an account on
|
|
// this instance, without making any external api/http calls.
|
|
//
|
|
// It is passed to new transports, and should only be invoked when the iri.Host == this host.
|
|
func (c *controller) dereferenceLocalUser(ctx context.Context, iri *url.URL) ([]byte, error) {
|
|
user, err := c.fedDB.Get(ctx, iri)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
i, err := ap.Serialize(user)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return json.Marshal(i)
|
|
}
|
|
|
|
// privkeyToPublicStr will create a string representation of RSA public key from private.
|
|
func privkeyToPublicStr(privkey *rsa.PrivateKey) string {
|
|
b := x509.MarshalPKCS1PublicKey(&privkey.PublicKey)
|
|
return byteutil.B2S(b)
|
|
}
|