From 582c79b6089227de421ca56031f19050aa02b24f Mon Sep 17 00:00:00 2001 From: Jordan Bancino Date: Sat, 4 Nov 2023 15:28:20 -0400 Subject: [PATCH 01/13] Schema are now generated out-of-tree. Closes #40. --- configure | 34 ++++++++++++++++++---------------- 1 file changed, 18 insertions(+), 16 deletions(-) diff --git a/configure b/configure index 2dc0aec..c7887e0 100755 --- a/configure +++ b/configure @@ -14,7 +14,7 @@ INCLUDE="src/include" TOOLS="tools/src" SCHEMA="Schema" -CFLAGS="-Wall -Wextra -pedantic -std=c89 -O3 -pipe -D_DEFAULT_SOURCE -I${INCLUDE}" +CFLAGS="-Wall -Wextra -pedantic -std=c89 -O3 -pipe -D_DEFAULT_SOURCE -I${INCLUDE} -I${BUILD}" LIBS="-lm -pthread -lCytoplasm" @@ -112,8 +112,10 @@ compile_obj() { src="$1" obj="$2" - pref=$(cc -I${INCLUDE} -MM -MT "${obj}" "${src}") - echo "$pref $(collect ${SCHEMA}/ .json .h ${INCLUDE}/Schema/ print_obj)" + # TODO: Add a --cc flag to set the C compiler to use for + # Makefile generation. + pref=$(cc -I${INCLUDE} -I${BUILD} -MM -MT "${obj}" "${src}") + echo "$pref $(collect ${SCHEMA}/ .json .h ${BUILD}/Schema/ print_obj)" echo "${TAB}@mkdir -p $(dirname ${obj})" echo "${TAB}\$(CC) \$(CFLAGS) -fPIC -c -o \"${obj}\" \"${src}\"" } @@ -153,13 +155,19 @@ compile_schema() { src="$1" out="$2" - echo "${INCLUDE}/Schema/${out}.h:" - echo "${TAB}@mkdir -p ${INCLUDE}/Schema ${SRC}/Schema" - echo "${TAB}j2s -s \"${src}\" -h \"${INCLUDE}/Schema/${out}.h\" -c \"${SRC}/Schema/${out}.c\"" + obj="${BUILD}/Schema/${out}.o" - echo "${SRC}/Schema/${out}.c:" - echo "${TAB}@mkdir -p ${INCLUDE}/Schema ${SRC}/Schema" - echo "${TAB}j2s -s \"${src}\" -h \"${INCLUDE}/Schema/${out}.h\" -c \"${SRC}/Schema/${out}.c\"" + echo "${BUILD}/Schema/${out}.h:" + echo "${TAB}@mkdir -p ${BUILD}/Schema" + echo "${TAB}j2s -s \"${src}\" -h \"${BUILD}/Schema/${out}.h\" -c \"${BUILD}/Schema/${out}.c\"" + + echo "${BUILD}/Schema/${out}.c:" + echo "${TAB}@mkdir -p ${BUILD}/Schema" + echo "${TAB}j2s -s \"${src}\" -h \"${BUILD}/Schema/${out}.h\" -c \"${BUILD}/Schema/${out}.c\"" + + echo "${obj}: ${src} ${BUILD}/Schema/${out}.c" + echo "${TAB}@mkdir -p ${BUILD}/Schema" + echo "${TAB}\$(CC) \$(CFLAGS) -fPIC -c -o \"${obj}\" \"${BUILD}/Schema/${out}.c\"" } install_out() { @@ -185,15 +193,9 @@ uninstall_out() { echo "Generating Makefile..." -OBJS=$(collect ${SRC}/ .c .o ${BUILD}/ print_obj) +OBJS="$(collect ${SRC}/ .c .o ${BUILD}/ print_obj) $(collect ${SCHEMA}/ .json .o ${BUILD}/Schema/ print_obj)" TAB=$(printf '\t') -# If objects don't include the schema (this is the first configure), -# then include them manually. -if ! echo "${OBJS}" | grep "Schema" > /dev/null; then - OBJS="${OBJS} $(collect ${SCHEMA}/ .json .o ${BUILD}/Schema/ print_obj)" -fi - cat << EOF > Makefile .POSIX: From 1f02f3c2a290992d951ae9d83081cab9bc333c13 Mon Sep 17 00:00:00 2001 From: Jordan Bancino Date: Sat, 4 Nov 2023 15:56:57 -0400 Subject: [PATCH 02/13] Allow customization of compiler in configure. --- configure | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/configure b/configure index c7887e0..966eaf9 100755 --- a/configure +++ b/configure @@ -19,7 +19,7 @@ LIBS="-lm -pthread -lCytoplasm" # Set default args for all platforms -SCRIPT_ARGS="--prefix=/usr/local --enable-ld-extra --bin-name=telodendria --version=0.4.0 --static $@" +SCRIPT_ARGS="--cc=cc --prefix=/usr/local --enable-ld-extra --bin-name=telodendria --version=0.4.0 --static $@" echo "Processing options..." echo "Ran with arguments: $SCRIPT_ARGS" @@ -27,6 +27,9 @@ echo "Ran with arguments: $SCRIPT_ARGS" # Process all arguments for arg in $SCRIPT_ARGS; do case "$arg" in + --cc=*) + CC=$(echo "$arg" | cut -d '=' -f 2-) + ;; --prefix=*) PREFIX=$(echo "$arg" | cut -d '=' -f 2-) ;; @@ -60,7 +63,7 @@ for arg in $SCRIPT_ARGS; do STATIC="" ;; *) - echo "Invalid argument: $1" + echo "Invalid argument: $arg" exit 1 ;; esac @@ -112,9 +115,7 @@ compile_obj() { src="$1" obj="$2" - # TODO: Add a --cc flag to set the C compiler to use for - # Makefile generation. - pref=$(cc -I${INCLUDE} -I${BUILD} -MM -MT "${obj}" "${src}") + pref=$(${CC} -I${INCLUDE} -I${BUILD} -MM -MT "${obj}" "${src}") echo "$pref $(collect ${SCHEMA}/ .json .h ${BUILD}/Schema/ print_obj)" echo "${TAB}@mkdir -p $(dirname ${obj})" echo "${TAB}\$(CC) \$(CFLAGS) -fPIC -c -o \"${obj}\" \"${src}\"" @@ -202,7 +203,7 @@ cat << EOF > Makefile # Generated by '$0' on $(date). # This file should generally not be manually edited. -CC = cc +CC = ${CC} PREFIX = ${PREFIX} CFLAGS = ${CFLAGS} LDFLAGS = ${LDFLAGS} From 6e7f170768914cb238d647c1fc3c0ec98a6aa99c Mon Sep 17 00:00:00 2001 From: Jordan Bancino Date: Mon, 6 Nov 2023 20:42:39 -0500 Subject: [PATCH 03/13] Start working on #15. --- src/Routes/RouteConfig.c | 50 +++++++++++++++++++++++++++++++++++++++- 1 file changed, 49 insertions(+), 1 deletion(-) diff --git a/src/Routes/RouteConfig.c b/src/Routes/RouteConfig.c index 26a471e..1a31bb9 100644 --- a/src/Routes/RouteConfig.c +++ b/src/Routes/RouteConfig.c @@ -39,6 +39,7 @@ ROUTE_IMPL(RouteConfig, path, argp) HashMap *request = NULL; Config *newConf; + HashMap *newJson = NULL; (void) path; @@ -121,7 +122,54 @@ ROUTE_IMPL(RouteConfig, path, argp) JsonFree(request); break; case HTTP_PUT: - /* TODO: Support incremental changes to the config */ + request = JsonDecode(HttpServerStream(args->context)); + if (!request) + { + HttpResponseStatus(args->context, HTTP_BAD_REQUEST); + response = MatrixErrorCreate(M_NOT_JSON, NULL); + break; + } + + newJson = JsonDuplicate(DbJson(config->ref)); + JsonMerge(newJson, request); + + newConf = ConfigParse(newJson); + + /* TODO: Don't leak newJson. */ + + if (!newConf) + { + HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); + response = MatrixErrorCreate(M_UNKNOWN, NULL); + break; + } + + if (newConf->ok) + { + if (DbJsonSet(config->ref, newJson)) + { + response = HashMapCreate(); + /* + * TODO: Apply configuration and set this only if a main + * component was reconfigured, such as the listeners. + */ + HashMapSet(response, "restart_required", JsonValueBoolean(1)); + } + else + { + HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); + response = MatrixErrorCreate(M_UNKNOWN, NULL); + } + } + else + { + HttpResponseStatus(args->context, HTTP_BAD_REQUEST); + response = MatrixErrorCreate(M_BAD_JSON, newConf->err); + } + + ConfigFree(newConf); + JsonFree(request); + break; default: HttpResponseStatus(args->context, HTTP_BAD_REQUEST); response = MatrixErrorCreate(M_UNRECOGNIZED, NULL); From 4b90800a2bb41a31fc788b3e3cb9619a5cb785a2 Mon Sep 17 00:00:00 2001 From: Jordan Bancino Date: Tue, 7 Nov 2023 01:26:26 -0500 Subject: [PATCH 04/13] Fix leak in RouteConfig, update documentation. Closes #15. --- docs/CHANGELOG.md | 2 ++ docs/user/admin/config.md | 22 +++++++++++++++++++++- src/Routes/RouteConfig.c | 5 ++--- 3 files changed, 25 insertions(+), 4 deletions(-) diff --git a/docs/CHANGELOG.md b/docs/CHANGELOG.md index b9b7a3a..6e8015c 100644 --- a/docs/CHANGELOG.md +++ b/docs/CHANGELOG.md @@ -31,6 +31,8 @@ Matrix clients. (#35) - Implemented `/_telodendria/admin/v1/deactivate/[localpart]` for admins to be able to deactivate users. +- Added a **PUT** option to `/_telodendria/admin/v1/config` that gives the ability to change +only a subset of the configuration. - Moved all administrator API endpoints to `/_telodendria/admin/v1`, because later revisions of the administrator API may break clients, so we want a way to give those breaking revisions new endpoints. diff --git a/docs/user/admin/config.md b/docs/user/admin/config.md index 0466403..8394f7b 100644 --- a/docs/user/admin/config.md +++ b/docs/user/admin/config.md @@ -4,7 +4,7 @@ As mentioned in [Setup](../setup.md), Telodendria's configuration is intended to be managed via the configuration API. Consult the [Configuration](../config.md) document for a complete list of supported configuration options. This document simply describes the API used to -update the configuration. +update the configuration described in that document. ## API Endpoints @@ -40,3 +40,23 @@ configuration with the new one. |-------|------|-------------| | `restart_required` | `Boolean` | Whether or not the process needs to be restarted to finish applying the configuration. If this is `true`, then the restart endpoint should be used at a convenient time to apply the configuration. +### **PUT** `/_telodendria/admin/config` + +Update the currently installed configuration instead of completely replacing it. This endpoint +validates the request body, merges it on top of the current configuration, validates the resulting +configuration, then updates it in the database. This is useful when only one or two properties +in the configuration needs to be changed. + +| Requires Token | Rate Limited | +|----------------|--------------| +| Yes | Yes | + +| Response Code | Description | +|---------------|-------------| +| 200 | The new configuration was successfully installed.| + +#### 200 Response Format + +| Field | Type | Description | +|-------|------|-------------| +| `restart_required` | `Boolean` | Whether or not the process needs to be restarted to finish applying the configuration. If this is `true`, then the restart endpoint should be used at a convenient time to apply the configuration. diff --git a/src/Routes/RouteConfig.c b/src/Routes/RouteConfig.c index 1a31bb9..5f0c91e 100644 --- a/src/Routes/RouteConfig.c +++ b/src/Routes/RouteConfig.c @@ -135,8 +135,6 @@ ROUTE_IMPL(RouteConfig, path, argp) newConf = ConfigParse(newJson); - /* TODO: Don't leak newJson. */ - if (!newConf) { HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); @@ -169,10 +167,11 @@ ROUTE_IMPL(RouteConfig, path, argp) ConfigFree(newConf); JsonFree(request); + JsonFree(newJson); break; default: HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_UNRECOGNIZED, NULL); + response = MatrixErrorCreate(M_UNRECOGNIZED, "Unknown request method."); break; } From edee1288d8fd9aae7e44721cbf9354c50a34ad29 Mon Sep 17 00:00:00 2001 From: Jordan Bancino Date: Wed, 8 Nov 2023 09:45:49 -0500 Subject: [PATCH 05/13] Remove unused global variables. --- src/Main.c | 4 ---- 1 file changed, 4 deletions(-) diff --git a/src/Main.c b/src/Main.c index ecba436..4b25c9e 100644 --- a/src/Main.c +++ b/src/Main.c @@ -128,10 +128,6 @@ start: httpServers = NULL; restart = 0; - /* For getopt() */ - opterr = 1; - optind = 1; - /* Local variables */ exit = EXIT_SUCCESS; flags = 0; From db4ae0408c8b18fd82ee64d3525a3923b0ecdfa8 Mon Sep 17 00:00:00 2001 From: Jordan Bancino Date: Wed, 8 Nov 2023 11:21:20 -0500 Subject: [PATCH 06/13] Fix admin endpoint names in documentation --- docs/user/admin/config.md | 6 +++--- docs/user/admin/privileges.md | 8 ++++---- docs/user/admin/proc.md | 4 ++-- docs/user/admin/stats.md | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/docs/user/admin/config.md b/docs/user/admin/config.md index 8394f7b..6c18a03 100644 --- a/docs/user/admin/config.md +++ b/docs/user/admin/config.md @@ -8,7 +8,7 @@ update the configuration described in that document. ## API Endpoints -### **GET** `/_telodendria/admin/config` +### **GET** `/_telodendria/admin/v1/config` Retrieve the current configuration. @@ -20,7 +20,7 @@ Retrieve the current configuration. |---------------|-------------| | 200 | The current configuration was successfully retrieved.| -### **POST** `/_telodendria/admin/config` +### **POST** `/_telodendria/admin/v1/config` Installs a new configuration. This endpoint validates the request body, ensuring it is a proper configuration, then it replaces the existing @@ -40,7 +40,7 @@ configuration with the new one. |-------|------|-------------| | `restart_required` | `Boolean` | Whether or not the process needs to be restarted to finish applying the configuration. If this is `true`, then the restart endpoint should be used at a convenient time to apply the configuration. -### **PUT** `/_telodendria/admin/config` +### **PUT** `/_telodendria/admin/v1/config` Update the currently installed configuration instead of completely replacing it. This endpoint validates the request body, merges it on top of the current configuration, validates the resulting diff --git a/docs/user/admin/privileges.md b/docs/user/admin/privileges.md index 8bbf143..9a8da06 100644 --- a/docs/user/admin/privileges.md +++ b/docs/user/admin/privileges.md @@ -41,7 +41,7 @@ this privilege level. The following API endpoints are implemented for managing privileges. -### **GET** `/_telodendria/admin/privileges/[localpart]` +### **GET** `/_telodendria/admin/v1/privileges/[localpart]` Retrieve the permissions for a user. If the localpart is omitted, then retrieve the privileges for the user that owns the access token being @@ -62,7 +62,7 @@ used. Note that the owner of the access token must have the |-------|------|-------------| | `privileges` | `Array` | An array of privileges, as described above. The privileges are encoded as JSON strings.| -### **POST** `/_telodendria/admin/privileges/[localpart]` +### **POST** `/_telodendria/admin/v1/privileges/[localpart]` Update the privileges of a local user by replacing the privileges array with the one specified in the request. Like the **GET** version of this @@ -89,7 +89,7 @@ owns the access token. |-------|------|-------------| | `privileges` | `Array` | An array of privileges, as described above. The privileges are encoded as JSON strings.| -### **PUT** `/_telodendria/admin/privileges/[localpart]` +### **PUT** `/_telodendria/admin/v1/privileges/[localpart]` Update the privileges of a local user by adding the privileges specified in the request to the users existing privileges. @@ -114,7 +114,7 @@ specified in the request to the users existing privileges. |-------|------|-------------| | `privileges` | `Array` | An array of privileges, as described above. The privileges are encoded as JSON strings.| -### **DELETE** `/_telodendria/admin/privileges/[localpart]` +### **DELETE** `/_telodendria/admin/v1/privileges/[localpart]` Update the privileges of a local user by removing the privileges specified in the request from the user's existing privileges. diff --git a/docs/user/admin/proc.md b/docs/user/admin/proc.md index 4db33ec..e4ad3d0 100644 --- a/docs/user/admin/proc.md +++ b/docs/user/admin/proc.md @@ -5,7 +5,7 @@ administrator to manage the Telodendria process itself. ## API Endpoints -### **POST** `/_telodendria/admin/restart` +### **POST** `/_telodendria/admin/v1/restart` Restart the Telodendria daemon cleanly. This endpoint will respond immediately after signaling to the daemon that it should be restarted @@ -26,7 +26,7 @@ starts over. On success, this endpoint simply returns an empty JSON object. -### **POST** `/_telodendria/admin/shutdown` +### **POST** `/_telodendria/admin/v1/shutdown` Shut down the Telodendria process cleanly. This endpoint will respond immediately after signalling to the daemon that it should be shut diff --git a/docs/user/admin/stats.md b/docs/user/admin/stats.md index bbebb7f..dc951a8 100644 --- a/docs/user/admin/stats.md +++ b/docs/user/admin/stats.md @@ -5,7 +5,7 @@ information about how the server process is performing. ## API Endpoints -### **GET** `/_telodendria/admin/stats` +### **GET** `/_telodendria/admin/v1/stats` Retrieve basic statistics about the currently running Telodendria process. From 77800e4117bb26133dc6ce1e5ebf3da9f4c672f5 Mon Sep 17 00:00:00 2001 From: Jordan Bancino Date: Wed, 8 Nov 2023 14:30:45 -0500 Subject: [PATCH 07/13] Housekeeping tasks with documentation and versioning. --- README.md | 23 +++++++++++----------- configure | 2 +- docs/CHANGELOG.md | 40 +++++++++++++++++++++++++------------- src/Routes/RouteVersions.c | 7 ++++++- 4 files changed, 44 insertions(+), 28 deletions(-) diff --git a/README.md b/README.md index f8efe63..003b8c7 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,4 @@ -

-

Telodendria

+

Telodendria

Telodendria is an extremely powerful, yet lightweight and portable chat server designed to be easy to install and configure. Powered by @@ -12,7 +11,7 @@ hosting a complicated, high-maintenance homeserver or joining an existing homeserver for privacy or other reasons, then Telodendria might be for you. -> **Note:** Telodendria still in development. See [Status](#status). +!!!! **Note:** Telodendria still in development. See **Status** below. ## What is Matrix? @@ -64,12 +63,13 @@ incredibly outdated. Telodendria, on the other hand, aims to be stable. It should *just work* for long periods of time between upgrades, and you should never feel like Telodendria is going to change significantly between upgrades. +- **Well-Documented:** Telodendria places as much emphasis on documentation as on code, which means you can be sure that the documentation will always remain up-to-date, accurate, and most importantly, reasonably exhaustive. -[Read Technical Rationale →](docs/dev/rationale.md) +[Read Technical Rationale →](https://git.telodendria.io/Telodendria/Telodendria/src/branch/master/docs/dev/rationale.md) ## Get Started -Check out the [Documentation](docs/README.md) to get started with +Check out the [Documentation](https://git.telodendria.io/Telodendria/telodendria/src/branch/master/docs/README.md) to get started with Telodendria. ## Status @@ -79,13 +79,13 @@ not yet deliver on all of its promises. Currently, Telodendria is not ready for end-users yet. While it features very basic user authentication, it does not actually work as a chat server yet. -We are hoping to ship Telodendria `v0.4.0` by May of 2024. This +We are hoping to ship Telodendria `v1.7.0-alpha4` by May of 2024. This release should be usable for communication between **local users** only. Additional features, including federation with other Matrix homeservers will be added in future releases. -You can help speed up development by [sponsoring](#sponsorship) -Telodendria or [getting involved](docs/CONTRIBUTING.md). +You can help speed up development by **sponsoring** +Telodendria or [getting involved](https://git.telodendria.io/Telodendria/Telodendria/src/branch/master/docs/CONTRIBUTING.md). ## Sponsorship @@ -96,7 +96,7 @@ Telodendria's long-term success, please consider sponsoring the project. You can make a recurring donation to Telodendria using -[LiberaPay](https://bancino.net/Telodendria/donate). You can also make +[LiberaPay](https://liberapay.com/Telodendria/donate). You can also make one-time donations using [Stripe](https://donate.stripe.com/8wM29AfF5bRJc48eUU). If you would like to make a recurring donation larger than that allowed by @@ -108,7 +108,7 @@ LiberaPay, please contact Jordan Bancino over Matrix at While there are no set sponsorship tiers at this time, sponsoring Telodendria is a mutually beneficial relationship. Depending on the amount you donate, you can get your name, logo, and website links -on the [Sponsors](docs/SPONSORS.md) page, the project `README`, or the +on the [Sponsors](../sponsors) page, the project `README`, or the main website. ## License @@ -116,7 +116,7 @@ main website. All of the code and documentation for Telodendria is licensed under a modified MIT license. The MIT license is an extremely permissive license that has very few restrictions. Please consult the -[`LICENSE.txt`](LICENSE.txt) file for the actual license text. It is +[`LICENSE.txt`](https://git.telodendria.io/Telodendria/Telodendria/src/branch/master/LICENSE.txt) file for the actual license text. It is important to note that the Telodendria license text differs from the original MIT license in the following ways: @@ -133,4 +133,3 @@ to use the logo in any way as long as it represents or links to the official project. If Telodendria is forked, the logo must be removed completely from the project, and optionally replaced by a different one. - diff --git a/configure b/configure index 966eaf9..70e0aad 100755 --- a/configure +++ b/configure @@ -19,7 +19,7 @@ LIBS="-lm -pthread -lCytoplasm" # Set default args for all platforms -SCRIPT_ARGS="--cc=cc --prefix=/usr/local --enable-ld-extra --bin-name=telodendria --version=0.4.0 --static $@" +SCRIPT_ARGS="--cc=cc --prefix=/usr/local --enable-ld-extra --bin-name=telodendria --version=1.7.0-alpha4 --static $@" echo "Processing options..." echo "Ran with arguments: $SCRIPT_ARGS" diff --git a/docs/CHANGELOG.md b/docs/CHANGELOG.md index 6e8015c..004aad1 100644 --- a/docs/CHANGELOG.md +++ b/docs/CHANGELOG.md @@ -5,12 +5,22 @@ It is intended to be updated with every commit that makes a user-facing change w reporting in the change log. As such, it changes frequently between releases. Final change log entries are published as [Releases](releases). -## v0.4.0 +## v1.7.0-alpha4 **Not Released Yet.** -This release brings filters, rooms, and events! The core of the Matrix protocol architecture -is not in place. +This release brings filters, rooms, and events! The core of the Matrix +protocol architecture is now in place. + +Note that the versioning scheme has changed from `v0.X.0` to +`v1.7.0-alphaX`. This is so that Telodendria releases correspond to the +Matrix specification that they implement, in accordance with +[this blog post](https://telodendria.io/blog/on-matrixs-release-cadence-and-state-resolution-v1). +This versioning scheme change does not indicate a drastic leap forward +in Telodendria's development—the `-alpha4` suffix indicates that +this is the 4th pre-release, with the target being a stable `v1.7.0`. +Note also that we still have a *long* way to go before we reach that +stable release. ### Matrix Specification @@ -21,21 +31,23 @@ The following endpoints were added: ### Bug Fixes & General Improvements -- Fixed a double-free in `RouteUserProfile()` that would cause errors with certain -Matrix clients. (#35) +- Fixed a double-free in `RouteUserProfile()` that would cause errors +with certain Matrix clients. (#35) - Improved compatibility with NetBSD on various platforms. -- Moved [Cytoplasm](/Telodendria/Cytoplasm) to its own repository. -- Use a `configure` script and `make` to build Telodendria instead of custom scripts. +- Moved [Cytoplasm](/Telodendria/Cytoplasm) to its own repository. It +will now be maintained separately and have its own releases as well. +- Use a `configure` script and `make` to build Telodendria instead of +custom scripts. ### New Features -- Implemented `/_telodendria/admin/v1/deactivate/[localpart]` for admins to be able to -deactivate users. -- Added a **PUT** option to `/_telodendria/admin/v1/config` that gives the ability to change -only a subset of the configuration. -- Moved all administrator API endpoints to `/_telodendria/admin/v1`, because later revisions -of the administrator API may break clients, so we want a way to give those breaking revisions -new endpoints. +- Moved all administrator API endpoints to `/_telodendria/admin/v1`, +because later revisions of the administrator API may break clients, so +we want a way to give those breaking revisions new endpoints. +- Implemented `/_telodendria/admin/v1/deactivate/[localpart]` for admins +to be able to deactivate users. +- Added a **PUT** option to `/_telodendria/admin/v1/config` that gives +the ability to change only a subset of the configuration. ## v0.3.0 diff --git a/src/Routes/RouteVersions.c b/src/Routes/RouteVersions.c index c75321d..d4ff0a8 100644 --- a/src/Routes/RouteVersions.c +++ b/src/Routes/RouteVersions.c @@ -35,7 +35,12 @@ ROUTE_IMPL(RouteVersions, path, argp) (void) path; (void) argp; - ArrayAdd(versions, JsonValueString("v1.6")); +#define DECLARE_SPEC_VERSION(x) ArrayAdd(versions, JsonValueString(x)) + + DECLARE_SPEC_VERSION("v1.7"); + /* Declare additional spec version support here. */ + +#undef DECLARE_SPEC_VERSION HashMapSet(response, "versions", JsonValueArray(versions)); return response; From 503bfb610441c08988eea131d3f15e9a9acf6c2c Mon Sep 17 00:00:00 2001 From: Jordan Bancino Date: Wed, 8 Nov 2023 15:17:27 -0500 Subject: [PATCH 08/13] Suppress warnings of unused variables. I will use them eventually when I implement all these functions. I'm probably going to start CI work here soon, so I don't want warnings showing up in the logs unless they're important. --- src/Filter.c | 2 ++ src/Room.c | 2 ++ src/Routes/RouteRoomAliases.c | 4 ++++ src/State.c | 2 ++ 4 files changed, 10 insertions(+) diff --git a/src/Filter.c b/src/Filter.c index b1e91bb..1ef4fed 100644 --- a/src/Filter.c +++ b/src/Filter.c @@ -28,5 +28,7 @@ HashMap * FilterApply(Filter * filter, HashMap * event) { + (void) filter; + (void) event; return NULL; } diff --git a/src/Room.c b/src/Room.c index c13441d..791c5d3 100644 --- a/src/Room.c +++ b/src/Room.c @@ -42,6 +42,8 @@ struct Room Room * RoomCreate(Db * db, RoomCreateRequest * req) { + (void) db; + (void) req; return NULL; } diff --git a/src/Routes/RouteRoomAliases.c b/src/Routes/RouteRoomAliases.c index ad288e6..44eadfe 100644 --- a/src/Routes/RouteRoomAliases.c +++ b/src/Routes/RouteRoomAliases.c @@ -37,6 +37,10 @@ ROUTE_IMPL(RouteRoomAliases, path, argp) Db *db = args->matrixArgs->db; DbRef *ref = NULL; + (void) roomId; + + /* TODO: Placeholder; remove. */ + goto finish; finish: DbUnlock(db, ref); JsonFree(request); diff --git a/src/State.c b/src/State.c index 7d2fe3a..66c69c0 100644 --- a/src/State.c +++ b/src/State.c @@ -33,12 +33,14 @@ static HashMap * StateResolveV1(Array * states) { + (void) states; return NULL; } static HashMap * StateResolveV2(Array * states) { + (void) states; return NULL; } From 2d30719be4300e211e01ce8c3a6a72df6ae0a809 Mon Sep 17 00:00:00 2001 From: Jordan Bancino Date: Fri, 10 Nov 2023 09:30:53 -0500 Subject: [PATCH 09/13] Implement Registration Token Administrator API (#43) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This pull request fully implements and documents all of the registration token administrator API endpoints. **NOTE:** There is a memory leak when listing all of the registration tokens. Debug this before merging.   ~~Closes~~ Supersedes #37. Closes #26. This pull request is based off of #37, which addresses #26. This pull makes a number of improvements to the logic, organization, and behavior of the API endpoints. Co-authored-by: hatkid Co-authored-by: LoaD Accumulator Co-authored-by: LoaD Accumulator Co-authored-by: lda Co-authored-by: Load Accumulator Reviewed-on: https://git.telodendria.io/Telodendria/Telodendria/pulls/43 --- Schema/Filter.json | 4 +- Schema/RegToken.json | 49 ++++++++ docs/CHANGELOG.md | 5 + docs/user/admin/README.md | 1 + docs/user/admin/tokens.md | 106 +++++++++++++++++ src/RegToken.c | 68 +++++------ src/Routes.c | 2 + src/Routes/RouteAdminTokens.c | 207 ++++++++++++++++++++++++++++++++++ src/Routes/RoutePrivileges.c | 8 +- src/Routes/RouteRegister.c | 2 +- src/User.c | 29 ++--- src/include/RegToken.h | 50 +------- src/include/Routes.h | 2 + src/include/User.h | 4 +- 14 files changed, 420 insertions(+), 117 deletions(-) create mode 100644 Schema/RegToken.json create mode 100644 docs/user/admin/tokens.md create mode 100644 src/Routes/RouteAdminTokens.c diff --git a/Schema/Filter.json b/Schema/Filter.json index ee6a233..20f8f0a 100644 --- a/Schema/Filter.json +++ b/Schema/Filter.json @@ -1,4 +1,5 @@ { + "guard": "TELODENDRIA_SCHEMA_FILTER_H", "header": "Schema\/Filter.h", "types": { "FilterRoom": { @@ -116,6 +117,5 @@ }, "type": "struct" } - }, - "guard": "TELODENDRIA_SCHEMA_FILTER_H" + } } diff --git a/Schema/RegToken.json b/Schema/RegToken.json new file mode 100644 index 0000000..2cb56ff --- /dev/null +++ b/Schema/RegToken.json @@ -0,0 +1,49 @@ +{ + "guard": "TELODENDRIA_SCHEMA_REGTOKEN_H", + "header": "Schema\/RegToken.h", + "include": [ + "Cytoplasm\/Db.h" + ], + "types": { + "Db *": { + "type": "extern" + }, + "DbRef *": { + "type": "extern" + }, + "RegTokenInfo": { + "fields": { + "db": { + "type": "Db *", + "ignore": true + }, + "ref": { + "type": "DbRef *", + "ignore": true + }, + "name": { + "type": "string" + }, + "created_by": { + "type": "string" + }, + "created_on": { + "type": "integer" + }, + "expires_on": { + "type": "integer" + }, + "used": { + "type": "integer" + }, + "uses": { + "type": "integer" + }, + "grants": { + "type": "array" + } + }, + "type": "struct" + } + } +} \ No newline at end of file diff --git a/docs/CHANGELOG.md b/docs/CHANGELOG.md index 004aad1..9a90146 100644 --- a/docs/CHANGELOG.md +++ b/docs/CHANGELOG.md @@ -48,6 +48,11 @@ we want a way to give those breaking revisions new endpoints. to be able to deactivate users. - Added a **PUT** option to `/_telodendria/admin/v1/config` that gives the ability to change only a subset of the configuration. +- Implemented the following APIs for managing registration tokens: + - **GET** `/_telodendria/admin/tokens` + - **GET** `/_telodendria/admin/tokens/[token]` + - **POST** `/_telodendria/admin/tokens` + - **DELETE** `/_telodendria/admin/tokens/[token]` ## v0.3.0 diff --git a/docs/user/admin/README.md b/docs/user/admin/README.md index 827ef10..dc62647 100644 --- a/docs/user/admin/README.md +++ b/docs/user/admin/README.md @@ -19,6 +19,7 @@ request. - [Configuration](config.md) - [Server Statistics](stats.md) - [Process Control](proc.md) +- [Registration Tokens](tokens.md) ## API Conventions diff --git a/docs/user/admin/tokens.md b/docs/user/admin/tokens.md new file mode 100644 index 0000000..18baf01 --- /dev/null +++ b/docs/user/admin/tokens.md @@ -0,0 +1,106 @@ +# Administrator API: Registration Tokens + +Telodendria implements registration tokens as specified by the Matrix +specification. These tokens can be used for registration using the +`m.login.registration_token` login type. This API provides a Telodendria +administrator with a mechanism for generating and managing these tokens, +which allows controlled registration on the homeserver. + +It is generally safer than completely open registration to use +registration tokens that either expire after a short period of time, or +have a limited number of uses. + +## Registration Token + +A registration token is represented by the following `RegToken` JSON +object: + +| Field | Type | Description | +|-------|------|-------------| +| `name` | `String` | The token identifier; what is used when registering. | +| `created_by` | `String` | The localpart of the user that created this token. | +| `created_on` | `Integer` | A timestamp of when the token was created. | +| `expires_on` | `Integer` | An expiration stamp, or 0 if the token never expires. | +| `used` | `Integer` | The number of times the token has been used. | +| `uses` | `Integer` | The total number of allowed uses, or -1 for unlimited. | +| `grants` | `[String]` | An array of privileges to grant users that register with this token as described in [Privileges](privileges.md). | + +All endpoints in this API will operate on some variation of this +structure. The remaining number of uses can be computed by performing +the subtraction: `uses - used`. `used` should never be greater than +`uses` or less than `0`. + +Example: + +```json +{ + "name": "q34jgapo8uq34hg", + "created_by": "admin", + "created_on": 1699467640000, + "expires_on": 0, + "used": 3, + "uses": 5 +} +``` + +## API Endpoints + +### **GET** `/_telodendria/admin/v1/tokens` + +Get a list of all registration tokens and information about them. + +#### 200 Response Format + +| Field | Type | Description | +|-------|------|-------------| +| `tokens` | `[RegToken]` | An array of registration tokens. | + +### **GET** `/_telodendria/admin/v1/tokens/[name]` + +Get information about the specified registration token. + +#### Request Parameters + +| Field | Type | Description | +|-------|------|-------------| +| `name` | `String` | The name of the token, as it would be used to register a user. | + +#### 200 Response Format + +This endpoint returns a `RegToken` object that represents the server's +record of the registration token. + +### **POST** `/_telodendria/admin/v1/tokens` + +Create a new registration token. + +#### Request Format + +This endpoint accepts a `RegToken` object, as described above. If no +`name` is provided, one will be randomly generated. Note that the fields +`created_by`, `created_on`, and `used` are ignored and set by the server +when this request is made. All other fields may be set by the request +body. + +#### 200 Response Format + +If the creation of the registration token was successful, a `RegToken` +that represents the server's record of it is returned. + +### **DELETE** `/_telodendria/admin/v1/tokens/[name]` + +Delete the specified registration token. It will no longer be usable for +the registration of users. Any users that have completed the +`m.login.registration_token` step but have not yet created their account +should still be able to do so until their user-interactive auth session +expires. + +#### Request Parameters + +| Field | Type | Description | +|-------|------|-------------| +| `name` | `String` | The name of the token, as it would be used to register a user. | + +#### 200 Response Format + +On success, this endpoint returns an empty JSON object. \ No newline at end of file diff --git a/src/RegToken.c b/src/RegToken.c index 2a45d2d..fa041d3 100644 --- a/src/RegToken.c +++ b/src/RegToken.c @@ -30,8 +30,10 @@ #include #include #include -#include #include +#include + +#include int RegTokenValid(RegTokenInfo * token) @@ -99,8 +101,7 @@ RegTokenDelete(RegTokenInfo * token) { return 0; } - Free(token->name); - Free(token->owner); + RegTokenInfoFree(token); Free(token); return 1; } @@ -113,6 +114,8 @@ RegTokenGetInfo(Db * db, char *token) DbRef *tokenRef; HashMap *tokenJson; + char *errp = NULL; + if (!RegTokenExists(db, token)) { return NULL; @@ -126,47 +129,43 @@ RegTokenGetInfo(Db * db, char *token) tokenJson = DbJson(tokenRef); ret = Malloc(sizeof(RegTokenInfo)); + if (!RegTokenInfoFromJson(tokenJson, ret, &errp)) + { + Log(LOG_ERR, "RegTokenGetInfo(): Database decoding error: %s", errp); + RegTokenFree(ret); + return NULL; + } + ret->db = db; ret->ref = tokenRef; - ret->owner = - StrDuplicate(JsonValueAsString(HashMapGet(tokenJson, "created_by"))); - ret->name = StrDuplicate(token); - - ret->expires = - JsonValueAsInteger(HashMapGet(tokenJson, "expires_on")); - ret->created = - JsonValueAsInteger(HashMapGet(tokenJson, "created_on")); - - ret->uses = - JsonValueAsInteger(HashMapGet(tokenJson, "uses")); - ret->used = - JsonValueAsInteger(HashMapGet(tokenJson, "used")); - - ret->grants = - UserDecodePrivileges(HashMapGet(tokenJson, "grants")); - return ret; } void -RegTokenFree(RegTokenInfo * tokeninfo) +RegTokenFree(RegTokenInfo *tokeninfo) { if (tokeninfo) { - Free(tokeninfo->name); - Free(tokeninfo->owner); + RegTokenInfoFree(tokeninfo); Free(tokeninfo); } } int RegTokenClose(RegTokenInfo * tokeninfo) { + HashMap *json; + if (!tokeninfo) { return 0; } + /* Write object to database. */ + json = RegTokenInfoToJson(tokeninfo); + DbJsonSet(tokeninfo->ref, json); /* Copies json into internal structure. */ + JsonFree(json); + return DbUnlock(tokeninfo->db, tokeninfo->ref); } static int @@ -202,7 +201,6 @@ RegTokenInfo * RegTokenCreate(Db * db, char *name, char *owner, UInt64 expires, Int64 uses, int privileges) { RegTokenInfo *ret; - HashMap *tokenJson; UInt64 timestamp = UtilServerTs(); @@ -235,26 +233,12 @@ RegTokenCreate(Db * db, char *name, char *owner, UInt64 expires, Int64 uses, int return NULL; } ret->name = StrDuplicate(name); - ret->owner = StrDuplicate(owner); + ret->created_by = StrDuplicate(owner); ret->used = Int64Create(0, 0); ret->uses = uses; - ret->created = timestamp; - ret->expires = expires; - ret->grants = privileges; - - /* Write user info to database. */ - tokenJson = DbJson(ret->ref); - HashMapSet(tokenJson, "created_by", - JsonValueString(ret->owner)); - HashMapSet(tokenJson, "created_on", - JsonValueInteger(ret->created)); - HashMapSet(tokenJson, "expires_on", - JsonValueInteger(ret->expires)); - HashMapSet(tokenJson, "used", - JsonValueInteger(ret->used)); - HashMapSet(tokenJson, "uses", - JsonValueInteger(ret->uses)); - HashMapSet(tokenJson, "grants", UserEncodePrivileges(privileges)); + ret->created_on = timestamp; + ret->expires_on = expires; + ret->grants = UserEncodePrivileges(privileges); return ret; } diff --git a/src/Routes.c b/src/Routes.c index d0d455b..353d5a4 100644 --- a/src/Routes.c +++ b/src/Routes.c @@ -87,6 +87,8 @@ RouterBuild(void) R("/_telodendria/admin/v1/privileges", RoutePrivileges); R("/_telodendria/admin/v1/privileges/(.*)", RoutePrivileges); R("/_telodendria/admin/v1/deactivate/(.*)", RouteAdminDeactivate); + R("/_telodendria/admin/v1/tokens/(.*)", RouteAdminTokens); + R("/_telodendria/admin/v1/tokens", RouteAdminTokens); #undef R diff --git a/src/Routes/RouteAdminTokens.c b/src/Routes/RouteAdminTokens.c new file mode 100644 index 0000000..968d98f --- /dev/null +++ b/src/Routes/RouteAdminTokens.c @@ -0,0 +1,207 @@ +/* + * Copyright (C) 2022-2023 Jordan Bancino <@jordan:bancino.net> + * + * Permission is hereby granted, free of charge, to any person + * obtaining a copy of this software and associated documentation files + * (the "Software"), to deal in the Software without restriction, + * including without limitation the rights to use, copy, modify, merge, + * publish, distribute, sublicense, and/or sell copies of the Software, + * and to permit persons to whom the Software is furnished to do so, + * subject to the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS + * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN + * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + * SOFTWARE. + */ +#include + +#include +#include +#include +#include + +#include +#include + +ROUTE_IMPL(RouteAdminTokens, path, argp) +{ + RouteArgs *args = argp; + HashMap *request = NULL; + HashMap *response = NULL; + + char *token; + char *msg; + + Db *db = args->matrixArgs->db; + + User *user = NULL; + + HttpRequestMethod method = HttpRequestMethodGet(args->context); + + Array *tokensarray; + Array *tokens; + + RegTokenInfo *info; + + RegTokenInfo *req; + + size_t i; + + if (method != HTTP_GET && method != HTTP_POST && method != HTTP_DELETE) + { + msg = "Route only supports GET, POST, and DELETE"; + HttpResponseStatus(args->context, HTTP_BAD_REQUEST); + return MatrixErrorCreate(M_UNRECOGNIZED, msg); + } + + + response = MatrixGetAccessToken(args->context, &token); + if (response) + { + goto finish; + } + + user = UserAuthenticate(db, token); + if (!user) + { + HttpResponseStatus(args->context, HTTP_BAD_REQUEST); + response = MatrixErrorCreate(M_UNKNOWN_TOKEN, NULL); + goto finish; + } + + if (!(UserGetPrivileges(user) & USER_ISSUE_TOKENS)) + { + msg = "User doesn't have the ISSUE_TOKENS privilege."; + HttpResponseStatus(args->context, HTTP_FORBIDDEN); + response = MatrixErrorCreate(M_FORBIDDEN, msg); + goto finish; + } + + switch (method) + { + case HTTP_GET: + if (ArraySize(path) == 0) + { + tokensarray = ArrayCreate(); + + /* Get all registration tokens */ + tokens = DbList(db, 2, "tokens", "registration"); + + response = HashMapCreate(); + + for (i = 0; i < ArraySize(tokens); i++) + { + char *tokenname = ArrayGet(tokens, i); + HashMap *jsoninfo; + + info = RegTokenGetInfo(db, tokenname); + jsoninfo = RegTokenInfoToJson(info); + + RegTokenClose(info); + RegTokenFree(info); + + ArrayAdd(tokensarray, JsonValueObject(jsoninfo)); + } + + JsonSet(response, JsonValueArray(tokensarray), 1, "tokens"); + + DbListFree(tokens); + break; + } + + info = RegTokenGetInfo(db, ArrayGet(path, 0)); + if (!info) + { + msg = "Token doesn't exist."; + HttpResponseStatus(args->context, HTTP_BAD_REQUEST); + response = MatrixErrorCreate(M_INVALID_PARAM, msg); + goto finish; + } + + response = RegTokenInfoToJson(info); + + RegTokenClose(info); + RegTokenFree(info); + break; + case HTTP_POST: + request = JsonDecode(HttpServerStream(args->context)); + if (!request) + { + HttpResponseStatus(args->context, HTTP_BAD_REQUEST); + response = MatrixErrorCreate(M_NOT_JSON, NULL); + goto finish; + } + + req = Malloc(sizeof(RegTokenInfo)); + memset(req, 0, sizeof(RegTokenInfo)); + + if (!RegTokenInfoFromJson(request, req, &msg)) + { + RegTokenInfoFree(req); + Free(req); + + HttpResponseStatus(args->context, HTTP_BAD_REQUEST); + response = MatrixErrorCreate(M_BAD_JSON, msg); + goto finish; + + } + + if (!req->name) + { + req->name = StrRandom(16); + } + + /* Create the actual token that will be stored. */ + info = RegTokenCreate(db, req->name, UserGetName(user), + req->expires_on, req->uses, + UserDecodePrivileges(req->grants)); + if (!info) + { + RegTokenClose(info); + RegTokenFree(info); + RegTokenInfoFree(req); + Free(req); + + HttpResponseStatus(args->context, HTTP_BAD_REQUEST); + msg = "Cannot create token."; + response = MatrixErrorCreate(M_INVALID_PARAM, msg); + goto finish; + } + + response = RegTokenInfoToJson(info); + + RegTokenClose(info); + RegTokenFree(info); + RegTokenInfoFree(req); + Free(req); + break; + case HTTP_DELETE: + if (ArraySize(path) == 0) + { + msg = "No registration token given to DELETE /tokens/[token]."; + HttpResponseStatus(args->context, HTTP_BAD_REQUEST); + response = MatrixErrorCreate(M_INVALID_PARAM, msg); + goto finish; + } + info = RegTokenGetInfo(db, ArrayGet(path, 0)); + RegTokenDelete(info); + + response = HashMapCreate(); + break; + default: + /* Should not be possible. */ + break; + } +finish: + UserUnlock(user); + JsonFree(request); + return response; +} diff --git a/src/Routes/RoutePrivileges.c b/src/Routes/RoutePrivileges.c index 44ca311..4ffa480 100644 --- a/src/Routes/RoutePrivileges.c +++ b/src/Routes/RoutePrivileges.c @@ -98,15 +98,15 @@ ROUTE_IMPL(RoutePrivileges, path, argp) switch (HttpRequestMethodGet(args->context)) { case HTTP_POST: - privileges = UserDecodePrivileges(val); + privileges = UserDecodePrivileges(JsonValueAsArray(val)); break; case HTTP_PUT: privileges = UserGetPrivileges(user); - privileges |= UserDecodePrivileges(val); + privileges |= UserDecodePrivileges(JsonValueAsArray(val)); break; case HTTP_DELETE: privileges = UserGetPrivileges(user); - privileges &= ~UserDecodePrivileges(val); + privileges &= ~UserDecodePrivileges(JsonValueAsArray(val)); break; default: /* Impossible */ @@ -124,7 +124,7 @@ ROUTE_IMPL(RoutePrivileges, path, argp) /* Fall through */ case HTTP_GET: response = HashMapCreate(); - HashMapSet(response, "privileges", UserEncodePrivileges(UserGetPrivileges(user))); + HashMapSet(response, "privileges", JsonValueArray(UserEncodePrivileges(UserGetPrivileges(user)))); break; default: HttpResponseStatus(args->context, HTTP_BAD_REQUEST); diff --git a/src/Routes/RouteRegister.c b/src/Routes/RouteRegister.c index 5422c58..3527219 100644 --- a/src/Routes/RouteRegister.c +++ b/src/Routes/RouteRegister.c @@ -276,7 +276,7 @@ ROUTE_IMPL(RouteRegister, path, argp) if (info) { - UserSetPrivileges(user, info->grants); + UserSetPrivileges(user, UserDecodePrivileges(info->grants)); RegTokenClose(info); RegTokenFree(info); } diff --git a/src/User.c b/src/User.c index 02b1e80..d13ab90 100644 --- a/src/User.c +++ b/src/User.c @@ -749,7 +749,7 @@ UserGetPrivileges(User * user) return USER_NONE; } - return UserDecodePrivileges(HashMapGet(DbJson(user->ref), "privileges")); + return UserDecodePrivileges(JsonValueAsArray(HashMapGet(DbJson(user->ref), "privileges"))); } int @@ -768,7 +768,7 @@ UserSetPrivileges(User * user, int privileges) return 1; } - val = UserEncodePrivileges(privileges); + val = JsonValueArray(UserEncodePrivileges(privileges)); if (!val) { return 0; @@ -779,31 +779,26 @@ UserSetPrivileges(User * user, int privileges) } int -UserDecodePrivileges(JsonValue * val) +UserDecodePrivileges(Array * arr) { int privileges = USER_NONE; size_t i; - Array *arr; - if (!val) + if (!arr) { goto finish; } - if (JsonValueType(val) == JSON_ARRAY) + for (i = 0; i < ArraySize(arr); i++) { - arr = JsonValueAsArray(val); - for (i = 0; i < ArraySize(arr); i++) + JsonValue *val = ArrayGet(arr, i); + if (!val || JsonValueType(val) != JSON_STRING) { - val = ArrayGet(arr, i); - if (!val || JsonValueType(val) != JSON_STRING) - { - continue; - } - - privileges |= UserDecodePrivilege(JsonValueAsString(val)); + continue; } + + privileges |= UserDecodePrivilege(JsonValueAsString(val)); } finish: @@ -851,7 +846,7 @@ UserDecodePrivilege(const char *p) } } -JsonValue * +Array * UserEncodePrivileges(int privileges) { Array *arr = ArrayCreate(); @@ -883,7 +878,7 @@ UserEncodePrivileges(int privileges) #undef A finish: - return JsonValueArray(arr); + return arr; } UserId * diff --git a/src/include/RegToken.h b/src/include/RegToken.h index f6cd13b..309a2c2 100644 --- a/src/include/RegToken.h +++ b/src/include/RegToken.h @@ -42,54 +42,7 @@ #include #include -/** - * This structure describes a registration token that is in the - * database. - */ -typedef struct RegTokenInfo -{ - Db *db; - DbRef *ref; - - /* - * The token itself. - */ - char *name; - - /* - * Who created this token. Note that this can be NULL if the - * token was created by Telodendria itself. - */ - char *owner; - - /* - * How many times the token was used. - */ - Int64 used; - - /* - * How many uses are allowed. - */ - Int64 uses; - - /* - * Timestamp when this token was created. - */ - UInt64 created; - - /* - * Timestamp when this token expires, or 0 if it does not - * expire. - */ - UInt64 expires; - - /* - * A bit field describing the privileges this token grants. See - * the User API documentation for the privileges supported. - */ - int grants; - -} RegTokenInfo; +#include /** * ``Use'' the specified registration token by increasing the used @@ -132,7 +85,6 @@ RegTokenCreate(Db *, char *, char *, UInt64, Int64, int); * .Fn RegTokenClose . */ extern void RegTokenFree(RegTokenInfo *); - /** * Return a boolean value indicating whether or not the specified token * is valid. A registration token is only valid if it has not expired diff --git a/src/include/Routes.h b/src/include/Routes.h index f791d78..084daf8 100644 --- a/src/include/Routes.h +++ b/src/include/Routes.h @@ -105,6 +105,8 @@ ROUTE(RouteRoomAliases); ROUTE(RouteAdminDeactivate); +ROUTE(RouteAdminTokens); + #undef ROUTE #endif diff --git a/src/include/User.h b/src/include/User.h index ec266ec..bd30803 100644 --- a/src/include/User.h +++ b/src/include/User.h @@ -286,13 +286,13 @@ extern int UserSetPrivileges(User *, int); * Decode the JSON that represents the user privileges into a packed * bit field for simple manipulation. */ -extern int UserDecodePrivileges(JsonValue *); +extern int UserDecodePrivileges(Array *); /** * Encode the packed bit field that represents user privileges as a * JSON value. */ -extern JsonValue *UserEncodePrivileges(int); +extern Array *UserEncodePrivileges(int); /** * Convert a string privilege into its bit in the bit field. This is From 3dae19e82dc8f118e9d894f8aadd5eaadf12e27b Mon Sep 17 00:00:00 2001 From: lda Date: Tue, 21 Nov 2023 09:11:45 -0500 Subject: [PATCH 10/13] Refactor code to comply with #8 (#39) Reviewed-on: https://git.telodendria.io/Telodendria/Telodendria/pulls/39 Co-authored-by: lda Co-committed-by: lda --- Schema/LoginRequest.json | 38 +++++++++ Schema/Registration.json | 17 ++++ Schema/RequestToken.json | 21 +++++ src/Routes/RouteAdminDeactivate.c | 1 - src/Routes/RouteLogin.c | 130 +++++++--------------------- src/Routes/RouteRegister.c | 136 +++++++++--------------------- src/Routes/RouteRequestToken.c | 89 +++++++++++-------- 7 files changed, 203 insertions(+), 229 deletions(-) create mode 100644 Schema/LoginRequest.json create mode 100644 Schema/Registration.json create mode 100644 Schema/RequestToken.json diff --git a/Schema/LoginRequest.json b/Schema/LoginRequest.json new file mode 100644 index 0000000..b93dcc5 --- /dev/null +++ b/Schema/LoginRequest.json @@ -0,0 +1,38 @@ +{ + "header": "Schema\/LoginRequest.h", + "types": { + "LoginRequestType": { + "fields": { + "m.login.password": { "name": "REQUEST_TYPE_PASSWORD" } + }, + "type": "enum" + }, + "LoginRequestUserIdentifier": { + "fields": { + "type": { "type": "string" }, + "user": { "type": "string" } + }, + "type": "struct" + }, + "LoginRequest": { + "fields": { + "type": { "type": "LoginRequestType" }, + + "identifier": { "type": "object" }, + + "password": { "type": "string" }, + "address": { "type": "string" }, + "user": { "type": "string" }, + "device_id": { "type": "string" }, + "initial_device_display_name": { "type": "string" }, + "medium": { "type": "string" }, + "token": { "type": "string" }, + + "refresh_token": { "type": "boolean" } + }, + "type": "struct" + } + }, + "guard": "TELODENDRIA_SCHEMA_LOGIN_REQUEST_H" +} + diff --git a/Schema/Registration.json b/Schema/Registration.json new file mode 100644 index 0000000..f9db09c --- /dev/null +++ b/Schema/Registration.json @@ -0,0 +1,17 @@ +{ + "header": "Schema\/Registration.h", + "types": { + "RegistrationRequest": { + "fields": { + "username": { "type": "string" }, + "password": { "type": "string" }, + "device_id": { "type": "string" }, + "inhibit_login": { "type": "boolean" }, + "initial_device_display_name": { "type": "string" }, + "refresh_token": { "type": "boolean" } + }, + "type": "struct" + } + }, + "guard": "TELODENDRIA_SCHEMA_REGISTRATION_H" +} diff --git a/Schema/RequestToken.json b/Schema/RequestToken.json new file mode 100644 index 0000000..1f05393 --- /dev/null +++ b/Schema/RequestToken.json @@ -0,0 +1,21 @@ +{ + "header": "Schema\/RequestToken.h", + "types": { + "RequestToken": { + "fields": { + "client_secret": { "type": "string" }, + "send_attempt": { "type": "integer" }, + "next_link": { "type": "string" }, + "id_access_token": { "type": "string" }, + "id_server": { "type": "string" }, + + "email": { "type": "string" }, + + "country": { "type": "string" }, + "phone_number": { "type": "string" } + }, + "type": "struct" + } + }, + "guard": "TELODENDRIA_SCHEMA_REQUESTTOKEN_H" +} diff --git a/src/Routes/RouteAdminDeactivate.c b/src/Routes/RouteAdminDeactivate.c index 0cb9ac0..2a48e92 100644 --- a/src/Routes/RouteAdminDeactivate.c +++ b/src/Routes/RouteAdminDeactivate.c @@ -28,7 +28,6 @@ #include #include -#include ROUTE_IMPL(RouteAdminDeactivate, path, argp) { diff --git a/src/Routes/RouteLogin.c b/src/Routes/RouteLogin.c index 6c65a5c..f7b1d82 100644 --- a/src/Routes/RouteLogin.c +++ b/src/Routes/RouteLogin.c @@ -25,6 +25,8 @@ #include +#include + #include #include #include @@ -43,12 +45,9 @@ ROUTE_IMPL(RouteLogin, path, argp) HashMap *identifier; - char *deviceId = NULL; - char *initialDeviceDisplayName = NULL; - int refreshToken = 0; + LoginRequest loginRequest; + LoginRequestUserIdentifier userIdentifier; - char *password; - char *type; UserId *userId = NULL; Db *db = args->matrixArgs->db; @@ -57,6 +56,14 @@ ROUTE_IMPL(RouteLogin, path, argp) UserLoginInfo *loginInfo; char *fullUsername; + char *type; + char *initialDeviceDisplayName; + char *deviceId; + char *password; + int refreshToken; + + char *msg; + Config *config = ConfigLock(db); if (!config) @@ -68,6 +75,9 @@ ROUTE_IMPL(RouteLogin, path, argp) (void) path; + memset(&loginRequest, 0, sizeof(LoginRequest)); + memset(&userIdentifier, 0, sizeof(LoginRequestUserIdentifier)); + switch (HttpRequestMethodGet(args->context)) { case HTTP_GET: @@ -88,45 +98,21 @@ ROUTE_IMPL(RouteLogin, path, argp) break; } - val = HashMapGet(request, "type"); - if (!val) + if (!LoginRequestFromJson(request, &loginRequest, &msg)) { HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_MISSING_PARAM, NULL); + response = MatrixErrorCreate(M_BAD_JSON, msg); break; } - if (JsonValueType(val) != JSON_STRING) - { - HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_BAD_JSON, NULL); - break; - } - - type = JsonValueAsString(val); - if (!StrEquals(type, "m.login.password")) + if (loginRequest.type != REQUEST_TYPE_PASSWORD) { HttpResponseStatus(args->context, HTTP_BAD_REQUEST); response = MatrixErrorCreate(M_UNRECOGNIZED, NULL); break; } - val = HashMapGet(request, "identifier"); - if (!val) - { - HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_MISSING_PARAM, NULL); - break; - } - - if (JsonValueType(val) != JSON_OBJECT) - { - HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_BAD_JSON, NULL); - break; - } - - identifier = JsonValueAsObject(val); + identifier = loginRequest.identifier; val = HashMapGet(identifier, "type"); if (!val) @@ -150,23 +136,16 @@ ROUTE_IMPL(RouteLogin, path, argp) response = MatrixErrorCreate(M_UNRECOGNIZED, NULL); break; } - - val = HashMapGet(identifier, "user"); - if (!val) + if (!LoginRequestUserIdentifierFromJson(identifier, + &userIdentifier, &msg)) { HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_MISSING_PARAM, NULL); + response = MatrixErrorCreate(M_BAD_JSON, msg); break; } - if (JsonValueType(val) != JSON_STRING) - { - HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_BAD_JSON, NULL); - break; - } - userId = UserIdParse(JsonValueAsString(val), config->serverName); + userId = UserIdParse(userIdentifier.user, config->serverName); if (!userId) { HttpResponseStatus(args->context, HTTP_BAD_REQUEST); @@ -181,62 +160,12 @@ ROUTE_IMPL(RouteLogin, path, argp) response = MatrixErrorCreate(M_FORBIDDEN, NULL); break; } + + deviceId = loginRequest.device_id; - val = HashMapGet(request, "device_id"); - if (val) - { - if (JsonValueType(val) != JSON_STRING) - { - HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_BAD_JSON, NULL); - break; - } - - deviceId = JsonValueAsString(val); - } - - val = HashMapGet(request, "initial_device_display_name"); - if (val) - { - if (JsonValueType(val) != JSON_STRING) - { - HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_BAD_JSON, NULL); - break; - } - - initialDeviceDisplayName = JsonValueAsString(val); - } - - val = HashMapGet(request, "password"); - if (!val) - { - HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_MISSING_PARAM, NULL); - break; - } - - if (JsonValueType(val) != JSON_STRING) - { - HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_BAD_JSON, NULL); - break; - } - - password = JsonValueAsString(val); - - val = HashMapGet(request, "refresh_token"); - if (val) - { - if (JsonValueType(val) != JSON_BOOLEAN) - { - HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_BAD_JSON, NULL); - break; - } - - refreshToken = JsonValueAsBoolean(val); - } + initialDeviceDisplayName =loginRequest.initial_device_display_name; + password = loginRequest.password; + refreshToken = loginRequest.refresh_token; user = UserLock(db, userId->localpart); @@ -309,5 +238,8 @@ ROUTE_IMPL(RouteLogin, path, argp) JsonFree(request); ConfigUnlock(config); + LoginRequestFree(&loginRequest); + LoginRequestUserIdentifierFree(&userIdentifier); + return response; } diff --git a/src/Routes/RouteRegister.c b/src/Routes/RouteRegister.c index 3527219..c43883a 100644 --- a/src/Routes/RouteRegister.c +++ b/src/Routes/RouteRegister.c @@ -30,6 +30,8 @@ #include #include +#include + #include #include #include @@ -55,22 +57,15 @@ ROUTE_IMPL(RouteRegister, path, argp) HashMap *request = NULL; HashMap *response = NULL; - JsonValue *val; + RegistrationRequest regReq; char *kind; - - char *username = NULL; - char *password = NULL; - char *initialDeviceDisplayName = NULL; - int refreshToken = 0; - int inhibitLogin = 0; - char *deviceId = NULL; char *fullUsername; + char *msg; + char *username; Db *db = args->matrixArgs->db; - User *user = NULL; - Array *uiaFlows = NULL; int uiaResult; @@ -79,6 +74,16 @@ ROUTE_IMPL(RouteRegister, path, argp) Config *config = ConfigLock(db); + regReq.username = NULL; + regReq.password = NULL; + regReq.device_id = NULL; + regReq.initial_device_display_name = NULL; + regReq.refresh_token = 0; + regReq.inhibit_login = 0; + + + + if (!config) { Log(LOG_ERR, "Registration endpoint failed to lock configuration."); @@ -102,26 +107,23 @@ ROUTE_IMPL(RouteRegister, path, argp) response = MatrixErrorCreate(M_NOT_JSON, NULL); goto end; } - - val = HashMapGet(request, "username"); - if (val) + if (!RegistrationRequestFromJson(request, ®Req, &msg)) { - if (JsonValueType(val) != JSON_STRING) - { - HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_BAD_JSON, NULL); - goto finish; - } - username = StrDuplicate(JsonValueAsString(val)); + HttpResponseStatus(args->context, HTTP_BAD_REQUEST); + response = MatrixErrorCreate(M_NOT_JSON, msg); + goto end; + } - if (!UserValidate(username, config->serverName)) + if (regReq.username) + { + if (!UserValidate(regReq.username, config->serverName)) { HttpResponseStatus(args->context, HTTP_BAD_REQUEST); response = MatrixErrorCreate(M_INVALID_USERNAME, NULL); goto finish; } - if (UserExists(db, username)) + if (UserExists(db, regReq.username)) { HttpResponseStatus(args->context, HTTP_BAD_REQUEST); response = MatrixErrorCreate(M_USER_IN_USE, NULL); @@ -158,99 +160,44 @@ ROUTE_IMPL(RouteRegister, path, argp) /* We don't support guest accounts yet */ if (kind && !StrEquals(kind, "user")) { + msg = "Guest accounts are currently not supported"; HttpResponseStatus(args->context, HTTP_FORBIDDEN); - response = MatrixErrorCreate(M_INVALID_PARAM, NULL); + response = MatrixErrorCreate(M_INVALID_PARAM, msg); goto finish; } - val = HashMapGet(request, "password"); - if (!val) + if (!regReq.password) { + msg = "'password' field is unset"; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_MISSING_PARAM, NULL); + response = MatrixErrorCreate(M_MISSING_PARAM, msg); goto finish; } - if (JsonValueType(val) != JSON_STRING) - { - HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_BAD_JSON, NULL); - goto finish; - } + /* All of the other fields are optional, we don't have to check + * them. */ - password = StrDuplicate(JsonValueAsString(val)); - - val = HashMapGet(request, "device_id"); - if (val) - { - if (JsonValueType(val) != JSON_STRING) - { - HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_BAD_JSON, NULL); - goto finish; - } - - deviceId = StrDuplicate(JsonValueAsString(val)); - } - - val = HashMapGet(request, "inhibit_login"); - if (val) - { - if (JsonValueType(val) != JSON_BOOLEAN) - { - HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_BAD_JSON, NULL); - goto finish; - } - - inhibitLogin = JsonValueAsBoolean(val); - } - - val = HashMapGet(request, "initial_device_display_name"); - if (val) - { - if (JsonValueType(val) != JSON_STRING) - { - HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_BAD_JSON, NULL); - goto finish; - } - - initialDeviceDisplayName = StrDuplicate(JsonValueAsString(val)); - } - - val = HashMapGet(request, "refresh_token"); - if (val) - { - if (JsonValueType(val) != JSON_BOOLEAN) - { - HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_BAD_JSON, NULL); - goto finish; - } - - refreshToken = JsonValueAsBoolean(val); - } - - user = UserCreate(db, username, password); + user = UserCreate(db, regReq.username, regReq.password); response = HashMapCreate(); - fullUsername = StrConcat(4, "@", UserGetName(user), ":", config->serverName); + fullUsername = StrConcat(4, + "@", UserGetName(user), ":", config->serverName); HashMapSet(response, "user_id", JsonValueString(fullUsername)); Free(fullUsername); HttpResponseStatus(args->context, HTTP_OK); - if (!inhibitLogin) + if (!regReq.inhibit_login) { - UserLoginInfo *loginInfo = UserLogin(user, password, deviceId, - initialDeviceDisplayName, refreshToken); + UserLoginInfo *loginInfo = UserLogin(user, regReq.password, + regReq.device_id, regReq.initial_device_display_name, + regReq.refresh_token); HashMapSet(response, "access_token", JsonValueString(loginInfo->accessToken->string)); HashMapSet(response, "device_id", JsonValueString(loginInfo->accessToken->deviceId)); - if (refreshToken) + if (regReq.refresh_token) { HashMapSet(response, "expires_in_ms", JsonValueInteger(loginInfo->accessToken->lifetime)); @@ -294,10 +241,7 @@ ROUTE_IMPL(RouteRegister, path, argp) UserUnlock(user); finish: UiaFlowsFree(uiaFlows); - Free(username); - Free(password); - Free(deviceId); - Free(initialDeviceDisplayName); + RegistrationRequestFree(®Req); JsonFree(request); } else diff --git a/src/Routes/RouteRequestToken.c b/src/Routes/RouteRequestToken.c index 76a9ee2..779b541 100644 --- a/src/Routes/RouteRequestToken.c +++ b/src/Routes/RouteRequestToken.c @@ -26,14 +26,31 @@ #include #include +#include + ROUTE_IMPL(RouteRequestToken, path, argp) { RouteArgs *args = argp; char *type = ArrayGet(path, 0); HashMap *request; HashMap *response; - JsonValue *val; - char *str; + + char *msg; + + RequestToken reqTok; + + Int64 minusOne = Int64Neg(Int64Create(0, 1)); + + reqTok.client_secret = NULL; + reqTok.next_link = NULL; + reqTok.id_access_token = NULL; + reqTok.id_server = NULL; + + reqTok.email = NULL; + reqTok.country = NULL; + reqTok.phone_number = NULL; + + reqTok.send_attempt = minusOne; if (HttpRequestMethodGet(args->context) != HTTP_POST) { @@ -48,87 +65,92 @@ ROUTE_IMPL(RouteRequestToken, path, argp) return MatrixErrorCreate(M_NOT_JSON, NULL); } - val = HashMapGet(request, "client_secret"); - if (!val || JsonValueType(val) != JSON_STRING) + if (!RequestTokenFromJson(request, &reqTok, &msg)) { HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_BAD_JSON, NULL); + response = MatrixErrorCreate(M_BAD_JSON, msg); goto finish; } - str = JsonValueAsString(val); - if (strlen(str) > 255 || StrBlank(str)) + if (!reqTok.client_secret) { + msg = "'client_secret' is not set"; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_BAD_JSON, NULL); + response = MatrixErrorCreate(M_BAD_JSON, msg); goto finish; } - val = HashMapGet(request, "send_attempt"); - if (!val || JsonValueType(val) != JSON_INTEGER) + if (strlen(reqTok.client_secret) > 255 || StrBlank(reqTok.client_secret)) { + msg = "'client_secret' is blank or too long"; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_BAD_JSON, NULL); + response = MatrixErrorCreate(M_BAD_JSON, msg); goto finish; } - val = HashMapGet(request, "next_link"); - if (val && JsonValueType(val) != JSON_STRING) + if (Int64Eq(reqTok.send_attempt, minusOne)) { + msg = "Invalid or inexistent 'send_attempt'"; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_BAD_JSON, NULL); + response = MatrixErrorCreate(M_BAD_JSON, msg); goto finish; } - val = HashMapGet(request, "id_access_token"); - if (val && JsonValueType(val) != JSON_STRING) + if (!reqTok.next_link) { + msg = "'next_link' is not set"; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_BAD_JSON, NULL); + response = MatrixErrorCreate(M_BAD_JSON, msg); goto finish; } - - val = HashMapGet(request, "id_server"); - if (val && JsonValueType(val) != JSON_STRING) + if (!reqTok.id_access_token) { + msg = "'id_access_token' is not set"; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_BAD_JSON, NULL); + response = MatrixErrorCreate(M_BAD_JSON, msg); + goto finish; + } + if (!reqTok.id_server) + { + msg = "'id_server' is not set"; + HttpResponseStatus(args->context, HTTP_BAD_REQUEST); + response = MatrixErrorCreate(M_BAD_JSON, msg); goto finish; } if (StrEquals(type, "email")) { - val = HashMapGet(request, "email"); - if (val && JsonValueType(val) != JSON_STRING) + if (!reqTok.email) { + msg = "Type is set to 'email' yet none was set"; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_BAD_JSON, NULL); + response = MatrixErrorCreate(M_BAD_JSON, msg); goto finish; } } else if (StrEquals(type, "msisdn")) { - val = HashMapGet(request, "country"); - if (val && JsonValueType(val) != JSON_STRING) + if (!reqTok.country) { + msg = "Type is set to 'msisdn' yet no country is set"; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_BAD_JSON, NULL); + response = MatrixErrorCreate(M_BAD_JSON, msg); goto finish; } - str = JsonValueAsString(val); - if (strlen(str) != 2) + if (strlen(reqTok.country) != 2) { + msg = "Invalid country tag, length must be 2"; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_BAD_JSON, NULL); + response = MatrixErrorCreate(M_BAD_JSON, msg); goto finish; } - val = HashMapGet(request, "phone_number"); - if (val && JsonValueType(val) != JSON_STRING) + if (!reqTok.phone_number) { + msg = "Type is set to 'msisdn' yet phone_number is unset"; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_BAD_JSON, NULL); + response = MatrixErrorCreate(M_BAD_JSON, msg); goto finish; } } @@ -145,5 +167,6 @@ ROUTE_IMPL(RouteRequestToken, path, argp) finish: JsonFree(request); + RequestTokenFree(&reqTok); return response; } From d3dcf334f0b8168559f141986cb0658f66f3b789 Mon Sep 17 00:00:00 2001 From: Jordan Bancino Date: Tue, 21 Nov 2023 09:14:03 -0500 Subject: [PATCH 11/13] Update change log. --- docs/CHANGELOG.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/CHANGELOG.md b/docs/CHANGELOG.md index 9a90146..6f62558 100644 --- a/docs/CHANGELOG.md +++ b/docs/CHANGELOG.md @@ -38,6 +38,8 @@ with certain Matrix clients. (#35) will now be maintained separately and have its own releases as well. - Use a `configure` script and `make` to build Telodendria instead of custom scripts. +- Greatly simplified some endpoint code by using Cytoplasm's `j2s` for +parsing request bodies. ### New Features From 0a91a0c40b8dd1024866a0cb085778faf8349a3d Mon Sep 17 00:00:00 2001 From: Jordan Bancino Date: Tue, 21 Nov 2023 09:16:50 -0500 Subject: [PATCH 12/13] Remove site files & update README with current site. The website is now managed in Grav. --- README.md | 6 +- site/index.html | 138 ------------- site/mandoc.css | 368 ----------------------------------- site/style.css | 114 ----------- site/telodendria-signify.pub | 2 - 5 files changed, 3 insertions(+), 625 deletions(-) delete mode 100644 site/index.html delete mode 100644 site/mandoc.css delete mode 100644 site/style.css delete mode 100644 site/telodendria-signify.pub diff --git a/README.md b/README.md index 003b8c7..42182d4 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ -

Telodendria

+

Lightweight, Decentralized Chat.

-Telodendria is an extremely powerful, yet lightweight and portable +**Telodendria** is an extremely powerful, yet lightweight and portable chat server designed to be easy to install and configure. Powered by the [Matrix](https://matrix.org) protocol, Telodendria empowers everyone to run their own chat server on ordinary hardware, including @@ -79,7 +79,7 @@ not yet deliver on all of its promises. Currently, Telodendria is not ready for end-users yet. While it features very basic user authentication, it does not actually work as a chat server yet. -We are hoping to ship Telodendria `v1.7.0-alpha4` by May of 2024. This +We are hoping to ship Telodendria `v1.7.0-alpha4` by January of 2025. This release should be usable for communication between **local users** only. Additional features, including federation with other Matrix homeservers will be added in future releases. diff --git a/site/index.html b/site/index.html deleted file mode 100644 index 5d62447..0000000 --- a/site/index.html +++ /dev/null @@ -1,138 +0,0 @@ - - - - - - - - - - - - - - - - - - - -Telodendria | A Matrix Homeserver written in ANSI C. - - - -

Telodendria

-

-Tel-ə-'den-drē-ə: The terminal aborizations of an axon. -

-

-Telodendria is an open source Matrix homeserver implementation written from -scratch in ANSI C and designed to be lightweight and simple, yet -functional. -

-
-Note: Telodendria is under heavy development and is not -yet ready for use. -Please see the Project Status -for information about the project state, and use the links below to help fund development. -
- -

-If you would like to donate to this project, you can do so with the -following links: -

-
    -
  • LiberaPay (recurring, account required)
  • -
  • Stripe (one-time, no account required)
  • -
-

-If you would like to do a recurring donation larger than what's allowed -by LiberaPay, please contact me directly on Matrix at @jordan:bancino.net. -

-

Download

-

-Telodendria is distributed as source tarballs, in true Unix -fashion. If you want, you can verify the checksum of your download, -and check the signature. To check the signature, you'll need -signify, and the signify public key: - -telodendria-signify.pub. -

- - - - - - - - - - - - - -
VersionDownloadChecksumSignature
${TELODENDRIA_VERSION} - -Telodendria-v${TELODENDRIA_VERSION}.tar.gz - - - -sha256 - - - -signify - -
-

-See the change log for -release notes. If you are looking for older Telodendria versions, you -can find them here. -

-

-If your operating system has an official package or port of -Telodendria, you should prefer to use that instead of manually -downloading the source and building it. Consult your operating system's -manual for how to install packages, as well as the official repository, -to see if a package is available. If your operating system's -package or port is too out of date for your tastes, please contact -the package's maintainers to notify them, or offer to update the -package yourself. -

-

-If your operating system does not have a package or port of -Telodendria, please consult the -porting(7) page for guidelines -related to packaging Telodendria for your system. -

-

Documentation

-

-Telodendria's documentation is distributed with the source -code as man pages, which contain all of the information -on what Telodendria is, what its goals are, how to build the source, -configure it, as well as contribute to the project. The man -pages are also available online for convenience: -

-

User Documentation:

-${USER_DOCS} -
-
-Developer Documentation: -

-This documentation is intended primarily for developers. It details all -of the internal workings of Telodendria. -

-${DEV_DOCS} -
-
-

-© 2023 Jordan Bancino <@jordan:bancino.net> -
-Updated on ${DATE}. -

- - diff --git a/site/mandoc.css b/site/mandoc.css deleted file mode 100644 index 6bfce46..0000000 --- a/site/mandoc.css +++ /dev/null @@ -1,368 +0,0 @@ -/* $OpenBSD: mandoc.css,v 1.39 2022/07/06 14:27:55 schwarze Exp $ */ -/* - * Standard style sheet for mandoc(1) -Thtml and man.cgi(8). - * - * Written by Ingo Schwarze . - * I place this file into the public domain. - * Permission to use, copy, modify, and distribute it for any purpose - * with or without fee is hereby granted, without any conditions. - */ - -/* Global defaults. */ - -html { max-width: 65em; - --bg: #FFFFFF; - --fg: #000000; } -body { background: var(--bg); - color: var(--fg); - font-family: Helvetica,Arial,sans-serif; } -h1, h2 { font-size: 110%; } -table { margin-top: 0em; - margin-bottom: 0em; - border-collapse: collapse; } -/* Some browsers set border-color in a browser style for tbody, - * but not for table, resulting in inconsistent border styling. */ -tbody { border-color: inherit; } -tr { border-color: inherit; } -td { vertical-align: top; - padding-left: 0.2em; - padding-right: 0.2em; - border-color: inherit; } -ul, ol, dl { margin-top: 0em; - margin-bottom: 0em; } -li, dt { margin-top: 1em; } -pre { font-family: inherit; } - -.permalink { border-bottom: thin dotted; - color: inherit; - font: inherit; - text-decoration: inherit; } -* { clear: both } - -/* Search form and search results. */ - -fieldset { border: thin solid silver; - border-radius: 1em; - text-align: center; } -input[name=expr] { - width: 25%; } - -table.results { margin-top: 1em; - margin-left: 2em; - font-size: smaller; } - -/* Header and footer lines. */ - -div[role=doc-pageheader] { - display: flex; - border-bottom: 1px dotted #808080; - margin-bottom: 1em; - font-size: smaller; } -.head-ltitle { flex: 1; } -.head-vol { flex: 0 1 auto; - text-align: center; } -.head-rtitle { flex: 1; - text-align: right; } - -div[role=doc-pagefooter] { - display: flex; - justify-content: space-between; - border-top: 1px dotted #808080; - margin-top: 1em; - font-size: smaller; } -.foot-left { flex: 1; } -.foot-date { flex: 0 1 auto; - text-align: center; } -.foot-os { flex: 1; - text-align: right; } - -/* Sections and paragraphs. */ - -main { margin-left: 3.8em; } -.Nd { } -section.Sh { } -h2.Sh { margin-top: 1.2em; - margin-bottom: 0.6em; - margin-left: -3.2em; } -section.Ss { } -h3.Ss { margin-top: 1.2em; - margin-bottom: 0.6em; - margin-left: -1.2em; - font-size: 105%; } -.Pp { margin: 0.6em 0em; } -.Sx { } -.Xr { } - -/* Displays and lists. */ - -.Bd { } -.Bd-indent { margin-left: 3.8em; } - -.Bl-bullet { list-style-type: disc; - padding-left: 1em; } -.Bl-bullet > li { } -.Bl-dash { list-style-type: none; - padding-left: 0em; } -.Bl-dash > li:before { - content: "\2014 "; } -.Bl-item { list-style-type: none; - padding-left: 0em; } -.Bl-item > li { } -.Bl-compact > li { - margin-top: 0em; } - -.Bl-enum { padding-left: 2em; } -.Bl-enum > li { } -.Bl-compact > li { - margin-top: 0em; } - -.Bl-diag { } -.Bl-diag > dt { - font-style: normal; - font-weight: bold; } -.Bl-diag > dd { - margin-left: 0em; } -.Bl-hang { } -.Bl-hang > dt { } -.Bl-hang > dd { - margin-left: 5.5em; } -.Bl-inset { } -.Bl-inset > dt { } -.Bl-inset > dd { - margin-left: 0em; } -.Bl-ohang { } -.Bl-ohang > dt { } -.Bl-ohang > dd { - margin-left: 0em; } -.Bl-tag { margin-top: 0.6em; - margin-left: 5.5em; } -.Bl-tag > dt { - float: left; - margin-top: 0em; - margin-left: -5.5em; - padding-right: 0.5em; - vertical-align: top; } -.Bl-tag > dd { - clear: right; - column-count: 1; /* Force block formatting context. */ - width: 100%; - margin-top: 0em; - margin-left: 0em; - margin-bottom: 0.6em; - vertical-align: top; } -.Bl-compact { margin-top: 0em; } -.Bl-compact > dd { - margin-bottom: 0em; } -.Bl-compact > dt { - margin-top: 0em; } - -.Bl-column { } -.Bl-column > tbody > tr { } -.Bl-column > tbody > tr > td { - margin-top: 1em; } -.Bl-compact > tbody > tr > td { - margin-top: 0em; } - -.Rs { font-style: normal; - font-weight: normal; } -.RsA { } -.RsB { font-style: italic; - font-weight: normal; } -.RsC { } -.RsD { } -.RsI { font-style: italic; - font-weight: normal; } -.RsJ { font-style: italic; - font-weight: normal; } -.RsN { } -.RsO { } -.RsP { } -.RsQ { } -.RsR { } -.RsT { text-decoration: underline; } -.RsU { } -.RsV { } - -.eqn { } -.tbl td { vertical-align: middle; } - -.HP { margin-left: 3.8em; - text-indent: -3.8em; } - -/* Semantic markup for command line utilities. */ - -table.Nm { } -code.Nm { font-style: normal; - font-weight: bold; - font-family: inherit; } -.Fl { font-style: normal; - font-weight: bold; - font-family: inherit; } -.Cm { font-style: normal; - font-weight: bold; - font-family: inherit; } -.Ar { font-style: italic; - font-weight: normal; } -.Op { display: inline flow; } -.Ic { font-style: normal; - font-weight: bold; - font-family: inherit; } -.Ev { font-style: normal; - font-weight: normal; - font-family: monospace; } -.Pa { font-style: italic; - font-weight: normal; } - -/* Semantic markup for function libraries. */ - -.Lb { } -code.In { font-style: normal; - font-weight: bold; - font-family: inherit; } -a.In { } -.Fd { font-style: normal; - font-weight: bold; - font-family: inherit; } -.Ft { font-style: italic; - font-weight: normal; } -.Fn { font-style: normal; - font-weight: bold; - font-family: inherit; } -.Fa { font-style: italic; - font-weight: normal; } -.Vt { font-style: italic; - font-weight: normal; } -.Va { font-style: italic; - font-weight: normal; } -.Dv { font-style: normal; - font-weight: normal; - font-family: monospace; } -.Er { font-style: normal; - font-weight: normal; - font-family: monospace; } - -/* Various semantic markup. */ - -.An { } -.Lk { } -.Mt { } -.Cd { font-style: normal; - font-weight: bold; - font-family: inherit; } -.Ad { font-style: italic; - font-weight: normal; } -.Ms { font-style: normal; - font-weight: bold; } -.St { } -.Ux { } - -/* Physical markup. */ - -.Bf { display: inline flow; } -.No { font-style: normal; - font-weight: normal; } -.Em { font-style: italic; - font-weight: normal; } -.Sy { font-style: normal; - font-weight: bold; } -.Li { font-style: normal; - font-weight: normal; - font-family: monospace; } - -/* Tooltip support. */ - -h2.Sh, h3.Ss { position: relative; } -.An, .Ar, .Cd, .Cm, .Dv, .Em, .Er, .Ev, .Fa, .Fd, .Fl, .Fn, .Ft, -.Ic, code.In, .Lb, .Lk, .Ms, .Mt, .Nd, code.Nm, .Pa, .Rs, -.St, .Sx, .Sy, .Va, .Vt, .Xr { - display: inline flow; - position: relative; } - -.An::before { content: "An"; } -.Ar::before { content: "Ar"; } -.Cd::before { content: "Cd"; } -.Cm::before { content: "Cm"; } -.Dv::before { content: "Dv"; } -.Em::before { content: "Em"; } -.Er::before { content: "Er"; } -.Ev::before { content: "Ev"; } -.Fa::before { content: "Fa"; } -.Fd::before { content: "Fd"; } -.Fl::before { content: "Fl"; } -.Fn::before { content: "Fn"; } -.Ft::before { content: "Ft"; } -.Ic::before { content: "Ic"; } -code.In::before { content: "In"; } -.Lb::before { content: "Lb"; } -.Lk::before { content: "Lk"; } -.Ms::before { content: "Ms"; } -.Mt::before { content: "Mt"; } -.Nd::before { content: "Nd"; } -code.Nm::before { content: "Nm"; } -.Pa::before { content: "Pa"; } -.Rs::before { content: "Rs"; } -h2.Sh::before { content: "Sh"; } -h3.Ss::before { content: "Ss"; } -.St::before { content: "St"; } -.Sx::before { content: "Sx"; } -.Sy::before { content: "Sy"; } -.Va::before { content: "Va"; } -.Vt::before { content: "Vt"; } -.Xr::before { content: "Xr"; } - -.An::before, .Ar::before, .Cd::before, .Cm::before, -.Dv::before, .Em::before, .Er::before, .Ev::before, -.Fa::before, .Fd::before, .Fl::before, .Fn::before, .Ft::before, -.Ic::before, code.In::before, .Lb::before, .Lk::before, -.Ms::before, .Mt::before, .Nd::before, code.Nm::before, -.Pa::before, .Rs::before, -h2.Sh::before, h3.Ss::before, .St::before, .Sx::before, .Sy::before, -.Va::before, .Vt::before, .Xr::before { - opacity: 0; - transition: .15s ease opacity; - pointer-events: none; - position: absolute; - bottom: 100%; - box-shadow: 0 0 .35em var(--fg); - padding: .15em .25em; - white-space: nowrap; - font-family: Helvetica,Arial,sans-serif; - font-style: normal; - font-weight: bold; - background: var(--bg); - color: var(--fg); } -.An:hover::before, .Ar:hover::before, .Cd:hover::before, .Cm:hover::before, -.Dv:hover::before, .Em:hover::before, .Er:hover::before, .Ev:hover::before, -.Fa:hover::before, .Fd:hover::before, .Fl:hover::before, .Fn:hover::before, -.Ft:hover::before, .Ic:hover::before, code.In:hover::before, -.Lb:hover::before, .Lk:hover::before, .Ms:hover::before, .Mt:hover::before, -.Nd:hover::before, code.Nm:hover::before, .Pa:hover::before, -.Rs:hover::before, h2.Sh:hover::before, h3.Ss:hover::before, .St:hover::before, -.Sx:hover::before, .Sy:hover::before, .Va:hover::before, .Vt:hover::before, -.Xr:hover::before { - opacity: 1; - pointer-events: inherit; } - -/* Overrides to avoid excessive margins on small devices. */ - -@media (max-width: 37.5em) { -main { margin-left: 0.5em; } -h2.Sh, h3.Ss { margin-left: 0em; } -.Bd-indent { margin-left: 2em; } -.Bl-hang > dd { - margin-left: 2em; } -.Bl-tag { margin-left: 2em; } -.Bl-tag > dt { - margin-left: -2em; } -.HP { margin-left: 2em; - text-indent: -2em; } -} - -/* Overrides for a dark color scheme for accessibility. */ - -@media (prefers-color-scheme: dark) { -html { --bg: #1E1F21; - --fg: #EEEFF1; } -:link { color: #BAD7FF; } -:visited { color: #F6BAFF; } -} diff --git a/site/style.css b/site/style.css deleted file mode 100644 index 63c1ad2..0000000 --- a/site/style.css +++ /dev/null @@ -1,114 +0,0 @@ -@import "mandoc.css"; - -:root { - --border-radius: 10px; - - --color-snippet: #161b22; - --color-link: #7b8333; - --color-bg: #0d1117; - --color-text: #c9d1d9; - - --color-table-border: #30363d; - --color-table-accent: #161b22; - - --color-error-bg: #5c6434; - --color-error: white; -} - -html { - max-width: 100%; -} - -body { - margin: auto; - max-width: 8.5in; - padding: 0.25in; - - color: var(--color-text); - background-color: var(--color-bg); - - font-family: Arial; -} - -.msg-error { - background-color: var(--color-error-bg); - color: var(--color-error); - border-radius: var(--border-radius); - padding: 20px; -} - -.msg-error a { - color: var(--color-error); - font-weight: bold; - text-decoration: underline -} - -h1 { - text-align: center; -} - -h1, h4, h5, h6 { - border-bottom: 1px dashed var(--color-table-border); -} - -hr { - border: 0; - border-bottom: 1px dashed var(--color-table-border); -} - -h4, h5, h6 { - width: fit-content; -} - -a { - color: var(--color-link) !important; - text-decoration: none; -} - -a:hover { - text-decoration: underline; -} - -table { - width: 100%; - border-collapse: separate; - border-spacing: 0px; -} - -td, th { - border: 1px solid var(--color-table-border); - text-align: left; - padding: 8px; -} - -tr:nth-child(even) { - background-color: var(--color-table-accent); -} - -/* Thanks Jonah! */ -#logo { - display: block; - margin: auto; - width: 50vw; - max-width: 400px; -} - -/* Mandoc overrides */ - -.Bd { - background-color: var(--color-snippet); - border-radius: var(--border-radius); - padding-left: 10px; - - overflow: auto; -} - -.Nm { - width: fit-content; -} - -.Nm td, .Nm th { - border: none; -} - - diff --git a/site/telodendria-signify.pub b/site/telodendria-signify.pub deleted file mode 100644 index 37aeead..0000000 --- a/site/telodendria-signify.pub +++ /dev/null @@ -1,2 +0,0 @@ -untrusted comment: signify public key -RWTPPnWvnpee8NlygSggQqk5V5oghl6Ikq99bZl5IRQwiRMLaJnq82mw From 2c6d5194d2a3d66d69e1f92f68321006c75a2e7d Mon Sep 17 00:00:00 2001 From: lda Date: Sat, 2 Dec 2023 10:24:08 -0500 Subject: [PATCH 13/13] Set an error message with MatrixErrorCreate whenever applicable (#45) Closes #6. Co-authored-by: Jordan Bancino Reviewed-on: https://git.telodendria.io/Telodendria/Telodendria/pulls/45 Co-authored-by: lda Co-committed-by: lda --- src/Routes/RouteChangePwd.c | 8 +++-- src/Routes/RouteConfig.c | 22 ++++++++----- src/Routes/RouteCreateRoom.c | 3 +- src/Routes/RouteDeactivate.c | 8 +++-- src/Routes/RouteFilter.c | 20 ++++++++---- src/Routes/RouteLogin.c | 25 ++++++++++----- src/Routes/RouteLogout.c | 8 +++-- src/Routes/RoutePrivileges.c | 17 ++++++++--- src/Routes/RouteProcControl.c | 11 ++++--- src/Routes/RouteRefresh.c | 8 +++-- src/Routes/RouteRegister.c | 6 ++-- src/Routes/RouteRequestToken.c | 3 +- src/Routes/RouteStaticResources.c | 4 +-- src/Routes/RouteTokenValid.c | 4 ++- src/Routes/RouteUiaFallback.c | 51 +++++++++++++++++-------------- src/Routes/RouteUserProfile.c | 23 +++++++++----- src/Routes/RouteWellKnown.c | 5 ++- src/Routes/RouteWhoami.c | 4 ++- src/Uia.c | 11 +++++-- 19 files changed, 161 insertions(+), 80 deletions(-) diff --git a/src/Routes/RouteChangePwd.c b/src/Routes/RouteChangePwd.c index daa1538..81c51a0 100644 --- a/src/Routes/RouteChangePwd.c +++ b/src/Routes/RouteChangePwd.c @@ -65,6 +65,8 @@ ROUTE_IMPL(RouteChangePwd, path, argp) char *token; char *newPassword; + char *msg; + Config *config = ConfigLock(db); if (!config) @@ -78,8 +80,9 @@ ROUTE_IMPL(RouteChangePwd, path, argp) if (HttpRequestMethodGet(args->context) != HTTP_POST) { + msg = "Route only supports POST."; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_UNRECOGNIZED, NULL); + response = MatrixErrorCreate(M_UNRECOGNIZED, msg); goto finish; } @@ -118,9 +121,10 @@ ROUTE_IMPL(RouteChangePwd, path, argp) newPassword = JsonValueAsString(HashMapGet(request, "new_password")); if (!newPassword) { + msg = "'new_password' is unset or not a string."; JsonFree(request); HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_BAD_JSON, NULL); + response = MatrixErrorCreate(M_BAD_JSON, msg); goto finish; } diff --git a/src/Routes/RouteConfig.c b/src/Routes/RouteConfig.c index 5f0c91e..cb3c244 100644 --- a/src/Routes/RouteConfig.c +++ b/src/Routes/RouteConfig.c @@ -33,6 +33,7 @@ ROUTE_IMPL(RouteConfig, path, argp) RouteArgs *args = argp; HashMap *response; char *token; + char *msg; User *user = NULL; Config *config = NULL; @@ -59,17 +60,19 @@ ROUTE_IMPL(RouteConfig, path, argp) if (!(UserGetPrivileges(user) & USER_CONFIG)) { + msg = "User does not have the 'CONFIG' privilege."; HttpResponseStatus(args->context, HTTP_FORBIDDEN); - response = MatrixErrorCreate(M_FORBIDDEN, NULL); + response = MatrixErrorCreate(M_FORBIDDEN, msg); goto finish; } config = ConfigLock(args->matrixArgs->db); if (!config) { + msg = "Internal server error while locking configuration."; Log(LOG_ERR, "Config endpoint failed to lock configuration."); HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); - response = MatrixErrorCreate(M_UNKNOWN, NULL); + response = MatrixErrorCreate(M_UNKNOWN, msg); goto finish; } @@ -90,8 +93,9 @@ ROUTE_IMPL(RouteConfig, path, argp) newConf = ConfigParse(request); if (!newConf) { + msg = "Internal server error while parsing config."; HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); - response = MatrixErrorCreate(M_UNKNOWN, NULL); + response = MatrixErrorCreate(M_UNKNOWN, msg); break; } @@ -108,8 +112,9 @@ ROUTE_IMPL(RouteConfig, path, argp) } else { + msg = "Internal server error while writing the config."; HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); - response = MatrixErrorCreate(M_UNKNOWN, NULL); + response = MatrixErrorCreate(M_UNKNOWN, msg); } } else @@ -137,8 +142,9 @@ ROUTE_IMPL(RouteConfig, path, argp) if (!newConf) { + msg = "Internal server error while parsing config."; HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); - response = MatrixErrorCreate(M_UNKNOWN, NULL); + response = MatrixErrorCreate(M_UNKNOWN, msg); break; } @@ -155,8 +161,9 @@ ROUTE_IMPL(RouteConfig, path, argp) } else { + msg = "Internal server error while writing the config."; HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); - response = MatrixErrorCreate(M_UNKNOWN, NULL); + response = MatrixErrorCreate(M_UNKNOWN, msg); } } else @@ -170,8 +177,9 @@ ROUTE_IMPL(RouteConfig, path, argp) JsonFree(newJson); break; default: + msg = "Unknown request method."; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_UNRECOGNIZED, "Unknown request method."); + response = MatrixErrorCreate(M_UNRECOGNIZED, msg); break; } diff --git a/src/Routes/RouteCreateRoom.c b/src/Routes/RouteCreateRoom.c index 171dbcf..9ba1028 100644 --- a/src/Routes/RouteCreateRoom.c +++ b/src/Routes/RouteCreateRoom.c @@ -41,8 +41,9 @@ ROUTE_IMPL(RouteCreateRoom, path, argp) if (HttpRequestMethodGet(args->context) != HTTP_POST) { + err = "Unknown request method."; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_UNRECOGNIZED, "Unknown request method."); + response = MatrixErrorCreate(M_UNRECOGNIZED, err); goto finish; } diff --git a/src/Routes/RouteDeactivate.c b/src/Routes/RouteDeactivate.c index ec0a06c..3a1a5d5 100644 --- a/src/Routes/RouteDeactivate.c +++ b/src/Routes/RouteDeactivate.c @@ -47,6 +47,8 @@ ROUTE_IMPL(RouteDeactivate, path, argp) User *user = NULL; Config *config = ConfigLock(db); + char *msg; + (void) path; if (!config) @@ -59,8 +61,9 @@ ROUTE_IMPL(RouteDeactivate, path, argp) if (HttpRequestMethodGet(args->context) != HTTP_POST) { + msg = "Route only accepts POST."; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_UNRECOGNIZED, NULL); + response = MatrixErrorCreate(M_UNRECOGNIZED, msg); goto finish; } @@ -128,8 +131,9 @@ ROUTE_IMPL(RouteDeactivate, path, argp) if (!UserDeleteTokens(user, NULL) || !UserDeactivate(user, NULL, NULL)) { + msg = "Internal server error: couldn't remove user properly."; HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); - response = MatrixErrorCreate(M_UNKNOWN, NULL); + response = MatrixErrorCreate(M_UNKNOWN, msg); goto finish; } diff --git a/src/Routes/RouteFilter.c b/src/Routes/RouteFilter.c index fb0d9ba..4a8500e 100644 --- a/src/Routes/RouteFilter.c +++ b/src/Routes/RouteFilter.c @@ -69,6 +69,8 @@ ROUTE_IMPL(RouteFilter, path, argp) char *userParam = ArrayGet(path, 0); + char *msg; + if (!userParam) { /* Should be impossible */ @@ -87,15 +89,17 @@ ROUTE_IMPL(RouteFilter, path, argp) id = UserIdParse(userParam, serverName); if (!id) { + msg = "Invalid user ID."; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_INVALID_PARAM, NULL); + response = MatrixErrorCreate(M_INVALID_PARAM, msg); goto finish; } if (!StrEquals(id->server, serverName)) { + msg = "Cannot use /filter for non-local users."; HttpResponseStatus(args->context, HTTP_UNAUTHORIZED); - response = MatrixErrorCreate(M_UNAUTHORIZED, NULL); + response = MatrixErrorCreate(M_UNAUTHORIZED, msg); goto finish; } @@ -115,8 +119,9 @@ ROUTE_IMPL(RouteFilter, path, argp) if (!StrEquals(id->localpart, UserGetName(user))) { + msg = "Unauthorized to use /filter."; HttpResponseStatus(args->context, HTTP_UNAUTHORIZED); - response = MatrixErrorCreate(M_INVALID_PARAM, NULL); + response = MatrixErrorCreate(M_INVALID_PARAM, msg); goto finish; } @@ -126,8 +131,9 @@ ROUTE_IMPL(RouteFilter, path, argp) if (!ref) { + msg = "The filter for this user was not found."; HttpResponseStatus(args->context, HTTP_NOT_FOUND); - response = MatrixErrorCreate(M_NOT_FOUND, NULL); + response = MatrixErrorCreate(M_NOT_FOUND, msg); goto finish; } @@ -161,8 +167,9 @@ ROUTE_IMPL(RouteFilter, path, argp) filterId = StrRandom(12); if (!filterId) { + msg = "Couldn't generate random filter ID; this is unintended."; HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); - response = MatrixErrorCreate(M_UNKNOWN, NULL); + response = MatrixErrorCreate(M_UNKNOWN, msg); goto finish; } @@ -170,8 +177,9 @@ ROUTE_IMPL(RouteFilter, path, argp) if (!ref) { Free(filterId); + msg = "Couldn't write filter to the database, this is unintended."; HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); - response = MatrixErrorCreate(M_UNKNOWN, NULL); + response = MatrixErrorCreate(M_UNKNOWN, msg); goto finish; } diff --git a/src/Routes/RouteLogin.c b/src/Routes/RouteLogin.c index f7b1d82..327281d 100644 --- a/src/Routes/RouteLogin.c +++ b/src/Routes/RouteLogin.c @@ -107,8 +107,9 @@ ROUTE_IMPL(RouteLogin, path, argp) if (loginRequest.type != REQUEST_TYPE_PASSWORD) { + msg = "Unsupported login type."; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_UNRECOGNIZED, NULL); + response = MatrixErrorCreate(M_UNRECOGNIZED, msg); break; } @@ -117,6 +118,7 @@ ROUTE_IMPL(RouteLogin, path, argp) val = HashMapGet(identifier, "type"); if (!val) { + msg = "No login identifier type set."; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); response = MatrixErrorCreate(M_MISSING_PARAM, NULL); break; @@ -124,16 +126,18 @@ ROUTE_IMPL(RouteLogin, path, argp) if (JsonValueType(val) != JSON_STRING) { + msg = "Invalid login identifier type."; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_BAD_JSON, NULL); + response = MatrixErrorCreate(M_BAD_JSON, msg); break; } type = JsonValueAsString(val); if (!StrEquals(type, "m.id.user")) { + msg = "Invalid login identifier type."; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_UNRECOGNIZED, NULL); + response = MatrixErrorCreate(M_UNRECOGNIZED, msg); break; } if (!LoginRequestUserIdentifierFromJson(identifier, @@ -148,16 +152,18 @@ ROUTE_IMPL(RouteLogin, path, argp) userId = UserIdParse(userIdentifier.user, config->serverName); if (!userId) { + msg = "Invalid user ID."; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_BAD_JSON, NULL); + response = MatrixErrorCreate(M_BAD_JSON, msg); break; } if (!StrEquals(userId->server, config->serverName) || !UserExists(db, userId->localpart)) { + msg = "Unknown user ID."; HttpResponseStatus(args->context, HTTP_FORBIDDEN); - response = MatrixErrorCreate(M_FORBIDDEN, NULL); + response = MatrixErrorCreate(M_FORBIDDEN, msg); break; } @@ -171,8 +177,9 @@ ROUTE_IMPL(RouteLogin, path, argp) if (!user) { + msg = "Couldn't lock user."; HttpResponseStatus(args->context, HTTP_FORBIDDEN); - response = MatrixErrorCreate(M_FORBIDDEN, NULL); + response = MatrixErrorCreate(M_FORBIDDEN, msg); break; } @@ -190,10 +197,11 @@ ROUTE_IMPL(RouteLogin, path, argp) if (!loginInfo) { + msg = "Invalid creditentials for user."; UserUnlock(user); HttpResponseStatus(args->context, HTTP_FORBIDDEN); - response = MatrixErrorCreate(M_FORBIDDEN, NULL); + response = MatrixErrorCreate(M_FORBIDDEN, msg); break; } @@ -229,8 +237,9 @@ ROUTE_IMPL(RouteLogin, path, argp) break; default: + msg = "Route only accepts GET and POST."; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_UNRECOGNIZED, NULL); + response = MatrixErrorCreate(M_UNRECOGNIZED, msg); break; } diff --git a/src/Routes/RouteLogout.c b/src/Routes/RouteLogout.c index d72dd4b..bca3fe7 100644 --- a/src/Routes/RouteLogout.c +++ b/src/Routes/RouteLogout.c @@ -38,14 +38,17 @@ ROUTE_IMPL(RouteLogout, path, argp) char *tokenstr; + char *msg; + Db *db = args->matrixArgs->db; User *user; if (HttpRequestMethodGet(args->context) != HTTP_POST) { + msg = "This route only accepts POST."; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - return MatrixErrorCreate(M_UNRECOGNIZED, NULL); + return MatrixErrorCreate(M_UNRECOGNIZED, msg); } response = MatrixGetAccessToken(args->context, &tokenstr); @@ -84,8 +87,9 @@ ROUTE_IMPL(RouteLogout, path, argp) { if (!UserDeleteToken(user, tokenstr)) { + msg = "Internal server error: couldn't delete token."; HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); - response = MatrixErrorCreate(M_UNKNOWN, NULL); + response = MatrixErrorCreate(M_UNKNOWN, msg); goto finish; } diff --git a/src/Routes/RoutePrivileges.c b/src/Routes/RoutePrivileges.c index 4ffa480..1577155 100644 --- a/src/Routes/RoutePrivileges.c +++ b/src/Routes/RoutePrivileges.c @@ -39,6 +39,8 @@ ROUTE_IMPL(RoutePrivileges, path, argp) JsonValue *val; int privileges; + char *msg; + response = MatrixGetAccessToken(args->context, &token); if (response) { @@ -55,8 +57,9 @@ ROUTE_IMPL(RoutePrivileges, path, argp) if (!(UserGetPrivileges(user) & USER_GRANT_PRIVILEGES)) { + msg = "User doesn't have the GRANT_PRIVILEGES privilege"; HttpResponseStatus(args->context, HTTP_FORBIDDEN); - response = MatrixErrorCreate(M_FORBIDDEN, NULL); + response = MatrixErrorCreate(M_FORBIDDEN, msg); goto finish; } @@ -68,8 +71,9 @@ ROUTE_IMPL(RoutePrivileges, path, argp) user = UserLock(args->matrixArgs->db, ArrayGet(path, 0)); if (!user) { + msg = "Unknown user."; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_INVALID_PARAM, NULL); + response = MatrixErrorCreate(M_INVALID_PARAM, msg); goto finish; } } @@ -90,8 +94,9 @@ ROUTE_IMPL(RoutePrivileges, path, argp) val = HashMapGet(request, "privileges"); if (!val || JsonValueType(val) != JSON_ARRAY) { + msg = "'privileges' is unset or not an array."; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_BAD_JSON, NULL); + response = MatrixErrorCreate(M_BAD_JSON, msg); break; } @@ -116,8 +121,9 @@ ROUTE_IMPL(RoutePrivileges, path, argp) if (!UserSetPrivileges(user, privileges)) { + msg = "Internal server error: couldn't set privileges."; HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); - response = MatrixErrorCreate(M_UNKNOWN, NULL); + response = MatrixErrorCreate(M_UNKNOWN, msg); break; } @@ -127,8 +133,9 @@ ROUTE_IMPL(RoutePrivileges, path, argp) HashMapSet(response, "privileges", JsonValueArray(UserEncodePrivileges(UserGetPrivileges(user)))); break; default: + msg = "Route only accepts POST, PUT, DELETE, and GET."; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_UNRECOGNIZED, NULL); + response = MatrixErrorCreate(M_UNRECOGNIZED, msg); goto finish; break; } diff --git a/src/Routes/RouteProcControl.c b/src/Routes/RouteProcControl.c index dc6d864..0142ae9 100644 --- a/src/Routes/RouteProcControl.c +++ b/src/Routes/RouteProcControl.c @@ -37,6 +37,7 @@ ROUTE_IMPL(RouteProcControl, path, argp) char *op = ArrayGet(path, 0); HashMap *response; char *token; + char *msg; User *user = NULL; response = MatrixGetAccessToken(args->context, &token); @@ -55,11 +56,13 @@ ROUTE_IMPL(RouteProcControl, path, argp) if (!(UserGetPrivileges(user) & USER_PROC_CONTROL)) { + msg = "User doesn't have PROC_CONTROL privilege."; HttpResponseStatus(args->context, HTTP_FORBIDDEN); - response = MatrixErrorCreate(M_FORBIDDEN, NULL); + response = MatrixErrorCreate(M_FORBIDDEN, msg); goto finish; } + msg = "Unknown operation."; switch (HttpRequestMethodGet(args->context)) { case HTTP_POST: @@ -74,7 +77,7 @@ ROUTE_IMPL(RouteProcControl, path, argp) else { HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_UNRECOGNIZED, NULL); + response = MatrixErrorCreate(M_UNRECOGNIZED, msg); goto finish; } break; @@ -106,12 +109,12 @@ ROUTE_IMPL(RouteProcControl, path, argp) else { HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_UNRECOGNIZED, NULL); + response = MatrixErrorCreate(M_UNRECOGNIZED, msg); goto finish; } default: HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_UNRECOGNIZED, NULL); + response = MatrixErrorCreate(M_UNRECOGNIZED, msg); goto finish; break; } diff --git a/src/Routes/RouteRefresh.c b/src/Routes/RouteRefresh.c index c7dffc3..0195542 100644 --- a/src/Routes/RouteRefresh.c +++ b/src/Routes/RouteRefresh.c @@ -45,6 +45,8 @@ ROUTE_IMPL(RouteRefresh, path, argp) UserAccessToken *newAccessToken; char *deviceId; + char *msg; + Db *db = args->matrixArgs->db; User *user = NULL; @@ -55,8 +57,9 @@ ROUTE_IMPL(RouteRefresh, path, argp) if (HttpRequestMethodGet(args->context) != HTTP_POST) { + msg = "This route only accepts POST."; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - return MatrixErrorCreate(M_UNRECOGNIZED, NULL); + return MatrixErrorCreate(M_UNRECOGNIZED, msg); } request = JsonDecode(HttpServerStream(args->context)); @@ -69,8 +72,9 @@ ROUTE_IMPL(RouteRefresh, path, argp) val = HashMapGet(request, "refresh_token"); if (!val || JsonValueType(val) != JSON_STRING) { + msg = "'refresh_token' is unset or not a string."; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_BAD_JSON, NULL); + response = MatrixErrorCreate(M_BAD_JSON, msg); goto finish; } diff --git a/src/Routes/RouteRegister.c b/src/Routes/RouteRegister.c index c43883a..923f7f0 100644 --- a/src/Routes/RouteRegister.c +++ b/src/Routes/RouteRegister.c @@ -86,9 +86,10 @@ ROUTE_IMPL(RouteRegister, path, argp) if (!config) { + msg = "Internal server error while locking configuration."; Log(LOG_ERR, "Registration endpoint failed to lock configuration."); HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); - return MatrixErrorCreate(M_UNKNOWN, NULL); + return MatrixErrorCreate(M_UNKNOWN, msg); } if (ArraySize(path) == 0) @@ -254,8 +255,9 @@ finish: if (!username) { + msg = "'username' path parameter is not set."; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_MISSING_PARAM, NULL); + response = MatrixErrorCreate(M_MISSING_PARAM, msg); } else if (!UserValidate(username, config->serverName)) { diff --git a/src/Routes/RouteRequestToken.c b/src/Routes/RouteRequestToken.c index 779b541..6fdb865 100644 --- a/src/Routes/RouteRequestToken.c +++ b/src/Routes/RouteRequestToken.c @@ -54,8 +54,9 @@ ROUTE_IMPL(RouteRequestToken, path, argp) if (HttpRequestMethodGet(args->context) != HTTP_POST) { + msg = "This route only accepts POST."; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - return MatrixErrorCreate(M_UNRECOGNIZED, NULL); + return MatrixErrorCreate(M_UNRECOGNIZED, msg); } request = JsonDecode(HttpServerStream(args->context)); diff --git a/src/Routes/RouteStaticResources.c b/src/Routes/RouteStaticResources.c index 3290fc2..23c8cb4 100644 --- a/src/Routes/RouteStaticResources.c +++ b/src/Routes/RouteStaticResources.c @@ -47,8 +47,8 @@ ROUTE_IMPL(RouteStaticResources, path, argp) "function findGetParameter(parameterName) {" " var result = null;" " var tmp = [];" - " var items = location.search.substr(1).split(\"&\");" - " for (var index = 0; index < items.length; index++) {" + " var items = location.search.substr(1).split(\"&\");" + " for (var index = 0; index < items.length; index++) {" " tmp = items[index].split(\"=\");" " if (tmp[0] === parameterName) result = decodeURIComponent(tmp[1]);" " }" diff --git a/src/Routes/RouteTokenValid.c b/src/Routes/RouteTokenValid.c index 9ecacca..997d3f9 100644 --- a/src/Routes/RouteTokenValid.c +++ b/src/Routes/RouteTokenValid.c @@ -41,13 +41,15 @@ ROUTE_IMPL(RouteTokenValid, path, argp) RegTokenInfo *info = NULL; char *tokenstr; + char *msg; (void) path; if (HttpRequestMethodGet(args->context) != HTTP_GET) { + msg = "This route only accepts GET."; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - return MatrixErrorCreate(M_UNRECOGNIZED, NULL); + return MatrixErrorCreate(M_UNRECOGNIZED, msg); } request = JsonDecode(HttpServerStream(args->context)); diff --git a/src/Routes/RouteUiaFallback.c b/src/Routes/RouteUiaFallback.c index 41b8878..0d99825 100644 --- a/src/Routes/RouteUiaFallback.c +++ b/src/Routes/RouteUiaFallback.c @@ -36,6 +36,8 @@ ROUTE_IMPL(RouteUiaFallback, path, argp) char *authType = ArrayGet(path, 0); char *sessionId; + char *msg; + if (!authType) { /* This should never happen */ @@ -56,9 +58,10 @@ ROUTE_IMPL(RouteUiaFallback, path, argp) config = ConfigLock(args->matrixArgs->db); if (!config) { + msg = "Internal server error: failed to lock configuration."; Log(LOG_ERR, "UIA fallback failed to lock configuration."); HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); - return MatrixErrorCreate(M_UNKNOWN, NULL); + return MatrixErrorCreate(M_UNKNOWN, msg); } request = JsonDecode(HttpServerStream(args->context)); @@ -93,15 +96,17 @@ ROUTE_IMPL(RouteUiaFallback, path, argp) } else if (HttpRequestMethodGet(args->context) != HTTP_GET) { + msg = "Route only supports GET."; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - return MatrixErrorCreate(M_UNRECOGNIZED, NULL); + return MatrixErrorCreate(M_UNRECOGNIZED, msg); } sessionId = HashMapGet(requestParams, "session"); if (!sessionId) { + msg = "'session' parameter is unset."; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - return MatrixErrorCreate(M_MISSING_PARAM, NULL); + return MatrixErrorCreate(M_MISSING_PARAM, msg); } HttpResponseHeader(args->context, "Content-Type", "text/html"); @@ -121,25 +126,25 @@ ROUTE_IMPL(RouteUiaFallback, path, argp) HtmlEndForm(stream); HtmlBeginJs(stream); StreamPrintf(stream, - "function buildRequest() {" + "function buildRequest() {" " let user = document.getElementById('user').value;" - " let pass = document.getElementById('password').value;" - " if (!user || !pass) {" - " setFormError('Please specify a username and password.');" - " return false;" - " }" - " return {" - " auth: {" - " type: '%s'," - " identifier: {" - " type: 'm.id.user'," - " user: user" - " }," - " password: pass," - " session: '%s'" - " }" - " };" - "}", authType, sessionId); + " let pass = document.getElementById('password').value;" + " if (!user || !pass) {" + " setFormError('Please specify a username and password.');" + " return false;" + " }" + " return {" + " auth: {" + " type: '%s'," + " identifier: {" + " type: 'm.id.user'," + " user: user" + " }," + " password: pass," + " session: '%s'" + " }" + " };" + "}", authType, sessionId); HtmlEndJs(stream); } else if (StrEquals(authType, "m.login.registration_token")) @@ -186,10 +191,10 @@ ROUTE_IMPL(RouteUiaFallback, path, argp) "function processResponse(xhr) {" " let r = JSON.parse(xhr.responseText);" " console.log(r);" - " if (xhr.status == 200 || r.completed.includes('%s')) {" + " if (xhr.status == 200 || r.completed.includes('%s')) {" " if (window.onAuthDone) {" " window.onAuthDone();" - " } else if (window.opener && window.opener.postMessage) {" + " } else if (window.opener && window.opener.postMessage) {" " window.opener.postMessage('authDone', '*');" " } else {" " setFormError('Client error.');" diff --git a/src/Routes/RouteUserProfile.c b/src/Routes/RouteUserProfile.c index c2a2b6d..e7153f5 100644 --- a/src/Routes/RouteUserProfile.c +++ b/src/Routes/RouteUserProfile.c @@ -48,6 +48,8 @@ ROUTE_IMPL(RouteUserProfile, path, argp) char *token = NULL; char *value = NULL; + char *msg; + Config *config = ConfigLock(db); if (!config) @@ -63,15 +65,18 @@ ROUTE_IMPL(RouteUserProfile, path, argp) userId = UserIdParse(username, serverName); if (!userId) { + msg = "Invalid user ID."; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_INVALID_PARAM, NULL); + response = MatrixErrorCreate(M_INVALID_PARAM, msg); goto finish; } if (strcmp(userId->server, serverName)) { /* TODO: Implement lookup over federation. */ + msg = "User profile endpoint currently doesn't support lookup over " + "federation."; HttpResponseStatus(args->context, HTTP_FORBIDDEN); - response = MatrixErrorCreate(M_FORBIDDEN, NULL); + response = MatrixErrorCreate(M_FORBIDDEN, msg); goto finish; } @@ -82,8 +87,9 @@ ROUTE_IMPL(RouteUserProfile, path, argp) user = UserLock(db, userId->localpart); if (!user) { + msg = "Couldn't lock user."; HttpResponseStatus(args->context, HTTP_NOT_FOUND); - response = MatrixErrorCreate(M_NOT_FOUND, NULL); + response = MatrixErrorCreate(M_NOT_FOUND, msg); goto finish; } @@ -138,7 +144,7 @@ ROUTE_IMPL(RouteUserProfile, path, argp) StrEquals(entry, "avatar_url")) { /* Check if user has privilege to do that action. */ - if (strcmp(userId->localpart, UserGetName(user)) == 0) + if (StrEquals(userId->localpart, UserGetName(user))) { value = JsonValueAsString(HashMapGet(request, entry)); /* TODO: Make UserSetProfile notify other @@ -148,14 +154,16 @@ ROUTE_IMPL(RouteUserProfile, path, argp) goto finish; } /* User is not allowed to carry-on the action */ + msg = "Cannot change another user's profile."; HttpResponseStatus(args->context, HTTP_FORBIDDEN); - response = MatrixErrorCreate(M_FORBIDDEN, NULL); + response = MatrixErrorCreate(M_FORBIDDEN, msg); goto finish; } else { + msg = "Invalid property being changed."; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_UNRECOGNIZED, NULL); + response = MatrixErrorCreate(M_UNRECOGNIZED, msg); goto finish; } } @@ -166,8 +174,9 @@ ROUTE_IMPL(RouteUserProfile, path, argp) goto finish; } default: + msg = "Route only accepts GET and PUT."; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_UNKNOWN, NULL); + response = MatrixErrorCreate(M_UNKNOWN, msg); break; } finish: diff --git a/src/Routes/RouteWellKnown.c b/src/Routes/RouteWellKnown.c index b9c57bc..8d6e159 100644 --- a/src/Routes/RouteWellKnown.c +++ b/src/Routes/RouteWellKnown.c @@ -37,11 +37,14 @@ ROUTE_IMPL(RouteWellKnown, path, argp) Config *config = ConfigLock(args->matrixArgs->db); + char *msg; + if (!config) { Log(LOG_ERR, "Well-known endpoint failed to lock configuration."); + msg = "Internal server error: couldn't lock database."; HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); - return MatrixErrorCreate(M_UNKNOWN, NULL); + return MatrixErrorCreate(M_UNKNOWN, msg); } if (StrEquals(ArrayGet(path, 0), "client")) diff --git a/src/Routes/RouteWhoami.c b/src/Routes/RouteWhoami.c index e390357..4f174b7 100644 --- a/src/Routes/RouteWhoami.c +++ b/src/Routes/RouteWhoami.c @@ -42,14 +42,16 @@ ROUTE_IMPL(RouteWhoami, path, argp) char *token; char *userID; char *deviceID; + char *msg; Config *config = ConfigLock(db); if (!config) { + msg = "Internal server error: couldn't lock database."; Log(LOG_ERR, "Who am I endpoint failed to lock configuration."); HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); - return MatrixErrorCreate(M_UNKNOWN, NULL); + return MatrixErrorCreate(M_UNKNOWN, msg); } (void) path; diff --git a/src/Uia.c b/src/Uia.c index 5f7b784..c0e7e7d 100644 --- a/src/Uia.c +++ b/src/Uia.c @@ -222,6 +222,8 @@ UiaComplete(Array * flows, HttpServerContext * context, Db * db, HashMap *dbJson; int ret; + char *msg; + if (!flows) { return -1; @@ -242,8 +244,9 @@ UiaComplete(Array * flows, HttpServerContext * context, Db * db, if (JsonValueType(val) != JSON_OBJECT) { + msg = "'auth' is not an object."; HttpResponseStatus(context, HTTP_BAD_REQUEST); - *response = MatrixErrorCreate(M_BAD_JSON, NULL); + *response = MatrixErrorCreate(M_BAD_JSON, msg); return 0; } @@ -252,8 +255,9 @@ UiaComplete(Array * flows, HttpServerContext * context, Db * db, if (!val || JsonValueType(val) != JSON_STRING) { + msg = "'auth->session' is unset or not a string."; HttpResponseStatus(context, HTTP_BAD_REQUEST); - *response = MatrixErrorCreate(M_BAD_JSON, NULL); + *response = MatrixErrorCreate(M_BAD_JSON, msg); return 0; } @@ -311,8 +315,9 @@ UiaComplete(Array * flows, HttpServerContext * context, Db * db, if (!val || JsonValueType(val) != JSON_STRING) { + msg = "'auth->type' is unset or not a string."; HttpResponseStatus(context, HTTP_BAD_REQUEST); - *response = MatrixErrorCreate(M_BAD_JSON, NULL); + *response = MatrixErrorCreate(M_BAD_JSON, msg); ret = 0; goto finish; }