[ADD/WIP/UNTESTED] Start verifying membership, tested hashing
Some checks failed
Compile Telodendria / Compile Telodendria (x86, alpine-v3.19) (push) Has been cancelled
Compile Telodendria / Compile Telodendria (x86, debian-v12.4) (push) Has been cancelled
Compile Telodendria / Compile Telodendria (x86, freebsd-v14.0) (push) Has been cancelled
Compile Telodendria / Compile Telodendria (x86, netbsd-v9.3) (push) Has been cancelled
Compile Telodendria / Compile Telodendria (x86_64, alpine-v3.19) (push) Has been cancelled
Compile Telodendria / Compile Telodendria (x86_64, debian-v12.4) (push) Has been cancelled
Compile Telodendria / Compile Telodendria (x86_64, freebsd-v14.0) (push) Has been cancelled
Compile Telodendria / Compile Telodendria (x86_64, netbsd-v9.3) (push) Has been cancelled
Compile Telodendria / Compile Telodendria (x86_64, openbsd-v7.4) (push) Has been cancelled

This commit is contained in:
lda 2024-05-08 12:14:10 +02:00
parent 001b4821fe
commit 9bc36f324a
5 changed files with 408 additions and 37 deletions

View file

@ -168,23 +168,29 @@ CanonicalJsonEncode(HashMap * object, Stream * out)
static ssize_t
StringIoRead(void *cookie, void *buf, size_t count)
{
(void) cookie;
(void) buf;
(void) count;
return -1; /* TODO: Consider reading properly */
}
static ssize_t
StringIoWrite(void *c, void *buf, size_t count)
{
char **str = c;
char *stringised = Malloc(count + 1);
char *new;
memcpy(stringised, buf, count);
new = StrConcat(2, *str, stringised);
Free(stringised);
if (*str)
if (count > 0)
{
Free(*str);
char **str = c;
char *stringised = Malloc(count + 1);
char *new;
memcpy(stringised, buf, count);
new = StrConcat(2, *str, stringised);
Free(stringised);
if (*str)
{
Free(*str);
}
*str = new;
}
*str = new;
return count;
}
static const IoFunctions Functions = {
@ -202,6 +208,7 @@ CanonicalJsonHash(HashMap *json)
Io *string_writer = IoCreate(&string, Functions);
Stream *io_stream = StreamIo(string_writer);
CanonicalJsonEncode(json, io_stream);
StreamFlush(io_stream);
sha = Sha256(string);
shastr = ShaToHex(sha);

View file

@ -23,9 +23,11 @@
* SOFTWARE.
*/
#include "Cytoplasm/Json.h"
#include "Cytoplasm/Stream.h"
#include <Cytoplasm/Array.h>
#include <Cytoplasm/Json.h>
/*#include "Cytoplasm/Stream.h"*/
#include "Parser.h"
#include "User.h"
#include <Room.h>
#include <Cytoplasm/Memory.h>
@ -42,7 +44,10 @@
#include <State.h>
#include <stdlib.h>
#include <string.h>
#define IsState(p, typ, key) (StrEquals(p->type, typ) && \
StrEquals(p->state_key, key))
struct Room
{
Db *db;
@ -84,7 +89,6 @@ RoomCreate(Db * db, User *user, RoomCreateRequest * req)
room->id = GenerateRoomId(); /* TODO: Check config. */
room->version = version_num;
/* TODO: A room is *not just* its state? */
room->ref = DbCreate(db, 3, "rooms", room->id, "state");
/* TODO: Populate room with information */
@ -185,23 +189,12 @@ PopulateEventV1(Room * room, HashMap * event, PduV1 * pdu)
pdu->content = JsonDuplicate(event); /* Copy the original JSON data */
/* TODO: Signature and alldat. */
return false;
}
static bool
PopulateEventV3(Room * room, HashMap * event, PduV3 *pdu)
{
char *unused;
if (PduV3FromJson(event, pdu, &unused))
{
return true;
}
/* TODO: Create a PDU of our own, signed and everything.
* https://telodendria.io/blog/matrix-protocol-overview
* has some ideas on how this could be done(up until stage 5). */
(void) room;
return false;
}
static AuthoriseCreateV1(PduV1 pdu)
static bool
AuthoriseCreateV1(PduV1 pdu)
{
bool ret = true;
CommonID sender = { 0 }, room_id = { 0 };
@ -244,23 +237,298 @@ finish:
CommonIDFree(room_id);
return ret;
}
static bool
AuthoriseEventV1(PduV1 pdu)
static bool
ValidAuthEventV1(PduV1 *auth_pdu, PduV1 *pdu)
{
if (IsState(auth_pdu, "m.room.create", ""))
{
return true;
}
if (IsState(auth_pdu, "m.room.power_levels", ""))
{
/* TODO: Check if it's the latest in terms of [pdu] */
return true;
}
if (StrEquals(pdu->type, "m.room.member"))
{
char *membership =
JsonValueAsString(JsonGet(pdu->content, 1, "membership"));
if (IsState(auth_pdu, "m.room.member", pdu->sender))
{
/* TODO: Check if it's the latest in terms of [pdu] */
return true;
}
if ((StrEquals(membership, "join") ||
StrEquals(membership, "invite")) &&
IsState(auth_pdu, "m.room.join_rules",""))
{
/* TODO: Check if it's the latest in terms of [pdu] */
return true;
}
/* TODO: The rest.
* https://spec.matrix.org/v1.7/server-server-api/#auth-events-selection */
}
return false;
}
static bool
VerifyPDUV1(PduV1 *auth_pdu)
{
/* TODO:
* https://spec.matrix.org/v1.7/server-server-api/
* #checks-performed-on-receipt-of-a-pdu */
(void) auth_pdu;
return false; /* This only shows whenever an event was rejected, not
* soft-failed */
}
static bool
ConsiderAuthEventsV1(Room * room, PduV1 pdu)
{
char *ignored;
size_t i;
HashMap *state_keytype;
state_keytype = HashMapCreate();
for (i = 0; i < ArraySize(pdu.auth_events); i++)
{
char *event_id = ArrayGet(pdu.auth_events, i);
HashMap *event = RoomEventFetch(room, event_id);
PduV1 auth_pdu;
char *key_type_id;
if (!PduV1FromJson(event, &auth_pdu, &ignored))
{
HashMapFree(event);
return false; /* Yeah... we aren't doing that. */
}
/* TODO: Find a better way to do this. Using HashMaps as sets
* *works*, but it's not the best of ideas here. Also, we're using
* strings to compare things, which yeah. */
key_type_id = StrConcat(3, auth_pdu.type, ",", auth_pdu.state_key);
if (HashMapGet(state_keytype, key_type_id))
{
/* Duplicate found! We actually ignore it's actual value. */
HashMapFree(event);
PduV1Free(&auth_pdu);
HashMapFree(state_keytype);
Free(key_type_id);
return false;
}
/* Whenever event is valid or not really doesn't matter, as we're
* not using it's value anywhere. */
HashMapSet(state_keytype, key_type_id, event);
Free(key_type_id);
/* Step 2.2: If there are entries whose type and state_key don't
* match those specified by the auth events selection algorithm
* described in the server specification, reject. */
if (!ValidAuthEventV1(&auth_pdu, &pdu))
{
return false;
}
/* Step 2.3: If there are entries which were themselves rejected
* under the checks performed on receipt of a PDU, reject.
* TODO */
if (!VerifyPDUV1(&auth_pdu))
{
return false;
}
/* Step 2.4: If there is no m.room.create event among the entries,
* reject. */
HashMapFree(event);
PduV1Free(&auth_pdu);
}
HashMapFree(state_keytype);
return true;
}
static bool
VerifyServers(char *id1, char *id2)
{
CommonID cid1;
CommonID cid2;
char *str1;
char *str2;
bool ret = false;
if (!ParseCommonID(id1, &cid1))
{
return false;
}
if (!ParseCommonID(id2, &cid2))
{
return false;
}
str1 = ParserRecomposeServerPart(cid1.server);
str2 = ParserRecomposeServerPart(cid2.server);
if (StrEquals(str1, str2))
{
ret = true;
goto end;
}
end:
Free(str1);
Free(str2);
CommonIDFree(cid1);
CommonIDFree(cid2);
return ret;
}
static bool
AuthoriseAliasV1(PduV1 pdu)
{
/* Step 4.1: If event has no state_key, reject. */
if (!pdu.state_key || StrEquals(pdu.state_key, ""))
{
return false;
}
/* Step 4.2: If sender's domain doesn't matches state_key, reject. */
if (!VerifyServers(pdu.state_key, pdu.sender))
{
return false;
}
/* Step 4.3: Otherwise, allow. */
return true;
}
static bool
AuthorizeJoinMembershipV1(Room * room, PduV1 pdu)
{
/* Step 5.2.1: If the only previous event is an m.room.create and the
* state_key is the creator, allow. */
Array *prev = pdu.prev_events;
if (ArraySize(prev) == 1)
{
char *prev_id = ArrayGet(prev, 0);
char *ignored;
HashMap *prev = RoomEventFetch(room, prev_id);
PduV1 prev_pdu;
if (prev && PduV1FromJson(prev, &prev_pdu, &ignored))
{
if (StrEquals(prev_pdu.type, "m.room.create") &&
StrEquals(prev_pdu.sender, pdu.state_key))
{
PduV1Free(&prev_pdu);
JsonFree(prev);
return true;
}
PduV1Free(&prev_pdu);
}
JsonFree(prev);
}
/* Step 5.2.2: If the sender does not match state_key, reject. */
if (!StrEquals(pdu.sender, pdu.state_key))
{
return false;
}
/* Step 5.2.3: If the sender is banned, reject. */
/* TODO */
/* Step 5.2.4: If the join_rule is invite then allow if membership
* state is invite or join. */
/* Step 5.2.6: Otherwise, reject. */
return false;
}
static bool
AuthoriseMemberV1(Room * room, PduV1 pdu)
{
JsonValue *membership;
char *membership_str;
/* Step 5.1: If there is no state_key property, or no membership
* property in content, reject. */
if (!pdu.state_key ||
StrEquals(pdu.state_key, "") ||
!(membership = JsonGet(pdu.content, 1, "membership")))
{
return false;
}
if (JsonValueType(membership) != JSON_STRING)
{
/* Also check for the type */
return false;
}
membership_str = JsonValueAsString(membership);
#define JumpIfMembership(mem, func) do { \
if (StrEquals(membership_str, mem)) \
{ \
return func(room, pdu); \
} \
} while (0)
/* Step 5.2: If membership is join. */
JumpIfMembership("join", AuthorizeJoinMembershipV1);
/* Step 4.3: Otherwise, allow. */
return true;
#undef JumpIfMembership
}
bool
AuthoriseEventV1(Room * room, PduV1 pdu)
{
HashMap *state, *create_event;
char *create_event_id;
JsonValue *federate;
/* Step 1: If m.room.create */
if (StrEquals(pdu.type, "m.room.create"))
{
return AuthoriseCreateV1(pdu);
}
/* TODO: Consider, everything else! */
for (i = 0; i < ArraySize(pdu.auth_events); i++)
/* Step 2: Considering the event's auth_events. */
if (!ConsiderAuthEventsV1(room, pdu))
{
char *event_id = ArrayGet(pdu.auth_events, i);
/* TODO: Fetch event there */
return false;
}
/* TODO */
/* Step 3: If the content of the m.room.create event in the room state
* has the property m.federate set to false, and the sender domain of
* the event does not match the sender domain of the create event,
* reject.
*/
state = RoomStateGet(room);
create_event_id = StateGet(state, "m.room.create", "");
if (!state || !create_event_id)
{
/* At this point, [create_event_id] has to exist */
StateFree(state); /* create_event_id is also freed. */
return false;
}
create_event = RoomEventFetch(room, create_event_id);
federate = JsonGet(create_event, 2, "content", "m.federate");
if (JsonValueType(federate) == JSON_BOOLEAN)
{
if (!JsonValueAsBoolean(federate))
{
char *c_sender =
JsonValueAsString(JsonGet(create_event, 1, "sender"));
char *p_sender = pdu.sender;
if (!VerifyServers(c_sender, p_sender))
{
return false;
}
}
}
/* Step 4: If type is m.room.aliases */
if (StrEquals(pdu.type, "m.room.aliases"))
{
return AuthoriseAliasV1(pdu);
}
/* Step 5: If type is m.room.member */
if (StrEquals(pdu.type, "m.room.member"))
{
return AuthoriseMemberV1(room, pdu);
}
return true;
}
static char *
@ -357,7 +625,6 @@ RoomEventSendV1(Room * room, HashMap * event)
#undef AddState
}
/* TODO: Do a size check! */
finish:
if (state)
{
JsonFree(state);
@ -373,6 +640,8 @@ static HashMap *
RoomEventSendV3(Room * room, HashMap * event)
{
/* TODO */
(void) room;
(void) event;
return NULL;
}
HashMap *
@ -382,7 +651,7 @@ RoomEventSend(Room * room, HashMap * event)
{
return NULL;
}
if (room->version == 1)
if (room->version < 3)
{
/* Manage with PDUv1 */
return RoomEventSendV1(room, event);
@ -390,3 +659,51 @@ RoomEventSend(Room * room, HashMap * event)
/* Manage with PDUv3 otherwise */
return RoomEventSendV3(room, event);
}
static char *
CreateSafeID(char *unsafe_id)
{
size_t length = strlen(unsafe_id);
char *safe_id = Malloc(length + 1);
size_t i;
/* Creates a room ID safe to be put into the database
* for room version 3 and above.
* (with '/'s replaced by '-') */
memcpy(safe_id, unsafe_id, length + 1);
for (i = 0; i < length; i++)
{
if (safe_id[i] == '/')
{
safe_id[i] = '-';
}
}
return safe_id;
}
HashMap *
RoomEventFetch(Room *room, char *id)
{
DbRef *event_ref;
HashMap *ret;
char *safe_id;
if (!room || !id)
{
return NULL;
}
/* Let's try to locally find that event in our junk. */
safe_id = CreateSafeID(id);
event_ref = DbLock(room->db, 4, "rooms", room->id, "events", safe_id);
if (!event_ref)
{
/* TODO: Fetch from another homeserver if possible. */
ret = NULL;
goto finish;
}
ret = JsonDuplicate(DbJson(event_ref));
DbUnlock(room->db, event_ref);
finish:
Free(safe_id);
return ret;
}

View file

@ -26,10 +26,12 @@
#include <State.h>
#include <Cytoplasm/HashMap.h>
#include <Cytoplasm/Memory.h>
#include <Cytoplasm/Array.h>
#include <Cytoplasm/Str.h>
#include <Room.h>
#include <Event.h>
#include <Room.h>
static HashMap *
StateResolveV1(Array * states)
@ -86,3 +88,35 @@ StateResolve(Room * room, HashMap * event)
return StateResolveV2(states);
}
}
char *
StateGet(HashMap *state, char *type, char *key)
{
char *full_string;
char *ret;
if (!state || !type || !key)
{
return NULL;
}
full_string = StrConcat(3, type, ",", key);
ret = HashMapGet(state, full_string);
Free(full_string);
return ret;
}
void
StateFree(HashMap *state)
{
char *full;
char *event_id;
if (!state)
{
return;
}
while (HashMapIterate(state, &full, (void **) &event_id))
{
Free(event_id);
}
HashMapFree(state);
}

View file

@ -130,4 +130,12 @@ extern int RoomPrevEventsSet(Room *, Array *);
*/
extern HashMap * RoomEventSend(Room *, HashMap *);
/**
* Fetch a single event's PDU in a room into an
* hashmap, given an event ID, from the database
* if possible, or otherwise fetched from a remote
* homeserver participating in the room.
*/
extern HashMap * RoomEventFetch(Room *, char *);
#endif /* TELODENDRIA_ROOM_H */

View file

@ -54,4 +54,9 @@ extern char *StateSet(HashMap *, char *, char *, char *);
*/
extern HashMap * StateResolve(Room *, HashMap *);
/**
* Frees an entire state table from the heap.
*/
extern void StateFree(HashMap *);
#endif /* TELODENDRIA_STATE_H */